See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/322876607

Cyber security analysis of internet banking in emerging countries: User and

bank perspectives

Conference Paper · November 2017

DOI: 10.1109/ICETAS.2017.8277910

CITATIONS READS

3 2,745

3 authors:

Jaafar Alghazo Zafar Kazimi

Prince Mohammad bin fahad University Prince Mohammad University
49 PUBLICATIONS   105 CITATIONS    2 PUBLICATIONS   5 CITATIONS   

SEE PROFILE SEE PROFILE

Ghazanfar Latif
Prince Mohammad University
41 PUBLICATIONS   104 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Cyber security analysis of internet banking in emerging countries: User and bank perspectives View project

Efficient Routing in Geographic and Opportunistic Routing for Underwater WSNs View project

All content following this page was uploaded by Jaafar Alghazo on 08 November 2018.

The user has requested enhancement of the downloaded file.

 Cyber Security Analysis of Internet Banking In Emerging Countries:
User and Bank perspectives

Zafar Kazmi 1, Jaafar M. Alghazo 1, Ghazanfar Latif 1,2*

1
College of Computer Engineering and Sciences,
Prince Mohammad Bin Fahd University, Khobar, Saudi Arabia.
2
Faculty of Computer Science and Information Technology,
University of Malaysia, Sarawak, Kota Samarahan, Malaysia.
*
[email protected]

Abstract: Internet banking has become one of the fastest and easiest way of banking. The threat of cyber
security attacks set a great challenge for the Internet banking and electronic commerce (E-commerce)
industries. In this paper, we first analyse in detail the cyber security of Internet Banking in Emerging
Countries and then propose a novel model to reduce the cyber security risk to bridge the gap between banks
and customers. The proposed model is based on results of surveys conducted on Internet banking in three
emerging countries (Saudi Arabia, Pakistan and India). The survey focused on users practices in Internet
banking. The questions were based upon user’s knowledge about cyber security and user’s awareness of
common threats in Internet Banking. The results obtained support the argument that there is an emerging
gap between banks expectation and user actions related to Internet banking. The proposed model bridges
the gap taking into account user’s IT literacy and IT equipment (Hardware and Software) increasing the
responsibility of banks to reduce the cyber security risks for users.

1. Introduction
Internet banking also known as Electronic banking (E-banking), Online banking and Virtual banking
is widely promoted as a convenient banking solution. Internet banking has proved to be an ideal and
profitable means of banking in the banking industry. Most banks have quickly migrated to this technology
in order to reduce cost and improve customer experience [1]. The process of adoption of technology depends
on information gathering and set of belief that will help the user in either accepting or rejecting it [2]. The
technology acceptance model or TAM determines that the user acceptance of technology is driven by two
factors namely ease of using that technology and usefulness of the technology [3]. Adoption of technology
is the greatest challenge for the banking industry. Some of the risk associated with the Internet banking users
are users themselves; their behaviour when it comes to E-banking [4]. Internet banking security risk can
cause financial losses if the risk is real. Financial sectors and banking sectors are more prone to security
attacks [5]. User acceptance is one of the key factor in the acceptance of technology. To work on Internet
banking requires a certain level of information technology literacy. Users may not be comfortable in trusting
a totally automated system [6].
Despite the fact that banks in emerging countries have integrated security features yet users behaviour
causes security vulnerabilities. A lot of internet security threats and vulnerabilities still continue to persist.
An example is Internet banking users sharing their login credentials with others knowingly or unknowingly.

