On the Recruitment of Company Developers for Security Studies: Results from a Qualitative Interview Study

Abstract

To address the issue of participant recruitment for security developer studies, researchers proposed using freelance online platforms or recruiting computer science (CS) students as proxies. However, recent studies showed that company developers performed better than freelancers or CS students in security developer studies. Additionally, studies on factors influencing usable security and privacy in companiesmake recruiting professionals indispensable. Therefore, we investigated influential factors on the motivation of software developers regularly employed in companies to participate in security studies. We conducted 30 semi-structured interviews on their perceptions of study factors concerning study design, recruitment methods, and data collection. We found that the study duration, topic, monetary compensation, and trust are influential factors for participation in developer studies. However, participants were concerned about high effort and weak performance in security tasks. Based on our findings, we provide recruitment and study design recommendations for future security research with company developers.