{"title":"Information security risk items and management practices for mobile payment using non-financial-institution service providers: An exploratory study","authors":"Shaio-Yan Huang , Tawei Wang , Yu-Ting Huang , Tzu-Ning Yeh","doi":"10.1016/j.accinf.2024.100684","DOIUrl":null,"url":null,"abstract":"<div><p>Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financial-institution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.</p></div>","PeriodicalId":47170,"journal":{"name":"International Journal of Accounting Information Systems","volume":"53 ","pages":"Article 100684"},"PeriodicalIF":4.1000,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Accounting Information Systems","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1467089524000174","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS","Score":null,"Total":0}
引用次数: 0
Abstract
Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financial-institution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.
期刊介绍:
The International Journal of Accounting Information Systems will publish thoughtful, well developed articles that examine the rapidly evolving relationship between accounting and information technology. Articles may range from empirical to analytical, from practice-based to the development of new techniques, but must be related to problems facing the integration of accounting and information technology. The journal will address (but will not limit itself to) the following specific issues: control and auditability of information systems; management of information technology; artificial intelligence research in accounting; development issues in accounting and information systems; human factors issues related to information technology; development of theories related to information technology; methodological issues in information technology research; information systems validation; human–computer interaction research in accounting information systems. The journal welcomes and encourages articles from both practitioners and academicians.