Customers want to feel safe when they make online purchases. They need to know that the credit card or account data they are providing to the merchant is transmitted and handled in a secure way.
To protect customer information, an online merchant will comply with the Payment Card Industry's Digital Security Standard and, also, use a 128-bit or great secure socket layer (SSL) to ensure that sensitive data passes back and forth between the web browser and the web server safely. Having taken the steps necessary to secure a payment transaction, online merchants want some way to show their potential customers that they have done everything possible to make shopping secure.
Enter VeriSign's Secure Site Pro with Extended Validation. First, the service provides 128- or 256-bit SSL encryption, meaning that it offers some of the most potent encryption available to protect payment information as it passes between your servers and customers web browsers. Second, the service provides you with two clear ways to market this to your customers. For giving online merchants both the tools to protect customers and a way to use those tools as a competitive advantage, I am awarding VeriSign's Secure Site Pro with Extended Validation four and a half out of a possible five stars in this, "The PEC Review".
The PeC Review is my weekly column created to introduce you to the products and services that I believe can help you improve your ecommerce business. This week, let me tell you why I think Secure Site Pro can help you.
Video: VeriSign's Secure Site Pro with EV SSL
Top Notch Encryption
SSL is a protocol that was originally developed by Netscape to facilitate secure Internet communications over an insecure network. It is designed to solve two basic communications problems: (1) identity and (2) eavesdropping.
When a consumer surfs to your website, checks out some products, and reads your "About" page, that consumer has no real way of know if you are who you say you are. You might claim to be reputable, but how would they know? In fact, the consumer may have found an impostor—someone claiming to be you in order to steal data. An SSL solves this problem since SSL certificates are unique to a particular server and domain name. When a consumer's browser makes contact with the web server, the SSL ensures that your customer knows who he or she is dealing with through a process called public key cryptography. Essentially, the SSL uses two cipher keys. One key is made public. It is used to encrypt data. The other key is private and secret. It is used to decipher data encrypted with the public key.
Next, when a customer sends data over the Internet, which is generally an insecure network, how does that customer know that some hacker is not lurking, and waiting to intercept credit card or account data. Again, an SSL solves this problem by encrypting as mentioned above. The more complicated the encryption, the more secure the data. VeriSign's Secure Site Pro offers up the 256-bit encryption. This means that if someone were trying to guess the encryption code it would take that person several billion years to have tried every possible combination.
Recognizable Security Badge
Once a site has been secured with the Secure Site Pro SSL certificate, the site owner gets to display a VeriSign Secured Seal. The seal lets a site owner brag about all of the good work that has been done to ensure that a customer's data isn't intercepted or stolen. And seals like this one have a positive effect on sales.
For example, a 2008 study by Synovate Research and published on the VeriSign site, found that 91 percent of U.S. online consumers recognized the VeriSign seal. Furthermore, both anecdotal evidence and A/B split testing has shown that adding a security or trust seal to an ecommerce site can boost sales conversions as much as 10 percent. Security seals have also been shown to reduce shopping cart abandonment.
Best Case for EV I've Seen
A second way to let customers know that you mean business is to use an Extended Validation (EV) SSL certificate. An EV SSL not only ensures that the site a consumer is visiting is really the domain it claims to be, but also that the site owner is a legitimate business. The EV SSL displays the domain owner's name in an extension to the browser's address bar.
I have to confess, I had not been a big fan of EV SSL, since I did not really see the value in spending an extra $200 to $500 for a green bar that I wasn't sure users understood anyway. But VeriSign changed my mind.
The company has a very good phishing scam demonstration, which really shows how EV SSL makes a difference. The demonstration, which you can see at Phish-no-Phish.com, asks you to compare pairs of website screen captures and decide which one was a real site and which one was from a phishing scam. Needless to say, without the EV SSL finding the phishing villains was no easy task.
VeriSign's Secure Site Pro with EV SSL is $1,499 per year if billed annually with discounts available for prepayment.
I really like VeriSign's Secure Site Pro with EV SSL. I believe it does a good job of actually securing customer data as it passes back and forth between the browser and server, and I think that it gives merchants an equally powerful tool for encouraging customers to buy. Bottom line, that security seal and green extension in the address bar make customers feel safe.
But I do think that the service is expensive. In fact, if Secure Site Pro with EV SSL sold for less, I would have given it five stars.