Available online at www.sciencedirect.com

1071-5819/$ - se

doi:10.1016/j.ijh

nCorrespond

E-mail addr

shailo@stanfor

forssell@stanfo

jaemin.john@o

Int. J. Human-Computer Studies 70 (2012) 364–376

www.elsevier.com/locate/ijhcs

When do online shoppers appreciate security enhancement efforts?Effects of financial risk and security level on evaluations of

customer authentication

Jong-Eun Roselyn Leea,n, Shailendra Raob, Clifford Nassc, Karin Forsselld, Jae Min Johne

aDepartment of Communication, Hope College, 257 Columbia Ave, Holland, MI 49423, USAbMotorola Mobility, Sunnyvale, CA 94089, USA

cDepartment of Communication, Stanford University, Stanford, CA 94305, USAdSchool of Education, Stanford University, Stanford, CA 94305, USA

eOracle Corp., 500 Oracle Pkwy, Redwood City, CA 94065, USA

Received 15 November 2009; received in revised form 18 November 2011; accepted 16 December 2011

Communicated by A. Cockburn

Available online 20 January 2012

Abstract

As the popularity of online shopping grows, concerns about identity theft and fraud are increasing. While stronger customer

authentication procedures may provide greater protection and thus benefit customers and retailers, security is often traded off against

convenience. To provide insight into this security-convenience trade-off in customer authentication, we experimentally investigated how

levels of authentication security and financial risk factors affect perception and evaluation of authentication systems in two contexts:

security questions (Experiment 1) and card security codes (Experiment 2). Experiment 1, which examined the effects of security level and

product price as a financial risk factor, showed that authentication procedures based on higher-level security tended to be perceived as

significantly less convenient and more frustrating. Interestingly, participants rated the higher-level security system (i.e., asking more

demanding challenge questions) as less convenient and more frustrating when the amount involved in the transactions was higher.

Experiment 2, which introduced consumer liability for fraudulent activities as an additional financial risk factor, showed that

participants gave more positive ratings of the higher-level security system under full liability than under zero liability. Taken together,

the present research suggests that patterns of security-convenience trade-offs reflecting consumers’ perception and appreciation of

authentication technologies may vary depending on the characteristics of financial risk factors involved in the transaction process.

& 2011 Elsevier Ltd. All rights reserved.

Keywords: Online shopping; Electronic commerce; Online security; Authentication; Security–convenience trade-off

1. Introduction

Online shopping spaces are becoming increasingly attractiveto consumers, offering numerous conveniences including 24/7availability (Hofacker, 2001), time-saving benefits (Childerset al., 2001), and increased product and price research capa-bilities (Jefferson, 2006). The conveniences of online shopping,

e front matter & 2011 Elsevier Ltd. All rights reserved.

cs.2011.12.002

ing author. Tel.: þ1 616 395 7361; fax: þ1 616 395 7937.

esses: jroselyn@stanfordalumni.org (J.-E.R. Lee),

d.edu (S. Rao), nass@stanford.edu (C. Nass),

rd.edu (K. Forssell),

racle.com (J.M. John).

however, are accompanied by security threats such as identitytheft and fraud (Leggatt, 2009). According to the Pew Internet& American Life Project Report on online shopping(Horrigan, 2008), while 78% of Internet users agree thatonline shopping is convenient for them, 75% of Internet usersalso expressed high levels of discomfort about disclosingpersonal information or payment card information online.Research on consumer behavior has demonstrated that

purchase behaviors are largely determined by the trade-offs between what one gives up and what one gains from it(Dodds et al., 1991; Yadav and Monroe, 1993). In onlineshopping, such trade-offs tend to occur between securityand convenience, as can be witnessed in password access

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 365

systems. For instance, one way to prevent an unauthorizedindividual from easily guessing or ‘‘cracking’’ a passwordwould be to make the password itself more complicated byrequiring users to create a long password (Keith et al.,2007), use system-generated passwords (Adams and Sasse,1999), or combine numbers or special characters withletters (Nowak et al., 2009). While these measures allowthe password system to offer stronger protection againstunauthorized access, users frequently find such passwordsdifficult to remember and inconvenient to use (Nowaket al., 2009).

The dilemma caused by security-convenience trade-offs inonline shopping can be even more acute when it comes tocustomer authentication. To minimize losses for customersand for themselves, many online retailers employ measuresfor authenticating customer identity. These measures aredesigned to verify that the person making the purchase isan authorized user of the payment method (Cline, 2004).However, authentication procedures that make the paymentprocess complicated and demanding for stronger fraudprotection may hinder users from fully enjoying the conve-nience of online shopping (Bhatnagar and Ghose, 2004).Hence, increasing levels of security in customer authentica-tion may lead consumers to form a negative perception of theonline shopping interface (Odekerken-Schroder and Wetzels,2003) and may potentially lower their willingness to makepurchases.

The present research aims to provide insight into thesecurity-convenience trade-offs concerning customer authen-tication procedures in online shopping. In particular, we testpossible moderation by factors associated with financial risk,investigating whether and how the effects of security levelsinstantiated by authentication technologies on consumers’evaluation of the systems would depend upon perceivedfinancial risk. In so doing, we examine two different types ofauthentication procedures: challenge questions (Experiment1) and card verification codes (Experiment 2).

2. Customer authentication as a human–computer

interaction process

Although it may not always seem obvious to consumers,online customer authentication procedures are based oncommunication and collaboration between human usersand computer technology underlying the authenticationsystem. However simple or sophisticated, the process canbe broken down into the following five key steps: (1) someinformation (e.g., answers to security questions, personalidentification codes, or credit card verification codes) isshared between the authentication system and the customer(Szabo, 2003); (2) when performing a transaction, thecustomer is asked by the system to provide the informationto complete the purchase; (3) the customer responds to thesystem’s request by providing the solicited information; (4)the system verifies the information provided by the customer;and finally, (5) when the verification is complete, thecustomer finalizes the transaction. In the process of customer

authentication, unless both parties—the customer and theauthentication system—‘‘collaborate’’ with each other, thetransaction cannot be completed successfully. Hence, authen-tication processes may be viewed as an important form ofhuman–computer collaboration.Authentication procedures demand varying degrees of

user effort and inconveniences. Some authentication proce-dures are relatively simple and thus require minimal efforton the consumers’ end, while other procedures involve morecomplicated and demanding processes, which customersmight find burdensome. The latter procedures, intendedfor higher security levels of anti-fraud protection, may bebeneficial to consumers. The problem, however, is that suchhigh-level security procedures may not always be appre-ciated by consumers because the potential benefit to begained from higher levels of security can be overshadowedby the lack of convenience. Research has demonstratedthat customers are far from being willing to trade usabilityand convenience for perceived increases in security when itcomes to authentication (Weir et al., 2009).Under what conditions would consumers show more

negative reaction to, or show greater appreciation of, moredemanding authentication procedures oriented towardhigh-level security and protection? Research conducted ondevelopment of novel authentication procedures has beenilluminating (e.g., De Angeli et al., 2005; Kuber and Yu,2010), but relatively little research has identified factors thatshape the security-convenience trade-offs in online custo-mer authentication. As an initial effort, we propose toexamine factors associated with financial risk, which play akey role in consumers’ decision-making in the context ofonline shopping (Liebermann and Stashevsky, 2002).

