Fei Gao,Pei-Luen Patrick Rau,Yubo Zhang

DOI: https://doi.org/10.4018/ijmhci.2017010104

2017-01-01

International Journal of Mobile Human Computer Interaction

Abstract:The rapid deployment of mobile devices and the development of mobile services and applications require to address the mobile information security from the human side. This study was aimed at identifying factors influencing people's perception of mobile information security, to investigate the impact of these factors and to facilitate related service design. A survey was conducted and analyzed with exploratory factor analysis. Five factors were identified, including perceived familiarity, perceived impact, perceived controllability, perceived awareness and perceived possibility. Thereinto, the impact of controllability, impact and familiarity on the adoption of mobile payment was investigated. Impact significantly affected the intention to use, but not the perceived security of payment systems. Control level significantly affected the intention to use and the perceived security. Familiarity was found to have an effect on neither the intention to use nor the perceived security. Related design implications for mobile payment systems were discussed.

Ding-Long Huang,Pei-Luen Patrick Rau,Gavriel Salvendy,Fei Gao,Jia Zhou

DOI: https://doi.org/10.1016/j.ijhcs.2011.07.007

IF: 4.866

2011-01-01

International Journal of Human-Computer Studies

Abstract:The gap between the perceived security of an information system and its real security level can influence people' decisions and behavior. The objective of this study is to find effective ways to adjust people's perception of information security, in order to enhance their intention to adopt IT appliances and compliance to security practices. Two separate experiments were conducted. In experiment I, 64 participants were asked to transfer money through an e-banking system. Their intention to adopt e-banking was measured by a questionnaire. In experiment II, 64 participants were asked to register on an online forum. Their subjective intention to create a strong password was measured by a questionnaire, and the objective strength of the passwords they created was calculated. Results of the ANOVA and the path models derived from the path analysis indicated that people's adoption intention, such as their intention to adopt e-banking, can be enhanced by changing their perceived Knowledge, Controllability and Awareness, while changing the perceived Controllability is most effective. The results also indicated that people's compliance to security practices, such as setting strong passwords for IT systems, can be enhanced by changing their perceived Knowledge, Severity and Possibility, while changing their perceived Knowledge and Severity is most effective. Implications for further research and practice were also discussed.

Jun Li,Jing Wang,Shanyong Wang,Yu Zhou

DOI: https://doi.org/10.1109/access.2019.2902905

IF: 3.9

2019-01-01

IEEE Access

Abstract:In recent years, mobile payment as an innovative payment method has triggered a payment revolution in China. Understanding and investigating the psychological elements and influence paths that affect the user's willingness to use mobile payment are of great importance. The main purpose of this study is to investigate the effects of a user's risk perception, perceived ease of use, perceived usefulness, and attitude on a user's willingness to use Alipay, by using an extended version of the technology acceptance model (TAM). The model was tested with the use of structural equation modeling (SEM), and the data was collected from 491 users in China. The results show that perceived ease of use and perceived usefulness has a significant effect on users' attitudes and intentions to use Alipay, and the risk perception has a negative effect on perceived ease of use and perceived usefulness. Meanwhile, risk perception also has a direct effect on users' attitudes and intentions to use Alipay. These results suggested that when users perceived that the risks of using Alipay are higher, they will hold a negative attitude using Alipay and less likely to use Alipay. Based on these results, the possible implications have been identified.

June Wei,Yuan Liu,June Lu,Milos Slaninka,Kristie Abston

DOI: https://doi.org/10.1504/ijmc.2021.114313

2021-01-01

International Journal of Mobile Communications

Abstract:This paper proposed an indexed matrix to assess information security risks' impacts on mobile social media to help organisations address security risks effectively and efficiently. It developed and integrated a static social media information security risk model and a dynamic social media information flow model in the mobile environment to investigate the potential security risks in social networks. The pattern of security risks with three levels was identified using cluster analysis. An indexed matrix is also proposed to assess the information security impacts on social media via the relative-weigh quantitative method. The results can help to develop an effective and safe way to transmit information through social media. This research is the first attempt to integrate static information security threats into the dynamic social media information flow processes to assess the information security risk levels by developing a new indexed method. The theoretical and practical implications are presented.

