Chapter 37 Understanding Security in Consumer Adoption of Internet Banking: Biometrics Technology Implementation in the Malaysian Banking Context

Normalini M. K.

Universiti Sains Malaysia, Malaysia

T. Ramayah

Universiti Sains Malaysia, Malaysia

ABSTRACT

As a continually growing financial service of electronic commerce, Internet banking requires the devel­opment and implementation of a sound security procedure.

INTRODUCTION

Global Internet users exceeded 2,267 million people in December 2011 (IWS, 2012), offering a huge new market for Internet-based services such

as Internet banking. Since the new millennium, Internet banking has experienced explosive growth in many countries and has transformed traditional banking practices. By offering Internet banking services, traditional financial institutions seek

DOI: 10.4018/978-1-4666-6268-1.ch037

.

to lower operational costs, improve consumer banking services, retain consumers and expand their share of customers. Internet based banks can operate at an expense ratio of 15-20% compared to 50-60& for the average bank (Booz, Allen, & Hamilton, 1997).

In the new banking environment, Internet banking is increasingly managed as an operational activity and an important component of a multi­channelled strategy. However, the Internet is an open environment. Online applications or tech­nologies are typically exposed to security threats such as worms, crackers, viruses, spoofing, and password-sniffing. According to Sathye (1999), in Australia the main obstacle of Internet banking adoption is the security concern and the lack of awareness and benefit of the system.

Security concerns in Internet banking include threats made through network and data transactions or authentication unauthorized account access due to authentication failure. Perceived security, then is the “customers’ perception of the degree of protection against these threats” (Yousafzai, Pallister, & Foxall, 2003). Internet banking and the issues surrounding authentication, which is the mechanism at the heart of e-commerce security, is shown in Figure 1. The diagram presents the implementation of appropriate authentication mechanisms to ensure an adequate level of trust between the parties conducting the transaction.

Customers are apprehensive about the security of their personal financial information that could be accessed via the Internet. The need for security has already been recognized within the electronic banking community and a number of technologies have been developed to secure electronic transac­tions. The most common approaches used to secure current online transactions are the incorporation of the 128-bit RSA encryption key technology to Web browsers the use of digital certificates and firewalls.

This study will examine the key factors influ­encing consumer adoption of Internet banking. To identify the slow growth trend of Internet banking adoption in Malaysia, a number of studies have been conducted in Malaysia and other countries.

Figure 1. Implementation of appropriate authentication mechanisms

There are a few security issues occuring in Malaysian Internet banking such as Online Iden­tity Fraud or Phishing. “Phishing” is a type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites. Online identity fraud also known as “Phishing” occurs when fraudsters pose as trusted organizations and send out thousands of fraudulent emails to random email addresses. These e-mails usually contain a link to a look­alike website that will trick bank customers into revealing sensitive information such as their user ID, password and TAC. The sensitive information enables the fraudsters to access the customer’s bank account.

While numerous studies have been undertaken to examine issues in the wider context of e-banking and customer loyalty, comprehensive research in the area of e-banking issues and customer prefer­ences in the specific context of Malaysia has been rather limited. A study conducted examined the evolution of e-banking in Malaysia and analyzed the various electronic delivery channels such as automated teller machines (ATM), telebanking and PC banking (Balachandher, Santha, Norhazlin, & Rajendra, 2000).

Ramayah, Ismail, and Koay (2002) identified the following six external variables that influ­ence Internet banking adoption among Malaysian consumers namely, prior experience, training, per­ceived risk, awareness, cost and external pressure. This study highlighted the fact that the majority of respondents have no experience in using Internet banking. Another study by Rouibah, Ramayah, and Oh (2009) found that five factors (perceived ease of use, perceived usefulness, attitude, subjective norms and perceived behavioral control) have a direct positive effect on behavioral intention to use.

This study also revealed that the Theory of Planned Behavior (TPB) model has the best explanatory power, followed by the Theory of Reasoned Action (TRA) and the Technology Acceptance Model (TAM) models. This research represents a unique study in the e-banking field that compare three models (TRA, TPB, and TAM) adoption in Malaysia. However, results testing the explanatory power of the different models revealed that TAM model has the best explanatory power, followed by TPB and TRA models (Rouibah, Ramayah, & Oh, 2011).

Raju, Thiagarajan, and Seetharaman (2007) studied the extent of decision to adopt and the growth of the Internet banking services by Malay­sian consumers. A study conducted by Marhana, Fadzli, and Zakaria (2012) revealed that a majority of Muslim consumers have not used Internet bank­ing due to the fact that some people still have no opportunity to use the service and unsure of the security of such a service. Hanudin and Ramayah (2010) found that Perceived security and privacy (PSP) was one of the key factors to determine a bank customer’s intention to use SMS banking.

