With news outlets regularly informing us of huge data breaches and security failures from global companies such as the likes of Facebook, Marriott, Ebay and Sony’s Playstation Network, data security and the encryption of our information has never been highlighted more than in the last few years. People, especially online shoppers who are parting with sensitive credit card information online are now more aware of potential security flaws in websites and are quick to look for alternative online shops should an eCommerce website look unsafe. If you are not taking security seriously on your website then not only should you expect your conversion rates to be negatively impacted, but should a breach occur you could also expect a fine by card processors should you not meet the required regulations.
There are many things you can do to make sure your store is safe and secure for your online customers, but one of the most key things you should make sure your store has is a secure encryption throughout the whole website.
A quick way to check if your store is encrypted is to look at the URL and make sure the prefix is ‘https’ (notice the ‘s’ on the end), have a closed padlock to the left of the URL and have a valid certificate when you click on the padlock. If your online store does not have this, then you should look to rectify it with the upmost urgency as you are putting your customers data at risk! Even if your website doesn’t collect financial information, search engines and browsers have made it clear that every website should have Transport Layer Security (TLS) and if yours does not, expect visitors to be warned as chrome does on the below example.
The above warning to your potential customers is certainly going to make them think twice about making a purchase from you and alongside this, if you’re an eCommerce store taking payments online, its highly likely that the terms of your merchant account require you to be encrypted to take payments and not being so can land you with a big fine.
Note: The predecessor to TLS, Secure Socket Layer (SSL), is now depreciated and should not be used. This is the same for TLS 1.1. Only TLS 1.2 and above must be used.
Switching your site from http to https can be a lengthy process and there are various considerations to make before you make the switch to ensure sure you do not negatively impact your organic search rankings.
To help you make the switch, we’ve put together a list of factors you should consider before purchasing and adding a certificate to your website.
The benefits of making sure that your site is encrypted outweigh any work or outlay to get secured. The plus side includes:
To conclude, security is a topic that should be taken seriously whether you are a large company or a small business. Just because you are small does not mean you will not become a target. With that in mind if your website is not protected, it should be top of your list to rectify.