ASPECTS OF THE SECURITY USE OF PAYMENT CARD PIN CODE ANALYSED BY THE METHODS OF MULTIDIMENSIONAL STATISTICS

The conception of economic security management should be established on instruments and measures that will enable the financial institutions to operate in their interest without losing their financial stability, profitability and economic independence. This is a significant prerequisite for the security of the functional components of the company's financial security. The article presents an analysis of research results. Its objective is to contribute to the knowledge and understanding of the behaviour of payment card users with a special focus on the aspect of their security connected with the use of payment card personal identification number (PIN). The article analyses the opinions and attitudes of respondents toward the questions dealing with the security of payment cards and their behaviour when using them. The analysis is carried out from the aspect of gender, age and education of respondents by using multidimensional statistical methods, namely factor analysis and analysis of dispersion.


Introduction
Digital security threats and incidents have been intensified in recent years, thus leading to significant economic and social consequences for public and private organizations as well as individuals. Some examples include disruption of operations (e.g. through denial of service or sabotage), direct financial loss, lawsuits, reputational damage, loss of competitiveness (e.g. in case of theft of trade secret), as well as loss of customer trust. An increasing number of stakeholders are aware of the need of improving the management of digital security risk to reap the benefits of the digital economy.
Risk is the effect of uncertainties on objectives. Digital security risk is the expression used to describe a category of risks related to the use, development and management of the digital environment in the course of any activity. This risk can result from the combination of threats and vulnerabilities in the digital environment. They can undermine the achievement of economic and social objectives by disrupting the confidentiality, integrity and availability of the activities and/or environment. Digital security risk is dynamic in nature. It includes aspects related to the digital and physical environments, people involved in the activity and organisational processes supporting it.
The activities undertaken by companies in pursuance of their objectives are subject to factors that can have consequences on the likelihood of their success. Risk is the effect, or the consequence, of uncertainty on the objectives pursued by stakeholders, i.e., a deviation from their anticipated reality. Risk is often expressed in terms of likelihood and impact, while risk levels are typically represented on an X-Y axis, which helps in considering the various combinations of these two dimensions.

