Fraud Prevention

Do Security Measures Boost Conversion?

Achieving high performance for your ecommerce business is complicated. It requires building an effective combination of trust, convenience and relevance on your website using technology, design, usability and influence.

If you consider industry statistics, you’ll quickly realize why it’s tough to achieve high performance (indicated by your average conversion rate) above the standard (although questionable) industry averages of 1 percent to 2 percent. Specifically for small and medium-sized ecommerce sites with less brand recognition, two more prominent studies uncovered alarming consumer insights.

Retailers not doing enough

The first research study by Forrester Research, Inc., found that 84 percent of consumer survey respondents say they don’t think retailers are doing enough to protect their customers online. The other finding fromLondon-based TNS PLC, a market research company, in April 2005 found that 75 percent of online shoppers surveyed say they have abandoned a retail site due to security concerns. [Internet Retailer, March 2006]

For small and medium ecommerce businesses with less brand awareness, the level of consumer security concern is naturally higher. Unfortunately many small ecommerce businesses escalate the inherent consumer skepticism by using shared SSL certificates versus a private one in an effort to minimize expenses. Although less expensive, shared SSL certificates force a consumer to a third-party website for order completion leading to potential credibility barriers.

Besides a noticeable change to the domain, using a shared SSL certificate also creates these challenges to a businesses’ trust building efforts:

  • Slow website load times with the third-party website negatively influences a website’s credibility and convenience for its customer.
  • Limits abilities to improve shopping-cart performance with usability and influential strategies like adding assurances, minimizing requested personal information and arranging forms fields for ease of use.
  • Shared SSL redirects the credibility to the third-party provider and away from the ecommerce business.
  • Inability to post a “clickable and directly referenceable” SSL certificate logo like GeoTrust, Truste or VeriSign on the website for credibility.
  • Customer inconvenience with “continue shopping functions that causes movement back and forth from a website to the third party.

If using a shared SSL certificate is a “start-up” necessity, don’t fear—it won’t necessarily prohibit sales if you create a positive customer experience leading up to the checkout process. Customers who are motivated to purchase and who have gained a reasonable level of trust with your website may not be put off by a shared SSL process. We have worked with a few relatively successful businesses that generated ample sales through a shared SSL certificate.What we have found is the affect of using shared SSL depends on several factors including:

  • Product Type – Ecommerce sites seem to have the greatest weakness with using shared SSL compared to information product (downloadable) sites.
  • Target Audience – Tech-savvy buyers perceive a shared SSL environment as less professional than a non-tech savvy one. With cautious shoppers, (defined as people taking more than three days from initial first visit to final purchase) more worried about online shopping security, they are thus more responsive to the appearance of security trust marks on sites. [AdventureCentral/, October, 2006]
  • Brand recognition and equity – Ecommerce websites using shared SSL from services like PayPal (owned by eBay) or Google Checkout experience less credibility challenges because of the associative credibility gained from the prominent brands.

The opportunity to improve conversion is dependent on building credibility, convenience and relevance. Unfortunately, using shared SSL impedes efforts for improving conversion. When seeking higher performance, our experience has proven that moving to a private SSL certificate (versus a shared one) is a prerequisite.

SSL security logos add a perceived level of credibility. Further findings from the TNS PLC study referenced above found that, “when those customers who admitted to site abandonment were questioned further, 90 percent said they would have gone ahead with the sale if they had seen a recognized security marker.” [Internet Retailer, March 2006] In addition, a January 2006 report from IBM showed that “70 percent of consumers would only shop at websites with a recognized security protection seal.” [Adventurecentral/, October, 2006]

The range of conversion improvement achieved through the use of SSL security logos like GeoTrust, Verisign and Hacker Safe fluctuates among ecommerce websites with average gains between 5 percent to 10 percent. An article by Internet Retailer (March 2006 issue) titled, Hand-holding: Fraud-weary consumers look for the seal of approval, by Lauri Giesen stated, “Small, unknown companies typically experience even higher conversion rates because consumers are more likely to be fearful of shopping with them since they don’t know if some of them are legitimate businesses—let alone have confidence in their security systems.”

In the same article, Ken Leonard, CEO of ScanAlert, the company that sells the Hacker Safe product, explains, “Most of those recognized companies will see single-digit increases while the small, lesser known companies will see double-digit increases, in some cases as much as 30 percent.”

There is little question that presenting a security logo adds perceived credibility to an ecommerce website. However, from a perspective of website conversion improvement, presenting a security logo is only a small piece to an overall credibility-building strategy. Building trust effectively with customers that results in increased conversion requires these additional steps:

  • Placement and size of a security logo directly affects the potential improvement of the website’s conversion.A case study presented at on May 6, 2006, reported a security-logo test performed by Petco, a national pet supply retailer. The test involved varying the placements of the Hacker Safe logo across its website to gauge differences in conversion rate gains. The test outcomes produced the following results: – The logo in the lower left corner of the navigation bar resulted in an 8.15 percent increase in conversions. – The logo below the footer on the lower right increased conversions only 1.76 percent. – The logo on the upper left between the search box and the navigation bar increased conversions 8.83 percent.

    It is important to understand the implications of this test and to consider how to test security logo placement on your website. Placing a security logo along your visitors’ eye flow path, such as the top left location underneath your company’s logo (as in the case of, may generate higher awareness and translate into stronger conversion improvement.

  • Add your physical address, phone number and other components like pictures of your staff and offices to add a “physical presence” to your virtual store.
  • Add testimonials and third-party endorsements like recognized magazines, industry experts and associations.
  • Design your website for ease of use and convenience. An older, yet still relevant, study titled, “What Makes Web Sites Credible” conducted by the Persuasive Technology Lab at Stanford University stated, “Going beyond the data, one could reasonably conclude that a simple, usable website would be perceived asmore credible than a site that has extravagant features but is lacking in usability.”
  • Avoid typographical, formatting and design errors. Customers are familiar with the professionalism communicated in the proper design and content presented by trusted websites like Experiencing “laziness” errors like misspellings or content that seeps across tables is perceived as unprofessional and hurts credibility.

As the ecommerce marketplace becomes increasingly competitive, individual businesses face greater challenges proving their credibility. Adding security logos and using private SSL are proven ways to increase conversion.

However, the cost-benefit varies drastically by variables beyond simply plopping a security logo on your website. The entire context of your website and, more importantly, the entire customer experience directly affects the conversion gains realized from a private SSL environment with a security logo. As with all conversion efforts, test, test and test your way towards finding the most effective balance for achieving high performance.

Kevin Gold
Bio   •   RSS Feed