Introduction
In recent years, there has been a steady shift in the nature of Web applications. The vehicle of this transition of Web applications is us, the people. The ability to post photographs or videos, exchange music snippets with peers, and annotate a piece of information, are but a few exemplars of this phenomenon. Indeed, the pseudonym Web 2.0 (O’Reilly, 2005) has been used to describe the apparent “socialization” of the Web.
In spite of the significant prospects offered by human-centric Web applications, the mere fact that virtually anyone can set up such applications claiming to sell products and services or upload/post unscrutinized information on a topic as being “definitive,” raises the issues of credibility from a consumers’ viewpoint. Therefore, establishing credibility is essential for an organization’s reputation and for building consumers’ trust.
The rest of the article is organized as follows. We first provide the background necessary for later discussion. This is followed by the introduction of a framework within which different types of credibility in the context of human-centric Web applications can be systematically addressed and thereby improved. Next, challenges and directions for future research are outlined. Finally, concluding remarks are given.
background
In this section, we present the fundamental concepts underlying credibility and present the motivation and related work for addressing credibility within the context of Web applications.
Basic concepts of credibility of Web Applications
For the purposes of this article, we will consider credibility to be synonymous to (and therefore interchangeable with) believability (Fogg & Tseng, 1999).
The concept of credibility can be classified based upon the types of user interactions with a Web application. A user could consider a Web application to be credible based upon direct interaction with the application (active credibility), or consider it to be credible in absence of any direct interaction but based on certain pre-determined notions (passive credibility). There can be two types of active credibility, namely surface credibility, which describes how much the user believes the Web application based on simple inspection, and experienced credibility, which describes how much the user believes the Web application based on first-hand experience in the past. There can be two types of passive credibility, namely presumed credibility, which describes how much the user believes the Web application because of general assumptions that the user holds, and reputed credibility, which describes how much the user believes the Web application because of a reference from a third party.
Related Work on credibility of Web Applications
The issue of the credibility of Web applications has garnered attention in recent years from diverse viewpoints and this has lead to theoretical (Fogg, 2003; Metzger, 2005) and empirical (Consumer Reports WebWatch, 2005) studies pertaining to the credibility of both commercial and non-commercial Web applications.
There have been some partial efforts in addressing the credibility ofWeb applications.A set of guidelines for improving the credibility of Web applications have been presented (Fogg, 2003). However, these guidelines are stated in such a fashion that they can be open to broad interpretation, do not always present the relationships among them, and are stated at such a high-level that they may not always be practical or may be difficult to realize by a novice user.
A general framework for addressing the credibility of Web applications has been proposed previously (Kamthan, 2007; Kamthan, 2008). This article presents an adaptation as well as a modest extension of these works.
A systematic approach towards the credibility of web applications
In this section, we consider approaches for understanding and improving active and passive credibility.
stakeholders and Credibility of Web Applications
We identify two broad classes of stakeholders with respect to their roles in relationship to a Web application: a producer (such as the provider or an engineer) is the one who owns, finances, develops, deploys, or maintains the Web application, and a consumer (such as a novice or expert user) is the one who uses the Web application for some purpose.
We then assert that credibility is a perceived quality attribute with respect to the stakeholders of a Web application. Indeed, we view credibility as a contract between a producer and a consumer. This contract can have ethical, legal, and/or moral implications.
Addressing Active Credibility of Web Applications
We consider a Web application to be an interactive information system and adopt semiotics (Shanks, 1999; Stamper, 1992) as the theoretical basis for communication of information. The active credibility of Web applications is viewed as a qualitative aspect and is addressed indirectly from the perspective of semiotics (Table 1).
We now discuss each of the components of Table 1 in detail.
Identification of Semiotic Levels
The first column of Table 1 addresses semiotic levels. We are particularly interested in the communicative properties of the representations of a Web application, which in semiotics we can view on six interrelated levels: physical, empirical, syntactic, semantic, pragmatic, and social.
