Posted Extended Validation Solutions for SMB Ecommerce success: Secure128 on Blog
Guest Blogger: John Monnett, V.P. & Partner, Secure128
Shopping Cart Abandonment is a Staggering 70%
In 2014 we’re living through an online revolution. When I started my university undergrad work in 1991, there was virtually no such thing as “e-commerce” as we know it today. In 2014, worldwide business-to-consumer ecommerce sales are estimated to reach nearly $1.5 Trillion.
How can those of us SMB owners capture a share of the ecommerce market most efficiently? There are many contributors to that conundrum, but one of the simplest ways to decrease website shopping cart abandonment is by increasing the level of trust that visitors have in your website—from the moment they arrive. Shopping cart abandonment rates average a staggering 70%, and a key driver of abandonment is lack of visitor trust at the moment of truth: the transaction.
How Can SMBs Compete and Reduce Shopping Cart Abandonment?
Most SMB website operators don’t have the same level of brand recognition and trust that companies like Ebay, Bank of America and Symantec have built over time. Instead, sites like ours only have a brief moment to establish the same, irrefutable level of confidence as the big names. We need to leverage a combination of credible tools like the Extended Validation green bar, an HTTPS “always on” encrypted site and trust seals from Symantec, the leader in online trust. They help us:
• Secure our websites properly
• Prove our legal identity to visitors
• Align our web properties with the most recognizable security brands
We do business with Symantec because they have an extensive portfolio full of “Right for Me” solutions to help Secure128 and our customers. They have the right solution for every SSL/website security need to help inspire the same level of trust as our larger, widely recognized competitors and to level the playing field. So instead of trying to compete on brand recognition against the larger, more established companies, we can absolutely compete on trust and security.
Always On SSL + Extended Validation: A Powerful Advantage for SMBs
Securing our websites is most effectively done with encryption via SSL Certificates. And now “Always On SSL” with HTTPS encryption is becoming the security standard of web giants such as Paypal, twitter, facebook, etc. Even to the point that now Google is boosting rankings for HTTPS/SSL websites . Deploying SSL certificates across all website properties is no longer an option; it’s a requirement of operating an effective and secure business online. From a revenue increase perspective, the problem is that basic SSL certificates (also called DV or Domain Validated SSL) provide encryption only. The biggest mistake most website operators make is only encrypting their websites and providing visitors no way of verifying their true business identity.
For example, when shopping online for that perfect gift, your search lands you on a website you’ve never heard of with no easy way to verify who really owns and operates the website. Only Extended Validation (EV) SSL Certificates were created to bridge the gap between encryption AND ownership validation of websites. EV SSL Certificates not only verify domain ownership, but also the legal and governmental business registration status of the certificate/website owner. This information is then displayed at the browser URL level:
A simple click on the padlock will verify the physical location where each EV SSL website organization is registered to do business. The EV SSL functionality standards are standardized by a Certificate Authority / Browser regulatory group, and audited annually for Webtrust certification. Now, what does this mean to a website visitor and potential online customer? It means that no matter how non-technical they may be, the green URL bar displaying the website’s legal owner is going to be hard to miss, and has been proven to instill more trust in the website’s visitors and increase conversion rates.
The Leader in Online Trust, Always the Right Solutions
With every Certificate Authority offering their own brand of EV SSL options, decisions in making the selection that is right for your business comes down to both price and which brand is going to be most recognizable to your site visitors. In an independent 2013 survey by the Baymard Institute, all three of Symantec’s EV capable SSL branded site seals were ranked in the top 7 most recognized (Symantec, thawte & GeoTrust).
When you look at Symantec’s complete solutions portfolio, you’ll see the widest range of value, functionality and proven results for Symantec’s three SSL brands, especially when it comes to EV products. Symantec is is quite flexible for all website budgets making it easy to choose the right solution for you. For high volume web properties, brand recognition and performance issues take priority which makes Symantec’s industry-first Elliptic Curve Cryptography (ECC) Algorithm my EV SSL option of choice for larger e-commerce sites.