Thomas, Kellermann, and McNevin (2002) highlighted the fact that electronic security adds value to a naked network. Electronic security is composed of soft and hard infrastructure.

Perceived trustworthiness is defined as the customers’ perception of confidence in the bank’s competence, integrity and benevolence to provide the banking and financial services over the In­ternet (Yousafzai et al., 2003). Previous research has shown that trusting perceptions directly or indirectly influence the e-consumer’ s intentions to purchase (Grazioli & Jarvenpaa, 2000). Electronic banking decisions involve trust not simply on the transaction medium but also between the customer and the bank or the financial service provider.

The banking and financial industries report the highest incidence of misuse, a total of 57%, which is directly related to these industries having one of the highest dependencies on computers in the workplace (Hutchinson, 2000). A security breach at Citibank six years ago is still extensively cited in banking and security circles, being one of the few successful electronic bank frauds on record (Barlotta, 1999). The incident involved hackers who penetrated Citibank’s security system and progressively wired money to banks around the world. When the heist was discovered in September 1994, US$10 million was gone.

Since further information to better understand Internet banking in Malaysia is needed, this re­search investigates the security effect and trust on consumer’s intention to continue use Internet bank­ing. Secondly, this study looks at the relationship between each of the security requirement factors on intention to continue using Internet banking and investigate whether perceived trustworthiness and perceived effectiveness of biometrics technologies usage moderates the relationship between security and trust towards intention to continue using the Internet banking system.

BACKGROUND

The Malaysian banking sector comprises licensed institutions; namely commercial banks, finance companies, merchant banks, discount houses and money brokers which are licensed under the B ank- ing and Financial Institutions Act 1989 (BAFIA) and supervised by Bank Negara Malaysia (BNM, 2009). The banking sector plays an important role as financial intermediary and is a primary source of financing for the domestic economy, accounting for about 70% of the total assets of the financial system as at the end of 1999. At the year of2000, there were 31 commercial banks (of which 14 were fully foreign-owned), 19 finance companies, 12 merchant banks and 7 discount houses. Upon completion of a merger program among domestic banking institutions, the number of domestic banking institutions was significantly reduced to 10 domestic banking groups consisting of 10 commercial banks, 10 finance companies and 9 merchant banks. Currently, the domestic bank­ing institutions (excluding the discount houses) control about 75% of the banking sector’s market share in terms of total assets and total deposits (BNM, 2009).

Technological development particularly in the area of telecommunications and information technology is revolutionizing the banking indus­try. With the proliferation of Internet expansion and computer usage, the electronic delivery of banking services has become ideal for banks to meet customer expectations. Competiveness in the industry has resulted in the Malaysian Govern­ment to structure a legal framework for banks to provide Internet Banking services.

On June 1, 2000, the Malaysian Central Bank gave the green light for locally owned commercial banks to offer Internet banking services. On June 15, 2000, Maybank, the largest domestic bank became the first bank to offer Internet banking services in Malaysia. On August 7, 2002, 8 Malay­sian Commercial Banks started offering Internet banking services. They were the Alliance Bank Malaysia Berhad, Ambank Berhad, Bumiputra- Commerce Bank Berhad, Hong Leong Bank Berhad, Malayan Banking Berhad, Public Bank Berhad RHB Bank Berhad and Southern Bank Berhad (Suganthi et al., 2001). Presently, only banks licensed under the Banking and Financial Institution Act 1989 (BAFIA) and the Islamic Banking Act 1983 are allowed to offer Internet Banking services in Malaysia. To date, there are 22 commercial banks registered with B ank Negara Malaysia which includes 9 local banks and 13 foreign banks.

In 2002, 25,000 Maybank customers and 10,000 HSBC customers had subscribed to In­ternet banking (Yu, 2002). The fact is that these two financial institutions are the leading banks in Malaysia providing Internet banking services.

Internet banking adoption in Malaysia is rela­tively low and very little research has been done to understand the key adoption determinants. Even though the electronic revolution has com­menced in Malaysia, Internet banking is still in the infancy stage. So, it has become very hard for the banking industry to design interventions that would enhance the diffusion of Internet banking (Ndubisi & Sinti, 2006).

According to Sohail and Shanmugham’s (2003), research on customer preferences for e-banking in Malaysia and the factors which influenced the adoption of electronic banking reveals that accessibility of Internet, awareness of e-banking, and customers’ reluctance to change are the factors that significantly affected the usage of e-banking in Malaysia. These studies conclude that although e-banking offers new frontiers of op­portunities, there are several critical psychological and behavioral issues that need to be addressed in trust, security, reluctance to change and a prefer­ence for human interface.

