Three points of growth conversion, or how to increase security and increase sales on the site
Statista conducted a survey among users of online stores, who began to place an order but refused. It turned out that 17% of those surveyed mentioned “concerns about security of payments” as a reason. Another survey conducted by Baymad Institute confirmed this data. How to increase safety and reduce the number of abandoned baskets will be discussed in this article.
Preface:
This article is located in the hubs of "Internet Marketing" and "e-commerce" and is addressed primarily to marketers and site owners. Therefore, the basic things in safety are explained here in a simple language. Not all. But if you are a developer or technical specialist who knows all this - you are well done, do not waste time on this article. There are many people who do not know this information, this article is for them.
')
By default, all websites use the HTTP (HyperText Transfer Protocol) hypertext transfer protocol to receive and transfer information. This protocol displays sites well and does it quickly, but it is not secure. Therefore, a more secure HTTPS (Secure Hyper Text Transfer Protocol) was developed. HTTPS has an additional level of protection, using a special protocol for encrypting SSL data (Secure Sockets Layer), which encrypts information transmitted from third parties and protects data from hacking and leaks:
To understand what protocol is used on the website, just look at the URL of the site in the address bar of the browser, if HTTP is at the beginning, then the data on the site is not protected, and if HTTPS is protected:
HTTP protocol (left) and HTTPS protocol (right)
The SSL protocol requires that an SSL certificate be installed on the site server. And an SSL certificate is a kind of unique digital signature that confirms that a user is dealing with an authorized site that belongs to a specific real owner. SSL come in different types.
SSL certificate types:
If the site does not have an SSL certificate, the “Not secured” mark or a crossed out lock icon will appear in the browser’s line next to the address. When clicking on this mark, the browser warns the user that on this site it is not safe to enter personal data through forms and pay for goods or services on the site.
Site without SSL certificate
Conversely, if the site is protected by an SSL certificate, a green lock icon or the name of the site owner, also highlighted in green, will appear in the browser bar. Accordingly, when clicking on these marks, the browser displays a certificate and notifies the user that it is safe to enter personal data on this website through forms and pay for goods or services on the website.
Site with SSL certificate (DV or OV)
Finally, there is an enhanced version of the SSL (EV) certificate, which has the advantage of advanced data validation and increased security. And in the address bar, in addition to the green lock, a confirmed legal name of the company appears, which stands behind this site. This is much more noticeable than the castle and the site is perceived by users as safer, which has a positive effect on the conversion.
HTTPS with Extended SSL Certificate (EV)
For a visual comparison, I will show them together, pay attention to how the SSL (EV) certificate stands out from the rest:
From top to bottom: no SSL, with SSL (DV or OV), SSL (EV)
SSL certificate prices
Prices may be lower or higher. The cost may vary depending on the company providing the certificate and services. The DV certificate option can even be found for free for a year (when purchasing a hosting service), but it will be necessary to pay after the year has expired.
HTTPS affects SEO
A nice bonus: search engines fix the difference between HTTP and HTTPS when displaying a site in a search, which has a positive effect on the position of the site in the search results.
Source
Many of the Russian online stores are engaged in security issues, but almost no one brings this information to users. And if the user does not know, then this is not there and the conversion drops. Therefore, there is little to deal with security issues, it is necessary to tell users about this. For example, laredoute.ru writes in the footer that the data is protected.
Laredoute
But it is completely unreadable. Because it is small (font 10) and not contrasting (gray letters on a light gray background, contrast ratio 1.61: 1, with the minimum recommended 4.5: 1). Contrast Ratio Checker is used to measure contrast. As a result, none of the users understands that purchases on the site are safe, and personal data is protected.
Another example, online store bonprix.ru
Bonprix
Already better, the icon attracts attention, and large and sharp text is readable. But still bad, because the logo is not recognizable, not clickable, and the text is not informative. It is unclear who is guaranteed (there is no brand in the field of security), it is not clear from what it protects. As a result, it seems that the online store has written something for itself. Trust does not add.
