Adoption of an Authentication System: Is Security the Only Consideration?

Despite the development of novel authentication systems, organizations today, are much relying on traditional passwords as their main authentication method for employees’ access to their internal systems, and the adoption of a variety of alternatives has been slow. Taking a decision-making perspective, this study aims to bring new insights to the organizational adoption of novel authentication systems. Results indicate that usability, deployability and security, as innovation characteristics of authentication systems, increase decision makers’ intention to adopt an authentication scheme. Usability has the strongest effect. Further, for the organizations that are more IT-intensive, the effects of usability and security features on adoption intention are stronger

[1]  Hans Günter Brauch,et al.  Concepts of Security Threats, Challenges, Vulnerabilities and Risks , 2010, Coping with Global Environmental Change, Disasters and Security.

[2]  F. Bookstein,et al.  Two Structural Equation Models: LISREL and PLS Applied to Consumer Exit-Voice Theory , 1982 .

[3]  Robert J. Kauffman,et al.  Returns to Information Technology Outsourcing , 2011 .

[4]  Cheng-Chi Lee,et al.  A password authentication scheme over insecure networks , 2006, J. Comput. Syst. Sci..

[5]  J. Pfeffer Organizations and Organization Theory , 1982 .

[6]  R. Frank Falk,et al.  A Primer for Soft Modeling , 1992 .

[7]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[8]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[9]  Martin Hughes,et al.  An assessment of biometric identities as a standard for e-government services , 2005, Int. J. Serv. Stand..

[10]  E. Rogers,et al.  Diffusion of innovations , 1964, Encyclopedia of Sport Management.

[11]  Blase Ur,et al.  Password Creation in the Presence of Blacklists , 2017 .

[12]  B. Miller,et al.  Vital signs of identity [biometrics] , 1994, IEEE Spectrum.

[13]  Lyman E. Ostlund Perceived Innovation Attributes as Predictors of Innovativeness , 1974 .

[14]  J. Sinacore Multiple regression: Testing and interpreting interactions , 1993 .

[15]  Laure Cabantous,et al.  Rational Decision-Making as Performative Praxis: Explaining Rationality Éternel Retour , 2011, Organ. Sci..

[16]  Paul Reid,et al.  Biometrics for Network Security , 2003 .

[17]  Kunsoo Han,et al.  Information Technology Spillover and Productivity: The Role of Information Technology Intensity and Competition , 2011, J. Manag. Inf. Syst..

[18]  F. Damanpour Organizational Innovation: A Meta-Analysis Of Effects Of Determinants and Moderators , 1991 .

[19]  A. Meyer,et al.  Organizational Assimilation of Innovations: A Multi-Level Contextual Analysis , 1988 .

[20]  Anastasia Papazafeiropoulou,et al.  An evaluation framework for Health Information Systems: human, organization and technology-fit factors (HOT-fit) , 2008, Int. J. Medical Informatics.

[21]  Dawn Laux A study of biometric authentication adoption in the credit union industry , 2007 .

[22]  James Y. L. Thong,et al.  An Integrated Model of Information Systems Adoption in Small Businesses , 1999, J. Manag. Inf. Syst..

[23]  Wynne W. Chin THE HOLISTIC APPROACH TO CONSTRUCT VALIDATION IN IS RESEARCH: EXAMPLES OF THE INTERPLAY BETWEEN THEORY AND MEASUREMENT 1 , 1995 .

[24]  Ebru Celikel Cankaya,et al.  Extended Password Security via Cloud: CloudPass , 2016 .

[25]  Wynne W. Chin,et al.  A Partial Least Squares Latent Variable Modeling Approach for Measuring Interaction Effects: Results from a Monte Carlo Simulation Study and an Electronic - Mail Emotion/Adoption Study , 2003, Inf. Syst. Res..

[26]  Detmar W. Straub,et al.  Structural Equation Modeling and Regression: Guidelines for Research Practice , 2000, Commun. Assoc. Inf. Syst..

[27]  Merrill Warkentin,et al.  Fear Appeals and Information Security Behaviors: An Empirical Study , 2010, MIS Q..

[28]  G. Zaltman,et al.  Innovations and organizations , 2020, Organizational Innovation.

[29]  Scott B. MacKenzie,et al.  Common method biases in behavioral research: a critical review of the literature and recommended remedies. , 2003, The Journal of applied psychology.

[30]  N. Anderson,et al.  Innovation in top management teams , 1996 .

[31]  Simson L. Garfinkel,et al.  Secure and Usable Enterprise Authentication: Lessons from the Field , 2016, IEEE Security & Privacy.

