{"title":"使用非金融机构服务提供商进行移动支付的信息安全风险项目和管理实践:探索性研究","authors":"Shaio-Yan Huang , Tawei Wang , Yu-Ting Huang , Tzu-Ning Yeh","doi":"10.1016/j.accinf.2024.100684","DOIUrl":null,"url":null,"abstract":"<div><p>Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financial-institution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.</p></div>","PeriodicalId":47170,"journal":{"name":"International Journal of Accounting Information Systems","volume":null,"pages":null},"PeriodicalIF":4.1000,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Information security risk items and management practices for mobile payment using non-financial-institution service providers: An exploratory study\",\"authors\":\"Shaio-Yan Huang , Tawei Wang , Yu-Ting Huang , Tzu-Ning Yeh\",\"doi\":\"10.1016/j.accinf.2024.100684\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financial-institution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.</p></div>\",\"PeriodicalId\":47170,\"journal\":{\"name\":\"International Journal of Accounting Information Systems\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2024-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Accounting Information Systems\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1467089524000174\",\"RegionNum\":3,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"BUSINESS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Accounting Information Systems","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1467089524000174","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS","Score":null,"Total":0}
Information security risk items and management practices for mobile payment using non-financial-institution service providers: An exploratory study
Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financial-institution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.
期刊介绍:
The International Journal of Accounting Information Systems will publish thoughtful, well developed articles that examine the rapidly evolving relationship between accounting and information technology. Articles may range from empirical to analytical, from practice-based to the development of new techniques, but must be related to problems facing the integration of accounting and information technology. The journal will address (but will not limit itself to) the following specific issues: control and auditability of information systems; management of information technology; artificial intelligence research in accounting; development issues in accounting and information systems; human factors issues related to information technology; development of theories related to information technology; methodological issues in information technology research; information systems validation; human–computer interaction research in accounting information systems. The journal welcomes and encourages articles from both practitioners and academicians.