Theoretical background
A number of scientists have devoted their works to the management of economic and financial security at the banking level (Jančíková, Pasztorová 2018;Jančíková, Veselovská 2018). Korauš et al. (2019aKorauš et al. ( , 2019b analyze the security of payment systems. Athanasoulis et al. (1999) seek to establish a link between the state of macromarkets and financial security. Delaquil et al. (2012) combine problems in assessing the level of economic, energy and climate security (Žuľová et al. 2018) and confirm the need for integrated protection of the state security in various areas. Hacker et al. (2014) develop the methodological aspects to assess the level of the country's economic security. The authors suggest using an Economic Security Index while diagnosing the economic security state. They also justify the possibility of its application as a new measurement tool for research and analysis of state policy on the one hand, and as a new means of assessing economic security of American workers and their families, on the other. Klein (2009) establishes the relationship between the level of economic security and human well-being.
Awareness of security risks research Kordik and Kurilovská (2018), reliable risk assessment method RM/RA CRAMM applicable for a crime risk assessment was described by Mamojka and Mullerova (2017) and its legal questions by Mullerova and Mamojka (2017).
Managing the financial security of financial intermediaries has its own characteristics. Cybernetic security issues, which are often perceived as synonymous with the safety of critical infrastructure (Dobrovič et al., 2017). The problems of conceptualizing the management of economic and financial security of banking institutions are raised by European scientists. Namely, Jantoń-Drozdowska and Mikołajewicz-Woźniak (2017); Shive and Forster (2017) specify the peculiarities of a fraud-monitoring organization within the system of economic security management of a banking institution. Baldwin et al. (2011); Mura et al. (2018) offer a methodical approach to the formation of organizational and economic support for the financial security management of banks. Novotný
Banks currently use sophisticated tools to track and detect fraud and fight against them at every stage of the buying process, even before they buy. Banking experts are constantly expanding and enhancing technology to take a step forward from fraudsters, so that once MasterCard identifies smartphone clips as its own, no one else can shop with client mobile credentials. Card payer cardholders are also able to make safer digital payments even through tokenisation -the process of exchanging a token card master account number.
The smart cards are equipped with an additional security element, which is embedded in the form of an inserted microchip, safely storing user data.
The service provider is assigned or the user selects the Personal Identification Number (IPIN) numbers that contain 3 to 6 digits. PIN numbers are typically associated with different types of banking services. If a user completes a transaction, it is a requirement for users to enter their PIN assigned to their account. User numbers will be verified based on saved numbers. Sometimes a dynamically generated number called a one-time password (OTP) can be used as a PIN. Although PINs are simple and effective in securing accounts, they are prone to attacking the shoulder. When attacking the shoulder surf, the attacker follows the user authentication process and identifies the PIN number. Using virtual keyboard shortcuts makes it easier for an attacker to make keyboard entries on the screen. A security precaution to prevent this attack ensures that no one is entered before the PIN is entered. But in public places such as ATMs, cyber cafes, department stores, etc. It's hard to push. Another option is to use OTP for transactions. However, additional costs and delays could arise. OTP attacks are also prevalent (Raddum et al. 2010).
In the case of a human arm attack, the attackers rely on their ability to observe and remember the details they have observed (Tari et al. 2006;Roth and Richter 2006;Por 2013;Malek et al. 2006;Horecký, 2018). When entering a PIN on a virtual keyboard, a user clicks the numbers one at a time and gives enough opportunity for the observer to see individual digits reconstruct the entire PIN. So any security mechanism that prevents direct entry of numbers and increases the trouble of the attacker tracking the pin input to track the real number is enough to alleviate attacks on the shoulder. But when the attack on the shoulder is surfing with a recording device such as a mobile camera or malware that could record video activity on the screen, it is very difficult to defend (Wu 2014). This is because the attacker could view the recorded video several times and reproduce the PIN number in succession. There are many suggestions to limit recorded attacks on the shoulder. Such models are more complicated for implementation and follow-up for regular users.
Recognizing the potential for PIN attacks during the PIN process, many scientists have focused on developing new schemes to mitigate these attacks. A survey of many virtual keyboards takes place in (Kölsch and Turk 2002). Method (Wilfong 1999) requires that the user performs a math operation on each digit of his / her random number PIN provided by the authenticators. The result is entered by the user. At the end of the server, the same digits are repeated to get digits. Verified based on actual saved PINs. This approach requires users a certain level of competence to perform mathematical computations, and may lead to several erroneous inputs.
In the mobile environment, there is a high risk of the observing attacks which is the way to steal a password, because many people have a camera-equipped mobile phone and a miniature camera. The biometric authentication technology is one of the methods to solve this problem. However, some equipment does not have the device of biometric authentication. Moreover, some system requires PIN or password when failing in the biometric authentication. The PIN or password authentication is still used widely (Fujita, Hirakawa, 2008).

Material and methods
The present article deals with the results of research and subsequent analysis. It aims to contribute to the knowledge and comprehension of the behaviour of payment card users with a special focus on the aspect of their security. The article analyses the opinions and attitudes of respondents toward the questions dealing with the security of payment systems and their behaviour when using payment cards. The analysis is carried out from the aspect of gender, age and education of respondents by using multidimensional statistical methods, namely factor analysis and analysis of dispersion. The research as well as the selection of representative sample were carried out as follows: Time horizon of the survey: 20.02.2018 -20.07.2018 Representative sample: 1,012 respondents Number of questionnaires issued: 4,700 Number of (completed) questionnaires collected: 3,288 The representative sample containing 1,012 respondents was selected by random number generator from fully completed questionnaires (3,288) in such a way that it would represent the population of Slovakia over 18 years of age from the aspect of their education, size of municipality and region they live in, and occupation.
The analyzed set is represented in five age categories in ranges 18-30 years, 31-40 years, 41-50 years, 51-60 years and over 60 years. These categories are composed of 206,212,192,196

Results
The analysis of the behaviour of respondents when making a payment and their opinions on their security was based on answers to questions as follows:  Q1 -Do you carry your payment card PIN code along with your payment card?  Q2 -Have you ever changed your payment card PIN code?  Q3 -Have you altered your payment card PIN code in a way that it would encode your date of birth?  Q4 -Do you consider ATMs located at banks' premises safer for withdrawing your cash?  Q5 -Do you have trust in the security of payment systems?  Q6 -Do personal data represent information that needs to be most importantly protected?  Q7 -Do you rely on the security measures of your bank in payment cards?  Q8 -Are you sure that your bank takes proper care of your money?  Q9 -Do you have any experience with a hacking attack or bank fraud?  Q10 -Do you think that security measures taken to protect payment card data are continuously getting better?  Q12 -How confident are you in the security of payment systems?  Q13 -Do you think that the payment system carries elements of high security risks?  Q18 -Does the enhanced security of new payment methods outweigh the cost of their implementation?  Q19 -Does the enhanced customer convenience of new payment methods outweigh the cost of their implementation?  Q20 -Why is it more challenging to secure payment card information?  Q22 -How confident are you that customers can protect themselves when their personal information is lost or stolen?

ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES
ISSN 2345-0282 (online) http://jssidoi.org/jesi/ 2019 Volume 6 Number 4 (June) http://doi.org/10.9770/jesi. 2019.6.4(33) 2023 The reliability of the research tool was judged by using the Cronbach's alfa coefficient. Its value was 0.81694. Based on the latter value, it is possible to state that it is not necessary to increase the value by removing any of variables. As the Cronbach alfa exceeds the value of 0.7, we can state that the research tool is reliable, and we can safely process the data.
The method is foremostly aimed at simplifying the description of group with mutual linear dependent signs, i.e. decomposing the source data matrix into structural and noise matrices. Each of main components represents a linear combination of original signs. Main components are ordered in line with their importance, i.e. with the decreasing dispersion (Tab. 1). This implies that a major portion of information on variability of original data is concentrated in the first main component and just as much information is concentrated in the last main component. The table of original values in source data matrix (Tab. 1) shows that the concentrations of first, second, third, fourth, fifth, sixths and seventh main components are 12.32169 %, 7.84521 %, 7.51302 %, 7.05182 %, 6.68356 %, 6.5887 %, and 6.37555 % of variability of the original data, respectively. These seven main components, whose own number is larger than 1, concentrate within themselves 54.3795 % of variability of original data of the researched set. The diagram of the dispersion measures ( The appropriate use of factor analysis is tested by Kaiser-Mayer-Olkin (KMO) statistics and Bartlett's test of sphericity. KMO statistics represents an index which serves for comparing the size of experimental correlation coefficients against the size of partial correlation coefficients. When the sum of squares of partial correlation coefficients between all pairs of signs is small in comparison to the sum of squares of pair correlation coefficients, the measure of KMO statistics approaches the value of 1. Low values of KMO statistics indicate that the factor analysis of original signs would not be a good approach because the correlation between the pairs of signs cannot be explained by means of the rest of signs. In accord with the value of Keiser-Mayer-Olkin statistics (0.642) and definition by Kaiser, it is possible to state that based on the used research tool, the measure of correlation is good and the choice of factor analysis for security of payment system is justified. Bartlett's test of sphericity represents a statistical test of correlation between original signs. It tests the null statistic hypothesis H0 , namely whether "the correlation between the signs does not exist" , i.e. whether the correlation matrix is a unit matrix. The achieved level of significance of Bartlett's test of sphericity p= 0.000 is lower than the level of significance chosen by us (α = 5 %). Thus, we can reject the null hypothesis that the realization of the selected correlation matrix with 16 ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES ISSN 2345-0282 (online) http://jssidoi.org/jesi/ 2019 Volume 6 Number 4 (June) http://doi.org/10.9770/jesi.2019.6.4(33) considered variables is a unit matrix. Hence, to start off, we can state that the factor analysis is appropriate for the data dealing with security of payment system. The first step to the interpretation of results of factor analysis is to analyse the factor matrix (Tab. 3) which serves for gaining the initial number of factors. The factor matrix contains factor loading for each sign, while in each factor, it represents the best linear combination of original signs while including the highest possible number of variability of signs. The first factor is always the most important because it represents the best linear relation found in original signs. The second factor represents the second best linear relation of original data, however it is restricted by a condition that it has to be orthogonal to the first factor. The factor loading explains the role of each original sign in defining the common factor. It is, in fact, a correlation coefficient between every original sign and factor.

