The Impact of Security Cues on User Perceived Security in e-Commerce

  • Samuel N. SmithEmail author
  • Fiona Fui-Hoon Nah
  • Maggie X. Cheng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9750)


Users are expected to assess the level of security of e-commerce websites before conducting online transactions. In this research, we examine user assessment of security of e-commerce web pages based on cues presented on the web pages. A pilot study was conducted in which each subject assessed six e-commerce web pages with varying cues (i.e., HTTP vs. HTTPS, fraudulent vs. authentic URL, padlocks beside fields), and the findings are reported.


Security cues e-commerce Cybersecurity Information security 



This research is supported by National Science Foundation grant CNS/1537538 and the Laboratory for Information Technology at Missouri University of Science and Technology.


  1. 1.
    Sasse, M., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’—a human/computer interaction approach to usable and effective security. BT Technol. J. 19(3), 122–131 (2001)CrossRefGoogle Scholar
  2. 2.
    Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium, pp. 169–184 (1999)Google Scholar
  3. 3.
    IBM Corporation: IBM Security Services 2014 Cyber Security Intelligence Index, pp. 1–12. IBM Global Technology Services, Somers, NY (2014)Google Scholar
  4. 4.
    Kauer, M., Pfeiffer, T., Volkamer, M., Theuerling, H., Bruder, R.: It is not about the design—it is about the content! making warnings more efficient by communicating risks appropriately. In: Proceedings of the 6th Annual Conference of the Department of Security and of the Society for Computer Science, pp. 187–198 (2012)Google Scholar
  5. 5.
    Darwish, A., Bataineh, E.: Eye tracking analysis of browser security indicators. In: International Conference on Computer Systems and Industrial Informatics, pp. 1–6 (2012)Google Scholar
  6. 6.
    Dhamija, R., Tygar, J.D., Hearst, M.: Why phishing works. In: Conference on Human Factors in Computing Systems, pp. 581–590 (2006)Google Scholar
  7. 7.
    Schechter, S., Dhamija R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: IEEE Symposium on Security and Privacy, pp. 51–65 (2007)Google Scholar
  8. 8.
    Herzberg, A., Jbara, A.: Security and identification indicators for browsers against spoofing and phishing attacks. ACM Trans. Internet Technol. 8(4), 1–36 (2008). Article 16CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Samuel N. Smith
    • 1
    Email author
  • Fiona Fui-Hoon Nah
    • 1
  • Maggie X. Cheng
    • 1
  1. 1.Missouri University of Science and TechnologyRollaUSA

Personalised recommendations