Richard Apaua,Harjinder Singh Lallie

DOI: https://doi.org/10.48550/arXiv.2201.03052

2022-01-10

Abstract:Mobile banking applications have gained popularity and have significantly revolutionised the banking industry. Despite the convenience offered by M-Banking Apps, users are often distrustful of the security of the applications due to an increasing trend of cyber security compromises, cyber-attacks, and data breaches. Considering the upsurge in cyber security vulnerabilities of M-Banking Apps and the paucity of research in this domain, this study was conducted to empirically measure user-perceived security of M-Banking Apps. A total of 315 responses from study participants were analysed using covariance-based structural equation modelling (CB-SEM). The results indicated that most constructs of the baseline Extended Unified Theory of Acceptance and Use of Technology (UTAUT2) structure were validated. Perceived security, institutional trust and technology trust were confirmed as factors that affect user's intention to adopt and use M-Banking Apps. However, perceived risk was not confirmed as a significant predictor. The current study further revealed that in the context of M-Banking Apps, the effects of security and trust are complex. The impact of perceived security and institutional trust on behavioural intention was moderated by age, gender, experience, income, and education, while perceived security on use behaviour was moderated by age, gender, and experience. The effect of technology trust on behavioural intention was moderated by age, education, and experience. Overall, the proposed conceptual model achieved acceptable fit and explained 79% of the variance in behavioural intention and 54.7% in use behaviour of M-Banking Apps, higher than that obtained in the original UTAUT2. The guarantee of enhanced security, advanced privacy mechanisms and trust should be considered paramount in future strategies aimed at promoting M-Banking Apps adoption and use.

Human-Computer Interaction,Cryptography and Security,Computers and Society

Jenny Tang,Hannah Shoemaker,Leah Teffera,Eleanor Birrell,Ada Lerner

DOI: https://doi.org/10.48550/arXiv.2211.07235

2022-11-14

Abstract:As technology and technology companies have grown in power, ubiquity, and societal influence, some companies -- and notably some mobile apps -- have come to be perceived as privacy threats. Prior work has considered how various factors impact perceptions of threat, including social factors, political speech, and user-interface design. In this work, we investigate how user-visible context clues impact perceptions about whether a mobile application application poses a privacy threat. We conduct a user study with 2109 users in which we find that users depend on context clues -- such as presence of advertising and occurrence (and timing of payment) -- to determine the extent to which a mobile app poses a privacy threat. We also quantify how accurately user assessments match published data collection practices, and we identify a commonly-held misconception about how payments are processed. This work provides new insight into how users assess the privacy threat posed by mobile apps and into social norms around data collection.

Human-Computer Interaction,Cryptography and Security

Tianyue Mi,Mengke Gou,Guangyu Zhou,Yiqun Gan,Ralf Schwarzer

DOI: https://doi.org/10.1016/j.cose.2020.101954

IF: 5.105

2020-01-01

Computers & Security

Abstract:Smartphone users are often said to be the weakest link in information security. They often install apps from unknown sources, connect to open WIFI in public places, and check and open dangerous email attachments on their phones. The current study aims to uncover psychological mechanisms that may be responsible for individual differences in smartphone security behavior, theoretically based on the health action process approach (HAPA). In a longitudinal survey, 192 students in the age range from 18 to 47 years (141 of them women) completed psychometric assessments at baseline and two weeks later. Intention, planning, action control, and smartphone security behaviors were measured along with socio-demographic information. The path analysis revealed that planning and action control mediated sequentially the relationship between intention and smartphone security behavior. The model accounted for 52.30% of the variance in smartphone security behavior. The result supported the theoretical assumptions of the HAPA, with a focus on the mediation by planning and action control. Interventions that focus on such factors might help improve compliance with recommendations for smartphone security behavior.