2026
The Table 3 makes it obvious that the first factor significantly correlates with components of research tool, namely with Q1 (Do you carry your payment card PIN code along with your payment card?), Q2 (Have you ever changed your payment card PIN code?), and Q3 (Have you altered your payment card PIN code in a way that it would encode your date of birth?). The values of factor loading reach the values of 60.7027 % and 66.7834 at components Q1 and Q3, respectively. The positive sign of factor loading reflects the indirect proportion, i.e. the evaluation of responses decreases on Likert scale with an increase in the number of respondents. Thus, in frame of the scale value, the responses stating "certainly not" or "no" are chosen. The factor loading of Q2 component of the research tool reaches the value of -70.2289. As it implies further from the analysis of Table 3 Table 3, it further implies that the variability values of 42.3737 % and 30.9031 % of Q5 and Q12 components, respectively, are explained by third mutual factor.
The fourth mutual factor correlates with components Q9 ("Do you have any experience with a hacking attack or bank fraud?") and Q22 ("How confident are you that customers can protect themselves when their personal information is lost or stolen?") with values of factor loading of 58.0158 % at Q9 component and 3.0203 % at Q22 component, which represents the values of 33.6583 % and 53.3196 % of variability of these components explained by the fourth mutual factor. The fifth mutual factor correlates with components Q19 ("Does the enhanced customer convenience of new payment methods outweigh the cost of implementation?") and Q20 ("Why is it more challenging to secure payment card information?") with factor loading values of -59.284 % and 80.4773 %, which represent the variability values explained by fifth mutual factor, namely those of 35.1457 % and 64.766 % of Q19 and Q20 components, respectively. The sixth mutual factor correlates with components Q7 ("Do you rely on the security measures of your bank in payment cards?" and Q8 ("Are you sure that your bank takes proper care of your money?"). The factor loading values are -59.284 % and -65.422 % for Q7 and Q8 components of research tool, respectively. Both components yield a negative degree of correlation. The last, seventh extracted factor correlates with Q6 component ("Do personal data represent information that needs to be most importantly protected?") with factor loading value of 78.3608 % which represents a variability of 61.4041 % of this component explained by seventh mutual factor. Aside from defining the basic mutual correlations, we have tested also the practical significance of factors.
Based on the facts mentioned above, the factors of the main research objective, defined as a restriction of main identifiers of the security of payment systems and secure behavior of respondents, can be postulated as follows:  Factor 1 -PIN code  Factor 2 -Awareness of security risks,  Factor 3 -Knowledge of security elements,  Factor 4 -Personal experience with fraud,  Factor 5 -Enhancement of security of payment systems,
The factor analysis focuses foremostly on parameters of the factor model. It may require estimations of mutual factors, which is referred to as factor score. The values of mutual factors in n selected observed objects or observations are not only a useful tool for diagnosing the data, but possibly also an important entry into further analyses. The factor score is not an estimation of parameters in common sense because it involves estimations of values of non-observed quantities. The estimations of factor score for a given object can be imagined as its coordinates in R-dimensional space. In line with the defined goals of research, the subsequent section deals with the analysis of respondents' opinions or attitudes represented by factor score in relation to extracted identifiers, factors of payment system security by means of Fisher's ANOVA. Within the analysis, we shall be considering only the impact of significant independent variables or that of their interactions on the value of respective factor at the selected level of significance α = 0.05.
ANOVA is an acronym standing for analysis of variance. ANOVA serves for comparing various sources or characteristics of various classes. These sources are referred to as factors and can contain several various levels. The goal is to decide whether the mean value of the measured quantity differs for various factors. This is demonstrated by testing the hypothesis on the impact of factor on the mean value. In this case, the zero hypothesis states that the mean values of tested groups do not differ significantly.

ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES
ISSN 2345-0282 (online) http://jssidoi.org/jesi/ 2019 Volume 6 Number 4 (June) http://doi.org/10.9770/jesi.2019.6.4(33) The Table 5 shows that a change in Factor 1 (Payment card PIN code) expressed by factor score is significantly influenced by the age of respondents, their education, and mutual interaction of age and education, namely at the level of significance of α = 5 %. When the factor score is, as a result of factor analysis, considered a measure of consent, attitude or importance for the respondent, while a positive or negative number represents a positive perception and importance or negative attitude and unimportance of the given factor for respondents, respectively, then we can state that the average value of factor score for the category of 18 -30 years of age represents a value of -0.651576. This can be interpreted as unimportance of the given factor for the observed age category of respondents. The category of 31-40 years of age reaches the factor score of -0.062128. Hence, also for the latter age category, this factor is unimportant while achieving a lower value when expressed in absolute terms.
The age category of 41-50 years achieves the average value of -0.10293 of factor score, which indicates an indifferent attitude of respondents to the problem of using payment card PIN code. A change in value, and therefore increase in importance represented by positive values of average factor score can be found in categories of 51-60 and over 60 years of age, where it achieves values of +0.38045 and +0.350828, respectively. The average values of factor score for individual age categories for the extracted factor referred to as payment card PIN code are graphically depicted in Figure 6.

ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES
ISSN 2345-0282 (online) http://jssidoi.org/jesi/ 2019 Volume 6 Number 4 (June) http://doi.org/10. 9770/jesi.2019.6.4(33) 2029 Figure 6. Dependence of average value of factor score on age category of respondents Source: Own study The second factor significantly influencing the value of achieved factor score for the first extracted factor is that relating to education of respondents. This implies from Table 5 based on the achieved levels of significance (p=0.000000). The average value of achieved factor score for respondents with primary education is 0.338203, which indicates a positive perception of the problem of payment card PIN code as a security feature and its importance for the latter category of respondents. Equally positive values of factor score are also those achieved for the group of respondents with secondary education, in whom, however, the average value is 0.117786. The negative values of factor score for respondents with university education achieve the average of -0.544667. The average values of factor score for individual education categories for the second extracted factor (referred to as Payment card PIN code) are graphically depicted in Figure 7. The Table 5 further shows that based on the level of significance (p=0.000002), the average value of achieved factor score for the first extracted factor referred to as Payment card PIN code is significantly influenced also by the interaction of age and education of respondents. This is illustrated in Figure 8. The Figure 8 shows that the increase in age in respondents with primary education brings about also an increase in the average value of factor score, however the increase in age in categories over 51 years of age ceases to be reflected in the average value. A similar trend in average value of factor score can be seen also in respondents with secondary education, although the category older than 60 years of age yields a decrease. The basic statistical characteristics of values of factor score for the interaction of age and education are given in Table 6. Table 6. Statistical characteristic of the achieved factor score for Factor 1 and interaction of age and education of respondents The initial results presented in Table 5 do not sufficiently answer the basic question as to which age and education groups of respondents differ from each other in relation to the value of achieved factor score. A more profound understanding of the differences between individual significant factors influencing the change in average value of factor score for the first extracted factor can be aided with the use of Scheffe's test.  Table 7 shows that for the level of significance of α=5 %, there exists a significant difference in the average value of the achieved factor score between age category 18-30 years of age and all other observed age categories, between age categories 31-40 and 51-60 years of age and between those of 31-40 and over 60 years of age. Then we can find a significant difference in the average value of factor score between age categories 41-50 and 51-60 years of age and at the same time also in relation to the category over 60 years of age. On the other hand, statistically insignificant differences can be found between age categories 31-40 and 41-50 years of age and those over 60 and 61-60 years of age. The results of Scheffe's test (Tab. 8) indicate that there is a significant mutual difference between the average value of achieved factor score between individual groups of education of respondents.

ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES
The present analysis clearly shows that the attitude of respondents to the problem of basic rules of using the payment card PIN code (Q1: Do you carry your payment card PIN code along with your payment card?; Q2: Have you ever changed your payment card PIN code?; Q3: Have you altered your payment card PIN code in a way that it would encode your date of birth?) is influenced foremostly by age, education and mutual interaction of age and education of respondents. The analyzed data have shown that 94.17 % of respondents at 18-30 years of age definitely do not carry the payment card PIN code along with their payment card, while in category over 60 years of age, the percentage is 64.32 %. On the other hand, the payment card PIN code is carried along with the payment card only in 5.8 % of respondents at 18-30 years of age, while in the category over 60 years of age, the total percentage is 33.8 %. As to this first question, there is a similar finding also from the aspect of education of respondents. While in category of respondents with primary education, the payment card PIN is carried along with the payment card in 30.3 %, in those with secondary education, the percentage is 26.7 %, and in those with university education, the percentage is as low as 5.3. As to the second question of the research tool (Q2: Have you ever changed your payment card PIN code?), we are coming to similar conclusions as in the precedent component. As many as 93.20 % of respondents in category of 18-30 years of age have changed their payment card PIN code, while in the same category on the other side of Likert's scale, the proportion is 4.9 %. On the other hand, a certain positive feature in conceiving the basic security rules can be found also in the category over 60 years of age, which is considered to be a risk category from the aspect of security of payment systems. In the latter category, as many as 65.73 % of respondents have changed their payment card PIN code. Nevertheless, as many as 30.00 % of respondents of the latter age category have not changed their payment card PIN code. The second question was answered positively and thus the payment card PIN code was changed by 70.3 %, 71.9 % and 93.6 % of respondents with primary, secondary and university education, respectively. The last component of the first extracted factor, namely Q3 (Have you altered your payment card PIN code in a way that it would encode your date of birth?) represents most possibly the weakest point in payment card users who are often unaware of the risk it poses to them. As few as 4.4 % of respondents at 19-30 years of age have a date of birth encoded in their PIN code, while in the category over 60 years, their proportion is 38.50 %. The present analysis leads to a conclusion that the level of information on risks associated with the use of payment card PIN code is insufficient

ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES
ISSN 2345-0282 (online) http://jssidoi.org/jesi/ 2019 Volume 6 Number 4 (June) http://doi.org/10. 9770/jesi.2019.6.4(33) especially in older people and those with primary information. Naturally, a more profound analysis of further extracted factors would be needed to arrive at comprehensive understanding of the habits exposing the users of payment cards to risks associated with using the PIN code. Unfortunately, the scope of the present analysis is not that wide. However, the authors intend to analyse further factors with the use of multidimensional statistical methods.

