Shruthi, a mother of two, living in India, was lounging on the sofa when her 12-year-old son walked in, asking to use her phone to play games. She was a little apprehensive because one of her WhatsApp groups shared a lot of adult jokes; what if he clicked on such a notification out of curiosity? Later that night, she installed an app locker to control access to her WhatsApp account through a pin.

In our study on mobile user behavior in India, we found many users like Shruthi — people who share the same phone with others. While the device usually had a single primary owner, other members of the family and even friends also used it fairly often. As a result, phone owners felt the need to protect sensitive information such as messages, photos, or financial information against accidental exposure or misuse. App lockers were the most common solution used for this problem; they are applications that, once installed, enable users to “lock” other sensitive apps and allow access only if the user enters a pin or pattern.

An app locker provides the option to lock apps installed on the phone.

Why Indian Users Share Smartphones

A 2008 paper by Molly Wright Steenson and Jonathan Donner found that most families in India freely shared mobile phones, and friends often shared phones when they were out-and-about. Steenson and Donner argued that, phone sharing in India is due to social and spatial proximity, rather than being purely economic.

While at the time of Steenson’s study phones were used mainly for communication, our new study found that these habits are preserved in the era of smartphones. Members of the same family or friends use each other devices for several reasons:

  • Pooling of resources : not everybody in the family owns a phone, or different people have different features or data plans available on their devices. Young children and teenagers in particular rarely own individual devices and may use their parents’ phones for games or for communicating with friends. Moreover, in some instances the phone is the family’s only way to access the Internet. As one user noted, “My wife uses my phone to bookmark [websites]. She uses it because of internet being there on my phone.”
    In our study of mobile phone use in India, we found that users were actively looking for ways to minimize data and storage usage on their phones. Dedicating one phone in the family to a specific task (e.g., playing games) allows users to effectively save phone resources.
  • Convenience : On the go, people who don’t own a smartphone or who don’t have a data plan (e.g., because their monthly quota was used up) may take advantage of a friend’s device to complete a task that they couldn’t do otherwise.
  • Entertainment : Possibly because, as shown by Steenson and Donner’s study, India has a fairly long history of phone sharing, it is culturally acceptable to pick someone else’s phone to browse through the picture gallery or play a game. (You may wonder why the borrower hadn’t installed that game on her own phone; one common reason is that lower-end phones do not support all the latest games.)

Why App Lockers Are Used

Indian users who shared phones often installed app lockers that blocked access to part of the phone’s content and apps. They reported three distinct reasons for using app lockers:

Most of the time, people don’t borrow phones with the intent of snooping through personal data. However, a notification, an update, or even a search suggestion may inadvertently reveal private details. Apart from locking access to select apps, app lockers also provide the option of hiding notifications or browsing history (if the user chooses to use the app-locker’s within-app browser).

The very act of hiding data is sensitive information that needs hiding: often people don’t want their friends to know that they have hidden content on the phone. Hence, many app lockers are transparent to the lay user : borrowers will never realize that they are seeing a select subset of the phone data. And the very presence of the app locker on the home screen can be hidden: the stealth mode simply hides away your app locker, and makes it accessible only by entering a special password into the keypad.

Vault’s description on the Google Play store
  1. Privacy was usually the primary reason for installing an app locker. In the days before smartphones, when people shared phones they were careful to erase sensitive messages from their history. Today, users’ privacy concerns have extended beyond text messages to other content such as contacts, photographs, search and browsing history, or social-networking applications.
  2. Parental control was another frequently mentioned reason of using app lockers. Parents sharing devices with children often wanted not only to keep some phone content from their kids, but also to protect against misuse: accidental (or intentional) purchases, erasing data, or overusing certain data-intensive applications.   During our study, one user commented, “My son takes my phone and he uses up my data pack. It's happened once that I've just recharged for a Rs.100 data pack and he used it all up in a day to download and play games. So I lock the App Store. Sometimes in WhatsApp groups and stuff there are forwards that are not appropriate for children, so I lock that too with the app locker".

    Some users wanted to control any type of phone usage by kids and prevent stealth use of the phone. They complained that, even when the phone was locked with a pass code or a pattern, kids will sneak up on them and peep to learn the screen-lock pattern.

    App lockers such as AppLock protect the screen-lock password by providing a randomized keyboard or hiding the unlocking pattern.

  3. Easy access to phone features that did not require protection was enabled by the use of the app lockers. While parents used app lockers to strengthen screen locks, others removed the screen locks completely to facilitate phone sharing. These users relied on app lockers to keep their sensitive data safe from both friends and foes. As a result, the sharable functionality of the phone became easier to access. The lack of a screen lock reduced the interaction cost of using the phone for everybody who shared the phone because they did not have to bother with entering a phone password.

