Skip to main content
SpringerLink
Log in

Views, Reactions and Impact of Digitally-Signed Mail in e-Commerce

  • Conference paper
Financial Cryptography and Data Security (FC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3570))

Included in the following conference series:

Abstract

We surveyed 470 Amazon.com merchants regarding their experience, knowledge and perceptions of digitally-signed email. Some of these merchants (93) had been receiving digitally-signed VAT invoices from Amazon for more than a year. Respondents attitudes were measured as to the role of signed and/or sealed mail in e-commerce. Among our findings: 25.2% of merchants thought that receipts sent by online merchants should be digitally-signed, 13.2% thought they should be sealed with encryption, and 33.6% thought that they should be both signed and sealed. Statistically-significant differences between merchants who had received the signed mail and those who had not are noted. We conclude that Internet-based merchants should send digitally-signed email as a “best practice,” even if they think that their customers will not understand the signatures, on the grounds that today’s email systems handle such signatures automatically and the passive exposure to signatures appears to increase acceptance and trust.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Gutmann, P.: Why isn’t the internet secure yet, dammit. In: AusCERT Asia Pacific Information Technology Security Conference 2004; Computer Security: Are we there yet? (2004), http://conference.auscert.org.au/conf2004/

  2. Federal Trade Comission: Identity thief goes “phishing” for consumers’ credit information (2003), http://www.ftc.gov/opa/2003/07/phishing.htm

  3. Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. In: 8th USENIX Security Symposium, pp. 169–184 (1999)

    Google Scholar 

  4. Linn, J.: RFC 989: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures, Obsoleted by RFC1040, RFC1113 [5, 6]. Status: UNKNOWN (1987)

    Google Scholar 

  5. Linn, J.: RFC 1040: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures, Obsoleted by RFC1113 [6]. Obsoletes RFC0989 [4]. Status: UNKNOWN (1988)

    Google Scholar 

  6. Linn, J.: RFC 1113: Privacy enhancement for Internet electronic mail: Part I – message encipherment and authentication procedures, Obsoleted by RFC1421 [16]. Obsoletes RFC0989, RFC1040 [4, 5]. Status: HISTORIC (1989)

    Google Scholar 

  7. Zimmermann, P.R.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)

    Google Scholar 

  8. Atkins, D., Stallings, W., Zimmermann, P.: RFC 1991: PGP message exchange formats, Status: INFORMATIONAL (1996)

    Google Scholar 

  9. Elkins, M.: RFC 2015: MIME security with pretty good privacy (PGP), Status: Proposed Standard (1996)

    Google Scholar 

  10. Dusse, S., Hoffman, P., Ramsdell, B., Lundblade, L., Repka, L.: RFC 2311: S/MIME version 2 message specification, Status: Informational (1998)

    Google Scholar 

  11. Ramsdell, B.: Secure/multipurpose internet mail extensions (s/mime) version 3.1 message specification (2004)

    Google Scholar 

  12. GVU: GVU’s tenth WWW user survey results (1999), http://www.cc.gatech.edu/gvu/usersurveys/survey-1998-10/

  13. Whitten, A.: Making Security Usable. PhD thesis, School of Computer Science, Carnegie Mellon University (2004)

    Google Scholar 

  14. CERT Coordination Center: CERT advisory ca-2001-26 nimda worm. Technical report, CERT Coordination Center, Pittsburgh, PA (2001)

    Google Scholar 

  15. T. Ylonen, e.a.: SSH protocol architecture (1998) Work in Progress.

    Google Scholar 

  16. Linn, J.: RFC 1421: Privacy enhancement for Internet electronic mail: Part I: Message encryption and authentication procedures (1993) Obsoletes RFC1113 [6]. Status: PROPOSED STANDARD.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. MIT, Cambridge, MA, 02139, USA

    Simson L. Garfinkel, Jeffrey I. Schiller, Erik Nordlander & Robert C. Miller

  2. Amazon.com, Seattle, WA

    David Margrave

Authors
  1. Simson L. Garfinkel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeffrey I. Schiller
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Erik Nordlander
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. David Margrave
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Robert C. Miller
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. National Research Council of Canada, 1200 Montreal RD.,, K1A 0R6, Ottawa, ON, Canada

    Andrew S. Patrick

  2. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Garfinkel, S.L., Schiller, J.I., Nordlander, E., Margrave, D., Miller, R.C. (2005). Views, Reactions and Impact of Digitally-Signed Mail in e-Commerce. In: Patrick, A.S., Yung, M. (eds) Financial Cryptography and Data Security. FC 2005. Lecture Notes in Computer Science, vol 3570. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11507840_18

Download citation

  • DOI: https://doi.org/10.1007/11507840_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26656-3

  • Online ISBN: 978-3-540-31680-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation