Computer World –
Psychologically speaking, the word secure means "free of worry, doubt or apprehension." Technologically speaking, it means "safe from intrusion or attack." Consumers, however, must be secure in both senses of the word -- at least if they're going to shop on your Web site. Today's online consumers worry about the security and privacy of personal information such as credit card numbers, as well as their buying patterns and preferences. That's why clear customer communication ("talking the talk") and proactive privacy practices ("walking the walk") are both vital to building consumer trust -- and increasing business online. The keys to privacy include the following:
Notice: Post policies and practices on your Web site -- and follow them. Say what you do, and do what you say.
Choice: Offer consumers options before using the information they provide for any purpose other than completing a sale. Make these choices clear, and let consumers know the value of participating fully, such as signing up to receive tailored offers and specials. Make them an offer they can't refuse.
Security: Guard customer information by moving databases and transaction records off Web servers to protected subnetworks and back-end systems. And take steps to prevent hackers from kidnapping information and holding it for ransom. For example, American Express' Private Payment offering allows cardholders to use a one-time card number that is of no use after a sale is completed.
Access: Allow customers to see, as well as update, their accounts online. Also, let them change their choices as they please in their accounts and profiles.
Accountability: There are three options:
- Do it yourself. This is the "trust me" approach. While lesser-known players need to do this carefully, big brands may be able to stop here due to the level of trust their brands have already earned. Nevertheless, everyone needs to abide by the industry standards established by groups like the Online Privacy Alliance and Direct Marketing Association.
- Kits. This is the "I'm-taking-it-to-another-level" approach. Privacy seal programs such as TRUSTe are the main example. They provide a standard for online privacy practices and offer business and consumer forums for dispute resolution if a problem arises.
- Assured practices. This level complements the others. By adopting this approach, your customers are assured that you publish and live by your practices. In addition to meeting established standards, possibly those set by the privacy seal programs, this approach requires an independent verification of your policies, practices and protections to assure that you're actually doing what you say you're doing. The accounting industry has established criteria and processes that provide for disciplined review, a high level of assurance and an opinion from a leading professional services firm on your privacy practices and other topics, including security and transaction integrity. Extending this assurance practice to cover shipping policies, return policies and customer service can further increase trust. During the holidays, consumers need to get what they order in time for the gift giving. This is why the Federal Trade Commission focused this past holiday season not only on privacy and security but also on promises made about delivery.
There is a wide spectrum of options to enhance your prrivacy position both operationally and in the eyes of the consumer. But the bottom line is that you deliver on your promises to the consumer from hisperspective, not yours.
By enhancing the way you approach privacy in terms of your policy, your ability to execute that policy and your communication of that policy, you'll earn consumer confidence and trust. And by elevating your brand in the eyes of consumers, you'll be positioned to gain repeat customers, competitive advantages and reduced
e-commerce risk. Indeed, privacy and security are not just about protecting information; rather, they're about making your online business work.