Guangyu Zhou,Mengke Gou,Yiqun Gan,Ralf Schwarzer

DOI: https://doi.org/10.3389/fpsyg.2020.01066

IF: 3.8

2020-01-01

Frontiers in Psychology

Abstract:It is widely acknowledged that non-compliance with smartphone security behaviors is widespread and may cause severe harm to people and devices. In addition to device-based security issues, there are psychological factors involved in these behaviors such as self-efficacy, risk awareness, and social support. The present study examines associations of these three factors with smartphone security behaviors and explores possible mechanisms among these variables. In a longitudinal survey with 192 Chinese college students (73.4% women, mean age 24.46 years, SD = 5.15), self-efficacy, risk awareness, and social support were assessed with psychometric scales at two points in time, 2 weeks apart. Hierarchical regression analyses were performed with follow-up smartphone security behaviors as the dependent variable, controlling for baseline values and demographic and IT-related covariates. Main effects of self-efficacy, risk awareness, and social support on smartphone security behaviors were identified. Moreover, a triple interaction among the three predictors emerged in a synergistic way, indicating that their combination yielded more favorable levels of secure smartphone use. The total model accounted for 50% of the behavioral variance, with all covariates included, and the triple interaction among self-efficacy, risk awareness, and social support accounted for 2.3% of variance. Results document that psychological factors are involved in smartphone security behaviors beyond demographic and IT-related covariates. Interventions could be designed to improve smartphone security behaviors not only by developing privacy-enhancing technologies but also by considering psychological factors such as self-efficacy, risk awareness, and social support.

Leming Zhou,Jie Bao,Valerie Watzlaf,Bambang Parmanto

DOI: https://doi.org/10.2196/11223

2019-04-16

Abstract:Background: A large number of mobile health (mHealth) apps have been created to help users to manage their health or receive health care services. Many of these mHealth apps have proven to be helpful for maintaining or improving their users' health. However, many people still choose not to use mHealth apps or only use them for a short period. One of the reasons behind this lack of use is the concern for their health information security and privacy. Objective: The goal of this study was to determine the relationship between users' characteristics and their security and privacy concerns and to identify desired security features in mHealth apps, which could reduce these concerns. Methods: A questionnaire was designed and validated by the research team. This questionnaire was then used to determine mobile app users' security and privacy concerns regarding personal health data in mHealth apps as well as the security features most users' desire. A semistructured interview was used to identify barriers to and facilitators of adopting mHealth apps. Results: In total, 117 randomly selected study participants from a large pool took part in this study and provided responses to the validated questionnaire and the semistructured interview questions. The results indicate that most study participants did have concerns about their privacy when using mHealth apps. They also expressed their preferences regarding several security features in mHealth apps, such as regular password updates, remote wipe, user consent, and access control. An association between their demographic characteristics and their concerns and preferences in security and privacy was identified; however, in most cases, the differences among the different demographic groups were not statistically significant, except for a few very specific aspects. These study participants also indicated that the cost of apps and lack of security features in mHealth apps were barriers for adoption, whereas having free apps, strong but easy-to-use security features, and clear user protection privacy policies might encourage them to use mHealth apps in their health management. Conclusions: This questionnaire and interview study verified the security and privacy concerns of mHealth app users, identified the desired security and privacy features, and determined specific barriers to and facilitators of users adopting mHealth apps. The results can be used to guide mHealth app developers to create apps that would be welcomed by users.

