Citibank discloses private information to improve security
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue May 31 04:03:53 EDT 2005
"James A. Donald" <jamesd at echeque.com> writes:
>With bank web sites, experience has shown that only 0.3% of users are
>deterred by an invalid certificate, probably because very few users have any
>idea what a certificate authority is, what it does, or why they should care.
James (and others): I really wouldn't cite the BankDirect figure as a hard
value, since it represents just a single user, who may in turn have clicked on
the wrong button (i.e. the real figure could have been 0%). It'd be better to
say "statistically insignificant" or "negligible" or some other close-to-or-
equal-to-zero synonym.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list