Harvard researcher finds Truste sites statistically untrustworthy
From Wired Blog - 27B Stroke 6 [blog.wired.com]
|Ben Edelman, a researcher working on his Ph.D. in economics at Harvard, has posted a study showing that sites certified through Truste are twice as likely as similar, but uncertified sites to deliver spyware, adware and spam. |
Edelman compared nearly 1,000 Truste-certified sites to more than 500,000 sites as reported by a major ISP...
Edelman found that 5.4% of Trust-E sites were untrustworthy, while only 2.5% of the baseline sites were.
Now, I did a brief scan through old WebmasterWorld threads on Truste and other certifications, and the consensus is that for eTailers, such certifications are definitely worthwhile - increasing conversions and adding a visible sign to customers that the site can be trusted.
If the enforcement is lax, and the news spreads to the wider press, has anyone here considered the possible effects of a publicity backlash?
In previous threads, I read the opposite. I read that the certificates add useless stuff that makes the customer think twice before proceeding with a purchase by bringing up worries who would stay buried.
I did my own little survey a while ago of people using the better business bureau seal. I found that many Web companies using that seal were SEOs and similar outfits. I felt like they were trying to buy credibility instead of ozzing credibility and trust on their own. I trusted these outfits even less...
Maybe it's because dodgy sites feel the need to "legitimatize" their sites more so than genuinely trustworthy sites do.
Frequently the people who speak most forcefully about how honest they are are the ones most likely to rip you off. "If a man speaks of his honor, make him pay cash." ~Lazarus Long (Robert A. Heinlein)
How many big sites have Truste or BBB seals?
In my opinion, listing a phone number will probably build more credibility than any number of seals.
We dropped out of the BBB 20 years ago when I saw that it was useless in fighting modern business fraud. I got sick of reading their monthly newsletter about tiny oriental rug dealers running continuing going out of business sales. I saw large mega-corps doing things that were far worse that raked in millions of dollars.
BBBs are a relic of 19th century small town America, as antiquated as a drug store soda fountain. They have some value in combating fraud by sleazy plumbers and roofers or fraudulent charities...easy targets. But that's about it.
I also perceived that scammers tended to waive the BBB seal as a marketing tool and that a major purpose of BBB fund raising was simply to keep the chapter in business.
These things do work. Why? Because the masses don't really think. They don't sit there and think for an hour or two about why BBB exists, and why it is in fact not very useful as a mediating medium, what a resolved complaint actually means, etc. A website business may do this but not John Q. Public. For the same reason people buy thousands of cheap crap from infomercials, some blabbering good looking sales guru is telling them it's all good, and who are they to question it. Well the same thing with seals, it looks good and the company has to know what their doing, right?
Ben Edelman's PDF research paper on trustE [benedelman.org] has a lot to say that wasn't reported in the Wired blog report. Interesting reading.
TRUSTe’s Fact Sheet (2006) reports only two certifications revoked in TRUSTe’s ten-year history... According to TRUSTe’s posted data, users continue to submit hundreds of complaints each month. But of the 3,416 complaints received since January 2003, TRUSTe concluded that not a single one required any change to any member’s operations, privacy statement, or privacy practices, nor did any complaint require any revocation or on-site audit.
|TRUSTe has only a small staff, with little obvious ability to |
detect violations of its rules. Rule violations at TRUSTe member
sites have repeatedly been uncovered by independent third parties, not by TRUSTe itself.
My experience after a good deal of testing clearly tells me that the Truste, BBB, and similar little symbols of credibility increase my conversion rate. I don't expect there to be a backlash against Truste anytime soon since I'm sure less than 1% of my customers read webmaster forums. As a user of the internet and hater of spam, adware, etc; it bothers me that Truste seems to care little about it's supposed mission. But as an ecommerce retailer I'll keep the little Truste icon on my site as long as it being there makes me more money than it costs me.
makes me wonder how many are selling?
I agree with the post on maybe the sleezy sites need the deception of these trust seals>
>> news spreads to the wider press, has anyone here considered the possible effects of a publicity backlash
Regardless of facts, I think the public perception - if it gains widespread exposure - could have a serious impact on new buyers. It's that reputation thing. If they don't know you and they've heard about the stats and there's a smidgen of doubt about your site's legitimacy, it may be enough for them to leave and shop elsewhere. Alot of ifs there but we'll see how it plays out over the next few months - especially with the holiday buying season about to kick off!
