Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking. (12th October 2015)
- Record Type:
- Journal Article
- Title:
- Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking. (12th October 2015)
- Main Title:
- Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking
- Authors:
- Butler, Martin
Butler, Rika - Abstract:
- Abstract : Purpose: – The purpose of this paper was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Online security remains a challenge to ensure safe transacting on the Internet. User authentication, a human-centric process, is regarded as the basis of computer security and hence secure access to online banking services. The increased use of technology to enforce additional actions has the ability to improve the quality of authentication and hence online security, but often at the expense of usability. The objective of this study was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Design/methodology/approach: – A web-based survey was designed to determine online consumers' competence resecure online behaviour, and this was used to quantify the online behaviour as more or less secure. The browsers used by consumers as well as their demographical data were correlated with the security profile of respondents to test for any significant variance in practice that could inform differentiated authentication. Findings: – A statistical difference between behaviours based on some of the dependant variables was evident from the analysis. Based on the results, a case could be made to have different authentication methods for online banking customers based on both their browserAbstract : Purpose: – The purpose of this paper was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Online security remains a challenge to ensure safe transacting on the Internet. User authentication, a human-centric process, is regarded as the basis of computer security and hence secure access to online banking services. The increased use of technology to enforce additional actions has the ability to improve the quality of authentication and hence online security, but often at the expense of usability. The objective of this study was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Design/methodology/approach: – A web-based survey was designed to determine online consumers' competence resecure online behaviour, and this was used to quantify the online behaviour as more or less secure. The browsers used by consumers as well as their demographical data were correlated with the security profile of respondents to test for any significant variance in practice that could inform differentiated authentication. Findings: – A statistical difference between behaviours based on some of the dependant variables was evident from the analysis. Based on the results, a case could be made to have different authentication methods for online banking customers based on both their browser selected (before individual identification) as well as demographical data (after identification) to ensure a safer online environment. Originality/value: – The research can be used by the financial services sector to improve online security, where required, without necessarily reducing usability for more "security inclined" customers. … (more)
- Is Part Of:
- Information and computer security. Volume 23:Number 4(2015)
- Journal:
- Information and computer security
- Issue:
- Volume 23:Number 4(2015)
- Issue Display:
- Volume 23, Issue 4 (2015)
- Year:
- 2015
- Volume:
- 23
- Issue:
- 4
- Issue Sort Value:
- 2015-0023-0004-0000
- Page Start:
- 421
- Page End:
- 434
- Publication Date:
- 2015-10-12
- Subjects:
- User authentication -- Online banking -- Security -- Access control -- Differentiated authentication -- Risk profiling
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-11-2014-0074 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8131.xml