Security Focus: It’s What’s Behind the Seal That Matters
In my last post, I briefly discussed a survey Entrust commissioned to understand the effect trust seals have on online transaction behavior. Coincidentally, I discovered an article in IEEE Security & Privacy magazine about a similar survey the magazine conducted.
Security-related items were one of eight different factors the survey identified that affected the participants’ buying choices. Trust logos and certifications, as they referred to them, were not an important determining factor. The most familiar trust seal was recognized by only 17 percent of those surveyed. This trust seal was recognized only due to a previous online experience and not due to familiarity with the brand. More compelling is the fact that not one participant knew why this seal meant a site was secure.
Why use a trust seal at all if a consumer does not understand the value of a trust seal and what it represents? This is one of several buying decision factors? The trust seal is a fairly simple way to convey — to the small number of users who look for it — that an organization is conscientious about website security.
It does not hurt to have it, but the surveys have proven that the user is not concerned with the brand name on the seal. Therefore, the selection of an SSL provider should be based on other benefits, such as service level and verification process, and not on the misplaced belief that the brand name will increase sales.
How should you select your SSL provider? To begin, not all providers are the same. Entrust has always focused on maintaining the highest standards in security, trust, service and support. As an active member of the CA/Browser Forum, the first provider to pass WebTrust’s CA/EV audits and one of the main influencers behind the adoption of Extended Validation (EV) certificates, Entrust continues to emphasize the security of the Internet and those interacting online.
Part of putting our customers first is supplying them the tools needed to increase the monitoring capability of their certificate environment and allow them to manage ALL the certificates in that environment — not just those purchased from Entrust. This includes helping manage certificate expiry, finding and remediating rogue certificates, as well as inventorying and managing certificate lifecycles utilizing Entrust Discovery and/or the Entrust Certificate Management Service (CMS).
The study Entrust conducted placed responsibility for the trust of the consumer on the website holder and/or credit card company; the customer expects the website or their credit card company to protect their security and information. With the need to ensure security for an organization and its customers, businesses should select the SSL provider that focuses on the highest levels of security and customer service.