Search results

This paper aims to investigate Google’s top developers’ apps with trust badges to see if they warrant an additional level of trust and confidence from consumers, as stated by Google.

Risky app permissions and in-app purchases (IAP) from Google’s top developers and traditional developers were investigated in several Google Play top app categories, including Editor’s Choice apps. Analysis was performed between categories and developer types.

Overall, Google’s top developers’ apps request more risky permissions and IAP than do traditional developers. Other results indicate that free apps are more dangerous than paid apps and star ratings do not signify safe apps.

Because of a limited number of Google’s top developers and Editor’s Choice apps, conclusions are drawn from a small sample of apps and not the entire market.

Google’s top developers’ apps are suited well for increasing revenue for Google and developers at the consumer’s expense. Consumers should be wary of top developer trust badges.

As the lure for “top free” and “top developer” software is strong among consumers, this research contributes to societal welfare in that it makes consumers aware that Google top developer app trust badges and free apps are more dangerous than traditional developer and paid apps, as they request risky permissions at a much higher frequency. Therefore, consumers should be very careful when downloading apps that are advertised as “top free” or “top developer”.

Google’s top developers’ apps and Editors’ Choice apps have not been investigated from the perspective of permissions and IAP before.

Technological firms increasingly depend on open innovation to compete in hypercompetitive markets. To openly engage the creativity of a multitude of private actors, firms can rely on crowdsourcing. Crowdsourcing challenges global companies as they span organizational boundaries to attract multiple local partners. Global companies must engage in boundary spanning to successfully communicate and create a sense of community with smaller local partners despite status and cultural differences. The collaboration between Google and developers in China deserves to be studied in particular, because it operates within a restricted market.

This paper argues that crowdsourcing for innovation on a global scale requires effective boundary spanning capabilities. These boundary-spanning practices ensure smooth cooperation with the crowd and solve problems relating to differences in status and organizational contexts. This study applies Bourdieu's theory of practice including the concept of capital (economic, intellectual, social and symbolic) to understand the social relationships between Google and a growing community of Chinese developers. It also draws on a case study including ten semistructured interviews, which have been triangulated with internal documents and data from selected websites.

Four types of capital (symbolic, intellectual, social and economic) have been identified as important devices to understand the sources of power and the stakes of Googlers and developers in the joint field. These types of capital contribute to structure the social fields in which developers and Google cooperate and their practice. The success of the collaboration between Google and Chinese developers can arguably be attributed to Google's ability to create boundary-spanning activities in order to reduce the endowment differential in the four types of capital and improve their communication. Therefore, this research provides a deep and conceptualized description of boundary-spanning practices, as well as providing a useful contribution for managers involved in crowdsourcing via platform in culturally different markets.

The main limitation of this study is methodological in nature, relating to the absence of interviews with board members of Google China who are reluctant to speak about Google activities in China for political raisons. This restriction is partly counterbalanced by the analysis of publicly available secondary data such as news and communications.

This research has generated practical recommendations for managers of organizations, which require optimal boundary spanning for crowdsourcing. Managers must understand the different sources of social boundaries between their organization and the crowd. The crowd should be segmented into smaller groups with distinctive identities, and organizations should systematically design boundary-spanning activities to address each boundary of each segment. The boundary-spanning activities involve a specific set of tools, programs and platforms to address the target group. Efficient boundary spanning depends on the necessity to select boundary spanners with high cultural intelligence and communication skills.

This paper draws on Bourdieu's theory of practice to investigate the role of boundary spanning in crowdsourcing for innovation, specifically in the joint field between Google and Chinese developers. This research reveals how boundary objects such as developer documents, websites, programs and events are essential for developers to be able to participate on Google's platform. Companies should be prepared to invest in the design and delivery of boundary-spanning activities and objects, knowing that these are also a locus for negotiation with local partners.

This research contributes to the literature by applying the boundary-spanner theory to Google crowdsourcing practices within a restricted market. Bourdieu's theory of practice has proven to be a potent perspective with which to better understand the positive role of boundary spanners in the joint field between Google and Chinese developers. Moreover, this practice perspective has not been used in prior research to highlight power relations in crowdsourcing for innovation. This study has shown that, in addition to boundary objects, boundary spanners can also contribute in the transfer of intellectual capital, which is the pivotal resource for boundary spanning in this field.

