We developed and describe TrustBar, a browser extension for improved secure identification indicators. Users can assign a name/logo to a secure site, presented by TrustBar when the browser presents that secure site; otherwise, TrustBar presents the certified site's owner name, and the name/logo of the Certificate Authority (CA) who identified the owner. Some of these ideas are already adopted by browsers, following our work.
We describe usability experiments, which measure, and prove the effectiveness, of TrustBar's improved security and identification indicators. We derive general secure-usability principles from our experiments and experience with TrustBar
Category / Keywords: applications / electronic commerce and payment Date: received 4 Jul 2004, last revised 3 Sep 2006 Contact author: herzbea at cs biu ac il Available format(s): PDF | BibTeX Citation Note: Earlier version of this manuscript was titled `TrustBar: Protecting (even Na´ve) Web Users from Spoofing and Phishing Attacks`. The main change in the new version is description of the usability experiments. Version: 20060903:100355 (All versions of this report) Short URL: ia.cr/2004/155 Discussion forum: Show discussion | Start new discussion