How to increase users' perception of security on a payment screen? [duplicate]
This question already has an answer here:
Showing “this is secure” on credit card entry screen
7 answers
Has anyone done any user testing they could share about padlock or shield icons on payments screens and which is perceived as most secure?
gui-design security payment
marked as duplicate by locationunknown, JonW♦ Feb 11 at 10:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
|
show 1 more comment
This question already has an answer here:
Showing “this is secure” on credit card entry screen
7 answers
Has anyone done any user testing they could share about padlock or shield icons on payments screens and which is perceived as most secure?
gui-design security payment
marked as duplicate by locationunknown, JonW♦ Feb 11 at 10:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
13
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
There used to be a kind of convention of companies usingssl.example.org
style sub-domains (as opposed towww
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.
– simbabque
Feb 4 at 17:37
2
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42
|
show 1 more comment
This question already has an answer here:
Showing “this is secure” on credit card entry screen
7 answers
Has anyone done any user testing they could share about padlock or shield icons on payments screens and which is perceived as most secure?
gui-design security payment
This question already has an answer here:
Showing “this is secure” on credit card entry screen
7 answers
Has anyone done any user testing they could share about padlock or shield icons on payments screens and which is perceived as most secure?
This question already has an answer here:
Showing “this is secure” on credit card entry screen
7 answers
gui-design security payment
gui-design security payment
edited Feb 4 at 16:30
Kasper-G
asked Feb 4 at 14:29
Kasper-GKasper-G
16827
16827
marked as duplicate by locationunknown, JonW♦ Feb 11 at 10:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by locationunknown, JonW♦ Feb 11 at 10:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
13
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
There used to be a kind of convention of companies usingssl.example.org
style sub-domains (as opposed towww
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.
– simbabque
Feb 4 at 17:37
2
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42
|
show 1 more comment
13
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
There used to be a kind of convention of companies usingssl.example.org
style sub-domains (as opposed towww
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.
– simbabque
Feb 4 at 17:37
2
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42
13
13
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
There used to be a kind of convention of companies using
ssl.example.org
style sub-domains (as opposed to www
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.– simbabque
Feb 4 at 17:37
There used to be a kind of convention of companies using
ssl.example.org
style sub-domains (as opposed to www
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.– simbabque
Feb 4 at 17:37
2
2
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42
|
show 1 more comment
2 Answers
2
active
oldest
votes
Google and UC Berkeley tested different solutions to understand users perception of HTTPS in the browser. While this is not specifically geared to a payment page, their paper contains some strong insights when it comes to choosing an icon to signify security online.
Here's what they said specifically about the icons used in the survey:
The shield and lock consistently performed well across all colors,
which suggests that either shape should be meaningful to people who
are colorblind. We break the tie by considering that many browser
users have already been taught to look for locks...
Source (pdf): Rethinking Connection Security Indicators
The lock icon seems to be favoured by Chrome devs when it comes to signifying a secure connection with a website due to the ubiquity of its usage for over a decade.
One caveat however is this was not testing for placement in a UI so take care where it is positioned as this could affect your results. The designers I have worked with favour padlocks on each button in the checkout journey because they reinforce the feeling of security at the moment information is "sent" by the browser, ie. when customer taps/clicks the Pay button but placement would be a good thing to test on your own site.
If you need a lock icon Google shared one as part of the material design system icons.
add a comment |
Baymard has done a number of studies on the subject of perceived webpage security, summarized in this article. Some key points:
Throughout all of our testing of checkout processes, we’ve consistently observed 2 important user behaviors relating to security:
- Depending on the design, users perceive some parts of a page to be more secure than other parts of the same page.
- The average user’s perception of a site’s security is largely determined by their “gut feeling”, which – beyond how much they trust the brand – is to a large extent observed to be directed by how visually secure the page looks.
Regarding which seals users trust most, here are the results of a 2016 survey cited in the above article.
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Google and UC Berkeley tested different solutions to understand users perception of HTTPS in the browser. While this is not specifically geared to a payment page, their paper contains some strong insights when it comes to choosing an icon to signify security online.