We focus only on the quality concerns at the last two levels: at the pragmatic level the interest is in the utility of the representations to its stakeholders, while at the social level the interest is in the manifestations of social interaction among stakeholders with respect to the representations.
Decomposition of Semiotic Levels and Assignment of Quality Attributes
The second column of Table 1 draws the relationship between semiotic levels and corresponding quality attributes.
Since each semiotic level is rather high to be tackled directly, we decompose it further into quality attributes that are widely-known and relevant. Not all attributes corresponding to a semiotic level are on the same echelon, and therefore they are placed at different tiers. We contend that the quality attributes included are necessary but make no claim of their sufficiency. Also, the quality attributes are not necessarily mutually exclusive, and this dependency can be either favorable or unfavorable (Wiegers, 2003). We note that some of the quality attributes are classical and relevant in a desktop environment but they get amplified, and in certain cases exacerbated, in a networked environment.
Specifically, credibility belongs to the social level and depends on the layers beneath it. The quality attributes aesthetics (presentation), legality, privacy, security, and transparency (of the producer) also at the social level depend upon the quality attributes accessibility and usability at the pragmatic level, which in turn depend upon the quality attributes comprehen-sibility, interoperability, performance, readability, reliability, and robustness also at the pragmatic level.
We discuss only the entries in the social level in some detail. The sensitivity part of visual perception is strongly related to aesthetics as it is close to human senses. The artistic expression plays an important role in making a Web application “attractive” to its customers beyond simply the functionality it provides. It is critical that the Web application be legal (for example, is legal in the jurisdiction it operates and all components it makes use of are legal); takes steps to respect user’s privacy (for example, does not abuse or share user-supplied information without permission); takes steps to secure itself (for example, in situations where financial transactions are made). The provider must take all steps to be transparent with respect to the user (for example, not include misleading information such as the features of products or services offered, clearly label promotional content, make available their contact information including physical address, policies regarding returning/exchanging products, and so on).
Table 1. A semiotic framework for active credibility of Web applications
| Semiotic Level | Quality Attributes | Means for Assurance and Evaluation | Decision Support | |
| Credibility | Process-Oriented:
Inspections, Testing |
|||
| Social | Aesthetics, Legality, Privacy, Security, Transparency | Tools | Feasibility | |
| Accessibility, Usability | Product-Oriented:
Training, Guidance |
|||
| Pragmatic | Comprehensibility, Interoperability, Performance, Readability, Reliability, Robustness | |||
Next, we separate the semiotic quality attributes and the means for addressing those.
Means for Active Credibility Assurance and Evaluation
The third column of Table 1 lists the means for assuring and evaluating active credibility. We note that the mapping between the aforementioned pragmatic and social quality attributes and the means for addressing them is many-to-many.
We now briefly discuss two product-oriented means, namely training and guidance for assuring the active credibility of a Web application.
Training
Often, the courses related to the Web offered at institutions tend to focus primarily on the manipulations of the “popular” (and moving target) client- and/or server-side technologies-of-the-day. The result is that the students tend to learn more about “technology hacks” rather than the fundamentals of analysis and design necessary towards a systematic approach to the large-scale development of Web applications.
Apart from an exposure to a comprehensive technical background in Web engineering (Mendes & Mosley, 2006), the toolbox of a prospective professional Web engineer should include several other aspects: means of precisely identifying user classes, user preferences, and their needs; understanding of quality attributes specific to the domain of the Web application and their social manifestations; appropriate use of standards for both the process and the product; ability of journalistic writing, including the ability of balancing information with other types of media (related to marketing such as advertisements); training in informed and balanced decision making in order to analyze the trade-offs and decide amongst different design approaches, or between the use of early and established technologies; basic knowledge of issues related to legal issues such as those related to intellectual property rights (IPR) and licensing; and basic knowledge of financial issues (such as those related to merchant accounts and payment systems) in the lieu of support for commercial transactions.
Guidance
We consider guidelines and patterns as two “bodies of knowledge” based on past experience and expertise that can serve as aids for structured guidance.
