Online Banking Security and Usability - Towards an Effective Evaluation Framework

Mansour Alsaleh, Abdulrahman Alarifi, Ziyad Alshaikh, Mohammad Zarour

2015

Abstract

Convenience and the ability to perform advanced transactions encourage banks clients to use online banking. As security and usability are two growing concerns for online banking users, banks have invested heavily in improving their web portals security and user experience and trust in them. Despite considerable efforts to evaluate particular security and usability features in online banking, a dedicated security and usability evaluation framework that can be used as a guide in online banking development remains much less explored. In this work, we first extract security and usability evaluation metrics from the conducted literature review. We then include several other evaluation metrics that were not previously identified in the literature. We argue that the proposed online banking security and usability evaluation frameworks in the literature in addition to the existing standards of security best practices (e.g., NIST and ISO) are by no means comprehensive and lack some essential and key evaluation metrics that are of particular interest to online banking portals. In order to demonstrate the inadequacy of existing frameworks, we use some frameworks to evaluate five major banks. The evaluation reveals several shortcomings in identifying both missing or incorrectly implemented security and privacy features. Our goal is to encourage other researchers to build upon our work.

References

  1. Aladwani, A. M. (2001). Online banking: a field study of drivers, development challenges, and expectations. International Journal of Information Management, 21(3):213-225.
  2. Braz, C., Seffah, A., and M'Raihi, D. (2007). Designing a trade-off between usability and security: A metrics based-model. In Proceedings of the INTERACT07, pages 114-126. Springer.
  3. Casalo, L. V., Flavián, C., and Guinalíu, M. (2007). The role of security, privacy, usability and reputation in the development of online banking. Online Information Review, 31(5):583-603.
  4. Gutmann, P. and Grigg, I. (2005). Security usability. Security Privacy, IEEE, 3(4):56-58.
  5. Laukkanen, P., Sinkkonen, S., and Laukkanen, T. (2008). Consumer resistance to internet banking: postponers, opponents and rejectors. International Journal of Bank Marketing, 26(6):440-455.
  6. Lichtenstein, S. and Williamson, K. (2006). Understanding consumer adoption of internet banking: an interpretive study in the australian banking context. Journal of Electronic Commerce Research, 7(2):50-66.
  7. Mannan, M. and van Oorschot, P. C. (2008). Security and usability: the gap in real-world online banking. In Proceedings of the 2007 Workshop on New Security Paradigms, pages 1-14. ACM.
  8. Seffah, A., Donyaee, M., Kline, R., and Padda, H. (2006). Usability metrics: A roadmap for a consolidated model. Journal of Software Quality, 14(2).
  9. Subsorn, P. and Limwiriyakul, S. (2011). A comparative analysis of the security of internet banking in australia: A customer perspective.
  10. Weir, C. S., Douglas, G., Richardson, T., and Jack, M. (2010). Usable security: User preferences for authentication methods in ebanking and the effects of experience. Interacting with Computers, 22(3):153-164.
  11. YeeLoong Chong, A., Ooi, K., Lin, B., and Tan, B. (2010). Online banking adoption: an empirical analysis. International Journal of Bank Marketing, 28(4):267-287.
  12. Zarifopoulos, M. and Economides, A. A. (2009). Evaluating mobile banking portals. International Journal of Mobile Communications, 7(1):66-90.
  13. I1n.fOornmlianteioBnanking 111...531... FFTaeumrllmiilsniafaornirtdmycapotrinoodgnirtaaiobmnossuatanrthedeedapesumirlpoyoaasrceecoeafsvsaeeiadlcahblseervice 11..42.. FFuullll iinnffoorrmmaattiioonn aabboouutt tTheechchnaicraglesRequirements
  14. a2n.dBCanokmImnfuonrmicaattiioonns 222...321... FTDeuilfleflepbrhaeonnnktewinaafnyodsr mffaoaxrticnoounmmismbeaurvnsaiiaclraaetbialoevnawilaitbhlethe banks employ2e.e4s. aProesatvalaialnabdlephysical addresses are available
  15. 3. Advertisement 33..13.. CAadreeqfuualtaedavdevrteirsteismeemnetnutsoef banks services 33..42.. CEfofnetcrtoivlleedusaemoofuandtvoefratidsveemrteinset mteecnhtnsiqbuyeosther companies
  16. 4S.upWpeobrstite Users 444...135... FSReeoecudunrbdiat ycthkhefecolplromacrskeasrrueepleapvvoaarnitltaabnled apparent to users 44..42.. FTreeleepohrotnoellafnredeet-emleapilhnounmeabsesrisstfaonrcperoviding help
  17. 5. Competency of the 5.1. Detailed information about every step 5.2. Easily understandable assistance for amateur users
  18. Provided Assistance 5.3. Assistance regarding settings is provided 5.4. Transaction guide is provided
  19. Category 4: Services Offered
  20. 1. Registration 1.3. Adjustable customer profile is stored 1.5. Easy modification of users profile
  21. 2. Transaction 2.1. Foreign language support is available
  22. Procedure 2.3. Actions history is available
  23. Category 6: Technical Aspects
  24. 1. Loading Speed 11..21.. FCaosntsliodaedraintigonspoefednoonf-tbhreoahdobmanedpaugseerass well the rest pages
  25. Category 7: Multi-factor Authentication Methods
Download


Paper Citation


in Harvard Style

Alsaleh M., Alarifi A., Alshaikh Z. and Zarour M. (2015). Online Banking Security and Usability - Towards an Effective Evaluation Framework . In Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-106-9, pages 141-149. DOI: 10.5220/0005493901410149


in Bibtex Style

@conference{webist15,
author={Mansour Alsaleh and Abdulrahman Alarifi and Ziyad Alshaikh and Mohammad Zarour},
title={Online Banking Security and Usability - Towards an Effective Evaluation Framework},
booktitle={Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2015},
pages={141-149},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005493901410149},
isbn={978-989-758-106-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Online Banking Security and Usability - Towards an Effective Evaluation Framework
SN - 978-989-758-106-9
AU - Alsaleh M.
AU - Alarifi A.
AU - Alshaikh Z.
AU - Zarour M.
PY - 2015
SP - 141
EP - 149
DO - 10.5220/0005493901410149