3. The role of financial risk

Financial risk, defined as one’s subjective beliefs aboutsuffering a monetary loss while pursuing an outcome onedesires (Forsythe and Shi, 2003; Ko et al., 2004; Pavlou,2003), is considered one of the key elements of perceivedrisk in electronic commerce (Tan, 1999). Research hasshown that perceived financial risk is negatively associatedwith consumers’ intention to engage in online shopping(Kim, 2007; Pavlou, 2003), and this tendency has beenfound among both novice and experienced consumers(Liang and Jin-Shiang, 1998), particularly when it comesto perceived financial risk that can potentially result inmonetary losses (Keating et al., 2009; Ko et al., 2004;Liebermann and Stashevsky, 2002).In the context of Internet-based commercial transactions,

financial risk entails possibilities that one’s payment informa-tion may be used fraudulently by another (Forsythe and Shi,2003). Given that authentication systems with higher levels ofsecurity tend to be more complicated and are thereby moredemanding (or require greater effort) on the consumers^ end,the extent to which consumers appreciate (and in turnwillingly ‘‘collaborate’’ with) a complicated and demandingauthentication system may depend on the extent to which

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376366

they perceive the system to have the potential for relievingsuch risk (Tan, 1999). Hence, we propose to examine whetherconsumers’ evaluation of the levels of security imposed byauthentication systems would depend on financial risk factorsinvolved in online transactions. Specifically, we test whetherperceived financial risk, which may motivate consumers toprotect themselves against a potential loss, will lead consu-mers to perceive the higher levels of security protectionprovided by authentication systems to be an effective ‘‘riskreliever’’ (Roselius, 1971; Tan, 1999) and thereby show greaterappreciation of the security-enhancing efforts.

4. Experiment 1

Customer authentication with high-level security for pre-venting fraudulent activities in the context of online shoppingoften translates into requiring consumers to go throughseemingly cumbersome identity checks, resulting in a slowerand seemingly less efficient shopping experience. This isparticularly true for authentication procedures based onchallenge questions. In this experiment, we performed anexploratory investigation regarding how the security levels ofauthentication systems based on challenge questions affectconsumers’ perception of the systems and whether perceivedfinancial risk factor would moderate the effects. One keyelement of financial risk in the context of online shopping isproduct price (Grewal et al., 1994): one may experience agreater sense of perceived financial risk when attempting topurchase expensive goods than when purchasing low-priceditems. Considering this, we introduced product price as aperceived financial risk factor in the present experiment.

4.1. Design and participants

We conducted a web-based experiment based on a 3(Security level: 1-Click vs. What You Know vs. What YouHave)� 2(Price Level: Low vs. High) within-participantsdesign. Participants were asked to make simulatedpurchases—one item from each of 12 anonymous retailers(i.e., no company names or logos were displayed). A total of21 undergraduate students (10 female, 11 male, Mage¼21.58,SDage¼1.84) attending a university in the United States wererecruited. These students, enrolled in a Communicationcourse, received course credit for their participation.

4.2. Manipulations

Security level. For the simulated online shopping, partici-pants had to use one of three types of procedures: 1-Click,What You Know, and What You Have. The 1-Clickprocedure was the least secure but the most convenientprocedure. To make the purchase with this security proce-dure, participants simply clicked on ‘‘Buy now with 1-Click’’.This procedure was modeled after the 1-Click purcha-sing option found on online retailers such as Amazon.com,which is intended to streamline the purchasing process forcustomers.

The What You Know authentication procedure presenteda set of two ‘challenge’ questions that required participantsto provide information they could easily recall from memory(e.g., participants’ middle name, current city/state/zip code).This security procedure is similar to common challenge-response questions in which personal information is pro-vided by a user at one point in time and the information islater requested by the website for identity verification(Szabo, 2003).The What You Have authentication procedure was con-

ceived as the most demanding challenge-question procedurethat provides maximum protection for customers. Thisprocedure presented a set of two challenge questions thatrequired participants to physically look up the requestedinformation on their payment card when answering thequestions (e.g., the last six digits of the customer servicetelephone number; the 20th word of card propertystatement).

Price level. The price levels of the items used for thesimulated online shopping were set to be appropriate forcollege students’ budgets in the United States. Low-priceditems fell in the range of $15 to $35 (toss pillow and throwset, lamp, coat rack, bud vase, trash can, and towel set).High-priced items ranged from $135 to $165 (tree floorlamp, stair cubby bookcase, full mattress, wall mirror,food processor, and cutlery set).

4.3. Procedure

An invitation was sent via class e-mailing lists and directedparticipants to the experiment website. Participants wereallowed to participate in the experiment at their convenience,but were required to complete the task in one sitting.Upon providing consent, participants read a cover story

that they would be ‘‘purchasing’’ 12 items to furnish a newapartment. These items consisted of two items representingeach of the six combinations of the security (with 3 levels)and price (with 2 levels) variables. The cover story informedparticipants that each of the retailers used their own uniquesecurity procedures for customer authentication and alreadyhad customers’ personal and payment-related informationon file. After reading the cover story, participants werepresented with the 12 items for purchasing, one item at atime. On the online shopping page, the product name,image, brief description, and price information were pre-sented (see Fig. 1 for a sample screen shot of the experimentinterface). After each transaction, participants responded toa questionnaire concerning the simulated purchase process.The questionnaire contained the dependent measures and amanipulation check item.

4.4. Measures

All of the measurement items were assessed on 10-pointLikert scales. For assessing participants’ evaluations of theauthentication procedures, we measured perceived conveni-ence of and frustration with the authentication procedures

Fig. 1. A screenshot of the Experiment 1 Online Shopping Interface.

Table 1

Summary table of Experiment 1 ANOVA results.

Convenience Frustration

Source df SS MS F p Source df SS MS F P

P 1 16.07 16.07 19.08 .001 P 1 6.68 6.68 6.51 .02

Error (P) 20 16.85 .84 Error (P) 20 20.49 1.03

S 2 502.37 251.19 71.87 .001 S 2 358.30 179.15 50.63 .001

Error (S) 40 139.80 3.50 Error (S) 40 141.53 3.54

P�S 2 12.37 6.82 4.31 .02 P�S 2 12.59 6.29 3.92 .03

Error (P�S) 40 57.46 1.44 Error (P �S) 40 64.25 1.61

Note: P (price, within); S (security, within). Significant p-values (o .05) are highlighted in bold.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 367

using self-report measures. Perceived convenience was mea-sured with the question, ‘‘How would you rate the conve-nience of this purchase process for this product?’’ (‘‘Veryinconvenient’’¼1 to ‘‘Very convenient’’¼10). Frustrationwas measured with the question, ‘‘How frustrating was thesecurity process?’’ (‘‘Not at all frustrating’’¼1 to ‘‘Veryfrustrating’’¼10).