The surge of artificial intelligence (AI) applications and subsequent adoption by consumers and marketers has ignited substantial research exploring the benefits and opportunities of AI. Despite this, little attention has been given to its unintended negative consequences. In this paper, the authors examine both the practitioner and academic sides of ethical AI. In doing so, the authors conduct an extensive review of the AI literature to identify potential issues pertaining to three areas: individual consumers, societal and legal. The authors identify gaps and offer questions to drive future research.

The authors review recent academic literature on AI in marketing journals, and top ethical principles from three top technology developers (Google, IBM and Meta) in conjunction with media reports of negative AI incents. They also identify gaps and opportunities for future research based on this review.

The bibliographic review reveals a small number of academic papers in marketing that focus on ethical considerations for AI adoption. The authors highlight concerns for academic researchers, marketing practitioners and AI developers across three main areas and highlight important issues relating to interactive marketing.

This paper highlights the under-researched negative outcomes of AI adoption. Through an extensive literature review, coupled with current responsible AI principles adopted by major technology companies, this research provides a framework for examining the dark side of AI.

The development and proliferation of cellular/wireless technology has changed the competitive environment of traditional cooper based telephony. The complexity in the competitive environment coupled with advances in technology and innovation is requiring management to rethink strategy formulation and implementation. Convergence is discussed in the context of discontinuous competitive environment and possible management responses to changes.

The findings of this paper are based on the analysis of the communications industry, a comprehensive review of trends in innovation and technology, strategic diagnosis and implication for management.

The rate of change in innovation is leading to the creation of new industries and the disintegration of the industry classifications due to convergence of multiple needs previously served by different industry groupings. As such, firms have to upgrade their environmental scanning systems to detect competitive forces beyond the industrial competitive boundaries.

The paper provides a comprehensive review of convergence and disruptive technologies

The paper highlights the breakdown of barriers in terms of industry classification. Customer's needs could be served by firms in hitherto distinct industry groupings.

This study explores how app store awards shape the behavior of leading digital entrepreneurs, focusing on their engagement in technological innovation through feedback and re-signaling mechanisms. It aims to reveal the nudging effect of award signals on entrepreneurial behavior.

In this study, data from 349 leading mobile app entrepreneurs in the UK Google Play Store were collected over an extended period from various sources. Functionality novelty and explorative behavior were assessed by analyzing app release date and permission technologies in comparison to both their own prior apps and those of their closest competitors. Hypothesized relationships were tested using accelerated failure time parametric models.

This study extends the literature on signaling by showing that (1) the top developer award signal served to nudge entrepreneurs to improve the functionality novelty of their apps and those who succeeded were less likely to switch to another product category, (2) the award signal created a window of opportunity for non-award entrepreneurs to respond and those who released new apps around the midpoint of a normal app development cycle significantly improved the likelihood of winning the award in a subsequent round of award-giving, and (3) the effect of functionality novelty on winning the award was more pronounced when non-award entrepreneurs pursued more explorative than exploitative behavior in app development.

The results offer novel insights into an understudied area, specifically the influence of online award signals on nudging entrepreneurs to pursue technological innovation. The research also highlights the crucial role played by the app store as an intermediary signaler.

Google Scholar has been increasingly used in the past six to seven years as a highly efficient information source and service by librarians and other information professionals. The problem is when Google Scholar is touted and used as a bibliometric/scientometric tool and resource in the assessment of the quantity (productivity) and quality (impact) of research publications, in formal and informal ways, for decisions related to tenure, promotion and grant applications of individual researchers and research groups, as well as in journal subscriptions and cancellations. This paper aims to examine this issue.

The paper discusses the use of Google Scholar for journal impact factors and the h‐index in nationwide publishing assessments in academia. It focuses on the issues of access and excess in Google Scholar: the innate limits of Google Scholar and those imposed by its developers on the users.

The paper reveals that issues of access and excess in Google Scholar prevent the researchers from doing appropriate content analysis that the best librarians and other information professionals do systematically to discover the pros and cons of databases. The excess content grossly dilutes the originally worthy collection of scholarly publications. The accuracy, reliability and reproducibility are essential for realistic research assessment through the prism of the quantity (publication counts) and quality (citation counts) of scholarly works. Unfortunately the metadata created by Google Scholar is substandard, neither reliable nor reproducible and it distorts the metric indicators at the individual, corporate and journal levels.

The paper provides useful information on the use of Google Scholar for journal impact factors and the h‐index in academic publishing.

