Testing the dominant mediator in EPPM: An empirical study on household anti-malware software users

A key research area in information systems security (ISec) is explaining or improving users’ IS security outcomes via the extended parallel process model (EPPM) lens. While the theoretical construct in emotional valence (e.g., fear) and cognitive valence (e.g., perceived efficacy) were deemed as mediators in previous EPPM-related ISec studies, existing research has ignored the value of testing and reporting the dominant mediator between the emotional valence and the cognitive valence. In this paper, we reintroduce the theoretical origins of the dominant mediator assumption in EPPM and highlight its merits using the multiple mediation method. Theoretically, we illustrate how testing and reporting the dominant mediator can help identify the dominant mechanism triggering specific behavioral outcomes. Further, this paper questions the dominant mediating role of fear on the behavioral outcome in ISec context. Methodologically, this study proposes to assess the dominant mediator via a multiple mediation model instead of using the discriminant value equation introduced by Witte (1995), Witte et al. (1996) and enhanced by Chen et al. (2021) when testing the EPPM theory in the ISec context.