4.5. Manipulation check

We checked the security level manipulation by askingparticipants to rate perceived ease of fraud for each simulatedpurchase on a 10-point scale (‘‘Very difficult’’¼1 to ‘‘Veryeasy’’¼10). A repeated-measures ANOVA revealed a sig-nificant main effect of Security Procedure, F(1, 20)¼15.48,p¼ .001. A post hoc test based on Bonferroni correctionsshowed that the What-You-Have (M¼6.29, SE¼0.50)procedure, being rated as the least vulnerable, was perceivedto instantiate the highest level of security, which was followed

by the What-You-Know (M¼7.69, SE¼0.40) procedure; the1-Click procedure (M¼8.51, SE¼0.43), rated as the mostvulnerable to fraud, was perceived to offer the lowest-levelof security (all p’so .01). These patterns confirmed that ourmanipulation of security level was successful.

4.6. Results

We conducted 3 (Security)� 2 (Price) repeated-measuresANOVAs. A summary of the ANOVA results are pre-sented in Table 1.

Perceived convenience. The main effect for price wassignificant, F(1, 20)¼19.08, po .001. Participants perceivedthe authentication procedures more convenient for low-priced items (M¼7.60, SE¼0.27) than for high-priced items(M¼6.88, SE¼0.29). The main effect for security level wasalso significant, F(2, 40)¼71.87, po .001. Using Bonferronicorrections to adjust for an inflated probability of a Type Ierror, we found that the What-You-Have procedure

Table 3

Effects of security level and price level on frustration ratings: Post Hoc

Results.

1-Click What You Know What You Have

Price low 1.64(.19)a 2.60(.37)b 4.98(.34)c

Price high 1.83(.33)a 2.45(.29)a 6.31(.52)d

Note: standard errors are presented in the parentheses. Different super-

script letters are used to denote significant mean differences as determined

by post hoc tests based on Bonferroni corrections, all p’so .05.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376368

(M¼4.46, SE¼0.36) was rated as significantly less conve-nient (po .001) than the 1-Click (M¼9.08, SE¼0.33) andthe What-You-Know procedure (M¼8.17, SE¼0.36), bothp’so .001. More importantly, the security� price interactioneffect was significant, F(2, 40)¼4.31, po .05. To decomposethe interaction effects, we performed post hoc tests based onBonferroni corrections (Table 2). When the mean differenceswere examined by price level, the patterns were identical forboth high- and low-priced items: 1-Click was rated as themost convenient, followed by What-You-Know; What-You-Have was rated as the least convenient. Somewhat surpris-ingly, when we examined the mean differences by securitylevel, the significant mean difference between high vs. lowprice was found only for the highest-security level authentica-tion: participants gave significantly lower ratings on conve-nience when they made high-priced transactions than whenthey made low-priced transactions while using the What-You-Have authentication.

Frustration. The main effect for price was significant,F(1, 20)¼6.51, po .05. Participants reported greater frustra-tion when purchasing high-priced items (M¼3.53, SE¼0.20)than low-priced items (M¼3.07, SE¼0.22). The main effectfor security level was significant, F(2, 40)¼50.63, po .001.Post hoc tests based on Bonferroni corrections indicated thatparticipants felt more frustrated when using the What-You-Have procedure (M¼5.64, SE¼0.37) than the What-You-Know (M¼2.52, SE¼0.29) and the 1-Click (M¼1.74,SE¼0.24) procedures, both p’so .001. In addition, theinteraction effect for security by price was significant, F(2,40)¼3.92, po.05. Applying Bonferroni corrections, weconducted a series of post hoc tests to decompose theinteraction effects (Table 3). For the low-priced transactions,we found that the What-You-Have procedure was rated asmost frustrating and the 1-Click procedure was rated as leastfrustrating; all of the mean differences were statisticallysignificant. On the other hand, the high-priced transactionsshowed a slightly different pattern: whereas the What-You-Have procedure was rated as significantly more frustratingthan the 1-Click and the What-You-Know procedures, the 1-Click and the What-You-Know procedures did not signifi-cantly differ on the frustration ratings. Interestingly, whenthe mean differences were probed by security level, the resultswere parallel to the results on the convenience ratings: theonly significant mean difference between low vs. high pricelevels emerged for the authentication with the highest securitylevel (What-You-Have), with participants reporting greater

Table 2

Effects of security level and price level on convenience ratings: Post Hoc

Results.

1-Click What You Know What You Have

Price low 9.26(.29)a 8.26(.41)b 5.26(.36)c

Price high 8.91(.41)a 8.07(.37)b 3.67(.50)d

Note: standard errors are presented in the parentheses. Different super-

script letters are used to denote significant mean differences as determined

by post hoc tests based on Bonferroni corrections, all p’so .05.

frustration when they made high-priced transactions thanwhen they purchased low-priced items.

5. Discussion

Overall, the present experiment, revealing a pattern ofsecurity-convenience trade-offs, showed that participantsfound the most demanding procedure (i.e., the What-You-Have challenge questions) less convenient and more frus-trating. Interestingly, the results also indicated that pricelevel, which we introduced as a factor of perceived financialrisk, moderated the effects of security level on consumers’evaluation of the authentication systems. In particular,participants rated the high-level security authenticationprocedure less convenient and more frustrating whenpurchasing high-priced items than when purchasing low-priced items during the simulated online shopping session.This finding may seem somewhat counterintuitive—onemight expect that the authentication system with the highestlevel of security (thus more demanding and inconvenient onthe consumers’ end) would be more tolerable for higher-priced goods than for lower-priced goods. A possibleexplanation for this pattern of user responses is that productprice could have affected consumers’ expectation about thequality of the service they ‘‘deserve.’’ Research on therelationship between price and quality has demonstratedthat consumers often attribute higher quality to productsthat are priced higher, particularly when other cues ofproduct quality are absent (Lambert, 1981; Olson, 1977).It is likely that participants’ attribution of higher quality tohigh-priced goods could have translated into their expecta-tion of better service, including a less onerous purchaseprocess. Hence, the What-You-Have procedure, whichrequired the participants to expend the extra efforts ofretrieving the requested information for authentication (i.e.,physically looking up the requested information), mighthave induced even more negative reaction in participantswhen they were purchasing the high-priced goods. Thisfinding suggests that the risk-relieving effort made byauthentication systems with a higher security level may beperceived by consumers more as a burden than a benefit,particularly when they are purchasing expensive goods.Although the findings were intriguing, Experiment 1 had

several limitations. First, particularly in the context of simu-lated online shopping employed in the experiment, financialrisk associated with product price might have been more

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 369

implicit (or implied) than being explicit. Second, while the1-Click and the What-You-Know authentication proceduresare actually being used in various online shopping/transactionvenues, the What-You-Have procedure is not a typicalauthentication approach, thereby limiting the external validityof the findings. Finally, Experiment 1 did not take intoconsideration other situational factors associated with financialrisk such as retailer reputation or consumers’ liability aboutpossible fraudulent activities (Biswas and Biswas, 2004). With‘‘the availability of an overwhelming number of retailers,which is partially due to the perceived low entry and setupcosts for sellers on the Web [relative to] the brick-and-mortareconomy’’ (Biswas and Biswas, 2004, p. 31), retailer reputationmay constitute another critical financial risk factor for onlineshoppers. And given the ever-present threat of identity theftand fraud in online transactions (Li and Zhang, 2006),consumers’ liability for fraudulent activities may be consideredmore explicit than other financial risk factors in term of risksalience (Herzenstein et al., 2007).