1
This may lead to compromising of the user account and may lead to security breaches [7]. As new threats
continue to emerge, banks will need to adopt new measures to protect users. Banks can do more by deploying
Information Security policies that ensure safer Internet banking experience. The Information Technology
security policies could consist of items related to users and machine based learning or Artificial intelligence,
which would learn users’ pattern while conducting Internet banking. For example, the bank artificial
intelligence could detect trusted devices like trusted laptop or mobile device, which the user use for his daily
banking activities and if the user logged in from a different device, it will send a notification on the registered
mobile number of the users.
In this study a novel model is proposed which puts more responsibility on banks to avoid security
breaches which are caused due to negligence or lack of awareness by the users. The responses from the
conducted survey highlighted two aspects regarding users: 1) User behaviour while conducting Internet
banking and 2) User awareness on threats relates to Internet banking. Some of the negative response are
related to lack of awareness of users on threats related to Internet banking. It would be difficult for users to
cope with the changing technologies and threats. So the logical solution could be that banks could control
the process by imposing information technology policies that can help bridge the gap that lead to a safer E-
banking environment and reduce the possibility of security breaches. They can use behavioural study or
model that are based on Artificial Intelligence or Machine based Learning that could provide early-detection
of negligence of users or target those domains which could lead to a security breach on Internet banking.
This paper will be presented as follows: section 2, will show the related work and literature review,
section 3 will detail the research methodology, section 4 will indicate the users’ survey results and analysis,
section 5 will detail the proposed model and section 6 will detail the conclusion.

2. Related Work
Numerous studies have been carried out in understanding the adoption of technology in Internet
banking. A study is carried out by collecting the responses of 387 users who were using Internet banking to
understand which factors affect the customer perspective of adopting SST (Self Service Technology) and
the way the user adopts the technology [8]. The authors developed a readiness model to explain relationship
between technology readiness, user-informational-based readiness, customer readiness and the purpose of
adopting SST. In [9], a model is proposed in Financial Institution Letter that will predict the behaviour of
the Internet banking users. The letter highlights that security breaches are due to certain factors, which are
associated with human behaviours aspect that include examples of not unlocking computers, installation of
software from un-trusted source and password management. It concludes that there is a direct relationship
between Internet banking security breaches and customer behaviour.

2
 Martins et al. proposed a model that determines the user behaviour based on intention and usage of
Internet banking [10]. The conceptual model is a combination of unified theory of acceptance and the use
of technology (UTAUT). In order to test the conceptual model 249 cases from Portugal bank were studied.
The proposed model support a relationship based on performance expectancy and role of risk based on
stronger prediction on intention of use on Internet banking. The factors that influence the adoption of Internet
banking in the Republic of Yemen is determined in [11]. Information was gathered by conducting a survey
on 1500 users. By using the theory of reason action (TRA) model it was extended by relative advantage,
perceived risk, mass media, family influence and scepticism. The model provided a good understanding that
influence the intention of the user on Internet banking. The model explained 68.3% of the variance in the
behavioural intention. Yuen et al. investigated the cultural difference in the adoption of Internet banking in
USA and Malaysia [12]. The research study provides marketing recommendation to influence users in
adopting Internet banking based on cultural dimension. Questionnaire were design using structural equation
modelling and a survey was conducted on 1050 Internet banking users. The result concluded that due to
cultural difference consumers had a different pattern in adopting Internet banking. An empirical study was
conducted to understand the adoption of Internet banking amongst customers in Jordan [13]. A population
sample of 476 random customers’ responses were analysed. In the dimension of study, factor analysis-
varimax rotation was used and simple regression was used to see the influence on perceived privacy and
security, ease of use, quality of service and customer feedback on Internet banking. All the factors chosen
for the study were independent but the factor that have the most impact in influencing the customer trust
was the quality of service provided on the website. The acceptance of the Internet banking was found in the
audience that had high education level and good amount of computer literacy.
A review of 165 research paper was done which was related to Internet banking in [14]. The result
derived based from the paper showed that the Internet banking adoption was one of the growing field that
kept to excite the researchers. The paper was classified into 3 main themes namely 1) whether the paper
seek to describe the phenomenon, 2) Whether it seek in understanding the relationship between the factors
and drive option and 3) seeking to draw a conclusion based on population, channels and method. A study
was carried out to analyse the factors that encourage users in adopting Internet banking in Saudi Arabia [15].
The research construct was developed on Technology Acceptance Model (TAM) with added extra control
variable. The paper study the factors influencing the customer for adopting online banking using 400
customer’s response. The response showed that the quality of internet, social influence and computer
efficiency had a great impact on perceived usefulness (PU) and perceived ease of use (PEU) for online
banking acceptance, education and trust.