There are a few security issues occuring in Malaysian Internet banking such as Online Iden­tity Fraud or Phishing. “Phishing” is a type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites. Online identity fraud also known as “Phishing” occurs when fraudsters pose as trusted organizations and send out thousands of fraudulent emails to random email addresses. These e-mails usually contain a link to a look­alike website that will trick bank customers into revealing sensitive information such as their user ID, password and TAC. The sensitive information enables the fraudsters to access the customer’s bank account.

Past literature shows the acceptance and implementation of biometric technologies in certain government departments, the issues like new and impossible to implement in other areas should not occur and repeat. These technologies are growing to enhance the security level of au­thentication system.

The Malaysian Computer Emergency Re­sponse Team (MyCERT) consists of specialists such as Intrusion Analysts, Malware Analysts, Application Security Analysts, and Emergency Response Professionals. MyCERT operates the Cyber999 Help Centre, a public service that provides emergency response to computer secu­rity related emergencies as well as assistance in handling incidents such as computer abuses, hack attempts and other information security breaches. This MyCert Security Breaches (2005-2010) summary report provides an overview of activi­ties carried out by MyCERT (2010) relating to computer security incident handling and trends observed from the research network. The sum­mary below highlights statistics of categories of incidents handled by MyCERT from 2005 to 2010 (Refer to Table 1). In general cyber security incidents include but are not limited to:

Table 1. MyCERT Security Breaches (2005-2010)

1. Attempts to gain unauthorized access to a computer system or its data,

2. Unwanted disruption or denial of service,

3. Unauthorized use of a system for processing or storing data,

4. Changes to system hardware, firmware or software without the knowledge or consent of the system owner.

Generally, all categories show increasing trends in the number of reports every year. Fraud and intrusion recorded a high number of incidents representing 37% and 36% of incidents handled respectively for the year 2010 and this is followed by malicious code 20%, harassment 7 % and denial of service 1%. System intrusion incidents are generally attributed to web defacement. MyCERT observed that the main cause of defacements were vulnerable web applications. Fraud incidents are mostly phishing sites of local and foreign institu­tions (MyCERT, 2010).

According to Stuart, Li and Choucri (2009), Figure 2 shows a screenshot of the total CERT reported incidents of three countries including China, Malaysia, and Brazil from 2003 to 2008. The number of CERT incidents reported in the case of Brazil is much greater than that of China and Malaysia in most years. If only the linear Y- axis scale could be used, the data strands of China and Malaysia would be pushed to the bottom of the chart because of the huge differences.

PROBLEMS

According to the Association for Payment Clear­ing Services (APACS) (2008), in 2007, over 20 million adults used online banking and 93% of online banking users access their main current account. However, only 55% of Internet users bank online. Internet banking users are worried about the Internet banking security issues that are happening today. There were 1,462 money mule recruitment incidents in 2007, compared with 1,087 in 2006. There were 25,797 phishing websites targeted against UK banks and build­ing societies in 2007, up from 14,156 in 2006 (APACS, 2008).

Despite the considerable diffusion of consumer Internet banking in many countries to date, banks seek further market expansion. Currently, market growth trends are uncertain. It is possibly due to increased security concerns linked to rising iden­tity fraud and online scams. Customer confidence on e-banking would also largely depend on how the banks would deal with any erroneous transac­tional and security concerns that may occur during online banking (Sohail & Shanmugham, 2003).

In 2002, it was estimated that there were ap­proximately 800,000 Internet banking users in Malaysia with many new users signing up with their respective banks (Phang & Fernandez, 2002). Out of all the banks operating in Malaysia, May­bank had 600,000 registered users and the largest

Figure 2. Screenshot of the total CERT reported incidents from 2003 to 2008

number of Internet banking customers (Phang & Fernandez, 2002). According to the 2008 survey on household use of the Internet by Malaysian Communications and Multimedia Commission, it was shown that Internet banking usage in Malaysia was only at 31.8 percent in 2008.

According to recent studies by Raju et al. (2007) and Lu, Hsu, and Hsu (2005), it was stated that Malaysian consumers strongly agree that they are slow to adopt Internet banking because of the lack of security and reliability of transac­tions over the Internet. Clearly, in order to grow consumer Internet banking demand, banks must make key improvements that address consumer concerns. This is in line with the findings of man­agement consultants McKinsey & Co in 2000 that revealed that only 31% of Malaysians indicated an interest in adopting Internet banking, whilst an overwhelming 66% cited security and risk as their major concern (Ng, 2002).

The findings of Suganthi, et al. (2001) found that one of the important factors affecting Inter­net banking in Malaysia was security concerns. This finding is also supported by the findings of (Ramayah et al., 2002) which found that most individuals are reluctant to use Internet banking as they have concerns over security and privacy issues.

