International Journal on Advanced Science, Engineering and Information Technology

The risk of data theft is still a negative impact of smartphone technology development that harms its users. One cause of data theft is information security behavior. Therefore, this study was conducted to determine information security behavior and its differences among smartphone users in Indonesia based on the demographic variables (i.e., gender, generation, educational background, and operating system) and four approaches, namely Avoiding Harmful Behavior, Settings, and Add-on Utilities, Preventive Behavior, and Disaster/Data Recovery. The data obtained from 400 respondents were processed using Pearson's chi-square and post hoc tests. The results showed that there are significant differences between the demographic variables and approaches. It was revealed that men behave better than women in terms of adopting settings and add-on utilities, preventive behavior, and disaster/data recovery. On the other hand, men tend to have riskier behavior than women in avoiding harmful behavior. Based on generation, it was found that Generation Z exhibits more secure behavior than Generation Y in terms of settings and add-on utilities regarding remote device locking. Meanwhile, Generation Z has better behavior than Generations X and Y in preventive behavior as they uninstall/remove unused applications. Furthermore, undergraduate users behave better than high schoolers in avoiding harmful behaviors such as sharing PIN/passwords. Lastly, iOS users were found to have better data recovery behavior than Android users in automatically backing up data in the cloud. These results can be considered when designing security education, training, and awareness programs to improve information security.

Security behavior; information security; smartphone users; user behavior; Indonesia

A. Farooq, D. Jeske, and J. Isoaho, “Predicting students’ security behavior using information-motivation-behavioral skills model,†IFIP Advances in Information and Communication Technology, vol. 562. pp. 238–252, 2019, doi: 10.1007/978-3-030-22312-0_17.

A. Kovacevic, N. Putnik, and O. Toskovic, “Factors Related to Cyber Security Behavior,†IEEE Access, vol. 8, pp. 125140–125148, 2020, doi: 10.1109/ACCESS.2020.3007867.

K. A. Abdullahi, O. I. Oladele, and M. Akinyemi, “Attitude, knowledge and constraints associated with the use of mobile phone applications by farmers in North West Nigeria,†J. Agric. Food Res., vol. 6, p. 100212, 2021, doi: 10.1016/j.jafr.2021.100212.

J. Nie, P. Wang, and L. Lei, “Why can’t we be separated from our smartphones? The vital roles of smartphone activity in smartphone separation anxiety,†Comput. Human Behav., vol. 109, no. September 2019, p. 106351, 2020, doi: 10.1016/j.chb.2020.106351.

P. A. Busch, G. I. Hausvik, O. K. Ropstad, and D. Pettersen, “Smartphone usage among older adults,†Comput. Human Behav., vol. 121, no. March, 2021, doi: 10.1016/j.chb.2021.106783.

A. Razgallah, R. Khoury, S. Hallé, and K. Khanmohammadi, “A survey of malware detection in Android apps: Recommendations and perspectives for future research,†Comput. Sci. Rev., vol. 39, p. 100358, 2021, doi: 10.1016/j.cosrev.2020.100358.

Q. Xiao, “Understanding the asymmetric perceptions of smartphone security from security feature perspective: A comparative study,†Telemat. Informatics, vol. 58, no. November 2020, p. 101535, 2021, doi: 10.1016/j.tele.2020.101535.

X. Ma, “IS professionals’ information security behaviors in Chinese IT organizations for information security protection,†Inf. Process. Manag., vol. 59, no. 1, pp. 1–14, 2022, doi: 10.1016/j.ipm.2021.102744.

Sahiruddin, I. Riadi, and Sunardi, “Analisis Forensik Recovery Dengan Keamanan,†no. 12.

P. Kuppusamy, “Systematic Literature Review of Information Security Compliance Behaviour Theories,†Journal of Physics: Conference Series, vol. 1551, no. 1. 2020, doi: 10.1088/1742-6596/1551/1/012005.

C. Candiwan, M. Azmi, and A. Alamsyah, “Analysis of Behavioral and Information Security Awareness among Users of Zoom Application in COVID-19 Era,†Int. J. Saf. Secur. Eng., vol. 12, no. 2, pp. 229–237, 2022, doi: 10.18280/ijsse.120212.

M. Dupuis, A. Jennings, and K. Renaud, Scaring People is Not Enough: An Examination of Fear Appeals within the Context of Promoting Good Password Hygiene, vol. 1, no. 1. Association for Computing Machinery, 2021.