We attempted to extend Experiment 1 and address theaforementioned limitations intrinsic to authentication con-texts based on challenge questions. To this end, we turnedto authentication based on card verification codes (alsoknown as card verification values or CVV2)—three digitcodes provided on the back of payment cards. These codes,widely used to prevent fraudulent card-based transactions(Banerjee, 2004; Mangiaracina, 2009), are often requestedby online merchants and retailers for ‘‘card not presenttransactions’’ (Bhatla et al., 2003). Use of this particularauthentication context allowed us to introduce a moreexplicit perceived financial risk factor: consumer liability.It also enabled us to introduce another perceived financialrisk factor—retailer reputation—in the experiment design.The retailer reputation factor was particularly germane toauthentication based on card verification codes. Retailersare required not to store the verification code numbers intheir databases when involved in card-based transactions,but a loophole in the payment system of retailing websitescould make verification code information vulnerable tomisuse (Molloy et al., 2007). Therefore, retailers with low-reputation (i.e., low-credibility) may be perceived to havegreater likelihood of causing financial risk for consumers,leading consumers to feel unconvinced about how securelysuch retailers would handle verification code information.

To control for the different types of payment cardsparticipants might have been using, we used a cover storyfeaturing virtual payment cards for college students. Inaddition, as a way to manipulate security levels of authenti-cation, we adopted a novel method of presenting cardverification codes that vary (unlike the traditional CVV2).Also known as dynamic CVV2, these variable card verifica-tion codes are designed to change after each transaction toprevent fraudulent actions that could occur when CVV2codes are temporarily or inadvertently stored in the transac-tion system (Noka, 2010; Warner, 2007). In the presentexperiment, we employed two types of dynamic CVV2systems in order to instantiate high versus low security levels.

For the high-level security, we presented a dynamic CVV2system that generates a different code for every transaction,which could minimize the likelihood of fraudulent activities;such a system, however, would require users to enter adifferent code every time, making the transaction morecumbersome for users, on their end as they have to lookup and enter a new code for every transaction. For the low-level security, we presented a dynamic CVV2 system thatgenerates a different code for every four transaction, whichcould allow users to remember and reuse a given code forthree additional transactions. This authentication process wasconceived to be less cumbersome on the users’ end whencompared with the system involving code generation forevery transaction, while still reflecting the ‘‘variable,’’ asopposed to static, characteristic of dynamic CVV2 codes.

6. Experiment 2

6.1. Design and participants

Experiment 2 was based on a 2(Retailer Reputation: Well-Known vs. Unknown, within-participants)� 2(Price: Highvs. Low, within-participants)� 2(Security Level: High vs.Low, between-participants)� 2(Liability: Zero vs. Full,between-participants) mixed-factor design. A total of 60undergraduate students enrolled in a Communication courseat a university in the United States were recruited for coursecredit (24 female, 36 male, age Mage=22.00, SDage=4.02).Participants were randomly assigned to one of the fourconditions based on the combination of the two between-participants factors (i.e., security level and customer liability).The presentation order of Retailer Reputation and Price wasrandomized within each of the four blocks based on thecombination of security level and liability; the counterbalan-cing of the four blocks was performed via Latin Squares.

6.2. Materials

The cover story stated that participants would be testinga new payment system in development for universitystudents—University Virtual Payment Card (VP-Card)system—by making a series of simulated online purchaseswith a ‘‘beta version’’ of the application (see Fig. 2 for asample screenshot of the experiment interface).

Retailer reputation. To instantiate well-known online retai-lers, we used Amazon.com, Barnes&Noble.com, BestBuy.-com, Crate&Barrel.com, OfficeDepot.com, Staples.com,Target.com, and Walmart.com. To instantiate unknownmerchants, we created eight non-existent retailer namesalong with made-up logos: e-Market.com, Elec-City.com,GetSmart.com, PhonesRUs.com, RightHere4You.com, Offi-ceNet.com, ShopQuick.com, and EziBuy.com.

Price. In Experiment 1, we employed somewhat narrowerprice ranges for low-priced versus high-priced items; while theproducts presented in the study well suited the cover story,the types and prices of the items were not diverse enough toreflect the breadth of online shopping experiences of general

Fig. 2. A Screenshot of the Experiment 2 Online Shopping Interface.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376370

consumers. Therefore, Experiment 2 employed a greatervariety of products and prices. Eight low-priced items andeight high-priced items were selected from a pool of the 40most popular items on two major online shopping sites(Amazon.com and Buy.com). When selecting the sixteenitems to be used for the experiment, we considered theirpopularity as ‘‘wish-to-have’’ items among the age group(i.e., 18 to 30) from which our sample would be drawn. Thisensured that we would present participants with items thatthey would be interested in purchasing. The low-priced itemsranged from 30 to 80 US$ and included: wireless keyboard,presentation clicker, folding shelf, multimedia cabinet, coffeemaker, toaster, and two popular, newly (as of November2008) released movie DVDs. The high-priced items rangedfrom 800 to 1500 US$ and included: HDTV, laptop, LCDmonitor, DSLR camera, color laser printer, unblocked smartphone, rowing machine, and treadmill machine.

Security level. For the 16 simulated purchases, the three-digit verification code of the virtual payment card changedfor every four purchases in the low-security condition; thecode changed for every purchase in the high-securitycondition. This information was provided to participantsas follows: ‘‘To protect you from fraudulent attempts andmake your purchases more secure, the VP-Card applica-tion will provide you a different card verification code foreach (vs. every four) purchase(s).’’

Liability. Participants were informed about the policiesfor unauthorized purchases. Participants in the zeroliability condition read:

To protect you against unauthorized purchases, theVP-Card System will provide you with Zero LiabilityProtection. As a VP-Card member, you will not be heldliable in the event of an unauthorized use of the VP-Card.

By contrast, participants in the full liability conditionread:

Please note that you are responsible for all purchasesmade with the VP-Card, which will be charged to yourstudent account.

6.3. Procedure

Recruited through an announcement circulated viauniversity class mailing lists, participants were invited toa laboratory room and were run individually. Uponarrival, participants were informed that they would bemaking a series of simulated online purchases with a betaversion of the VP-Card system. Participants were thenseated in the experiment room equipped with a laptopcomputer. Upon logging on, participants were asked toprovide their name, mailing address, phone number, andstudent ID to ostensibly register with the VP-Card system.Participants were then presented with each of the 16 itemsfor purchasing. To complete each transaction, participantshad to enter a three-digit verification code shown on the‘‘virtual card’’ displayed on the computer screen. After eachpurchase, participants answered a set of questionnaire items(self-report) regarding their purchase, which included ques-tions asking participants about the items they ‘‘purchased’’and the names of the retailers presented during the transac-tion. These questions were employed not only as manipula-tion checks but also as a means to keep the participantsfocused on the experiment task which involved multiplesimulated transactions.When the simulated purchase of the 16 items was

completed, participants were directed to a post-question-naire, which included additional dependent measures andmanipulation check items. It took approximately 30 min

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 371

for participants to complete the experiment session.

