Customer Awareness in Digital Banking: Antecedents and Implications for Information Security in Sri Lanka

The rapid expansion of digital banking has transformed personal banking services in Sri Lanka, offering greater convenience and efficiency. However, increasing reliance on digital platforms has also exposed customers to significant information security risks. Many of them are linked to limited customer awareness rather than technical weaknesses. This study examines customer awareness of information security among digitally active personal banking customers in Sri Lanka and identifies the key influencing factors. Guided by Protection Motivation Theory (PMT), the study develops and tests a conceptual framework incorporating threat appraisal factors, namely perceived severity and perceived vulnerability, and coping appraisal factors, namely self-efficacy and response efficacy, social influence, fear as a mediating variable, and trust in the bank's digital platform as a moderating variable. Data were collected through a structured, multilingual online questionnaire distributed among digital banking users in Sri Lanka. After data screening, 166 valid responses were analyzed using Partial Least Squares Structural Equation Modeling (PLS-SEM). The findings reveal that perceived severity and perceived vulnerability significantly increase fear. However, fear is not significantly related to customer awareness and does not mediate the relationship between threat perceptions and awareness in this study. Self-efficacy emerges as the strongest and most significant predictor of customer awareness. In contrast, response efficacy and social influence are not significant, and trust in the bank's digital platform does not exhibit a significant moderating effect. Overall, the findings indicate that customer awareness is primarily driven by individuals' confidence in their ability to act securely, highlighting the importance of customer empowerment over fear-based or institution-centered approaches.