Usability and Security in EU E-Banking Systems - Towards an Integrated Evaluation Framework

The proposed work highlights the interaction between security and usability in the context of e-banking security and proposes a theoretical evaluation framework to analyse this interaction and related extrinsic factors. It is felt that current evaluation methods for security and usability do not sufficiently examine their interplay and neglect other potential interactors in their model. In direct relation, it is also questioned whether current human-computer interaction research methods can be directly transferred to usability analysis of secure systems such as e-banking. The proposed study will therefore aim at aligning security and usability criteria with the object of ultimately developing a robust evaluation framework specific to e-banking. The required criteria will be derived from a comparison between various categories of e-banking security solutions, which is then followed by a security threat model of these solutions and complemented by relevant extrinsic influence factors. This approach is supported by the observed large variation in e-banking security solutions across Europe, their security and usability flaws as well as related literature, which has often been focused on either security or usability in this field. The strength and contribution of the proposed PhD thesis lies in the practical value to banks, the potential for transfer to other business areas as well as the new insight and knowledge added to the research area of usability for security. This document should be viewed as a presentation and introduction to the proposed research in the context of a doctoral symposium.