P. Salsabila, “Kejahatan Siber di Indonesia Naik 4 Kali Lipat Selama Pandemi,†2020. https://tekno.kompas.com/read/2020/10/12/07020007/kejahatan-siber-di-indonesia-naik-4-kali-lipat-selama-pandemi (accessed Dec. 10, 2020).

Candiwan, P. K. Sari, and N. Nurshabrina, “Assessment of information security management on Indonesian higher education institutions,†Lect. Notes Electr. Eng., vol. 362, no. 2016-01–01, pp. 375–385, 2016, doi: 10.1007/978-3-319-24584-3_31.

M. Butler and R. Butler, “The influence of mobile operating systems on user security behavior,†2021 IEEE 5th Int. Conf. Cryptogr. Secur. Privacy, CSP 2021, pp. 134–138, 2021, doi: 10.1109/CSP51677.2021.9357568.

T. Ramakrishnan, D. M. Hite, J. H. Schuessler, and V. Prybutok, “Work ethic and information security behavior,†Inf. Comput. Secur., vol. 30, no. 3, pp. 364–381, 2022, doi: 10.1108/ICS-02-2021-0017.

F. Breitinger, R. Tully-Doyle, and C. Hassenfeldt, “A survey on smartphone user’s security choices, awareness and education,†Comput. Secur., vol. 88, p. 101647, 2020, doi: 10.1016/j.cose.2019.101647.

S. Yoo, H. R. Ryu, H. Yeon, T. Kwon, and Y. Jang, “Visual analytics and visualization for android security risk,†J. Comput. Lang., vol. 53, no. December 2018, pp. 9–21, 2019, doi: 10.1016/j.cola.2019.03.004.

Y. Gangire, A. Da Veiga, and M. Herselman, “Information Security Behavior: Development of a Measurement Instrument Based on the Self-determination Theory,†IFIP Adv. Inf. Commun. Technol., vol. 593 IFIPAI, pp. 144–157, 2020, doi: 10.1007/978-3-030-57404-8_12.

P. Shah and A. Agarwal, “Cybersecurity behaviour of smartphone users in India: an empirical analysis,†Inf. Comput. Secur., vol. 28, no. 2, pp. 293–318, 2020, doi: 10.1108/ICS-04-2019-0041.

V. R. Saraswathi, I. S. Ahmed, S. M. Reddy, S. Akshay, V. M. Reddy, and S. M. Reddy, “Automation of Recon Process for Ethical Hackers,†2022 Int. Conf. Adv. Technol. ICONAT 2022, no. February, 2022, doi: 10.1109/ICONAT53423.2022.9726077.

X. J. Zhang, Z. Li, and H. Deng, “Information security behaviors of smartphone users in China: An empirical analysis,†Electron. Libr., vol. 35, no. 6, pp. 1177–1190, 2017, doi: 10.1108/EL-09-2016-0183.

M. Park, O. Yi, and J. Kim, “A methodology for the decryption of encrypted smartphone backup data on android platform: A case study on the latest samsung smartphone backup system,†Forensic Sci. Int. Digit. Investig., vol. 35, p. 301026, 2020, doi: 10.1016/j.fsidi.2020.301026.

T. Mi, M. Gou, G. Zhou, Y. Gan, and R. Schwarzer, “Effects of planning and action control on smartphone security behavior,†Comput. Secur., vol. 97, p. 101954, 2020, doi: 10.1016/j.cose.2020.101954.

E. Anggraeni and A. Alarifi, Pengantar Sistem Informasi. Yogyakarta: Penerbit Andi, 2017.

P. Asadi, S. Ahmadi, A. Abdi, O. H. Shareef, T. Mohamadyari, and J. Miri, “Relationship between self-care behaviors and quality of life in patients with heart failure,†Heliyon, vol. 5, no. 9, p. e02493, 2019, doi: 10.1016/j.heliyon.2019.e02493.

M. Mirtsch, K. Blind, C. Koch, and G. Dudek, “Information security management in ICT and non-ICT sector companies: A preventive innovation perspective,†Comput. Secur., vol. 109, p. 102383, 2021, doi: 10.1016/j.cose.2021.102383.

S. Nowrin and D. Bawden, “Information security behaviour of smartphone users: An empirical study on the students of university of Dhaka, Bangladesh,†Inf. Learn. Sci., vol. 119, no. 7–8, pp. 444–455, 2018, doi: 10.1108/ILS-04-2018-0029.