The main issues in Malaysia regarding Internet banking are the weak security and trustworthiness in the adoption of using Internet banking applica­tions. Therefore, this study will investigate security requirement factors which influence the adoption of Internet banking applications.

BIOMETRIC TECHNOLOGY IMPLEMENTATION

Biometric technology provides a range of auto­mated methods which can be used to measure and analyze a person’s physiological and behav­ioral characteristics (Alhussain & Drew, 2009). It usually involves a scanning device and related software which can be used to gather information that has been recorded in digital form. According to Alhussain and Drew (2009), by using biometric technology, e-government aims to give its citizens improved services with efficient and secure access to information by providing reliable identification of individuals as well as the ability for controlling and protecting the integrity of sensitive data stored in information systems.

In fact, in the law enforcement community, matching fingerprint images or parts of palm print images is the most common method to identify suspects and bring guilty criminals to justice. In some movies, we may also see a criminal telephone the victim and the police record the voice of the criminal and search for the criminal according to voice identification. These scenes are examples of identifying people using their unique physical features (e.g., fingerprints, palmprint, and face) or behavioral trait (e.g., voice) and automatic biometrics can help in this scenario. When au­tomatic biometrics technology became more and more mature in the law enforcement area, it was introduced into civilian applications by the biometrics product vendors.

Biometrics technology applications are not limited to the areas mentioned earlier. The tech­nology has been expanded to time, attendance and monitoring. At present, some factories and companies are using punch cards to monitor the movement of their employees. When they come to work, they need to punch a hole in their cards and punch another hole when they leave. This kind of thing can be assisted by biometrics. With a biometrics system, employees may press their fingers onto a small platform when they arrive or leave. The literature discussed thus far shows the acceptance of biometrics technology imple­mentation and it has been implemented in certain government department.

DISCUSSION

The research conducted in Sweden by Brobeck and Folkman (2005) shows that companies be­lieve that biometrics is for organizations with a very high security need. Furthermore the result shows that individuals are positive towards bio­metrics. Finger-scan is the most known, trusted and preferred technology. Most likely because it is a mature identification technique that has been around for a long time.

Fahad, Rami, and Mumtaz (2008), stated that the majority of Saudis would have a preference to use fingerprint identification methods. The study by Fahad, Rami, and Mumtaz (2010b) has confirmed the acceptance of biometrics authen­tication system using fingerprint are practically and culturally accepted by the Saudis. Another research has been conducted by Fahad, Rami, and Mumtaz (2010a), which shows the acceptance to use the biometric authentication system in the online banking environment can be predicted by using Technology acceptance model.

Security in online transactions is an issue that hinders widespread adoption of e-business in so­lutions that involve money/securities and stock. Currently, electronic transaction theft is far above armed robberies and fraudulent accounting in some countries. Likewise biometrics is increasingly being adopted in security related solutions such as in immigrations and restricted access. As with any technology, adoption approaches determine success. Research needs to be carried out to es­tablish methods that will ensure success finally.

SOLUTIONS AND RECOMMENDATIONS

The bank must first attract the banking consumer’s attention to Internet banking services before the consumer will consider Internet banking. As a continually growing financial service of electronic commerce, Internet banking requires the devel­opment and implementation of a sound security procedure. This involves designing effective meth­ods where users can be authenticated in a remote environment. Specifically for Internet banking, there is a real need for a unique way to identify and authenticate users without the possibility of their authenticity being cloned.

By reading the signals, following the trends and issues on security will not be the end for Internet banking. Internet banking crimes keep increasing every day. Thus the findings from this research will provide important suggestion to enhance the level of security in Internet banking. The cyber crime such as phishing activities keep increasing every quarter. To enhance this issue by investigating biometric authentication systems in online banking will secure the log in process to the system and removes password vulnerabilities; enhanced convenience such as employees quickly log in using their finger; reduced help desk costs by eliminating calls for password resets.

Biometrics is not a new thing in the market. Finger print is one ofthe biometric authentications which has been used since a 100 years ago for de­tering criminal purposes. In Malaysia, biometrics has been using in e-government environment and the largest department that used the biometrics technologies was National registration depart­ment. HSBC Bank in Malaysia has introduced second level of security via using Internet bank­ing which is login, password and USB device. But there is some problems which occur when customers forget to bring the USB device or the device goes missing. Therefore, implementation of biometric technologies to enhance the secu­rity level other than the normal authentication (login and password) will be the best solution and unique security solution. Although this is a new technology in Internet banking but this system has been used in other services authentication such as in immigration, airport gate, e-government, e­commerce and etc. The possibilities of biometrics technologies can be implemented in the Internet banking environment such as fingerprinting, iris, keystroke, speech and etc. The combination of the previously mention factor will be the best solution such as fingerprint with the speech or iris with the fingerprint. Fingerprint scanner via USB has been introduced in the market; iris and voice can be capture via camera and microphone. The technology has been growing very fast and most of the new computers are already packaged with all the prior peripherals.

