Website Verification

Learn about how you can make your website secure and safe for your customers

  • Website Verification Poll

  • Mybloglog

    Join My Community at MyBloglog!
  • Check out my website verification online magazine:

  • Add my blog to:

    Add to Technorati Favorites

Posts Tagged ‘trust guard’

All about Trust Seals

Posted by websiteverification on December 16, 2009

Hopefully you are considering trust seals for your website if you are an online business owner. If so, you may not be sure which trust seals you need.  Where you even aware that there are different types of trust seals? Trust seals, small images placed on a website to verify trust, come in different styles and types.  I will explain about three different trust seals that are available to website owners.

A Privacy Seal, provided by companies like Truste, prove to customer that you have privacy policies in place that will protect their information.  Another type of trust seal, a business seal, proves to customers that business is verified by a third party.  The third party verifies things such as your companies address, phone number, and email.  This process proves that your company is legitimate and truthfully portrayed.  The third type of trust seal is a security seal.  A security seal tells your customers that you are using a secure connection (SSL) when processing their payments.

When you have decided which type of seal you need then you need to decide which provider to go with.  There are many providers that offer seals in a variety of costs and descriptions. When deciding, the best thing to do is compare their products and prices to determine which would suit your business best. By placing trust seals on your website, you will most likely see an increase in sales due to an increase of customer trust.

After purchasing your trust seals, be sure to keep them current.  This is the most important thing when it comes to trust seals. Each seal includes an active logo that appears in the image.  It needs to be current each day. Otherwise, the seals are worthless.

So, consider putting privacy seals (from a provider such as Truste), business seals, or security seals on your website.  You will be glad that you did!

Posted in website verification | Tagged: , , , , , , | 1 Comment »

Website Security Ideas for Shoppers

Posted by websiteverification on December 16, 2009

Online shopping has become more popular over time because of the ease of shopping from the comfort of your own home. Although online shopping has become a common activity of many folks, research has shown that a lot of people still refuse to purchase items over the internet.  This is almost certainly due to the fact that customers do not feel safe when shopping on the internet.  Below I have listed some solutions for online shoppers who want to increase their safety while purchasing on the internet. It all comes down to proper website security.

Set up anti-virus software, a firewall, and anti-spyware software on your computer – You must have this to protect your computer and system against viruses that may harm or steal information off of your computer.  Check for updates to your software continually and choose a legitimate business to download or purchase the software from. In addition, you should consider applying the highest level of security available from the software that still gives you the functionality that you need.

Know the websites you are doing business with –When shopping on the internet, be as careful as you are when shopping in town. Make sure the website is owned by a business that you trust or have heard about from someone you trust.  Also, look for trust seals, or trust marks.  Online businesses that have been verified by a third party may display trust marks on their website proving that they are current and up to date with website security. If you are visiting a site for the first time, try and find out their physical business address and phone number on the website. Find out their return and exchange policy, and definitely take a look at the privacy policy.

Don’t forget to read the website’s privacy policy – Anytime you are leaving your personal or financial information with a website, you should read the privacy policy. You will want to know that your private information is being stored and used in a way that is legal and safe.

Make use of the website’s safety features – A lot of extra security is added to your transaction if you utilize the website’s safety features, such as passwords, personal questions, etc.

Never reply to emails that request personal or financial information from you – Attackers will try to get hold of your personal information by pretending they are a legitimate business and asking for you to confirm personal account information.  Any business that is legit will not ask for this type of information through email.

Make sure your information is being encrypted – Most websites use SSL (secure sockets layer) to encrypt information so that it cannot be stolen while in the process of the transaction. The way to know if the website is using a SSL is the URL will begin with https, instead of http.  Also, there should be some sort of a padlock icon.

Make purchases online with a credit card rather than a debit card– There are specific laws that limit your legal responsibility for falsified credit card charges.  You may not have the same level of protection if you use your  debit card.

Check your credit card statements regularly – Keep a good record of all your transactions at the time of purchase and then compare them to your bank statements.  If there are any discrepancies, report them at once.

These are just a few solutions to help keep you safe when you shop on the internet. It is important that you use these tips for website security when shopping online.

