User perceptions of security, convenience and usability for ebanking authentication tokens

Computers and Security

Volumn 28, Issue 1-2, 2009, Pages 47-62

  Weir, Catherine S ^a   Douglas, Gary ^a   Carruthers, Martin ^a   Jack, Mervyn ^a  

^a UNIVERSITY OF EDINBURGH   (United Kingdom)

Author keywords

Authentication; Empirical study; Evaluation; Internet Banking; Security; Usability engineering

Indexed keywords

ACCESS CONTROL; ELECTRONIC COMMERCE; INTERNET; USABILITY ENGINEERING; WORLD WIDE WEB;

AUTHENTICATION TOKENS; CONTROLLED EXPERIMENTS; EMPIRICAL STUDY; EVALUATION; OVERALL QUALITIES; PERCEIVED QUALITIES; REVERSE ORDERS; SECURITY; SECURITY TRADES; USAGE LOGS; USER PERCEPTIONS;

AUTHENTICATION;

EID: 57849096551     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2008.09.008     Document Type: Article

References (43)

1. APACS. Remote card authentication. Available from: (2008). http://www.apacs.org.uk/payments_industry/new_technology2.html (accessed 22.07.08)
2. Besnard D., and Arief B. Computer security impaired by legitimate users. Computers and Security 23 3 (2004) 253-264
3. Bishop M. Psychological acceptability revisited. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 1-11 [chapter 1]
4. Eastin M. Diffusion of e-commerce: an analysis of the adoption of four e-commerce activities. Telematics and Informatics 19 3 (2002) 251-267
5. FFIEC. FFIEC releases guidance on authentication in internet banking environment, press release. Available from: (2005). http://www.ffiec.gov/press/pr101205.htm (accessed 22.07.08)
6. Furnell S. Why users cannot use security. Computers and Security 24 (2005) 274-279
7. Henry P.A. Two-factor authentication - a look behind the headlines. Network Security 2006 4 (2006) 18-19
8. Hiltgen A., Kramp T., and Weigold T. Secure internet banking authentication. IEEE Security and Privacy (2006) 21-29
9. Hornbæk K. Current practice in measuring usability: challenges to usability studies and research. International Journal of Human-Computer Studies 64 2 (2006) 79-102
10. Hornbæk K, Law EL. Meta-analysis of correlations among usability measures, CHI 2007; 2007. pp. 617-626.
11. International Organization for Standardization, ISO 9241-11. Ergonomic requirements for office work with visual display terminals (VDTs) part II: guidance on usability; 1998.
12. Ives B., Walsh K.R., and Schneider H. The domino effect of password reuse. Communications of the ACM 47 4 (2004) 75-78
13. Jayawardhena C., and Foley P. Changes in the banking sector - the case of internet banking in the UK. Journal Internet Research: Networking and Policy 10 1 (2000) 19-30
14. Johnston J., Eloff J.H.P., and Labuschagne L. Security and human computer interfaces. Computers and Security 22 8 (2003) 675-684
15. Karat C.M., Brodie C., and Karat J. Usability design and evaluation for privacy and security solutions. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 47-74 [chapter 4]
16. Kline P. The handbook of psychological testing (2000), Routledge
17. Knight W. The price of love. Infosecurity 5 1 (2008) 30-33
18. Landauer T.K. Research methods in human computer interaction. In: Helander M. (Ed). Handbook of human computer interaction (1988), NorthHolland, Amsterdam 905-928
19. Morris R., and Thompson K. Password security: a case history. Communications of the ACM 22 11 (1979) 594-597
20. Nielsen, J. Usability Engineering. Academic Press; 1993.
21. Nilsson M., Adams A., and Herd S. Building security and trust in online banking. Extended abstracts on human factors in computing systems (CHI '05) (2005), ACM Press, New York, NY pp. 1701-04
22. Nodder C. Users and trust: a microsoft case study. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 589-606 [chapter 29]
23. Nunnally J.C. Psychometric theory (1978), McGraw-Hill
24. O'Gorman L. Comparing passwords, tokens and biometrics for user authentication. Proceedings of the IEEE 91 12 (2003) 2021-2040
25. Piazzalunga U., Savaneschi P., and Coffetti P. The usability of security devices. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 221-242 [chapter 12]
26. Preece J., Rogers Y., Sharp H., Benyon D., Holland S., and Carey T. Human-computer interaction (1994), Addison-Wesley, Wokingham, UK:
27. Ranger S. Chip and PIN heads for cyberspace, silicon.com financial services news, CNET networks, UK. Available from: (2005). http://www.silicon.com/financialservices/0,3800010322, 39152706,00.htm (accessed 31.01.07)
28. Reavley N. Securing online banking. Card Technology Today 17 10 (2005) 12-13
29. Renaud K. Evaluating authentication mechanisms. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 103-128 [chapter 6]
30. Root RW, Draper S. Questionnaires as a software evaluation tool, CHI 83; 1983. pp. 83-7.
31. Sasse M.A., and Flechais I. Usable security: why do we need it? how do we get it?. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 13-30 [chapter 2]
32. Schneier B. Two-factor authentication: too little, too late. Communications of the ACM 48 4 (2005) 136
33. Schultz E.E., Proctor R.W., Lien M.-C., and Savendy G. Usability and security: an appraisal of usability issues in information security methods. Computers and Security 20 7 (2001) 620-634
34. Sinclair S., and Smith S.W. The TIPPI point: towards trustworthy interfaces. IEEE Security and Privacy (2005) 68-71
35. Smetters D.K., and Grinter R.E. Moving from the design of usable security technologies to the design of useful secure applications, ACM workshop: new security paradigms workshop (2002), ACM Press pp. 82-9
36. Sohail M.S., and Shanmugham B. E-banking and customer preference in malaysia: an empirical investigation. Information Sciences 150 (2003) 207-217
37. Szajna B., and Scamell R.W. The effects of information system user expectations on their performance and perceptions. MIS Quarterly 17 4 (1993) 493-516
38. Tan M., and Teo T.S.H. Factors Influencing the Adoption of Internet Banking. Journal of Association for Information Systems 1 5 (2000) 1-42
39. Tognazzini B. Design for usability. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 31-46 [chapter 3]
40. Weir C.S., Anderson J.A., and Jack M.A. On the role of metaphor and language in design of third party payments in eBanking: usability and quality. International Journal of Human-Computer Studies 64 8 (2006) 771-785
41. Weir C.S., McKay I., and Jack M.A. Functionality and usability in design for eStatements in eBanking services. Interacting with Computers 19 2 (2007) 241-256
42. Yan J., Blackwell A., Anderson R., and Grant A. The memorability and security of passwords. In: Cranor, and Garfinkel (Eds). Security and usability (2005), O'Reilly 129-142 [chapter 7]
43. Zviran M., and Haga W.J. Password security: an empirical study. Journal of Management of Information Systems 15 4 (1999) 161-185