3
3. Research Methodology
In this study, the research methodology is designed by selecting 3 emerging countries namely Saudi
Arabia, India and Pakistan. A survey was designed with questionnaire divided into two parts; the general
practice of users on the Internet banking and awareness of the threats related to Internet banking. Based on
the survey’s positive and negative responses, a model is proposed that can bridge the gap between banks
expectation and user behavioural response when it comes to Internet banking. To support the argument about
the importance of internet banking, detailed analysis about the total internet users against the total population
of each selected country is summarized in Table 1 [16]. Statistical analysis is also done for total internet
banking users against overall banking users as shown in Table 2 [17-19]. A detailed analysis of security
measure provided at the login webpage of the selected banks is also done as shown in Table 3. The work
flow of the proposed methodology is shown in Fig. 1.

Fig. 1. Workflow of the proposed research methodology

Table 1. Internet Users with Growth Rate

Saudi Arabia India Pakistan
Number of Internet Users 20.81 millions 462.12 millions 34.35 millions
Total Population 32.16 millions 1326.80 millions 192.82 millions
Penetration 64.7 % 34.8 % 17.8 %
Growth in 1 year 2.8 % 30.5 % 9.7 %
Growth in 3 years 13.9 % 139.1 % 44.6 %
Growth in 5 years 52.2 % 267.9 % 119.7 %

4
 Table 2. Internet Banking increased usage in different countries

Saudi Arabia [17] India [18] Pakistan [19] Total

Number of Banks 25 92 55 172
Banking
Number of Customer 14 million 470 millions 26.4 millions 510.4 m
Users
Penetration 43.53 % 35.52% 13.75 % 30.93 %
Internet Banks providing Internet banking 25 51 16 92
Banking
Users Customer using E Banking 8.4 million 14.5 million 1.8 millions 24.7 m

3.1. User Practices for Internet Banking

Some of the practice that a user is expected to follow while in the Internet banking environment:
1. Maintaining up to date operating system on personal computers that can protect the user from
malware. Downloading software from 3rd party is a common practice by users. Most of the users are
unaware of the malicious code that are hidden in the software.
2. Using browser with less vulnerabilities. Browsers are the most likely item targeted by cyber attackers.
Users can get compromised if they are not updating their browser.
3. Password management: Choosing a complex password which include a combination of capital, small
letters, numbers and special character. This can make the password difficult to guess and avoid
unauthorized access.
4. Reading banking agreement. As per our survey it highlights that users do not read the online banking
agreement which highlights the user’s responsibilities and a point where banks would like to educate
users about the sensitive nature of Internet banking. The online banking agreement consists of
information of protecting your password, credit cards and pin number. The Banks in Saudi Arabia
provide their customers the Service level agreement (SLA) in hard copy and outline some
information on their websites. Mostly the bank assumes that if the user has signed the agreement it
is clear that he/she has understood the terms and conditions of using online banking.
5. Changing password for Internet banking once every six months. Good information technology
practice is to change password very six months.
6. Antivirus. Antivirus is a computer software that looks or scans for known viruses on computer. The
Software after detecting the virus or any suspicious program residing on the computer takes the
action of either deleting that virus or quarantining it.
7. Keeping a pattern guessing or biometric lock on smart phones. User who use mobile banking can
make their phone vulnerable if they do not put a pattern lock or biometric lock on their phones.

