An Algorithm for Improving Email Security on the Android Operating System in the Industry 4.0 Era

,


Introduction
Android is today's most popular mobile operating system for smartphones, tablets, and other electronic devices including smart TVs. is popularity and endless use of the Android operating system creates many risks which are not fully recognized [1]. As technology continues to evolve, so also do the opportunities and challenges provide [2]. e increased use of technologies puts society at a crossroads as it moves from a society already entwined with the Internet to the emergency of industry 4.0 characterized by automation, Big Data, and the Internet of ings (IoT) [3,4]. e proliferation of mobile devices and their adoption for usage by both businesses and individuals as a mean of communication presents a new form of concern [5]. e automation and digitalization of many business processes which are being adapted to technology forced people to depend on such technologies for communication and transactions. is has incredibly disrupted or retrofitted most industrial processes by the use or adoption industry 4.0 technologies [6]. Just as technology brings ever greater benefits, it also brings threats including cyberattacks. erefore, protecting the communication mechanism such as email of organisations and businesses becomes a paramount priority [7].
Email is an electronic communication protocol used daily by most people, as well as governments and businesses across the world [8]. With the massive use of Internet and email communications, a new set of complementary standards and tools was created to harness the growing security and privacy concerns. However, these enhanced protocols and tools have failed in practice to deliver effective protection [8]. To this end, worldwide email communications remain largely vulnerable to security and privacy threats [9]. Some researchers have suggested encrypting and signing emails to secure it [10][11][12].
is further complicates the means of information exchange since it places a greater load on the organization's network infrastructure [13]. However, for many organisations, the benefits of email encryption and signature will outweigh the costs [14].
A security module that provides protection to the mobile devices and the users against malicious communication, unauthorized access to resources and user private data, and against other security threats includes a combination of features (such as control of third-party applications, validation of the SMS sender's number, protection against fake contact name of the SMS sender, and collection of data about fraudulent and spam SMS messages) [12,13,15]. However, the popularity of mobile phones and the growing number of applications and different useful features include call features, calculations, maps, and applications for sending and receiving money, paying bills, and email communication [16]. Moreover, the easy accessibility of Android applications from Play Store with the advantage of easy developer registration and distribution has made many ill-intended developers to take advantage of such characteristics to implant malware in Android applications leading to severe the damages [17].
ere is a growing use of emails in the world, meaning there are higher possibilities of its usage to communicate confidential information. Confidential information like whistleblowing and sharing of bank information would prefer to be destroyed as soon as it is used. ere is no reliable existing approach which provides the sender confidence that the information sent is safe or if needs to be deleted, that is, has been deleted unless a user initiates the action during message sending. erefore, the outstanding contribution of this study is to develop an algorithm that gives the sender a role of deciding when their sent information is no longer available in the receiver's inbox. e algorithm is to prompt the sender at the time of sending on how long they want the email to stay in the receiver's inbox before autodeletion. e designed algorithm and application provide means of ensuring that user information is protected at the device end, thus strengthening confidentiality. e algorithm also empowers users with delete rights over their information after it has been decoded. e autodelete algorithm allows the sender of information to determine the time his/her information remains at the receiver's end.
is study is structured as follows: Section 2 describes the methodology used to achieve the objectives of the study, while Section 3 presents the results and discussion followed by the conclusion section.

Methodology
e present study was conducted in four steps or phases as shown in Figure 1. Literature on specific email security techniques were reviewed in phase one, in phase two, the algorithm was developed, and in phase three, the algorithm was evaluated using questionnaires with selected participants, and SWOT analysis was done in the last phase.

Study Area, Design, and Period.
e survey was conducted in Kampala, Uganda. It was performed in the period of three months from January 15 to April 15, 2019. In this study, cross-sectional survey design was used.

Population and Sample
Size. In this study, the users' selection criteria were based on the following: (1) users that are literate in the concept of security and confidentiality selection required experience, (2) frequent email users, and (3) those who have adopted emails from their Android email clients. While three institutions were randomly selected, both technical and nontechnical email users from each institution were considered. e fact that there were few users in number for each institution, the whole population was taken for the study. A nonprobability sampling was used to ensure that the samples are all frequent email users. is method allowed samples that are knowledgeable of email usage, are themselves email users, and have been using emails to communicate sensitive information, having significant experience of over 10 years. e purposive sampling technique was used to get knowledgeable respondents, and these were drawn from three companies including Luzira Prisons, Neptune Software Group, and UGAFODE Microfinance Limited. is was because these organisations had users with significant experience in email usage and sharing of confidential information through emails. e sample size from the data in Table 1 was used to make precise generalizations with confidence for the entire population. e sample size selected addressed the issues of precision (i.e., how close the computed estimate is to the true characteristics of the population) and confidence (i.e., how certain is the estimate to hold true for the population).

