Towards successful e-Payment systems: An empirical identification and analysis of critical factors

This research aims to explore the factors relating to e-payment system to be implemented where electronic processes enable the facilitation of online transactions. A secondary analysis revealed six factors which are argued to be ‘critical’ for customer adoption of these systems. The findings were further augmented by an online survey of 155 respondents where the perceived importance of the critical factors were correlated through: security, trust, perceived advantage, assurance seals, perceived risk and usability. The results demonstrate that three of the critical factors were necessary (security, advantage, web assurance seals) and three were relatively sufficient (perceived risk, trust and usability) through customer intentions to adopt an e-payment system. The study provides a valid overall awareness that these critical factors are important in designing a successful e-payment system

A Comparative Usability Study of Two-Factor Authentication

Two-factor authentication (2F) aims to enhance resilience of password-based authentication by requiring users to provide an additional authentication factor, e.g., a code generated by a security token. However, it also introduces non-negligible costs for service providers and requires users to carry out additional actions during the authentication process. In this paper, we present an exploratory comparative study of the usability of 2F technologies. First, we conduct a pre-study interview to identify popular technologies as well as contexts and motivations in which they are used. We then present the results of a quantitative study based on a survey completed by 219 Mechanical Turk users, aiming to measure the usability of three popular 2F solutions: codes generated by security tokens, one-time PINs received via email or SMS, and dedicated smartphone apps (e.g., Google Authenticator). We record contexts and motivations, and study their impact on perceived usability. We find that 2F technologies are overall perceived as usable, regardless of motivation and/or context of use. We also present an exploratory factor analysis, highlighting that three metrics -- ease-of-use, required cognitive efforts, and trustworthiness -- are enough to capture key factors affecting 2F usability.Comment: A preliminary version of this paper appears in USEC 201

Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications

The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable devices, such as high-end wearables, smart vehicles, and consumer drones aiming to enable efficient and collaborative utilization within the Smart City paradigm. While massive deployments of these objects may enrich people's lives, unauthorized access to the said equipment is potentially dangerous. Hence, highly-secure human authentication mechanisms have to be designed. At the same time, human beings desire comfortable interaction with their owned devices on a daily basis, thus demanding the authentication procedures to be seamless and user-friendly, mindful of the contemporary urban dynamics. In response to these unique challenges, this work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods - both well-established and emerging - are combined intelligently to grant or deny access reliably. We thus discuss the pros and cons of various solutions as well as introduce tools to combine the authentication factors, with an emphasis on challenging Smart City environments. We finally outline the open questions to shape future research efforts in this emerging field.Comment: 7 pages, 4 figures, 2 tables. The work has been accepted for publication in IEEE Network, 2019. Copyright may be transferred without notice, after which this version may no longer be accessibl

Security and Online learning: to protect or prohibit

The rapid development of online learning is opening up many new learning opportunities. Yet, with this increased potential come a myriad of risks. Usable security systems are essential as poor usability in security can result in excluding intended users while allowing sensitive data to be released to unacceptable recipients. This chapter presents findings concerned with usability for two security issues: authentication mechanisms and privacy. Usability issues such as memorability, feedback, guidance, context of use and concepts of information ownership are reviewed within various environments. This chapter also reviews the roots of these usability difficulties in the culture clash between the non-user-oriented perspective of security and the information exchange culture of the education domain. Finally an account is provided of how future systems can be developed which maintain security and yet are still usable

Secure webs and buying intention: the moderating role of usability

El presente trabajo ha planteado un modelo conceptual a fin de mostrar como los antecedentes de la intención de compra se ven reforzados en contextos de Webs altamente usables. Específicamente, el trabajo analiza en profundidad el rol moderador de la usabilidad en la explicación de la conexión entre seguridad de una Web e intención de compra. Entre ambos extremos (seguridad e intención de compra), se han incluido diversas variables para explicar mejor su conexión. Para ello, ha sido diseñada una Web ficticia de ropa dirigida al segmento joven de clase media. A fin de alterar la usabilidad de la Web se han realizado dos tipos de manipulaciones: la velocidad y la facilidad de uso de la Web. Las dos Webs creadas (alta usabilidad y baja usabilidad) fueron visitadas por un total de 170 encuestados que fueron compensados con un USB valorado en 15 euros. Los resultados muestran que la seguridad percibida en la Web acarrea tres interesantes efectos (especialmente para la Web altamente usable): (i) mejora las actitudes agrado, (ii) reduce el nivel de riesgo percibido; (iii) aumenta la confianza. Los dos últimos efectos, a su vez, acaban aumentando la intención de compra.. Por último, se ha demostrado que la usabilidad, efectivamente, refuerza las relaciones consideradas en el modelo propuesto para explicar la intención de compra.A conceptual model has been proposed to show how buying intention antecedents are reinforced in highly usable contexts. Specifically, this paper deeply analyses the moderator role of system variables (usability) on explaining the relationship between Web security and buying intention. Between both extremes (security and buying intention), several relationships have also been stated to better explain this effect. An “ideal” fictitious Website was designed for a non existent clothing company directed at the segment of middle class consumers. In order to alter Web usability, two blocks of changes were made, one concerning Website speed and the other related to ease of use. Our experiment sample consisted of 170 respondents who participated in exchange for a pen-drive (USB) valued at 15 euros. The results show that improving website security has three interesting effects (especially in high usable contexts): (i) it improves pleasure attitudes, (ii) reduces the level of perceived risk and (iii) increases trust. Secondly, it has been found that to increase buying intention, two actions must be taken: (i) to diminish perceived risk and (ii) to improve users’ pleasure attitudes towards the Website. Finally, usability has been found to have a moderating role in all the relationships considered (reinforcing them)