The guidelines encourage the use of conventions and good practice. They could serve as a checklist with respect to which an application could be heuristically and, to certain extent, automatically evaluated. There are guidelines available for addressing accessibility (Chisholm, Vander-heiden, & Jacobs, 1999) and usability (Nielsen, 2000) of Web applications. However, guidelines suffer from certain limitations: they may seem rather general at times, often do not discuss trade-offs as a consequence of their application or relationships among them, and tend to assume a certain level of knowledge of the domain and therefore are more suitable for an expert than for a novice.
A pattern provides a conceptually reusable and proven solution to a recurring problem in a given context. It has been pointed out (Friedman, 2005) that identifying patterns for the design of Web applications could be useful towards improving the credibility of these applications. Indeed, patterns for Web applications have begun to appear (Van Duyne, Landay, & Hong, 2003), and a judicious use of patterns can tackle many of the pragmatic and social quality attributes in Table 1. However, there are certain caveats in the adoption of patterns: there is an evident cost involved in adaptation of patterns to new contexts; since the mapping between patterns and quality attributes is many-to-many, their selection may not be trivial; and there is always a distinct possibility that for a given problem, there simply may not be any suitable pattern available.
We next briefly discuss two process-oriented means, namely inspections and testing for evaluating the active credibility of a Web application.
Inspections
Inspections are a rigorous form of auditing based upon peer review that, when practiced well, can help evaluating some of the quality attributes at both pragmatic and social levels in Web applications. These are aesthetics, comprehensibility, legality, privacy, readability, and transparency. Inspections could, for example, assess if the presentation of information appears “professional”, determine “sufficiency” of contact information, or decide what information is/is not considered “promotional.”
Since inspections is a means for static verification, it can evaluate in rather limited form (if at all) the quality attributes that by necessity require some form of “dynamism” or real-world use. These include accessibility, interoperability, performance, reliability, robustness, security, and usability.
In spite of the usefulness of inspections in early defect detection, adoption can depend on the level of organizational process maturity, their effectiveness lies strongly on the reading technique deployed, and entail an initial cost overhead of training each participant in the structured review process followed by the logistics of checklists, forms, and reports involved.
Testing
Testing is a means for dynamic verification and is usually supported by most Web application development processes. The attributes of accessibility, interoperability, performance, reliability, robustness, security, and usability can to a large extent be tested (semi-)automatically using tools or with the help of actual users.
However, not all quality attributes at either pragmatic or social levels in a Web application can be tested automatically. For example, it is not possible to completely test a Web application for aesthetics, comprehensibility, legality, privacy, readability, or transparency (like producer’s intent) using tools; human inspection would be necessary for checking and determining the level of support of these quality attributes. Thus, inspections and testing do not replace but complement each other.
Tools
There are various tools that can help improve quality concerns at technical and social levels, manually, semi-automatically, or automatically. For example, they can help us detect security breaches, inform us of absence of privacy metadata, report violations of accessibility guidelines, or suggest image sizes favorable to the performance on the Web.
However, state-of-the-art tools can be expensive, although this situation is changing with the rise of open source software (OSS). They also may not always be applicable.
Decision Support
The last column of Table 1 acknowledges that the activities of assurance and/or evaluation must be realizable in practice.
The providers of Web applications take into account organizational constraints of time and resources (personnel, infrastructure, budget, and so on) and external forces (market value, competitors, and so on), which compels them to make quality related decisions that, apart from being sensitive to credibility, must also be feasible. For example, an a priori guarantee that a Web application will be credible to all users at all times in situations that they can find themselves in, is simply impractical.
The feasibility analysis is evidently related to decision making and could be a part of the overall Web application project planning activity. Further discussion of this aspect is beyond the scope of this article.
Addressing Passive Credibility of Web Applications
In this section, we briefly look into the case of passive credibility, specifically reputed credibility.
Like in the real-world contexts, Web applications could be audited for quality in general and credibility in particular. Indeed, WebTrust and TRUSTe are two relevant initiatives in the direction of addressing reputed credibility.
