{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T15:53:14Z","timestamp":1778255594920,"version":"3.51.4"},"reference-count":61,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2020,6,3]],"date-time":"2020-06-03T00:00:00Z","timestamp":1591142400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2020,6,3]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>There is a need for behavioural research within the smartphone context to better understand users\u2019 behaviour, as it is one of the reasons for the proliferation of mobile threats. This study aims to identify the human factors that affect smartphone users\u2019 threat avoidance behaviour.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>A structured literature review (SLR) was applied to answer the research question. A total of 27 sources were analysed, from which 16 codes emerged. After synthesis, six themes transpired.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>Six factors were identified as drivers and\/or challenges of smartphone users\u2019 threat avoidance behaviour, namely, knowledge and awareness, misconceptions and trust, cost and benefit considerations, carelessness, perceived measure effectiveness and the user\u2019s perceived skills and efficacy.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Research limitations\/implications<\/jats:title>\n<jats:p>The results can encourage and provide a starting point for further research on human behaviour to improve smartphone user behaviour.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Practical implications<\/jats:title>\n<jats:p>The mobile industry should focus on eradicating common misconceptions and undue trust in mobile security that is prevalent among smartphone users and make cost effective and usable interventions available. Training and awareness programs should be updated to include the factors that were identified in this study to affect smartphone users\u2019 threat avoidance behaviour. In addition to improving users\u2019 declarative knowledge concerning available smartphone measures and tools, procedural knowledge should also be improved to ensure proper use of available protective measures. Users should realise the importance of staying updated with evolving smartphone technology and associated threats.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>This study acknowledges and supports the notion that addressing human behaviour is crucial in the fight against mobile threats. It addresses the need for behavioural research to analyse the factors that drive smartphone user behaviour. Furthermore, it uses and documents the use of a SLR, a research technique often unfamiliar among information security researchers.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-01-2020-0016","type":"journal-article","created":{"date-parts":[[2020,6,8]],"date-time":"2020-06-08T04:18:17Z","timestamp":1591589897000},"page":"555-574","source":"Crossref","is-referenced-by-count":11,"title":["A systematic literature review of the factors affecting smartphone user threat avoidance behaviour"],"prefix":"10.1108","volume":"28","author":[{"given":"Rika","family":"Butler","sequence":"first","affiliation":[]}],"member":"140","reference":[{"key":"key2020100112345200500_ref001","doi-asserted-by":"crossref","first-page":"525","DOI":"10.1016\/j.future.2018.06.053","article-title":"Identifying cyber threats to mobile-IoT applications in edge computing paradigm","volume":"89","year":"2018","journal-title":"Future Generation Computer Systems"},{"issue":"3","key":"key2020100112345200500_ref002","first-page":"12","article-title":"A new taxonomy of mobile banking threats, attacks and user vulnerabilities","volume":"3","year":"2018","journal-title":"Eurasian Journal of Science and Engineering"},{"issue":"3","key":"key2020100112345200500_ref003","first-page":"1","article-title":"Smartphone users: understanding how security mechanisms are perceived and new persuasive methods","volume":"12","year":"2017","journal-title":"PLoS ONE"},{"issue":"2","key":"key2020100112345200500_ref004","doi-asserted-by":"crossref","first-page":"7","DOI":"10.24018\/ejers.2018.3.2.302","article-title":"Smart devices threats, vulnerabilities and malware detection approaches: a survey","volume":"3","year":"2018","journal-title":"European Journal of Engineering Research and Science"},{"key":"key2020100112345200500_ref005","article-title":"The Privacy and Security Behaviors of Smartphone App Developers","volume-title":"Workshop on Usable Security","year":"2014"},{"issue":"1","key":"key2020100112345200500_ref006","doi-asserted-by":"crossref","first-page":"110","DOI":"10.1145\/1039539.1039573","article-title":"Assessing the value of IS journals","volume":"48","year":"2005","journal-title":"Communications of the ACM"},{"key":"key2020100112345200500_ref007","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1016\/j.tele.2019.03.003","article-title":"Putting the privacy paradox to the test: online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources","volume":"41","year":"2019","journal-title":"Telematics and