EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

The Effect of Warning Messages on Secure Behaviour Online: Results from a Lab Experiment

Nuria Rodriguez-Priego and Rene van Bavel

No JRC103188, JRC Research Reports from Joint Research Centre

Abstract: Objective: The level of online security is affected by technical factors, natural events and human behaviour. The purpose of this research is to contribute to policy actions that lead consumers to increase online security. It tests several warning messages based on the literature of behavioural insights that may persuade consumers to behave more securely while online, thus diminishing their chances of suffering a cyber-attack. Methods: A lab experiment was conducted in Spain (n=600). Participants had to make some online shopping decisions, and were assigned a quantity of money. The incentive for participating in the experiment depended on how secure their behaviour was during the purchasing process as regards: choosing a safe connection, providing less information during the sign-up process, choosing a strong password, choosing a trusted vendor, and logging-out. Each decision they made could increase their chances of suffering a cyber-attack at the end of the experiment and losing part of the incentive if it was less safe. Other factors that may affect secure behaviour were measured through a pre-purchase and a post-purchase questionnaire. Findings: Results show that long security messages and messages accompanied by a male anthropomorphic character will lead consumers to disclose less personal information when signing-up to an e-commerce website. A loss-framed security message will make subjects choose a trusted vendor over an untrusted one, to log-out after purchasing on an e-commerce website. It will also make them behave more securely, if cyber security is treated as a composite indicator built on three behavioural measures (use trusted sites, use secure passwords and log-out of sites after finishing our session). None of the treatments was effective in making subjects choose a safe connection, or a stronger password. Conclusions: The design of security messages has an effect on security behaviour. The policy implications are that security awareness messages should be carefully designed and piloted before they are implemented. The lack of effect of the messages on choosing a stronger password should be further examined. This result may be related to consumers lacking information on what a strong password is, or lacking knowledge that could help them to relate stronger passwords with more secure behaviour online.

Keywords: cybersecurity; nudging; online behaviour; behavioural economics (search for similar items in EconPapers)
Pages: 53 pages
Date: 2016-11
New Economics Papers: this item is included in nep-exp and nep-pay
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (2)

Downloads: (external link)
https://publications.jrc.ec.europa.eu/repository/handle/JRC103188 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:ipt:iptwpa:jrc103188

Access Statistics for this paper

More papers in JRC Research Reports from Joint Research Centre Contact information at EDIRC.
Bibliographic data for series maintained by Publication Officer ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-01
Handle: RePEc:ipt:iptwpa:jrc103188