Self-efficacy-based game design to encourage security behavior online

Abstract

Eliciting cybersecurity behavior change in users has been a difficult task. Although most users have concerns about their safety online, few take precautions. Transformational games offer a promising avenue for cybersecurity behavior change. To date, however, studies typically focus on entertainment value instead of investigating the effectiveness and design potential of games in cybersecurity. As a first step to filling this gap, we present the design of Hacked Time, a desktop game that aims to encourage cybersecurity behavior change by translating self-efficacy theory into the game's design. As cybersecurity games are a relatively novel area, our design aims to serve as a prototype for mapping specific behavior change principles relevant to this area onto game design practice.