22
Mar
How to Protect Your Business from Fraud and Identity Theft
Below is a guest blog post by Jodi Florence, VP Marketing at IDology, Inc.
While the Internet has made it easier to grow a business, it has also introduced new security challenges for small and big businesses alike. As the techniques of fraudsters grow more sophisticated so must the solutions businesses use to detect and prevent fraud from occurring.
The heart of successfully stopping fraud in a consumer-not-present channel is having assurance you are interacting with customers, not thieves. Verifying a customer’s identity is important for anyone doing business online.
With identity theft continuing to be one of the fastest growing crimes in the United States, using identity verification helps reduce the risks for both your business and your customers from becoming a victim of fraud. The key is to automate your identity verification process so that you are able to verify consumers in a way that will keep business moving and without sacrificing customer satisfaction.
So what exactly is identity verification? Simply put, identity verification solutions help uncover if you are dealing with legitimate, real people. And depending on the level of verification your business requires, you can also find out if someone is who they say they are even though you can’t see or check their ID in person.
At its lowest level an automated identity and age verification solution allows you to verify information provided by someone, such as name, address, and date of birth, with information that can be found on that person while searching thousands of trusted data sources. If there is something suspicious associated with the identity, like the address doesn’t match or the person is actually deceased, you will know instantly. And depending on the level of assurance needed, you can incorporate a set of multiple-choice questions that are dynamically generated based off of the personal history information found on each individual consumer. These questions are sophisticated and designed specifically so that the true identity owner will know the answer but not someone attempting to be that person. The end result provides an automated process that helps businesses make more informed decisions about how interactions with consumers are handled while also preventing fraud.
If you are still on the fence about using an identity verification solution, here are some of the benefits our customers see:
- Increased Revenue- Using technology to identify your consumers-not-present keeps business moving forward in a timely manner. As a result, orders are approved and processed faster thus increasing the opportunity to capture more revenue.
- Decreased Cost of Business- Electronic identity verification decreases the amount of manual review needed to evaluate and legitimize questionable activity freeing up your employees time to focus on other areas of the business
- Improved Fraud Protection- Identity verification gives better insight into potentially fraudulent activity so that businesses can deal with suspicious activity accordingly. Being able to validate someone’s identity quickly reduces the amount of fraud loss. And by decreasing the amount of data that is shared within a company, it protects sensitive consumer information from being overexposed and limits the potential of an employee misusing a consumer’s information.
- Fulfilled Compliance Regulations – some businesses, such as financial companies and age restricted products and services, have compliance regulations they must follow. Incorporating an automated identity and age verification solution gives you the resources to quickly comply with legal obligations while providing an audit trail to prove you performed your due diligence on your customers.
About the Author:Jodi Florence is the VP of Marketing at IDology, an identity and age verification solution provider helping businesses of all sizes in multiple industries drive revenue, lower costs, prevent fraud and meet compliance regulations. For more information about IDology and its identity verification solutions visit www.idology.com
04
Nov
5 Trust and Security Tools to Improve Conversions
5 Trust and Security Techniques to Improve Ecommerce Conversions
Consumers are apprehensive and cautious regarding online security, and with reason. The number of reported scams, hackings and credit card fraud is increasing every day. For small online business owners, it can be a struggle to keep up with regulations and security needed to create trust in their brand; trust that will help turn their store visitors into customers.
Recently, we here at 3dcart conducted A/B testing for three months on 5,000 of our supported online stores. This experiment proved that the visibility of trusted security seals and certifications on the sites boosted sales and conversion rates exponentially.
Based on our research – and just in time for the holiday season – here are five tools that can help you build trust in your brand and increasing sales.
1) Visible Contact Information
As simple as it sounds, customers feel better being able to put a “face” to a business, rather than just an e-mail. Displaying a phone number at the top of the page or in the “about” section of your site – along with an address linked to Google Maps – helps boost the visitor’s confidence and makes your online business feel more personable and real to the shopper instead of a possible scam.
By listing the company’s contact information, your customer’s will know they have an immediate form of communication should questions or concerns arise about the order and transaction. Even if the phone number you list is your mobile, people will subconsciously feel more secure with an older and familiar form of communication.
2) Customer’s Testimonials and Reviews
Showing that other customers have had good experiences with your site and your products not only makes your site more reputable but also increases sales. Services like PowerReviews will generate “tag-based” reviews that will connect with your target market. Though it is one thing to connect with customers as a company, user reviews are an element on your store that connects customer to customer – reviews prove that online shoppers have had an experience with your company and product. This community-like structure is known to be fairly honest and affective throughout social media and e-commerce due to the customer’s ability to relate to the reviewer.
3) Dedicated SSL Certificate
When placing an online transaction securely, a browser will access your site through a Secure Socket Layer connection (SSL). In order to ensure the connection is secure, the web browser will access the site’s SSL certificate.
When using 3dcart’s services, you are given access to a free shared SSL certificate that uses your base *.3dcartstores.com URL for its authentication. Please note however, that the use of a shared SSL certificate changes the domain name displayed during checkout.
Obtaining a Dedicated SSL Certificate from security companies such as Geotrust, Verisign or Comodo will further bring your customer some peace of mind while checking-out. If possible, get an EVSSL (Extended Validation SSL) since it is the maximum level of security. The Dedicated SSL Certificate not only verifies your identity as a company and proves that the customer’s information is encrypted during the process of transmitting sensitive information to complete an online transaction, but it will also be assigned specifically to your domain name. Thereby keeping your base URL the same throughout the whole transaction process.
4) Privacy Policy
Adding a Privacy Policy and associated trust seal to your store and checkout pages is essential to gaining customer confidence and converting visitors into customers. The privacy policy reinforces the fact that you are a dedicated retailer who will keep customer’s information secure and private, without sharing or reselling the information to third parties.
TRUSTe is one of the most recognized privacy organizations, used by top retailers like eBay, Microsoft and Apple. The presence of their seal has been proven to increase order value by at least $10 and sales by over 29%!
5) Security Seals from Reputable Companies
Displaying a reputable security seal like McAfee Secure or VeriSign TrustSeal conveys the message that your business has gone through a validation process and establishes an association with the entity providing the seal.
Some seals illustrate that your company has passed an identity verification process while other may show that a specific, trusted company is handling the payments for your business,
In a way, these seals help provide some assurance to first time visitors who are eager to place an order, but may still have doubts regarding the background of the business.
There are also security seals show that your store is scanned periodically for security vulnerabilities and malware. For example, a service like Verisign’s TrustSeal will perform daily scans of your site and alert you if there are any compromises in the integrity of your site.
Though most of these seals and verifications cost money, their respective companies will usually have plans and options that cater to small and medium size business owners.
In conclusion;
Make no mistake; online security is on every shopper’s mind.
Our research has shown that these five elements, implemented on your 3dcart supported sites, will help increase conversation rates and sales by easing any concerns your visitors may have about your business.
About the Autor:
Gonzalo Gil is the President, Owner and CEO of 3dcart. Gil oversees all aspects of the company’s operations. Gonzalo Gil’s background includes a B.S. in Computer Science with a focus in e-Commerce Infrastructure, with over 12 years of experience as an e-Commerce Engineer and Business Manager. He is considered a leader in the e-commerce industry by thousands of merchants, and has successfully guided 3dcart to a position as one of the top hosted e-commerce solutions in the market.
03
Jun
3dcart Recognized as Visa PCI DSS Validated Service Provider
Joins Short List of Approved e-Commerce Solution Providers for Outstanding Adherence to Security Standards
TAMARAC, Fla., June 3 /PRNewswire/ — Shopping cart software leader 3DCart today announced its inclusion in Visa’s Global List of PCI DSS Validated Service Providers, a comprehensive list of Visa-certified service providers named for passing a rigorous security screening process. Inclusion on Visa’s short and exclusive list helps further validate security measures to protect credit card data and other personal information put in place by 3DCart for local and international online merchants of all sizes. 3DCart was officially validated by Visa as of March 31, 2010.
“Instances of online fraud have pushed stricter regulations on financial transactions that take place on the web,” said Jimmy Rodriguez, chief technical officer for 3DCart. “General PCI DSS compliance is crucial, and verification by Visa serves as a validation that online storefronts are doing everything in their power to protect the personal information of their customers, in turn adding value and increasing brand credibility. Online stores with Visa-approved e-commerce platforms position themselves as cutting-edge within their niches.”
PCI DSS compliance is now required for any service provider that collects sensitive financial information over the internet. The Payment Card Industry (PCI) Data Security Standard (DSS) is crucial for all service providers that collect payment by credit card.
3DCart was officially named PCI DSS compliant by the PCI Security Standards Council on February 26, 2009 following rigorous testing by third-party PCI DSS compliance experts SecurityMetrics. In order to gain compliant standing, twelve stringent requirements must be met or exceeded to help build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks and maintain an information security policy.
To view the complete Visa Global List of PCI DSS Validated Service Providers, visit http://usa.visa.com/download/merchants/cisp-list-of-pcidss-compliant-service-providers.pdf.
About 3DCart:
3DCart (www.3DCart.com) is a complete e-commerce solution for new or existing websites. The company’s services include the tools, advice, support, and technology to manage an entire online operation, so clients can focus on managing their orders. 3DCart is able to design and implement innovative web solutions to meet a company’s specific requirements. Whether clients are looking to update their existing web store or develop a completely new design, 3DCart maintains a flexible approach to ensure they provide the right solution for the company. One monthly fee pays for the store setup, security, design, and maintenance.
23
Mar
The Privacy Payoff and Your Online Business
|
11
Nov
Preventing E-commerce Fraud – International Shipping
One of our forum members, cbsteven, alerted everyone of a new shipping scam:
Just to give you guys that ship internationally a heads up. Over the past few months we’ve seen a new scam.
We ship quite a few packages internationally.. 20-40 per week. You obviously have to be a little more diligent and use more common sense on detecting fraud. This new scam apparently involves a shipping address which is completely not valid, for example:
dnouyoo 1
Surbaiyaa, JAWTM
60265, Hungary
60265 is not a valid Hungarian postal code. A little bit of digging turns out that 60265 is an Indonesian postal code for a city called Surabaya.
I think the scam is trying to bypass sellers that do not ship to Indonesia – which has a high incidence of fraud – and hope that the postal service will detect the address problem and automatically forward it from Hungary to Indonesia.
For some reason JAWTM or some variant has been one of the big red flags. It might be “Jatim” or something similar, but the phonetics are always the same. I have no idea what it means, but whenever I see it on an international order I know it is fraud. This has happened to me about 15 times in the last 6 months.
If you use Authorize.net one thing you can do is enable their Fraud Detection Screen, which is free for the Christmas quarter and after that is $10/month. You can enable several filters to notify you about potential fraud. I do not know if 3DCart supports it fully – they will have to allow orders to be manually approved or rejected if a fraud screen is triggered – but even if not you can set it to simply email you when an order comes through the triggers the screen.
Thanks Steven!
20
May
PCI Compliance – Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Many vulnerabilities and malicious viruses enter the network via employees’ email activities. Anti-virus software must be used on all systems commonly affected by viruses to protect systems from malicious software.
Requirement 6: Develop and maintain secure systems and applications
Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor provided security patches. All
systems must have the most recently released, appropriate software patches to protect against exploitation by employees, external hackers, and viruses.