IDEAS home Printed from https://ideas.repec.org/p/ipt/iptwpa/jrc103188.html
   My bibliography  Save this paper

The Effect of Warning Messages on Secure Behaviour Online: Results from a Lab Experiment

Author

Abstract

Objective: The level of online security is affected by technical factors, natural events and human behaviour. The purpose of this research is to contribute to policy actions that lead consumers to increase online security. It tests several warning messages based on the literature of behavioural insights that may persuade consumers to behave more securely while online, thus diminishing their chances of suffering a cyber-attack. Methods: A lab experiment was conducted in Spain (n=600). Participants had to make some online shopping decisions, and were assigned a quantity of money. The incentive for participating in the experiment depended on how secure their behaviour was during the purchasing process as regards: choosing a safe connection, providing less information during the sign-up process, choosing a strong password, choosing a trusted vendor, and logging-out. Each decision they made could increase their chances of suffering a cyber-attack at the end of the experiment and losing part of the incentive if it was less safe. Other factors that may affect secure behaviour were measured through a pre-purchase and a post-purchase questionnaire. Findings: Results show that long security messages and messages accompanied by a male anthropomorphic character will lead consumers to disclose less personal information when signing-up to an e-commerce website. A loss-framed security message will make subjects choose a trusted vendor over an untrusted one, to log-out after purchasing on an e-commerce website. It will also make them behave more securely, if cyber security is treated as a composite indicator built on three behavioural measures (use trusted sites, use secure passwords and log-out of sites after finishing our session). None of the treatments was effective in making subjects choose a safe connection, or a stronger password. Conclusions: The design of security messages has an effect on security behaviour. The policy implications are that security awareness messages should be carefully designed and piloted before they are implemented. The lack of effect of the messages on choosing a stronger password should be further examined. This result may be related to consumers lacking information on what a strong password is, or lacking knowledge that could help them to relate stronger passwords with more secure behaviour online.

Suggested Citation

  • Nuria Rodríguez-Priego & René van Bavel, 2016. "The Effect of Warning Messages on Secure Behaviour Online: Results from a Lab Experiment," JRC Research Reports JRC103188, Joint Research Centre.
    • Handle: RePEc:ipt:iptwpa:jrc103188
    as