Biometrics industry has been growing tremen­dously in developed countries like US and Japan. There are many gadgets being introduced in those countries in order to facilitate the current lifestyle. The card-less payment system should be replaced and they must be more easier, reliable, secure, cash free and tension free payment system such as biometric payment system in which no body have to take dozens of cards for shopping, traveling, pass in office, university or bank as door lock, Internet online shopping and many kinds where card system is installed (Kumar & Ryu, 2009).

FUTURE RESEARCH DIRECTIONS

Many financial institutions and government organizations have introduced their latest secure systems through the web, such as biometric authentication systems to enhance efficiency, to lessen threats and costs, and also to improve security. As a result, phishing would be reduced due to the lack of data input by users. Some banks in Malaysia have used authentication to Internet banking system by login, password and USB devices. With increasing security requirements, improving system performance, and decreasing costs, more and more biometric applications and systems are used across broad sectors of society, such as the military, government, education, and business, for both physical and logical security. Seeing that more and more financial institutions and government organizations apply the biometric technology, it is significant for them to identify factors that influence their client behavioral inten­tion to use such systems. This chapter identifies a number of main factors influencing Internet bank­ing users intention to continue e-banking services by proposing a viable solution such as biometrics technologies to enhance the security level.

There is a vast amount of research on the adoption of latest technologies along with users. However, biometric technologies implementation in Internet banking is still a new idea. The significant aim of many organizations is to evaluate factors that develop the adoption and acceptance rate of new technology and come to a decision which technologies are worthy of implementation. Nev­ertheless, there is a lack of literature on biometric technology adoption and acceptance, mainly in the ASEAN countries. First, its shows biometrics implementation provided a good understanding of the likelihood of user acceptance in biometrics technologies by highly educated people and those who are familiar with the Internet banking, they may not provide insight into consumers who are not regular Internet banking users. Furthermore, the research findings concern perceptions and do not address how well a biometrics technologies system solution would actually meet consumers’ needs.

Biometrics technology implementation in Internet banking application is still a new idea. Biometrics technology has successfully being implemented in other area such as in e-government. Results obtained from the implementation in e-government showed that the reliablity of the intial system should be developed in order to au­thorized user’s authentication based upon his/her biometric data. The system developed should also protect against access from non-authorized users. By looking at the implementation of biometrics technology in e-government, a larger experiment can be conducted to get an idea of the possibility of implementing such a system more widely.

CONCLUSION

The literature generally agrees that Malaysian consumers are slow to adopt Internet banking because of the lack of security and reliability of transactions over the Internet (Raju et al., 2007). Nevertheless, consumers seem wary of using the Internet for using online applications such as credit card and e-payment systems (Lu et al., 2005). Other researchers in Malaysia (Amin, 2007; Haque & Ismail, 2008; Haque, Tarofder, Rahman, & Raquib, 2009; Suganthi et al., 2001) have stated that security, risk and trust are the major factors affecting the adoption of Internet banking in Malaysia.

Thus the findings from this research will provide important suggestion as to the extent of enhance the level of security in Internet banking. There are many important solutions to enhance the security; Fahad et al. (2010a) has suggested that to increase security and decrease risk of viruses, as the browser is built in such a way that there is no need to type Uniform Resource Locator (URL).

There are a few solutions for existing login to Internet banking such as login, password and USB devices. The effectiveness is still an issue because users may forget to bring devices along with them and may forget the login password. By looking at the next level of authentication security steps the benefits of investigating biometric authentication systems in online banking will secure the login process to the system and remove password vulner­abilities; enhance convenience such as employees quickly log in using their finger; reduced help desk costs by eliminates calls for password resets. Therefore, biometric technologies implementation in Internet banking environment can enhance the security level.

REFERENCES

Alhussain, T., & Drew, S. (2009). Towards User Acceptance of Biometric Technology in E-Government: A Survey Study in the Kingdom of Saudi Arabia. IFIP Advances in Information and Communication Technology, 305, 26-38. doi:10.1007/978-3-642-04280-5_3

Amin, H. (2007). Internet banking adoption among young intellectuals. Journal of Internet Banking and Commerce, 12(3), 1-13.