6.4. Measures

Sense of security. After each simulated purchase, parti-cipants rated how ‘‘safe’’ and ‘‘comfortable’’ they felt whenthey made the purchase using the verification system on10-point scales (‘‘Not at all’’¼1 to ‘‘Extremely’’¼10). Thereliability of the resulting index was very high (Cronbach’sa¼ .97).

Sense of Pleasure. After each simulated purchase, parti-cipants rated how ‘‘positive’’ and ‘‘pleased’’ they feltwhen they made the purchase using the verification systemon 10-point scales (‘‘Not at all’’¼1 to ‘‘Extremely’’¼10).The reliability of the resulting index was very high(a¼ .95).

Perceived reliability of the system. In the post-question-naire, participants indicated how ‘‘dependable,’’ ‘‘reliable,’’and ‘‘secure’’ they perceived the verification system to beon 10-point scales (‘‘Not at all’’¼1 to ‘‘Extremely’’¼10).The reliability of the resulting index was very high(a¼ .90).

Perceived likeability of the system. In the post-question-naire, participants rated how ‘‘appealing,’’ ‘‘pleasing,’’ and‘‘likeable’’ their experience with the verification system wason 10-point scales (‘‘Not at all’’¼1 to ‘‘Extremely’’¼10).The reliability of the resulting index was very high(a¼ .92).

Manipulation Checks. We checked the manipulation ofretailer reputation by examining the extent to which partici-pants found the online retailers presented during the experi-ment ‘‘familiar’’ (‘‘Not familiar at all’’¼1 to ‘‘Veryfamiliar’’¼10) and ‘‘safe to shop with online’’ (‘‘Not safeat all’’¼1 to ‘‘Very safe¼10’’). The well-known retailers(M¼8.62, SE¼0.21) received significantly higher familiarityratings than did the unknown retailers (M¼1.35, SE¼0.09),t(59)¼31.78, p¼ .001; the well-known retailers (M¼8.64,SE¼0.20) were also rated significantly safer to shop withthan were the unknown retailers (M¼1.52, SE¼0.08),t(59)¼31.66, p¼ .001. These patterns demonstrated that themanipulation was successful.

The manipulation of product price was checked with twoitems: ‘‘How expensive are the following products?’’ (‘‘Notexpensive at all’’¼1 to ‘‘Very expensive¼10’’), and ‘‘Howsafe would you feel about purchasing the following productsonline?’’ (‘‘Not safe at all’’¼1 to ‘‘Very safe¼10’’). The high-priced products were rated more expensive (M¼7.36,SE¼0.23) than were the low-priced products (M¼4.01,SD¼0.14), t(59)¼15.08, p¼ .001; the low-priced productsreceived significantly higher safety ratings (M¼7.35,SE¼0.21) than did the high-priced products (M¼5.22,SE¼0.24), t(59)¼8.09, p¼ .001. These patterns showed thatthe manipulation was successful.

For checking the manipulation of security level, we askedparticipants to rate how often the verification codes changedduring the simulated shopping session (‘‘Not often at all’’¼1to ‘‘Very often¼10’’) in the post-experiment questionnaire.

The high-security participants found the code changedsignificantly more frequently (M¼9.40, SE¼0.21) than didthe low-security participants (M¼5.90, SE¼0.34),t(58)¼8.43, p¼ .001. We checked the manipulation ofcustomer liability by asking participants to respond to atrue/false question item, ‘‘The Virtual P-Card members willbe protected by the zero-liability policy.’’ A Chi-Square testshowed that the proportion of zero-liability participantsanswering ‘‘True’’ was 87%, and that the proportion offull-liability participants answering ‘‘False’’ was also 87%,w2(2, N¼60)¼32.27, p¼ .001. These patterns showed thatthe manipulations were successful.

6.5. Results

For analyzing the effects of the four factors on sense ofsecurity and pleasure assessed after each simulated purchase,2 (Retailer Reputation)� 2(Price)� 2(Security Level)� 2(Lia-bility) mixed-model ANOVAs were conducted (See Table 4for summary). For perceived reliability and likeability of theauthentication systems assessed in the post-questionnaireonly, we used 2 (Security Level)� 2(Liability) between-parti-cipants ANOVAs (See Table 4 and Table 5 for summary).

Sense of security. The main effect of retailer reputation wassignificant, F(1, 56)¼8.97, p¼ .01: participants reported thatthey felt more secure when purchasing from the well-knownretailers (M¼6.29, SE¼0.32) than from the unknown retailers(M¼5.79, SE¼0.33). The main effect of price was alsosignificant, F(1, 56)¼12.77, p¼ .001: participants reported thatthey felt more secure when purchasing low-priced goods(M¼6.23, SE¼0.31) than high-priced goods (M¼5.78,SE¼0.32). Among the interaction effects, the only significantinteraction emerged between security level and liability, F(1,56)¼6.23, p¼ .02 (Fig. 3). This interaction effect was decom-posed by security level via a simple effects test. Participantswho used the high-security authentication reported that theyfelt significantly more secure in the full-liability condition (i.e.,high risk) than in the zero-liability condition (i.e., low risk),F(1, 56)¼5.07, p¼ .03. The full- vs. zero-liability difference forthe low-security authentication was not significant, F(1,56)¼2.55, ns. When the interaction effect was decomposedby liability, the high- vs. low-security difference for the full-liability approached, but did not reach, significance, F(1,56)¼3.73, p¼ .06. In zero liability, the high- vs. low- securitydifference was not significant, F(1, 56)o1.63, ns.

Sense of pleasure. The main effect of retailer reputationwas significant, F(1, 56)¼6.94, p¼ .01: participants reportedthat they felt greater pleasure when purchasing from the well-known retailers (M¼7.74, SE¼0.21) than from theunknown retailers (M¼7.43, SE¼0.22). The main effect ofprice was significant, F(1, 56)¼5.43, p¼ .02: participantsreported that they felt greater pleasure when purchasinglow-priced goods (M¼7.69, SE¼0.21) than high-pricedgoods (M¼7.48, SE¼0.22). No other main effects weresignificant, all F’so0.18, ns.

Among the interaction effects, the price by liability inter-action approached, but did not reach, significance, F(1,

Table 4

Summary table of Experiment 2 ANOVA results (sense of security and pleasure).