Posted in website verification | Tagged: , , , , , , , | 2 Comments »

Split Testing with McAfee Secure Trust Seals

Posted by websiteverification on November 2, 2009

There are several ways for online businesses to boost conversion rates. You may be able to think of some of these ways, but I have a couple more that you should consider.  Trust seals from businesses such as McAfee Secure will help boost sales and conversion rates. This is because when your customers see the trust seals on your site, they know that they can trust it more than other sites, because it has been verified by a third party.

In doing some research, I have found another great way to improve your conversion rate. This is split testing.  By using split testing, a business can determine the best spots on their websites to put things, including trust seals.  Simply changing the color of a link, or putting it on the opposite side of the webpage, can truly increase the amount of people that click on it.  This does seem pretty amazing, but people have short attention spans, and if they can’t find what they are looking for right when they want it, they will just go to another site. Split testing will show you how effective your site is and will help you to be able to get the highest conversion rate possible.

The most frequently used type of split testing is A/B split testing.  A/B split testing lets you compare two versions of your website against each other.  You will be able to determine which version is most effective. Many businesses have used split testing to test the effectiveness of trust seals. They compare a version of their site with trust seals against one without. The outcome has been reported is that the use of trust seals has doubled conversion rates.  This is great results, and totally worth it.

So, if you are looking to improve your conversion rate, think about trust seals from companies such as McAfee Secure.  And don’t forget to try split testing as well.  Not only will you know how to better arrange your site so that customers will want to visit, but you will see the results of how trust seals can help.  Good luck!

Posted in mcafee secure, website verification | Tagged: , , , , , | 1 Comment »

BBB Online Trust Seals for Website Security

Posted by websiteverification on October 15, 2009

The ultimate goal of the BBB Online is to generate a standard of trustworthy business practices. The BBB online knows customers want to be sure that they are shopping on websites that are safe and secure. They don’t want their private information falling into the wrong hands.  The BBB online and trust seals are the answer.

The BBB online has set up some recommendations to help online business owners stay on track.

Be Honest in Advertising – Follow an honest standard of advertising and selling.

Be Transparent – Plainly identify the nature, place and ownership of your business.  Obviously reveal all policies, guarantees and procedures that influence a customer’s decision to buy.

Be Responsive – Address marketplace disputes speedily, professionally, and honestly.

Honor Promises – Obey all written agreements and verbal representations.

Safeguard Privacy – Safeguard all data collected against mishandling and fraud.  Gather personal information only as needed and respect the preferences of customers regarding the use of their information.

Embody Integrity – Approach all business dealings, marketplace transactions and commitments with integrity.

Tell the Truth – Truthfully represent products and services, including clear and satisfactory disclosures of all material terms.

Build Trust – Maintain a positive track record in the business world.

The BBB online wants to promote trust and confidence on the internet by providing trust seals.   A trust seal is an image that is placed on a business website to show proof that the website has been verified and meets the program standards for good business practices online.  As an online business owner, you should have trust seals posted on your website to prove to your customers that you are a legitimate business. Look for trust seals, such as the BBB online, to help your online business.

Posted in BBB, website verification | Tagged: , , , , | Leave a Comment »

PCI DSS Fines

Posted by websiteverification on April 28, 2009

Ok, so we all know about the PCI DSS (Payment Card Industry Data Security Standards) by now. But some of you may be wondering what the PCI DSS fines are if you do not become compliant. The fines can be pretty steep as I will explain below, but not only will you risk huge fines if you aren’t compliant, you are putting your security system and customer information at risk.

All businesses who store, transmit or process credit card data are required to follow the PCI DSS, and should have become PCI compliant by the end of 2007. If you are one of these businesses and are not yet compliant, you are constantly at risk of losing sensitive cardholder data, which will most likely result in PCI DSS fines, legal action and bad publicity. Organizations that fail to comply face fines of up to $500,000 if the data is lost or stolen and risk not being allowed to handle cardholder data.

High-status cases concerning big corporations have hit the headlines in the last couple of years. The Payment Card Industry has threatened huge fines against some larger merchants of up to $25,000 per month until compliance is obtained. In the high-profile case of TJX (owner of T.J. Maxx, Marshalls, Home Goods and A.J. Wright retail chains), the company reported spending $202 million because of the PCI violation that compromised the cardholder account information of as many as 40 million customers. The money is being spent to handle more 20 lawsuits brought against it by banks and consumers in the U.S. and Canada and to pay settlements with credit-card associations.

