Usable security and e-banking: Ease of use vis-à-vis security

Morten Hertzum, Niels Jørgensen, Mie Nørgaard

    Publikation: Bidrag til tidsskriftTidsskriftartikelForskningpeer review

    Abstract

    Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.
    OriginalsprogEngelsk
    TidsskriftAustralasian Journal of Information Systems
    Vol/bind11
    Udgave nummer2
    Sider (fra-til)52-65
    ISSN1326-2238
    StatusUdgivet - 2004

    Bibliografisk note

    The paper is a lightly revised version of a paper published at the OZCHI 2004 conference

    Citer dette