The recent holiday shopping season was a bonanza for online retailers: Americans spent a record-breaking $35.3 billion in online retail purchases during the holiday season. Analysts are predicting US ecommerce sales will hit $210 billion this year (7% of total retail sales). This is great news for online retailers, but as more and more people make purchases online, hackers have more opportunities to steal their personal and financial information, which can be easily sold on the black market.
Customers expect online merchants to take the necessary steps to prevent hackers from breaking into their servers. One survey indicated that security was the second-most important factor in whether or not respondents made an eCommerce purchase: 76.5% said whether the eCommerce store “looks credible & trustworthy” influenced their decisions. If your eCommerce store isn’t secure, you could be losing three-quarters of your customers!
In order to secure your eCommerce store, you need to make sure you have an up-to-date SSL certificate and use a robust payment gateway.
An SSL certificate (short for Secure Sockets Layer, in case you were wondering) creates an encrypted channel for information exchange between the customer’s computer and the eCommerce site’s server. VeriSign Authentication Services, the most widely recognized eCommerce security certification authority, explains the process with this handy chart:
SSL certificates, which are used by major eCommerce sites like eBay and Amazon, indicate the site’s security in a few ways. In the browser bar, the address will change from http:// to https:// and a security symbol will appear. For example, when a visitor pulls up the regular, unencrypted eBay website, the browser bar looks like this:
But when the user clicks on the “My eBay” button, the information becomes encrypted, and the browser bar indicates the change:
Online shoppers can click on the green security indicator in the browser bar to see the eCommerce store’s security certificate:
We recommend using one of the following products to secure your eCommerce site:
1. VeriSign Secure Site Pro with EV (Extended Validation)
2. VeriSign Secure Site with EV
3. Thawte SSL Web Server Certificate with EV
The payment gateway is another important factor in eCommerce security. This is the system that communicates between the customer, eCommerce store, and bank. When the customer hits the “Submit” button, the SSL encrypts and sends the info to your website, which sends it to the payment gateway. Then the payment gateway communicates with the bank to approve or deny the transaction, and sends back the response. The gateway also sends money from customers’ banks to yours.
We recommend using one of these payment gateways:
1. PayPal Payflow Pro
For Putnam Toyota eWarranty Online, we used VeriSign Secure Site with EV for SSL certification and Authorize.net as the payment gateway. Having both of these security seals prominently displayed helps Putman assure visitors that their warranty transactions are secure.
If you have questions about which SSL certificate and payment gateway combination is right for your eCommerce store, contact us for a consultation.