Abstract

It is generally believed that, compared to traditional commerce, Electronic Commerce(EC) is more difficult to gain and sustain customers. One of the major reasons that customers do not use EC is lack of trust. Previous researches on the EC user's trust suggested that risk is an antecedent of trust and the concept of trust is highly related to risk. This study proposed a combined model in which includes the factors based on generic information security risk analysis methodology and trust factors in EC. The objectives of this study are follows; first, investigating the relationship between trust and risk that are antecedent factors of purchase intention, and second, examining the validity of information security risk analysis approach in EC environment. Based on the survey results of 143 MBA students statistical analysis showed that factors like threats and controls were significantly related to risk, but assets did not have statistically significant relationship with risk. Controls and knowledge of EC had meaningful effect on user's trust. This study found that risk analysis methodology which is generally used at organizational level is practically useful at user level on EC environment. In conclusion, the results of this study would be applied to generic situation of information security for analyzing and managing the risk. Besides, this study emphasized that EC vendors need to pay more attention to the information security risk to gain customer's trust.

Keywords

• Electronic Commerce;
• Risk Analysis Model;
• EC User's Trust;
• IS Security;
• Structural Equation Model