Publication

Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking

Butler, Martin
Butler, Rika
Citations
Altmetric:
Publication Type
Journal article with impact factor
Editor
Supervisor
Publication Year
2015
Journal
Information and Computer Security
Book
Publication Volume
23
Publication Issue
4
Publication Begin page
421
Publication End page
434
Publication Number of pages
Collections
Abstract
Purpose – The purpose of this paper was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Online security remains a challenge to ensure safe transacting on the Internet. User authentication, a human-centric process, is regarded as the basis of computer security and hence secure access to online banking services. The increased use of technology to enforce additional actions has the ability to improve the quality of authentication and hence online security, but often at the expense of usability. The objective of this study was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their risk profile. Design/methodology/approach – A web-based survey was designed to determine online consumers’ competence resecure online behaviour, and this was used to quantify the online behaviour as more or less secure. The browsers used by consumers as well as their demographical data were correlated with the security profile of respondents to test for any significant variance in practice that could inform differentiated authentication. Findings – A statistical difference between behaviours based on some of the dependant variables was evident from the analysis. Based on the results, a case could be made to have different authentication methods for online banking customers based on both their browser selected (before individual identification) as well as demographical data (after identification) to ensure a safer online environment. Originality/value – The research can be used by the financial services sector to improve online security, where required, without necessarily reducing usability for more “security inclined” customers
Research Projects
Organizational Units
Journal Issue
Keywords
User Authentication, Online Banking, Security, Access Control, Differentiated Authentication, Risk Profiling
Citation
Other links
Embedded videos