Rapid growth in e-commerce has made information security awareness (ISA) increasingly critical, particularly following major breaches such as the 2020 Tokopedia incident, which compromised the personal data of approximately 91 million Indonesian users. This vulnerability is compounded by the sharp rise in e-commerce transactions since the Covid-19 pandemic, widening the attack surface for threats such as phishing and account takeover. This study aims to measure the level of ISA among e-commerce users in Purwokerto City and to formulate a strategy for improving it. A quantitative descriptive survey was conducted using the HAIS-Q instrument, assessing users' Knowledge, Attitude, and Behavior (KAB) across seven focus areas, combined with the Analytic Hierarchy Process (AHP) to prioritize those areas through expert comparison. Data were collected from 71 active users of Tokopedia, Shopee, Blibli, and Lazada using a 70-item questionnaire. The overall ISA score was 78.12, classified as "Average," with knowledge scoring highest and behavior lowest. Two focus areas reached the "Good" category, while five remained "Average," indicating that improving ISA requires strategies targeting behavioral change, offering an empirical, priority-based basis for platform providers, regulators, and users.
Copyrights © 2026