Tag Archives: security

Quick Wins For Improving Performance And Security Of Your Website

When it comes to building and maintaining a website, one has to take a ton of things into consideration. However, in an era when people want to see results fast, while at the same time knowing that their information online is secure, all webmasters should strive for a) improving the performance of their website, and b) increasing their website’s security.

Quick Wins For Improving Performance And Security Of Your Website

Both of these goals are vital in order to run a successful website. So, we’ve put together a list of five technologies you should consider implementing to improve both the performance and security of your website.

The post Quick Wins For Improving Performance And Security Of Your Website appeared first on Smashing Magazine.

Read the article – 

Quick Wins For Improving Performance And Security Of Your Website

A Complete Guide To Switching From HTTP To HTTPS

HTTPS is a must for every website nowadays: Users are looking for the padlock when providing their details; Chrome and Firefox explicitly mark websites that provide forms on pages without HTTPS as being non-secure; it is an SEO ranking factor; and it has a serious impact on privacy in general.

A Complete Guide To Switching From HTTP To HTTPS

Additionally, there is now more than one option to get an HTTPS certificate for free, so switching to HTTPS is only a matter of will.

The post A Complete Guide To Switching From HTTP To HTTPS appeared first on Smashing Magazine.

Original article:  

A Complete Guide To Switching From HTTP To HTTPS

Jekyll For WordPress Developers

Jekyll is gaining popularity as a lightweight alternative to WordPress. It often gets pigeonholed as a tool developers use to build their personal blog. That’s just the tip of the iceberg — it’s capable of so much more!

Jekyll For WordPress Developers

In this article, we’ll take on the role of a web developer building a website for a fictional law firm. WordPress is an obvious choice for a website like this, but is it the only tool we should consider? Let’s look at a completely different way of building a website, using Jekyll.

The post Jekyll For WordPress Developers appeared first on Smashing Magazine.

Visit link:  

Jekyll For WordPress Developers

How To Secure Your Web App With HTTP Headers

Web applications, be they thin websites or thick single-page apps, are notorious targets for cyber-attacks. In 2016, approximately 40% of data breaches originated from attacks on web apps — the leading attack pattern. Indeed, these days, understanding cyber-security is not a luxury but rather a necessity for web developers, especially for developers who build consumer-facing applications.

How To Secure Your Web App With HTTP Headers

HTTP response headers can be leveraged to tighten up the security of web apps, typically just by adding a few lines of code. In this article, we’ll show how web developers can use HTTP headers to build secure apps. While the code examples are for Node.js, setting HTTP response headers is supported across all major server-side-rendering platforms and is typically simple to set up.

The post How To Secure Your Web App With HTTP Headers appeared first on Smashing Magazine.

Visit site – 

How To Secure Your Web App With HTTP Headers

Content Security Policy, Your Future Best Friend

A long time ago, my personal website was attacked. I do not know how it happened, but it happened. Fortunately, the damage from the attack was quite minor: A piece of JavaScript was inserted at the bottom of some pages. I updated the FTP and other credentials, cleaned up some files, and that was that.

Content Security Policy, Your Future Best Friend

One point made me mad: At the time, there was no simple solution that could have informed me there was a problem and — more importantly — that could have protected the website’s visitors from this annoying piece of code.

The post Content Security Policy, Your Future Best Friend appeared first on Smashing Magazine.

Source:  

Content Security Policy, Your Future Best Friend

The Aesthetic Of Non-Opinionated Content Management: A Beginner’s Guide To ProcessWire


Systems for managing content are more often than not rather opinionated. For example, most of them expect a certain rigid content structure for inputting data and then have a specific engraved way of accessing and outputting that data, whether or not it makes sense. Additionally, they rarely offer effective tools to break out of the predefined trails if a case requires it.

The Aesthetic Of Non-Opinionated Content Management: A Beginner’s Guide To ProcessWire

ProcessWire is a content management system (CMS) distributed under the Mozilla Public License version 2.0 (MPL) and MIT License. It is designed from the ground up to tackle the issues caused by exactly this kind of opinionatedness (which, inevitably, results in frustrated developers and users) by being — you guessed it — non-opinionated. At its heart, it is based on a few simple core concepts and offers an exceptionally easy-to-use and powerful API to handle content of any kind. Let’s get right into it!

The post The Aesthetic Of Non-Opinionated Content Management: A Beginner’s Guide To ProcessWire appeared first on Smashing Magazine.

Visit link: 

The Aesthetic Of Non-Opinionated Content Management: A Beginner’s Guide To ProcessWire

Web Development Reading List #117: Storytelling, Security in Devtools and 350ms Tap Delay


What’s going on in the industry? What new techniques have emerged recently? What insights, tools, tips and tricks is the web design community talking about? Anselm Hannemann is collecting everything that popped up over the last week in his web development reading list so that you don’t miss out on anything. The result is a carefully curated list of articles and resources that are worth taking a closer look at. — Ed.

