Trust and Security Concerns of Cloud Storage : An Indonesian Technology Acceptance

Cloud drive is a service that offers data storage on the cloud. As the worldwide rapid growth of cloud drive there are ongoing concerns about trust, privacy and security concerns about how the user’s personal information and data are visible to other users or even abused by the cloud drive provider. This study provides empirical evidence about the factors affecting the acceptance of cloud drive users by using seven construct variables which are Trust, Perceived Risk, Perceived Ease of Use, Perceived Usefulness, Security, Behavioural Intention and Subjective Norm. Data were collected from 294 respondents by using online questionnaire. The data analysis method used was Structural Equation Modelling (SEM) analysis. The results of this study show that the factor affecting the intention of using cloud drive are trust, perceived risk and subjective norm. Keywords—Cloud drive; structural equation modeling (SEM); trust; security; risk; behavior intention


INTRODUCTION
Information technology has developed to adjust to time.Currently, new technologies have been developed to improve productivity, including data storage.Cloud drive is a service to store documents or files for free or paid depending on the amount of storage capacity offered by the provider.Cloud drive allows users to store files on their servers, synchronize files across devices, and share files.Not only that it has inexpensive price but this provider also provides the whole package of office applications.Cloud drive has a data storage capacity of up to a several Giga bytes.This will certainly make it easier for users to access the data they hold.
When users decide to store their files on cloud drive indirectly the data will be owned by the cloud provider.It may pose a risk to users losing their data.Many internet users are not aware of this risk, users will generally only choose comfort and convenience without taking into account data security although in fact they sometimes feel uncomfortable when providing personal data.Apart from the benefits provided by the cloud drive, a serious risk associated with the use of data storage services is also anticipated.As an example in 2014, Google announced that some data were leaked through the URL stored in Google drive [1].Such case is certainly contrary to the promise of security provided by Google drive.Furthermore in 2015, almost 5 million Gmail accounts were hacked which means that hackers got access to Google drive data of nearly 5 million people.More than that, the hacked database was dumped on various public forums for other people to access users' data.This can result to personal information theft, identity theft, stolen blueprints and much more.
The model in this study adapted from several previous studies, including a study conducted by [2] entitled "Personal Cloud User Acceptance: The Role of Trust and Perceived Risk in the Technology Acceptance Model" which examines the individual user acceptance of cloud computing, the model used has 5 constructs, namely: trust, perceived risk, perceived ease of use, perceived usefulness and behavioral intention.In addition, another variable that was adapted from the research done by [3] is a security that will be used to measure the level of security when using data storage on cloud drive.The purpose of this study was to determine whether the factor perceived risk, trust, perceived ease of use, perceived usefulness, perceived risk, security and subjective norm affect the intention of users to store their data on cloud drive.

II. MODEL STRUCTURE AND HYPOTHESIS
This research is confirmatory research based on model and hypothesis by [2] and [3].The data was analyzed using Structural Equation Modelling (SEM).There are two stages in this SEM analysis: structural model and measurement model.Structural model shows the relationship between latent variables, while measurement model is used to determine the relationship connection between indicator and variables.

A. Definition of Each Construct 1) Trust (TR)
In this study, trust is defined as an individual's willingness to provide their personal information at risk while in a state of uncertainty [4].

2) Perceived Risk (RI)
Risk can be defined as an individual's beliefs about the possibility of gains or losses associated with the acquisition of products or services online [5].
3) Perceived Ease of Use (PEU) Perceived ease of use defined as the extent to which an individual expects the use of a technology is free of effort [6].

4) Perceived Usefulness (PU)
Perceived usefulness is defined the extent to which an individual believes that using a technology will be able to improve their job performance [6].www.ijacsa.thesai.org

5) Security (SC)
Security can be defined as the belief of the individual against the security level of a particular technology [7].

6) Subjective Norm (SN)
Subjective norm defined the extent to which an individual perceives that the other person whom is important to them assure them to use the new technology [8].

7) Behavioral Intention (BI)
Behavioral intention is defined as an individual's willingness to keep using a technology [9].

