Software developers need to improve the timing of their security update warnings to increase the chances of people actually reading them, according to a new study.
The paper, published by researchers at Brigham Young University and a team of Google Chrome engineers, wrote that too often a security warning comes up in the middle of a task like typing, streaming a video or uploading a file.
The researchers call this “dual task interference” (DTI). Essentially the update is annoying the user when doing something important, and they end up closing it without paying much attention. According to the study, 90 percent of people ignore warnings.
Digging into their results, they found that 74 percent of people ignored security messages when they were about to close a browser; 79 percent ignored a messages while watching a video; and 87 percent skipped the messages when uploading something.
The research involved monitoring a number of participants that had to work on computers with various updates popping up while an fMRI scanner measured their brain activity.
The authors call on software developers to find ways to optimize their security updates so that people will read them and act. “[You] can mitigate this problem simply by finessing the timing of the warnings,” said Jeff Jenkins of the Information Systems Department at BYU.
From their research, they claim that people are more likely to click on a notification if it comes up when a video has finished playing or while a page is taking time to load.
Google Chrome engineers took this information to attempt to devise the best times to show notifications as there’s currently no industry standard in software for triggering update warnings. Google Faculty Research Awards partially funded the research.
“A lot of things I do research on I think, someday, somebody might change some small thing,” said co-author Bonnie Brinton Anderson. “But this could really affect a lot of people if I have Google making changes to their Chrome browser based on my research. That’s really great.”
