In
fact, if you picked up a wallet on the street that was identical to yours but containing
somebody else??™s cards, you??™ll have a pretty immediate reaction. (Hey,
this isn??™t my wallet!) The CardSpace UI creates a similar experience. As you accumulate
cards and customize them with images or name them, you start to
have a personalized card collection.
Why is it signi?¬?cant that a user be able to easily identify their cards? It makes it
harder for a malicious page or application to try to spoof the CardSpace experience.
The malicious application can create a user interface that looks like
CardSpace (just like I can buy a wallet that looks like yours), but it??™s much more
dif?¬?cult to guess the cards users have and consequently dif?¬?cult to trick them
into thinking they are really using CardSpace. This is designed to raise the bar
on phishing or spoo?¬?ng attacks, where otherwise a user may be tricked into an
experience that looks like the CardSpace UI but which is actually designed to
woo users into believing they are in a trusted experience and then to release
sensitive information. If users have a gut reaction when presented with this type
of experience (Hey, this isn??™t my CardSpace!), they are less likely to fall for this
type of scam.
Pages:
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296