Implementation of a set-theoretic approach to obtain a numerical estimate of data privacy when using modules for blocking access to mobile applications

This paper considers the problem of assessing the confidentiality of data when using modules for blocking access to mobile applications. Messengers on the iOS17 platform were selected as an example. The relevance of the study is due to the need to increase the level of protection of user data in the face of growing threats to information security. The main goal is to obtain a numerical estimate, and the achievement of the goal is shown using the example of a comparative analysis of the confidentiality of data provided by the means of blocking applications VK, Telegram and WhatsApp. To achieve the goal, the methods of set-theoretical analysis and expert assessments were used. Key parameters for ensuring confidentiality (type and length of the lock code, use of biometrics, auto-lock time, etc.) were identified, normalized in the range [0,10]. The final score was calculated as the sum of the values of particle values for each application. The results showed that Telegram provides the highest level of confidentiality due to the ability to use more complex lock codes and strict security settings. VK is inferior to Telegram in a number of parameters, but demonstrates better results compared to WhatsApp, unless all parameters are forcibly disabled. The findings of the study can be used to improve data protection mechanisms in mobile applications, and the proposed methodology can be used for further research in the field of information security.

1. Koreneva A.M., Savarin I. A comparative review of the security of popular corporate messengers. Engineering Journal of Don. 2024;(8):19–40. (In Russ.).

2. Klyueva A.A., Pal'chastaya A.R. Sravnitel'nyi analiz shifrovaniya v messendzherakh. In: 75-ya nauchno-tekhnicheskaya konferentsiya uchashchikhsya, studentov i magistrantov: Tezisy dokladov: Part 4, 22–27 April 2024, Minsk, Belarus. Minsk: BSTU; 2024. P. 159. (In Russ.).

3. Kausar N., Din I.U., Khan M.A., Almogren A., Kim B.-S. GRA-PIN: A Graphical and PIN-Based Hybrid Authentication Approach for Smart Devices. Sensors. 2022;22(4). https://doi.org/10.3390/s22041349

4. Lal N.A., Prasad S., Farik M. A Review Of Authentication Methods. International Journal of Scientific & Technology Research. 2016;5(11):246–249.

5. Hayashi V.T., Ruggiero W.V. Hands-Free Authentication for Virtual Assistants with Trusted IoT Device and Machine Learning. Sensors. 2022;22(4). https://doi.org/10.3390/s22041325

6. Senbagavalli M., Debnathb S., Ramalakshmi K. Secret key verification techniques for graphical password authentication system to avoid shoulder surfing. Topics in Intelligent Computing and Industry Design. 2022;3(3):172–177. http://doi.org/10.26480/icpesd.03.2022.172.177

7. Rodriguez R.A., Spring J., Volovik D. Visual authentication and authorization for mobile devices. US Patent, No. US8850541B2. 2014.

8. Methenitis M. System and method for enhancing device passcode security. US Patent, No. US8850603B2. 2014.

9. Azenkot S., Rector K., Ladner R.E., Wobbrock J.O. PassChords: Secure Multi-Touch Authentication for Blind People. In: ASSETS '12: Proceedings of the 14th International ACM SIGACCESS Conference on Computers and Accessibility, 22–24 October 2012, Boulder, USA. ACM; 2013. pp. 159–166. https://doi.org/10.1145/2384916.2384945

10. Harbach M., De Luca A., Egelman S. The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens. In: CHI '16: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 07–12 May 2016, San Jose, USA. New York: Association for Computing Machinery; 2016. pp. 4806–4817. https://doi.org/10.1145/2858036.2858267