New Study: Only 2% of leading online retailer sites use secure HTTPS for e-commerce

A new research reports indicates that very few e-commerce websites automatically protect users by directing them to highly secure HTTPS versions that use always-on SSL.  The study, conducted by High-Tech Bridge analyzed the top 100 e-commerce sites.

According to Marsel Nizamutdinov, Chief Research Officer at High-Tech Bridge, comments on the findings: “Alarmingly, only 2% (two per cent) of leading global online retailers automatically ensure their customers use the secure HTTPS version of their website when making orders or adding goods to their shopping carts. Also, 7% of websites are failing to enforce their customers to use HTTPS for the most sensitive operations such as login, checkout and payment, while 27% of websites don’t even have an HTTPS version for “non-critical” sections of their website, such as shopping cart management or search for goods.”

Here is a summary of findings from the report:

 

• 0/100 websites have expired or untrusted SSL certificates.
• Only 1/100 of website certificates expire in less than one month.
• 99/100 of websites have 2048-bit or even stronger encryption certificate.
• 2/100 websites do not have SSL certificate at all, leaving their customers totally unprotected.
• 7/100 websites are putting customer information at risk by failing to enforce the use of HTTPS for the most sensitive operations such as login, checkout and payment.
• 73/100 websites do not have a secure HTTPS version at all for some “non-critical” online activities of their customers, such as shopping cart management for example.
• An extremely low 2/100 websites protect users by automatically using a secure HTTPS version (SSL) by default.
• Only 25/100 websites have SSL EV certificates.
• 33/100 websites display non-SSL content together with SSL content on their pages.

Related articles

• Do non-secure webpages pose a threat to e-commerce consumers? (globalnews.ca)
• E-Commerce Security Reminders (Before You Confirm Your Cart) (business2community.com)
• eCommerce Made Simple Now with GiftLogic and 3dcart Shopping Cart Software (hispanicbusiness.com)
• Does a Certificate Authority See Your Private Key? (mobilesociety.typepad.com)