Usable security: User preferences for authentication methods in eBanking and the effects of experience

Interacting with Computers

Volumn 22, Issue 3, 2010, Pages 153-164

  Weir, Catherine S ^a   Douglas, Gary ^a   Richardson, Tim ^b   Jack, Mervyn ^a  

^a CCIR   (United Kingdom)

^b LLOYDS BANKING GROUP   (United Kingdom)

Author keywords

Authentication; Empirical evaluation; Experience; Internet banking; Usability engineering; Usable security

Indexed keywords

KNOWLEDGE BASED SYSTEMS; USABILITY ENGINEERING; USER EXPERIENCE;

AUTHENTICATION METHODS; EMPIRICAL EVALUATIONS; EXPERIENCE; INTERNET BANKING; MULTI-FACTOR AUTHENTICATION; REPEATED MEASURES; USABILITY AND SECURITY; USABLE SECURITY;

AUTHENTICATION;

EID: 77549083913     PISSN: 09535438     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.intcom.2009.10.001     Document Type: Article

References (57)

1. Adams A., and Sasse M.A. Users Are Not the Enemy, Communications of the ACM vol. 42 (12) (1999), ACM Press pp. 40-46
2. AlZomai, M., AlFayyadh, B., Jsang, A., McCullagh, A., 2008. An experimental investigation of the usability of transaction authorization in online bank security systems. In: Proceedings of the Australasian Information Security Conference (AISC'08), pp. 65-73.
3. Barton B.F., and Barton M.S. User-friendly password methods for computer-mediated information systems. Computers and Security 3 3 (1984) 186-195
4. ©BBC MMVII. (accessed 27.05.07).
5. Beaumier, C., 2006. Multifactor authentication: a blow to identity theft? Bank Accounting and Finance (February/March), 33-37.
6. Berson J. Zone alarm: creating usable security products for consumers. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 563-575 (Chapter 26)
7. Besnard D., and Arief B. Computer security impaired by legitimate users. Computers and Security 23 3 (2004) 253-264
8. Bishop M. Psychological acceptability revisited. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 1-11 (Chapter 1)
9. Braz C., and Robert J. Security and usability: the case of the user authentication methods. Proceedings of the 18th International Conference of the Association Francophone D'interaction Homme-Machine (IHM '06) vol. 133 (2006), ACM Press, New York 199-203
10. Brown A.S., Bracken E., Zoccoli S., and Douglas K. Applied Cognitive Psychology 18 6 (2004) 641-651
11. Brunswick S. eCommerce fraud - time to act. Card Technology Today 21 1 (2009) 12-13
12. Centeno C. Adoption of Internet services in the acceding and candidate countries, lessons from the Internet banking case. Telematics and Informatics 21 4 (2004) 293-315
13. Claessens J., Dem V., De Cock D., Preneel B., and Vandewalle J. On the security of today's online electronic banking systems. Computers and Security 21 3 (2002) 253-265
14. Coventry L., De Angeli A., and Johnson G. Usability and biometric verification at the ATM interface. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2003), ACM Press 153-160
15. DeWitt A.J., and Kuljis J. Is usable security an oxymoron?. Interactions vol. 13 (3) (2006), ACM Press pp. 41-44
16. Dragoljub N. Stronger security. Card Technology Today 19 1 (2007) 9-10
17. Field A. Discovering Statistics Using SPSS. second ed. (2005), Sage Publications, GB
18. Furnell S. Why users cannot use security. Computers and Security 24 (2005) 274-279
19. Furnell S. A comparison of website user authentication mechanisms. Computer Fraud and Security 2007 9 (2007) 5-9
20. Gaw S., and Felten E.W. Password management strategies for online accounts. Proceedings of the Second Symposium on Usable Privacy and Security (SOUPS '06) vol. 149 (2006), ACM Press, New York, NY 44-55
21. Halderman J.A., Waters B., and Felten E.W. A convenient method for securely managing passwords. Proceedings of the 14th International Conference on World Wide Web (WWW '05) (2005), ACM Press, New York 471-479
22. Henry P.A. Two-factor authentication - a look behind the headlines. Network Security 2006 4 (2006) 18-19
23. Hertzum M., Jørgensen N., and Nørgaard M. Usable security and e-banking: ease of use vis-à-vis security. Australasian Journal of Information Systems 11 (2004) 52-65
24. Hiltgen A., Kramp T., and Weigold T. Secure internet banking authentication. IEEE Security and Privacy March/April (2006) 21-29
25. Hole K.J., Moen V., and Tjostheim T. Case study: online banking security. IEEE Security and Privacy 4 2 (2006) 14-20
26. Ives B., Walsh K.R., and Schneider H. The domino effect of password reuse. Communications of the ACM 47 4 (2004) 75-78
