Encryption

The news that BigCommerce has just partnered with Symantec to offer its users a host of encryption products at no charge during the second quarter of 2017 is the industry’s latest effort to assuage concerns of online fraud in the minds of shoppers. Currently one of the biggest barriers to conversion in ecommerce, with regularly breaking news stories warning consumers of yet another security breach, ecommerce entrepreneurs are waging a constant battle against the fear of fraud in customers.

“With Encryption Everywhere, BigCommerce is ensuring its merchant base can provide a trusted and secure world-class shopping experience,” says Roxane Divol, EVP and GM of Website Security at Symantec. “Our goal is to give shoppers the confidence to trust a merchant is really who they say they are.”

While applying encryption technology to checkout processes has long been standard operating procedure in ecommerce, an enterprise ecommerce platform comparison reveals the best platforms in the business make it a point to secure all of a site’s pages, content and data with SSL encryption. This has been the case at Shopify for over a year, when it rolled out Encryption Everywhere technology for every store back in February of 2016.

When consumers visit your page for the first time, they automatically assess the safety of your store; this could include positive customer reviews, quality of interface and overall design. One of the most powerful indicators, however, is the padlock icon in the address bar that indicates your site is fully encrypted. Savvy shoppers will look for this whether they are on your checkout page or not.

Ironically though, these worries persist even as the sheer number of attacks has decreased. Of course, while there are in fact fewer attacks than in the past, the ones that still occur are far more successful. A 2015 study by Juniper Research found that with unscrupulous software engineers out there offering malware creation software as a product, hackers have become more successful, even while individual incidents of hacking have decreased.

As a result, the cost of data breaches is expected to hit $2.1 trillion globally by 2019. This is nearly four times the estimated cost of breaches in 2015—with fewer actual incidences of fraud being perpetrated. This means ecommerce platforms without adequate security are setting their merchants up for severe cases of financial liability, loss of consumer trust and lower search engine rankings. The latter is due to the fact that web browsers are being programmed to take positive steps to defend users visiting unsecure websites. As a result of this, sites with inadequate security are ranking lower.

Also recognizing the need for more concerted action in this regard, the Internet Security Research Group (ISRG) has launched the Let’s Encrypt initiative. The ISRG is a free, automated and open certificate authority, certifying domains at no cost. With Let’s Encrypt, it is now possible to set up an HTTPS server and have it obtain a browser-trusted certificate without any human interaction. This means ecommerce merchants can obtain SSL certificates regardless of the platform upon which their sites are built — as long as they are properly encrypted.

With some 97 percent of websites currently lacking even baseline security, there is a lot of work to be done in this area. Too many people are currently treating safety measures as an afterthought. However, with programs providing no-cost site encryption offered by leading platform providers, along with the efforts of the Let’s Encrypt initiative, online shopping will hopefully become more secure so consumers can feel more confident when making purchases online.