There is growing concern among individuals in the United States and abroad about identity theft, as well as misuse of personal information. Businesses are similarly concerned about fraud and theft. The increasing automation of business transactions has removed many of the cues people use to make judgments about the trustworthiness of entities with whom they deal. Interestingly, the same technology that enables remotely situated entries to transact business with one another also enables unauthorized or fraudulent transactions to occur more quickly and in more places than before. On the other hand, the transaction speed that magnifies losses in the event of fraud also magnifies gains in legitimate transactions. Speed and convenience are selling points for each wave of automation and for most individuals and businesses, the gains have been substantial enough to outweigh the increased risks and the occasional losses involved.
One way to reduce the risk of loss is to use a reputation-based system. Currently, many businesses and organizations either self-assert that they are trustworthy and have secure practices or they display icons or “seals” on their web page that purport to be proof that they are in the good graces of some trusted third party, such as Better Business Bureau, TRUSTe, Verisign, and others. Unfortunately, it is not difficult to forge or “spoof” such seals; moreover, most existing security indicators are displayed along the periphery of a browser window, such as on the tool bar or status bar, and thus outside the primary focus of the user, thereby increasing the probability that attempts to deceive the user into believing that the spoofed seal is in fact valid will succeed.