Usable security and privacy of apps in mobile ecosystems

Doctoral Thesis
English
Author

Amel Bourdoucen

Published: 05.09.2025 Thesis Supervisor: Janne Lindqvist

Abstract

The complexity of mobile ecosystems raises concerns around privacy of users and the extent of control individuals have over their personal data. While these ecosystems offer connectivity, entertainment and convenience they also introduce usability challenges that affect users’ interactions. This dissertation investigates the user perceptions around the privacy and security risks of these interconnected components. The dissertation navigates various components of mobile ecosystems, including default or native apps, online gaming platforms and family-oriented or collaborative apps. The findings of this thesis reveal various contexts within mobile ecosystems where users face challenges in understanding and managing their privacy. Users often struggle to grasp the privacy implications of default apps, or how they work. This issue is exacerbated by the scattered and inconsistent structure of privacy settings, making it difficult to navigate and control data-sharing preferences effectively. In online gaming, players’ willingness to share personal information is shaped by game settings and design elements. However, many remain unaware of the extent of data collection and its associated risks. In collaborative family apps, unclear role hierarchies, accidental data sharing, and trust concerns create tensions, underscoring the need for greater transparency and improved privacy controls in collaborative platforms.

The dissertation focuses on how users perceive privacy and security risks associated with apps in mobile ecosystems and implications and proposes design recommendations can improve transparency, user control, and security without compromising usability. Through a mixed-methods approach incorporating system evaluations, surveys, qualitative interviews, and feature comparisons, this dissertation uncovers critical usability gaps, privacy misconceptions, and behavioural factors influencing data-sharing decisions. By bridging the gap between humancantered security, privacy research, and interaction design, this work contributes to the development of privacy-conscious and user-friendly user interfaces.