Browsing by Author "Butler, Rika"

Now showing 1 - 4 of 4
  • Thumbnail Image
    Item
    B2B and the supplier : preventing repudiation of orders in an open account system
    (Stellenbosch : University of Stellenbosch, 2003-12) Butler, Rika; Boshoff, W. H.; University of Stellenbosch. Faculty of Economic and Management Sciences. Dept. of Accountancy.
  • Thumbnail Image
    Item
    The password practices applied by South African online consumers : perception versus reality
    (AOSIS Publishing, 2015-07) Butler, Rika; Butler, Martin
    Background: The ability to identify and authenticate users is regarded as the foundation of computer security. Although new authentication technologies are evolving, passwords are the most common method used to control access in most computer systems. Research suggests that a large portion of computer security password breaches are the result of poor user security behaviour. The password creation and management practices that online consumers apply have a direct effect on the level of computer security and are often targeted in attacks. Objectives: The objective of this study was to investigate South African online consumers’ computer password security practices and to determine whether consumers’ perceptions regarding their password security ability is reflected in the password creation and management practices that they apply. Method: A Web-based survey was designed to (1) determine online consumers’ perceptions of their skills and competence in respect of computer password security and (2) determine the practices that South African online consumers apply when creating and managing passwords. The measures applied were then compared to (1) the users’ perceptions about their computer password security abilities and (2) the results of international studies to determine agreement and inconsistencies. Results: South African online consumers regard themselves as proficient password users. However, various instances of unsafe passwords practices were identified. The results of this South African study correspond with the results of various international studies confirming that challenges to ensure safe online transacting are in line with international challenges. Conclusion: There is a disparity between South African online consumers’ perceived ability regarding computer password security and the password creation and management practices that they apply.
  • Thumbnail Image
    Item
    Smartphone user threat avoidance behaviour in South Africa
    (Stellenbosch : Stellenbosch University, 2021-12) Butler, Rika; Boshoff, Willie; Kidd, Martin; Stellenbosch University. Faculty of Economic and Management Sciences. Dept. of Economics.
    ENGLISH SUMMARY: Unsafe smartphone user behaviour increases users’ susceptibility to mobile threats, which could expose sensitive and confidential information. A better understanding of aspects that motivate users to behave in a secure manner will enable the design of suitable interventions and tools to improve mobile security and contribute to the academic discourse in a relatively new research area. The purpose of this study was to gain a deeper understanding of smartphone user behaviour in the South African context, given the rise in the incidence of mobile threats and the limited extent of empirical research. To achieve the research objective, the study was conducted in three phases for the purpose of: (1) identifying the factors that influence smartphone users’ behaviour; (2) developing and validating an instrument to measure user behaviour; and (3) assessing a structural model for smartphone users’ threat avoidance behaviour. This study illustrated and confirmed the usefulness of structured literature reviews as a research tool in this field. It demonstrated that structured literature reviews can serve as a solid starting point for research studies. Through a systematic literature review of behavioural studies in the smartphone context, six factors that either drive or challenge users’ declarative knowledge and procedural knowledge were identified. These factors were combined with the underlying principles of the Technology Threat Avoidance Theory, a validated human behavioural model, which has been applied to explain user behaviour in computer and mobile contexts. Based on this foundation, a research model for smartphone users’ threat avoidance behaviour was developed. Following a robust methodology, rooted in theory, items for the measurement of 11 constructs were adapted for the smartphone context from existing instruments. New items were formulated where this was not possible. Measures were taken to ensure clear and non-ambiguous item formulation. The measurement instrument was validated through two rounds of pilot testing. The study highlighted the need for researchers to investigate the theoretical underpinnings of constructs that seem highly correlated before combining them into a single construct. Highly correlated constructs were investigated and arguments were presented to show that these constructs were conceptually distinct and that to group them into a single construct would not make theoretical sense. Data obtained when the survey was distributed to a sample of South African smartphone users were analysed, using structural equation modelling. A significant association between the avoidance motivation and avoidance behaviour of smartphone users was confirmed. In their threat appraisal, users’ behaviour was significantly influenced by their perception that a threat exists. Users’ ability to discern when a mobile threat is present and the perceived severity of the threat were significant predictors of users’ perceived threat. In their coping appraisal, the perceived effectiveness of a safeguard, users’ perceived ability to use that safeguard, and the perceived associated cost significantly affected their motivation to avoid a threat. The model developed supported the applicability of the Technology Threat Avoidance Theory in the smartphone context. Furthermore, the model extended and refined the Theory with three constructs, namely Threat Discernment Ability, Safeguard Awareness and Perceived Gratification. The model was able to explain 47% of the variance in smartphone users’ avoidance motivation and 57% of their avoidance behaviour. These are significantly greater percentages than previous South African studies have been able to explain. This study answers a call for research into human behaviour in the smartphone context. It refines and extends the Technology Threat Avoidance Theory, as invited by its authors. As smartphone user behaviour is a relatively new research domain, researchers are encouraged to focus on aspects that motivate safe smartphone user behaviour. Researchers are invited to validate, refine or extend the model to improve its explanatory power for smartphone user behaviour. Industry practitioners are encouraged to focus on matters found to affect smartphone behaviour negatively, such as users’ misconceptions and undue trust in mobile security. Initiatives should focus not only on improving users’ theoretical knowledge, but also on enhancing users’ abilities. Improving the usability and reducing the cost of smartphone security were highlighted, as associated challenges affected user behaviour negatively. Making safeguards easier to use represents a means to increase both its adoption and appropriate use. If the aspects that hinder smartphone users’ motivation to behave securely can be reduced, this will improve overall smartphone security.
  • Thumbnail Image
    Item
    Some password users are more equal than others : towards customisation of online security initiatives
    (AOSIS Publishing, 2018) Butler, Rika; Butler, Martin
    Background: Online security is a growing concern and user authentication through passwords remains an important mechanism to protect online assets. Research to date has highlighted the need to address human behaviour but without an indication of where the emphasis of security education, training and awareness (SETA) initiatives should be, beyond improved password practices. Objectives: The aim of this study was to, through analysis of the password behaviour of South African online consumers: (1) understand the prevalence of poor password practices among consumers overall and (2) identify specific password deficiencies prevalent among different demographic groups to be focus areas for tailored intervention programmes. Method: The study uses a quantitative research approach. An online survey was used to gather demographic data, perceptions about online security and applied password practices. A sample of 737 valid responses was analysed for this research. Results: Based on the descriptive analysis of the responses three key observations were made. Firstly, there is a distinct difference in the incidence of poor password practices for all respondents and thus support for tailored interventions. Secondly, there are variances between the practices within different demographic groups that could be used for customisation of interventions. Finally, the different poor practices cannot be uniquely attributed to one particular set of demographics. Conclusion: The study concluded that to improve computer password security in South Africa, password SETA programmes should be customised for areas where individual needs exist and not merely per password practice or demographic group.