Trust seal: Difference between revisions
m Reverted edits by 71.136.253.126 (talk) unexplained removal of content (HG) |
Petermonaco (talk | contribs) Tag: section blanking |
||
Line 3: | Line 3: | ||
== Kinds of Trust Seals == |
== Kinds of Trust Seals == |
||
====Privacy Seal==== |
|||
A privacy seal outfits a company with an accurate privacy statement suited to its business practices. It also helps the company identify potential privacy threats that would otherwise go unnoticed. Major provider of Privacy Trust Seals across the world are [[TRUSTe]] and Trust guard. |
|||
====Business Identity Seal==== |
|||
A business identity seal, also known as, Verified Existence Seal is one which verifies the legal, physical and actual existence of the business by verifying multiple parameters such as statutory details, contact details, management details, etc. Verified existence Trust seals add weight to the profiles of the deployers and boost confidence of prospective clients. A major benefit of a Verified Trust seal is it represents due diligence certificate for it deployer. Business identity seals are provided by [[Crederity]], [[Better Business Bureau]], [[Trustguard]] etc |
|||
====Security Seals==== |
====Security Seals==== |
Revision as of 05:53, 9 March 2011
A Trust seal is a seal awarded by proprietary companies to businesses to display, in an attempt to boost customer confidence. There are several well-known trust seals from different companies, and the requirements for the displaying merchant vary, but typically involve a dedication to good security practices or the use of secure methods for transactions or most importantly verified existence of the company. Trust seals can come in a variety of forms, including data security seals, business verified seals and privacy seals and are available from a variety of companies, for a small fee. A Trust seal can be either active or passive. Most seals are validated when they are created and remain so for a specific duration of time, post expiry of which the business/process has to be re-validated.
Kinds of Trust Seals
Security Seals
Security Trust Seals are the most popular type of trust seal verification. There are two different types; Server Verification and Site Verification. Server Verification services, like HackerSafe and ControlScan, perform daily scans on the hosting server, to check for server vulnerabilities or attacks. Site Verification services, like Trust Guard, verify the existing security of websites, to ensure that customers are protected under normal circumstances. Major players in the market for security seals are McAfee and VeriSign.
Criticisms
Third party verification from a reliable source and a strategically placed trust seal may assure customers about the safety and security.[1]. Some trust seals, such as McAfee Hacker Safe, however, have been criticized as not doing enough to protect the security of visitors to a site[2] such as because they intentionally mark as 'Hacker Safe' websites known to McAfee to have an XSS vulnerability [3]. This is possible because most seals are a simple image that a hacker can simply copy and post onto their own site. Such lapses highlight the importance of anti-XSS protection security measures. Trust seals can give a false sense of security as they are awarded at a certain point of time. Change in technology and loopholes are not updated along with the trusted seal. So it does't represent flaws in the updated technology. The iconographical value is too high to mislead customers unaware about these changes.[4]
References
- ^ Hu, Xiaorui (2001-12-21). "Myth or Reality: Effect of Trust-Promoting Seals in Electronic Markets" (PDF). Retrieved 2008-06-16.
{{cite journal}}
: Cite journal requires|journal=
(help); Unknown parameter|coauthors=
ignored (|author=
suggested) (help) - ^ Dan Goodin (2008-04-29). "McAfee 'Hacker Safe' cert sheds more cred". The Register. Retrieved 2008-06-13.
- ^ Ryan Naraine and Dancho Danchev (2008-05-01). "More bad news for McAfee, HackerSafe certification". ZD Net. Retrieved 2009-07-26.
- ^ "On trust in the Internet: Belief cues from domain suffixs and seals" by Atticus Y. Evil, Eric F. Shaver, and Michael S. Wogalter, Department of Psychology , North Carolina State University