Consumers who prefer to shop in-store rather than online cited “do not trust online security” as one of the main reasons why. And the 13% who responded this way in the survey did so fairly recently — just three years ago.
Trust is an important factor when shopping online.
If you have a security breach and sensitive customer data ends up in the hands of hackers, you’re going to lose a lot of business. Why would someone trust you with their credit card number if you’ve shown you haven’t been able to protect such information in the past?
One single security breach could very well lead to your store closing its virtual doors.
To prevent that from happening, you’ll need to take all the necessary steps to ensure your site is secure.
At the very least, you should be using the following five online security tools.
Before we get into specific security apps for your ecommerce store, it’s important to address the foundation of your site — your hosting provider. After all, it doesn’t matter which plugins you install if your hosting isn’t secure to begin with.
In addition to protecting customer info, you should find a solution that’s able to consistently keep your site online as well. While it’s not as bad as a data breach, downtime also does damage to your reputation.
When choosing a hosting provider, look for the following security features:
It’s also worth noting that many ecommerce platforms are essentially all-in-one services that include secure hosting. Both BigCommerce and Shopify offer hosting with Level 1 PCI compliance, and BigCommerce even guarantees 99.99% uptime.
Essentially, an SSL certificate ensures that data sent between your server and the user’s browser is encrypted. And while an SSL certificate certainly does make your store more secure, the more important factor for your bottom line is that it will make visitors perceive your store as more secure.
This is because the SSL certificate is what makes the lock icon show up next to your URL in the address bar of the user’s browser. If they don’t see that icon, a good chunk of your visitors simply aren’t going to trust you with their payment information.
Another way for data to be stolen from your store is if someone figures out the login credentials to your account. Online businesses that have multiple users on their account (and therefore, multiple sets of login credentials) are especially vulnerable to this threat.
Thankfully, the top ecommerce platforms have put protections in place to help prevent this sort of malicious activity, and there are also plugins you can add to your store for even more protection.
For example, the administrator of a Shopify account can set the following permissions for other users:
You would be wise to set limited permissions for your users as much as possible. That way, the damage will be minimized if anyone’s account is compromised.
Another smart move would be to track the activity of all the users on your account. The Logify app is an excellent tool for this purpose, though you should note that this is a Shopify exclusive.
This app keeps track of every change made to your Shopify store, as well as when they were made and who made them. If you suspect something fishy is going on with one of your user accounts, Logify gives you the ability to quickly find out.
Another example: The premium version of Magento, Magento Commerce, includes features for both setting user permissions and reviewing action logs. And if you’re using the free Magento Open Source version of Magento, you could add this functionality to your store by installing the Admin Actions Log extension.
Admin Actions Log tracks all the changes that users make to the backend of your store, and it also allows you to review the time and location of both successful and unsuccessful login attempts.
If your blog or other areas of your site have a comments section, this is another security issue that you’ll need to address.
You’ve surely seen spam comments elsewhere on the internet — random people posting a message that promises something like an opportunity to earn $100 per hour working from home, along with a link that you can click to learn more. And of course, no such opportunity exists, and any visitor who clicks that link will likely find themselves exposed to a cyber attack.
To protect your customers, you’ll need a tool that can proactively stop these comments from being posted on your site. If Shopify is your ecommerce platform of choice, then you can use the reCAPTCHA Spambuster plugin to accomplish that task.
Spam comments tend to be posted automatically by bots. The reCAPTCHA system developed by Google can verify whether or not a visitor is a person or a bot, and then it can prevent bots from being able to complete an action on your site.
Also, the version of reCAPTCHA used by reCAPTCHA Spambuster doesn’t require visitors to select which images include a certain object or jump through any other hoops — so, you can block spam comments without frustrating your customers.
Finally, you must find a way to protect yourself from the financial impact of people fraudulently making purchases on your site with someone else’s payment information.
This type of fraud pulls down your bottom line in two ways: Once the fraud is discovered, you’ll need to issue a refund for the order, which means you just lost an item from your inventory without receiving any revenue in return. And then, your bank will likely hit you with a chargeback fee for the reversed transaction.
Fraud prevention tools such as the NoFraud app can save you from such expenses. NoFraud will assess the validity of each transaction on your site and give it a pass or fail grade — and if a chargeback fee ends up being issued for a transaction that NoFraud approved, NoFraud will pay for it.
Once you’ve implemented fraud prevention and the rest of the security measures covered in this guide, your customers will be better protected. And, your online store will have a much better chance at achieving long-term success.
With these tools, apps and best practices in place, you'll be that much closer to creating a secure environment. One that better protects you and your customer — what's not to feel good about that?
Adam Ritchie is a writer based in Silver Spring, Maryland. He writes about ecommerce trends and best practices for Shogun. His previous clients include Groupon, Clutch and New Theory.