I've written this here before, but when I'm shopping for electronics(or something) online, and I hit a site that has the Trust-e icon displayed, I bounce right back to the search engine and find another site. To me, it's the biggest tip-off that you're hiding something.
That, and of course ScanAlert's "HackerSafe".
My daddy used to call this stuff eyewash, because all it really does is make a potential customer THINK a Web site is safe, official, endorsed, whatever, whether it REALLY is or not.
Like it or not, using eyewash works on my e-commerce sites. With HACKERSAFE, I get around a 5% increase in conversions which translates into way more than a 100x ROI.
How do I know this? For the record, I had HACKERSAFE run an A/B test on one of our e-commerce sites with half the users seeing the HACKERSAFE logo and half not. The test ran for 3 weeks last month with enough traffic (tens of thousands) and conversions (around 1000 for each version) to be very, very confident of the outcome.
Don't know if I can post URLs or not, but GRAPHS here:
Letting Hackersafe run my A/B test is a lot like letting a spammer edit his favorite DMOZ category, but I just got VERTSTER to work with Yahoo! Stores, I'll perform the test again to verify the results.
I got 5% more conversions WITH the HACKERSAFE logo, so until some new challenger dethrones the current eyewash champion, I'm using it!
>> news spreads to the wider press, has anyone here considered the possible effects of a publicity backlash
Very Good point I think I will post it on my front page so it gets a very good link, and do a cite on Wiki as well
lets see anchor text
O yea Internet Security
Certificate might help a site that has little else going for it...no street address, no 800#, amateurish design.
Results of A/B testing don't mean a thing unless we can see the site.
One thing IS certain, you rarely see these gimmicks on the sites of established retailers.
I don't think it's true to say that none of the big sites use these verification logos. Check out newegg, they have loads of these things at the bottom of their index page - truste, BBB, the whole lot. Buy.com has a bizrate icon at the bottom of its index page. Bizrate has a truste icon at the bottom of its index page. Overstock.com has BBB and verisign logos at the bottom of its pages.
However, it looks like companies with a strong off-line presence (e.g. target, walmart, circuit city) rarely use truste or bbb, probably because they already have a high degree of customer trust.
I think in general it makes sense that these things would increase conversion rates. And since so many large e-commerce sites use them, i'd imagine they probably do help sales - even for highly established sites.
[edited by: MinistryOfTruth at 8:24 pm (utc) on Oct. 4, 2006]
|One thing IS certain, you rarely see these gimmicks on the sites of established retailers. |
|Results of A/B testing don't mean a thing unless we can see the site. |
Why not? Everything else on the site stayed exactly the same.
Example was a real site that's been around more than 4 years. It gets anywhere from 2,000 to 3,000 visitors a day.
I thought we couldn't drop URLs? And if I don't know you, you don't get to see a site where I just showed a graph with traffic stats and number of conversions over a 3 week period.
[edited by: lorax at 10:18 pm (utc) on Oct. 4, 2006]
[edit reason] no URLs please [/edit]
Instead of having personal notions and bias about who uses these icons and how well they work, why not test it out? It's very easy to call other people's site poorly done, rely on how you feel about the icons when you browse, and shoot holes in Trust-e or Scan Alert. But if having the icon on your site puts more money in your pocket, does any of that matter? My testing has been very clear in confirming that using such symbols of trust increases my conversion rate.
I can see seasoned web users not putting much trust in truste or hackersafe but guess what - you are not my core paying customers. I can't see lumping the BBB into this because they have been around for quite sometime and have way more trust to the average joe than these newer entities have. If your target market are people ages 45 and up I would recommend getting the BBB seal on your site.
I have the BBB on my front page, people do click on it. But I also put my toll-free number on the front page and a physical address etc on our contact page as well as a live chat on all pages that need it. Alone the BBB seal might not do much but with all the other ingredients it definitely adds trust.
on one of our client's sites the HackerSafe icon improved conversions from PPC traffic by 27%. Other conversion went up as well but it was difficult to come up with an exact number as we helped them with many online and offline marketing techniques. PPC was the easiest way to test. If you PMB me I'll gladly give you the URL - not sure if I should give it here. Another note on HackerSafe / ScanAlert. It DOES actually do something more than just a seal! It checks the site's vulnerabilities from hackers, DDoS, scripts, etc. As far as TrustE, BBB, or even displaying an SSL certificate on your site - wondering if anyone has good facts on those. Thanks.
