Measurement of Information Security Awareness Level: A Case Study of Mobile Banking App Users to Prevent Social Engineering

Abstract

Digital adoption, especially in the digital banking sector in Indonesia, is the fastest in Asia. The increase in the number of digital banking service utilization is faced with digital security threats. The government and banking service providers have tried various information security awareness programs, but many users are still subject to social engineering which results in loss of access to applications and material losses. The problem found is that there is no reference to the level of information security awareness among users of digital banking applications. In order for an information security awareness raising program to be effective and in line with user needs, information on the level of information security awareness is needed. This research was conducted to measure the level of information security awareness of users of digital banking applications to prevent cases of social engineering. This study uses the Knowledge-Attitude-Behaviour (KAB) model which is applied to the Human Aspects of Information Security Questionnaire (HAIS-Q) and the taxonomy of security awareness of cellular users. Research data was collected using a questionnaire and got 299 valid respondents. The results of this study indicate that the level of information security awareness of users of banking service applications in Indonesia is at a good level with a value of 81.30%. The value of each dimension of information security awareness is the knowledge dimension of 84.45% (good), the attitude dimension is 84.68% (good) and the behavioral dimension is 78.06% (average). Based on these results, there are several recommendations regarding maintaining information security awareness, namely on regulation on illegal application installation and information security awareness improvement materials to reduce the risk of social engineering.