Informatics"},{"issue":"1","key":"key2020100112345200500_ref008","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1016\/j.jsis.2018.11.002","article-title":"Dealing with digital traces: understanding protective behaviors on mobile devices","volume":"28","year":"2019","journal-title":"Journal of Strategic Information Systems"},{"key":"key2020100112345200500_ref009","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1016\/j.cose.2017.10.015","article-title":"Taxonomy of mobile users\u2019 security awareness","volume":"73","year":"2018","journal-title":"Computers and Security"},{"issue":"3","key":"key2020100112345200500_ref010","article-title":"Insecure network, unknown connection: understanding wi-fi privacy assumptions of mobile device users","volume":"8","year":"2017","journal-title":"Information"},{"issue":"3\/4","key":"key2020100112345200500_ref011","first-page":"130","article-title":"From desktop to mobile: examining the security experience","volume":"28","year":"2009","journal-title":"Computers and Security"},{"key":"key2020100112345200500_ref012","doi-asserted-by":"crossref","first-page":"596","DOI":"10.1016\/j.future.2016.05.033","article-title":"Trusted mobile computing: an overview of existing solutions","volume":"80","year":"2018","journal-title":"Future Generation Computer Systems"},{"key":"key2020100112345200500_ref013","first-page":"1","article-title":"Fraud in mobile financial services: protecting consumers, providers and the system","year":"2017","journal-title":"CGAP Brief"},{"issue":"3","key":"key2020100112345200500_ref014","doi-asserted-by":"crossref","first-page":"330","DOI":"10.1108\/ICS-04-2016-0027","article-title":"Mobile device users\u2019 privacy security assurance behavior a technology threat avoidance perspective","volume":"25","year":"2017","journal-title":"Information and Computer Security"},{"key":"key2020100112345200500_ref015","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1016\/j.cose.2012.09.010","article-title":"Future directions for behavioral information security research","volume":"32","year":"2013","journal-title":"Computers and Security"},{"issue":"1","key":"key2020100112345200500_ref016","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1108\/ICS-04-2015-0018","article-title":"Security behaviors of smartphone users","volume":"24","year":"2016","journal-title":"Information and Computer Security"},{"key":"key2020100112345200500_ref017","unstructured":"Davis, G. and Samani, R. (2018), McAfee Mobile Threat Report Q1 2018, available at: www.mcafee.com\/es\/resources\/reports\/rp-mobile-threat-report-2018.pdf"},{"key":"key2020100112345200500_ref018","first-page":"329","article-title":"Influence of users\u2019 privacy risks literacy on the intention to install a mobile application","volume-title":"World Conference on Information Systems and Technologies","year":"2015"},{"key":"key2020100112345200500_ref019","first-page":"750","article-title":"Are you ready to lock? Understanding user motivations for smartphone locking behaviors","volume-title":"2014 ACM SIGSAC Conference on Computer and Communications Security","year":"2014"},{"key":"key2020100112345200500_ref020","first-page":"1","article-title":"Towards improving the security of mobile systems using virtualization and isolation","volume-title":"Proceedings of Fourth International Conference on Mobile and Secure Services (MobiSecServ)","year":"2018"},{"key":"key2020100112345200500_ref021","first-page":"1","article-title":"Understanding children\u2019s mobile device usage","volume-title":"4th IEEE International Conference on Cybercrime and Computer Forensic (ICCCF)","year":"2016"},{"issue":"2","key":"key2020100112345200500_ref022","article-title":"Security awareness of the digital natives","volume":"8","year":"2017","journal-title":"Information"},{"key":"key2020100112345200500_ref023","unstructured":"GSMA (2018), \u201cThe mobile economy 2018\u201d, available at: www.gsma.com\/mobileeconomy\/"},{"issue":"4","key":"key2020100112345200500_ref024","first-page":"47","article-title":"Mobile app installation: the role of precautions and desensitization","volume":"24","year":"2015","journal-title":"Journal of International Technology and Information Management"},{"issue":"1","key":"key2020100112345200500_ref025","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1109\/MWC.2015.7054729","article-title":"Mobile application security: malware threats and defenses","volume":"22","year":"2015","journal-title":"IEEE Wireless Communications"},{"issue":"12","key":"key2020100112345200500_ref026","doi-asserted-by":"crossref","first-page":"1347","DOI":"10.1080\/0144929X.2014.934286","article-title":"Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users","volume":"33","year":"2014","journal-title":"Behaviour and Information Technology"},{"key":"key2020100112345200500_ref027","first-page":"81","article-title":"Factors influencing smartphone application downloads","volume-title":"11th World Conference on Information Security Education","year":"2018"},{"key":"key2020100112345200500_ref028","first-page":"311","article-title":"A practical analysis of