CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Tech Industry

E-commerce: Better safe than sorry

Visa U.S.A. exec Steve Ruwe warns that e-merchants who view security as a burden are doomed to fail. Bottom line: Security is as fundamental to e-commerce as an Internet connection.

Online retailers are losing nearly half of their potential sales because many consumers are simply afraid to shop on the Internet. Half!

According to Forrester Research, two-thirds of Americans worry about the misuse of personal information submitted online. In 2000, e-shoppers started--and then stopped--millions of online purchases prior to check out. These cancelled transactions were due primarily to concerns about fraud and information theft.

In fact, Forrester estimates that these fears caused Americans to spend an astounding $12 billion less online than they might have otherwise. Why so much trepidation about e-commerce? Is it justified, or are people simply acting irrationally based on popular misconceptions?

The truth is this: E-commerce is safe. Unfortunately, perception is reality.

These fears are real even if the threat is not. Merchants must work aggressively to change widely held beliefs about the Boogey Man who patrols cyberspace and preys on defenseless credit cards and bank accounts. Based on sales figures, it appears that e-merchants have made some headway in their pursuit of new customers.

Despite a flagging U.S. economy, monthly online spending more than doubled over the past year. Statistics indicate that consumer e-commerce totaled $788 million in March 2000. By March 2001, the figure topped $1.8 billion, and most analysts agree that we have only scratched the surface. The convenience, timeliness and cost savings of e-commerce are too compelling for businesses and consumers to ignore.

However, there is still a long way to go.

For e-merchants who hope to survive long enough to turn today's limitless potential into tomorrow's highly profitable reality, it is critical that they eliminate lingering fear and distrust. In the same way that many people fear flying despite the fact that it is far safer than driving, many people will continue to be hesitant about e-commerce until merchants create an environment that not only is safe, but feels safe, too.

The good news for merchants is that the tools they need are available today. Now it's time to deploy them and market them. Just as merchants strive to make their storefronts feel safe and inviting, they must do the same with their Internet sites. For example, in the physical world, banks protect their account holders by issuing passwords for ATM cards. This ensures that only authorized users can access accounts via automated tellers.

Credit and debit cardholders--whose payment cards are used in 95 percent of Internet transactions--would like a similar opportunity to verify their identities before making online payments. At my company, for example, when a participating cardholder makes a purchase from a participating merchant, a pop-up window prompts the customer for a password. This painless exercise adds about five seconds to the check-out process and confirms that customers are who they claims to be.

As usage of payment passwords becomes widespread, stolen account numbers will be rendered useless. What's more, by implementing payer authentication, merchants no longer have to eat the cost of fraudulent payments--a cost that has led many e-merchants to be overly cautious in the past. Another way for merchants to make customers feel comfortable is to demonstrate that they have taken tangible steps to protect payment data. Industry experts say that roughly 70 percent of information theft can be traced to internal compromise.

Banks, security firms, credit card issuers and consumer groups offer certifications that merchants can earn to provide their customers with peace of mind. These programs typically require merchants to take a series of reasonable steps to ensure payment security. This includes deploying firewalls, encrypting stored and transmitted data, maintaining physical security around payment servers, and limiting access to payment data to "need to know" personnel.

The most effective approaches are those that require ongoing focus and evaluation of security measures to assure customers that merchants are keeping their systems current. One of the most widely recognized certifications is the Better Business Bureau's BBBOnline Trustmark Reliability Program.

The bottom line is that security makes good business sense. E-merchants who view security as a burden are doomed to fail. Security is as fundamental to e-commerce as an Internet connection. Consumers have shown their affinity for Internet shopping; now merchants who are serious about making a go of it must take the necessary steps to reassure consumers. The carrot-dangling in front of these merchants is the other half--the other half of all those transactions that never happened because customers weren't convinced their information would be safe.

In these tight times, I know more than a few companies that could benefit by doubling their sales.