Cybersecurity Concerns & The World of Ecommerce

World of Ecommerce

Hardly a week goes by when the daily headlines do not resonate with stories about online hacking, affecting organizations and businesses across the globe. Little wonder, then, that one of the most pervasive and enduring challenges to the ecommerce space remains ensuring the security of e-tailers’ customer information. As the world of online sales continues to rapidly expand, so too do concerns about the security of the data that customers share with ecommerce merchants.

In fact, that concern over eCommerce cybersecurity may be seriously affecting the actual, bottom line success of many online businesses. A 2017 American Express Digital Payments Survey revealed a good news/bad news scenario for the nation’s ecommerce merchants. On the ‘good news’ side, the AmEx survey found that consumers are “increasingly relying on online and mobile technology to make purchases”. The survey also revealed among US merchants with both ecommerce and physical retail locations, 81 percent viewed online and mobile sales as the “channel with biggest growth opportunity for their business.” In addition, more than 70 percent of online shoppers said they have used digital-payment services, including mobile ‘wallets’ and one-click checkout buttons. However, the survey also identified a significant caveat among the growth potential for ecommerce sales; among consumers who had made 3 or more online purchases in the previous year, nearly 4 in 10 said they abandoned an online purchase because “they did not feel their payment would be secure.” Compounding the concerns about eCommerce cybersecurity, the survey revealed that 73 percent of the 400 business leaders surveyed said that their “level of fraudulent online sales had increased or remained the same over the previous year.” Additionally, based on its results, the AmEx survey concluded that merchants who choose to make investments in online security can often see “tangible results” and benefits of doing so. More than half (58 percent) of the merchants who identified their companies as having experienced increased sales during the previous year explained that “enhanced security features have had a very significant impact on their sales numbers.”

Security Concerns in eCommerce Grow In Step With Increased Fraud Rates

One need only look at the numbers reflecting fraudulent online activity to gauge the growing significance of data security in eCommerce transactions. Security Magazine reported that in 2017 the ‘Global Fraud Index’ reported several key findings regarding online fraud, including:

  • The value of potential fraud in the eight industries examined (including apparel; consumer electronics; cosmetics & perfumes; department stores; furniture; and health, leisure and hobbies, among others) reached a whopping $57.8 billion
  • Between the second quarter of 2016 and the second quarter of 2017, total fraud grew by 5.5 percent
  • More expensive online purchases were much more susceptible to fraud; the fraud rate of transactions exceeding $500 was 11.64 percent, 22 times higher than rate of transaction worth less than $100
  • The cosmetics and perfumes industry was the most severely affected by increased online fraud; the Global Fraud Index found that business sector experienced a distressing 171.9 percent increase in the fraud rate from the previous year

Ecommerce Security: Experts Say It’s Not A Seasonal Concern

Although worries about data security in eCommerce purchases tend to rise during periods of increased seasonal sales—most significantly the annual ‘Black Friday’ through Christmas period—most security experts agree that hackers do not restrict most of their fraud activity to the busiest sales periods. Given that reality, it would then fall to online retailers to ensure that they remain vigilant throughout the calendar year, ensuring that they are proactively doing what they can to secure both their websites--and the data it contains. To that end, there are multiple steps that most cybersecurity experts agree can, at a minimum, lower the likelihood of an ecommerce business, or its customers, becoming the victims of fraud. These ecommerce security steps would likely include:

  • On a regular basis, running security tests on the ecommerce site and identifying possible vulnerabilities
  • Do not save, or collect, customer data that is not required in order to complete a purchase
  • It may seem as though it’s a ‘no-brainer’, however, on a regular basis merchants should eliminate any potential ‘risky’ software that might compromise site security
  • Encrypting any and all communications or data that could be used by hackers
  • Updating security software on a regular basis; technology advances rapidly these days, and so too does a hacker’s ability to use it for nefarious purposes
  • Carefully select any third party vendor who will have access to private data on the website; performing due diligence on any party involved in a merchant’s website is absolutely essential

eCommerce Security Is A Major Factor When Customers Select An Online Merchant

There are, of course, many factors that consumers take into consideration when deciding who they wish to ‘do business with’ in the ecommerce space. However, trust in the security of the merchant’s website and data protection can mean the difference between that final ‘purchase click’ and losing a potential customer to a competitor. Reflecting upon the results of the AmEx Digital Payments Survey, Mike Matan, American Express’ Vice President of Global Network Business, explained that “the results of our survey show that for merchants to capitalize on consumers’ continued shift to online and mobile commerce, they need to provide their customers with the confidence that their information is secure.” Merchants large and small are well aware of their customers’ concerns about data security in eCommerce. “Customers put their trust in my knowledge of security measures and feel better when I can show them how their data is being protected,” explained Timothy Savage, owner and CEO of Savage Creations, a software development company specializing in business-centric web, windows, and database based applications. “Through tougher passwords and multi-factor authentication, data is kept safe from outside attacks. But the onus is also shared (by customers). By not reusing passwords, and changing them on a regular basis, they can help stop a hacker from gaining unwanted access to information.”

Much Work Remains In Ensuring Ecommerce Cybersecurity

While considerable progress has been made by many in the ecommerce space in tackling the challenges posed by cybersecurity, it’s readily apparent that there’s much work still to be done.A survey issued at the end 2017 by SecurityScorecard, a national security ratings company, found that on average, retailers scored a ‘D’ in “network security and patching cadence”; equally troubling, the survey also found that “of the bottom cybersecurity performers, technology retailers and department stores scored the lowest compared to other types of stores.” The SecurityScorecard survey of 1,924 companies also found that retailers were the “prime target for cybercriminals…and this includes both online and brick-and-mortar retailers.” One reason for this, according to the survey, might well be retailers’ “reliance on third parties, including cloud providers and payment processors. ” As a result, the survey urged retailers to deploy continuous monitoring of their vendors, as well as their own IT infrastructure. There is little doubt that ecommerce continues to rapidly expand, with online sales expected to exceed $500 billion this year. However, as the demand for products and services marketed online continues to grow, so too does the urgency for ecommerce merchants to recognize the critical importance that cybersecurity plays in protecting not only data, but ultimately their business’ bottom line. The security threats to eCommerce websites aren't going away - how will you prepare?