1 / 42

Trust

Trust. Jason Chalecki. Usable Privacy and Security – Spring 2006. Not much trust. e-commerce sites 29% trust either "just about always" or "most of the time" 64% trust "only some of the time" or "never" consumer advice sites 33% trust 59% low levels of trust. An online problem?.

oshin
Télécharger la présentation

Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trust Jason Chalecki Usable Privacy and Security – Spring 2006

  2. Not much trust • e-commerce sites • 29% trust either "just about always" or "most of the time" • 64% trust "only some of the time" or "never" • consumer advice sites • 33% trust • 59% low levels of trust

  3. An online problem? • small businesses • 68% trust • newspapers and television news • 58% trust • financial companies such as banks, insurance companies and stockbrokers • 55% trust • charities and other nonprofit organizations • 54% trust • federal government • 47% trust at least most of the time

  4. From A Matter of Trust: What Users Want From Web Sites

  5. Lost or lacking trust • Napster (2003) • Very long pauses between songs. I dropped the service and haven’t been back, even though, when it worked, I loved it. • Jakob Nielsen (Alertbox 1999) • Would probably love the eFax service, but didn’t sign up because he would be locked in. • Amazon.com (1999) • They admitted that many favorable reviews had been paid for • But the flawed policy was terminated and the damage to the customer relationship was mended by an offer to refund any purchase that had been based on a paid recommendation.

  6. Trust is fundamental to security • Lack of trust results in systems being ill-used or used not at all • Lack of understanding of trust results in wrong decisions or no decisions • Too much trust can be more dangerous than too little • E.g. I can open any file attachment because I run anti-virus software

  7. Fundamental questions • How to reliably represent trust in different interactions and interfaces • How to transform trust-based decisions into security decisions while maintaining the meaning of the trust-based decisions • What are the building blocks of trust • How is trust fallible • How can trust’s fallibility be addressed

  8. Definition • assured reliance on the character, ability, strength, or truth of someone or something (Merriam-Webster) • Concerns a positive expectation regarding the behavior of somebody or something in a situation that entails risk to the trusting party (Patrick, Briggs, and Marsh)

  9. Layers • Dispositional trust • Psychological disposition or personality trait to be trusting or not • Learned trust • A person’s general tendency to trust, or not to trust, as a result of experience • Situational trust • Basic tendencies are adjusted in response to situational cues

  10. Granularity • I trust you • I trust you this much • I trust you this much to do this thing

  11. Another axis • Hard trust • technology • Soft trust • social

  12. Processing strategies • Heuristic approach making quick judgments from the obvious information • Systematic approach involving detailed analysis of information

  13. Credibility • How is this different than trust?

  14. Credibility • How is this different than trust? • Credibility is believability • Trust is dependability

  15. “Credibility and Computing Technology” • Four Types of Credibility • Presumed credibility. • Reputed credibility. • Surface credibility. • Experienced credibility.

  16. Presumed credibility • Belief based on general assumptions

  17. Reputed credibility • Belief based on third-party reports

  18. Surface credibility • Belief based on simple inspection

  19. Experienced credibility • Belief based on one’s own experience

  20. “Credibility and Computing Technology” • Four Types of Credibility • Presumed credibility. • Reputed credibility. • Surface credibility. • Experienced credibility. • How do these relate to the layers of trust?

  21. Judgments of credibility • Prominence • Involvement of the user • Topic of the web site • Nature of the user’s task • User’s experience • Individual differences • Interpretation • Assumptions in a user’s mind • Skills and knowledge possessed by user • Context for the user

  22. Time • Initial trust • Interactions • Long-term trusted relationship

  23. Trustworthiness • Ability • Capacity to keep promises • Integrity • Actually keeping promises • Benevolence • Acting in another’s best interest

  24. Familiarity Willingness to Transact Trust Bhattacherjee’s Model + + +

  25. Customer Loyalty Comprehensive Information Trust Transaction Cost Shared Value Uncertainty Number of Competitors Specificity Communication Lee, Kim, & Moon’s Model + + + + - + - - +

  26. Credibility Risk Ease of Use Corritore’s Model Perception of: External Factors Trust

  27. Egger’s Model (revised)

  28. McKnight’s Model Disposition to Trust Trusting Intentions (intention to engage in trust-related behaviors with a specific web vendor) Trust Beliefs (perceptions of specific web vendor attributes) Institution-Based Trust (perceptions of the Internet environment) Trust-Related Behaviors

  29. TRUSTER Separation in Space TRUSTEE +UNCERTAINTY Riegelsberger’s Model OutsideOption Signals Withdrawal Trusting Action Separation in Time +UNCERTAINTY Fulfillment Nonfulfillment

  30. Models Comparison • Can be successfully operationalized, typically into questionnaires • Components of trust • Ability • Integrity • Benevolence • Many factors may affect trust

  31. Ensure good ease of use. Use attractive design. Create a professional image – avoid spelling mistakes and other simple errors. Don’t mix advertising and content – avoid sales pitches and banner advertisements. Convey a “real-world” look and feel – for example, with use of high-quality photographs of real places and people. Maximize the consistency, familiarity, or predictability of an interaction both in terms of process and visually. Include seals of approval such as TRUSTe. Provide explanations, justifying the advice or information given. Include independent peer evaluation such as references from past and current users and independent message boards. Provide clearly stated security and privacy statements, and also rights to compensation and returns. Include alternative views, including good links to independent sites with the same business area. Include background information such as indicators of expertise and patterns of past performance. Clearly assign responsibilities (to the vendor and the customer). Ensure that communication remains open and responsive, and offer order tracking or an alternative means of getting in touch. Offer a personalized service that takes account of each client’s needs and preferences and reflects its social identity. Trust Design Guidelines

  32. Stanford Guidelines for Web Credibility • Make it easy to verify the accuracy of the information on your site. • Show that there's a real organization behind your site. • Highlight the expertise in your organization and in the content and services you provide. • Show that honest and trustworthy people stand behind your site. • Make it easy to contact you. • Design your site so it looks professional (or is appropriate for your purpose). • Make your site easy to use – and useful. • Update your site's content often (at least show it's been reviewed recently). • Use restraint with any promotional content (e.g., ads, offers). • Avoid errors of all types, no matter how small they seem. Stanford Persuasive Technology Lab http://www.webcredibility.org/guidelines/

  33. Jakob Nielsen’s Guidelines • Design quality • Up-front disclosure • Comprehensive, correct, and current • Connected to the rest of the Web • Trust or Bust: Communicating Trustworthiness in Web Design • Jakob Nielsen's Alertbox, March 7, 1999 • http://www.useit.com/alertbox/990307.html

  34. Guidelines Comparison • Professional appearance and ease of use are very important • Be correct and verifiable • Be part of a larger community

  35. Microsoft and Users and Trust

  36. Trust Question Failings • Often, the question being presented is a dilemma rather than a decision • Computers can’t help interpret emotional cues because they behave in a purely logical way • Users don’t want to deal with the trust issues presented to them • Users don’t want to reveal personal data

  37. User Behavior • What users say they do and what they actually do often differ • Users don’t necessarily want to think about the consequences of their behavior • Users make one-off decisions about trust • Users conceive of security and privacy issues differently than developers do • Users have many superstitions about how viruses are propagated

  38. Before XP SP2

  39. XP SP2

  40. Help for “downloading” decision

  41. Help for “running” decision

  42. Recommendations • Let users make trust decisions in context • Make the most trusted option the default selection • Present users with choices, not dilemmas • Always respect the user’s decision

More Related