After several security experts’ advice and media disclosure about online security, giant corporate now start to keep security awareness at front panel, recognized the importance of data interception of private and confidential information, and started to adopt SSL certificate to ensure the protection of data that transits between client’s browser and company server.
However, a shocking survey came out in front of us and we at ClickSSL would like to present before you. The survey is about the eCommerce security fact. High Tech Bridge- a cutting-edge information security services provider has revealed in its survey> report that there are 100 eCommerce websites are vulnerable to phishing and identity theft.
How The Survey Was Prepared?
High Tech Bridge has conducted survey on 100 eCommerce websites out of the following data.
- 20 most popular retailers according to Washington post
- Top retail sites as per Alexa Rank
- Top 50 most popular online shopping website as per My App Magazine
What are the survey findings?
High-Tech Bridge finds the following details from the survey, which shows positive and negative findings in context of customer’s online security.
Positive Result:
- Only 1 website out of 100 was revealed whose certificate was expired before one month.
- No website has expired or untrusted certificate.
- Fortunately, all 100 websites have implemented 2048-bit root encryption.
Negative Result:
- There are 2 out of 100 websites have no SSL certificate.
- There are only 2 out of 100 websites having automatic HTTPS version on their websites when making orders or adding goods to their shopping cart.
- There are 7 out of 100 websites have no HTTPS in their Login, checkout and payment pages.
- There are 73 websites have no HTTPS for customer’s non-critical activities for example, shopping cart management.
- There are only 25 websites are protected by EV (extended validation) SSL certificate.
- Almost 33 websites showing mixed content on their website.
What Research Experts Say?
Chief Research officer Marsel Nizamutdinov of High-Tech Bridge said in report that it is a serious condition that these eCommerce companies are showing unconsciousness about customer’s online confidential data. If any third party or hackers steal any non-critical data then not only customer would suffer but the whole shopping business as well.
It is recommended that all online shopping sites should use SSL by default. Currently, all modern web browsers support HTTPS.
Craig Spiezle Executive Director and President of Online Trust Alliance (OTA) also said in his report that all sites and mobile apps must consider HTTPS in their website that encrypts the data transfer between the web server and the customer’s web browser. Even Banking, social, eCommerce and government websites should spread message of online security by following HTTPS security.
In our Words:
From the above research, we at ClickSSL also appreciate this study and hoping to make your website free from vulnerability by implementing proper SSL security. At ClickSSL, we deal with diversified SSL products that are authenticated, reliable, and capable to secure your online business whether you are running government website, eCommerce website, banking website. We are always there to bring awareness about SSL through our online marketing efforts.
