Examining Information Security Knowledge, Attitude, and Behaviour among Mobile Banking Users in Zanzibar
Abstract
Mobile banking is becoming increasingly popular in Zanzibar. This study examines the information security knowledge, attitudes, and behaviours of mobile banking users in the region. A descriptive approach was employed with a quantitative research design. Data were collected from a sample of 95 mobile banking users in Zanzibar, as calculated using the Yamane formula based on the total population. The data collected through questionnaires was analysed using SPSS version 26. The analysis revealed that users have a moderate level of awareness concerning various cybersecurity risks associated with mobile banking. They recognised the importance of using strong passwords and understood that clicking on unknown links or attachments in emails could compromise their security. However, awareness was lower regarding the privacy risks of sharing personal information on social media. Additionally, the findings indicated that a moderate proportion of respondents acknowledged the risks associated with using public Wi-Fi for banking transactions. The study also found that participants had a moderate level of confidence in the effectiveness of two-factor authentication (2FA) for securing mobile banking. Moreover, most respondents moderately checked if a website was secure (e.g., HTTPS) before entering personal information. Based on these findings, the study recommends developing comprehensive information security awareness programs, utilising registered or recommended hardware and software to enhance security, maximising data protection against malware, improving the interactivity of mobile banking applications while addressing security concerns, and emphasising the usefulness and security features of mobile banking services in marketing efforts
Downloads
References
Ali, S., Khan, S., & Usman, M. (2021). Two-factor authentication for mobile banking: A study on user perception and effectiveness. International Journal of Cyber Security and Digital Forensics, 10(3), 201-215.
Andress, J. (2014). The basics of information security: Understanding the fundamentals of InfoSec in theory and practice. Syngress.
Arain, M. A., Tarhini, A., & Khan, S. (2019). Enhancing IT security awareness through online training programs: An empirical study. Computers & Security, 84, 15-26.
Arisya, F., Suryana, N., & Nugroho, A. (2020). Evaluating security awareness among mobile banking users using the knowledge-attitude-behavior model and analytic hierarchy process.
Ben-Asher, N., Kirschnick, N., Sieger, H., Meyer, J., Ben-Oved, A., & Möller, S. (2011). On the need for different security methods on mobile phones. Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services (MobileHCI).
Dawood, H., Pournaghi, S. M., & Jøsang, A. (2017). The effect of user awareness on risky online behavior: An empirical study. Computers & Security, 70, 398-410.
Du, J., & Agami, N. (2017). Perceptions of mobile banking security: The case of young users in China. International Journal of Mobile Communications, 15(6), 620-644.
Gharaibeh, N. K. (2013). The adoption of e-banking: The case of Omani banks. International Review of Management and Business Research, 2(2), 600-615.
Golla, M., Krombholz, K., Hupperich, T., Holz, T., & Dürmuth, M. (2018). The password reset MitM attack: How to bypass account recovery in two-factor authentication. 27th USENIX Security Symposium.
Gupta, S., & Arif, M. (2017). Adoption of internet banking service in Tanzania: The influencing factors. University of Dar es Salaam Library Journal, 12(2), 101-118.
Hong, W. (2019). Privacy and security concerns in mobile banking adoption: The role of trust and risk perception. Journal of Information Security and Applications, 46, 42-50.
Jalali, R., Siegel, M., & Madnick, S. (2020). Trust and security in online banking: Insights from customer behavior. Journal of Cybersecurity, 6(1), tyaa010.
Kennison, M., & Chan-Tin, E. (2020). Cybersecurity interventions and user behavior: The impact of personality traits on security practices. Journal of Cybersecurity Education, Research and Practice, 5(1), 7.
Khan, M. A., Alghamdi, N. S., & Khan, R. A. (2023). Phishing awareness and reporting behavior: The role of security training. Journal of Cybersecurity Awareness, 15(2), 125-138.
Kruger, H. A., & Kearney, W. D. (2006). A prototype for assessing information security awareness. Computers & Security, 25(4), 289-296.
Krol, K., Moroz, M., & Sasse, M. A. (2015). Don't work for free: A theory of password security and user behavior. Proceedings of the 11th Symposium on Usable Privacy and Security (SOUPS).
Likert, R. (1932). A technique for the measurement of attitudes. Archives of Psychology, 22(140), 1-55.
Limna, C., et al. (2023). Correlation between cybersecurity knowledge, awareness, and behavioral security practices among mobile banking users in Thailand.
Malero, E. (2015). Security awareness among mobile money users in Tanzania. International Journal of Computer Applications, 115(6), 1-7.
Meier, F., Krombholz, K., Hupperich, T., Holz, T., & Dürmuth, M. (2020). Usability of privacy policies and controls in mobile applications. Proceedings of the IEEE Symposium on Security and Privacy.
Nilsson, A., Adams, A., & Herdman, J. (2005). Security and trust in online banking: A comparative study of user perceptions. Financial Cryptography and Data Security.
Obadia, A. (2016). Cyber security threats, vulnerabilities, and security solutions in the mobile banking sector.
Parno, B., Perrig, A., & Gligor, V. (2006). Distributed detection of node replication attacks in sensor networks. Proceedings of the IEEE Symposium on Security and Privacy.
Ramadhani, A., et al. (2024). Assessment of information security awareness using the human aspects of information security questionnaire (HAIS-Q).
Sarikakis, K., & Winter, L. (2017). Social media and privacy: The perception of control. Media and Communication, 5(1), 28-36.
Shaikh, A. A., & Karjaluoto, H. (2015). Mobile banking adoption: A literature review. Telematics and informatics, 32(1), 129-142.
Shah, N., Patel, K., & Rathi, A. (2022). User awareness and security perceptions in e-government services: An analysis of security practices. Government Information Quarterly, 39(1), 101644.
Stephen, M. (2021). Cyber security dynamics and usage of mobile banking services among commercial bank customers in Tanzania.
Suman, G., & Sujata, M. (2020). Measuring user-perceived security of mobile banking applications. arXiv preprint arXiv:2201.03052.
Tsai, H. Y., & Su, C. (2020). Cybersecurity awareness and behavioral intentions: An empirical study on online users. Computers in Human Behavior, 103, 31-40.
Wazid, M., Zeadally, S., & Das, A. K. (2019). Mobile banking: Evolution and threats: Malware threats and security solutions. IEEE Consumer Electronics Magazine, 8(2), 56-60.
Whitman, M. E., & Mattord, H. J. (2012). Principles of information security. Cengage Learning.
Yamane, T. (1967). Statistics: An introductory analysis (2nd ed.). Harper and Row.
Zhang, X., Wang, Q., & Li, J. (2022). Evaluating website security awareness among online users: The role of HTTPS and security indicators. International Journal of Information Security, 21(4), 377-391.
Copyright (c) 2025 Zedi Abdalla Khamis
This work is licensed under a Creative Commons Attribution 4.0 International License.
