Communication

From a thesis on user consent, privacy, and security in WebRTC.

Bad user interfaces can lead to unsolicited access to cameras and microphones from JavaScript in ordinary web pages.

In parallel with our ongoing efforts to develop P2P conversational video recently released in an early beta version for you to toy with, we have been exploring the non-technical aspects of allowing access to cameras and microphones from javascript in ordinary web pages.

The reason for the study was our concerns about security. If we allow access to various devices (camera, mic, GPS, etc.) via javascript, how can we make sure that the user knows where all this information is going? For example, eavesdropping on a board meeting from a remote site that has been given access to the microphone of a mobile phone could pose a potential threat, compromising a company's security.

This is not a problem of security in the technical sense, but rather in a usability sense. If the user doesn't understand how this works, s/he will be susceptible to phishing-attacks from web sites attempting to gain unsolicited access to the various input devices of, for example, a mobile phone.

To begin defining the potential problems, we brought together two students - one from computer science and one from interaction design - to shed some light on the subject. By combining their technical and design knowledge as well as focusing on usability and user-experience, we were able to gain insightful feedback.

The purpose was to:

• understand the user's mental model of conversational video setting
• understand how the user would interact with these new functions in the browser
• find ways to obtain informed consent to use camera and microphone from the user
• build prototypes and conduct user tests

Figure: Paper mock-ups used in testing

In order to better understand user reasoning when giving webpages access to cameras and microphones, we conducted interviews using paper prototypes, questionnaires, and full-scale user-testing with customized browsers. This rendered a large set of information that eventually led to the following conclusions:

• To most users, the distinction between browser and website was not clear.
• Prompting poses a fine line between getting attention and blocking the user.
• The user expected a self-view from the camera if it is on.
• The user expected easily reachable controls (e.g. in the self-view, much like video controls).
• Learnability benefits from consistent placement, color, shape and response.

Clearly, we face challenges in this area that involve not only technical understanding, but also require understanding of usability issues and most importantly, will focus on the user perspective.