5
3.2. User awareness of threats related to Internet Banking

The Internet banking security can be compromised by the customers themselves, like the malicious
program residing on the user’s PC or opening of unsolicited emails. As the Internet banking users are also
not aware of cyber security risk they can fall victim to scams like phishing and social engineering attack.
1. Phishing: Phishing is used to lure victim into giving away their password or information willingly.
Identity thieves phish for password and financial information in the cyber world [20]. Phishing is a
form of social engineering attack that tends to convince victim into giving away the personal
information like credit card, pin numbers and social security number so that the thieves can use this
information against them [21]. Once the phishing threat has become real it has a negative effect on
the organization, revenues, and customers and overall the corporate that is providing that service
[22]. Even educated users’ are vulnerable to phishing attacks and it is shown that social engineering
has reached levels in which users can be educated about phishing attacks and yet still fall prey to
phishing attacks because of their trusting nature [23].
2. Social Engineering: is used to convince the victim by a sense of excitement or fear or establish a
trust with the victim in giving way there valuable information willingly [23-24]. The key aspect is
trust in social engineering. For example a user may be promised for a prize money or financial
interest that may be transferred into his account if the user provide his banks details. In most cases
user get distracted and fails to analyse the message or content of message out of excitement. The
social engineering aspect is that the user willingly provide his confidential information to the identity
thief which is used to commit fraud or destroy the user assets [25].

4. User Response and Results

The banks in the emerging countries do highlight the security practices that an Internet banking user
should follow. Banks which provide E-banking do mention Information Technology security practice for
the users to follows in order to ensure a safer experience. Based on the banks chosen from emerging countries,
Table 3 was generated by visiting all 92 banks (providing Internet banking) websites login page and
collected data about the security risk information on their login page. The table highlights the security
practices listed for the users to follow. With the emergence of new security threats, users may not be able to
cope with the everyday changes made by the banks. For Example Banks in Saudi Arabia provide a two-
factor authentication in which once a user is logged in successfully, a onetime password (OTP) is sent on
the customer’s registered mobile number which the user has to enter before being redirected to the Internet
banking webpage. All transaction notification are sent via SMS. Banks in India also provide 2-factor

6
authentication, where a user needs to have a separate password for login and a separate password for
transaction. In order to perform a transaction the user has to enter an OTP reference number, which is sent
as OTP on the registered mobile number and a password for transaction. In Pakistan, similar two-factor
authentication is used.

Table 3. Security risk information provided at the login webpage by 92 Banks

Percentage of banks
Information provided for Online Banking Customers regarding Security
providing this information
1 Phishing 57%
2 Social Engineering 42%
3 Virus and Spyware that affects customers PC 57%
4 Customer Role in Protecting his information online 100%
5 Banks advising Customers not to use public network 57%
6 Not to give out personal banking information to anyone calling from the bank 100%
7 Hotline call service to report any incident related to online fraud or theft 71%
8 SSL Lock 57%
9 Password Policy 57%
10 Online agreement between the banks and its customer 42%
11 Updating Browser for Security reason 100%
12 Keeping the Antivirus up to date 85%
13 Information relevant to online secure banking available at first login page 100%

The survey was conducted in Saudi Arabia, India and Pakistan. The survey was sent online to 2000
individuals and we received 1044 responses including 352 from Saudi Arabia, 272 from India and 420 from
Pakistan. A response rate of 52.2%. As indicated previously, the survey is divided into two parts; one
concentrating on the users’ practices in the E-banking environment and one concentrating on user awareness
of Internet banking security risks. Fig. 2 summarizes the results of the survey per country and overall results.
For example, it is indicated that only 41% of respondents are aware of phishing attacks. The results were
carefully analysed in order to formulate a model to reduce the cyber security threats in an E-banking
environment.

5. Bridging the Gap: Proposed Model for Internet banking Security

Based on a detailed analysis of the results obtained in table 3, the vulnerabilities of Internet banking
environment identified. The major responsibility of maintaining a secure Internet banking experience lies
on the customer; customer to update browser, choose appropriate browser, update antivirus, choose
appropriate antivirus, be aware of phishing attacks, be aware of Malware, remember to update password
every six months, choose a complex password, etc. In this paper, we propose a novel model that shifts some
of these responsibilities to the banks. Banks have state-of-the-Art Information Technology Operations and
Centers. By investing a bit more, the banks can take some of the responsibilities away from the customer

7
and reduce the risk of security threats, thereby offering a fairly secure environment for their customers. The
model proposed in Fig. 3 highlights some of the practices that are to be divided between Internet banking
users and the banks information technology security policies. The proposed model bridges the gap between
the users and the Bank. The model states that the banks can enforce their security policies to ensure safer
banking experience for users. On the other hand, users should follow the instructions provided by the bank
to ensure a safe Internet banking experience.

