Online shopping is one of the great luxuries consumers have. It is quite rare that you can’t find what you are after from the convenience of your couch.
Everything from electric devices, those sunglasses you were after and even bike-delivered lunches while you’re at work, anything is possible. So as more and more consumers take to online shopping, business owners need to ensure they are offering a safe platform to do so.
For a business to have a successful relationship with consumers online, a certain level of trust must be established, especially if payments are involved. Customers need to be ensured that their personal details are secure when making payments. There is nothing more damaging for a company than having insufficient security on its e-store.
Symantec says the impact sometimes-overlooked toolkits can have on SMB websites is worthy of note because if your web server isn’t properly patched and secured, it could play host to an attack toolkit. According to the Symantec Intelligence Report, 2,189 malicious websites were blocked per day throughout July which was a four per cent increase from the previous month.
Another security aspect that needs to be acknowledged is Secure Sockets Layer (SSL) encryption and it being integrated into your website. SSL ensures that information (including credit card information) shared with your website is encrypted, meaning they are turned into a code that is difficult to unlock. The scheme credit cards require all merchants and payment companies to be PCI compliant, this means that the communication with customers needs to be secured and also the information when residing on the merchants servers need to be properly protected. Even if the data is compromised, the credit card details will be coded, meaning they will be useless to the cyber criminals who committed the crime. Having SSL fitted will also change the beginning of the payments URL to ‘Https’ and will usually turn the text screen and show a small padlock icon. This ensures customers that this particular page is secure and is a must for all payment pages online.
With the continued growth in the mobile device market, more and more consumers are shopping online, on the go. If your site is mobile accessible, be sure the same security measures are applied. With the growth of tablets and smartphones, comes the growth of applications, and businesses are now adding them to their online payment options. An example can be found with the popular auction site, eBay. eBay has created an easy to use application that allows users the convenience of being alerted of when they have been outbid, to search for items and also pay for products they have won. As with many apps, it is not uncommon to stay logged into them once you have exited them, making it easier to start off from where you left when returning. This is where security issues may lie.
If a smart phone were to be misplaced or stolen, a customer’s financial information could be at risk. If they had stayed logged in to the app which had their profile information including credit card details, the unauthorised user of the device could make purchases on their behalf. They would simply need to change the delivery address to ensure they receive the illegally purchased items. When creating an app that stores financial information, it must be built so that before any purchase, a password is needed or simply that you must log in again once you have exited the app.
Before creating their app, eBay addressed these problems. Before any payment, a password is needed. All the users other details are pre-loaded meaning they don’t have to input their delivery address, it simply means that their money cannot be spent without their password. They have also included a ‘keep me logged in’ option in the settings of the app to combat any want-to-be thieves that want to access a device without concession.
One of PayPal’s original selling points was that instead of sharing your financial information with every online merchant that you transacted with you only needed to share it once (with PayPal). At POLi we have taken this one step further with our payment offering. With POLi customers do not share their confidential information with anyone except their bank –we believe that if consumers cannot trust their bank they should not be shopping online. At no stage does POLi capture any sensitive user information and no registration is required.
We can see that online shopping is successful and popular, but it needs to be properly addressed before committing. There is no room for error and a sub-par online payment option will not only lose you money, but your customers’ money could also be at risk from malicious software and cyber criminals. By abiding by these security tips your customers can rest assured their personal financial information is safe and you can continue to utilise technology to grow your business.