[edited by: Gomvents at 2:21 pm (utc) on Oct. 5, 2006]
No surprise actually, just nice that Ben did a study and put it out there. it's like those drug dealers that put "D.A.R.E." stickers in the back.
As far as people falling for it: what else can you expect from humnas who think that $9.99 is a lot cheaper then $10 ;)
|Another note on HackerSafe / ScanAlert. It DOES actually do something more than just a seal! It checks the site's vulnerabilities from hackers, DDoS, scripts, etc. |
Since all the sites I own / work on are Yahoo! Stores, HackerSafe can't really test this stuff, or if they do and find anything, I can't really change anything because Yahoo! takes care of all the IT heavy lifting stuff. I should have posted something about this to clarify my original post.
However, my rep at HS said that they actually do test the entire Yahoo! Store Platform for Yahoo!, but they just can't take credit for it for some reason.
"Another note on HackerSafe / ScanAlert. It DOES actually do something more than just a seal! It checks the site's vulnerabilities from hackers, DDoS, scripts, etc."
I don't believe they can saying is one thing doing is another. The fact is they can check for simple stuff but their check is really nothing and worthless to you really.
Just ask the site that was infected sending all the info to a hacker and being posted on a board.
Looks good but that is it looks.
Here are some pretty well known brands using HackerSafe:
Ritz Camera, Sports Authority, Ace Hardware, Sony music store, Petco, Restoration Hardware, GMC Collection, Fingerhut, cabelas, Armani Exchange, A&E, American Red Cross, Fredericks of Hollywood, GNC, Niketown, and Guitar Center.
I got these off their Web site. I posted the domains earlier. Whoops.
Just because you see everyone jumping off the barn roof doesn't mean you're gonna do it, but at ~$1800 a year folks using it must either see an increase or think they do.
You don't have to pay $1800 a year for HackerSafe. Ask their sales rep about their Emerging Merchant Program.. There's a 50% discount if you ask for that. Hope some people out there enjoy that tip!
|Here are some pretty well known brands using HackerSafe:..." |
"folks using it must either see an increase or think they do.
Or perhaps the [big] folks using it are PAID to display the seal.
We a/b tested the hackersafe logo and found it *decreased* conversion.
The conclusion I've drawn is that if the overall design of your site conveys trustworthiness the logo will have a lower (or negative) effect than if your design does not. What that "trustworthiness" is will depend significantly on your users, market, product offering, etc.
We've done a lot of research into what we need to do to have our site convey this message (conjoint analysis, surveys, a/b testing). Because of this I think the logo brings down the overall affect (color clash, doesn't integrate into our design, looks somewhat amateur, etc).
|...if the overall design of your site conveys trustworthiness the logo will have a lower (or negative) effect than if your design does not. |
Maybe less sophisticated Web shoppers feel better shopping when they see an obvious trust symbol.
Hopefully I'm not insulting any of my customers, but I feel pretty safe saying that this site's demographic is at least of average if not below average Web surfing / online shopping experience.
This conclusion is based upon the e-mail and phone questions I get, as well as where my best converting traffic comes from, and the keywords they use to find the site and buy.
I'm also comparing these shoppers with shoppers on the ~500 or so other Yahoo! Stores I've been involved with over the past almost 10 years.
Overall, I'm pretty happy with the "trustworthiness" of this site. I believe in and try to implement Jakob Nielsen's best practices for usability. I get feedback from thousands of users which is all over the damn map, too. Half of them want this feature and the other half want the exact opposite.
Ultimately, I'm always looking for more ways to improve my conversion rate and provide a better shopping experience, which is why I'm posting here.
One last thing though, the Hackersafe folks were a little disappointed that we only moved the needle 5%. It started out at about a 15% increase (which would have meant something like a $500K annual increase!) and only flattened out in the last half of the test.
I guess the moral of the story for me is that every Web site if different, so you better A/B test the hell out of any "best practice," otherwise you'll never really know for sure.
Vertster, here I come! -- Rob
OT: Lorax, does your handle come from the Dr. Seuss story?
500 Yahoo store?
Wow that's a lot of trust-e/hackersafe symbols to buy. lol