Web Development Reading List #117

The end of the year is near and some people are enjoying their well-deserved holidays already. For others, the pressure increases when managers or clients want to finish a project before Christmas. And then, the Christmas and New Year celebrations — so many things to prepare, to buy, to think of. I hope you either belong to the ones who can enjoy their vacation already or that you can stay calm while having a stressful time. Try to take your time with friends and beloved ones and enjoy some moments of silence.

The post Web Development Reading List #117: Storytelling, Security in Devtools and 350ms Tap Delay appeared first on Smashing Magazine.

Original post: 

Web Development Reading List #117: Storytelling, Security in Devtools and 350ms Tap Delay

Importance of Trust in eCommerce and How to Build Trust on Your Website

I’ll go out on a limb and assume that you are doing some sort of business online.

That is great. Because eCommerce is booming as expected. Online sales are set to grow across the world, while store-based sales are on a decline.

Growth of Online Sales

Yet, 2 out of every 3 shopping carts get abandoned. Across the entire eCommerce landscape, that amounts to 5 trillion dollars in lost sales.

So what’s going wrong?

73% consumers feel that shopping online is riskier than shopping offline.

Taylor Nelson Sofres’s 2006 survey showed that customers cancel 70% of online purchases because of lack of trust. Since that time, users have only become more aware of fraudulent practices. Trust has become even harder to earn.

The onus is on site owners to create trust on their eCommerce website.

I’ll be honest with you. This is a long post. You can jump sections using the navigation links right below.

Introduction: What is Trust and its Role in eCommerce?
What Factors Influence Trust in eCommerce?
Factor #1: Trust Seals and SSL Certificates
Factor #2: Contact Information
Factor #3: Customer Reviews and Testimonials

At the end of each section you’ll also find a list of actionable tips to implement and improve the trust factor of your eCommerce website.

What is Trust And Its Role in eCommerce?

Understanding the nature of Trust is important. The problem with common words like ‘trust’ is that we all believe we understand it. ‘Trust’ in at least that sense, is taken for granted. That makes it all the more critical to establish a meaning that we understand the same way – a common frame of reference, if you will.

Mayer et al (1995) explains trust this way

The willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party.

Three factors contribute to the state of trust: the chance for a gain, chance for a loss and an uncertainty regarding the matter.

What Creates Trust - Image

Let me bring this blog article itself into context. The expected gain from this article is deriving actionable knowledge about how to improve the trust factor on your eCommerce website. The potential loss is of time that could be used doing something else. The uncertainty is if the article will provide the value or not.

So if you are still reading this article, it means that you perceive that the probability of a gain (knowledge, insights) is more than the probability of loss (time, opportunity cost) even though you really can’t be certain. Thanks for trusting us, we won’t disappoint.

It’s important to understand that trust is not a choice, but an underlying psychological state that can be influenced.

In the context of eCommerce, trust is as big a factor as anything. The reason a user decides to visit your page is because of trust. Every conversion that occurs on an eCommerce page is a result of trust. Conversion Rate Optimization experts concern themselves with these problems:

  • Increasing motivation
  • Reducing anxiety
  • Reducing friction

Improving the trust factor of your website helps with each of these endeavors.

What Factors Influence Trust in eCommerce?

A survey by eConsultancy asked respondents this question:

If you are shopping from a retailer you don’t know well, how would you decide whether to trust the website?

Here’s what they found.

Graph: Role of Trust in Buying Decision

We’ll take the top 3 factors and rip them down to the bone and leave you with immediately actionable insights at the end of each section.

#1 Trust Seals and Security Certificates

In a survey conducted by Mathew at Actual Insights, we found reason to believe that trust seals really influence the buying decision of users.

Role of Trust Seals in Consumer Decision

An overwhelming majority of 61% respondents have cancelled a purchase because trust logos were missing on the website.

Before we move on, let’s also understand what these terms are.

What is a trust seal/badge?

Examples of Trust Badge

A trust seal on a website is a 3rd party badge shows that the website is legitimate. It is important to note that often trust seals by themselves do not indicate any technical security. Rather, they are simply a certification of the company.

What are SSL certificates?

SSL Certificate Badges

In contrast to trust seals, SSL certificates indicate actual technical security. They serve to show that there is a secure connection between the browser and the web server and they guard against network eavesdropping.

So you understand trust seals and SSL certificates and can even differentiate between the both of them. But what matters most is if your users understand it or not.

A 2005 study conducted by TNS, revealed that

  • 78 percent of online shoppers said that a seal indicates that their information is secure
  • Only one in five shoppers did not know what purpose trust seals served

Consumers are very aware of trust seals and understand what they represent.