Here's what they said specifically about the icons used in the survey:
The shield and lock consistently performed well across all colors,
which suggests that either shape should be meaningful to people who
are colorblind. We break the tie by considering that many browser
users have already been taught to look for locks...
Source (pdf): Rethinking Connection Security Indicators
The lock icon seems to be favoured by Chrome devs when it comes to signifying a secure connection with a website due to the ubiquity of its usage for over a decade.
One caveat however is this was not testing for placement in a UI so take care where it is positioned as this could affect your results. The designers I have worked with favour padlocks on each button in the checkout journey because they reinforce the feeling of security at the moment information is "sent" by the browser, ie. when customer taps/clicks the Pay button but placement would be a good thing to test on your own site.
If you need a lock icon Google shared one as part of the material design system icons.
add a comment |
Google and UC Berkeley tested different solutions to understand users perception of HTTPS in the browser. While this is not specifically geared to a payment page, their paper contains some strong insights when it comes to choosing an icon to signify security online.
Here's what they said specifically about the icons used in the survey:
The shield and lock consistently performed well across all colors,
which suggests that either shape should be meaningful to people who
are colorblind. We break the tie by considering that many browser
users have already been taught to look for locks...
Source (pdf): Rethinking Connection Security Indicators
The lock icon seems to be favoured by Chrome devs when it comes to signifying a secure connection with a website due to the ubiquity of its usage for over a decade.
One caveat however is this was not testing for placement in a UI so take care where it is positioned as this could affect your results. The designers I have worked with favour padlocks on each button in the checkout journey because they reinforce the feeling of security at the moment information is "sent" by the browser, ie. when customer taps/clicks the Pay button but placement would be a good thing to test on your own site.
If you need a lock icon Google shared one as part of the material design system icons.
add a comment |
Google and UC Berkeley tested different solutions to understand users perception of HTTPS in the browser. While this is not specifically geared to a payment page, their paper contains some strong insights when it comes to choosing an icon to signify security online.
Here's what they said specifically about the icons used in the survey:
The shield and lock consistently performed well across all colors,
which suggests that either shape should be meaningful to people who
are colorblind. We break the tie by considering that many browser
users have already been taught to look for locks...
Source (pdf): Rethinking Connection Security Indicators
The lock icon seems to be favoured by Chrome devs when it comes to signifying a secure connection with a website due to the ubiquity of its usage for over a decade.
One caveat however is this was not testing for placement in a UI so take care where it is positioned as this could affect your results. The designers I have worked with favour padlocks on each button in the checkout journey because they reinforce the feeling of security at the moment information is "sent" by the browser, ie. when customer taps/clicks the Pay button but placement would be a good thing to test on your own site.
If you need a lock icon Google shared one as part of the material design system icons.
Google and UC Berkeley tested different solutions to understand users perception of HTTPS in the browser. While this is not specifically geared to a payment page, their paper contains some strong insights when it comes to choosing an icon to signify security online.
Here's what they said specifically about the icons used in the survey:
The shield and lock consistently performed well across all colors,
which suggests that either shape should be meaningful to people who
are colorblind. We break the tie by considering that many browser
users have already been taught to look for locks...
Source (pdf): Rethinking Connection Security Indicators
The lock icon seems to be favoured by Chrome devs when it comes to signifying a secure connection with a website due to the ubiquity of its usage for over a decade.
One caveat however is this was not testing for placement in a UI so take care where it is positioned as this could affect your results. The designers I have worked with favour padlocks on each button in the checkout journey because they reinforce the feeling of security at the moment information is "sent" by the browser, ie. when customer taps/clicks the Pay button but placement would be a good thing to test on your own site.
If you need a lock icon Google shared one as part of the material design system icons.
edited Feb 5 at 3:29
PyRulez
1083
1083
answered Feb 4 at 15:58
WesWes
39638
39638
add a comment |
add a comment |
Baymard has done a number of studies on the subject of perceived webpage security, summarized in this article. Some key points:
Throughout all of our testing of checkout processes, we’ve consistently observed 2 important user behaviors relating to security:
- Depending on the design, users perceive some parts of a page to be more secure than other parts of the same page.
- The average user’s perception of a site’s security is largely determined by their “gut feeling”, which – beyond how much they trust the brand – is to a large extent observed to be directed by how visually secure the page looks.
