Skip to main content
SpringerLink
Log in

Exploring the Impact of QR Codes in Authentication Protection: A Study Based on PMT and TPB

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The fast growing usage of mobile devices to access services over telecommunication networks urges researchers to look for an efficient way to secure users’ online credentials. Rooted in online users’ fear appeals, this study measures the impact of an emerging use of technology, QR codes, on authentication protection. We contribute to the extant literature by integrating two theories—protection motivation theory and the theory of planned behavior, as well as investigating how the collaboration of computers and mobile devices enhances the protection of users’ online credentials. The results of the study additionally provide insights for IT developers for future directions in the development of authentication protection.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. Video 1 from https://www.youtube.com/watch?v=O_UDwCsUOxI.

  2. Video 2 from https://www.youtube.com/watch?v=DRgihqFbgPI.

References

  1. InternetLiveStats (2015). Internet Users. http://www.internetlivestats.com/internet-users/.

  2. Infographics. (2014). The 2014 mobile landscape: 25 statistics that will drive the future of mobile marketing. http://www.searchenginejournal.com/2014-mobile-landscape-25-statistics-will-drive-future-mobile-marketing-infographic/89507/.

  3. Kroenke, D. (2014). Experiencing MIS, in 5/E (p. 696). Upper Saddle River: Prentice Hall.

    Google Scholar 

  4. Janrain. Online Americans Fatigued by Password Overload Janrain Study Finds. 2012; Available from: http://janrain.com/about/newsroom/press-releases/online-americans-fatigued-by-password-overload-janrain-study-finds/.

  5. Crossler, R.E., et al., Understanding Compliance with Bring Your Own Device Policies Utilizing Protection Motivation Theory: Bridging the Intention-Behavior Gap, in Journal of Information Systems. 2014, American Accounting Association. p. 209-226.

  6. Posey, C., et al. (2013). Insiders’ protection of organizational information assetts: Development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors. MIS Quarterly, 37(4), 1189-A9.

    Article  Google Scholar 

  7. Zhang, L., & McDowell, W. C. (2009). Am I really at risk? Determinants of online users’ intentions to use strong passwords. Journal of Internet Commerce, 8(3/4), 180–197.

    Article  Google Scholar 

  8. Al-Debei, M. M., Al-Lozi, E., & Papazafeiropoulou, A. (2013). Why people keep coming back to Facebook: Explaining and predicting continuance participation from an extended theory of planned behaviour perspective. Decision Support Systems, 55(1), 43–54.

    Article  Google Scholar 

  9. DensoWaveIncorporated. (2010). QR code features. http://www.QRcode.com.

  10. Kan, T.-W., Teng, C.-H., & Chen, M. Y. (2011). QR code based augmented reality applications. In B. Furht (Ed.), Handbook of augmented reality (pp. 339–354). New York: Springer.

    Chapter  Google Scholar 

  11. Dmitrienko, A., et al. (2014). Security analysis of mobile two-factor authentication schemes. Intel Technology Journal, 18(4), 138–161.

    Google Scholar 

  12. Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change. Journal of Psychology, 91(1), 93.

    Article  Google Scholar 

  13. Pavlou, P. A., & Fygenson, M. (2006). Understanding and predicting electronic commerce adoption: An extention of the theory of planned behavior. MIS Quarterly, 30(1), 115–143.

    Google Scholar 

  14. Liang, H., & Xue, Y. (2009). Avoidance of information technology threats: A therectical perspective. MIS Quarterly, 33(1), 71–90.

    Google Scholar 

  15. Johnston, A. C., Warkentin, M., & Siponen, M. (2015). An enhanced fear appeal rhetorical framework: Leveraging threats to the human asset through sanctioning rhetoric. MIS Quarterly, 39(1), 113-A7.

    Article  Google Scholar 

  16. Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83–95.

    Article  Google Scholar 

  17. Herath, T., et al. (2014). Security services as coping mechanisms: An investigation into user intention to adopt an email authentication service. Information Systems Journal, 24(1), 61–84.

