Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Trust - CUPS

advertisement 
Trust
Jason Chalecki
Usable Privacy and Security – Spring 2006
Not much trust

e-commerce sites



29% trust either "just about always" or "most of
the time"
64% trust "only some of the time" or "never"
consumer advice sites


33% trust
59% low levels of trust
An online problem?

small businesses


newspapers and television news


55% trust
charities and other nonprofit organizations


58% trust
financial companies such as banks, insurance
companies and stockbrokers


68% trust
54% trust
federal government

47% trust at least most of the time
From A Matter of Trust: What Users Want From Web Sites
Lost or lacking trust

Napster (2003)


Jakob Nielsen (Alertbox 1999)


Very long pauses between songs. I dropped the service and haven’t
been back, even though, when it worked, I loved it.
Would probably love the eFax service, but didn’t sign up because he
would be locked in.
Amazon.com (1999)


They admitted that many favorable reviews had been paid for
But the flawed policy was terminated and the damage to the customer
relationship was mended by an offer to refund any purchase that had
been based on a paid recommendation.
Trust is fundamental to security



Lack of trust results in systems being ill-used
or used not at all
Lack of understanding of trust results in
wrong decisions or no decisions
Too much trust can be more dangerous than
too little

E.g. I can open any file attachment because I run
anti-virus software
Fundamental questions





How to reliably represent trust in different
interactions and interfaces
How to transform trust-based decisions into
security decisions while maintaining the
meaning of the trust-based decisions
What are the building blocks of trust
How is trust fallible
How can trust’s fallibility be addressed
Definition

assured reliance on the character, ability,
strength, or truth of someone or something
(Merriam-Webster)

Concerns a positive expectation regarding the
behavior of somebody or something in a
situation that entails risk to the trusting party
(Patrick, Briggs, and Marsh)
Layers

Dispositional trust


Learned trust


Psychological disposition or personality trait to
be trusting or not
A person’s general tendency to trust, or not to
trust, as a result of experience
Situational trust

Basic tendencies are adjusted in response to
situational cues
Granularity

I trust you

I trust you this much

I trust you this much to do this thing
Another axis

Hard trust


technology
Soft trust

social
Processing strategies

Heuristic approach making quick judgments
from the obvious information

Systematic approach involving detailed
analysis of information
Credibility

How is this different than trust?
Credibility

How is this different than trust?

Credibility is believability
Trust is dependability

“Credibility and Computing Technology”

Four Types of Credibility




Presumed credibility.
Reputed credibility.
Surface credibility.
Experienced credibility.
Presumed credibility

Belief based on general assumptions
Reputed credibility

Belief based on third-party reports
Surface credibility

Belief based on simple inspection
Experienced credibility

Belief based on one’s own experience
“Credibility and Computing Technology”

Four Types of Credibility





Presumed credibility.
Reputed credibility.
Surface credibility.
Experienced credibility.
How do these relate to the layers of trust?
Judgments of credibility

Prominence






Involvement of the user
Topic of the web site
Nature of the user’s task
User’s experience
Individual differences
Interpretation



Assumptions in a user’s mind
Skills and knowledge possessed by user
Context for the user
Time



Initial trust
Interactions
Long-term trusted relationship
Trustworthiness

Ability


Integrity


Capacity to keep promises
Actually keeping promises
Benevolence

Acting in another’s best interest
Bhattacherjee’s Model
Willingness
to Transact
+
Familiarity
+
+
Trust
Lee, Kim, & Moon’s Model
+
Comprehensive
Information
+
Trust
Shared Value
+
+
Communication
-
Uncertainty
Number of
Competitors
Specificity
+
-
+
Customer
Loyalty
Transaction
Cost
Corritore’s Model
Perception of:
Credibility
External
Factors
Ease of
Use
Risk
Trust
Egger’s Model (revised)
McKnight’s Model
Disposition to
Trust
Institution-Based Trust
(perceptions of the
Internet environment)
Trust Beliefs
(perceptions of specific
web vendor attributes)
Trusting Intentions
(intention to engage in
trust-related behaviors with
a specific web vendor)
Trust-Related Behaviors
Riegelsberger’s Model
TRUSTER
Separation in
Space
TRUSTEE
+UNCERTAINTY
Outside
Option
Withdrawal
Signals
Trusting Action
Separation in
Time
+UNCERTAINTY
Fulfillment
Nonfulfillment
Models Comparison


