I’m sure you’ve had this experience at least once before.
You’ve taken ages to do the research and you’ve finally found an item that satisfies all your requirements and fits into your budget.
You add it to the cart, pleased with the deal you’ve found and get redirected to the payment screen.
Wallet out, card at the ready you start to enter the required details; full name, home address, mobile phone #, email and finally you get to the card data.
Something within you instinctively makes you pause and look up at the browser address bar.
You need that last reassurance, just before you enter your precious card details that it will be transmitted securely.
You are of course looking for that little green bar and the letters https:
But.. it’s not there. It’s grey and so now is your mood. Anger descends.
You think about all the time you spent looking for that particular item. The great deal you had found. Now all wasted.
There’s no way you’re going to send your card and personal details over a non encrypted transmission.
The card goes back into the wallet and you take one final look at that great deal you took hours to find.
“We’ll I’ll never use that site again!” you say to yourself, closing the browser and heading off for a strong cup of tea.
What Happened Here?
I’ll tell you what happened. Trust was broken.
Trust is something so valuable and so often overlooked.
In this scenario we have a customer, wallet out and card ready, about to purchase an item.
Up until that point the customer had built up enough trust to get to the point of wanting to purchase the item.
Trust comes in many offerings when you’re talking about sites that sell stuff i.e. eCommerce.
What Is Trust
With eCommerce sites, for a potential customer to get to the point of making a decision to buy a product (from anyone), they need to feel that the transaction is a good one.
I like to think that potential buyers go through two levels of trust when browsing for items on an eCommerce site.
At this point the potential buyer is mainly doing research and they are looking at the same or similar items on a range of different sites.
Cost is a factor for sure, but there are others.
Is there a good product description with multiple images (i.e. is there a rear picture showing connectors etc if you’re buying electronic items)?
Are their any customer reviews? Who else bought this item?
OK – by now the customer likes the item description and the price but needs to check out some more details and build that trust factor even higher before committing.
How long has the company been trading and/or is it a brand you know of ( i.e. it is an Amazon or is it a startup.biz )?
Is there a return policy? Delivery charges/calculator?
Do they offer multiple and easy to find contact details? Does the site work properly?
At this stage the customer is happy about the product, price and who is selling it.
They have built trust that you as the supplier can deliver exactly what they want.
Now for the nitty gritty.
Customers need to trust that the seller will provide/ship the item after purchase. Reviews, ratings and comments will help.
Customers need to trust that the item will be and do exactly as it was described on the site once delivered. Reviews and feedback. eBay does a great job at this.
Customers need to trust that the payment details sent to the site will be kept secure so that nobody else could abuse them.
Ah – there’s our fail. At the eleventh hour.
OK, so I’ve taken a long way around to proving my point but it’s a valid one especially of you’re the owner of an eCommerce site.
And I don’t just mean those massive stores with hundreds of products.
You could be a one-man (or woman) shop selling a handful of items. Same thing applies.
You could be losing sales if your potential buyers are losing their trust just because you didn’t secure their personal data.
In fact, from a legal compliance point of view, you’re most likely obliged to do so.
I should point out, before I get shouted at that there are usually two “methods” of accepting payments on an eCommerce site
This is when the customers are redirected off your site to another one for the payment and personal details collection.
The standard PayPal payments method is a good example of this.
From a compliance point of view, you are somewhat protected because in this example it is PayPal’s systems that are responsible for collecting and processing payments and usually for collecting billing and shipping information.
This is when customers stay on your site 100% of the time.
Your site will collect their personal detail and their card details, send it off (securely) to a third party payment gateway server and then wait for response, acting accordingly.
From a compliance point of view you are responsible for collecting, transmitting (and maybe storing) customer shipping, billing and card details.
That’s a HUGE responsibility.
Secure Socket Layer Certificates
Finally – on to the good stuff and the reason you’re here right?
Secure Socket Layer Certificates (SSL Certs for short) encrypt data transmissions sent from your site. URL’s (web addresses) always start with HTTPS:
Any data your site sends using the normal HTTP URL’s are easy for hackers, and with recent tools even laymen, to get access to.
It’s sent in what we call “plain-text” i.e. unencrypted. And that’s the problem right.
On-line shoppers are more savvy these days. Probably because many have been burned by identity theft or credit card fraud.
Nonetheless, I can assure you that the majority of buyers will check to ensure that the payment and personal details they are entering will be encrypted and sent securely.
This is the last trust hurdle your customer needs to overcome and it’s a large one so, if you sell anything on your site, please make sure you encrypt your customer’s data when collecting payment or personal details.
Basic SSL Certs are bound to your site’s URL (e.g. www.mysite.com) and it will give you the green bar/padlock in the browser address bar which just affirms to your buyers that all systems are good-to-go.
There are many companies offering SSL certificates and many different pricing levels for the certs themselves.
I’ll follow up with a future post explaining how to choose the best SSL Cert for your site and how to get it installed on your system.