®

WHITE PAPER 2014

Why SSL is a must for your business

Contents:

Introduction 3

TIP 1 – Do you want to grow your business? 4

TIP 2 – How do I know if visitors trust my website? 4

TIP 3 – Do you want to increase business credibility? 5

TIP 4 – What data needs protection? 5

TIP 5 – Are you struggling to convert customers online? 6

TIP 6 – I don’t sell online, but I collect data. Do I still need SSL? 6

Why Thawte? 7

Why SSL is a must for your business

2

®

Why SSL is a must for your business

3

®

Why SSL is a must for your business IntroductionBefore dealing with the ‘Must’ of SSL, let’s look at the ‘Why’. Any organisation transacting business online needs SSL (Secure Socket Layer – the standard security technology for establishing an encrypted link between a web server and a browser). Why? Because, once you understand exactly what dark forces you are up against by failing to encrypt your data and that of your customers to the highest levels, and how that failure can have a devastating effect on your online business and reputation, the ‘Must’ will become self-evident.

Unprotected sensitive data is the bread and butter of attackers, leading to identity theft, fraud and theft of financial resources from your customers. And the attackers aren’t fussy about what size of business you are either. Data breaches happen to large and small, public and private companies. So, if you think it’s only the more high-profile enterprises they have in their sights, you are wrong. Indeed, hackers are increasingly targeting small to mid-sized businesses, simply because those networks tend to be less secure. In today’s online world, everyone is at risk.Whatever the scale and reach of your business online, failure to protect your customers’ data –by not encrypting the data or neglecting to protect the encryption keys – is like opening the bank vault and saying to the hackers: “Help yourself.” Anyone who’s suffered a data breach will know that the costs associated with that can be punitive and wide reaching, particularly lost sales, and brand and reputational damage. It’s a road nobody who has already been there ever wants to go down again.

For those that haven’t endured such a calamity, it’s something to be strenuously avoided. And yet, despite the horror stories of breaches that appear in the media day after day, many businesses are still leaving themselves and their online customers dangerously exposed to such attacks.

So here comes the big question: “How safe are you?” As a ‘sanity check’, let’s start by asking if you can answer any of these questions with a ‘YES’:

• Is your website your business?• Will your website be used, or is it already being used, for e-commerce?• Are you struggling to convert customers online?• Does your website have a login or secure customer area?• Are you processing credit card payments?

At least one applies to you? Then you need SSL. Following are six tips designed not only to keep you and those who transact business with you safe and secure, but also help you provide a better online experience, reassuring your customers that you are credible, trustworthy and someone they can rely on, time and time again.

Why SSL is a must for your business

4

®

TIP 1 – Do you want to grow your business?Of course, you do. You’ve invested a lot of time, thought and money in establishing an online presence and want to maximise the payback from that. But before you can grow your business to its full potential, you need to grow your customers’ trust first.

This is especially true when you accept credit card numbers online or ask users to create an account with their personal information. You need to demonstrate clearly that your website can be trusted. How do you do that? Most SSL certificates come with a green bar, padlock and trust logos. You’re telling prospects and customers that you value their security as much as you value their business.

The Thawte® Trusted Site Seal gives your website instant credibility in the online world by visually reassuring customers that your site’s identity has been verified and that it is secured with SSL. By adding the seal script to your secured home page, buy page, sign-in page, and all other pages in your secured domain, you will be giving your customers the assurance they now increasingly look for before transacting business with you. The seal will display within about two hours after installation and show that your site is secured by Thawte.

Moreover, the Thawte Seal is a globally recognised trust mark, available for display in 18 languages and included free when you purchase a Thawte® SSL Certificate.

TIP 2 – How do I know if visitors trust my website?There are clear and measurable statistics that will tell you unequivocally whether your website invokes trust from those who visit it. The most important ‘tell-tale signs’ that show how you rate and precisely what your customers think of you will be reflected in the following:• Traffic volumes• Repeat visits• Willingness of customers to share personal details• Willingness to complete transactions.