APACS. (2008). Fraud the Facts 2008. Retrieved June 10, 2010, from http://www.cardwatch.org.uk/ images/uploads/publications/Fraud%20the%20 Facts%202008_links.pdf

Balachandher, K. G., Santha, V., Norhazlin, I., & Rajendra, P. (2000). Electronic banking in Malaysia: A note on evolution of services and consumer reactions. Journal of Internet Banking and Commerce, 5(1).

Barlotta, J. (1999, March 14). Banks on guard against hackers., Business Today. (Boston Her­ald), p. 31.

BNM. (2009). Chapter three banking sector. Re­trieved June 2, 2010, from http://www.bnm.gov. my/view.php?dbIndex=0&website_id= 1 &id=14

Booz, A. (1997). Internet banking a global study of potential. New York: Booz. Hamilton: Allen and Hamilton Inc.

Brobeck, S., & Folkman, T. (2005). Biometrics­Attitudes and factors influencing a breakthrough in Sweden. Unpublished Master’s thesis, University of Jonkopin, Sweden.

Fahad, A. H., Rami, Q., & Mumtaz, K. (2008). The feasibility of biometrics authentication in e-commerce: User acceptance. Paper presented at the IADIS International Conference WWW/ Internet. Freiburg, Germany.

Fahad, A. H., Rami, Q., & Mumtaz, K. (2010a). Towards an Understanding of User Acceptance to Use Biometrics Authentication Systems in E­Commerce: Using an Extension of the Technol­ogy Acceptance Model. International Journal of E-Business Research, 6(3), 34-55. doi:10.4018/ jebr.2010070103

Fahad, A. H., Rami, Q., & Mumtaz, K. (2010b). Users’ acceptance of secure biometrics authentica­tion system: Reliability and validate of an extended UTAUT model. Communications in Computer and Information Science, 87(2), 254-258.

Grazioli, S., & J arvenpaa, S. (2000). Perils of Inter­net fraud: An empirical investigation of deception and trust with experienced Internet consumers. IEEE Transactions on Systems, Man, and Cyber­netics, 30(4), 395-410. doi:10.1109/3468.852434

Hanudin, A., & Ramayah, T. (2010). SMS Bank­ing: Explaining The Effects of Attitude, Social Norms and Perceived Security and Privacy. The Electronic Journal on Information Systems in Developing Countries, 41(2), 1-15.

Haque, A., & Ismail, A. Z. (2008). Factors influ­encing on security: empirical study on Malaysian banking industry. International Journal of Man­agement and Entrepreneurship, 4(1), 28-50.

Haque, A., Tarofder, A. K., Rahman, S., & Raquib, M. A. (2009). Electronic transaction of internet banking and its perception of Malaysian online customers. African Journal of Business Manage­ment, 3(6), 248-259.

Hutchinson, D. (2000). A framework of authenti­cation for Internet Banking. Unpublished thesis (honours), University of Deakin, Geelong.

Hutchinson, D., & Warren, M. (2003). Secu­rity for Internet banking: a framework. Logis­tic Information Management, 16(1), 64-73. doi:10.1108/09576050310453750

IWS. (2012). Internet World Stats, Usage and Population Statistics. Retrieved April 27, 2012, from www.internetworldstats.com

Kumar, D., & Ryu, Y. (2009). A brief introduction of biometrics and fingerprint payment technology. International Journal of Advanced Science and Technology, 4, 25-38.

Lu, H. P., Hsu, C. L., & Hsu, H. Y. (2005). An empirical study of the effect of perceived risk upon intention to use online applications. Infor­mation Management & Computer Security, 13(2), 106-120. doi:10.1108/09685220510589299 Stuart Madnick, Xitong Li, & Choucri, N. (2009). Experiences and Challenges with Using CERT Data to Analyze International Cyber Security. Social Science Research Network, 4759-09, 1-17.

Marhana, M. A., Fadzli, A., & Zakaria, M. (2012). Muslim Consumers’ Perception on Internet Bank­ing Services. International Journal of Business and Social Science, 3(5), 63-71.

Mayer, R. C., Davis, J. H., & Schoorman, F. D. (1995). An integrative model of organizational trust. Academy of Management Review, 20(3), 709-734.

MyCERT. (2010). Malaysian Computer Emer­gency Response Team Report. Retrieved June 10, 2010, from http://www.mycert.org.my/en/ services∕statistic∕mycert∕2009∕main∕detail∕625∕ index.html

Ndubisi, N., & Sinti, Q. (2006). Consumer attitudes, system’s characteristics and internet banking adop­tion in Malaysia. Management Research News, 29(1/2), 16-27. doi:10.1108/01409170610645411

Ng, J. (2002, June). Click & Transact. Personal Money.

Phang, L. A., & Fernandez, T. (2002, July 6). Local Online Banking System Safe. The Sun (Baltimore, Md.), 4.

