October 29, 2010

Website Trust Marks: What They Are and How They Work?

Trustmarks are the images or logos that retailers can place on their websites to show that they have passed various security and privacy tests, and reassure customers that it is safe to shop on the site.

Believe it or not, but in the U.S., two-thirds of consumers now shop online, according to Yankee Group Research, which recently released a report that discusses the importance of trust marks to web merchants and their customers.

Clearly, online commerce is big business and trust marks are very critical to consumers who need assurances that they are dealing with a reputable website. It’s important for sellers to promote security because we all know cybercriminals and online fraudsters find it relatively easy to steal personal and financial data from consumers and merchants.

Trust marks, often displayed on a home page or the checkout page, can indicate a range of things, including whether or not the website uses certain encryption technology; if the business is accredited; or how thoroughly, if at all, the website is scanned for vulnerabilities that could be exploited to steal data and identity information from customers.

There is also the risk that displaying too many security logos and reassurances can be counter-productive. Check out this basket page from a website - there are 11 mentions of security, including five logos.

The intention to offer lots of reassurance is a good one, but it may have customers wondering why the retailer is so keen to reassure them.

Some very well known retailers aren't bothering with these Trustmark, and it doesn't seem to be doing them any harm. I couldn't spot any Trustmarks on Amazon.co.uk, though the 'sign in using our secure server' wording on the Amazon call to action does offer reassurance:

The Internet is a more dangerous place than ever, as organized cybercriminals focus on identity theft as a source of revenue. Trust marks can go a long way toward making e-commerce less stressful for consumers. Consumers who restrict themselves to using sites with valid and effective trust marks cannot just reduce stress, but increase their security and reduce their likelihood of identity theft. SMBs can benefit in two ways by displaying trust seals that show
they’ve taken measures to protect customers’ identities. Such seals can be both an effective marketing tool as well as just good Web security practice. To that end, Yankee Group recommends six ways consumers and SMBs can become more knowledge about what trust marks mean, and how they should be used.


Recommendations

The top six things consumers and SMBs should know about trust
marks are as follows.

Don’t trust; verify. Any consumer’s first approach to dealing with a Web site displaying a trust seal should be to click on the seal itself. Any Web site can simply copy and paste a GIF file of a reputable trust mark provider in an attempt to enhance its own appearance of security. A reputable trust mark provider will
have a live link attached to its trust mark icon, which should take visitors to a verification Web site of the trust mark provider. This is true of both the “hard” and “soft” categories of trust marks. Consumers should also be wary of seals that do have live links. In a technique borrowed from phishing, it is easy for
a criminal to display a live trust seal, linking to a staged “seal provider” Web site. In such cases, check the wording of the URL of the link, or type in the addresses of the seal provider into a Web browser and compare that to the suspicious site. Inquiring with the seal provider directly about a site displaying its logo is
also a good measure to take.

Not all trust marks are the same. Trust seals that provide a “set it and forget it” approach are of little use to both SMBs and their customers. Regarding soft trust marks—privacy and reputation—look for provider programs that offer regular audits of the measures and regulations they require of Web merchants
displaying the logo. Hard trust mark programs should have regular update checks as well. In the best-case scenario, daily scanning and audits of a merchant’s Web site infrastructure can ensure the highest level security and safety.

No single trust mark covers everything. There is no universal protection seal program. If consumers have multiple concerns about online shopping—wondering “Will this business keep my data safe?” and “Is this site technically safe?”—they should look for multiple seals. Some seal programs do cover multiple aspects of the four major areas.If privacy is the top concern, then that trust mark may be the most important. If there is fear about the vulnerability of a Web site’s infrastructure, then a security/vulnerability scanning logo is paramount.

Read the fine print. Both consumers and SMBs must know that logos or seals promising to keep data private should not be taken at face value. An organization may display the trust mark of a program, which requires them to post a privacy policy or give an opt-out option for personal data collection. However,
it is up to consumers to go a step further and actually inspect exactly what the Web merchant’s policies and procedures look like. Also, look for trust mark programs that give consumers some recourse in terms of third-party mediation or complaint handling. This is important to customers if they fear their personal information may be misused, or if they’re concerned a merchant might not be acting in good faith. SMBs that belong to such trust mark programs can also provide customers with a level of reassurance that their worries won’t go unaddressed or unheard.

Trust marks can help improve business. A trust seal is not just a piece of Internet eye candy or a hollow posture about security; consumers believe they work. As the Consumer Reports study indicated, 71 percent of consumers said they looked for these seals before doing online business with a merchant’s Web site. Competition for Web customers is about to get very hot for SMBs, with 33 percent currently using e-commerce now, and another 26 percent about to come online this year. An SMB showing a trust mark that demonstrates the use of strong security technology and identity-theft defense measures will stand out among the throng of small businesses that will be setting up Web shops soon.

Realize what online shoppers fear most. Identity theft is the greatest fear facing online shoppers. Through media reports and personal experience, consumers are increasingly aware that a malware infection can lead to identity theft and data loss. SMBs who know this can help relieve this e-commerce angst by choosing trust marks that prove that their Web sites undergo the most rigorous security testing and auditing procedures.

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More