Trust and the perception of security

Trust and security in interactive spaces do not depend on technical security measures alone. Our limited research suggests that: "The feeling of security experienced by a user of an interactive system is determined by the user's feeling of control of the interactive system."


In November and December 1999, we conducted a task and content analysis for a major European airline. The internet company we work for was asked to redesign their current website in order to increase the proportion of seats booked on-line by:
  • making the on-line booking process as easy and non-technical as possible,
  • providing relevant content to attract more customers to the site.
In order to base our design decisions on real-life data and not only on our own preconceptions about airlines, we planned a series of analysis activities. The goal of this analysis was to investigate how customers currently book seats (task analysis) and to unveil what related content would be useful to customers and how we can provide it in a convenient way (content analysis).

We used qualitative methods for our analysis: interviews, observations, content analysis, analysis of existing customer feedback, etc.

Unexpected finding

Among the 181 observations there is one unexpected finding with a relevance that goes beyond this particular case.

We noticed that people's perception of security when doing on-line transactions depends on the simplicity of the site and on the availability of user support. People told us:
  • "It tells me what to do and it's clear even though I am not familiar with computers. I feel confident that I'll get what I want and that nothing strange will happen. I don't mind giving my credit card number in that case."
  • "I feel secure about giving my credit card number because it's simple. I trust it because you see what you get. There is nothing hidden or obscure."
This observation puzzled us. Discussions about security on internet seem preoccupied with technical issues such as 128-bit encryption, secure sessions, authentication, digital certificates, secure sockets layer, etc. And we observe that people feel secure because... "it's easy"?!


If we want to design virtual spaces where people feel safe and secure, we need to know what causes these feelings. Only from an understanding of the causes of trust on internet can we derive design guidelines that will allow us to build websites where people feel safe. We have come up with one possible explanation.

Our hypothesis is that "The feeling of security experienced by a user of an interactive system is determined by the user's feeling of control of the interactive system".

In other words, the more a user feels in control of a website, the more (s)he will trust the site.

Design Guidelines: Design for Trust

"Put the user in control" is a classic usability principle. If our observation proves to be persistent, we would gain operative design leverage on the feeling of security in interactive spaces by optimizing the user's feeling of control. But as easy as the principle of user's control sounds, as inoperative it is when you start designing. It needs to be broken down into workable pieces.

An interactive system that allows the user to feel in control should in the first place be comprehensible. This means it should provide a user-adapted answer to the following questions:
  • What is the current state of the interactive system? Which goal can I achieve with the system? E.g. does the website make it perfectly clear that I can place orders on-line?
  • How can I change the current state of the interactive system in the direction of my goal? E.g. does the website give enough visual and verbal indications on how I can place an on-line order?
  • How can I be sure that I have achieved the desired goal? E.g. does the system provide enough feedback that allows me to be sure that my order is executed?
A second requirement is that the system is predictable: will the user know, with a reasonable degree of certainty, what will happen when (s)he takes an action? Predictability on internet is a special challenge because of the lack of strong interaction design standards. The success of WIMP (Windows, Icons, Menus, Pointers) user interfaces such as MS Windows depends to a large extent on their predictability through consistency: "I know how to operate a menu or a drop-down list box because I have used it before in another application and it behaves always in the same way."

A third requirement is that the system is flexible and adaptable. Not all users will execute a task in the same way. A user will feel in control of an interactive system if (s)he can choose the way a task is executed instead of having to figure out how the system requires it to be done.

However, the relationship between flexibility and control is not straightforward. Increasing the flexibility can also increase complexity and diminish comprehensibility. The "Wizard" interaction model exemplifies that less control and flexibility can sometimes make it easier for the user.


More research has to be conducted to validate the relationship between the feeling of security experienced by a user of an interactive system and the user's feeling of control of the interactive system. We are not sure whether our observation will be persistent in research on a larger scale.

Further research will also have to look at other factors that determine the feeling of security on internet. We think strong branding is a good candidate. Our hypothesis is that " The stronger the brand a website carries, the more people will feel secure."

What about the relationship between real risks and perceived security on internet? This has been extensively investigated in real life environments. Even if the results cannot be transposed from real life to virtual environments, a lot can be learned from the concepts and research methods that have been developed.

And what is the effect on feelings of security of explicit or implicit security declarations on sites. Will users feel more secure if a website carries a statement that the transaction is protected by 128-bits encryption? Or will they think that if a website needs 128 bits worth of security, there must be a real threat? Or will they think that if there is 128-bits worth of protection, there is a gangster with 129-bits worth of counter-equipment.


We have argued that the feeling of security experienced by a user of an interactive system does not depend on technical security measures alone. Other (psychological) factors can play a determining role. Our limited research shows the user's feeling of control can be one of these factors.

invites design practitioners to share their ideas on and experiences with feelings of security on internet. We also encourage researchers to take up research questions related to feelings of security in interactive spaces.