The third example is an online store shoppinglive.ru
shoppinglive.ru
There are logos, they are even famous and authoritative. But completely incomprehensible because of the size, and therefore not clickable. Similarly on the Euroset site.
Euroset (icon is not about security, but a clear example)
Low resolution of the image, so the icon is not readable, there is no signature near, besides it is not clickable and, accordingly, it is impossible to click and understand what it is about. Instead, you could do this:
Award "Consumer Rights and Quality of Service"
For comparison, below are examples of how icons are placed on US sites. Because in RuNet with evidence of security matters are worse.
Walgreens
Security icons (Surhu) and icon description (below)
And many others:
Security icons
Recommendations for the design of security icons:
Tooltip when hovering the mouse over the icon
When you click on the icon on the AT & T website, a page opens with confirmation of the security certificate on the independent security service site TrustArc
How security icons affect conversion
Conversion growth when placing icons VeriSign 42%
Conversion growth when placing Norton icon by 11%
Conversion growth when placing Comodo icon by 11%
Where to begin
Most of the default hosting providers are already well working on security issues on all tariff plans.
Therefore, you only need to clarify with your provider exactly how security is maintained and convey this information to your users by correctly drawing up the icons following the recommendations in this article. This is something that can be done today and for free. Well, after that, you can add additional paid security options from third-party companies and well-known brands.
By Edward Fayzullin, Founder of Conversant.me
PS Please: comments that are not relevant to the topic of this article, please write to me in the dialogues, so as not to litter the comments. Thank.
Preface:
This article is located in the hubs of "Internet Marketing" and "e-commerce" and is addressed primarily to marketers and site owners. Therefore, the basic things in safety are explained here in a simple language. Not all. But if you are a developer or technical specialist who knows all this - you are well done, do not waste time on this article. There are many people who do not know this information, this article is for them.
')
1. HTTP and HTTPS protocols
By default, all websites use the HTTP (HyperText Transfer Protocol) hypertext transfer protocol to receive and transfer information. This protocol displays sites well and does it quickly, but it is not secure. Therefore, a more secure HTTPS (Secure Hyper Text Transfer Protocol) was developed. HTTPS has an additional level of protection, using a special protocol for encrypting SSL data (Secure Sockets Layer), which encrypts information transmitted from third parties and protects data from hacking and leaks:
- Full name, date of birth;
- Passwords, logins, email addresses. mail;
- Bank card details;
- Information about electronic wallets;
- And other personal data.
To understand what protocol is used on the website, just look at the URL of the site in the address bar of the browser, if HTTP is at the beginning, then the data on the site is not protected, and if HTTPS is protected:
HTTP protocol (left) and HTTPS protocol (right)
2. SSL certificate
The SSL protocol requires that an SSL certificate be installed on the site server. And an SSL certificate is a kind of unique digital signature that confirms that a user is dealing with an authorized site that belongs to a specific real owner. SSL come in different types.
SSL certificate types:
- DV (Domain Validation) - verification of domain ownership;
- OV (Organization Validation) - verification of the legal existence of the organization;
- EV (Extended Validation) - Extended Validation.
If the site does not have an SSL certificate, the “Not secured” mark or a crossed out lock icon will appear in the browser’s line next to the address. When clicking on this mark, the browser warns the user that on this site it is not safe to enter personal data through forms and pay for goods or services on the site.
Site without SSL certificate
Conversely, if the site is protected by an SSL certificate, a green lock icon or the name of the site owner, also highlighted in green, will appear in the browser bar. Accordingly, when clicking on these marks, the browser displays a certificate and notifies the user that it is safe to enter personal data on this website through forms and pay for goods or services on the website.
Site with SSL certificate (DV or OV)
Finally, there is an enhanced version of the SSL (EV) certificate, which has the advantage of advanced data validation and increased security. And in the address bar, in addition to the green lock, a confirmed legal name of the company appears, which stands behind this site. This is much more noticeable than the castle and the site is perceived by users as safer, which has a positive effect on the conversion.
