Date of Conferral



Doctor of Information Technology (D.I.T.)


Information Systems and Technology


Robert Duhainy


Chip-and-Personal Identification Number (PIN) technology is seen as a game changer in many e-commerce industries and a transformational technology in the 21st century. However, security concerns have made chip-and-PIN adoption relatively slow. Massive unauthorized card payment transactions in the United States (U.S.) cost victims an estimate totaling billions of dollars. Information Technology (IT) managers are concerned with credit card fraud's financial loss and liability cost. Grounded in Rogers’s diffusion of innovation theory, the purpose of this qualitative pragmatic study was to explore strategies used by IT managers to transition their e-commerce organizations to chip-and-PIN credit card authentication infrastructures. The participants were six IT managers from companies in the U.S. with experience implementing chip-and-PIN infrastructure securely. Data were collected using semistructured interviews, statistics provided by their organizations, and publicly available data. A thematic analysis revealed 3 major emerging themes: (a) elements influencing the selection of strategy, (b) payment card industry data security standards regulatory compliance, and (c) value to the business and customer experience. A key recommendation is for business leaders to mitigate the risk of credit card fraud by implementing payment card industry data security standards. The implications for positive social change include the potential to inform consumers and business owners, secure electronic funds transactions, instill trust in e-commerce payment systems, and reduce instances of credit card fraud and crimes.