Dan Luo,Xiewen Ni,Eugene Cheng-Xi Aw,Garry Wei-Han Tan

DOI: https://doi.org/10.1108/ijbm-01-2024-0001

2024-11-29

The International Journal of Bank Marketing

Abstract:Purpose This study aims to propose and validate a research framework pertaining to the willingness to disclose information in the context of mobile banking apps. The interrelationships between privacy protection, perceived personalization, social presence, design aesthetics, consumer empowerment, parasocial interactions and privacy concerns are assessed as antecedents of willingness to disclose information. Design/methodology/approach Based on a self-administered survey, this study gathered data from 450 Chinese consumers. The data were analyzed using structural equation modeling via SmartPLS 4 software. Findings The findings indicate that (1) privacy concerns are negatively related to willingness to disclose information, (2) parasocial interaction reduces privacy concerns, (3) consumer empowerment is positively influenced by privacy protection and perceived personalization and (4) social presence and design aesthetics positively contribute to the formation of parasocial interaction. Originality/value The current study serves to reinforce a theoretical understanding of the willingness to disclose information in mobile banking apps, which is underresearched. The findings offer alternative psychological mechanisms (i.e. consumer empowerment and parasocial interaction) and relevant mobile banking app attributes to explain the willingness to disclose information.

business

F. Ley Sylvester

DOI: https://doi.org/10.5121/ijcsit.2022.14101

2022-03-03

Abstract:The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector. Mobile devices are used for everyday life, such as personal information exchange - chatting, email, shopping, and mobile banking, contributing to information security threats. Users' behavior can influence information security threats. More research is needed to understand users' threat avoidance behavior and motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks. From the data collected from 137 mobile device users using a questionnaire, the findings indicate that (1) mobile device users' perceived susceptibility and severity of phishing attacks have a significant correlation with a users' perception of the threat; (2) mobile device users' motivation to avoid a threat is correlated to a users' behavior in avoiding threat; and (3) a mobile device user's susceptibility to phishing attacks can be reduced by their perception of the threat. These findings reveal that a user's perception of threat increases if they perceive that the consequence of such threat to their mobile devices will be severe, thereby increasing a user's motivation and behavior to avoid phishing attack threats. This study is beneficial to mobile device users in personal and organizational settings.

Cryptography and Security

Shiu-Wan Hung,Min-Jhih Cheng,Yu-Jou Tung

DOI: https://doi.org/10.1108/ijbm-03-2023-0195

2024-04-17

The International Journal of Bank Marketing

Abstract:Purpose The adoption of mobile payment remains low in certain regions, highlighting the need to identify the factors that enable and inhibit its adoption. This study aims to address this gap by investigating the role of information security, loss aversion and the moderating influence of the herd effect on Inertia and behavioral intentions in the adoption of mobile payment systems. Design/methodology/approach A structural equation model was developed and tested with 332 valid questionnaires to examine the proposed hypotheses. Findings The empirical results reveal that information security plays a significant role as an enabler, while loss aversion acts as an inhibitor of mobile payment adoption. Furthermore, the study uncovers the moderating influence of the herd effect on the relationship between Inertia and behavioral intentions. Research limitations/implications This study was conducted in a specific region and may not be generalizable to other regions. Future studies could expand the sample size and scope to enhance the external validity of the findings. Practical implications This study offers practical implications for mobile payment service providers. Understanding the key enabling and inhibiting factors identified in this study can guide providers in designing and improving their services. Strengthening information security measures can help build trust among potential adopters, while offering incentives can mitigate the impact of loss aversion and encourage early adoption. Social implications The findings of this study have social implications as they contribute to promoting the adoption of mobile payment systems. Increased adoption can enhance financial inclusion and stimulate economic development. Originality/value This study provides novel insights into the enabling and inhibiting factors of mobile payment adoption and highlights the moderating role of the herd effect. By shedding light on the influence of social norms on individual behavior in the context of mobile payment adoption, this study contributes to the existing literature and advances our understanding of this phenomenon.