Conclusions
The present analysis clearly shows that the attitude of respondents to the problem of basic rules of using the payment card PIN code (Q1: Do you carry your payment card PIN code along with your payment card?; Q2: Have you ever changed your payment card PIN code?; Q3: Have you altered your payment card PIN code in a way that it would encode your date of birth?) is influenced foremostly by age, education and mutual interaction of age and education of respondents. The analyzed data have shown that 94.17 % of respondents at 18-30 years of age definitely do not carry the payment card PIN code along with their payment card, while in category over 60 years of age, the percentage is 64.32 %. On the other hand, the payment card PIN code is carried along with the payment card only in 5.8 % of respondents at 18-30 years of age, while in the category over 60 years of age, the total percentage is 33.8 %. As to this first question, there is a similar finding also from the aspect of education of respondents. While in category of respondents with primary education, the payment card PIN is carried along with the payment card in 30.3 %, in those with secondary education, the percentage is 26.7 %, and in those with university education, the percentage is as low as 5.3. As to the second question of the research tool (Q2: Have you ever changed your payment card PIN code?), we are coming to similar conclusions as in the precedent component. As many as 93.20 % of respondents in category of 18-30 years of age have changed their payment card PIN code, while in the same category on the other side of Likert's scale, the proportion is 4.9 %. On the other hand, a certain positive feature in conceiving the basic security rules can be found also in the category over 60 years of age, which is considered to be a risk category from the aspect of security of payment systems. In the latter category, as many as 65.73 % of respondents have changed their payment card PIN code. Nevertheless, as many as 30.00 % of respondents of the latter age category have not changed their payment card PIN code. The second question was answered positively and thus the payment card PIN code was changed by 70.3 %, 71.9 % and 93.6 % of respondents with primary, secondary and university education, respectively. The last component of the first extracted factor, namely Q3 (Have you altered your payment card PIN code in a way that it would encode your date of birth?) represents most possibly the weakest point in payment card users who are often unaware of the risk it poses to them. As few as 4.4 % of respondents at 19-30 years of age have a date of birth encoded in their PIN code, while in the category over 60 years, their proportion is 38.50 %. The present analysis leads to a conclusion that the level of information on risks associated with the use of payment card PIN code is insufficient especially in older people and those with primary information. Naturally, a more profound analysis of further extracted factors would be needed to arrive at comprehensive understanding of the habits exposing the users of payment cards to risks associated with using the PIN code. Unfortunately, the scope of the present analysis is not that wide. However, the authors intend to analyse further factors with the use of multidimensional statistical methods.
There are different parts of the payment process that need to be secure. Firstly, the account access needs to be limited to authorized users only. Traditionally, authorized users can be identified by government-issued identification, passwords, signatures, and other information about a person such as her favorite sports team, name of her first-grade teacher, or that of the first street that she lived on. To some extent, such information can be accessed by unauthorized users. Biometrics can be also the means of authenticating. While biometrics has long been part of science fiction and spy movies, only recently, consumers are able to use their fingerprints to access sensitive data and approve payments. While still in the early stages of adoption, fingerprint authentication is likely to expand in the coming years. Secondly, the exchange of live account credentials that are used to make purchases is extremely high. Payment card numbers along with demand deposit numbers are commonly asked for to make purchases. Once these numbers are in the possession of unauthorized users, the likelihood of fraud increases. Thirdly, fraud associated with making payments when accounts do not have sufficient funds can be eliminated by buyers instructing their financial institutions to make payment. Given today's technology and online connectivity, payment instruments such as checks where real-time account and sufficient balance verification are not generally available should be eliminated for large purchases or transfers. Some countries have had great success in eliminating checks. Fourthly, payment providers often take on additional liability to encourage usage which may have the unintended effect of reducing incentives for cardholders to make prudent decisions regarding keeping live payment credentials secure. However, significant fraud continues to occur and these costs may be reduced if consumers were held accountable for not adequately safekeeping their payment credentials (Chakravorti, S. 2016).