Prioritising customer security for Black Friday and festive sales

As online businesses gear up for Black Friday and festive season, this is the time to prioritise security – and make sure customers know exactly what measures you’ve put in place, says Caesar Tonkin, Managing Director at Armata Cyber Security

Consumers are prioritising the best deals and chasing the sales before they end. However, the chase comes with risk – the faster consumers move towards the deals, the less attention they’re paying to security and verifying a website’s authenticity. Which means, as an online business, this is the perfect time to prioritise your own security and customer peace of mind. Investing in security checks and verifications can help your business prevent expensive breaches, identity theft and reputational damage.

More than $4.1 trillion – that’s the anticipated global spend on retail e-commerce sales and, by 2027, nearly 23% of retail sales will be online. Cybercrime is expected to cost $10,5 trillion, globally, by 2027. Almost 33% of the world’s population shops online, and, in South Africa, the online retail sector is anticipated to exceed R100 billion by 2026. The digital marketplace is booming, and on 29 November 2024 when Black Friday hits online stores, it is expected that consumers will spend R136 billion across both physical and online sales.

Secure Sockets Layer (SSL) certificates are fundamental to online security. Encrypting the data transmitted between your browser and the website server, they are a wall of protection against the threats. However, not all SSL certifications and implementations are the same. Many online businesses haven’t got the highest security standards which can put their sensitive information at risk. They need Grade A security, especially if they have customers paying with a credit card or if they are capturing personal information.

Grade A means rigorous security that prioritises customer data and protects the business. Investing in a Grade A SSL certification is a very simple way of saving your business, and your customers, from becoming victims to cyber-threats. And checking what level of SSL security a website has is equally simple. Whether you’re an online business or a consumer, go through the process of purchasing an item until you reach the payments section. Then, at this point, copy and paste the URL in the browser address bar into the Qualys SSL Server Test website and run the test. In 20 minutes, you’ll get comprehensive results.

It’s 20 minutes, sure. If you’re doing the test on Black Friday, it can lose all the items in your cart, or all your customers in the queue, but if you’re doing it today in preparation for 29 November, then you’re planning ahead. It’s not as inconvenient as a breach, nor as time consuming. According to IBM, it takes 277 days to identify and contain a breach, and it can take anything from weeks to months for a consumer to get a refund or manage the fallout. The time it takes to undertake the test is a small price to pay for financial security.

Many shoppers assume that PCI (Payment Card Industry) certification is enough to guarantee complete security, but even PCI-certified businesses or those using certified payment gateways may not have optimal SSL security standards. Many have Grade B SSL certificates which can introduce potential security vulnerabilities that can compromise sensitive data. While they do provide basic encryption, they fall short of security best practices such as a lack of Perfect Forward Secrecy (PFS), incomplete certificate chains, or the use of depreciating hashing algorithms.

Grade A or A+ SSL ratings are the gold standard in online security as they offer robust encryption protocols, up-to-date security measures, enhanced protection, and improved safeguards for sensitive and personal financial data. It is an additional security measure that verifies the website, provides consumers with an additional layer of protection, and mitigates the risks that come with Black Friday sales mania.

The cyberthreats are only getting worse and criminals are just as excited about the potential wins of Black Friday and festive season as online businesses and their customers. Investing in online security, verifying your SSL, and refusing to compromise on security standards are easy steps to online sales confidence, and maintaining customer peace of mind. And, as 29 November rapidly approaches, let your customers know that you have undertaken the SSL test and that you prioritise their digital safety.