Raju, S., Thiagarajan, A. S., & Seetharaman, A. (2007). The security concern on Internet banking adoption among Malaysian Banking Custom­ers. Pakistan Journal of Biological Sciences, 70(1), 102-106. doi:10.3923/pjbs.2007.102.106 PMID:19069993

Ramayah, T., Ismail, N., & Koay, P. L. (2002). An exploratory study of Internet banking in Malaysia. Paper presented at The Proceedings of the 3rd International Conference on Management of In­novation and Technology (ICMIT ‘02 and ISMOT ‘02). Hangzhou City, P.R. China.

Rouibah, K., Ramayah, T., & Oh, S. M. (2009). User Acceptance of Internet Banking in Malay­sia: Test of Three Competing Models. [IJEA]. International Journal of E-Adoption, 7(1), 1-19. doi:10.4018/jea.2009010101

Rouibah, K., Ramayah, T., & Oh, S. M. (2011). Modeling User Acceptance of Internet Bank­ing in Malaysia: A Partial Least Square (PLS) Approach. In S. Sharma (Ed.), E-Adoption and Socio-Economic Impacts: Emerging Infrastruc­tural Effects (pp. 1-23). Hershey, PA: Information Science Reference. doi:10.4018/978-1-60960- 597-1.ch001

Sathye, M. (1999). Adoption of Internet banking by Australian consumers: an empirical investigation. International Journal of Bank Marketing, 77(7), 324-334. doi:10.1108/02652329910305689

Sohail, M. S., & Shanmugham, B. (2003). E-bank- ing and customer preferences in Malaysia: An em­pirical investigation. Information Sciences, 750, 207-217. doi:10.1016/S0020-0255(02)00378-X

Suganthi, Balachandher, & Balachandran. (2001). Internet banking patronage: an empirical investi­gation of Malaysia. Journal of Internet Banking and Commerce, 6(1).

Thomas, G., Kellermann, T., & McNevin, V. (2002). Electronic security:risk mitigation in financial transactions. Public Policy Issues. World Bank Policy Research Working Paper No. 2870. Retrieved from SSRN: http://ssrn.com/ abstract=636234

Yousafzai, S. Y., Pallister, J. G., & Foxall, G. R. (2003). A proposed model of e-trust for elec­tronic banking. Technovation, 23, 14. doi:10.1016/ S0166-4972(03)00130-5

Yu, W. (2002). Maybank targets consumers. News Straits Times (p. 2). NST-BC.

ADDITIONAL READING

Ahmed, A. M., Zairi, M., & Alwabel, S. A. (2006). Global benchmarking for Internet and e-commerce applications. Benchmarking:An International Journal, 13(1/2), 68-80. doi:10.1108/14635770610644583

Al-Somali, S. A., Gholami, R., & Clegg, B. (2009). An investigation into the acceptance of online banking in Saudi Arabia. Technova­tion, 29(2), 130-141. doi:10.1016/j.technova- tion.2008.07.004

Alexander, P. P., & Peter, P. (2008). Understand­ing User Perspectives on Biometric Technology. Communications of the ACM, 51(9), 115-118. doi:10.1145/1378727.1389971

Bhattacherjee, A. (2001). Understanding informa­tion system continuance: An expectation-confir­mation model. Management Information Systems Quarterly, 25(3), 351-370. doi:10.2307/3250921

Bhattacherjee, A. (2002). Individual trust in online firms: scale development and intial test. Journal of Management Information Systems, 19(1), 211-241.

Bomil, S., & Ingoo, H. (2003). The Impact of Customer Trust and Perception of Security Con­trol on the Acceptance of Electronic Commerce. International Journal of Electronic Commerce, 7(3), 135-161.

Chellappa, & Ramnath, K. (2002). Consumers’ trust in electronic commerce transactions: the role of perceived privacy and perceived security. Un­published working paper. University of Southern California, Los Angeles.

Cheng, T. C. E., Lam, D. Y. C., & Yeung, A. C. L. (2006). Adoption of Internet banking: An empiri­cal study in Hong Kong. Decision Support Systems, 42, 1558-1572. doi:10.1016/j.dss.2006.01.002 Chin, W. (1998). Issues and opinions on structural equation modeling. Management Information Systems Quarterly, 22(1), 7-16.

Chin, W. W. (1998). The partial least squares approach to structural equation modeling. In G. A. Marcoulides (Ed.), Modern Methodsfor Busi­ness Research (pp. 1295-1336). Mahwah, NJ: Lawrence Erlbaum Associates.