We acknowledge that the perceptions related to presumed credibility may be one of the most difficult to tackle. There are no absolute guarantees but the following could be helpful for presumed credibility assurance of a Web application: personalizing the application to user context, making organizational policies explicit, and appropriately labeling the nature of content as per the requirements of the Internet Content Rating Association (ICRA).
Scope of Credibility of Web Applications
We note that credibility is not a “universal” concern. The credibility of a Web application is a concern to a user if there is an associated cost (say, in terms of lost time, effort, or money) that is outright unacceptable to the user.
That the credibility of a Web application is a concern may also depend on the purpose of the interaction and the role played by the user. For example, credibility may be a lesser concern to a user if (s)he is casually browsing a gossip column on a movie artist than if (s)he is filling out an annual tax return form.
We also note that credibility is not a quality attribute that is absolute with respect to users or with respect to the Web application itself. We contend that for a Web application to be labeled as non-credible there must exist at least a part of it that is labeled non-credible based on the aforementioned classification by at least one user at some point in time. For example, a user may question the credibility of information on a specific product displayed on a specific “Web page” within a Web application.
FUTURE TRENDs
The work presented in this article can be extended in a few different directions, which we now briefly discuss.
It is known that, when applied judiciously, standards can contribute towards quality improvement. Indeed, credibility has recently been a topic of interest in standards for Web applications such as the IEEE Standard 2001-2002. However, awareness and broad use of these standards among engineers is yet to be seen.
Due to the unique nature of Web applications, any initiative towards addressing the credibility of Web applications should take place within the auspices of a development process that is that is sufficiently agile. This would require that the current agile methodologies for the development of Web applications evolve to provide support for credibility in general and for pragmatic and social quality attributes discussed in this article in particular.
The semantic Web has recently emerged as an extension of the current Web that adds technological infrastructure for better knowledge representation, interpretation, and reasoning (Hendler, Lassila, & Berners-Lee, 2001). At the highest level of this infrastructure is the issue of trust. For example, ontologies are central to the semantic Web and their development and subsequent use is based on mutual trust among the stakeholders. For the sustainability of the Web architecture, it is critical that the social Web and the semantic Web co-exist and evolve harmoniously. However, the “human” aspects of the semantic Web remain largely unaddressed. A natural extension of the discussion on credibility of the preceding section could be within the context of semantic Web applications.
conclusion
By shifting from a collective of computers towards a community of people, the Web is becoming a symbiotic means of contribution, participation, and collaboration. The consumer concerns of credibility and the extent to which they are addressed will remain a key determinant towards the success of this paradigm.
Although there have been many advances towards enabling the technological infrastructure of the Web in the past decade, there is much to be done in addressing the social challenges, including user perceptions and expectations.
In conclusion, if credibility is important to an organization, it needs to be considered as a first-class concern, rather than an afterthought, from inception to conclusion of a Web application development process. Addressing the credibility in a systematic and feasible manner is one step in that direction.
KEY TERMs
Credibility Engineering: The discipline of ensuring that a system will be perceived as credible by its stakeholders, and doing so throughout the life cycle of the system.
Delivery Context: A set of attributes that characterizes the capabilities of the access mechanism, the preferences of the user, and other aspects of the context into which a resource is to be delivered.
Quality: The totality of features and characteristics of a product or a service that bear on its ability to satisfy stated or implied needs.
Quality Model: A set of characteristics and the relationships between them that provide the basis for specifying quality requirements and evaluating quality of an entity.
Semantic Web: An extension of the current Web that adds technological infrastructure for better knowledge representation, interpretation, and reasoning.
Semiotics: The field of study of signs and the communicative properties of their representations.
Web Application: A specific to a domain Web site that behaves more like an interactive software system rather than a catalog: it will in general require programmatic ability on the server-side and may integrate/deploy additional software for some purpose (such as dynamic delivery of resources).
Web Engineering: A discipline concerned with the establishment and use of sound scientific, engineering and management principles and systematic approaches to the successful development, deployment, and maintenance of high-quality Web applications.