All of these are clear indicators of how your site is perceived by those who visit. Putting a ‘trust badge’ on your website is a sure way of increasing conversion rates, because it convinces potential customers that doing business with you is safe and secure – essential as online fraud continues to soar.

Not surprisingly, those who drop out of a purchase often mention concerns about payment security as a reason. Habitually, the deciding factor for not going ahead and making a purchase is down to the fact that the site is missing a trust seal. In other words, no trust has been established and those potential customers will not risk sharing personal details and completing a transaction.

Millions of online businesses use SSL certificates to secure their websites and allow their customers to place trust in them. The payback is that trust seals increase conversions and repeat visits, while decreasing shopping cart abandonment. According to non-profit security analysts at the Online Trust Alliance: “The adoption of best practices not only helps to protect customers, it also builds brand integrity, enhances click through and reduces the risk of shopping cart abandonment.”

Why SSL is a must for your business

5

®

TIP 3 – Do you want to increase business credibility?First and foremost, avoid copycat websites with the same company name. Phishing attacks that pose as your com-pany’s official website diminish your online brand and deter customers from using your actual website, out of fear of becoming fraud victims.

Phishing lures unsuspecting people to provide sensitive information, such as usernames, passwords, and credit card data, via seemingly trustworthy electronic communications and is an ongoing global threat of massive scale and nearly unlimited reach. Even phishing scams aimed at other brands can impact your business. The resulting fear caused by phishing can cause consumers to stop making online transactions with anyone they can’t trust.

And there are other risks to your business, apart from the direct costs of fraud losses, namely:• A drop in online revenues and/or usage, due to decreased customer trust• Potential non-compliance fines, if customer data is compromised.

While there is no silver bullet, a number of technologies can help protect you and your customers, and drive up busi-ness credibility. With many of the current phishing techniques relying on driving customers to spoofed websites to cap-ture personal information, technology such as Secure Sockets Layer (SSL) and Extended Validation (EV) SSL is critical in fighting phishing and other forms of cybercrime by encrypting sensitive information and authenticating your site. Security best practices call for implementing the highest levels of encryption and authentication possible to protect against cyber fraud and build customer trust in the brand. SSL, the world standard for online security, is the technology used to encrypt and protect information transmitted over the Web with the HTTPS protocol. SSL protects data in mo-tion – which can be intercepted and tampered with if sent unencrypted. Support for SSL is built into all major operating systems, web browsers, internet applications and server hardware.

TIP 4 – What data needs protection? Private data that only you (the website owner) and the user should know, the most obvious are:• Credit card details • Passwords • Log-in credentials • Personal information.

Protecting credit card details: Private data should only ever be known to you (the website owner) and the user. Collect enough personal data and identity theft may become a real threat. So any organisation that deals with customers must ensure the personal details their clients share with them remain strictly under their control – and out of the hands of hackers awaiting any opportunity to migrate this data to their own systems.

Passwords and log-ins: It is vital to inform your customers to use strong passwords to protect their devices and data. Passwords should never include obvious information, such as a name, birth date or other data that is easy to find. They should be a blend of upper- and lower-case letters, numbers and symbols.If you are hosting a public website with a sign-in or log-in feature or a website where customers enter credit cards or other high value, personally identifiable information, you need to ensure that information is safe from hijacking.

Personal information: Collecting individual pieces of private data may not seem such a big deal, but, if you collect enough personal data, identity theft may become a plausible threat to your customers and potentially affect the reputation of your business.

The antidote that keeps users’ critical data secure is SSL. SSL verifies that the website owner is really who they claim to be. If you are at risk of being spoofed by phishers, or otherwise need to be able to prove to your visitors that you really are who you claim to be, then SSL can help users confirm your identity by clicking on the padlock icon to get more information about you. You may also choose an SSL certificate with more visible security features – e.g., the ‘green bar’ provided by Extended Validation certificates - to visually reassure customers that they are safe to transact.

