Online Security Crackdown

Backlashes from these incidents are beginning to affect online-shopper confidence, with one-third of consumers saying they are “extremely” or “very” concerned with the security of online transactions, according to the Unisys Security Index, a study that measures consumer perceptions of security.

The upswing is that retailers are rethinking how well they are protecting shopper data and adding new security measures.

Gone are the days of computer attacks that merely shut down a computer network. Today’s attacks are aimed at gaining consumer data, “and the goal of these criminals is to make money,” said Paul Proctor, research VP, Gartner, Stamford, Conn. He spoke during the recent FMI & Marketechnics convention, sponsored by the Food Marketing Institute, Washington, D.C.

“That’s why as more news about identity theft—whether it’s online or offline—is exposed, consumer confidence will drop,” said Tim Dowling, VP of Web security for McAfee, a Santa Clara, Calif.-based security-technology company.

And shoppers are indeed growing more wary about sharing their personal information online. For example, nearly 65% of the Americans surveyed said they were “extremely” or “very” concerned about other people obtaining and using credit- or debit-card information, the study said.

“I don’t necessarily think the paranoia is unwarranted, otherwise it would have gone away a long time ago,” Dowling said.

Cyber-thieves continue to use retail systems as an entry point to garnering consumer data, and e-commerce sites are often e-criminals’ entry point of choice.

“Since designers are always changing online content, it’s easy for a bug to slip in,” he added. “And the larger the merchant, the more opportunity there is to make mistakes.”

That said, retailers have their work cut out for them to secure their Web presence and rebuild consumer confidence. Conshohocken, Pa.-based David’s Bridal is one retailer making strides to ensure security both in its stores and online.

The specialty retailer operates more than 275 bridal showrooms nationwide. Realizing that most brides are relying on the Web to research what they need to fulfill their dream wedding, the retailer recently transitioned its Web site, www.davidsbridal.com , into a one-stop wedding resource.

“Word-of-mouth is still the foremost motivator for women in their mid-20s planning a first wedding,” according to Veronica Smith-Katz, VP of strategic partnerships at David’s Bridal. However, this Echo Boom generation “is very techsavvy and [the Web] is what they’re using [to do research and make purchases],” she recently told Retail Technology Quarterly. 

That’s why the chain began adding new measures to protect shopper data, and allow its shoppers to prepare for their special day with peace of mind.

For example, David’s Bridal works with VeriSign for SSL (secure sockets layer) encryption for all data passing across its e-commerce site.

“We also display the VeriSign logo to assure customers that we’re using safe encryption methods for sensitive transactions,” Katz said.

The chain is also installing McAfee Secure software to the Web site. The McAfee service provides daily network perimeter and Web application scanning. On a daily basis, the software looks for vulnerabilities that may allow a hacker to enter a database and retrieve credit-card data.

When McAfee acquired Scan Alert (the provider of HackerSafe software) in January, the company combined the initial tests with a series of new ones that determine a site’s safety. These tests search for vulnerabilities from Adware issues to viruses.

Upon passing the test, the Web site receives a McAfee trust mark. The logo appears above the fold on the retailer’s homepage, alerting shoppers that the site is safe and secure.

Since retailers are constantly making online content changes—whether it’s with new promotions or just linking to other sites—the service runs a series of daily scans. If the retailer happens to fail, the trust mark is immediately removed and will not be restored until it passes again.

While retailers are still learning their way around multichannel operations, it is evident that online security is one operation that needs to be a priority moving forward, Dowling said.

“Shoppers tend to look at several safety and security issues at store level, including where the store is located, if there is a security guard at the front door, as well as the overall quality and aesthetics of the store,” he said. “It’s critical that retailers replicate these same ideas online.”