An improved negative selection algorithm based on the hybridization of cuckoo search and differential evolution for anomaly detection

The biological immune system (BIS) is characterized by networks of cells, tissues, and organs communicating and working in synchronization. It also has the ability to learn, recognize, and remember, thus providing the solid foundation for the development of Artificial Immune System (AIS). Since the emergence of AIS, it has proved itself as an area of computational intelligence. Real-Valued Negative Selection Algorithm with Variable-Sized Detectors (V-Detectors) is an offspring of AIS and demonstrated its potentials in the field of anomaly detection. The V-Detectors algorithm depends greatly on the random detectors generated in monitoring the status of a system. These randomly generated detectors suffer from not been able to adequately cover the non-self space, which diminishes the detection performance of the V-Detectors algorithm. This research therefore proposed CSDE-V-Detectors which entail the use of the hybridization of Cuckoo Search (CS) and Differential Evolution (DE) in optimizing the random detectors of the V-Detectors. The DE is integrated with CS at the population initialization by distributing the population linearly. This linear distribution gives the population a unique, stable, and progressive distribution process. Thus, each individual detector is characteristically different from the other detectors. CSDE capabilities of global search, and use of L´evy flight facilitates the effectiveness of the detector set in the search space. In comparison with V-Detectors, cuckoo search, differential evolution, support vector machine, artificial neural network, na¨ıve bayes, and k-NN, experimental results demonstrates that CSDE-V-Detectors outperforms other algorithms with an average detection rate of 95:30% on all the datasets. This signifies that CSDE-V-Detectors can efficiently attain highest detection rates and lowest false alarm rates for anomaly detection. Thus, the optimization of the randomly detectors of V-Detectors algorithm with CSDE is proficient and suitable for anomaly detection tasks

Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness

Critical review of the e-loyalty literature: a purchase-centred framework

Over the last few years, the concept of online loyalty has been examined extensively in the literature, and it remains a topic of constant inquiry for both academics and marketing managers. The tremendous development of the Internet for both marketing and e-commerce settings, in conjunction with the growing desire of consumers to purchase online, has promoted two main outcomes: (a) increasing numbers of Business-to-Customer companies running businesses online and (b) the development of a variety of different e-loyalty research models. However, current research lacks a systematic review of the literature that provides a general conceptual framework on e-loyalty, which would help managers to understand their customers better, to take advantage of industry-related factors, and to improve their service quality. The present study is an attempt to critically synthesize results from multiple empirical studies on e-loyalty. Our findings illustrate that 62 instruments for measuring e-loyalty are currently in use, influenced predominantly by Zeithaml et al. (J Marketing. 1996;60(2):31-46) and Oliver (1997; Satisfaction: a behavioral perspective on the consumer. New York: McGraw Hill). Additionally, we propose a new general conceptual framework, which leads to antecedents dividing e-loyalty on the basis of the action of purchase into pre-purchase, during-purchase and after-purchase factors. To conclude, a number of managerial implementations are suggested in order to help marketing managers increase their customers’ e-loyalty by making crucial changes in each purchase stage

Evaluating empowerment and control of HE e-learning in a secure environment

With the increased spread of HE distance learning into a wide variety of contexts it is important for us to understand the factors involved in its successful deployment for students. E-learning has a great potential to support effective and empowering HE distance learning (Wilson, 2007; Adams, 2005; Hughes, 2005). However, within two secure environments, prisons and health service, the factors involved are complex. This paper reviews HE e-learning technology perceptions within these two contrasting contexts from 225 students' and stakeholders' perspectives. Previous research has detailed literature limitations on obtaining students' perspectives of e-learning (Conole et al, 2006). These limitations are compounded when other stakeholder perceptions are not integrated (Sun et al, 2007; Adams et al, 2005; Millen at al, 2002). This paper developed and applied an e-learning framework for student and stakeholder perceptions. This social psychological framework, is based on previous practice based e-learning studies and is used here to synthesise two large-scale case studies. The framework focuses on three concepts learner Access (e.g. learning design, technology design, physical access), Awareness (e.g. of resources, their usage and support for e-learning tasks) and Acceptability (e.g. trust, privacy, aesthetics, engagement). Students' and stakeholders' perceptions identified high levels of students' empowerment through e-learning whilst still requiring a further pedagogical tailoring and an awareness of support. However, serious problems within these contexts have identified blocks to e-learning through stakeholders perceptions and fears of acceptability (i.e. issues of risk and trust). Ultimately, through understanding competing perceptions and needs within these complex environments we can support the effective technological development, pedagogical design and deployment of e-learning systems

E-Voting in an ubicomp world: trust, privacy, and social implications

The advances made in technology have unchained the user from the desktop into interactions where access is anywhere, anytime. In addition, the introduction of ubiquitous computing (ubicomp) will see further changes in how we interact with technology and also socially. Ubicomp evokes a near future in which humans will be surrounded by “always-on,” unobtrusive, interconnected intelligent objects where information is exchanged seamlessly. This seamless exchange of information has vast social implications, in particular the protection and management of personal information. This research project investigates the concepts of trust and privacy issues specifically related to the exchange of e-voting information when using a ubicomp type system