    Article  Google Scholar 

  18. Meso, P., Ding, Y., & Xu, S. (2013). Applying protection motivation Theory to information security training for college students. Journal of Information Privacy & Security, 9(1), 47–67.

    Article  Google Scholar 

  19. Kline, R. B. (2004). Principals and practice of structural equation modeling. In D. A. Kenny (Ed.), Methodology in the social sciences (2nd ed., p. 366). New York: The Guilford Press.

    Google Scholar 

  20. Anderson, C. L., & Agarwal, R. (2010). Practing safe computing: A multimethod empirical examination of home computer user security behavioral intentions. MIS Quarterly, 34(3), 613–643.

    Google Scholar 

  21. Johnston, A. C., & Warkentin, M. (2010). Fear appeals and information security behaviors: An empirical study. MIS Quarterly, 34(3), 549–566.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Management, Marketing and Information Systems, School of Economics and Business, State University of New York at Oneonta, Oneonta, NY, 13820, USA

    Jing Yang

  2. Accounting and Information Systems, California State University at Northridge, Northridge, CA, 91330, USA

    Yue Zhang

  3. Marketing and Business Development, CSEM Research and Development, 2002, Neuchâtel, Switzerland

    Cees J. M. Lanting

Authors
  1. Jing Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yue Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Cees J. M. Lanting
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jing Yang.

Appendix: Survey instruments (adapted from [5, 20, 21])

Appendix: Survey instruments (adapted from [5, 20, 21])

The following statements concern your experience with authentication protection. Please rate the following statements from 1 to 7, where 1 means you strongly disagree and 7 means you strongly agree.

Perceived threat severity

  • If my user IDs and passwords are broken, it would be severe.

  • If my accounts are hacked, it would be serious.

  • If my user IDs and passwords are stolen, it would be disastrous.

Perceived threat susceptibility

  • My user IDs and passwords are at risk for being broken by others.

  • It is likely that my online accounts will be hacked.

  • It is possible that my user IDs and passwords will be stolen by others.

Self efficacy

  • Using QR codes to log into accounts would be easy for me.

  • Using QR codes to login is convenient.

  • I am able to use QR codes to login without much effort.

Response efficacy

  • Using QR codes for login would be effective for authentication protection.

  • When using QR codes for login, my user ID and password would be more likely to be protected.

Perceived cost

  • Learning how to use QR codes for login is time consuming.

  • It takes me a lot of effort to understand how to use QR codes to log into accounts.

  • The inconvenience of using QR codes is lower than the benefits.

Attitude

  • Using QR codes for login is a good idea.

  • Using QR codes to protect online accounts is promising.

  • I like the idea of using QR codes to protect online accounts.

  • QR codes would be capable to protect my online accounts.

Subjective norm

  • If my close friends use QR codes to secure their accounts, I would also do the same.

  • If significant others use QR codes to secure their accounts, I would also do the same.

  • If my peers suggest that I should use QR codes to secure my online accounts, I will adopt the use of QR codes.

Behavioral intention

Thinking of your future actions, indicate the degree to which you agree or disagree with the following statements regarding your likelihood of implementing QR codes to protect your online accounts.

  • I am likely to use QR codes to log into my online accounts.

  • It is possible that I will use QR codes to protect my online accounts.

  • I am certain that I will use QR codes to protect my accounts in the near future.

Demographic information:

Gender

  • Male

  • Female

  • Other

Age

  • 18–29

  • 30–39

  • 40–49

  • 50–59

  • 60 and over

Education

  • High School

  • Some College

  • Bachelor’s Degree

  • Master’s Degree

  • Doctorate

  • Other

Computer background

  • How many computers (including desktops and laptops) do you have?

  • How many mobile devices (including smartphones and tablets) do you have?

  • How many online accounts (i.e. emails, bank accounts, shopping accounts, etc.) do you have?

  • How many unique passwords do you have?

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yang, J., Zhang, Y. & Lanting, C.J.M. Exploring the Impact of QR Codes in Authentication Protection: A Study Based on PMT and TPB. Wireless Pers Commun 96, 5315–5334 (2017). https://doi.org/10.1007/s11277-016-3743-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-016-3743-5

Keywords

Search

Navigation