— Financial websites incorporate critical security features, as they require a high level of security. Users sometimes need to respond to security indicators in order to make security decisions. These decisions are usually based on users’ understanding of security features that may affect safety and privacy. This paper examines users’ awareness of security features in banking websites. These features include security indicators (warnings), insecurely e-mailing security information, providing biometric information, and responding to warning messages. A total of 100 users were enrolled in the experiment. Users were asked to initiate a banking transaction following a realistic scenario in a simulated online banking platform. During the experiment, users had to respond to security indicators, and their reactions were observed and analysed in depth. The results demonstrated that none of the participants looked at the address bar to find a lock icon or the website address indicator ‘https’, the absence of which indicates a potentially insecure connection. The results from examining users’ responses to warning messages revealed that most users responded to individual messages without concern or careful reading to understand a message’s content. Moreover, the study was the first to the authors’ knowledge that examined users’ awareness of the risks of providing biometric information (such as the fingerprint). The results indicate that three out of 100 users were concerned about providing their fingerprints and refused to allow their fingerprints to be saved in any kind of database.
— E-banking, security, usability, warning message.
Maha M. Althobaiti and Pam Mayhew are with the University of East Anglia, UK (e-mail: M.Althobaiti@uea.ac.uk).
Cite: Maha M. Althobaiti and Pam Mayhew, " Users' Awareness of Visible Security Design Flaws," International Journal of Innovation, Management and Technology vol. 7, no. 3, pp. 96-100, 2016.