Trust Me: Design Patterns for Constructing Trustworthy Trust Indicators
Abstract
In a world where making an incorrect online trust decision can mean giving away highly personal information to a con artist, Internet users need effective online trust indicators to help them make better trust decisions. In a perfect world, software could automatically detect all security threats and then block access to high risk web sites. Because there are many threats that we cannot detect with 100% accuracy and false positives may exist, web browser vendors choose to warn users about security threats. Privacy threats also abound on the Internet, but unlike security threats, concerns about privacy threats are nuanced; not everyone cares what a web site may do with personal information. To address the varying privacy needs of Internet users, privacy information can be conveyed using contextual indicators that represent privacy policies, because natural language privacy policies are notoriously difficult to read. In this thesis, the author qualitatively examines online trust indicators across three varying contexts: web browser phishing warnings, web browser SSL warnings, and indicators that represent web site privacy policies. He creates guidelines for overcoming many common trust indicator failures, and then validates these guidelines. He examines these different contexts using a model from the warning sciences to shed light on how common failures can be avoided and how design concerns change based on context. The results of several user studies that the author conducted are used to compile a set of design patterns for online trust indicators that help designers overcome many common indicator failures. Finally, he highlights the different design considerations between high-risk warnings and contextual indicators.
Document Details
- Document Type
- Technical Report
- Publication Date
- Apr 01, 2009
- Accession Number
- ADA502272
Entities
People
- Serge Egelman
Organizations
- Carnegie Mellon University