Communications - April 2008 - Departments (Page 38)

B) Gain $10 if a coin toss lands heads up

Motivating Value

When Tversky and Kahneman used a similar scenario, 72% of those surveyed chose the sure bet offered by option A because there was less risk and the outcome was guaranteed. Now consider a similar scenario presented as a choice between two losses:

source. In this scenario, the primary goal is to view the Web page content:

Perceived Loss

Perceived Gain

If X = Y, then A > B

Scenario 2:

A) Lose $5 guaranteed

B) Lose $10 if a coin toss lands heads up

When Tversky and Kahneman framed their scenario as a choice between losses, 64% of the respondents chose option B. People tended to focus on the chance to not lose anything offered in B compared to the sure loss guaranteed by option A.

When evaluating a security decision, the negative consequences are potentially greater of course, but the probability is generally less and often unknown. The principle holds true. When there is a potential loss in a poor security decision compared to the guaranteed loss of making the pro-security decision, the user may be inclined to take the risk. For example, consider the choice between two losses in a common security decision involving the download and installation of a digital certificate and ActiveX control from an unknown

Figure 1. Losses carry more value compared to gains when both are perceived as equal. For non-zero values, if value of loss (X) = value of gain (Y), then motivation of loss (A) > motivation of gain (B) (Adapted from Tversky and Kahneman [ 8]).

Scenario 3:

A) Do not install digital certificate and ActiveX control from unknown source and do not view the content of the Web page (fail on primary goal), guaranteed.

B) Install digital certificate and ActiveX control from unknown source, view the Web page (accomplish primary goal), and take a chance that something bad happens.

Like Scenario 2, some users will chance that

nothing bad will happen in order to achieve their primary goal than accept the task failure guaranteed by option A. Furthermore, if there are no immediate and obvious negative consequences incurred by option B, the user learns it is an acceptable decision and is more likely to repeat it in the future. The everyday security decisions end users make, like opening file attachments, are often presented in the form of losses as in Scenario 3.

People do not perceive gains and loss equally.

This suggests that while a system designer may

consider the cost of security effort small, the loss

could be perceived as worse than the greater gain

in safety. Put simply, the user must perceive a

greater magnitude of gain than of loss.