The internet is endorsed to have condensed the world for suppliers and buyers, given them ideal platform to carry out business with each other cost-effectively and proficiently. While this distance has abridged significantly, there still lies a breach in trust. The primary reason is the high value and size of B2B transactions besides insubstantial nature of this medium.
It is not the actual security of any page that matters the most to users as they have little to no technical understanding of SSL/TLS encryption or even how forms are submitted. Rather it is the professed security that is of significance to this vast majority of users.
As a matter of fact, 79% of online shoppers look forward to see some sort of seal on online shopping sites’ home page. Result of which is, around 70% of online shoppers cancel their order because they did not “trust” the transaction.
About Trust Seal:
A trust seal is a seal given by an entity to businesses or website for display.
Generally the intention is exhibit to customers that this business is concerned with business identity and their security.
The prerequisites for the displaying merchant differ, but normally include a commitment to good security practices or to make use of protected methods for transactions or most prominently verified subsistence of the company. Trust seals come in several of forms, which include business verified seals, data security seals and privacy seals and are obtainable from diverse companies, for a fee. A Trust seal can be either passive or active. Most seals are authenticated when they are created and remain so for a definite duration of time, post expiration of which the process/business has to be re-validated.
Different type of Trust Seals:
1) Business Identity Seal:
Verified Existence Seal also known as a Business identity seal is one which authenticates the physical, legal and actual subsistence of the business by validating numerous parameters such as contact details, statutory details, management details, etc. Business identity Trust seals add weight to the profiles of the deployers and boost up confidence of potential clients. A most important advantage of a verified Trust seal is it corresponds to due diligence certificate for the business.
2) Security Seal:
Security Trust Seals are the most prominent and popular type of trust seal verification. There are two different types; Site Verification and Server Verification. Server Verification services carry out daily scans on the hosting server. These scans test to make sure patches have been applied or that the server is otherwise not susceptible to attacks. Website Verification services make sure that customer is protected under normal state of affairs by testing for general vulnerabilities such as XSS and SQL Injection.
3) Privacy Seal:
A privacy seal compliments a company with a privacy statement suitable for its business practices. It also assists the company to recognize potential privacy threats that would other-wise go unnoticed.
Criticisms:
Third party authentication from a trustworthy source and a strategically placed trust seal may guarantee customers about the security and safety. Some trust seals, such as McAfee Hacker Safe, on the other hand, have been condemned as not doing enough to guard the security of visitors to a site, such as because they on purpose mark as ‘Hacker Safe' websites well-known to McAfee to have an XSS susceptibility. This is fairly probable because most seals are a simple image that a hacker can easily copy and paste onto their own site. Such tumble highlights the significance of anti-XSS protection security procedures. Trust seals can provide a fake sense of security as they are awarded at a certain point of time, except when the website is scanned on a daily basis and the scan date is displayed. When a site is not scanned on daily basis, a alteration in technology and loopholes are not updated along with the trusted seal, so it does not symbolize flaws in the updated technology. The iconographical value is too gigantic to mislead customers ignorant about these changes. The FTC has fined fraudulent seal companies that offer no real security benefit.
Providers:
As of couple of years ago, in the US market the TrustE, BBB On-Line, VeriSign and WebTrust were most commonly identified as prominent players. Also noteworthy are: McAfee, DigiCert, GeoTrust, Norton, Cyscon and MerchantCircle.
All of the above offers a “For Fee” yearly subscription service, permitting the Trust Seal to be positioned on a subscriber's website for the subscription time.