Consumers Need an Education in Online Shopping Security 101April 30, 2015 No Comments
Featured article by Robin Alden is CTO, Comodo
You place so much time and effort into the design and content of your website to increase its “stickiness” and turn online browsers into buyers, and with good reason. Consumers are increasingly doing more of their shopping online while doing so on a wide variety of devices with different screen sizes. However, even if your site looks and performs better than your competitors, chances are if you don’t also immediately let them consumers know your site is legitimate and secure, they won’t bother to stop and browse.
Those are some of the key findings of the CA Security Council (CASC) 2015 Consumer Trust Survey report based on a survey of more than 650 consumers on their online shopping habits. A significant majority understands the security risks and look for the padlock symbol and the green bar that indicates a website has been verified as trustworthy by a Certificate Authority. They also admit to not taking some basic precautions to reduce their exposure to those risks. This creates an opportunity for any retailer large or small to build loyalty with existing customers and attract new ones by doing two things: developing and leading public education campaigns to teach consumers how to better protect themselves, and earning an SSL or even an Extended Valuation (EV) SSL certificate to increase the security of your site and reassure shoppers.
The CASC is comprised of leading global Certificate Authorities (CA) that are committed to the security of the Internet. The CASC recently commissioned Survata Consumer Research to canvas 670 adults 18 years or older who shop online at least several times each year. The complete 2015 Consumer Trust Survey report and accompanying infographic available to view online and download from the CASC’s website.
First, the expected result: consumers find online shopping to be quite important. While shopping in person at a bricks-and-mortar store still leads in terms of total spend, online represents more than a third of consumers’ budget (38 percent). You likely not only realize this, you may be planning to invest in technology to build out your e-commerce platform’s features and capabilities, if you haven’t started doing so already.
Marketing Land, a daily publication that covers all aspects of the digital marketing industry, in February reported on a new Forrester Research report that predicts U.S. companies will nearly double their spending on e-commerce technology between now and the end of the decade. Retailers have spent the last five years upgrading their commerce technologies to support increased revenues and to drive innovation. No surprise there, as Forrester cites one of the main drivers will be the worldwide growth in consumer spending online, which the firm expects e-commerce in developed countries to grow to $1.64 trillion in 2018.
Despite being well aware of the risks, consumers need to be more attentive to overall security issues. Most reported to have at least one device they don’t bother password protecting. The most common device left unguarded is the tablet, a device that 61 percent leave unprotected. Forty-three percent are happy to use Wi-Fi without regard to security issues, as long as it is free. Finally, 33 percent use just one or two passwords to login across all their websites. This is especially problematic when considering the number of companies experiencing breaches that resulted in stolen passwords within the last few years.
However, consumers do appear to have taken the time to try to educate themselves about how to identify secure e-commerce sites and avoid those that pose greater risk to their information and interactions. The majority are somewhat savvy about SSL security: they recognize the padlock symbol in their browsers’ URL address bars, and understand that padlock keeps them safe. They just don’t understand how.
The survey found roughly half (54 percent) admit to being unsure what “https” at the beginning of a website URL indicates, and also don’t know what they can reasonably assume from the padlock other than a general concept of safety (47 percent).
The Extended Valuation (EV) SSL certificate is less well-understood. While three of five respondents understand at a high level that the green bar means more safety, most (58 percent) don’t know companies are validated to a stricter standard to receive the EV certification.
A final question dealt with who consumers trust in the online realm. It turns out that financial institutions score highest in terms of consumer trust, followed by certificate authorities. Browsers, online merchants and stores offering free Wi-Fi come in last in terms of consumer trust. This explains why consumers look for the padlock.
Retailers trying to build up their e-commerce operations must realize their end users will not visit unless they trust in the protection of their private information. Using EV certificates provides the most reliable indicator of the trustworthiness of the site, and makes a very public statement of accountability to consumers.
The lesson for retailers is to use high validation to provide stronger trust and assurance to customers and to protect against fraud. Without the padlock, consumers are left to trust the online merchant exclusively. As we saw, virtually none of the consumers we spoke to are comfortable with that. Add a padlock (which is directly related to the trust consumers have for certificate authorities in general), and now 200 million Americans spend nearly $6B online. That’s pretty powerful for a padlock symbol smaller than the size of a pencil eraser!
Robin Alden is the chief technical officer of Comodo CA Ltd. He is responsible for overseeing Comodo CA’s operation as a Certificate Authority and is skilled in the area of PKI. He oversees all technical operations and industry standards-compliance for Comodo CA. He has extensive experience in developing and implementing global computer systems and solutions.
Prior to joining Comodo in 2000, Alden held senior programming and technical positions with British Airways, CAPS and InfoSys.
He earned a B.SC. in computer science & electronics from the University of London, and an M.Sc. in computer science from the University of Manchester.
 Source: Marketing Land, “US Spending On E-Commerce Platforms To Reach $2.1 Billion By 2019,” February 17, 2015.
CLOUD COMPUTING, Fresh Ink, SECURITY, SOCIAL BUSINESS