NDSS

Evaluating Personal Data Control In Mobile Applications Using Heuristics

Alain Giboin (UCA, INRIA, CNRS, I3S), Karima Boudaoud (UCA, CNRS, I3S), Patrice Pena (Userthink), Yoann Bertrand (UCA, CNRS, I3S), Fabien Gandon (UCA, INRIA, CNRS, I3S)

Allowing the users of mobile applications to control their personal data has become a key requirement. In the PadDOC project we studied the design of a mobile application intended to guarantee users the “exclusive control” of their personal data. We decided to use a heuristic evaluation method but we rapidly found that the criteria used were either too general or incomplete. As a result, we undertook to design a new set of heuristics which take this control activity into account, and which can be used by both usability specialists (HCI ergonomists) and computer scientists or engineers. This paper details the heuristics we designed together with the design method. It also reports the first test of the use of the criteria by a group of computer scientists, engineers and HCI ergonomists to evaluate a mock-up version of the PadDOC application. This test shows the benefits and limitations of the criteria.