Usable Security and E-Banking: ease of use vis-a-vis security

• Main Authors: Morten Hertzum, Niels Jørgensen, Mie Nørgaard
• Format: Article
• Language: English
• Published: Australasian Association for Information Systems 2004-05-01
• Series: Australasian Journal of Information Systems
• Subjects: OZCHI; security; banking; ecommerce; Denmark
• Online Access: http://journal.acs.org.au/index.php/ajis/article/view/124

Electronic banking must be secure and easy to use. An evaluation of six Danish web-based electronic banking systems indicates that the systems have serious weaknesses with respect to ease of use. Our analysis of the weaknesses suggests that security requirements are among their causes and that the weaknesses may in turn cause decreased security. We view the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. Automation, instruction, and understanding can be identified as different approaches to usable security. Instruction is the main approach of the systems evaluated; automation relieves the user from involvement in security, as far as possible; and understanding goes beyond step-by-step instructions, to enable users to act competently and safely in situations that transcend preconceived instructions. We discuss the pros and cons of automation and understanding as alternative approaches to the design of web-based e-banking systems.