

Ask HN: Building a trust system into a social app - mshafrir

I'm starting out on developing my first social web app, and the question of trust and credibility keeps coming up in my mind.  My web app would be worthless without allowing users to input content into the system, but giving users unrestricted ability to input content would quickly fill the site with noise.  I need to have a good way to identify not only spammers and users who might try to game the system, but users who may inadvertently put in noise/bad data.  Likewise, I also want both the system and other users to be able to implicitly and explicitly recognize those users that should be trusted, based on the value of the content they have submitted.<p>I have seen the following approaches:<p>- voting system (e.g. Digg, HackerNews), wherein the trust is at the content item level, and the can be influenced by positive or negative voting - once the net voting passes a certain positive threshold, the content is made more visible to the community.<p>- feedback system (e.g. eBay), wherein the trust is at the user level and can be influenced by other users<p>- feature unlocking (e.g. StackOverflow, HackerNews), wherein users need to meet certain usage goals in the system in order to have access to features that are deemed to require higher trust<p>- human review, wherein content is submitted for approval and reviewed by an admin/maintainer user.  This approach certainly doesn't scale, but may be useful in initially "seeding the system".<p>My post is short on details, but I'd like to keep the discussion open as possible within the domain of trust in a social app.<p>I'm looking for suggest readings, anecdotes, experiences, etc.  What has worked in your app?  What exactly was the problem of "trust" in your social application, and how did you solve it?
======
tokenadult
_Likewise, I also want both the system and other users to be able to
implicitly and explicitly recognize those users that should be trusted, based
on the value of the content they have submitted._

I don't know what the subject matter of your site will be, but if this is your
goal it will be very important to seed the initial membership of your site
with persons who are known, on independent grounds, to have strong subject
matter knowledge. I presume there will be back-and-forth among participants so
that if one person says "Freedom is slavery," another person can disagree and
say, "Actually, freedom is not slavery." But presumably your site will be
intended to benefit visitors who really can't tell the difference about much
more detailed and debatable issues.

I'll give an example. There is a site about college admission anxieties,
College Confidential,

<http://talk.collegeconfidential.com/>

in which many participants make factual claims about how to reverse-engineer
the college admission process. One common way for people to attempt to gain
credibility on that site is to insinuate that they used to be admission
officers at some highly selective college. Because the site is "confidential,"
that is its users use screen names rather than real names, it is often very
difficult to verify such claims. It has not escaped my notice that users with
chutzpah and a refusal to acknowledge push-back from other users can often be
believed by onlookers even when making quite incredible and unverifiable
statements. If you think this would be a problem on your site, you might want
to think about how to designate verifiably more accurate and honest users in
some way that is visible to all visitors.

In general, I think the initial seeding of the membership of an online
community is very important. That is one thing that HN conspicuously got
right.

------
sachinag
Self-link: [http://www.slideshare.net/dawdledotcom/actually-useful-
trust...](http://www.slideshare.net/dawdledotcom/actually-useful-trust-
metrics-2008-08-09)

I give this presentation pretty often and am happy to get into the details
with you depending on your needs.

EDIT: Jesus, I didn't realize the notes didn't make it to SlideShare. The
point is that it's best to gather all the data you can, then tweak how you do
it. The more obscure your public-facing metric, the more flexibility you have
to adapt it as time changes.

