Enhancing privacy and security of our future home
IoT Hub for Intel
With continuous news on IoT cybercrime and the ever widening IoT eco-system, Intel and CMU CHIMPS Lab initiated this project to explore and design ways to enhance user control on IoT privacy and increase data security and transparency. The project is still a work-in-progress.
Sept 2017 - May 2018
Final Design Overview
APPROACHING THE PROBLEMS
To understand the problems from a user's perspective, I reframed the two goals into more concrete design questions and started interviewing people.
What’s the best way to categorize and display all the devices?
How to simplify the procedures for managing the privacy and security settings?
How do we alert users if there are privacy and security threats?
1. People associate devices with physical space
In order to understand people's mental models of their home devices, I asked a few people to free associate as many devices from their own home as they could. The responses were surprisingly similar - their grouping of devices all heavily depended on the physical boundaries inside the house.
Users followed the physical boundaries in their house to recall the devices they owned.
2. User feels ambivalent about giving personal
data to sensors & manufacturers
Users liked having smart devices taking care of the routine tasks for them, but they also felt conflicted about having sensors recording or utilizing their personal data especially in a home setting.
It seemed that managing and controlling the sensors was more than a binary 'on' and 'off' option. Depending on different devices and scenarios, users‘ boundaries about sharing data with sensors might be completely different.
Users’ attitude about sharing personal data with smart devices varied depending on a mix of factors.
Based on the insights from user research, I designed my first prototype to explore the following ideas.
Display devices and manage privacy and security settings by room
Have a top-level sensor setting where the user can turn he sensor detection on or off as a whole as well as customizing individual device's sensor settings, such as setting it to turn on only 'while using' or 'when asked'
Aggregate all the device notifications and have a centralized 'news feed', e.g. attacks, device missing or software updates
VALIDATING & ITERATING
From testing my prototype with users, I learned more about what worked for them and what didn't work well for them, which guided me through the iterations of design.
1. Avoid redundancy in information hierarchy
Displaying devices by room was intuitive for user, but managing the sensor settings under the room tab didn't work well - it overlapped with the top-level security tab and people seemed confused about having two places to manage sensor settings.
Sensor settings are not tied with each room anymore but under each individual device. Users now change the sensor settings under individual devices, or they can also go to the high-level privacy tab.
Sensor settings are now under each individual device.
Users can also change sensor settings under the centralized Privacy tab.
2. Playing with visual to better navigate users
With multiple rooms and devices, users appeared to easily forget where they were in the system and how to go back when they were in the middle of a task.
Enlarge heading size to clearly indicate where users are and use consistent color coding to create threads for different tasks.
3. Contextualize dialogue message to regain user's trust
During the testings, users often just ignored the 'alert' signals for sensor settings - they had already been so desensitized to the alert information that they thought nothing serious would happen. This meant we had to figure out another way to build up the credentials of the system and regain users' attention.
introduce step-by-step instructions in which users are shown the consequences of privacy threats and prompted again to follow the suggested sensor settings.
Use dialogue that contains more contextual information to convince users about security risk and encourage change.
Adding different players into the picture...
In the spring semester, I will explore a new feature of having different players under the same household, which adds to the complexity of the IoT systems.
Roommates, airbnb guests, kids versus parents... all of which create situations where different privacy settings or temporary device controls are needed. (In other words, more fun with research and prototyping!)