In the bigger picture, all of us web based business operators are trying to achieve similar goals of growing website traffic, boosting conversion rates, and increasing our online sales revenues. All of us invest significant resources into our websites in terms of design & development, marketing, advertising, security, etc.
Given those common goals, if I could tell you that by converting your entire sitemap to HTTPS using Extended Validation SSL from one of Symantec’s globally recognized brands (Symantec, thawte, or GeoTrust), you could significantly increase your online sales revenue and only increase your annual budget by a fraction of a percentage… would you do it?
My fellow website operators, that’s exactly what I’m telling you!
Mar 07 2018, 9:10 AM
Posted Better Website Security and Google Search Rankings for SMB’s with Always On SSL. on Blog
Often considered the backbone of global business, SMBs are a unique mix of entrepreneurial drive, daring ingenuity and highly customer-centric practices.
SMBs need to compete in the virtual marketplace with players of all sizes, where square footage doesn’t matter; they are forever seeking ways to stay competitive. One arena where they have a greater chance to level the playing field is in the virtual marketplace. They have more opportunities to take advantage of a variety of digital platforms, from Web-based businesses and social media outlets to SEO to mobile devices, all for a faster time to market. The Internet allows SMBs to use their limited budgets in ways that they can impress customers and help their brand become more relevant and recognized—even amidst enterprises with extensive budgets and brand
What can SMBs do to stay competitive and maneuver quickly in the digital world, without compromising data security or breaking their wallet? The answer is “Always On SSL” from Symantec, also known as HTTPS everywhere. It’s ideal for SMBs working online, and supported by major digital players like Google, PayPal, Facebook, Twitter and Microsoft. Keep reading to learn how this powerful form of SSL will completely secure your data in transit and help improve search result rankings.
THE COMPLETE SSL SOLUTION: BROUGHT TO YOU BY THE LETTER “S”
Imagine locking the front door to your home but leaving the back door wide open. That is essentially what happens when websites use common HTTP SSL, otherwise known as “Intermittent SSL”, to protect only certain pages, like logins and transactions. Some companies think they are protected against data theft and hacking by only applying "Intermittent SSL” to one or two areas of their site but they are really leaving the rest of their site completely exposed and vulnerable to attacks such as Sidejacking.
How can you protect every page of your website, and keep your customers safe? With Always On SSL from Symantec.
ALWAYS ON SSL MEANS ALWAYS SECURE AND ALWAYS CONFIDENT.
As a member of the Online Trust Alliance and CAB Forum, Symantec has always advocated Always On SSL, which means that each and every page on a website has an HTTPS:// (i.e. SSL certificate), and not just the login and transaction pages. Moving from an "http” site to a fully “https” secure site is the only way to 100% ensure that every interaction with every page of your website is completely encrypted—from the moment a visitor arrives to the moment they leave. Protecting login and transaction areas alone doesn’t prevent hackers from stealing the cookies that store a user’s session. If those cookies are stolen, attackers can use them to recreate a website session and gain access to all kinds of sensitive data—over and over again. Slidejacking (using Firesheep) and SSL Strip are common types of attacks that prey on vulnerable sites with limited security. In the end, unprotected pages and their associated cookies negate any effort and expense put toward protecting login and transaction areas with Intermittent SSL.
THE FINANCIAL IMPLICATIONS OF DATA BREACHES
To put end-to-end data protection in financial perspective, in the US alone, in 2012, almost 35,000 data breaches occurred—with over 100,000 data breaches worldwide. It cost US businesses $5.4 million to find the causes of these breaches, including direct expenses like data forensic experts and hotline support for free credit monitoring and indirect expenses like in-house investigations and communications and lost customers.* Malicious or criminal attacks were the main causes of data breaches, and they could have been reduced, prevented and even anticipated with Always On SSL.