So don’t risk it. If you are not yet PCI compliant get there now. It is not as hard as it may seem, and well worth the time and money you put into it. If you don’t want to risk those pesky PCI DSS fines, you know what to do!

Posted in pci compliance, website verification | Tagged: , , , , , , , , | 4 Comments »

The PCI Security Standards Council

Posted by websiteverification on March 10, 2009

I have been talking about the PCI Security Standards a lot in my posts. I have gone into a lot of detail about what the PCI Security Standards are, but I thought it might be helpful to let you know where they come from. In doing all my research one of my main sources has been the PCI Security Standards Council’s website (found at https://www.pcisecuritystandards.org/). They are kind of the main resource and enforcer of PCI compliance and PCI scanning. I thought it might be helpful to everyone to let you know a great place to find out more information about the PCI Security Standards.

The PCI Security Standards Council’s goal is to improve security for payment card accounts by bringing more education and awareness of the PCI Security Standards to merchants and businesses around the world. The PCI Security Standards Council was founded by the five major credit card companies American Express, Discover, JCB International, MasterCard, and Visa.

To give you some idea of how the PCI Security Standards Council runs on a daily basis, I have included some information about the different areas of the council. The PCI Security Standards Council is headed by a policy-setting Executive Committee, consisting of representatives from the five founding payment brands. Operational decisions are made by a Management Committee, as well as from the payment brands. An Advisory Board, drawn from participating organizations, offers input to the organization and feedback on the progress of the PCI Data Security Standards. A Marketing Working Group, Technical Working Group, and a Legal Committee, whose participants are drawn from the payment brands, deal with their respective activities.

So if you are ready to make your business PCI compliant, reading about the PCI Security Standards Council is a great place to start. You can find a lot of great useful resources and information on their site to help you know what you need to do.

Posted in pci compliance, website verification | Tagged: , , , , , , , , | Leave a Comment »

Are you PCI Compliant?

Posted by websiteverification on January 24, 2009

What does it mean to be PCI compliant? Many people find the subject confusing and overwhelming. Nevertheless, PCI compliance is super important. It used to be optional for smaller businesses, but with hackers becoming more clever and bold, it is required for all merchants who process credit card transactions no matter how few, to become PCI compliant.

Not only is it important for businesses to be PCI compliant, but it is important that they become PCI compliant as quickly as possible, in order to respond to the increasing concern of credit cardholders about their security. Here a few steps to follow in order to get you started with PCI compliance.

First, determine your merchant level. All merchants fall into one of four levels as defined by the number of transactions the business processes over a year. For example, a level 4 merchant is classified as a business that processes fewer than 20,000 transactions per year, and is the most common small business merchant level. Once you know your merchant level, you will know more about exactly what is required of you.

Next, you should complete the PCI DSS Self Assessment Questionnaire (SAQ). The SAQ is a tool used to assist merchants and service providers in evaluating their compliance.

Finally, you should appoint a qualified vendor to perform the required network scans of your system in order to check for vulnerabilities. This is known as PCI scanning, and Trust Guard now offers this. I have found that they are really affordable compared to other companies, and not only that, they also offer third party verification and trust seals.

These are just a few of the steps you can take to get started with your PCI compliance. You will want to check with your acquirer or bank in order to find out more specific things you should do to become PCI compliant. It is super important, and will probably even attract more customers to your website as they will know that their information is safe. You can’t lose!

Posted in pci compliance, website verification | Tagged: , , , , , , , | 1 Comment »

The Importance of PCI Scanning

Posted by websiteverification on January 13, 2009

Lately I have been doing a lot of research into PCI scanning and PCI compliance. It can be quite a confusing subject with a lot of information that seems overwhelming. I would like to share with you just same basics that I have found about PCI scanning so you might have some of your own questions answered.

You are required to follow PCI compliance if your business or website is processing, receiving or storing credit card information in any form. PCI Scanning comes in as part of this compliance. PCI scanning is when an approved scanning vendor scans IP addresses that the public has access to that have to do with your website or the transaction process.

The type of PCI scanning and whether or not you need it depends on which merchant level you belong in. There are four different merchant levels, and basically, only one of these levels gives you the option to have PCI scanning, and even then there are additional things you need to look at.

So what it basically comes down to is that PCI scanning is important. Whether it is required of you or not, it is definitely a good idea. The best way that you can gain more customer trust is by being PCI compliant.

