Confirmed users, Bureaucrats and Sysops emeriti
3,599
edits
Papers:Sending the Right Signals: Difference between revisions
Jump to navigation
Jump to search
Papers:Sending the Right Signals (view source)
Revision as of 09:15, 25 January 2006
, 25 January 2006no edit summary
No edit summary |
No edit summary |
||
| Line 4: | Line 4: | ||
This is Mozilla's submission for the upcoming W3C Workshop on [http://www.w3.org/2005/Security/usability-ws/ Transparency and Usability of Web Authentication]. | This is Mozilla's submission for the upcoming W3C Workshop on [http://www.w3.org/2005/Security/usability-ws/ Transparency and Usability of Web Authentication]. | ||
= Jane, IRL = | |||
Jane is travelling, and finds herself in an unfamiliar area. She turns a corner and sees a bank, a corner store, and a taxi. She's hungry and wants to get back to her hotel, so she enters the bank, uses her ATM card to withdraw some money, walks to the corner store and gets a local snack and drink, and finally hops in the cab and heads off. | |||
How did Jane know that the bank could be trusted? How could she be sure that the food she was about to buy wouldn't make her sick? What convinced her that the taxi driver was on the level? | |||
In the physical world, there are a variety of ''signals'' that Jane can use to establish a sense of trust. Some of these signals are physical in form such as the architecture of the buildings, the cleanliness of the taxi, and freshness seals on packages. Other signals are entirely conceptual such as brand recognition. In all cases however, Jane's assessment of trust is based on levels of familiarity. If Jane recognizes the name of the bank, she will likely trust it completely. Jane may also decide to trust the bank if she recognizes the ''pattern'' of the name of the bank (ie: First National Bank of Whereverland) or if its physical characteristics match her mental image of a bank. There is a chance that Jane will be fooled, but we tend to be very effective at pattern matching, and even small inconsistencies would very likely raise suspicion. | |||
= Jane, Online = | |||
Jane returns home from travelling, and decides to go online and plan her next trip. After using a search engine to look for recommendations, she finds herself on an unfamiliar message board. She sees a link to a website that builds custom vacation packages. Jane likes this idea, and follows the link, submits her preferences and identification information, and charges her next trip to her credit card. | |||
This time, when Jane had to make her assessment of trust, she had a similar set of signals to choose from. The name of the website may be a recognizable brand, or have closely matched a pattern that was familiar to Jane. The look and feel of the website may also have matched Jane's expectation of what a professional website looks like. Finally, and uniquely, her web browser may have provided some indication to Jane about how she should trust the website being viewed. | |||
= IRL vs. Online = | |||
- Jane online | |||
- what's the difference? | |||
- consistency | |||
- physical vs. virtual world signal differences | |||
* Review of current UI in browsers (IE, firefox, safari, opera) | * Review of current UI in browsers (IE, firefox, safari, opera) | ||