* 2013 Cost of Data Breach Study: Global Analysis, Ponemon Institute
GOOGLE IS NOW GIVING MORE VALUE TO SITES THAT ARE PROTECTED WITH ALWAYS ON SSL OR HTTPS—AND SO SHOULD YOU
One major endorsement of Always On SSL –specifically end-to-end HTTPS encryption—came from Google on August 6th, 2014 via its Online Security blog. The plan is to give more weight—or better search ranking results—to sites that are fully HTTPS encrypted. And the reason is pretty simple, according to Google Webmaster trends analysts Zineb Ait Bahajji and Gary Illyes. “We’d like to encourage all web site owners to switch from HTTP to HTTPS to keep everyone safe on the web. A big part of that is making sure that web sites people access from Google are secure.” Their message couldn’t have been clearer: “We hope to see more web sites using HTTPS in the future.” It’s about encouraging sites to change the way they protect themselves for the better—and to fully protect data in transit all over the web. You can see a full Google presentation on the importance and implications of HTTPS here.
HTTPS HELPS SMBs COMPETE BETTER
Protecting your site with HTTPS can help SMBs compete better in the virtual marketplace by:
• Improving brand recognition in Google rankings—especially against larger companies who may not have embraced HTTPS. At the very least, SMBs can benefit from a level playing field by adopting HTTPS.
• Making the most of better search results, Symantec’s Seal-in-Search™ can lead to a higher click-through rate by displaying the Norton™ Secured Seal—the most recognized trust mark on the Internet—right in the search result.
• Strengthening brand and reputation by showcasing your commitment to online security.
• Increasing transactions and conversion rates.
• Protecting the entire user experience and all data in transit—not just at login or during a transaction.
• Using Extended Validation for the highest visible display of trust.
Symantec has a variety of proven Right for Me SSL solutions from our multi-brand portfolio. We can help any kind of business choose the “Always On SSL” solution that best meets your needs—from a single SSL cert to Wildcard and SAN certificates to Extended Validation certificates, which displays the green bar. All of our certificates feature the highest level of encryption, protecting data in transit such as identities, cookies and financial information.
ALWAYS ON SSL ISN’T NEW, BUT ITS TIME HAS COME
For years Always On SSL has been advocated by industry leaders, including Microsoft, PayPal, Facebook and Twitter. Together with Symantec, they are part of the Online Trust Alliance (OTA), whose mission is to enhance online trust and empower users, while promoting innovation and the vitality of the Internet. “It is incumbent on all of us to work together to implement web security best practices to protect consumers from harm,” according to the OTA’s white paper. “The general state of online security throughout the industry has reached a tipping point, and websites must change in order to preserve end-to-end trust and consumer confidence. One of the most important benefits of Always On SSL is customer reassurance.
WHAT YOU CAN DO FOR COMPLETE WEBSITE SECURITY
Here are some steps you can take to ensure end-to-end protection with “Always On” HTTPS:
1. Enforce Persistent HTTPS on Every Web Page
Secure clients’ personal information, identities, and cookies by having https enabled for every web page. Learn more here.
2. Ensure Correct Implementation of Your SSL Certificates
To enable HTTPS, you should use a valid SSL/TLS certificate from a trusted certificate authority (CA) like Symantec, telling your customers that the domain’s identity has been verified and authenticated by a trusted source. Learn more here.
3. Set the Secure Flag for All Session Cookies
A session cookie can be set with an optional “secure” flag, which tells the browser to contact the origin server using only HTTPS whenever it sends back a cookie. This will also enable reliable, proactive HTTPS protection and reporting.
4. Enhance Security and Trust with Extended Validation Certificates
To reassure customers of a website’s value and security, use an Extended Validation (EV) SSL certificate from Symantec. The green address bar provides an organization’s name right in the cert and visually makes customers feel more secure of a website operator's identity reassuring your clientele they are safe to proceed on your website.
For more insight, try these articles:
Google smiles on safer connections (Internet Retailer August 8, 2014)
Understanding Always On SSL and SEO (Symantec | Connect January 2014)
Mar 07 2018, 9:10 AM