Can be successfully operationalized, typically
into questionnaires
Components of trust




Ability
Integrity
Benevolence
Many factors may affect trust
Trust Design Guidelines
1.
2.
3.
4.
5.
6.
7.
8.
Ensure good ease of use.
Use attractive design.
Create a professional image – avoid
spelling mistakes and other simple
errors.
Don’t mix advertising and content –
avoid sales pitches and banner
advertisements.
Convey a “real-world” look and feel –
for example, with use of high-quality
photographs of real places and people.
Maximize the consistency, familiarity,
or predictability of an interaction both in
terms of process and visually.
Include seals of approval such as
TRUSTe.
Provide explanations, justifying the
advice or information given.
9.
10.
11.
12.
13.
14.
15.
Include independent peer evaluation such
as references from past and current users
and independent message boards.
Provide clearly stated security and
privacy statements, and also rights to
compensation and returns.
Include alternative views, including good
links to independent sites with the same
business area.
Include background information such as
indicators of expertise and patterns of
past performance.
Clearly assign responsibilities (to the
vendor and the customer).
Ensure that communication remains open
and responsive, and offer order tracking
or an alternative means of getting in
touch.
Offer a personalized service that takes
account of each client’s needs and
preferences and reflects its social
identity.
Stanford Guidelines for Web Credibility
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Make it easy to verify the accuracy of the information on your site.
Show that there's a real organization behind your site.
Highlight the expertise in your organization and in the content and services
you provide.
Show that honest and trustworthy people stand behind your site.
Make it easy to contact you.
Design your site so it looks professional (or is appropriate for your purpose).
Make your site easy to use – and useful.
Update your site's content often (at least show it's been reviewed recently).
Use restraint with any promotional content (e.g., ads, offers).
Avoid errors of all types, no matter how small they seem.
Stanford Persuasive Technology Lab
http://www.webcredibility.org/guidelines/
Jakob Nielsen’s Guidelines




Design quality
Up-front disclosure
Comprehensive, correct, and current
Connected to the rest of the Web
Trust or Bust: Communicating Trustworthiness in Web Design
Jakob Nielsen's Alertbox, March 7, 1999
http://www.useit.com/alertbox/990307.html
Guidelines Comparison



Professional appearance and ease of use are
very important
Be correct and verifiable
Be part of a larger community
Microsoft and Users and Trust
Trust Question Failings




Often, the question being presented is a
dilemma rather than a decision
Computers can’t help interpret emotional cues
because they behave in a purely logical way
Users don’t want to deal with the trust issues
presented to them
Users don’t want to reveal personal data
User Behavior





What users say they do and what they actually do
often differ
Users don’t necessarily want to think about the
consequences of their behavior
Users make one-off decisions about trust
Users conceive of security and privacy issues
differently than developers do
Users have many superstitions about how viruses are
propagated
Before XP SP2
XP SP2
Help for “downloading” decision
Help for “running” decision
Recommendations




Let users make trust decisions in context
Make the most trusted option the default
selection
Present users with choices, not dilemmas
Always respect the user’s decision
Related documents
Chapter 13 - Amazon Web Services
Chapter 13 - Amazon Web Services
Senior Project Informative Paper Outline
Senior Project Informative Paper Outline
SPEECH sELF-EVALUATION FORM 2) Easy to follow Body
SPEECH sELF-EVALUATION FORM 2) Easy to follow Body
Recommended to begin your journal entries Home / Effective
Recommended to begin your journal entries Home / Effective
Slides - Calvaryu.org
Slides - Calvaryu.org
Public Communication
Public Communication
Download
advertisement