Abstract

Popular platforms including Android and Facebook have adopted a permissions-based model. Under this model applications (apps) are required to declare specific access to user information required for functionality. We conducted two user studies on Amazon's Mechanical Turk to test the efficacy of these permissions requests on the Android platform. We found permissions were ineffective, even with the addition of an additional text warning. Conversely, we found that an app's download count had a strong effect on app installations. In order to determine if it was a failure of our text-based warning, we ran a second experiment with a previously proven visual indicator.