Data Collection.
Two sets of closed questionnaires were used to collect the opinion of the users; this is because, we wanted the users to limit their opinion only to the subject we are researching. is assessment was conducted using closed questionnaires submitted to selected users based on their knowledge, email adoption, and how much they rely on email for sensitive communication. Supplementary Material (S1) provides detailed information on the two sets of questionnaire survey (scenario 1 and 2).

Data Quality Assurance.
e two set of questionnaires (scenario 1 and 2) were validated by two associate professors in the field of ICT. To establish the reliability, the internal correlation method was utilized for each questionnaire. e Cronbach's alpha for the mentioned dimensions were 0.722 and 0.706, respectively.

Ethical Consideration.
e ethical clearance for the survey was obtained from the Institutional Research Ethical Committee of Busitema University and informed consent of respondents before enrolling them voluntarily in the study. Ethics issues such as privacy and confidentiality of the respondents were ensured. Besides, the letter was acquired from the university that acted as an introductory document to different organization and individuals engaged on this research. It was also ensured that the algorithm developed does not execute any unintended/undisclosed activity in the users' devices.

Statistical Analysis.
e participants' responses to both set of questionnaires were measured by questions on a five-point Likert scale rating, ranging from strongly agree (5), agree (4), neutral (3), disagree (2), and strongly disagree (1). e mean score of every question was calculated out of five. Descriptive statistics were calculated for all items. e results were analyzed with the use of SPSS software version 20.0 (SPSS, Chicago, Illinois). Internal consistency reliability of each questionnaire was measured by Cronbach's alpha, where coefficients of ≥0.7 demonstrate acceptable internal consistency.

Design of the Autodelete Algorithm.
e class diagram describing the autodelete algorithm was designed using Unified Modelling Language (UML) tools as shown in Figure 2.
Being an additional feature to a given application, the data-wipe algorithm gives the message sender authority to the message, and the size of the application needs to be small. erefore, several loops and languages used in building the algorithm were examined. As the result, Kotlin used in connection with Android studio were chosen looking at its simplicity and few lines of code, which could be used to implement given flows of the algorithm compared to ordinary Java programming language. is would mean that Kotlin presents shorter function than Java programming   Journal of Engineering language. For code optimisation and algorithm efficiency, Kotlin was the preferred base programming language used to develop the algorithm. e algorithm for autodeleting the message was designed using UML and structured programming. e pseudocode of the developed autodelete algorithm is shown in Figure 3.

Description of the Algorithm.
e pseudocode algorithm for autodelete messages in Figure 3 is clearly described as follows: Step 1: the algorithm captures the message or any file to send Step 2: the algorithm captures the destination device IP Step 3: instantiate the date class and capture the sending time and the receiving time for the shared message Step 4: the algorithm captures the expiry time for the shared message. If the receiver's current time minus the sending time is less than the expiry time, the receiver's time increments by one minute; else, the message is deleted from the device. e operation of the designed autodelete message algorithm is shown in Figure 4.

Evaluation of the Algorithm.
To evaluate the developed algorithm, a mobile software application was developed where the algorithm was embedded to test its ability to accurately work. Two users were selected and given access to the developed application and one sent a message to the other with a set time for this message to be visible and after expire. When the other user of the algorithm successfully received the message, a test was done to ensure that the received message is autodeleted from the receiver's inbox at the specified time as set by the sender. e results of this system testing were positive and according to the expectation of the researcher and the testing team. Furthermore, field survey was conducted following the same principle as in phase 1 of the study to evaluate the algorithms based on the users' opinion. In this phase, the second set of questionnaires (scenario 2) was used. Due to the limited access to the email server applications API's, a customized email server and client Android mobile application was developed using Java and Android Studio to enable message composition and transmission to a given recipient, and it is where the autodelete algorithm was embedded. e application was made available to the users chosen and was used to evaluate if it still achieves the stated function. A questionnaire was dispatched to these users to collect their response to the use of the algorithm. Supplementary Material (S2) provides the security demo of the designed application.