smartphone security a practical analysis of smartphone security","volume-title":"Human Interface and the Management of Information. Interacting with Information","year":"2011"},{"key":"key2020100112345200500_ref029","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1016\/j.ijinfomgt.2018.05.007","article-title":"An investigation of relationships among privacy concerns, affective responses, and coping behaviors in location-based services","volume":"43","year":"2018","journal-title":"International Journal of Information Management"},{"key":"key2020100112345200500_ref030","first-page":"306","article-title":"Mobile devices and cyber security: an exploratory study on user\u2019s response to cyber security challenges","volume-title":"13th International Conference on Web Information Systems and Technologies","year":"2017"},{"key":"key2020100112345200500_ref031","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1016\/j.jisa.2016.10.002","article-title":"Psychological needs as motivators for security and privacy actions on smartphones","volume":"34","year":"2017","journal-title":"Journal of Information Security and Applications"},{"issue":"1","key":"key2020100112345200500_ref032","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s40692-017-0093-6","article-title":"Usability of mobile learning applications: a systematic literature review","volume":"5","year":"2018","journal-title":"Journal of Computers in Education"},{"issue":"1","key":"key2020100112345200500_ref033","doi-asserted-by":"crossref","first-page":"19","DOI":"10.3390\/computers7010019","article-title":"Mobile educational augmented reality games: a systematic literature review and two case studies","volume":"7","year":"2018","journal-title":"Computers"},{"key":"key2020100112345200500_ref034","doi-asserted-by":"crossref","first-page":"181","DOI":"10.28945\/479","article-title":"A systems approach to conduct an effective literature review in support of information systems research","volume":"9","year":"2006","journal-title":"Informing Science"},{"issue":"11","key":"key2020100112345200500_ref035","doi-asserted-by":"crossref","first-page":"1111","DOI":"10.1080\/0144929X.2017.1352028","article-title":"Old risks, new challenges: exploring differences in security between home computer and mobile device use","volume":"36","year":"2017","journal-title":"Behaviour and Information Technology"},{"key":"key2020100112345200500_ref036","first-page":"69","article-title":"A detailed study on risk assessment of mobile app permissions","volume-title":"Proceedings of the 3rd International Conference on Innovative Research in Science and Technology (ICIRST)","year":"2018"},{"issue":"5","key":"key2020100112345200500_ref037","doi-asserted-by":"crossref","first-page":"415","DOI":"10.1016\/S0378-7206(01)00107-0","article-title":"A literature review and classification of electronic commerce research","volume":"39","year":"2002","journal-title":"Information and Management"},{"key":"key2020100112345200500_ref038","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1016\/j.cose.2015.05.011","article-title":"Information security behaviour profiling framework (ISBPF) for student mobile phone users","volume":"53","year":"2015","journal-title":"Computers and Security"},{"key":"key2020100112345200500_ref039","first-page":"162","article-title":"Linking student information security awareness and behavioural intent","volume-title":"8th International Symposium on Human Aspects of Information Security and Assurance (HAISA)","year":"2014"},{"issue":"7\/8","key":"key2020100112345200500_ref040","doi-asserted-by":"crossref","first-page":"444","DOI":"10.1108\/ILS-04-2018-0029","article-title":"Information security behaviour of smartphone users","volume":"119","year":"2018","journal-title":"Information and Learning Science"},{"key":"key2020100112345200500_ref041","doi-asserted-by":"crossref","unstructured":"Okoli, C. and Schabram, K. (2010), \u201cA guide to conducting a systematic literature review of information systems research\u201d, Working Papers on Information Systems, Vol. 10 No. 26, pp. 1-50.","DOI":"10.2139\/ssrn.1954824"},{"key":"key2020100112345200500_ref042","first-page":"1","article-title":"Exploring end-user smartphone security awareness within a South African context","year":"2014","journal-title":"In IEEE 2014 Information Security for South Africa"},{"key":"key2020100112345200500_ref043","first-page":"57","article-title":"Examining attitudes toward information security behaviour using mixed methods","volume-title":"Proceedings of the Ninth International Symposium on Human Aspects of Information Security and Assurance (HAISA 2015)","year":"2015"},{"key":"key2020100112345200500_ref044","volume-title":"Systematic Reviews in the Social Sciences \u2013 A practical guide","year":"2006","edition":"1st ed."},{"key":"key2020100112345200500_ref045","first-page":"128","article-title":"Understanding research philosophy and approaches to theory development","volume-title":"Research Methods for Business Students","year":"2019","edition":"8th ed."