Designing the Trust Experience
Trust in payment systems is influenced by factors such as anonymity,
security, reliability, the amount of control that users have, as well
as the reputation of the entity that introduces the system. Below, we
introduce a number of guidelines that address the different facets of
security required for e-payment systems in an Internet environment. Issues
of trust and security are connected to exchange, storage and management
of the payment- and user-specific information. To engineer a certain level
of trust in terms of perceived security, one should:
Take into account the context of use and domain of application of the
system being designed. Context of use can be viewed as an important requirement
for the design. Different applications require diverse levels of security.
Buying flowers can be done with a credit card with basic cryptographic
protection, while electronic banking needs more sophisticated authentication
and security mechanisms. Provide a clear and prominent policy on security:
– Provide clear visibility of the security techniques employed. These
should clearly be explained to the end-user. This can be done by providing
textual information describing which security solutions have been implemented,
as well as by displaying the logos of reputed institutions or solution
- Explain security measures in management and storage of the data.
- Establish customer support line on security related issues.
- Supply regular information updates on changes and upgrades in security.
- Take into consideration security issues specific to the type of payment
- Address security issues specific to a single payment and to the system’s
operations in general:
E.g. provide the ability to deactivate passwords or block accounts
- Giving user access to their data, allowing them to change it, and
timely delete outdated information can assist in building trust relations
- Be aware of trade-offs between security and Usability.
- Too heavy solutions may hamper ease of use and have a negative influence
on trust. In addition, the use of extra hardware and software components
may be seen as an additional barrier to adoption, given the lack of
convenience and the costs involved. This would complicate the process
of acquiring new customers and vendors and, thus, reduce the customer
base. Hopefully, solutions where intrusion in customers’ paying experience
is minimised will gain more popularity, especially if they help to solve
some of the vendors’ problems, such as chargebacks.
- Try to minimise the security costs (both financial and temporal) imposed
- Create a security management culture. This can be done by educating
employees and implementing strict information handling policies within
- Have a trust recovery plan in the event of a security breach likely
to undermine trusted relationships with customers. In many cases such
a plan will consists of enacting the company’s trust policies, providing
financial compensation, as well as reassuring customers through the
Recommend this page