B. Hypothesis for the Construct
According to [10] it has been empirically validated that the trust of individuals towards a technology will lower their risk perceptions on the technology.From this statement, it can be drawn hypothesis as follows:

1) Trust has a Positive Effect towards Perceived Risk
In research conducted by [3] states that trust is an important factor as a determinant when the user decides to use an application.When an application is a trustworthy application it will be many users who decide to use the application.In addition, when the application is a trustworthy application it will create interest from users of the application to use the application.From this statement, it can be drawn hypothesis as follows: 2) Trust has a Positive Effect towards Behavioral Intention.
The more users trust a technology, the less effort they make to examine the details of the technology.On a trusted technology, users will not spend time and cognitive effort for learning the technology, read the privacy policy, term of use etc., and therefore they will see it as an easy to use technology.Some authors have shown that the influence of trust in the perceived usefulness and perceived ease of use [11].From this statement, it can be drawn hypothesis as follows: 3) Trust has a Positive Effect towards Perceived Ease of use.

4) Trust has a Positive Effect towards Perceived Usefulness.
Perceived ease of use defined as the degree to which an individuals believes that using a particular technology can be free of effort [6].When a technology is an easy-to-use technology and does not require much effort in its use, the users will tend to be able to feel the benefits of using the technology that indirectly will also improve the performance of users.Therefore it can be said that perceived ease of use have a positive impact towards perceived usefulness.From this statement, it can be drawn hypothesis as follows:

5) Perceived ease of use has a Positive Effect towards Perceived Usefulness.
In a study conducted by Davis [6] found that there is a relationship between perceived ease of use and behavioral intention.When users can feel the ease when they use a technology, then the user will tend to use the technology [6].Empirical studies have recently been found that perceived ease of use has positive and significant effect on the intention to use, defined as behaviour intention [11].From this statement, it can be drawn hypothesis as follows:

6) Perceived ease of use has a Positive Effect towards Behavioral Intention.
According to [12] shows that the relationship between the perceived usefulness and behavior intention in the context of TAM is statistically supported.When users of a technology can feel the benefits when they use the technology and the technology can improve their performance, the user will be inclined to use the technology [6].It is hypothesized as:

7) Perceived usefulness has a Positive Effect towards Behavioral Intention.
In a study conducted by Van Slyke et al [10] found that there is a positive relationship between perceived risk and behavioral intention.When a user of a technology finds that the technology is risk-free and it can minimize the likelihood of possible risks, the user will tend to use the technology without worrying about future risks.From this statement, it can be drawn hypothesis as follows:

8) Perceived Risk has a Positive Effect towards Behavioral Intention.
Currently, security issues of a technology can be said to be very high [13].When a technology is secure and can guarantee the security of its users, the user will tend to use the technology without worrying about possible risks.From this statement, it can be drawn hypothesis as follows:

9) Perceived Risk has a Positive Effect towards Behavioral Intention.
Subjective norm defined as the influence of an individual's social networks (e.g.family and friends) to the individual's behavior [14].When a user gets a lot of influence from people around them to use a technology, it will affect that user to use the technology [14].From this statement, the hypothesis can be drawn as follows:

10) Subjective Norm has a Positive Effect towards Behavioral Intention.
Based on the explanation of the hypothesis made in this study, the research model that is used in this study can be seen in Fig. 1.

III. DATA ANALYSIS
Structural Equation Modeling (SEM) is used to analyze data from respondents that have been collected through questionnaires.Structural Equation Modeling (SEM) provides a systematic mechanism for validating relationships between constructs and can be used to determine relationships between constructs in a model and it offers powerful and conscientious analysis technique to test a complex models [15].The respondents of this study were all peoples whom actively using cloud drive.

A. Descriptive Analysis
The characteristic of respondents is shown in Table I.

B. Missing Data and Outlier
Based on the test of the missing data conducted using Little's MCAR, there is no incomplete or missing data in this study.Outlier data can be verified by finding the Mahalanobis distance value with the error rate of 1%.In this research, it is ascertained that the obtained Mahalanobis distance value is 74.919, so that data that are exceeding this value will be removed.In this study data which exceed the value of mahalanobis distance is 30, hence the valid data is 264 out of 294 data in total.

C. Reliability Analysis
Reliability test is used to examine the level of consistency of an indicator when measuring its latent variables.Reliability test can be determined by using Cronbach's Alpha.The results of reliability testing can be seen in Table II.