There, trust seals do indeed work – a clear majority of people are aware of it and it plays an important part in deciding the trust your eCommerce site evokes. It’s been 10 years since the study and users have only become more internet-savvy and aware of trust seals now.

There are many kinds of trust seals out there.

Which Trust Seals Work Best?

Baymard conducted a research asking more than 1000 respondents,

“Which badge gives you the most sense of trust when paying online?”

Here is the result:

Which Trust Seals Work Best?
Here’s what was most interesting.

The second, third and fourth most trusted seals are trust badges where the rest are all SSL seals, including Norton that came in first, in terms of the trust they evoke. Interestingly, we find that users do not necessarily differentiate between trust badges and SSL badges.

Users are not as interested in the technical implications of the badges as much as the perceived sense of security the badges evoke.

Baymard notes that the two most trusted seals — Norton and McAfee — are anti-virus software brands. This shows that users naturally associate ‘security’ with these brands. The reason for this is that these brands are associated with ‘security’ in their more popular avatar as well — that of anti-virus software.

Does this mean having any trust seal is better than not having them at all?

Not really.

Recognition Precedes Presence

In the actual insights survey we already referred to, another interesting fact came to light.

Study: Recognition precedes Presence

A staggering 76% reported having cancelled their purchase decision because they didn’t recognize the trust logo.

The results suggest that your best bet is to have trust seals that are immediately recognizable.

But here is the caveat: Some trust badges are not globally recognizable but are still effective in improving the trust factor and sales. For instance, House of Kids added an e-mark badge (certifies ethical conduct of Danish businesses) to their site and reaped a 32% jump in conversions. The e-mark badge is relevant only to Danish businesses but that doesn’t stop it from being effective.

Remember: there are no rules to this game. The only best practice is to test.

So What Trust Seals Should You Use on Your eCommerce Platform?

As of 2012, 89% of brands were not using trust badges to bolster users’ trust. This statistic reveals the enormous gains that brands can achieve by acting fast and incorporating trust badges on their sites.

Based on its research, Baymard suggests that site owners include a

  • Norton badge, implying an encrypted connection
  • McAfee badge, indicating non-infected hacker-free site
  • A BBB or TRUSTe badge that shows good customer relations

Such a combination, they believe, will cater to all kinds of users — technical and non-technical. A technically sound user will be able to differentiate between these badges and the trust value they imply on three different areas, while a non-technical user will find three recognizable trust signals.

Apart from these trust badges, there are many others that website owners employ. A trust badge could be as simple as an “authorized dealer” badge. For instance, Express Watches added a “Seiko Authorized Dealer Site and achieved a 107% increase in sales.

Express Watches : Usage of Trust Seal

Then there is Bag Servant that improved conversions by 72.05% by including a WOW badge in its header.

Use of Trust Seal on Bag Servant

It is critical that you understand the nature of your business and choose trust badges that are relevant to your business. For instance, if you are selling eco-friendly products, it might be a good idea to have an Ecolabel certification and a related badge.

Presence and Placement of Trust Badges

When it comes to using trust badges, placement is just as important as presence. For your checkout page, we suggest boxing important fields like payment forms from the rest of the page. Aside from acting as a visual cue to direct the user towards the important part of the page, a box adds an extra sense of security. In a usability study by Baymard, it emerged that placing the trust badges close to payment fields increases the perceived security of the transaction.

See how Peapod does it.

Presence of Trust Seals - Peapod

But if you check out Symantec’s checkout page (Ranked #2 among the top 100 eCommerce checkouts), you’ll see this

Symantec Checkout - No Trust Seals

What? No trust badges! The secret lies in the brand. Bigger and more popular brands already have their users’ trust and don’t need trust badges as much as smaller brands do.

Small brands can gain big wins by incorporating trust badges.

Here’s a lowdown on all that you need to know about trust marks.

Actionable Tips for using Trust Badges in eCommerce

  • Use recognizable trust badges
  • Include different kinds of trust badges to influence trust on multiple levels
  • Look out for niche trust badges that are relevant to your business
  • Place payment related trust badges closer to critical page components, like credit card information fields
  • If you are a small brand, trust badges are likely to yield major dividends
  • Don’t believe these tips blindly, conduct A/B tests to be sure

Now we come to the second most critical component that influences trust.

#2 Contact Information

We don’t trust algorithms and machines as much as we trust humans. There are many reasons, known and unknown, for this. Part of the reason is that humans are capable of empathy and feel safer with other humans than with machines.

When a user is on your eCommerce store for the first time, their ‘danger’ antennae are in overdrive. In 2009, a Harris Interactive Survey found that 90% of people were jittery and concerned when shopping from new or unknown sites.