[32]  Richard J. Varey The Knowing Organization: : How Organizations Use Information to Construct Meaning, Create Knowledge, and Make Decisions , 2013 .

[33]  Miles A. McQueen,et al.  Ideal Based Cyber Security Technical Metrics for Control Systems , 2007, CRITIS.

[34]  J. Thong,et al.  CEO characteristics, organizational characteristics and information technology adoption in small businesses , 1995 .

[35]  M. Fleischer,et al.  processes of technological innovation , 1990 .

[36]  Jennifer Preece,et al.  Sociability and usability in online communities: Determining and measuring success , 2001, Behav. Inf. Technol..

[37]  David R. Lease Factors Influencing the Adoption of Biometric Security Technologies by Decision Making Information Technology and Security Managers , 2005 .

[38]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.

[39]  R. Wolfe ORGANIZATIONAL INNOVATION: REVIEW, CRITIQUE AND SUGGESTED RESEARCH DIRECTIONS* , 1994 .

[40]  Neeraj Mittal,et al.  Research Note - Investments in Information Technology: Indirect Effects and Information Technology Intensity , 2009, Inf. Syst. Res..

[41]  Dimitriadis Evangelos,et al.  The Quest to Replace Passwords : a Framework for Comparative Evaluation of Web Authentication Schemes , 2016 .

[42]  Detmar W. Straub,et al.  Institutional Influences on Information Systems Security Innovations , 2012, Inf. Syst. Res..

[43]  Dipankar Dasgupta,et al.  Toward the design of adaptive selection strategies for multi-factor authentication , 2016, Comput. Secur..

[44]  John Lane,et al.  IEEE Standard Computer Dictionary: Compilation of IEEE Standard Computer Glossaries , 1991 .

[45]  Ralph L. Keeney,et al.  Feature Article - Decision Analysis: An Overview , 1982, Oper. Res..

[46]  Marguerite Schneider,et al.  Characteristics of Innovation and Innovation Adoption in Public Organizations: Assessing the Role of Managers , 2009 .

[47]  Linda Duxbury The corporation of the 1990s: Information technology and organizational transformation , 1993 .

[48]  Reza Barkhi,et al.  Determining the Intention to Use Biometric Devices: An Application and Extension of the Technology Acceptance Model , 2006, J. Organ. End User Comput..

[49]  Anthony M. Townsend,et al.  Adoption of Biometric Authentication Systems: Implications for Research and Practice in the Deployment of End-User Security Systems , 2011, J. Organ. Comput. Electron. Commer..

[50]  Paul A. Phillips,et al.  Hotel performance and competitive advantage: a contingency approach , 1999 .

[51]  L. G. Tornatzky,et al.  Innovation characteristics and innovation adoption-implementation: A meta-analysis of findings , 1982, IEEE Transactions on Engineering Management.

[52]  Mary Baker,et al.  A Study of Authentication in Daily Life , 2016, SOUPS.

[53]  L. Labuschagne,et al.  Factors impacting on the adoption of biometric technology by South African banks: An empirical investigation , 2011 .

[54]  Diana Farrell,et al.  The real new economy. , 2003, Harvard business review.

[55]  P. M. Podsakoff,et al.  Self-Reports in Organizational Research: Problems and Prospects , 1986 .

[56]  Marguerite Schneider,et al.  Phases of the Adoption of Innovation in Organizations: Effects of Environment, Organization and Top Managers , 2006 .

[57]  Yajiong Xue,et al.  Avoidance of Information Technology Threats: A Theoretical Perspective , 2009, MIS Q..

[58]  R. Daft A Dual-Core Model of Organizational Innovation , 1978 .

[59]  Eric P. Kukula,et al.  The Challenges of the Environment and the Human / Biometric Device Interaction on Biometric System Performance , 2004 .

[60]  Steve Drew,et al.  Developing a Theoretical Framework for the Adoption of Biometrics in M-Government Applications Using Grounded Theory , 2012 .

[61]  I. Monitor Information Security Management Handbook , 2000 .

[62]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[63]  Lukas Furst,et al.  Multivariate Data Analysis With Readings , 2016 .

[64]  Ephraim R. McLean,et al.  The DeLone and McLean Model of Information Systems Success: A Ten-Year Update , 2003, J. Manag. Inf. Syst..

[65]  Dennis F. Galletta,et al.  What Do Systems Users Have to Fear? Using Fear Appeals to Engender Threats and Fear that Motivate Protective Security Behaviors , 2015, MIS Q..

[66]  Philip Powell,et al.  An empirical study of the impact of information technology intensity in strategic investment decisions , 1998 .

[67]  Gordon B. Davis,et al.  User Acceptance of Information Technology: Toward a Unified View , 2003, MIS Q..