Saudi Arabia Yes Saudi Arabia No Pakistan Yes Pakistan No India Yes India No

100%

11.1%
11.1%
16.7%

16.7%
16.7%

16.7%
21.3%
21.3%
21.7%
21.7%

25.0%

26.7%
90%

27.6%
27.8%
28.3%
33.9%

34.4%
34.4%
38.3%
38.3%

41.0%
47.3%
47.3%

80%
47.6%

47.6%

48.9%
48.9%

54.0%
54.0%

55.1%
55.1%
56.8%
56.8%

57.3%
57.3%
57.5%

57.6%
58.2%

60.3%

61.1%
61.1%
62.9%
62.9%
63.6%

70%

70.0%
79.3%
79.3%
84.7%
60%
50%

88.9%
88.9%
83.3%
83.3%

83.3%
83.3%
78.7%
78.7%
78.3%
78.3%

75.0%

73.3%
40%

72.4%
72.2%
71.7%
66.1%

65.6%
65.6%
61.7%
61.7%

59.0%
52.7%
52.7%

30%
52.4%

52.4%

51.1%
51.1%

46.0%
46.0%

44.9%
44.9%
43.2%
43.2%

42.7%
42.7%
42.5%

42.4%
41.8%

39.7%

38.9%
38.9%
37.1%
37.1%
36.4%

20%

30.0%
20.7%
20.7%
15.3%

10%
0%

Fig. 2. Survey results from 1044 respondents

Internet banking users should change password every three months, however, the bank is responsible
to ensure that this happens by expiring the users’ password every three months and forcing the user to choose
a new password. The users should keep in mind while choosing a password that it should not be easy to
guess, however, it is the banks responsibility to allow passwords that have capital and small letters, numbers
and a special character. Any password that does not have these features will not be accepted. The bank
should enforce that the user should not use the previous 2 passwords as well. Using virtual keyboard for safe
guarding sensitive information like password or debit card is a responsibility added to the bank side. The
Bank can enforce users to use virtual keyboard by disabling the sensitive field by using virtual keyboard
provided on the webpage. As there is a chance for the user device to be infected by a malware or a key
logger program that detects the key stroke and can compromise the password security.

8
 User Bank

Should change password every 3 1. Banks should force user to change password.
months. 2. Enforce complex password.
3. No repetition of previous 2 password.

Use virtual keyboard to enter

password rather than keyboard to Bank enforcing users to use virtual key board by disabling keyboard
avoid malicious code like key logger. login.

Use trusted device and avoid using Bank should send a sms notification/email if a login was detected from
public network for e banking an untrusted device similar to google policy

Educate the user of online threat by

posting a warning message after user Banks should send sms tips for safe Internet-Banking experience
successfully login.

User should follow the secuirty Banks should do more to enforce security practies by using AI or
practices enlisted on the banking machine based learning to detect any unusual behaviour of Internet-
website Banking user

Fig. 3. Proposed Security model required to decrease the security risks in Internet banking

Banks should use the concept of trusted device to ensure the identity of the users while the user is
logging on. If the user has logged in from an untrusted device the bank system should send an SMS alert to
confirm if it was the intended user. Education of the users is a key component to ensure safe Internet banking
experience. The bank can provide security warning on their webpages after the user has successfully logged
in to familiarize users on the threats that are risk for Internet banking. Banks should use Artificial intelligence
software or machine based learning software that can make judgments on the user behaviour example
transferring large amount of cash to a destination not within the monthly pattern of the user. This software
can be used to detect all electronic transactions including credit card transaction and will be able to detect if
the user has made a purchase not within the customer’s pattern and will alert and sometimes disable the
credit card or E-banking account in extreme cases until the customer’s identity is verified. The machine
based learning or artificial intelligence should predict this anomaly and take appropriate action.
Information security is a critical part of the Internet banking process. Therefore, banks can improve
the security features from their side by securing their servers and the communication between the user and
Internet banking server. Table 4 describes the list of security features that each bank should incorporate to
ensure the security of user’s data and communication.