Sense of security Pleasure

Source df SS MS F P Source df SS MS F p

R 1 18.84 18.84 8.97 .01 R 1 5.55 5.55 6.94 .01

R� L 1 .05 .05 .02 .88 R�L 1 .01 .01 .014 .96

R�S 1 .15 .15 .07 .79 R�S 1 .08 .08 .10 .76

R�L�S 1 1.10 1.10 .52 .47 R�L�S 1 .66 .66 .82 .37

Error (R) 56 117.66 2.10 Error (R) 56 44.78 .80

P 1 12.04 12.04 12.77 .01 P 1 2.61 2.61 5.43 .02

P�L 1 .42 .42 .44 .51 P�L 1 1.79 1.79 3.7 .06

P�S 1 .65 .65 .69 .41 P�S 1 .16 .16 .34 .57

P�L�S 1 .14 .14 .15 .70 P �L�S 1 .60 .60 1.24 .27

Error (P) 56 52.78 .94 Error (P) 56 26.85 .48

R�P 1 .46 .46 .87 .36 R�P 1 .04 .04 .11 .74

R�P�L 1 1.79 1.79 3.38 .07 R�P�L 1 .08 .08 .23 .63

R�P�S 1 .03 .03 .06 .81 R�P�S 1 .25 .25 .75 .39

R�P�L�S 1 1.35 1.35 2.55 .12 R�P�L�S 1 .46 .46 1.37 .25

Error (R�P) 56 29.70 .53 Error (R�P) 56 18.75 .34

S 1 11.16 11.16 .47 .49 S 1 .79 .79 .07 .79

L 1 1.31 1.31 .06 .81 L 1 1.89 1.89 .18 .67

S�L 1 146.48 146.48 6.23 .02 S�L 1 67.73 67.73 6.40 .01

Error 56 1317.28 23.52 Error 56 592.52 10.58

Note: R (retailer, within); P (price, within); L (liability, between); S (security, between). Significant p-values (o .05) are highlighted in bold.

Table 5

Summary table of Experiment 2 ANOVA results (Perceived reliability and likeability).

Perceived reliability Perceived likeability

Source df SS MS F P Source df SS MS F p

S 1 0.10 0.10 0.02 .89 S 1 0.22 0.22 0.05 .83

L 1 8.36 8.36 1.56 .22 L 1 4.42 4.42 0.96 .33

S�L 1 32.84 32.84 6.15 .02 S�L 1 21.15 21.15 4.57 .03

Error 56 299.25 5.34 Error 56 259.24 4.63

Note: S (security, between); L (liability, between). Significant p-values (o .05) are highlighted in bold.

Fig. 3. Effects of Security Level and Liability on Sense of Security. Note:

Error bars indicate standard error of the mean. The asterisk denotes a

significant mean difference.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376372

56)¼3.74, p¼ .06. The only significant interaction effect wasfound between security level and liability, F(1, 56)¼6.40,p¼ .01 (Fig. 4). When this interaction effect was decomposedby security level with a simple effects test, we found that

participants who used the high-security authenticationreported significantly greater pleasure in the full-liabilitycondition than in the zero-liability condition, F(1,56)¼4.36, p¼ .04. By contrast, participants who used thelow-security authentication did not show a significant full- vs.zero-liability difference in felt pleasure, F(1, 56)¼2.22, ns.When the interaction effect was decomposed by liability, thehigh- vs. low-security difference for the full-liability partici-pants approached, but did not reach, significance,F(1, 56)¼3.93, p¼ .06. Among the zero-liability participants,the difference was not significant, F(1, 56)¼2.55, ns.

Perceived reliability of the system. Neither the main effectof security level nor that of liability was significant, F(1,56)’so1.56, ns. The interaction effect, however, was signifi-cant, F(1, 56)¼6.15, p¼ .01 (Fig. 5). When this interactioneffect was decomposed by security level with a simple effectstest, participants who used the high-security authenticationperceived the system significantly more reliable in the full-liability condition than in the zero-liability condition, F(1,56)¼6.95, p¼ .01. Participants who used the low-securitysystem, however, did not show a zero- vs. full-liability

Fig. 6. Effects of Security Level and Liability on Perceived Likeability.

Note: Error bars indicate standard error of the mean. The asterisk denotes

a significant mean difference.

Fig. 4. Effects of Security Level and Liability on Sense of Pleasure.

Note: Error bars indicate standard error of the mean. The asterisk denotes

a significant mean difference.

Fig. 5. Effects of Security Level and Liability on Perceived Reliability.

Note: Error bars indicate standard error of the mean. The asterisk denotes

a significant mean difference.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 373

difference, F(1, 56)¼0.76, ns. When the interaction effect wasdecomposed by liability, the high- vs. low-security differenceamong the full-liability participants approached significancebut was not significant, F(1, 56)¼3.41, p¼ .07; the differenceamong the zero-liability participants was not significant, F(1,56)¼2.71, ns.

Perceived likeability. Neither the main effect of security levelnor that of liability was significant, F(1, 56)’so0.96, ns. Theinteraction effect, however, was significant, F(1, 56)¼4.57,p¼ .03 (Fig. 6). When this interaction effect was decomposedby security level with a simple effects test, participants whoused the high-security authentication reported significantlygreater liking of the system in the full-liability condition thanin the zero-liability condition, F(1, 56)¼4.85, p¼ .03. Bycontrast, participants who used the low-security authenticationdid not show a significant difference in terms of liability, F(1,56)¼0.67, ns. When the interaction effect was decomposed byliability, neither of the high- vs. low- security differences wassignificant, both F’so2.77, ns.

6.6. Discussion

Among the three financial risk factors included in thedesign (retailer reputation, price, and liability), the only factor

that interacted with security level of authentication systemsfor sense of security and pleasure was liability. This patternsuggests that liability (i.e., whether or not consumers would beresponsible for fraudulent transactions) plays a key role inshaping participants’ evaluation of authentication proceduresregardless of transaction amount and retailer credibility. TheANOVA results for perceived reliability and likeability of theauthentication systems, conducted only with security level andliability, confirmed the security by liability interaction.Furthermore, across the four dependent measures, the two-way interaction effects consistently revealed that the authen-tication system with high-level security (i.e., high-frequencycode variation) led participants to feel more secure andpleased, and also to perceive the system as more reliableand likeable, under full liability (high financial risk) thanunder zero liability (low financial risk). These findings suggestthat consumers are more likely to appreciate high-levelsecurity efforts when the perceived financial risk associatedwith liability involved in their online transactions is high.

7. General discussion

7.1. Summary

Authentication procedures in online shopping contexts are aform of human–computer interaction entailing security-con-venience trade-offs. Research on authentication has shownthat customers’ preference of authentication methods tends tobe heavily based on usability and convenience as opposed toincreased security (e.g., Weir et al., 2009). Extending theprevious research, we investigated the role of financial risk inconsumers’ evaluation of customer authentication technolo-gies. More specifically, the present research attempted toanswer the following question: Under what circumstances doconsumers appreciate security enhancement efforts instan-tiated by authentication technologies? Our research demon-strated that perceived financial risk factors play a moderatingrole in shaping consumers’ evaluation of authenticationsystems. In particular, the findings of our experiments suggest

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376374

that the patterns of moderation may vary depending on thecontext of authentication and the types of perceived financialrisk factors.

Experiment 1 examined the role of product price, whichis often considered a key component of perceived financialrisk (Grewal et al., 1994), focusing on the authenticationcontext involving challenge questions. The findings indi-cated that the higher-level security authentication, whichwas more cumbersome to use on the consumers’ end, couldbe perceived as more inconvenient and induce greaterfrustration for high-priced goods than for low-priced ones.