Chin, W. W. (2010). How to write up and report PLS analyses. In V. Esposito Vinzi, W. W. Chin, J. Henseler, & H. Wang (Eds.), Handbook of partial least squares: Concepts, methods and application (pp. 691-711). New York: Springer. doi:10.1007/978-3-540-32827-8_29

Faundez-Zanuy, M. (2009). Biometric Security Technology. Hershey, PA: IGI Global.

Gefen, D., Karahanna, E., & Straub, D. W. (2003). Trust and TAM in online shopping: An integrated model. Management Information Systems Quar­terly, 27(1), 51-90.

Grabner-Krauter, S., & Faullant, R. (2008). Consumer acceptance of Internet banking: the influence of Internet trust. International Journal of Bank Marketing, 26(7), 483-504. doi:10.1108/02652320810913855

Han, K. S., & Noh, M. H. (1999). Critical failure factors that discourage the growth of electronic commerce. International Journal of Electronic Commerce, 4(2), 25-43.

Jain, A. K., Pankanti, S., Prabhakar, S., Hong, L., Ross, A., & Wayman, J. L. (2004). Biometrics: A Grand Challenge. Paper presented at the Pro­ceedings of International Conference on Pattern Recognition. Cambridge, UK.

Jain, A. K., Ross, A., & Uludag, U. (2005). Biometric Template Security: Challenges And Solutions. Paper presented at the Proceedings of European Signal Processing Conference (EU- SIPCO). Antalya, Turkey.

Kaliannan, M., Awang, H., & Raman, M. (2007). Technology adoption in the public sector: An exploratory study of e-government in Malaysia.

Khalil, M. N., Sutanonpaiboon, J., & Hamimah, M. N. (2010). Malay, Chinese, and Internet bank­ing. Chinese Management Studies, 4(2), 141-153. doi:10.1108/17506141011053069

Kim, C., Tao, W., Shin, N., & Kim, K.-S. (2010). An empirical study of customers’ perceptions of security and trust in e-payment systems. Electronic Commerce Research and Applications, 9, 84-95. doi:10.1016/j.elerap.2009.04.014

Kim, M.-J., Chung, N., & Lee, C.-K. (2010). The effect of perceived trust on electronic commerce: Shopping online for tourism products and services in South Korea. Tourism Management, 1-10.

Kumar, D., & Ryu, Y. (2009). A brief introduction ofbiometrics and fingerprint payment technology. International Journal of Advanced Science and Technology, 4, 25-38.

Lallmahamood, M. (2007). An examination of individual’s perceived security and privacy of the Internet in Malaysia and the influence of this on their intention to use e-commerce: Using an extension of the Technology Acceptance Model. Journal of Internet Banking and Commerce, 12(3), 1-26.

KEY TERMS AND DEFINITIONS

Biometrics Technologies: Enables automatic personal recognition based on physiological or behavioral characteristics. It is relies on who you are or what you do as opposed to conventional methods, which rely on what you know (knowledge of passwords or other secrets such as cryptographic keys) and what you possess (such as a token or an ID card) (Alhussain & Drew, 2009).

Identification and Authentication: The abil­ity to uniquely identify a person or entity and to prove such identity (Hutchinson & Warren, 2003).

Internet: Internet is a method of commu­nication that utilizes networked computers as a medium. Internet enables direct transformation of information from providers to customers.

Internet Banking: Internet banking can mean the setting up of a Web page by a bank to give information about its product and services. It involves provision of facilities such as accessing accounts, funds transfer, and buying financial products or services online (Sathye, 1999).

Perceived Security: Perceived security is de­fined as the ‘customer’s perception of the degree of protection against these threats” (Yousafzai et al., 2003)

Perceived Trustworthiness: Perceived trust­worthiness is defined as the customers’ perception of confidence in the bank’s competence, integrity and benevolence to provide banking and financial services over the Internet (Yousafzai et al., 2003). According to Mayer, Davis, and Schoorman (1995), three main elements of trustworthiness can be identified and validated: integrity (trustee honesty and promise keeping), benevolence (trustee caring and motivated to act in the trustor’s interest) and competence (ability of the trustee to do what the trustor needs).

Phishing: Is a type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites or also known as ‘online identity fraud’(source: (“Website,”) www.cimbclicks.com.my/keepsave. htm).

Privacy: The ability to prevent the unlawful or unethical use of information or data (Hutchinson & Warren, 2003).

Security: In the context of electronic banking, threats can be made either through network and data transaction attacks or through unauthorized access to the account by means of false or defective authentication (Yousafzai et al., 2003).

This work was previously published in Research and Development in E-Business through Service-Oriented Solutions, edited by Katalin Tarnay, Sandor Imre, and Lai Xu, pages 293-306, copyright 2013 by Business Science Reference (an imprint of IGI Global).