9
 Table 4: Security Features of the Internet banking proposed model
# Security Feature Description
 Secure Socket Layer (SSL) certificate need to be installed for E-banking website and
1 SSL Certificate
other substitute websites representing banks.
 User access device (laptops, smartphones, tablets etc.) will be registered and after
2 Device Registration
verification, only that device will be able to access E-banking systems.
 Setup of different Server based alarms to monitor and control the bank transactions
3 System based Alarms
and access of the user accounts etc.
 Group policies are being applied to make sure that specific users have minimum
4 Group Policies Settings
required access of the internet banking system resources.
 Multifactor Authentication (MFA) method is used to access the Internet banking
5 MFA
administration console to make the infrastructure more secure.
 Simple notification is enabled to the Internet banking services to which will send
6 SNS
mobile SMS and email notifications based on the enabled system based alarms.
Inbound / Outbound  Inbound / Outbound access rules are applied and only specific communication ports
7
Rules (e.g. HTTPS) are opened and rest of the ports are blocked.
 Encryption is enabled to all the stored data on server by using encryption tools (e.g.
8 Data Encryption
bit-locker).
Users Access  Based on the requirement, administration users need to be created and only minimum
9
Permissions required access to the particular service is granted.
Private Key with  To make the internet banking infrastructure access more secure, private keys with
10
Password passwords need to use.

6. Conclusion
The Internet banking service is offered by banks to provide convenience for their customers, however,
there is great benefits to banks as well. The most important benefit to banks is the reduction in operational
cost be incorporating many services on their online portal. Therefore, the banks should take more
responsibility in ensuring a more secure Internet banking environment for their customers. In this paper, we
proposed a model that incorporates more responsibility on banks to ensure that the Information Technology
policies are adhered by customers. For example, rather than informing customers that it is good practice to
change password every 3-6 months, the banks should force customers to change their passwords every three
months through expiring their passwords so that customers are forced to change their password. The Banks
should also integrate the latest Information Security Technologies to ensure that the communication is secure
between bank and customers. The proposed model would provide a more secure Internet banking
environment which would be of mutual interest to both banks and customers. Also the technologies proposed
in this model are existing technologies and need not be invented nor developed from scratch. For example,
the trusted device concept is an available technology and already in use by non-banking industries. Google
already uses trusted devices in their Gmail application. Also there are many existing algorithms for Artificial
Intelligence (AI) supervised and unsupervised learning that could be integrated to learn customer’s
behaviours and detect anomalies.