On the other hand, in Experiment 2 which focused onthe context of card verification codes, product price didnot significantly interact with security level. Rather, con-sumer liability—a perceived financial risk factor particu-larly germane to online transactions involving paymentcards—was the only perceived financial risk factor thatinteracted with security level: participants exhibited morepositive evaluation of the high-level security authentication(namely, perceiving the system to be more pleasing,reliable, and likeable) when the perceived financial riskinvolving liability was higher (i.e., full liability for fraudu-lent activities). These findings suggest that consumers mayshow greater appreciation of high-level security authenti-cation when the situation necessitates an immediate ‘‘risk-reliever’’ (Roselius, 1971; Tan, 1999).

7.2. Limitations and future directions

The present research has several limitations. First, theartificiality of our experiment procedures limits the externalvalidity of the findings reported here. In particular, possibleproblems entailing the authentication systems based ondynamic card verification codes, which were featured aspart of the stimuli in Experiment 2, should be noted. Wemanipulated high versus low security levels by varying thefrequency of code generation. Some may point out thatdefining code generation interval (a new code being generatedfor every four purchases) as the ‘‘low-security’’ level wasarbitrary. In addition, while the authentication models basedon dynamic card verification codes have been proposed bymajor credit card companies as a potentially useful alter-native to the existing CVV2 authentication with the advancesin digital technologies (e.g., Noka, 2010), such procedureshave yet to be actualized. The somewhat arbitrary andartificial nature of the experiment task and manipulation ofsecurity levels employed in Experiment 2 may limit thegeneralizability of the findings. More importantly, the con-texts of simulated online shopping may also be problematic.In both experiments, participants were asked to performtransactions in a simulated setting—it may be pointed outthat they had ‘‘little to risk.’’ In addition, the experimentsetting did not allow participants to choose products andretailers. To make the ‘‘risk’’ factors as substantive aspossible, future research should employ experiment para-digms that allow participants to perform transactions in amore realistic and naturalistic setting (e.g., requiring

participants to use their own credit card information andallowing them to choose specific retailers and/or products), asdemonstrated in Egelman et al. (2009).Second, the experimental manipulations of security

levels used in our studies may raise concerns. Experiment1 was largely based on the widely-used challenge-questionauthentication; the What-You-Have method, however, isremote from the real-world challenge-question authentica-tion systems, which may limit the ecological validity of theexperiment. Moreover, some may argue that the What-You-Know method, which is one of the common solutionsfor authentication, is neither user-friendly nor secure (Justand Aspinall, 2009; Rabkin, 2008). One way to improvethe design of Experiment 1 would be to manipulate thenumber of challenge questions (e.g., single-question con-dition vs. two-question condition vs. multiple-questioncondition), given that the multiple-question method hasbeen demonstrated as a secure and viable solution (Justand Aspinall, 2009). It should also be noted that differenttypes of information were used for authentication in ourexperiments. Some of the What-You-Know security ques-tions in Experiment 1 involved personal information (e.g.,middle name, billing address information), whereas theWhat-You-Have questions (e.g., customer service phonenumber) in Experiment 1 and the card identification codesin Experiment 2 were impersonal in nature. Hence, anypossible feelings of discomfort experienced by consumerswhen they were asked to provide personal informationcould have played a role in their perception of theauthentication systems. Future research should examinewhether consumers react differently when they arerequested to ‘‘share’’ personal versus impersonal informa-tion with the authentication system.Third, some may point out that the discrepancies in the

ranges of product price across the two experiments mightbe a confounding factor. This issue is worth attending to,particularly in view of the different patterns shown by ourexperiments with respect to the interaction effect forproduct price and security level: whereas Experiment 1revealed a significant interaction effect between the twofactors, Experiment 2 did not yield a significant interactioneffect. As to the non-significant interaction effect found inExperiment 2, we speculate that the liability factor, whichmight have explicitly signaled the degree of vulnerability topotential threats to the participants, could have overriddenthe influence of less explicit risk factors (such as productprice) on consumers’ perception of the authenticationsystems. Nonetheless, it should be noted that the discre-pancies between the two experiments concerning the priceranges of the featured products might have been proble-matic. In Experiment 2, we intended to present items witha greater variety as part of the experiment stimuli bywidening the price range and to avoid potential problemsthat could have been caused by the somewhat narrow pricerange (15–35 versus 135–165 US$) employed in Experi-ment 1. Although our manipulation check results showedthat the product price manipulation was effective, it may

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376 375

be difficult to rule out the possibility that the highlyexpensive items (of which prices ranged from 800 to 1500US$) presented in Experiment 2 might have been shortof creating a realistic sense of ‘‘financial risk’’ for theparticipants, particularly given the simulated online shop-ping context and the limited spending power/experience ofour college student sample.

Finally, it is important to note that most of theparticipants in our experiments were ‘‘digital natives’’who spend most of their time online and are members ofa technology-savvy generation (Palfrey and Gasser, 2008).It remains to be seen how these findings will translate toolder consumers—particularly those who are less experi-enced with or tend to feel greater discomfort with onlineshopping when compared with the younger generations(Morris et al., 2007). The role of culture may also be worthinvestigating. Both experiments reported in the presentresearch were conducted exclusively with a U.S. sample,whose culture is identified as individualistic when it comesto the relationship of the self to the social environment.Social and cultural psychologists have demonstrated thatindividualistic cultures value independence of the self,whereas collectivist cultures emphasize one’s interdepen-dence on the social environment to which the individualbelongs (Markus and Kitayama, 1991). It will be interest-ing to examine whether more collectivist-oriented framingof transaction processes (e.g., emphasizing partnership andshared interest between the consumer and the retailer/security system) would have differential effects on con-sumers from individualistic cultures and those from col-lectivist cultures with respect to their willingness to tradeconvenience for security.

8. Conclusion

The present research contributes to understandingconsumer behavior in the context of human–computer inter-action by identifying key contextual factors that shapesecurity-convenience trade-offs concerning customer authenti-cation in online shopping. Our findings show that perceivedfinancial risk factors moderate the effects of security levels onconsumers’ evaluation of authentication systems, suggestingthat participants’ response to the levels of authenticationsecurity may vary depending on the nature of financial riskinvolved in the transaction process.

As concerns rise over online identity theft and fraud, theneed for secure authentication systems is becoming moreacute. Just as with any other online security systems, however,the security-convenience trade-offs constitute a major dilemmafaced by developers and adopters of customer authenticationsystems. Considering that consumers’ positive perception ofauthentication technologies may translate into their willing-ness to trade convenience for security, investigation ofcontingencies under which consumers appreciate securityenhancement efforts in customer authentication will constitutean important direction for future research.

References

Adams, A., Sasse, M.A., 1999. Users are not the enemy. Communications

of the ACM 42, 46.

Banerjee, S., 2004. Credit card security on the Net: Where is it today.

Journal of Financial Transformation 12, 21–23.

Bhatla, T.P., Prabhu, V., Dua, A., 2003. Understanding credit card

frauds. Cards Business Review.

Bhatnagar, A., Ghose, S., 2004. Segmenting consumers based on the

benefits and risks of Internet shopping. Journal of Business Research

57, 1352–1360.

