Online Trust Alliance Ranks Consumer Security
The Online Trust Alliance (OTA) recently released the results of their 2013 Online Trust Honor Roll report. The OTA is a non-profit “with the mission to enhance online trust, while promoting innovation and the vitality of the internet.” A noble goal, and one the organization takes seriously. In order to compile the Online Trust Honor Roll report, they reviewed over 750 domains and privacy polities, over 10,000 web pages, and more than half a billion emails. They reviewed retailer sites, social sites, FDIC member banks and government sites. The results were, on the whole, quite encouraging.
Social media sites, including dating sites and gaming sites, took top honors, led by Twitter, which had the highest overall composite score. Among retailers, American Greetings took first place, but many others were honored. What standards did companies have to meet in order to make the honor roll? OTA focused on three broad areas of online security: Domain, Brand and Consumer Protection; Site, Server and Infrastructure Security; and Data Protection and Privacy. In order to make the honor roll, a company had to score a total score of at least 80% of all possible points, including at least 55% of possible points in each of the three categories. This latter criterion indicates a recent change; in last year’s audit, a company that performed poorly in one or two of the categories could still make the honor roll as long as its total score was high enough. This year’s change ups the pressure on companies, raising the overall honor roll standards and sending home the message that a site cannot afford to neglect any of these three categories.
So, Twitter and American Greetings did very well. What other retailers made the list? Quite a few. Here’s a sampling: Amazon.com Inc., Overstock.com Inc., Sketchers USA Inc., Netflix Inc., LivingSocial Inc., Hulu LLC, Lamps Plus Inc., Microsoft Corp., Big Fish Games Inc., and Edible Arrangements International.
Retailers weren’t the only kind of companies reviewed, and for business owners they might not be as big a concern as another category: FDIC Banks. Twenty-five percent of the FDIC 100 made the honor roll. Not a super impressive number, but it indicates a significant improvement over last year, when only 22% made the list. You might be thinking that a 3% improvement doesn’t sound very impressive, but remember that the honor roll’s criteria became more difficult between years. The OTA raised the bar for 2013 and because of this wasn’t expecting the number of companies making the honor roll to increase at all. However, this trend of increased compliance was reflected not only among banks, but across the board—this year 32% of all companies audited achieved honor roll status, compared to last year’s 30%. Again, this is an impressive increase considering OTA’s heightened standards.
But banks did not perform as well as retailers and social media sites. Why is this? The answer is actually fairly straightforward: most banks are old. Newer companies and sites tend to be relatively nimble and open to change. Banks are ancient behemoths by comparison and they’re saddled with decades of baggage, including “complex legacy sites and data centers which impede their ability to quickly adopt many of the best practices.” For example, OTA reports that one of the major reasons banks failed to make the honor roll was because many had inconsistencies between their written privacy policies and their actual data collection. This is definitely the kind of issue that can—and hopefully will—be rectified. And improvement does seem to be the trend, that’s why the important take away here isn’t necessarily that banks are lagging behind social media sites—though yes, that’s a problem—but that they’re improving.
Overall, the improvements between this year and last year are a good sign. As Craig Spiezle, the president and executive director of OTA, had to say, “The 2013 report demonstrates how business leaders have recognized the need to move from compliance to stewardship. This is critical to consumer trust and to help stem the call for more regulation. The Online Trust Honor Roll report provides prescriptive and actionable guidance for businesses to move from a station of inaction to one which will enhance consumer protection.”
The importance of protecting a customer’s information is something you should always take into account in your own business. As much as people like to Instagram their every meal and hashtag their every #cleverthought, privacy and security remain priorities. Customers are far more likely to take their business to companies they trust. So make sure they can trust yours.
(Point of Sale News)
… with Point of Sale News. CAP also believes strongly in protecting retailers by helping them become educated on the latest issues and requirements for the Payment Card Industry (PCI), recognizing …
(Point of Sale News)
A database hack is a huge public relations nightmare for business owners, and for good reason. Customer confidence is based on as much as it is on service and product quality. Once is …
(Point of Sale News)
… at the law firm of BakerHostetler, provides proactive compliance counseling on and security issues. He guides companies through data breach incidents, especially incidents involving payment …