One company that I found to be efficient and affordable is Trust Guard. They offer quarterly and daily PCI scanning and loads of information about becoming PCI compliant. The best thing about Trust Guard is that they also offer trust seals so that your customers will know that you have completed the PCI scanning and are up to date. When a customer is sure that they can trust your site with their personal information, they will be sure to come back time and again. This will result in more sales for you.

The topic of PCI scanning can be a bit complicated, but hopefully this article has helped answer a few questions. PCI scanning is important and is definitely worth looking into if you own or are planning on owning a website that processes credit cards.

Posted in pci compliance, website verification | Tagged: , , , , , , , | 1 Comment »

PCI Compliance

Posted by websiteverification on January 7, 2009

You may be wondering exactly what it means to be PCI compliant. I have been wondering the same thing, and so I have been doing a lot of research on the confusing subject of PCI compliance. Allow me to give you the basics about what I have learned.

First, PCI DSS stands for Payment Card Industry Data Security Standards. These are technical and operational requirements that were created by the Payment Card Industry to help businesses that process card payments prevent credit card fraud, hacking and other security vulnerabilities and threats. These standards are part of your merchant agreement that you sign when you choose to process card payments. In order for a business to be PCI compliant, they have to meet each of these requirements.

The 12 requirements of PCI Compliance are:

  1. Install and maintain a firewall configuration to protect data.
  2. Do not use vendor supplied defaults for system passwords and other security parameters.
  3. Protect stored data.
  4. Encrypt transmission of cardholder data and sensitive information across public networks
  5. Use and regularly update anti virus software.
  6. Develop and maintain secure systems and applications.
  7. Restrict access to data by business need-to-know.
  8. Assign a unique ID to each person with computer access.
  9. Restrict physical access to cardholder data.
  10. Track and monitor all access to network resources and cardholder data.
  11. Regularly test security systems and processes.
  12. Maintain a policy that addresses information security.

Second, in addition to these 12 requirements, you most likely will be required do have quarterly or daily scans of your site performed to protect it from vulnerabilities. PCI Scanning entails having an approved scanning vendor (otherwise known as an ASV) scan any IP addresses that the public has access to that have to do with your website or the transaction process.

Last but not least, you should check with your acquirer (an acquirer is the company with whom you signed up with to process cards) to find out any more specific requirements that may be expected of you. If you are confused or unclear about your liability as a merchant, verify it with your acquirer to find out what they require from you to be PCI compliant.

One company that I found to be affordable for PCI compliance and scanning is Trust Guard. They are now offering PCI Scanning as a new service starting January 1, 2009.

Posted in pci compliance, website verification | Tagged: , , , , , | 2 Comments »

Hackersafe and PCI Scanning

Posted by websiteverification on October 14, 2008

Whether you are thinking about starting a website, or you already have one, there are some things you should take into consideration. Customers are much more cautious these days about shopping online. You want to be sure they know that your website is safe and secure. This is how you get more business, which means sales. Companies like Hackersafe (now known as McAfee Secure) offer website owners the opportunity to provide a safe and secure environment for their customers.

If you are planning on making some serious sales, you are probably going to be accepting credit cards. This means there is a certain standard of security that your website will have to meet. This is known as the “Payment Card Industry Data Security Standard” (PCI DSS). Large businesses that accept credit cards, and store customer information need a scan of their system’s firewalls to make sure they are PCI compliant. It is important to note, that businesses that run less than 20,000 transactions per year are not required to be PCI certified. In addition, almost all major payment gateways such as Authorize.net, Paypal, etc. are already PCI Certified and are scanned regularly for vulnerabilities in order to process credit cards on your behalf.

Hackersafe offers website owners daily PCI security scans for vulnerabilities, dangerous content and links that expose customer’s computer and personal information to malicious use. Your customers will know this because of a seal displayed on your site that certifies it has been scanned and verified. Customers will know that your site is safe, which means increased sales.

The Hackersafe (McAfee Secure) PCI certification program starts at just $319 per year and includes things, like unlimited manual scans, full vulnerability remediation support, online assistance, telephone support and more.

So whether you are a small business owner or a larger company, online security is a must. You definitely need to consider third party verification, such as Hackersafe. Not only will you increase the trust and security of your customers, but you will increase sales as a result.

Posted in Hackersafe, pci compliance, website verification | Tagged: , , , , , | Leave a Comment »