Usable Security and E-Banking: ease of use vis-a-vis security

Morten Hertzum, Niels Jørgensen, Mie Nørgaard

Abstract


Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.

Keywords


OZCHI; security; banking; ecommerce; Denmark

Full Text:

PDF


DOI: http://dx.doi.org/10.3127/ajis.v11i2.124

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Creative Commons License
ISSN: Online: 1326-2238 Hard copy: 1449-8618
This work is licensed under a Creative Commons Attribution-NonCommercial Licence. Uses the Open Journal Systems. Web design by TomW.