Coolness at Spire – Drop Everything and Read it Now

So, if you haven’t read it yet, drop everything and go read Pete Lindstrom’s PCI and Social Proof over at the Spire blog. Not only is it awesome – and right on the money – but it references the awesome Robert B. Cialdini (who’s always right, as it turns out). Plus as a side note, the name “Spire” is cool – it evokes all kinds of cool images, like the one just yonder to the right of “Frostcrag Spire” from Elder Scrolls: Oblivion.

Pete’s point is that PCI ties directly to “Social Norm”/”Social Proof” – basically, it establishes a set of normative values in the merchant community, ergo people care about security because that’s what everyone else is doing. I agree with that.

But I also think there’s another Cialdini factor at work – which is “Commitment and Consistency”. I.e., companies commit to being PCI compliant by buying into the compliance process and filling out the SAQ or hiring an assessor. So they become “the type of people who care about security” and hence their concern about it becomes self-feeding and self-enforcing. Pretty interesting.

Props to Pete for pointing out the connection.