ecommerce-website-security

With Halloween right around the corner, spooky things are on everyone’s minds. Goblins and ghouls are fun when they’re make believe, but the internet is filled with dangers to fear that are all too real. That’s why your ecommerce site should have several safeguards in place to make your potential customers feel confident and comfortable when buying from you.

Is Your Ecommerce Site a Nightmare on Elm Street?

Your ecommerce site should be thrilling, but not in a scary-movie sort of way. According to a survey by Avira, 20% of consumers won’t shop online because they’re afraid. Of those who do shop online, 30% worry while doing so, and 22% only use well-known ecommerce sites. If you'd like to be able to build a sustainable business and sell better than well-known sites like Amazon, your responsibility is to make those shoppers feel comfortable sharing their financial information. Otherwise, they’ll run in the opposite direction, just like they would if they encountered Freddy Kruger in a dark alley. So, what can you do to make sure your customers get the safest and most secure experience?

Security Certifications

Consumers fear online shopping because of the potential for financial and identity theft. A Secure Sockets Layer encrypts their information the moment it’s entered to make a purchase. There are a few ways consumers can be sure an ecommerce site uses an SSL. The first is an address that begins with “https,” because that “s” stands for “secure.” Security when shopping makes those consumers feel warm and fuzzy, and that makes them more likely to convert to buyers. Some browsers even provide colored icons and visual cues to alert website visitors when they're not in a secured part of the website.

Some consumers many not be aware of that “s” in the address, and therefore won’t know the site is secure without other outward signs. A shield or badge of some sort proclaiming the certification authority goes a long way toward providing additional confidence. Some of the most popular security companies include VeriSign, GeoTrust, and Thawte. These certificate authorities offer full authentication and encryption between 40-bit and 128-bit. Quickly becoming the norm is a 256-bit certificate, so you may want to think ahead.

To provide security for your customers, the hosting provider must create a key and a Certificate Signing Request, which you provide to the certificate authority. The cost of your SSL certificate will depend on the size of your ecommerce site.

Authentication Layers

Your customers want to know their information is safe, even if they forget it. You can provide this peace of mind by requiring several verification layers before login information will be restored. For instance, if a buyer forgets his or her password, your site should require various security questions before sending an email to a pre-determined email address.

Once buyers click the link in the email, the address is then verified and more information can be shared. By requiring several steps, your company never runs the risk of providing private information to a third party.

PCI Compliance

Before your ecommerce site can accept credit cards, they must pass PCI compliance testing. The Payment Card Industry compliance assures customers you have taken every possible step to keep their credit card information safe. No matter what size your ecommerce site, you must comply with the PCI Data Security Standard if you accept credit and debit cards.

To make sales easier, many ecommerce sites may work with third-party processing sites in order to keep business moving. While this does remove some of the responsibility from your shoulders, it might cause new problems to arise.

Avoid Redirects When Possible

Buyers will receive notifications when the SSL certificate expires, letting them know that proceeding with a purchase could put their information at risk. This is where you’ll lose many consumers. Another way to lose buyers is to submit them to redirects that trigger another warning from the SSL certificate authority.

What this means is that any time a buyer clicks a link to buy something and leaves your site to do so, a warning will arise to let them know they’re no longer dealing with your ecommerce website but someone else entirely. This could be due to third-party credit card processing sites or simple redirects to purchase from another vendor. Whatever the reason, buyers may become spooked and choose not to continue with the sale.

Payment Options

Not all customers want to pay with a credit or debit card, especially if they’re worried about the latest security breaches with some of the largest ecommerce sites out there. Such breaches with Zappos and eHarmony made the news, and that kind of media attention makes buyers think twice before shopping online.

You don’t have to lose the sale just because buyers prefer not to use credit cards. Services like PayPal make it possible for consumers to shop at multiple sites without sharing credit card information every time. Because PayPal accepts credit cards or bank account information, buyers’ options are further expanded. Visa also offers secure shopping options with Verified by Visa, which works much in the same way as PayPal. A buyer’s information will be stored with Visa only, so they never need to enter their card information on unfamiliar sites.

Offering these options in addition to credit and debit cards may take more work on your end, but the trouble will be worth it in the end. You’ll be more likely to snag part of that 30% who worry while shopping, and maybe even a few of the 20% who never shop online at all.

 

What about you? What makes you feel safe or nervous when shopping online? Tell us below in the comments!


subscribe to inbound ecommerce articles

Image credit: TheBostonChow

Originally published Oct 16, 2013 10:00:00 AM, updated October 18 2023

Topics:

SEO Ecommerce User Experience