Biswas, D., Biswas, A., 2004. The diagnostic role of signals in the context

of perceived risks in online shopping: do signals matter more on the

Web? Journal of Interactive Marketing 18, 30–45.

Childers, T.L., Carr, C.L., Peck, J., Carlson, S., 2001. Hedonic and

utilitarian motivations for online retail shopping behavior. Journal of

Retailing, 511–535.

Cline, J., 2004. How to build privacy into customer authentication.

/http://www.computerworld.com/s/article/92511/How_to_Build_

Privacy_Into_Customer_AuthenticationS (Retrieved on June 20,

2009).

De Angeli, A., Coventry, L., Johnson, G., Renaud, K., 2005. Is a picture

really worth a thousand words? Exploring the feasibility of graphical

authentication systems. International Journal of Human–Computer

Studies 63, 128–152.

Dodds, W.B., Monroe, K.B., Grewal, D., 1991. Effects of price, brand,

and store information on buyers’ product evaluations. Journal of

Marketing Research 28, 307–322.

Egelman, S., Tsai, J., Cranor, L.F., Acquisti, A., 2009. Timing is every-

thing?: the effects of timing and placement of online privacy indicators,

Proceedings of the 27th International Conference on Human Factors in

Computing Systems. ACM, Boston, MA, USA, pp. 319-328.

Forsythe, S.M., Shi, B., 2003. Consumer patronage and risk perceptions

in Internet shopping. Journal of Business Research 56, 867–875.

Grewal, D., Gotlieb, J., Marmorstein, H., 1994. The moderating effects of

message framing and source credibility on the price-perceived risk

relationship. The Journal of Consumer Research 21, 145–153.

Herzenstein, M., Posavac, S.S., Brakus, J.J., 2007. Adoption of new and

really new products: the effects of self-regulation systems and risk

salience. Journal of Marketing Research 44, 251–260.

Hofacker, C.F., 2001. Internet Marketing 3 ed. John Wiley and Sons,

Inc., New York.

Horrigan, J., 2008. Online Shopping. Pew Internet & American Life

Project, Washington DC.

Jefferson, J., 2006. Benefits of online shopping. /http://ezinearticles.com/

?Benefits-of-Online-Shopping&id=300201S (Retrieved on August 1,

2009).

Just, M., Aspinall, D., 2009. Personal choice and challenge questions: a

security and usability assessment, Proceedings of the 5th Symposium

on Usable Privacy and Security. ACM, Mountain View, CA, pp. 1–11.

Keating, B.W., Quazi, A.M., Kriz, A., 2009. Financial risk and its impact

on new purchasing behavior in the online retail setting. Electronic

Markets 19, 237–250.

Keith, M., Shao, B., Steinbart, P.J., 2007. The usability of passphrases for

authentication: an empirical field study. International Journal of

Human–Computer Studies 65, 17–28.

Kim, I., 2007. The role of perceived risk on purchase intention in Internet

shopping. International Journal of Electronic Marketing and Retailing

1, 279–288.

Ko, H., Jung, J., Kim, J., Shim, S., 2004. Cross-cultural differences in

perceived risk of online shopping. Journal of Interactive Advertising 4,

28–42.

Kuber, R., Yu, W., 2010. Feasibility study of tactile-based authentication.

International Journal of Human–Computer Studies 68, 158–181.

Lambert, D.R., 1981. Price as a quality cue in industrial buying. Journal

of the Academy of Marketing Science 9, 227–238.

J.-E.R. Lee et al. / Int. J. Human-Computer Studies 70 (2012) 364–376376

Leggatt, H., 2009. 2008 Data Breaches and Financial Crimes Scare

Consumers Away. /http://www.gartner.com/DisplayDocument?ref=

g_search&id=902212&subref=simplesearchS (Retrieved on July 1,

2009).

Li, Y., Zhang, X., 2006. Securing credit card transactions with one-time

payment scheme. Electronic Commerce Research and Applications 4,

413–426.

Liang, T.-P., Jin-Shiang, H., 1998. An empirical study on consumer

acceptance of products in electronic markets: a transaction cost model.

Decision Support Systems 24, 29–43.

Liebermann, Y., Stashevsky, S., 2002. Perceived risks as barriers to

Internet and e-commerce usage. Qualitative Market Research: An

International Journal 5, 291–300.

Mangiaracina, R., 2009. Payment systems in the B2c eCommerce: are they

a barrier for the online customer? Journal of Internet Banking and

Commerce.

Markus, H., Kitayama, S., 1991. Culture and the self: implications for

cognition, emotion, and motivation. Psychological Review 98, 224–253.

Molloy, I., Li, J., Li, N., 2007. Dynamic virtual credit card numbers,

Proceedings of the 11th International Conference on Financial

cryptography and 1st International conference on Usable Security.

Springer-Verlag, Tobago, West Indies, pp. 208–223.

Morris, A., Goodman, J., Brading, H., 2007. Internet use and non-use: views

of older users. Universal Access in the Information Society 6, 43–57.

Noka, I., 2010. Innovation in payment card fraud management.

Nowak, M., Rao, S., Nass, C., Lewenstein, J., Meyer, A., Richman, J.,

2009. Toward an experimental methodology for studying persuasion-

based online security. Proceedings of the 27th CHI Conference.

Boston, Massachusetts, April 4–9, 2009.

Odekerken-Schroder, G., Wetzels, M., 2003. Trade-offs in online pur-

chase decisions: two empirical studies in Europe. European Manage-

ment Journal 21, 731–739.

Olson, J.C., 1977. In: Woodside, A.G., Sheth, J.N., Bennett, P.D. (Eds.),

Price as an Informational Cue: Effects on Product Evaluations.

North-Holland, NY, pp. 267–286.

Palfrey, J., Gasser, U., 2008. Born Digital: Understanding the First

Generation of Digital Natives. Basic Books, NY.

Pavlou, P.A., 2003. Consumer acceptance of electronic commerce:

integrating trust and risk with the technology acceptance model.

International Journal of Electronic Commerce 7, 101–134.

Rabkin, A., 2008. Personal knowledge questions for fallback authentica-

tion: security questions in the era of Facebook, Proceedings of the 4th

Symposium on Usable Privacy and Security. ACM, Pittsburgh,

Pennsylvania, pp. 13–23.

Roselius, T., 1971. Consumer rankings of risk reduction methods.

The Journal of Marketing 35, 56–61.

Szabo, K., 2003. Customer authentication, as a matter of risk in financial

services. Periodica Polytechnica, Social and Management Sciences 11,

13–26.

Tan, S.J., 1999. Strategies for reducing consumers’ risk aversion in

Internet shopping. Journal of Consumer Marketing 16, 163–180.

Warner, A., 2007. Review: NCR Self-Service Universe 07, Kiosk Europe.

Weir, C.S., Douglas, G., Carruthers, M., Jack, M., 2009. User perceptions

of security, convenience and usability for ebanking authentication

tokens. Computers & Security 28, 47–62.

Yadav, M.S., Monroe, K.B., 1993. How buyers perceive savings in a

bundle price: an examination of a bundle’s transaction value. Journal

of Marketing Research 30, 350–358.