    Download full text from publisher

    File URL: https://publications.jrc.ec.europa.eu/repository/handle/JRC103188
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Jacoby, Jacob & Speller, Donald E & Berning, Carol A Kohn, 1974. "Brand Choice Behavior as a Function of Information Load: Replication and Extension," Journal of Consumer Research, Journal of Consumer Research Inc., vol. 1(1), pages 33-42, June.
    2. Ann-Renée Blais & Elke U. Weber, 2006. "A Domain-Specific Risk-Taking (DOSPERT)Scale for Adult Populations," CIRANO Working Papers 2006s-24, CIRANO.
    3. Daniel Kahneman & Amos Tversky, 2013. "Prospect Theory: An Analysis of Decision Under Risk," World Scientific Book Chapters, in: Leonard C MacLean & William T Ziemba (ed.), HANDBOOK OF THE FUNDAMENTALS OF FINANCIAL DECISION MAKING Part I, chapter 6, pages 99-127, World Scientific Publishing Co. Pte. Ltd..
    4. Scammon, Debra L, 1977. ""Information Load" and Consumers," Journal of Consumer Research, Journal of Consumer Research Inc., vol. 4(3), pages 148-155, December.
    5. repec:cup:judgdm:v:1:y:2006:i::p:33-47 is not listed on IDEAS
    6. Heather Rosoff & Jinshu Cui & Richard S. John, 2013. "Heuristics and biases in cyber security dilemmas," Environment Systems and Decisions, Springer, vol. 33(4), pages 517-529, December.
    7. Alen Nosić & Martin Weber, 2010. "How Riskily Do I Invest? The Role of Risk Attitudes, Risk Perceptions, and Overconfidence," Decision Analysis, INFORMS, vol. 7(3), pages 282-301, September.
    8. D. Harrison McKnight & Vivek Choudhury & Charles Kacmar, 2002. "Developing and Validating Trust Measures for e-Commerce: An Integrative Typology," Information Systems Research, INFORMS, vol. 13(3), pages 334-359, September.
    9. Moon, Youngme, 2000. "Intimate Exchanges: Using Computers to Elicit Self-Disclosure from Consumers," Journal of Consumer Research, Journal of Consumer Research Inc., vol. 26(4), pages 323-339, March.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. René van Bavel & Nuria Rodríguez-Priego, 2016. "Testing the Effect of the Cookie Banners on Behaviour," JRC Research Reports JRC103997, Joint Research Centre.
    2. René van Bavel & Nuria Rodríguez-Priego, 2016. "Nudging Online Security Behaviour with Warning Messages: Results from an Online Experiment," JRC Research Reports JRC103223, Joint Research Centre.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Maroufkhani, Parisa & Asadi, Shahla & Ghobakhloo, Morteza & Jannesari, Milad T. & Ismail, Wan Khairuzaman Wan, 2022. "How do interactive voice assistants build brands' loyalty?," Technological Forecasting and Social Change, Elsevier, vol. 183(C).
    2. Anish Nagpal & Adwait Khare & Tilottama Chowdhury & Lauren Labrecque & Ameet Pandit, 2011. "The impact of the amount of available information on decision delay: The role of common features," Marketing Letters, Springer, vol. 22(4), pages 405-421, November.
    3. Zion, Uri Ben & Erev, Ido & Haruvy, Ernan & Shavit, Tal, 2010. "Adaptive behavior leads to under-diversification," Journal of Economic Psychology, Elsevier, vol. 31(6), pages 985-995, December.
    4. Ranganathan, Kavitha & Lejarraga, Tomás, 2021. "Elicitation of risk preferences through satisficing," Journal of Behavioral and Experimental Finance, Elsevier, vol. 32(C).
    5. Anna Fielder & Riina Vuorikari & Nuria Rodriguez-Priego & Yves Punie, 2016. "Background Review for Developing the Digital Competence Framework for Consumers: A snapshot of hot-button issues and recent literature," JRC Research Reports JRC103332, Joint Research Centre.
    6. Sara Moussawi & Marios Koufaris & Raquel Benbunan-Fich, 2021. "How perceptions of intelligence and anthropomorphism affect adoption of personal intelligent agents," Electronic Markets, Springer;IIM University of St. Gallen, vol. 31(2), pages 343-364, June.
    7. Heß, Moritz & Scheve, Christian von & Schupp, Jürgen & Wagner, Aiko & Wagner, Gert G., 2018. "Are Political Representatives More Risk-Loving Than the Electorate? Evidence from German Federal and State Parliaments," EconStor Open Access Articles and Book Chapters, ZBW - Leibniz Information Centre for Economics, vol. 4, pages 1-7.
    8. Manel Baucells & Cristina Rata, 2006. "A Survey Study of Factors Influencing Risk-Taking Behavior in Real-World Decisions Under Uncertainty," Decision Analysis, INFORMS, vol. 3(3), pages 163-176, September.
    9. Ronayne, David & Sgroi, Daniel & Tuckwell, Anthony, 2021. "Evaluating the sunk cost effect," Journal of Economic Behavior & Organization, Elsevier, vol. 186(C), pages 318-327.
    10. Ben Q. Liu & Dale L. Goodhue, 2012. "Two Worlds of Trust for Potential E-Commerce Users: Humans as Cognitive Misers," Information Systems Research, INFORMS, vol. 23(4), pages 1246-1262, December.
    11. James Alm & Antoine Malézieux, 2021. "40 years of tax evasion games: a meta-analysis," Experimental Economics, Springer;Economic Science Association, vol. 24(3), pages 699-750, September.
    12. Andrea Lippi & Laura Barbieri & Mariacristina Piva & Werner De Bondt, 2018. "Time-varying risk behavior and prior investment outcomes: Evidence from Italy," Judgment and Decision Making, Society for Judgment and Decision Making, vol. 13(5), pages 471-483, September.
    13. René van Bavel & Nuria Rodríguez-Priego, 2016. "Nudging Online Security Behaviour with Warning Messages: Results from an Online Experiment," JRC Research Reports JRC103223, Joint Research Centre.
    14. Gürdal, Mehmet Y. & Kuzubaş, Tolga U. & Saltoğlu, Burak, 2017. "Measures of individual risk attitudes and portfolio choice: Evidence from pension participants," Journal of Economic Psychology, Elsevier, vol. 62(C), pages 186-203.
    15. Paolo Crosetto & Antonio Filippin, 2013. "The “bomb” risk elicitation task," Journal of Risk and Uncertainty, Springer, vol. 47(1), pages 31-65, August.
    16. Idris Adjerid & Alessandro Acquisti & George Loewenstein, 2019. "Choice Architecture, Framing, and Cascaded Privacy Choices," Management Science, INFORMS, vol. 67(5), pages 2267-2290, May.
    17. W. Eric Lee & Amy M. Hageman, 2018. "Talk the Talk or Walk the Walk? An Examination of Sustainability Accounting Implementation," Journal of Business Ethics, Springer, vol. 152(3), pages 725-739, October.
    18. Christine Kaufmann & Martin Weber & Emily Haisley, 2013. "The Role of Experience Sampling and Graphical Displays on One's Investment Risk Appetite," Management Science, INFORMS, vol. 59(2), pages 323-340, July.
    19. Sumeet Gupta & Haejung Yun & Heng Xu & Hee-Woong Kim, 2017. "An exploratory study on mobile banking adoption in Indian metropolitan and urban areas: a scenario-based experiment," Information Technology for Development, Taylor & Francis Journals, vol. 23(1), pages 127-152, January.
    20. Zamri Ahmad & Haslindar Ibrahim & Jasman Tuyon, 2017. "Institutional investor behavioral biases: syntheses of theory and evidence," Management Research Review, Emerald Group Publishing Limited, vol. 40(5), pages 578-603, May.

    More about this item

    Keywords

    cybersecurity; nudging; online behaviour; behavioural economics;
    All these keywords.

    NEP fields

    This paper has been announced in the following NEP Reports:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:ipt:iptwpa:jrc103188. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Publication Officer (email available below). General contact details of provider: https://edirc.repec.org/data/ipjrces.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.