Here's a great intro guide from Yahoo:
[http://developer.yahoo.com/ypatterns/parent.php?pattern=repu...](http://developer.yahoo.com/ypatterns/parent.php?pattern=reputation)

~~~
CalmQuiet
Most interesting slides and discussion. Do you have a link to downloadable set
of slides, or do we need to use the "link to email author for DL" on
SlideShare. [Always been a petpeeve of mine about slideshare that there seems
not to be a mechanism to print (e.g., 4/sheet) slides for off-line study.]
Gracias!

------
jfarmer
"but giving users unrestricted ability to input content would quickly fill the
site with noise"

Would it? Have you tested it? How do you know?

"I need to have a good way to identify not only spammers and users who might
try to game the system, but users who may inadvertently put in noise/bad
data."

Do you really need it? What's the worst that happens if you leave it out?
What's the best? What's the likelihood of each? What data do you base that
calculation on?

"Likewise, I also want both the system and other users to be able to
implicitly and explicitly recognize those users that should be trusted, based
on the value of the content they have submitted."

Sounds complicated. Why do you "need" to solve this problem? Do you even know
it's a problem yet?

I'd put the simplest product in front of users and see what happens. Maybe you
won't have to build your mega-meta-trust-network after all. That seems like a
win.

------
jhp
I worked on one of the largest simulated markets on the web and offer the
following advice:

\- Use basic human motivation to encourage real participation. Points scored
and virtual awards work well, but only if you can control system-gaming and
inflation.

\- Make sure that each account is connected to a confirmed email address or
social network account.

\- Spend time looking for people who are creating multiple accounts for the
purpose of gaming your system (same IPS, repetitive names / passwords).
Disable what appear to be the spoof accounts and email the core account about
why you did it.

\- Have a clearly defined policy for what is acceptable behavior and penalize
as much bad behavior as is necessary. Make sure to show the community that
there is enforcement.

\- Maintain contact with helpful members of the community who can key you in
on problematic individuals or exploitable flaws in the scoring system.

------
bjclark
There's a larger concept that I think you are overlooking. Real identity vs
Hidden Identity (or Psuedo Identity). This is the fundamental difference
between Facebook and Myspace. People tend to act very differently when they
are using their own identity (portrait of themselves, real name, etc),
sometimes negating the need to even have a "karma" type system.

Also, if your "social" app requires friend requests/acceptance, as most
"social" apps do, you further negate the need for a trust system. This is
because the mere existence of friending/friend clusters are used in place of a
trust system. You're implicitly trusting everyone you "friend".

~~~
mshafrir
That's a good point. I was originally thinking more along the lines of a flat
user model (e.g. any social news site), in which everyone contributes to the
whole, rather than a relationship/network-based model, in which certain users
interact with other users, but not necessarily the whole (e.g. Facebook,
Myspace).

~~~
bjclark
Yeah, I think there's a disconnect in our vocabulary here. I see them as User
Generated News Sites which is a different mentality than Social Networking,
which I assumed when I saw "social web app".

So my comments probably don't apply as much.

------
tlib747
I can add yet another approach to your list, the one that we've developed for
trustedones.com (a trust-based social networking app).

Basically, we mimic the word-of-mouth recommendation model. The people you
trust the most, are those you know well - yourself, friends, their friends,
and then all trusted ones (the wisdom of the crowds). You build your own
network of people you trust, and quickly slice and visualize information.

Here are a few links that you may find interesting. We're still tweaking
stuff, so let me know if you have any thoughts on what we can do better.
<http://arnox.trustedones.com> (my page)

[http://maps.google.com/?q=http://www.trustedones.com/feeds/g...](http://maps.google.com/?q=http://www.trustedones.com/feeds/gearthinl/arnox.kml%3Ftopic=%26wisdom=0)
(all of my local recommendations on a map)

[http://www.trustedones.com/topic/restaurant-
local/listing/bo...](http://www.trustedones.com/topic/restaurant-
local/listing/boston-beer-works_112-canal-st-boston-ma) (sample
recommendation)

------
theklub
I have a similar problem which a website I'm building. Right now I'm having
the users keep the data in their accounts until they submit it to be public.
They are awarded points for good data which unfortunately needs to be human
reviewed.

~~~
mshafrir
How big of an effort is human review in your app? I was considering this
option well, but it obviously doesn't scale.

~~~
theklub
Well because most of the data needs to be referenced in my case I force users
to include a link to their source helping minimize time spent. Data accuracy
is essential on my site though and without it my site would just be another
unreliable source on the web.

I haven't completely opened my website so I can't say how big of an effort it
will require in the future. But I plan on possibly using Mechanical Turk or
some other similar source paying penny's for accuracy verification.

I'm interested to know what your working on. Do you have an email address I
can contact you at?

~~~
mshafrir
yup, i added it to my profile. it's [my hacker news screen name]@gmail.com

------
peterbraden
I did a study on malicious behaviour in social networks, and in my research
the best way to build trust seemed to be to encourage an identity - cheap
pseudonyms tend to attract trolls. 2 secs and I'll look up the paper for you.

~~~
peterbraden
Friedman*, E. J., and Resnick, P. The social cost of cheap pseudonyms. Journal
of Economics & Management Strategy 10, 2 (2001), 173–199.

------
bayareaguy
advogato tried to do this for open source developers.
<http://advogato.org/trust-metric.html>