Displaying contact information says that you’ve nothing to hide from the user.

Contact information gives a strong indication that there is a real person at the other end who can be approached should anything go wrong.

Here’s how Zappos, renowned for their customer service, does it

Contact Page - Zappos
Notice how they establish a very human connection on the page. Words like ‘we’, ‘family’ are liberally used on the page to bring down user anxiety. Multiple ways are displayed for a user to get in touch with the team — 24×7 phone number, email or a direct conversation.

If there was just a phone number, you’d be relieved, but Zappos delivers over and above typical customer expectations by providing multiple channels of communication. It helps ease the slightest of anxieties users have about shopping online at Zappos.

Read about how Flowr increased conversions simply by adding a phone number to the header.

Apart from this obvious benefit, contact page is also a potent lead generation engine. Users can directly get in touch with your sales team. This is particularly important for professional services where client-consultant interactions are best done in person. The folks at DotCo draw an analogy between contact information on a website and business cards.

It’s not just contact information that can help establish the human connection. Using real images of the people behind a product can also help ease user anxiety.

VWO - About Us Page

See how at VWO we make sure that we reveal the people behind our product? The contact information and the physical address of our place of business is also clearly laid out on the map. With the images and physical proof, people warm up to your business, because they are able to relate with it. Without it, it’s just a faceless software product, one of the many out there.

Actionable Tips for Using Contact Information

  • Clearly display primary contact information and make it easy to find
  • Where ever possible, include actual images of the people behind the product
  • Include multiple channels for users to communicate with your brand
  • Use words that imply human presence

#3 Social Proof: Customer Reviews/Testimonials

In the annual VWO eCommerce Consumer Survey 2014, 55% consumers said that reviews are important to them while making decisions. Another report, BrightLocal consumer survey 2014, shows that 85% consumers  read up to 10 reviews before deciding whether to trust a site or not. Further more, 72% consumers said that positive reviews make them trust a site more.

Customer Reviews Study - Graph

It is clearly evident that customer reviews matter. A lot. But how do we use this knowledge?

It’s important to note that half of these customers would trust only if there are multiple reviews to read. For the other half, trust depends on the authenticity of the reviews. So it’s not a question of quantity versus quality. You need both.

Fake reviews are a nagging nuisance that review sites have to constantly deal with. Check out how Yelp is dealing with it.

To maintain authenticity, make sure you promote only genuine reviews and not ones that seem overtly promotional. Amazon does a great job at this.

Customer Reviews Management : Amazon

By displaying the reviewers’ identities, and providing a review rating system, Amazon is able to promote the reviews that are found most useful by its customers.

Corroborating this insight further, a survey found that most user-trust is gained through reviews written by other users. Reviews from associations and professional reviewers do not score as high as that from users.

Review Types and Trust

How About Bad Customer Reviews? 

In a study published in 2011, it emerged that reading one to three bad reviews would deter 67% of the shoppers from making a purchase.

Don’t lose heart though.

In a more recent study, 68% consumers said that they are inclined to trust more when there are both bad and good reviews. 30% consumers suspect inauthenticity when they don’t see anything negative.

It’s important to feature both negative and positive reviews.

For every consumer who seeks out positive reviews, there are three who actively seek out negative reviews. Believe it or not, negative reviews are more popular than positive reviews. On average, consumers tell 15 people about their good customer service experiences, and 24 people about their bad experiences.

(Tips on getting more customer reviews)

All the research points towards having authentic user-generated reviews, good or bad, on your site.

Actionable Tips on Using Customer Reviews

  • Focus both on quality and quantity of reviews
  • Feature both negative and positive reviews; consumers find it authentic and therefore more trustworthy
  • Generate reviews from actual users of the product rather than from associations or professional reviewers

Trust in eCommerce and Responsibility

It’s a precious commodity, trust. The purpose of the three measures that we detailed in this article is to improve the trust that users have in your business.  However, it’s important to understand that trust has a self-correcting nature. At the slightest hint of malpractice or incredulity, trust disappears. Businesses need to earn their users’ trust every day, over and over again.

There are umpteen ways to coerce a user into doing business with you, using fake trust signals and reviews and what not. But failing a user’s trust in your business can have catastrophic effects. Bad PR is only the beginning of it. The good part is that unless you are trying to create trust where there can be none, it’s not a difficult thing to do. There’s nothing that drives trust like some good old honesty.

Did this article resonate with your take on trust in eCommerce? Are you aware of more ways to generate trust? We and our readers would love to know.

Let us know below in the comments section :)

eCommerce Survey 2014 Report

The post Importance of Trust in eCommerce and How to Build Trust on Your Website appeared first on VWO Blog.

View original article:
Importance of Trust in eCommerce and How to Build Trust on Your Website