基于auth安全分析框架的马来西亚金融科技行业用户认证评估研究

IF 0.7 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Cases on Information Technology Pub Date : 2023-03-02 DOI:10.4018/jcit.318703

S. Tan, G. Chung

{"title":"基于auth安全分析框架的马来西亚金融科技行业用户认证评估研究","authors":"S. Tan, G. Chung","doi":"10.4018/jcit.318703","DOIUrl":null,"url":null,"abstract":"The increased cyberattack frequency and ferocity have alerted the fintech industry in detecting existential security threats and risks. Various authentication mechanisms have been deployed to countermeasure cyberattacks; whether these deployed solutions fulfil the security and technical standards has not been significantly investigated. This article proposed an uAuth security analytics framework to evaluate the deployed user authentication mechanisms. Subsequently, the technical evaluation study covered ten major commercial banks in Malaysia, whereas 120 respondents aged 18 to 25 participated in the user awareness study. The result found that mobile banking enforces more robust user authentication mechanisms than internet banking in Malaysia. As 80% of the Malaysia fintech systems only ranked as Level 3 of the uAuth security analytics framework, the authors urge Malaysia fintech industry to enhance their authentication factor, login and transaction verification methods, password policy, as well as readiness for quantum-safe security technologies.","PeriodicalId":43384,"journal":{"name":"Journal of Cases on Information Technology","volume":" ","pages":""},"PeriodicalIF":0.7000,"publicationDate":"2023-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An Evaluation Study of User Authentication in the Malaysian FinTech Industry With uAuth Security Analytics Framework\",\"authors\":\"S. Tan, G. Chung\",\"doi\":\"10.4018/jcit.318703\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The increased cyberattack frequency and ferocity have alerted the fintech industry in detecting existential security threats and risks. Various authentication mechanisms have been deployed to countermeasure cyberattacks; whether these deployed solutions fulfil the security and technical standards has not been significantly investigated. This article proposed an uAuth security analytics framework to evaluate the deployed user authentication mechanisms. Subsequently, the technical evaluation study covered ten major commercial banks in Malaysia, whereas 120 respondents aged 18 to 25 participated in the user awareness study. The result found that mobile banking enforces more robust user authentication mechanisms than internet banking in Malaysia. As 80% of the Malaysia fintech systems only ranked as Level 3 of the uAuth security analytics framework, the authors urge Malaysia fintech industry to enhance their authentication factor, login and transaction verification methods, password policy, as well as readiness for quantum-safe security technologies.\",\"PeriodicalId\":43384,\"journal\":{\"name\":\"Journal of Cases on Information Technology\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.7000,\"publicationDate\":\"2023-03-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cases on Information Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/jcit.318703\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cases on Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/jcit.318703","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 1

摘要

不断增加的网络攻击频率和凶猛程度提醒了金融科技行业如何检测存在的安全威胁和风险。已部署各种身份验证机制以对抗网络攻击;这些部署的解决方案是否满足安全和技术标准还没有进行重大调查。本文提出了一个uAuth安全分析框架来评估已部署的用户身份验证机制。随后，技术评价研究覆盖了马来西亚的十家主要商业银行，而120名18至25岁的受访者参与了用户意识研究。结果发现，在马来西亚，手机银行比网上银行执行更强大的用户认证机制。由于马来西亚80%的金融科技系统仅被列为uAuth安全分析框架的第3级，作者敦促马来西亚金融科技行业加强其身份验证因素，登录和交易验证方法，密码政策以及对量子安全安全技术的准备。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Evaluation Study of User Authentication in the Malaysian FinTech Industry With uAuth Security Analytics Framework

The increased cyberattack frequency and ferocity have alerted the fintech industry in detecting existential security threats and risks. Various authentication mechanisms have been deployed to countermeasure cyberattacks; whether these deployed solutions fulfil the security and technical standards has not been significantly investigated. This article proposed an uAuth security analytics framework to evaluate the deployed user authentication mechanisms. Subsequently, the technical evaluation study covered ten major commercial banks in Malaysia, whereas 120 respondents aged 18 to 25 participated in the user awareness study. The result found that mobile banking enforces more robust user authentication mechanisms than internet banking in Malaysia. As 80% of the Malaysia fintech systems only ranked as Level 3 of the uAuth security analytics framework, the authors urge Malaysia fintech industry to enhance their authentication factor, login and transaction verification methods, password policy, as well as readiness for quantum-safe security technologies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Cases on Information Technology COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

2.60

自引率

0.00%

发文量

期刊介绍： JCIT documents comprehensive, real-life cases based on individual, organizational and societal experiences related to the utilization and management of information technology. Cases published in JCIT deal with a wide variety of organizations such as businesses, government organizations, educational institutions, libraries, non-profit organizations. Additionally, cases published in JCIT report not only successful utilization of IT applications, but also failures and mismanagement of IT resources and applications.