Retailers Report Sales Bounce Using Security Certificate - InformationWeek
02:07 PM

Retailers Report Sales Bounce Using Security Certificate

Sites showing proof of increased Web security say that up to a third more people went beyond shopping and actually bought, according to an auditing firm.

Can you boost sales on your Web site by promoting your use of tough security? Web-site auditing firm ScanAlert argues that the answer is yes and says it has the facts to back up that claim.

ScanAlert says it has analyzed the shopping behavior of more than 300,000 visitors to 11 online retailers. Sites showing "proof" of increased Web security enjoyed a 10.5% to 33% boost in converting browsers to buyers.

ScanAlert's service, Hacker Safe, does what standard Web-site security-scanning software does, only with a twist. Starting at $149 a month, the company scans Web retailers' sites for security holes, which are often caused by unpatched systems or unnecessary services running. If a site is found to be vulnerability-free, it qualifies to post the Hacker Safe certification on its site. Retail Web sites are scanned daily, and, should a vulnerability show up, they have 72 hours to fix the flaw or lose the Hacker Safe designation.

In a test begun in October, half the visitors to participating Web sites were shown the Hacker Safe certification, while the other half were not. Online retailer reported a 33% increase in buyers among those shown the certification, improved sales by 32%, and saw an increase of 13%.

"The results surprised me," says Ken Lovett, president of CDconnection, which has been selling CDs online since 1990. He also notes that a site has to work to display the certification. "You have to keep earning the right," he says. If a problem is spotted, "you get an urgent alert and have to fix it or they'll bounce you."

No automated vulnerability-scanning application can spot all flaws that might leave an open door for hackers. But ScanAlert says its service will protect consumers from 99.9% of credit-card fraud and identity theft caused by hackers.

Analysts aren't so sure. "That's hyperbole," says Eric Ogren, a senior analyst with the Yankee Group. But using the service does send a message. "It shows that the retailer is doing much more that other retailers and that security is important to them." Ogren says he doesn't know of any other vendors providing a similar service.

In the past year, numerous Web sites have been hacked and crucial customer data stolen. That has made some people leery about shopping online.

Consumer Janell Elyea, who has been buying things from Web sites for about five years, says she's cautious. She uses the same credit card, which has a modest credit limit, for all online purchases. "I look carefully at my billing statement every month," she says. She says the Hacker Safe certification would give her some added confidence, but not much. "I don't think I'd choose one retailer over another because of it," she says. "There's really no way to make Web sites completely safe. I think most already know that the little lock at the bottom of the screen doesn't mean much of anything."

Perhaps. But Web sites that see a boost in sales find ScanAlert's sales pitch compelling. "Just a 1% boost would have justified the expense," CDconnection's Lovett says. If such sales increases hold up over the long term, more online merchants are likely to see if they also can boost sales by boasting of better security.

Elyea says she'll continue to check her credit-card statement each month, even from sites sporting the Hacker Safe certification. That's a good idea. ScanAlert's disclaimer reads, in part: "ScanAlert makes no warranty or claim of any kind, whatsoever, about the accuracy or usefulness of any information provided herein or the security of the Website herein rated."

According to ScanAlert, less than 2% of Web browsers bother to click on the certification mark to read the disclaimer.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll