Only 36% of top UK retailers fully secure online stores

The shopping season is upon us and, like every year, many of us choose to buy online instead of trawling through the shops. But do UK retailers ensure shoppers can trust their websites?

Sectigo, the world’s largest certificate issuer has studied 25 major UK retailers and provided a ranking, according to how effectively they maximise trust with their site visitors. To receive top marks an online shop must present its authenticated identity in a branded address bar and prevent “Not secure” warnings from displaying.

A mere 9 out of 25 top UK retailers earned the best possible ranking for using certificates to optimise browser trust indicators for their sites.

Key to the Sectigo Rating results:

Green = Company branded address bar visible starting on home page; no “Not secure” warnings

Yellow = No company branded address bar on home page; no “Not secure” warnings

Red = No company branded address bar on home page; “Not secure” warnings present

The Extended Validation (EV) SSL certificate is the most complete way to verify the identity of an online business, including a web store. The online equivalent of a stamp of approval, it tells shoppers that the website they are buying from genuinely belongs to a legitimate business, as opposed to a fake created by cyber criminals to steal credit card details or worse.

Furthermore, for the first time this holiday season, all web pages that do not feature an SSL certificate of some type are labeled “Not secure” by Google Chrome, the most commonly used browser around the world. These “Not secure” warnings can cause concern among shoppers and decrease transaction rates.

Tim Callan, Senior Fellow at Sectigo, says:

“Businesses grow when they can inspire trust in their customers. In the age of online shopping, the onus is on every online business to guarantee that their customers are as safe when navigating through their online stores as they are when visiting their physical ones. The easiest and most efficient way to assure them of this is the Extended Validation certificate, which verifies that the website is genuinely operated by the expected online business and not some fraudster trying to cheat you. Businesses that use these certificates optimise their relationships with customers, increasing revenue and adding an essential competitive advantage to their side.”

How can shoppers make sure the sites they visit and shop in are safe?

  • Look for the full company name at the left of the address bar. This information is authenticated and known to be accurate.
  • Always ensure the ‘checkout and pay’ page has a valid certificate, symbolised by a padlock to the left of the URL. Without this, sensitive information including credit card and address details run the risk of being exposed to prying eyes and potentially sold for a profit on the Dark Web.
  • Doesn’t look right? Maybe it’s not! Watch out for suspicious or unusual URL names, dodgy grammar or language errors, and sloppy web design. Surely your trusted retailer would not allow such mistakes; they belong in dangerous copies created by cyber criminals.

Contributor: Tim Callan, Senior Fellow at Sectigo