SWOT Analysis.
In this study, the SWOT analysis of the autodelete data algorithms was based on the literature search and review. Relevant literature from the latest articles and publication about data confidentiality trends, analysis on various encryption, and data security-related articles were collected. Altogether, a review of 45 latest documents selected from 2008 to date, 15 (33.33%) were from selected journals, 15 (33.33%) from conference papers, 10 (22.22%) from books, and five (11.11%) from selected Wikipedia. e journals and conference papers filtered from Google Scholar were looked at. Given that most of these articles and conference papers did not tackle confidentiality at the device end, we concluded on the 45 articles and based our research on them.

Demographic Characteristics.
e results showed that out of 31 respondents who were given the questionnaires, 100% returned valid results and 14 (45%) were technical users. e data collected were then categorized, quantified, and then coded. Data analysis in this study was done using Statistical Package for Social Science (SPSS). e majority of the respondents were male with a percentage of 64% while 36% were female. Regarding the departments where the respondents came from, 34% came from ICT-related departments, while 66% came from non-ICT-related departments, when examining the expert period taken; while using emails, we discovered that 43%, 28%, and 29% had used emails for, respectively, between 1 and 3 years, 4 and 7 years, and above 8 years.

Reliability Testing.
Reliability is the degree to which the study provides consistent results when analyzing a similar population [18]. erefore, it helps to explain the degree to which an instrument measures the same way, and every attempt is employed under similar conditions with the same subjects. e reliability test was run on two constructs which came as different questionnaires and were responded to by the same group of respondents as shown in Table 2. Supplementary Material (S3) provides detailed information on the reliability statistics. Table 2 provides that all parameters are above Cronbach's alpha's 0.7 value, which is considered acceptable for academic research.

Evaluation of Autodelete Data Algorithms.
e evaluation of autodelete data algorithms was performed using the second set of the questionnaire (scenario 2). Regarding each of the research questions (R1-R12), all evaluation questions were positively set, and the results showed that all questions (strongly agree or agree) gave an average of 65%. Figure 5 shows that the majority of the respondents agree with the algorithm provided and have recommended the algorithm as a better solution to ensure confidentiality of the email clients. It was concluded that there is a problem of confidentiality on mail accessed using Android email clients, and companies have done little to control the safety of their email users.

SWOT Analysis.
e SWOT analysis here considered mail security services that apply to email client services and concerning the assessment. e analysis was done on antivirus, PGP, and OS platform security as given in Table 3.
In information security, a SWOT analysis can be useful for developing a better understanding of the security environment. It can also support the business' overarching strategy by giving insight into the security assets, risks, issues, and challenges that the information technology department and, thus, the business as a whole will be faced with. In this analysis, specific email security techniques were prioritized based on the literature that were reviewed. e SWOT analysis of the designed data wipe algorithm was developed as shown in Figure 6. ese three features outlined above make the system such a unique communication system since the user has the capabilities to track any changes that happen to his or her data. To establish the facts, the techniques that do not apply to email client data access security were eliminated. In Table 4, confidentiality was compared and the email client security techniques provided to the emails a user sends or receives.
To this end, the autowipe algorithm is reliable, prevents access to data even when an account has successfully hacked attempts, can be incorporated into standard email communication protocols, easy to use, and generally presents better control attribute compared to password, OS platform security, antivirus, and PGP techniques. e algorithm is designed to close the gap where other email security techniques fail to prevent unauthorized access to personal emails.

Conclusions
e robustness of the algorithm system with its functionality ensures the confidentiality of the message on the client's inbox. e autodelete or autowipe algorithm offers an allround confidentiality build up on the security of the transmitted message. With most organisations and institutions swiftly embracing the benefits of industry 4.0, this algorithm comes at such a point where email communication is at a great ordeal in becoming the next-generation business communication model because of its instant messaging features as opposed to its old approach. is research introduced new knowledge to the research fraternity by bringing a new security approach to emails and introducing need for more research on security on email client. Future research should focus on scaling this algorithm to other email clients and mobile operating systems other than Android.
Data Availability e research data underlying the findings of the study can be accessed from the Figshare data repository at the link https:// doi.org/10.6084/m9.figshare.14916030.v1. Disclosure e preprint version of this work is deposited with Preprints.org at the link https://www.preprints.org/manuscript/ 202107.0126/v1s [19].