Why SSL is a must for your business

6

®

TIP 5 – Are you struggling to convert customers online?If you are having a hard time persuading potential customers to transact business with you, first you need to get to the root causes. Awareness of the potential dangers that now exist online is growing, so winning your customers’ trust first and foremost is essential, else the odds that you will be able to convert them, and thus growing your business, are extremely poor.

The onus is on you to show that your website can be trusted, especially when you accept credit card details online or ask users to create an account with their personal information. Conversion and trust are inextricably linked.

So, when they come to your site, savvy customers will:• Be looking for an ‘s’ after ‘http’ in the URL bar and a closed padlock• Check the padlock for a digital certificate• Seek out the green bar or trust signs and seal to confirm it is safe to transact with you online.

Most SSL certificates come with a green bar, padlock and trust logos. By displaying these on your website, you are tell-ing prospects and customers that you value their security as much as you value their business. However, if you cannot provide them with the surety that they are safe in your hands, the chances are they will walk away and find someone else who can.

TIP 6 – I don’t sell online, but I collect data. Do I still need SSL?Yes, you do, because that is how you gain the trust of your customers. Even if you don’t sell online, your customers will appreciate the care you take to protect their personal data – especially if you have a secure-access area on your site. And even if you don’t store any personal data, visitors might still look for the padlock, green bar or trust seal when visiting your site. Failing to show any of these could persuade those potential customers to leave your website straightaway. An SSL logo or padlock is a sign of trust and authentication. And that means staying safe online.

Therefore you should display visible signs that show your site is secure, scanned and trustworthy. It is your ‘badge of honour’ that reassures anyone about to do business with you that they can do so with impunity. But how much notice do people take of such assurances? A great deal is the answer. With 673 million websites active by the close of 2013 – forecast to hit the 1 billion plus mark by the end of 20141 – would-be purchasers have become highly skilful and adept at evaluating those they visit. With the average page visit calculated as lasting less than a minute2,the first 10 seconds are critical3 – if you haven’t won them over in that brief window of opportunity, the chances are they will quit your site for one that they feel they really can trust.

The message from all of these tips is only too clear: Protect data in transit with an SSL certificate from Thawte today.

1 Internet Live Stats – http://www.internetlivestats.com/total-number-of-websites

2 Nielsen Norman Group – http://www.nngroup.com/articles/how-long-do-users-stay-on-web-pages

3 Nielsen Norman Group – http://www.nngroup.com/articles/how-long-do-users-stay-on-web-pages

Protect data in transit with an SSL certificate from Thawte today.

Not All SSL Is the SameWe make SSL our business in order to protect yours. Thawte online security is trusted by millions of people around the world. Here are just a few reasons to switch to Thawte:

• High- assurance digital certificates• Global reputation for uncompromised reliability• Up to 256-bit SSL encryption• World-class, multilingual support• New, lower prices that are within your security budget• Thawte Trusted Site seal

Protect your data, safeguard your business, and translate trust to your customers with high-assurance, digital certificates from Thawte.

More Information If you have further questions, or would like to speak with a Sales Advisor, please feel free to contact us:

Via phoneUS toll-free: +1 888 484 2983UK: +44 203 450 5486South Africa: +27 21 819 2800Germany: +49 69 3807 89081France: +33 1 57 32 42 68

Emailsales@thawte.com

Visit our website at https://www.thawte.com/ssl

© 2014 Thawte, Inc. All rights reserved. Thawte, the Thawte logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Thawte, Inc. and its subsidiaries and affiliates in the United States and in foreign countries. All other trademarks are property of their respective owners.

Protect your business and translate trust to your customers with high-assurance digital certificates from Thawte, the world’s first international specialist in online security. Backed by a 17-year track record of stability and reliability, a proven infrastructure, and world-class customer support, Thawte is the international partner of choice for businesses worldwide.

BUY TRY LEARN MORE