},{"issue":"4","key":"key2020100112345200500_ref046","doi-asserted-by":"crossref","first-page":"822","DOI":"10.3145\/epi.2018.jul.11","article-title":"Users\u2019 management of mobile devices and privacy","volume":"27","year":"2018","journal-title":"El Profesional de la Informaci\u00f3n"},{"key":"key2020100112345200500_ref047","first-page":"203","article-title":"Factors influencing users to use unsecured wi-fi networks: evidence in the wild","volume-title":"12th ACM Conference on Security and Privacy in Wireless and Mobile Networks","year":"2019"},{"issue":"2","key":"key2020100112345200500_ref048","first-page":"1","article-title":"Investigating identity fraud management practices in e-tail sector: a systematic review","volume":"32","year":"2019","journal-title":"Journal of Enterprise Information Management"},{"issue":"1","key":"key2020100112345200500_ref049","doi-asserted-by":"crossref","first-page":"118","DOI":"10.1111\/cdev.12827","article-title":"Distracted walking, bicycling, and driving: systematic review and meta-analysis of mobile technology and youth crash risk","volume":"89","year":"2018","journal-title":"Child Development"},{"key":"key2020100112345200500_ref050","doi-asserted-by":"crossref","first-page":"376","DOI":"10.1016\/j.cose.2017.07.003","article-title":"\u2018Security begins at home\u2019: determinants of home computer and mobile device security behavior","volume":"70","year":"2017","journal-title":"Computers and Security"},{"key":"key2020100112345200500_ref052","first-page":"1393","article-title":"Understanding user\u2019s behaviors in coping with security threat of mobile devices loss and theft","volume-title":"Proceedings of 45th HI International Conference on System Sciences","year":"2012"},{"issue":"6","key":"key2020100112345200500_ref051","doi-asserted-by":"crossref","first-page":"603","DOI":"10.1504\/IJMC.2014.064915","article-title":"Understanding user behaviour in coping with security threats of mobile device loss and theft","volume":"12","year":"2014","journal-title":"International Journal of Mobile Communications"},{"key":"key2020100112345200500_ref053","unstructured":"Unuchek, R. (2018), \u201cMobile malware evolution 2017\u201d, Kaspersky, available at: https:\/\/securelist.com\/mobile-malware-review-2017\/84139\/"},{"key":"key2020100112345200500_ref054","doi-asserted-by":"crossref","first-page":"860","DOI":"10.1016\/j.cose.2018.03.008","article-title":"Understanding smartphone security behaviors: an extension of the protection motivation theory with anticipated regret","volume":"77","year":"2018","journal-title":"Computers and Security"},{"key":"key2020100112345200500_ref055","first-page":"120","article-title":"On the user awareness of mobile security recommendations","volume-title":"2017 ACM SouthEast Regional Conference","year":"2017"},{"issue":"2","key":"key2020100112345200500_ref056","first-page":"13","article-title":"Analyzing the past fo prepare for the future: writing a literature review","volume":"26","year":"2002","journal-title":"MIS quarterly"},{"key":"key2020100112345200500_ref057","first-page":"181","article-title":"Privacy is the boring bit: user perceptions and behaviour in the internet-of-things","volume-title":"Proceedings \u2013 2017 15th Annual Conference on Privacy, Security and Trust, PST 2017","year":"2017"},{"issue":"4","key":"key2020100112345200500_ref058","doi-asserted-by":"publisher","first-page":"320","DOI":"10.1080\/0144929X.2018.1436591","article-title":"An empirical study examining the perceptions and behaviours of securityconscious users of mobile authentication","volume":"37","year":"2018","journal-title":"Behaviour and Information Technology"},{"key":"key2020100112345200500_ref059","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1016\/j.cose.2019.03.010","article-title":"Threat modeling \u2013 a systematic literature review","volume":"84","year":"2019","journal-title":"Computers and Security"},{"issue":"3","key":"key2020100112345200500_ref060","doi-asserted-by":"crossref","first-page":"891","DOI":"10.1007\/s11219-017-9368-4","article-title":"A survey on dynamic mobile malware detection","volume":"26","year":"2018","journal-title":"Software Quality Journal"},{"issue":"6","key":"key2020100112345200500_ref061","doi-asserted-by":"crossref","first-page":"1177","DOI":"10.1108\/EL-09-2016-0183","article-title":"Information security behaviors of smartphone users in China: an empirical analysis","volume":"35","year":"2017","journal-title":"The Electronic Library"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-01-2020-0016\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-01-2020-0016\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:22:38Z","timestamp":1753406558000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/28\/4\/555-574\/112420"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,6,3]]},"references-count":61,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2020,6,3]]}},"alternative-id":["10.1108\/ICS-01-2020-0016"],"URL":"https:\/\/doi.org\/10.1108\/ics-01-2020-0016","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"},{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2020,6,3]]}}}