10
References
[1] Xue, M., Hitt, L.M. and Chen, P.Y., 2011. Determinants and outcomes of internet banking adoption. Management
science, 57(2), pp.291-307.
[2] Akhlaq, M.A., 2011. Internet banking in Pakistan: finding complexities. Journal of internet banking and
commerce, 16(1), p.1.
[3] Cheung, R. and Vogel, D., 2013. Predicting user acceptance of collaborative technologies: An extension of the
technology acceptance model for e-learning. Computers & Education, 63, pp.160-175.
[4] Martins, C., Oliveira, T. and Popovič, A., 2014. Understanding the Internet banking adoption: A unified theory of
acceptance and use of technology and perceived risk application. International Journal of Information
Management, 34(1), pp.1-13.
[5] Ivan, I., Ciurea, C., Doinea, M. and Avramiea, A., 2012. Collaborative Management of Risks and Complexity in
Banking Systems. Informatica Economica, 16(2), pp.128-141.
[6] Gharaibeh, N., 2013. The impact of customer knowledge on the security of E-banking. International Journal of
Computer Science and Security (IJCSS), 7(2), p.81.
[7] Council, F.F.I.E., 2005. Authentication in an internet banking environment. Financial Institution Letter, FIL-103-2005.
Washington, DC: Federal Deposit Insurance Corp.(FDIC). Retrieved March, 18, p.2005.
[8] 1 Chen, C.J., 2016, July. User Adoption Decisions in Self-Service Technologies: A Study of the Internet Banking.
In Advanced Applied Informatics (IIAI-AAI), 2016 5th IIAI International Congress on (pp. 1207-1208). IEEE.
[9] Kesharwani, A. and Singh Bisht, S., 2012. The impact of trust and perceived risk on internet banking adoption in India:
An extension of technology acceptance model. International Journal of Bank Marketing, 30(4), pp.303-322.
[10] Martins, C., Oliveira, T. and Popovič, A., 2014. Understanding the Internet banking adoption: A unified theory of
acceptance and use of technology and perceived risk application. International Journal of Information
Management, 34(1), pp.1-13.
[11] Al-Ajam, A.S. and Md Nor, K., 2015. Challenges of adoption of internet banking service in Yemen. International
journal of bank marketing, 33(2), pp.178-194.
[12] Yuen, Y.Y., Yeow, P.H. and Lim, N., 2015. Internet banking acceptance in the United States and Malaysia: a cross-
cultural examination. Marketing Intelligence & Planning, 33(3), pp.292-308.
[13] Alwan, H.A. and Al-Zubi, A.I., 2016. Determinants of Internet Banking Adoption among Customers of Commercial
Banks: An Empirical Study in the Jordanian Banking Sector. International Journal of Business and
Management, 11(3), p.95.
[14] Hanafizadeh, P., Keating, B.W. and Khedmatgozar, H.R., 2014. A systematic review of Internet banking
adoption. Telematics and informatics, 31(3), pp.492-510.
[15] Al-Somali, S.A., Gholami, R. and Clegg, B., 2009. An investigation into the acceptance of online banking in Saudi
Arabia. Technovation, 29(2), pp.130-141.
[16] Internetlivestats (2017), accessed on January 8, 2017 from http://www.internetlivestats.com/
[17] Saudi Arabian Monetary Agency (SAMA) annual report (2016): http://www.sama.gov.sa/en-
US/EconomicReports/Pages/AnnualReport.aspx
[18] Baharat Poddar, Yashraj E., Neetu Chitkara, Abhinav Bansel, 2016. Productivity in Indian Banking. Bostan Consulting
Group, Aug, 16.
[19] State Bank of Pakistan annual report (2015/2016): http://www.sbp.org.pk/reports/annual/index.htm
[20] Kierkegaard, S., 2007. Swallowing the Bait, Hook, Line, and Sinker: Phishing, Pharming, and Now Rat-ing!.
In Managing Information Assurance in Financial Services (pp. 241-260). IGI Global.
[21] Gan, G.G.G., 2008. Phishing: A Growing Challenge for Internet Banking Providers in Malaysia. Communications of
the IBIMA, 5, pp. 133-142.
[22] Dhanalakshmi, R., Prabhu, C. and Chellapan, C., 2011. Detection of phishing websites and secure
transactions. IJCNS, 1(11), pp.15-21.
[23] Alghazo, J.M. and Kazimi, Z., 2013. Social Engineering in Phishing Attacks in the Eastern Province of Saudi
Arabia. Asian Journal of Information Technology, 12(3), pp. 91-98.
[24] Gao, W. and Kim, J., 2007. Robbing the cradle is like taking candy from a baby. In Proceedings of the Annual
Conference of the Security Policy Institute (GCSPI), pp. 23-37.
[25] Dodge, R.C., Carver, C. and Ferguson, A.J., 2007. Phishing for user security awareness. Computers & Security, 26(1),
pp.73-80.

11

View publication stats