Data Security Guidelines for Ecommerce

While it feels like stories about corporate data breaches are more common than ever nowadays, it’s definitely not a bandwagon you’d want to join. In addition to losing the trust of your customers, there can be substantial costs related to a data breach in the form of security upgrades, legal fees, and more. To help keep your ecommerce company from joining the growing list of hacked businesses, use the following guidelines to tighten up your website security and protect consumer data.

Identify region-specific compliance requirements

Some states and countries have requirements regarding how companies use, save, and store consumer data. It's vital that you know where your business is being conducted and that whether there are regional data security laws that apply to you. Failing to comply with regulations, such as the Securities for Consumer Data Personal Privacy Act in Colorado or the Golden State Consumer Personal Privacy Act of 2018 in California, not only indicates that your company’s data may be vulnerable – you may also be at risk of incurring significant fines or penalties.

Perform a data security risk assessment

Hire a third-party to run a risk analysis on your current data security architecture to identify any vulnerabilities. Then, outline a strategy for prioritizing and patching those vulnerabilities. Remember: hackers commonly look for easy targets and will move on from targets that require more effort to exploit.

Train and educate your employees

One of the biggest vulnerabilities in any kind of data security strategy are the employees. Make certain your data is safe from unintentional employee mistakes through adequate training and by establishing clear protocols for managing data.

Social Engineering Prevention Guidelines for CSRs

Information security is an ever-evolving issue for ecommerce sites. Even though technology has done a lot to stop them, fraud tactics are always changing in response to those countermeasures. In some cases, there's just not much technology can do. Take social engineering – when a fraudster posing as their target manipulates customer service representatives into granting access to the target's account or private information – for instance.

Also known as voice-phishing, or “vishing,” the practice is less common than email-based phishing but every bit as dangerous to ecommerce. According to the education and awareness website, social-engineer.org, the average cost of a successful vishing attack against a business is $43,000 per account compromised.

Most companies require customer service representatives to follow a multi-step process for authenticating callers before proceeding with service on an account. However, CSRs are also trained to keep customers happy. Whether it's because caller sounds irate or threatening, or the caller sounds authentic because they passed some parts of the authentication process (usually with information trawled from other areas of the internet), CSRs may share information that risks security with the intent of providing a good customer experience.

Unfortunately, calls to a live person don’t undergo the same digital fraud checks that online transactions do. To prevent scenarios where a CSR feels bullied or lulled into complying with an insecure request, companies need 1) a comprehensive flowchart of authentication steps with clear explanations of what to do when the caller can’t provide the required information 2) strict requirements for following protocols, and 3) assurance that managers trained for those scenarios will provide necessary support.

By training customer service teams to recognize social engineering and giving them the resources to stop fraudsters from stealing account data, ecommerce companies can protect their customers while still providing great service.

9 Tips to Lower Cart Abandonment Rates

Cart abandonment is one of the most common ways ecommerce sites lose sales. It’s a ubiquitous problem that happens to even the best sites. But fortunately, there are many features and preventative measures you can implement to improve sales and the customers’ experience.

Be clear on the final cost

Many ecommerce sites notice a huge bounce rate once a customer begins the checkout process and sees the final order total - especially if it has increased since the checkout process started. Since increases are usually due to shipping costs, include an estimated shipping fee as early as possible in the checkout process. Or, eliminate shipping charges altogether.

Don't force shoppers to create an account

Forcing a new customer to create an account with your website before completing a purchase has its pros and cons. While account creation helps you track user behavior and preferences, the process can be perceived as an inconvenience - plus, it adds another layer to what should be the simplest part of your website. In addition to adding "guest" or "express" features to your checkout process, try allowing shoppers to easily create an account via their social media login to ensure that your account base continues to grow.
    

Emphasize Security

In this day and age, customers want assurance that their financial data is safe. Highlight the security features of your site so customers can confidently complete a transaction.

Offer Multiple Payment Options

Alternative payment options like Google Wallet, Amazon Payments, PayPal, etc. help simplify the checkout process, come with built-in security features, and cater to shopper preferences.

Accommodate mobile users

Customers are using mobile devices more than ever before. If your checkout process is confusing or cumbersome on mobile devices, then your cart abandonment rate will likely increase. A responsive design that works on all screen sizes can solve this issue.

Highlight customers support options

Every action in the checkout should be easy to find – especially support options like FAQs, live chat, and other customer service features. Make sure they are clearly available during each stage of checkout.

Auto-apply Coupons

Shoppers become understandably frustrated when they get deep into the checkout process only to find that their discount code doesn’t apply to their order. If your store is having a sale or offering a particular discount, automatically apply the coupon code at checkout, or display coupon codes in a site-wide banner for customers.

Include options to modify orders

Make sure customers can change the quantity, color, size, and other attributes of the items in their order without having to leave the checkout.

Maintain site stability and speed

If your checkout process crashes or loads too slowly, it’s going to cost you sales. Make sure to test it thoroughly and account for potential user actions, like using the browser’s back button.

The Importance of Balancing Your Anti-Fraud Efforts

Fraud is a consistent problem for ecommerce businesses. It’s tempting to utilize all the fraud prevention tools at your disposal to ensure that nothing seeps through the cracks. Unfortunately, fighting too hard against fraud can negatively impact your users’ experience and overall sales. While a 0% chargeback ratio sounds great, it’s not worthwhile if it means you are turning away 10% of your legitimate customers due to false flags from your security solutions. More...