When was the last time you bought something on the Internet? Yesterday? Last week? Two months ago? However long ago, you probably did at some point in your life. In 2017, an estimated 1.7 billion people worldwide purchased goods online. With all this web-based shopping going on you’d expect online stores to be safe and secure, wouldn’t you?
As you’ve probably guessed, often they are not. We spend a lot of time on the Internet and send our personal information, preferences for products and even credit card details to any website that sells something we want. But we hardly ever consider what is going on behind that login screen or the software that helps us make that purchase.
What makes a website not secure to use depends on the page, but it is essential that they use SSL encryption for their data and don’t have too many ports open.
Secure Socket Layer
It’s been an important topic over the last month: securing transmitted information through Secure Socket Layer (SSL) encryption. In its latest Chrome update, Google announced that it will mark any websites that do not use this type of encryption as ‘not secure’ to its users. But as we already wrote many websites have ignored this warning and still don’t use encryption to keep their visitors safe.
Online stores are no different in this regard. Only half of them have their SSL certificate in place and protect their customer information through encryption, which means the other half puts personal- and payment data at risk of cybercriminals. Luckily these are mostly small online stores. Almost all eCommerce websites that we classify as having a large Economic Footprint do have their security through SSL in place. If you stick to buying from well-known sites and official pages of large brands you should thus be safe.
Open Ports Awareness
Let’s get technical. Each website needs open ports to connect to the Internet. There is an open port that provides a site with email connection, Internet connection, and many more. Some of these ports are necessary but there are also many that can be open but shouldn’t be. Because every open port is an opportunity for a hacker to try and break into so they can get access to the website’s data. Why would you build ten doors into your house when one is enough?
There’s no hard limit for the number of open ports that is too many due to the different functions of websites, but ten ports are enough for all that a site can do. We, therefore, classify any more than that as unsafe. Overall websites do pretty well when it comes to this security aspect: just under 30 percent has too many open ports and puts their information at risk.
For a regular Internet user, it is difficult to determine whether an online store is safe to shop at. You can’t just see outdated servers or open ports by looking at the page. What you can look out for though, is the secure sign in the form of a green padlock or HTTPS in your browser. Only buy from websites that use that security measure to keep your personal information safe!
Would you like more information on eCommerce security or other data we index? Contact us via firstname.lastname@example.org.