Should Your Customers Trust You?

As ecommerce volume rises during the holidays, so does online fraud. It's a significant problem, and one that is beginning to affect smaller merchants more. I spend a lot of time thinking about how to build consumer confidence in retail ecommerce sites. I generally assume that a merchant has good fraud prevention processes in place, but that is not always true.

If you're not sure you're doing everything necessary to protect your customers and your business from fraud and theft, it's time to do an audit.

Here are some basics:

• Don't store credit card numbers. After the order is processed, get rid of them.
• Don't rely on automated approvals for payment. An experienced staffer will outperform most automated fraud prevention systems.
• Consider getting 3rd-party verification of your fraud prevention measures, but don't be fooled into thinking that such verification, by itself, is all you need to do. I've seen merchants who pay for a "HackerSafe" badge on their website do nothing else to protect themselves. Bad idea.
• Do you promote gift certificates? These are popular targets for fraud.
• Does your site, webhost and shopping cart meet the latest Payment Card Industry (PCI) Data Security Standard?
• Is your shopping cart truly secure? Do you use the highest level of SSL encryption? Has your site and your local area network been scanned for vulnerabilities?
  

If you or someone in your company isn't very clear on answers to these kinds of questions, you could be vulnerable. Large retailers have staff and budget dedicated to fraud prevention, but even small retailers can protect themselves and their customers with the right preparation.

Resources:
Merchant Risk Council (a nonprofit antifraud group that represents about 100 online retailers.)
ScanAlert (Sells the HACKER SAFE® ecommerce security certification service)
Thawte (Sells authentication, encryption and certification authority services)