D. Sample Adequacy Test
According to [16] Kaiser-Meyer-Olki (KMO) of sampling adequacy test is used to examine whether the data to be used is sufficient for data analysis.In this study, the value of KMO obtained is 0.831 with a significance value of 0.000 (Sig.<.001) so it can be concluded that the variables in this study is considered great and sufficient to conduct further analysis.

E. Normality Test
Normality test is used to examine whether the data has been normally distributed or not [17].Normality test can be evaluate by using the value of Skewness and Kurtosis.If the value of Skewness and Kurtosis has a value between ± 2 then it can be said that it has been normally distributed [15].In this study, obtained Skewness and Kurtosis value within range of ± 2 then it can be said that data used in this study is normally distributed.

F. Levene Test
Homogeneity test is used to evaluate whether the data is homogeneous or not [18].Homogeneity test can be examined by using Levene test.The data is considered homogeneous if it has Sig.value of > 0.05.In this study, each latent variable has a Sig.value of > 0.05 so it can be concluded that the data used is homogeneous.

G. Measurement Model Fit
Measurement model fit test is used to assess the correlation of the indicator and its latent variables.Measurement model fit test can be evaluated by using the value of goodness of fit indices.The results of the measurement model fit test can be seen in Table III.Based on Table III, it can be seen that all criteria have met the specified criteria.

H. Structural Model Fit
Structural fit model test is used to assess the relationship between latent variables in the research model.Structural model fit test can be examined by using path analysis.The results of the structural model fit testing can be seen in Table IV.Based on the results of structural model testing, it can be seen that from 10 hypotheses that have been evaluated, there are 7 accepted hypothesis and 3 rejected hypothesis.
The impact of trust (p=0.023),risk (p=0.045) and subjective norm (p=***) on behavioral intention are significant at p=0.05.Thus, H2, H8 and H10 are accepted.Meanwhile, perceived ease of use, perceived usefulness and security have no significant impact on the behavioral intention, and thus H6, H7 and H9 are rejected.
Furthermore, the impact of trust (p=***) on perceived risk is significant at p=0.05, therefore H1 is accepted.The impact of trust (p=***) on perceived usefulness is significant at p=0.05 hence H3 is accepted.It gives similar result of accepted hypothesis H4 since the impact of trust (p=***) on perceived ease of use is significant at p=0.05.Similarly, the impact of perceived ease of use (p=***) on perceived usefulness is significant at p=0.05 so H5 is accepted.

A. Discussion on Hypothesis 1
Hypothesis 1 is accepted which can be concluded that the respondents believe there is no risk posed when storing data on cloud drive.It shows that the Trust (TR) has a significant influence on the Risk (RI).
The results of this study is similar to the results of research conducted by [19] which suggests that users who already have a high sense of confidence in an application will tend not to think about the risks that can occur from the use of the application.

B. Discussion on Hypothesis 2
From the results of Hypothesis 2 testing which is accepted, can be concluded that respondents believe in cloud drive provider.It shows that the trust factor (TR) has a significant influence on the behavioral intention (BI).Respondents assume that cloud drive provider will always be honest with regard to data provided by its users, respondents believe that the data they have provided to cloud drive will not be misused and will always be protected from unauthorized access.This is the reason why respondents use cloud drive.
The results of this study is in accordance with the results of research conducted by [3] which states that when the user already has a trust in the application and assume that the application is trustworthy then the user will tend to continue to use the application.

C. Discussion on Hypothesis 3
Hypothesis 3 is accepted which shows that trust (TR) has a significant effect on Perceive Usefulness (PU).Respondents trust to store their data on cloud drive so that they can gain benefit from the use of cloud drive, such as improve their job performance.
The results of this study are similar to the results of research conducted by [20] which suggests that if users of an application have a high sense of confidence in an application they will tend to feel the various benefits derived from the use of the application.

D. Discussion on Hypothesis 4
Hypothesis 4 is accepted.It shows that trust (TR) has a significant effect on Perceived of Use (PEU).From the results of hypothesis 4, it can be concluded that the respondents believe that by storing data on cloud drive they feel the ease of use in using cloud drive.
The result of this study is similar to the results of research conducted by [20] which suggests that if users of an application have a high sense of confidence in an application they will tend to feel the application is easy to use.