Software developers extensively use stack overflow (SO) for knowledge sharing on software development. Thus, software engineering researchers have started mining the structured/unstructured data present in certain software repositories including the Q&A software developer community SO, with the aim to improve software development. The purpose of this paper is show that how academics/practitioners can get benefit from the valuable user-generated content shared on various online social networks, specifically from Q&A community SO for software development.

A comprehensive literature review was conducted and 166 research papers on SO were categorized about software development from the inception of SO till June 2016.

Most of the studies revolve around a limited number of software development tasks; approximately 70 percent of the papers used millions of posts data, applied basic machine learning methods, and conducted investigations semi-automatically and quantitative studies. Thus, future research should focus on the overcoming existing identified challenges and gaps.

The work on SO is classified into two main categories; “SO design and usage” and “SO content applications.” These categories not only give insights to Q&A forum providers about the shortcomings in design and usage of such forums but also provide ways to overcome them in future. It also enables software developers to exploit such forums for the identified under-utilized tasks of software development.

The study is the first of its kind to explore the work on SO about software development and makes an original contribution by presenting a comprehensive review, design/usage shortcomings of Q&A sites, and future research challenges.

The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud-based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third-party applications revocable access to user data. OAuth has rapidly become an interim de facto standard for protecting access to web API data. Vendors have implemented OAuth before the open standard was officially published. To evaluate whether the OAuth 2.0 specification is truly ready for industry application, an entire OAuth client server environment was developed and validated against the speciation threat model. The research also included the analysis of the security features of several popular OAuth integrated websites and comparing those to the threat model. High-impacting exploits leading to account hijacking were identified with a number of major online publications. It is hypothesised that the OAuth 2.0 specification can be a secure authorisation mechanism when implemented correctly.

To analyse the security of OAuth implementations in industry a list of the 50 most popular websites in Ireland was retrieved from the statistical website Alexa (Noureddine and Bashroush, 2011). Each site was analysed to identify if it utilised OAuth. Out of the 50 sites, 21 were identified with OAuth support. Each vulnerability in the threat model was then tested against each OAuth-enabled site. To test the robustness of the OAuth framework, an entire OAuth environment was required. The proposed solution would compose of three parts: a client application, an authorisation server and a resource server. The client application needed to consume OAuth-enabled services. The authorisation server had to manage access to the resource server. The resource server had to expose data from the database based on the authorisation the user would be given from the authorisation server. It was decided that the client application would consume emails from Google’s Gmail API. The authorisation and resource server were modelled around a basic task-tracking web application. The client application would also consume task data from the developed resource server. The client application would also support Single Sign On for Google and Facebook, as well as a developed identity provider “MyTasks”. The authorisation server delegated authorisation to the client application and stored cryptography information for each access grant. The resource server validated the supplied access token via public cryptography and returned the requested data.

Two sites out of the 21 were found to be susceptible to some form of attack, meaning that 10.5 per cent were vulnerable. In total, 18 per cent of the world’s 50 most popular sites were in the list of 21 OAuth-enabled sites. The OAuth 2.0 specification is still very much in its infancy, but when implemented correctly, it can provide a relatively secure and interoperable authentication delegation mechanism. The IETF are currently addressing issues and expansions in their working drafts. Once a strict level of conformity is achieved between vendors and vulnerabilities are mitigated, it is likely that the framework will change the way we access data on the web and other devices.

OAuth is flexible, in that it offers extensions to support varying situations and existing technologies. A disadvantage of this flexibility is that new extensions typically bring new security exploits. Members of the IETF OAuth Working Group are constantly refining the draft specifications and are identifying new threats to the expanding functionality. OAuth provides a flexible authentication mechanism to protect and delegate access to APIs. It solves the password re-use across multiple accounts problem and stops the user from having to disclose their credentials to third parties. Filtering access to information by scope and giving the user the option to revoke access at any point gives the user control of their data. OAuth does raise security concerns, such as defying phishing education, but there are always going to be security issues with any authentication technology. Although several high impacting vulnerabilities were identified in industry, the developed solution proves the predicted hypothesis that a secure OAuth environment can be built when implemented correctly. Developers must conform to the defined specification and are responsible for validating their implementation against the given threat model. OAuth is an evolving authorisation framework. It is still in its infancy, and much work needs to be done in the specification to achieve stricter validation and vendor conformity. Vendor implementations need to become better aligned in order to provider a rich and truly interoperable authorisation mechanism. Once these issues are resolved, OAuth will be on track for becoming the definitive authentication standard on the web.