Regarding which seals users trust most, here are the results of a 2016 survey cited in the above article.
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
add a comment |
Baymard has done a number of studies on the subject of perceived webpage security, summarized in this article. Some key points:
Throughout all of our testing of checkout processes, we’ve consistently observed 2 important user behaviors relating to security:
- Depending on the design, users perceive some parts of a page to be more secure than other parts of the same page.
- The average user’s perception of a site’s security is largely determined by their “gut feeling”, which – beyond how much they trust the brand – is to a large extent observed to be directed by how visually secure the page looks.
Regarding which seals users trust most, here are the results of a 2016 survey cited in the above article.
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
add a comment |
Baymard has done a number of studies on the subject of perceived webpage security, summarized in this article. Some key points:
Throughout all of our testing of checkout processes, we’ve consistently observed 2 important user behaviors relating to security:
- Depending on the design, users perceive some parts of a page to be more secure than other parts of the same page.
- The average user’s perception of a site’s security is largely determined by their “gut feeling”, which – beyond how much they trust the brand – is to a large extent observed to be directed by how visually secure the page looks.
Regarding which seals users trust most, here are the results of a 2016 survey cited in the above article.
Baymard has done a number of studies on the subject of perceived webpage security, summarized in this article. Some key points:
Throughout all of our testing of checkout processes, we’ve consistently observed 2 important user behaviors relating to security:
- Depending on the design, users perceive some parts of a page to be more secure than other parts of the same page.
- The average user’s perception of a site’s security is largely determined by their “gut feeling”, which – beyond how much they trust the brand – is to a large extent observed to be directed by how visually secure the page looks.
Regarding which seals users trust most, here are the results of a 2016 survey cited in the above article.
answered Feb 4 at 19:01
kcazllerrafkcazllerraf
1613
1613
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
add a comment |
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
2
2
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
Makes sense ... the busier and worse-looking logots are at the end (is that a gradient?)
– Azor Ahai
Feb 4 at 22:40
5
5
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
I love the fact that they threw in a fake one and it got 3-4x more votes than the largest SSL companies...
– Federico Poloni
Feb 5 at 7:56
2
2
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
Just wanted to highlight "it’s very interesting to note that the seals from well-known consumer-facing brands, like Norton and Google, perform very well." (from the linked article) To a certain extent, this is "trust through familiarity" and the most commonly seen trust icons will be viewed as the most trustworthy. (Search google scholar for keywords like "advertising trust through familiarity" for further reading)
– tolos
Feb 5 at 14:07
3
3
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
Shame - it should be 0% for all of them, because someone telling you "we are endorsed by <X>" means absolutely nothing and obviously the unsecure miscreants are the ones who are going to mislead you. Sad times!
– Lightness Races in Orbit
Feb 5 at 16:25
add a comment |
13
To close voters: Though this question contains the word "icons", I think there is some real UX substance to this question. It's discussing the users' perception of security, which is certainly an important topic. Already there has been an excellent answer posted, backed with sources from Google and UC Berkley.
– maxathousand
Feb 4 at 16:20
Thanks @maxathousand - I shall edit the title again
– Kasper-G
Feb 4 at 16:28
There used to be a kind of convention of companies using
ssl.example.org
style sub-domains (as opposed towww
) for these. IIRC ebay did it in the mid 2000s, and some others as well. I have not seen any research, but I've worked at a large e-com company that did that too, and explained it with copying from even bigger companies, because if they thought it was right it must be.– simbabque
Feb 4 at 17:37
2
I think you're asking the wrong question. From the UX perspective the question seems valid, but for your shop the question is very dangerous. If you convey your users, that an image on a website can assure security, phishing sites cloning your shop will be confused for your shop by your users. So better explain your users how their browser signals that it's your secure site. Hint them at the correct domain and if you have an EV-Certificate, then at the company name in the URL bar.
– allo
Feb 5 at 15:45
@allo Do you have any examples of an e-commerce site that explains browser certificates to a customer on payment page? Trust is paramount on this page, even if it's "perceived" trust.
– Wes
Feb 5 at 16:42