Trading in Trust Featured Pattern: P0796 July 2015

Establishing trust in online transactions requires significant technological innovation and a deeper understanding of human behavior.

Abstracts in this Pattern:

Start-up 21 Inc. (San Francisco, California) aims to develop products that will mainstream the Bitcoin (http://bitcoin.org) payment system, and the company recently secured $116 million in funding from several well-known investors. These investments indicate significant interest in the cryptocurrency's underlying technology, which could one day see use in applications that enable trustworthy exchanges online. In 2014, Marc Andreessen, cofounder of venture-capital firm Andreessen Horowitz (Menlo Park, California), said that Bitcoin provides a way "to establish trust between otherwise unrelated parties over an untrusted network like the Internet" (see SC-2014-03-05-098).

Even though Bitcoin represents a secure digital currency, the underlying technology does not prevent fraud. In March 2015, the administrators of Evolution—an online black market mainly for drugs—defrauded a large number of drug dealers by simply disappearing with millions of dollars in bitcoins. This so-called exit scam highlights the need to develop approaches to online transactions that do not require buyers and vendors to place so much trust in administrators. In the future, measures such as multisignature escrow, in which a majority of parties must sign off on a transaction to validate it, could eliminate fraud in online transactions.

The technical language of contracts can reflect the kind of trust relationship that parties seek during an exchange. Researchers at the University of Southern California (Los Angeles, California) found that people perceive violations of the letter of a contract (what is actually written) as more intentional than violations of the spirit of the contract (unwritten assumptions). Contractual partners seeking positive, long-term relationships would do well to draft contracts that leave certain assumptions unstated, thereby allowing for easier repair of the relationship if a contract violation does occur. And many large firms are testing the security know-how of their employees by contracting companies to send fake phishing emails to see who can be trusted to keep information systems secure. Companies such as Wombat Security Technologies (Pittsburg, Pennsylvania) and PhishMe (Leesburg, Virginia) offer security-check services to large enterprises looking to gauge and then reduce their vulnerability to such attacks.