HTTPS with Extended SSL Certificate (EV)
For a visual comparison, I will show them together, pay attention to how the SSL (EV) certificate stands out from the rest:
From top to bottom: no SSL, with SSL (DV or OV), SSL (EV)
SSL certificate prices
Prices may be lower or higher. The cost may vary depending on the company providing the certificate and services. The DV certificate option can even be found for free for a year (when purchasing a hosting service), but it will be necessary to pay after the year has expired.
HTTPS affects SEO
A nice bonus: search engines fix the difference between HTTP and HTTPS when displaying a site in a search, which has a positive effect on the position of the site in the search results.
Source
3. Security Icons
Many of the Russian online stores are engaged in security issues, but almost no one brings this information to users. And if the user does not know, then this is not there and the conversion drops. Therefore, there is little to deal with security issues, it is necessary to tell users about this. For example, laredoute.ru writes in the footer that the data is protected.
Laredoute
But it is completely unreadable. Because it is small (font 10) and not contrasting (gray letters on a light gray background, contrast ratio 1.61: 1, with the minimum recommended 4.5: 1). Contrast Ratio Checker is used to measure contrast. As a result, none of the users understands that purchases on the site are safe, and personal data is protected.
Another example, online store bonprix.ru
Bonprix
Already better, the icon attracts attention, and large and sharp text is readable. But still bad, because the logo is not recognizable, not clickable, and the text is not informative. It is unclear who is guaranteed (there is no brand in the field of security), it is not clear from what it protects. As a result, it seems that the online store has written something for itself. Trust does not add.
The third example is an online store shoppinglive.ru
shoppinglive.ru
There are logos, they are even famous and authoritative. But completely incomprehensible because of the size, and therefore not clickable. Similarly on the Euroset site.
Euroset (icon is not about security, but a clear example)
Low resolution of the image, so the icon is not readable, there is no signature near, besides it is not clickable and, accordingly, it is impossible to click and understand what it is about. Instead, you could do this:
Award "Consumer Rights and Quality of Service"
For comparison, below are examples of how icons are placed on US sites. Because in RuNet with evidence of security matters are worse.
Walgreens
Security icons (Surhu) and icon description (below)
- The AT & T TRUSTe icon on the AT & T website is a certificate confirming compliance with privacy requirements.
- Norton Ebay icon - a certificate confirming that the site protects users' personal information using an SSL / TLS certificate. The exchange of information is encrypted.
- Trustwave icon on NewEgg website - bank card data protection
- Asos PayPal icon - confirmation of site owners data, refund in case of fraud.
- Icon McAfee on the B & H website - certificate of protection against viruses, malware, phishing attacks.
And many others:
Security icons
Recommendations for the design of security icons:
- First you should really check the site for vulnerabilities and work out security issues;
- After that, place the icons in the footer, on each page of the site, especially on the pages of registration and payment of the order;
- Icons should be visible and readable (high-quality, large, contrast);
- Icons should be well-known security brands (for example, Norton, McAfee, Kaspersky, and others);
- When you hover the mouse over the icon, it is desirable to make a tooltip (tag Alt).
- Icons should be clickable and lead to a certificate of confirmation on the page of the company providing the security services;
Tooltip when hovering the mouse over the icon
When you click on the icon on the AT & T website, a page opens with confirmation of the security certificate on the independent security service site TrustArc
How security icons affect conversion
Conversion growth when placing icons VeriSign 42%
Conversion growth when placing Norton icon by 11%
Conversion growth when placing Comodo icon by 11%
Where to begin
Most of the default hosting providers are already well working on security issues on all tariff plans.
Therefore, you only need to clarify with your provider exactly how security is maintained and convey this information to your users by correctly drawing up the icons following the recommendations in this article. This is something that can be done today and for free. Well, after that, you can add additional paid security options from third-party companies and well-known brands.
By Edward Fayzullin, Founder of Conversant.me
PS Please: comments that are not relevant to the topic of this article, please write to me in the dialogues, so as not to litter the comments. Thank.
Source: https://habr.com/ru/post/441796/
All Articles