CMU-ISR-09-110
Institute for Software Research
School of Computer Science, Carnegie Mellon University



CMU-ISR-09-110

Trust Me: Design Patterns for Constructing
Trustworthy Trust Indicators

Serge Egelman

April 2009

PhD. Thesis
Computation, Organizations and Society

CMU-ISR-09-110.pdf


Keywords: Trust indicators, phishing, security warnings, web browsers, privacy, SSL


In a world where making an incorrect online trust decision can mean giving away highly personal information to a con artist, Internet users need effective online trust indicators to help them make better trust decisions. In a perfect world, software could automatically detect all security threats and then block access to high risk websites. Because there are many threats that we cannot detect with 100% accuracy and false positives may exist, web browser vendors choose to warn users about security threats.

Privacy threats also abound on the Internet, but unlike security threats, concerns about privacy threats are nuanced; not everyone cares what a website may do with personal information. To address the varying privacy needs of Internet users, privacy information can be conveyed using contextual indicators that represent privacy policies, because natural language privacy policies are notoriously difficult to read.

In this thesis I qualitatively examine online trust indicators across three varying contexts: web browser phishing warnings, web browser SSL warnings, and indicators that represent website privacy policies. I create guidelines for overcoming many common trust indicator failures, and then I validate these guidelines. I examine these different contexts using a model from the warning sciences in order to shed light on how common failures can be avoided and how design concerns change based on context. I used the results of several user studies that I conducted to compile a set of design patterns for online trust indicators that help designers overcome many common indicator failures. Finally, I highlight the different design considerations between high risk warnings and contextual indicators.

258 pages


Return to: SCS Technical Report Collection
School of Computer Science homepage

This page maintained by reports@cs.cmu.edu