business

Kirsten Crager,Anindya Maiti,Murtuza Jadliwala,Jibo He

DOI: https://doi.org/10.14722/eurousec.2017.23013

2017-01-01

Abstract:Smart phones and wearable devices have replaced personal computers and desktops as the primary platform for accessing online applications and services.However, these mobile devices bring forth new and additional forms of security and privacy risks, which were non-existent in traditional personal computers.For instance, several recent research efforts have shown that motion sensors such as accelerometer and gyroscope on-board these mobile and wearable devices can be maliciously used to infer private information from users' keystrokes (e.g., PINs and passwords).The problem is that, unlike traditional security and privacy risks that are typically associated with personal computers, most users may not be aware of these novel risks associated with mobile devices.An adversary may use this lack of user-awareness to target specific user-demographics for successfully carrying out such attacks.There has been some progress in the direction of protection mechanisms against such attacks, however, without user-awareness these protection mechanisms are unlikely to be used effectively (if at all).In order to further understand these issues, we conduct a structured and comprehensive user-study involving users from diverse demographic backgrounds to investigate userawareness and perceptions related to mobile motion sensor based privacy risks, and how these vary across different demographics.By means of our study, we also gain insight on users' expectations from defense mechanisms that can protect against such attacks.Results of our study can be used to increase awareness (about such risks) among the less-aware user demographies, and in designing effective and usable protection mechanisms as per user-expectations.

William Bradley Glisson,Tim Storer

DOI: https://doi.org/10.48550/arXiv.1309.0521

2013-08-22

Abstract:Mobile devices, such as phones, tablets and laptops, expose businesses and governments to a multitude of information security risks. While Information Systems research has focused on the security and privacy aspects from the end-user perspective regarding mobile devices, very little research has been conducted within corporate environments. In this work, thirty-two mobile devices were returned by employees in a global Fortune 500 company. In the empirical analysis, a number of significant security risks were uncovered which may have led to leakage of valuable intellectual property or exposed the organization to future legal conflicts. The research contribution is an initial empirical report highlighting examples of corporate policy breaches by users along with providing a foundation for future research on the security risks of the pervasive presence of mobile devices in corporate environments.

Cryptography and Security,Computers and Society

Ran Wei,Xun (Sunny) Liu,Xinchuan Liu

DOI: https://doi.org/10.1016/j.tele.2019.04.002

IF: 9.14

2019-01-01

Telematics and Informatics

Abstract:Informed by the growing third-person effect research of social and online media, the present study examines the perceived negative impact of increasing mobile Internet fraud on user's social ties and their likely response to cope with the rising fraud. A probability sample of 816 respondents in China was used in collecting data regarding the beliefs of their own and other's vulnerability to fraud online. Key findings show that their negative perceptions of mobile Internet fraud vary significantly by the strength of their social relationships and network homogeneity the closer the ties, the greater perceived vulnerability to mobile Internet fraud; the more homogenous their social networks, the more pronounced the pattern. In addition, awareness of the fraud was found to enhance the self-other perceptual gap. Finally, the perceived negative impact of the fraud on self leads to protective actions in terms of verifying suspicious messages. On the other hand, the negatively perceived impact on weak ties is related to staying alert and reducing the use of mobile Internet, suggesting that respondents viewed fraud victims in their social network as warnings.

Franziska Herbert,Steffen Becker,Annalina Buckmann,Marvin Kowalewski,Jonas Hielscher,Yasemin Acar,Markus Dürmuth,Yixin Zou,M. Angela Sasse

DOI: https://doi.org/10.1109/SP54263.2024.00027

2023-09-13

Abstract:This paper investigates the digital security experiences of four at-risk user groups in Germany, including older adults (70+), teenagers (14-17), people with migration backgrounds, and people with low formal education. Using computer-assisted telephone interviews, we sampled 250 participants per group, representative of region, gender, and partly age distributions. We examine their device usage, concerns, prior negative incidents, perceptions of potential attackers, and information sources. Our study provides the first quantitative and nationally representative insights into the digital security experiences of these four at-risk groups in Germany. Our findings show that participants with migration backgrounds used the most devices, sought more security information, and reported more experiences with cybercrime incidents than other groups. Older adults used the fewest devices and were least affected by cybercrimes. All groups relied on friends and family and online news as their primary sources of security information, with little concern about their social circles being potential attackers. We highlight the nuanced differences between the four at-risk groups and compare them to the broader German population when possible. We conclude by presenting recommendations for education, policy, and future research aimed at addressing the digital security needs of these at-risk user groups.

