This symbol is used by retailers and suppliers to tell customers that their products follow Fairtrade standards. (Photo: Ian Hutchinson/IF).

Building trust with products through marks

There’s a rich history of using symbols to create trust between products and buyers. Makers marks are pressings into the metal on jewellery that tell people about who made the item and what it’s made of. A more modern example is the Fairtrade mark. When I buy my bananas I always pick Fairtrade as I know the farmers who grew them got a fairer deal. The Fairtrade standards are created in a formal process that sets out clear guidelines producers can measure against.

We started out thinking about what a mark and a standard for security in connected products would be. Recently, ARM, Symantec and other tech firms collaborated to create The Open Trust Protocol, a standard that aimed to to bring security techniques used in internet banking to the development of connected products.

But when we talked to experts about standards, we discovered that there’s a lot problems with them. There’s the questions of who should create the standards, how they should be maintained and changed over time and how they could cover the numerous types of connected devices powered by different versions of hardware and software.

Crucially, getting manufacturers to adhere to them would be difficult without demand from buyers. That’s the bit we started to investigate next.

Barcodes on packaging that incorporate the Transparency Mark can direct customers to information about the workings of a product. (Photo: Andrew Corrigan/IF).

Revealing how things work

We heard from users that people care about their privacy and security but don’t feel confident in comparing why some products are better than others.

The whole software stuff is a ‘black art’ – people do need to understand what things do.

Often, the moving parts of a product are hidden from the consumer. Provenance are working with manufacturers to create connected marks, to give consumers greater transparency over the supply chains of the products they buy.

In our research we found brands are a powerful force when people choose what to buy, especially when it comes to the perception of how secure something is.

I didn’t do any research, because I felt I didn’t need to, I had others around me using iPads.

That helped convince us that visual marks that have a powerful brand identity of their own could be a good way to connect with buyers.

So we’re experimenting with an idea called the Transparency Mark, a digital proof a bit like a certificate of transparency or SSL. It’s a symbol that can be applied to packaging in shops or on websites through which consumers can find out more about a product.

The mark is a gateway for finding out the hidden information behind a product. Consumers can scan the symbol and see information about the software that runs on a device, including the terms and conditions and information about how data is used on it.

The Transparency mark could reveal information about the software that runs on a device. (Photo: Andrew Corrigan/IF).

We could also include information about things like the software supply chain. In 2014 security vulnerability Heartbleed affected the popular OpenSSL cryptographic software library used by many online services. Bugs are hard to detect, particularly if you didn’t know your app was running a vulnerable version of software. Understanding how your software is interconnected is crucial to discovering and managing any security issues or bugs that arise. Sites like Grepcode have begun to visualise this, but it’s still not readily available at point of purchase.

We’re also interested in the terms and conditions that govern the legal relationship we have with products, particularly with how our data is used. Terms of Service, Didn’t Read is a first step towards making terms more understandable, important in letting buyers better understand their rights. Our Data Licences project looks at how people could customise their terms and conditions to decide if and how their data is shared.

How our data is used with them is laid out in terms and conditions, but these are often hard to understand. The Transparency Mark can provide a space to communicate these in a clearer way to consumers. (Photo: Andrew Corrigan/IF).

It’s important to know this stuff

Already we’re having interesting conversations about the utilities and limitations of a mark like this. For instance, we don’t think scanning is the right way to interact with it; it’s quite awkward to do with a box in your hand and you have to have a smartphone to do it. But we recognise the mark needs to be digital in some way because connected products change.

There’s something valuable in making this information available and accessible to consumers and associating it with a symbol. Along with ideas like The Log and the Live advice tag they describe an ecosystem of services that could influence people’s attitudes to security when they buy connected products. These concepts aren’t finished, they’re just ideas at the moment but we’ll be developing them more soon.

You can look at what a Transparency Mark certificate contains on our website.

Thanks to Alastair Beresford, Mark Simpkins and Alex Kotenko for sharing their insights around standards and marks on products.

This post is part of a series about the Future of Consumer Advocacy, supported by Near Now. We’ve also been looking at how to show change in products and how data can help consumers make confident buying decisions.