27. Johnston J., Eloff J.H.P., and Labuschagne L. Security and human computer interfaces. Computers and Security 22 8 (2003) 675-684
28. Jones D. Viewpoint. Card Technology Today 18 3 (2006) 16
29. Karat C.M., Brodie C., and Karat J. Usability design and evaluation for privacy and security solutions. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 47-74 (Chapter 4)
30. Lichtenstein S., and Williamson K. Understanding consumer adoption of internet banking: an interpretive study in the Australian banking context. Journal of Electronic Commerce Research 7 2 (2006) 50-66
31. Likert R. A technique for the measurement of attitudes. Archives of Psychology 22 140 (1932) 5-55
32. Long A.C., and Moskowitz C. Simple desktop security with chameleon. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 335-356 (Chapter 17)
33. Morris R., and Thompson K. Password security: a case history. Communications of the ACM 22 11 (1979) 594-597
34. Nilsson M., Adams A., and Herd S. Building security and trust in online banking. CHI '05 Extended Abstracts on Human Factors in Computing Systems (2005), ACM Press, New York 1701-1704
35. Nodder C. Users and trust: a Microsoft case study. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 589-606 (Chapter 29)
36. O'Gorman L. Comparing passwords, tokens and biometrics for user authentication. Proceedings of the IEEE 91 12 (2003) 2021-2040
37. Piazzalunga U., Savaneschi P., and Coffetti P. The usability of security devices. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 221-242 (Chapter 12)
38. Ranger, S., 2005. Chip and PIN heads for Cyberspace. Silicon.com Financial Services News, CNET Networks, UK. (accessed 31.01.07).
39. Reavley N. Securing online banking. Card Technology Today 17 10 (2005) 12-13
40. Renaud K. Evaluating authentication mechanisms. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 103-128 (Chapter 6)
41. Sasse M.A., and Flechais I. Usable security: why do we need it? How do we get it?. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 13-30 (Chapter 2)
42. Sasse M.A., Brostoff S., and Weirich D. Transforming the 'Weakest Link' - a human/computer interaction approach to usable and effective security. BT Technology Journal 19 3 (2001) 122-131
43. Schneier B. Customers, passwords, and web sites. IEEE Security and Privacy Magazine 2 4 (2004) 88
44. Schneier B. Two-factor authentication: too little, too late. Communications of the ACM 48 4 (2005) 136
45. Schultz E.E., Proctor R.W., Lien M.-C., and Savendy G. Usability and security: an appraisal of usability issues in information security methods. Computers and Security 20 7 (2001) 620-634
46. Sinclair S., and Smith S.W. The TIPPI point: towards trustworthy interfaces. IEEE Security and Privacy July/August (2005) 68-71
47. Smetters D.K., and Grinter R.E. Moving from the design of usable security technologies to the design of useful secure applications. ACM Workshop: New Security Paradigms Workshop (2002), ACM Press 82-89
48. Tognazzini B. Design for usability. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 31-46 (Chapter 3)
49. Toledano D.T., Fernandez Pozo R., Hernandez Trapote A., and Hernandez Gomez L. Usability evaluation of multi-modal biometric verification systems. Interacting with Computers 18 5 (2006) 1101-1122
50. Viega J. Security - problem solved?. Queue vol. 3 (5) (2005), ACM Press pp. 40-50
51. Weir C.S., Anderson J.A., and Jack M.A. On the role of metaphor and language in design of third party payments in eBanking: usability and quality. International Journal of Human-Computer Studies 64 8 (2006) 771-785
52. Weir C.S., McKay I., and Jack M.A. Functionality and usability in design for eStatements in eBanking services. Interacting with Computers 19 2 (2007) 241-256
53. Weir C.S., Douglas G., Carruthers M., and Jack M.A. User perceptions of security, convenience and usability for eBanking authentication tokens. Computers and Security 28 (2009) 47-62
54. Weirich D., and Sasse M.A. Pretty good persuasion: a first step towards effective password security in the real world. Proceedings of the 2001 Workshop on New Security Paradigms (NSPW '01) (2001), ACM Press, New York 137-143
55. Yan J., Blackwell A., Anderson R., and Grant A. The memorability and security of passwords. In: Cranor L.F., and Garfinkel S. (Eds). Security and Usability (2005), O'Reilly 129-142 (Chapter 7)
56. Zviran M., and Haga W.J. Cognitive passwords: the key to easy access control. Computers and Security 9 8 (1990) 723-736
57. Zviran M., and Haga W.J. Password security: an empirical study. Journal of Management of Information Systems 4 (1999) 161-185