E. Discussion on Hypothesis 5
Hypothesis 5 is accepted which shows that Perceived Ease of Use (PEU) has a significant effect on the factor of Perceived Usefulness (PU).From the results of hypothesis 5, it can be concluded that the respondents find the ease of use of storing data in cloud drive and its use does not require much effort.
The results of this study is supported by the results of research conducted by [20] which suggests that if a user feels that an application they use is easy to use and does not require much effort in using it, then automatically they will also be able to feel the benefits of use of the application.

F. Discussion on Hypothesis 6
Hypothesis 6 is rejected which can be concluded that respondents do not find ease of use in storing data on cloud drive.In other words, it is impractical for user to store their data in the cloud.It shows that the ease of use factor (PEU) has no significant effect on the Behavior Interest (BI).
The results of this study is similar to the results of a study conducted by [21] who argued that when a user can not feel the ease of using an application or feel that the application is difficult to use then the user will tend not to use the application.

G. Discussion on Hypothesis 7
Hypothesis testing 7 is rejected which indicates that the factor of Perceived Usefulness (PU) has no significant influence on the behavioral intention (BI).The result shows that respondents were not able to feel the benefits of storing their data on cloud drive.In other words, respondents believe that by storing their data on cloud drive does not help them to improve the quality of their daily activities.
The results of this study is align with the results of research conducted by [22] who argued that when users feel that the application they use do not benefit the user, they will tend not to use the application.

H. Discussion on Hypothesis 8
Hypothesis 8 is accepted.It shows that the factor of perceived risk (RI) has a significant influence towards Behavior Intention (BI).From the result of Hypothesis 8, it can be concluded that respondents believe that there is no risk when they store their data on cloud drive.They feel safe when using cloud drive, because cloud provider can minimize the risks that are likely to occur and harm users.Therefore, respondents have an intention to use Cloud drive.www.ijacsa.thesai.org The results of this study is supported by the results of research conducted by [23] who argued that when an application has little risk and it can minimize the occurrence of a risk to its users, then users will tend to continue to use the application.

I. Discussion on Hypothesis 9
Hypothesis 9 is rejected which indicates that the security level factor (SC) had no significant effect towards Behavior Intention (BI).Hence, it can be concluded that the respondents did not believe the level of security found in cloud drive so that it affects the intention of the respondent in storing their data on cloud drive.They believe that cloud provider cannot guarantee the security of its users 'data.
The results of this study is in line with the results of research conducted by [24] which suggests that when users feel that the application does not have a high level of security to protect users then the user will tend to choose not to use the application.

J. Discussion on Hypothesis 10
Hypothesis 10 is accepted.It shows that the factor of subjective norm (SN) has a significant influence towards Behavior Intention (BI).The result indicates that influence from others such as their family and friends can affect the respondents' interest to store their data on cloud drive.
The results of this study is similar to the results of research conducted by [25] who suggested that if a friend or family of an app user advises that user to use the app then the user will continue to use the application.

V. CONCLUSION
Based on the analysis result, the factors affecting cloud drive users in Indonesia to store their data on cloud drive are trust, perceived risk and subjective norm.The findings of this study reveals that cloud drive users in Indonesia do not find any usefulness and ease of use in storing their data in cloud drive.In addition they do not feel secure regarding their data on the cloud.However, they keep on storing their data on the cloud.This is due to the users trust the cloud provider despite there is a risk that endanger their data.They trust the cloud provider could manage the risk.Apart from that, the ultimate reason is that they are influenced by the people around them to store their data in the cloud.
This study is an attempt to investigate the factors affecting the acceptance of cloud drive users in Indonesia by using empirical data that were collected using quantitative research and the questionnaire method.In future studies, to help illustrating the result of empirical data, a qualitative research can be conducted to get more detailed information.Additionally, future research can be undertaken by extending the research model and is expected to examine additional factors of cloud drive acceptance.Furthermore, the extended model can be used in other cultures or countries.

TABLE III .
GOODNESS OF FIT INDICES (GOFI) VALUES

TABLE IV .
STRUCTURAL MODEL RESULTS AND SEM MODEL HYPOTHESIS Accepted www.ijacsa.thesai.org