    Moreover, the lack of a screen lock freed occasional users from the need to recall someone else’s passcode. While learning your own password is normally not a problem if you’re using the phone multiple times a day, remembering someone else’s password is more difficult, especially if you’re using that person’s phone only occasionally. A friend who needs to access the phone could forget the passcode, and multiple failed attempts to unlock the phone can result in the phone being blocked forever and needing a factory reset. One user commented on this situation:

    “With pattern lock, my phone can get locked after too many attempts and I will lose all the data on my phone. This has happened to me...when some friends have tried to use my phone when I'm not around.”

Disadvantages of App Lockers

An obvious cost of app lockers is an additional login wall that people must go through each time they want to access sensitive information. This wall increases the interaction cost: it requires users to type a pin or password whenever they need to gain access to the locked data.

But beyond the simple typing of a password, app lockers require users to transition to a separate mini ecosystem with new rules, new limitations, and sometimes poorer user experience. Learning how to use this new ecosystem takes time and can be frustrating. For example, many users complain that, once they’ve hidden the app locker from their home screen, they cannot figure out how to find it again.

A snippet from AppLock’s FAQ section teaches users how to find the hidden app-locker icon on their phone. People need to learn the rules that govern the app-locker ecosystem in order to use it effectively, and this process takes user memory and effort.

By design, app lockers have limited control: they can lock apps or hide data, but they cannot alter the behavior of another app. To achieve the desired privacy levels, users will often have to sacrifice convenience and user experience.  For example, they can browse safely without worrying about embarrassing search history popping up, but they have to use the app locker’s browser instead of a more standard, well-tested one such as Chrome or Opera. Not all webpages may work properly in these browsers. Additionally, the business model of app lockers is often based on ads, which further degrade the user experience.

Even choosing an app locker is a burden for the user: there are many possible alternatives in the app store, and they all have different features and capabilities.

It’s up to the user to evaluate pros and cons of the different options and find the most suitable.

Alternatives to App Lockers

Some phones come with the option of configuring different accounts for the phone; if someone asks to borrow your phone, you simply turn on the guest mode and hand it over. This is problematic on two levels:

  1. Interaction cost. The user needs to spend time and effort to set up and maintain these different profiles. Plus, each time the phone is shared, the right profile must be selected — depending on the implementation, this can be straightforward or complicated.
  2. Social convention. These guest profiles usually look the part, with barely any apps or data, and signify to the borrowers that they are not trusted.

Companies have sensed users’ need for privacy and often do provide them with the ability to log in or out of an app as needed, in order to preserve privacy. Unfortunately, multiple login walls are harder to surpass than a single one because people have trouble remembering multiple passwords. (Yes, many users tend to reuse the same password, but that strategy works less and less as apps introduce unique, nonstandard password constraints.) App lockers, on the other hand, raise a single login wall for all the data that needs protection.

Conclusion

How is the study of privacy practices in India going to affect design in the developed world?  Although in many parts of the world mobile phones are not shared to the same extent as they are in India, in the US and other similar countries devices such as tablets and computers are often used in common by members of the same family or by roommates. (In fact, as recent research at Google shows, even phones are occasionally shared in the US, although mostly for convenience reasons.) An article published by Michelle Mazurek and her colleagues documents some of the concerns and practices that US users developed in order to control access to shared devices in the home, including laptop and desktop computers and phones. Like Indian smartphone users, American users were worried about accidental disclosure and misuse of sensitive information, while under pressure to conform to social conventions and not seem secretive. App lockers address some of the Indian users’ privacy needs, and can inspire designers to better support privacy-related concerns everywhere, on any device.

 

References

Molly Wright Steenson and Jonathan Donner. 2008. Beyond the Personal and Private: Modes of Mobile Phone Sharing in Urban India. In S.W. Campbell and R. Ling (eds.). The Reconstruction of Space and Time: Mobile Communication Practices , Transaction Publishers, 231–250.
Tara Matthews, Kerwell Liao, Anna Turner, Marianne Berkovich, Robert Reeder, and Sunny Consolvo. 2016. "She'll just grab any device that's closer": A Study of Everyday Device & Account Sharing in Households.  CHI '16. DOI: http://dx.doi.org/10.1145/2858036.2858051
Michelle L. Mazurek, J. P. Arsenault, Joanna Bresee, Nitin Gupta, Iulia Ion, Christina Johns, Daniel Lee, Yuan Liang, Jenny Olsen, Brandon Salmon, Richard Shay, Kami Vaniea, Lujo Bauer, Lorrie Faith Cranor, Gregory R. Ganger, and Michael K. Reiter. 2010. Access Control for Home Data Sharing: Attitudes, Needs and Practices. CHI '10. DOI: s http://dx.doi.org/10.1145/1753326.1753421