Security Issues

Glad to see the list is now percolating quite nicely.

In ADL-0017 Marlene Kohn wrote:

A client of mine purchased some inexpensive computer accessories from an on-line company in Texas and found $3000 worth of charges on his next credit card statement. The purchases were from a variety of stores in the Texas region.

While I empathize with your client, I really don’t see this as an “Internet Security” issue. I don’t see any technological way to have prevented what happened to your client as it was in all likelihood a disreputable firm, rather than some underlying flaw in Internet security that allowed this to occur. Even crooks can use SSL.

This does however bring up the issue of how consumers know who to trust online. In the “real world” you have brands you trust. A friend’s recommendation will often carry greater weight than advertising. And for brick and mortar retailers you at least have some sense of who you are dealing with when you go into a store. The simple fact that the store is there, and was there yesterday is enough for most people to assume that a company is legit.

Online, these assurances don’t come as easily.

One attempt at building consumers’ trust in online retailers is the use of “trustmarks” like TRUSTe. TRUSTe in particular seems to be gaining ground. In fact NetRatings just announced that almost a quarter of a billion TRUSTe logos were viewed last week.

That means that one-seventh of the online audience was exposed to TRUSTe’s logo.

While I like the concept behind TRUSTe, I wonder how many of the people who saw their logo really understood what it meant? It also gets me to thinking about other things sites might do to increase consumer trust.

Here are a few quick thoughts:

1. Use credit card “accepted here” logos.

2. Post a plain English privacy policy in an obvious place.

3. Include third party endorsements and customer satisfaction affidavits.

Any other suggestions of things you’ve used to increase trust or that have caused you to trust a site you’ve never visited before?