brant.peterson@vantiv.com

Do eCommerce Security Badges Establish Consumer Trust?

Blog Post created by brant.peterson@vantiv.com on Oct 19, 2017

Customers expect their payment data to be protected when used online. As they make a conscious decision when their cardholder data into a website, if the checkout page doesn’t resonate with a sense of trust, they will abandon their cart. 

 

Cart abandonment can be anywhere from 55% and 75% and of those consumers who dropped out of a purchase, 17% mentioned “concerns about payment security” as a reason as they didn’t enter their credit card information into a site[1].” 

For face to face transactions, the indication of the chip embedded in their credit card is obvious. While chip cards were designed specifically to reduce fraud at the POS, customers recognize the difference from dipping their card into a POS device versus swiping, which was an experience change the US market had to overcome.  The challenge with eCommerce in the chip card era is that there has not been a customer experience change, so cardholders are unable tell the difference from a secure or non-secure experience. This means that customers have to rely on their personal intuition, rather than facts, in order to proceed or drop out.

 

 

The Perception of Trust

 

If cardholders are only relying on perception, then how do they know when ecommerce retailers have invested significant resources and money in adequately protecting their sites? In some surveys, as many as 61% of participants said they had decided not to purchase a product because it was missing a security badge.

 

A trust badge, or trust seal, is a symbol placed on websites that ensure the customer that site is legitimate
and that all their personal data is collected securely through trusted third-party service providers.  Such examples are visual padlocks and or shield marker strategically placed by the payment forms to encapsulate the payment fields from the rest of the page.

 

The most common badges used are SSL (secure socket layer) seals, symbolizing a secure connection for credit card data to be transmitted for processing. While these badges establish customer data protection through use of cryptography, SSL doesn’t actually prevent attackers from stealing payment  data to be used for fraudulent transactions, which is ultimately what customers care about most.

 

Customer Perception is Vital

 

Cardholder perception is more important than actual implemented security, and the absence of visual cues of confidence like a trust badge can lead to customer skepticism, and may be willing to switch to a different site where they feel more secure.  

 

What’s even more interesting is that some findings state that placing any type trust badge on a site helps establish credibility with consumers – even if the customer doesn’t really understand what the badge embodies, or who the third-party service provider is.

 

More concerning is that retailers can purchase trust badges at online marketplaces, creating a false sense of security without implementing actual security to stay abreast with the ‘me too’ philosophy. In the fast-paced paced eCommerce
environment, do customer’s dedicate the attention and time or possess the technical experience to differentiate from the two badges below?

 

If customers don’t have the technical expertise to identify legitimate sites from imposters, what are their requirements beyond personal feelings, and who is enforcing misuse of their confidence?

 

A Shift Beyond Perceived Security

 

Turkish ecommerce is already moving in this direction through the Communique on Trust Seal in Electronic Commerce, established this year to foster more trustworthy environments by regulating security standards for obtaining a trust seal for eCommerce websites. The Communique aims for better adoption of legitimate trust seals by ensuring that providers
meet certain security standards, best practices, and punishing those that abuse.
[2]

 

While the deployment of legitimate trust badges like McAfee and VeriSign have been deployed in US  ecommerce environments, the breadth of third-party badges has created dilution, resulting in customers having to interpret who these organizations are and if they can even be trusted.  Though the saturation of badges has resulted in fragmentation, this has proven to be an effective means to establish trust, but given the anticipated growth of US ecommerce over the next several years, this model won’t scale.

 

Universality is Needed

 

In order to scale beyond perception, the payments industry needs an interoperable CNP icon that represents these characteristics much like the chip card has embodied security for card present transactions. While there are global security standards for the web like W3C and OWASP, cardholders wouldn’t recognize these bands as they are
aimed at protecting for data for financial institutions with protecting data, rather than end customers.

 

Given this consumer obstacle, while it makes sense the payment networks like Visa and MasterCard develop a graphical element that possesses credibility, it would also be more beneficial for the payments industry to build awareness through a totally new archetypal icon that embodies technical security and trust the market has yet to see.

 

 


[1] https://monetizepros.com/ecommerce/5-trust-badges-that-can-increase-your-conversion-rate/

[2] http://www.mondaq.com/turkey/x/634844/Consumer+Law/Trust+Seal+In+ECommerce

Outcomes