Y. T. Chen, W. L. Shih, C. H. Lee, P. L. Wu, and C. Y. Tsai, “Relationships among undergraduates’ problematic information security behavior, compulsive internet use, and mindful awareness in Taiwan,†Comput. Educ., vol. 164, no. 70, p. 104131, 2021, doi: 10.1016/j.compedu.2021.104131.

S. T. Alanazi, M. Anbar, S. A. Ebad, S. Karuppayah, and H. A. Al-Ani, “Theory-based model and prediction analysis of information security compliance behavior in the Saudi healthcare sector,†Symmetry (Basel)., vol. 12, no. 9, pp. 1–21, 2020, doi: 10.3390/SYM12091544.

T. Rachminingrum and P. K. Sari, “Analisis perilaku keamanan informasi pada pengguna android mobile apps di indonesia,†vol. 6, no. 78, pp. 2135–2142, 2019, [Online]. Available: https://openlibrarypublications.telkomuniversity.ac.id/index.php/management/article/view/9556.

I. B. Letica, “Some correlates of risky user behavior and ICT security awareness of secondary school students,†Int. J. Electr. Comput. Eng. Syst., vol. 10, no. 2, pp. 85–89, 2019, doi: 10.32985/ijeces.10.2.4.

M. Alsaleh, N. Alomar, and A. Alarifi, Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods, vol. 12, no. 3. 2017.

Z. Xu and K. Guo, “It ain’t my business: a coping perspective on employee effortful security behavior,†J. Enterp. Inf. Manag., vol. 32, no. 5, pp. 824–842, 2019, doi: 10.1108/JEIM-10-2018-0229.

N. Ameen, A. Tarhini, M. Hussain Shah, and N. O. Madichie, “Employees’ behavioural intention to smartphone security: A gender-based, cross-national study,†Comput. Human Behav., vol. 104, p. 106184, 2020, doi: 10.1016/j.chb.2019.106184.

I. Arend, A. Shabtai, T. Idan, R. Keinan, and Y. Bereby-Meyer, “Passive- and not active-risk tendencies predict cyber security behavior,†Comput. Secur., vol. 97, p. 101964, 2020, doi: 10.1016/j.cose.2020.101964.

P. R. Shah and A. Agarwal, “Cybersecurity Behaviour of Smartphone Users Through the Lens of Fogg Behaviour Model,†2020 3rd Int. Conf. Commun. Syst. Comput. IT Appl. CSCITA 2020 - Proc., pp. 79–82, 2020, doi: 10.1109/CSCITA47329.2020.9137773.

R. F. Ali, P. D. D. Dominic, S. E. A. Ali, M. Rehman, and A. Sohail, “Information security behavior and information security policy compliance: a systematic literature review for identifying the transformation process from noncompliance to compliance,†Appl. Sci., vol. 11, no. 8, 2021, doi: 10.3390/app11083383.

L. Hadlington, M. Popovac, H. Janicke, I. Yevseyeva, and K. Jones, “Exploring the role of work identity and work locus of control in information security awareness,†Comput. Secur., vol. 81, pp. 41–48, 2019, doi: 10.1016/j.cose.2018.10.006.

A. M. Y. Chu and M. K. So, “Organizational information security management for sustainable information systems: An unethical employee information security behavior perspective,†Sustain., vol. 12, no. 8, pp. 1–25, 2020, doi: 10.3390/SU12083163.

T. Velki and K. Romstein, “User risky behavior and security awareness through lifespan,†Int. J. Electr. Comput. Eng. Syst., vol. 9, no. 2, pp. 53–60, 2018, doi: 10.32985/ijeces.9.2.2.

R. T. Adebiyi, O. Babalola, G. Amuda-Yusuf, S. A. Rasheed, and T. O. Olowa, “Effect of knowledge and compliance of health and safety information on construction sites workers’ safety in Nigeria,†Int. J. Saf. Secur. Eng., vol. 10, no. 2, pp. 269–277, 2020, doi: 10.18280/ijsse.100215.

C. Y. Sang and S. G. Liao, “Modeling and simulation of information dissemination model considering user’s awareness behavior in mobile social networks,†Phys. A Stat. Mech. its Appl., vol. 537, p. 122639, 2020, doi: 10.1016/j.physa.2019.122639.

S. Barth, M. D. T. de Jong, M. Junger, P. H. Hartel, and J. C. Roppelt, “Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources,†Telemat. Informatics, vol. 41, no. February 2019, pp. 55–69, 2019, doi: 10.1016/j.tele.2019.03.003.

S. Bax, T. McGill, and V. Hobbs, “Maladaptive behaviour in response to email phishing threats: The roles of rewards and response costs,†Comput. Secur., vol. 106, p. 102278, 2021, doi: 10.1016/j.cose.2021.102278.

N. H. Chowdhury, M. T. P. Adam, and T. Teubner, “Time pressure in human cybersecurity behavior: Theoretical framework and countermeasures,†Comput. Secur., vol. 97, p. 101963, 2020, doi: 10.1016/j.cose.2020.101963.

M. J. Girsang, Candiwan, R. Hendayani, and Y. Ganesan, “Can Information Security, Privacy and Satisfaction Influence the E-Commerce Consumer Trust?,†2020 8th Int. Conf. Inf. Commun. Technol. ICoICT 2020, 2020, doi: 10.1109/ICoICT49345.2020.9166247.

K. C. Chung, C. H. Chen, H. H. Tsai, and Y. H. Chuang, “Social media privacy management strategies: A SEM analysis of user privacy behaviors,†Comput. Commun., vol. 174, no. April, pp. 122–130, 2021, doi: 10.1016/j.comcom.2021.04.012.

M. Hatamian, J. Serna, and K. Rannenberg, “Revealing the unrevealed: Mining smartphone users privacy perception on app markets,†Comput. Secur., vol. 83, no. 675730, pp. 332–353, 2019, doi: 10.1016/j.cose.2019.02.010.

M. Zwilling, G. Klien, D. Lesjak, Å. Wiechetek, F. Cetin, and H. N. Basim, “Cyber Security Awareness, Knowledge and Behavior: A Comparative Study,†J. Comput. Inf. Syst., 2020, doi: 10.1080/08874417.2020.1712269.

F. Nasirpouri Shadbad and D. Biros, “Technostress and its influence on employee information security policy compliance,†Inf. Technol. People, vol. 35, no. 1, pp. 119–141, 2022, doi: 10.1108/ITP-09-2020-0610.

A. Asfoor, F. A. Rahim, and S. Yussof, Factors influencing information security awareness of phishing attacks from bank customers’ perspective: A preliminary investigation, vol. 843. Springer International Publishing, 2019.

M. Sas, G. L. L. Reniers, W. Hardyns, and K. Ponnet, “The impact of training sessions on security awareness: Measuring the security knowledge, attitude and behaviour of employees,†Chem. Eng. Trans., vol. 77, pp. 895–900, 2019, doi: 10.3303/CET1977150.

Z. Tang, A. S. Miller, Z. Zhou, and M. Warkentin, “Does government social media promote users’ information security behavior towards COVID-19 scams? Cultivation effects and protective motivations,†Gov. Inf. Q., vol. 38, no. 2, p. 101572, 2021, doi: 10.1016/j.giq.2021.101572.

Kautsarina, A. N. Hidayanto, B. Anggorojati, Z. Abidin, and K. Phusavat, “Data modeling positive security behavior implementation among smart device users in Indonesia: A partial least squares structural equation modeling approach (PLS-SEM),†Data Br., vol. 30, p. 105588, 2020, doi: 10.1016/j.dib.2020.105588.

K. van der Schyff and S. Flowerday, “Mediating effects of information security awareness,†Comput. Secur., vol. 106, p. 102313, 2021, doi: 10.1016/j.cose.2021.102313.

G. Norman and D. Streiner, Biostatistics : The Bare Essentials. Shelton: B.C. Decker, 2008.

R. A. Armstrong, “When to use the Bonferroni correction,†Ophthalmic Physiol. Opt., vol. 34, no. 5, pp. 502–508, 2014, doi: 10.1111/opo.12131.

Y. Koumpouros, “Major Metrics, Concerns, and Assessment Strategy for Mobility Assistive Divices,†in Research Anthology on Supporting Healthy Aging in a Digital Society, I. R. M. Association, Ed. IGI Global, 2022, p. 733.

B. S. Everite and C. R. Palmer, Encyclopaedic Companion to Medical Statistics. United Kingdom, 2011.