Security Messages Your Brain Ignores
It’s estimated that 90% of the time you’re ignoring the security messages that pop up on your screen. Of course, messages that do get your immediate attention are the ones when it’s too late. Those doing website repair will confirm that viruses and hacking are a major part of disregarding security measures and updating.
Rather than asking what’s wrong with you, the question to ask is what’s wrong with your brain?
Multitasking
Researchers from Brigham Young University (BYU) in conjunction with Google Chrome engineers have narrowed it down to “dual task interferences.” Better known to you as multitasking. When your brain is engaged in one task and is trying to accommodate another task at the same time.
Some believe they function well at both tasks simultaneously. When there is a conscious decision to engage in two activities at the same time, the brain is switching back and forth between two tasks. Actually, neither task is getting one’s full attention.
However, there is another kind of multitasking that comes when you are engaged in one task and interrupted by another. Your brain is caught between the interruption vying for your attention and the original task.
BYU researchers scanned the brain activity of subjects given computer tasks in a fMRI (functional magnetic resonance image) machine.
“The experiment showed neural activity was substantially reduced when security messages interrupted a task, as compared to when a user responded to the security message itself.”
Not only was there a reduction neural activity, but it turns out that the timing of when a security message appears is also a critical factor.
74% ignored security messages that popped up when closing a web page window
79 % ignored security messages when watching a video
87 % ignored security messages when transferring a confirmation code
Jeffrey L. Jenkins, Bonnie Brinton Anderson, Anthony Vance, C. Brock Kirwan, David Eargle. More Harm Than Good? How Messages That Interrupt Can Make Us Vulnerable.Information Systems Research, 2016; DOI:10.1287/isre.2016.0644
Habituation
Additional research indicates another aspect of your brain’s failure to respond to security messages. That is the quality of unconscious “habituation.” The brain is so ingrained by the repetitive patterns and images of these security messages that it settles into a state of visual fatigue.
Here’s a personal example, I recently upgraded my laptop to Windows 10. I made all the adjustments and felt secure that everything was taken care of. A few weeks later, a series of pop-up messages start appearing saying AMD needs updating.
Since I had no idea what AMD referred to, I began to habituate to each new pesky message. The messages keep coming and I eventually Google it. Turns out it has something to do with bandwidth graphics, especially for gaming. Since I don’t do any gaming, I continue to ignore it.
Then a new message – “you have a computer error and download the AMD fix immediately.” ” What trouble am I in now?” So, everything stops while I search for the fix, fix it, and then wait to make sure the fix has been made.
My brain, like yours when you ignore security messages, has habituated. Yes, we know that we need to address this, but we’ll get around to it. Sometimes we even argue with ourselves that –
- it’s possibly disguised malware
- just another add-on that’s not needed
- can’t deal with it now, it will take too much time
- this isn’t relevant to me
- I’ll do it when the next message occurs
- I’ll catch the next upgrade when it comes along
For those whose job it is to keep our electronic devices security safe with new programs, updates, and warnings, they have to confront our brain’s unwillingness at times to pay attention to their messages.
Solutions for Inattention to Security Messages
To date, BYU researchers and Google Chrome engineers have come up with two solutions.
Security Messages Solution #1
First, is timing. Rather than sending out security messages in a random manner, they are trying to determine the best times when you are not preoccupied with a computer task. This could be when –
- you’ve finished a video
- a page is buffering waiting for the upload
- you’re ready to shut down from all website activity
Security Messages Solution #2
Second is a process to offset visual fatigue and non-response by creating “polymorphic images“. These are images that contain variations of the same messages within different design formats meant to catch your attention by the novelty of their design, patterns, and colors.
Both solutions show subjects under test conditions reduce their inattention responses to security messages. Now, whether that will work for the rest of us remains to be seen.
What security message does your brain ignore?
Resources
People disregard security warnings on computers because they come at bad times
https://www.sciencedaily.com/releases/2016/08/160817142911.htm
Why do we ignore up to 90% of computer security alerts? Because we’re terrible at multi-tasking…
http://www.tripwire.com/state-of-security/featured/security-alerts-multitasking/
MRIs show our brains shutting down when we see security prompts. This is your brain after repeated security warnings. Any questions?
Image: CCO Public Domain