Why a picture of a watering can?
June 25, 2008 7:22 AM   Subscribe

How do sites choose their security pictures? I'm talking about the images that some sites (like banks' websites) use so that you know you are logging into to the real site and not some spoof site (at least I think that's what they're for).

The pictures all seem to have a certain quality that I can't quite put my finger on. Is there some aspect that makes a picture a better security image? I'm just curious. Thanks.
posted by bluefly to Computers & Internet (6 answers total)
Are you thinking of a CAPTCHA or a favicon? Can you provide an example?

Any image can be copied and faked. The only guard against phishing is the URL and site certificate.
posted by cowbellemoo at 7:42 AM on June 25, 2008

Those images are just like the royalty-free images you can buy for "clip-arty" additions to documents. I think they are just buying a package of photos that are all of "things". You may be over thinking the level of intent by the banks, et al.
posted by qwip at 7:44 AM on June 25, 2008

I believe bluefly is talking about this type of image.
posted by null terminated at 7:47 AM on June 25, 2008

The only purpose those images serve is to be memorable enough that if a phishing site failed to display it to you, you'd notice the difference. It could just as easily be a number or some text, but I assume they decided images would be more noticeable.

The pictures all seem to have a certain quality that I can't quite put my finger on

That would be "cheap stock art."
posted by ook at 7:54 AM on June 25, 2008

Ah, I see. Then what qwip said. Furthermore, product photography tends to have very standardized soft lighting, so that may be what seems odd.
posted by cowbellemoo at 8:00 AM on June 25, 2008

Most of these images use RSA Sitekey technology, essentially to authenticate the site to the user, precisely to prevent phishing type attacks. There have been a number of challenges to the effectiveness of the technology, and a study that showed that people essentially ignored the images. RSA, however, provides the images as part of the solution, so they're all stock art that RSA has licensed.
posted by um_maverick at 9:46 AM on June 25, 2008

« Older How to fix a leaky basement   |   How to get started with surfing in the UK? Newer »
This thread is closed to new comments.