Cryptography and Security

Che Li,Yue Zhou,Shuang Li,Yaru Deng,Meng Zhang,Kanghui Wang

DOI: https://doi.org/10.1109/ICIS51600.2021.9516873

2021-06-23

Abstract:Privacy protection is a vital part of information security. However, the excessive collections and uses of personal information have intensified in the area of mobile apps (applications). To comprehend the current situation of APP personal information security problem of APP, this paper uses a combined approach of static analysis technology, dynamic analysis technology, and manual review to detect and analyze the installed file of mobile apps. 40 mobile apps are detected as experimental samples. The results demonstrate that this combined approach can effectively detect various issues of personal information security problem in mobile apps. Statistics analysis of the experimental results demonstrate that mobile apps have outstanding problems in some aspects of personal information security such as privacy policy, permission application, information collection, data storage, etc.

Computer Science

K L Uthpala Senarathne Tennakoon,Daphne G Taras

DOI: https://doi.org/10.1057/sj.2011.28

2011-10-31

Security Journal

Abstract:This study assesses the sense of security associated with cell phone use in two distinctly-different countries using the ecological systems theory perspective. Triangulating multiple data collection methods, the study explores: (a) the characteristics of individuals who associate the cell phone with perceived security, (b) actual cell phone usage for security and (c) the cognitive mechanisms linking cell phone use with peace of mind. Results confirm that cell phones do offer users a heightened sense of security with a strong gender difference in security perception. The strong gender difference holds even with one of the countries having imminent, unpredictable and gender-neutral terrorism threats.

criminology & penology

Tao Zhang,Pei-Luen Patrick Rau,Jia Zhou

DOI: https://doi.org/10.1201/ebk1439835074-c81

2010-01-01

Abstract:This paper reported results from a questionnaire survey of consumer perception of product attributes of mobile phones and how they consider the importance of each product attribute. The questionnaire contained 35 items covering brand, physical attributes, functional attributes, and beneficial attributes. All the items were measured with 7-point Likert scale anchored from "strongly disagree" to "strongly agree". The questionnaire was administrated online to a broad sample (N=215) in China. An exploratory factor analysis was conducted to find out the latent constructs of mobile phone product attributes, which also reflect consumers' common idea of attribute category. Eight factors, accounting for 62.88% of the total variation, were identified: common functions, appearance, multimedia functions, connectivity, personal information management functions, body design, brand & country, and product image. These attribute factors can be used as a basis for understanding of product attributes and its influencing factors. Results from the factor analysis also provide information about what consumers are concerned about when they evaluate mobile phones or make purchase decisions.

Sariga Sajikumar,N. Ajithkumar,Gopu Vijayan

DOI: https://doi.org/10.61707/kqyq0505

2024-04-21

International Journal of Religion

Abstract:This study delves into the uncharted realm of privacy concerns among Indian smartphone users, exploring their nexus with mobile cybersecurity awareness and protective behaviour. Employing the Mobile User's Information Privacy Concern (MUIPC) tool and Protection Motivation Theory (PMT), it addresses gaps by scrutinizing users' concerns, data protection motivations, and cybersecurity awareness impact. Focused on the Indian smartphone user base, this research illuminates crucial insights into mobile privacy dynamics, informing privacy policies, user education, and cybersecurity strategies. Surveys gathered 364 diverse responses. Statistical analysis using chi-square tests and PLS-SEM via smartpls4 revealed a significant positive association between MUIPC and Protective Motivation Behavior (PMB). Notably, mobile cybersecurity awareness partially mediated the link between MUIPC and PMB. These findings emphasize the intricate relationship between privacy concerns, cybersecurity awareness, and protective behaviours in India's mobile landscape.