Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

UK Retailers in Website Security Fail

Only around a third of some of the UK’s top retailers have invested in the most secure web certificates, potentially exposing customers to phishing attacks and missing out on sales, according to Sectigo.

Formerly known as Comodo CA, the world’s largest commercial certificate authority audited 25 major high street and online names to see what kind of certificate-based security they had in place.

Only nine are said to have passed muster with Extended Validation (EV) SSL certificates.

These offer customers the highest assurance they’re on the right site, providing a company-branded address bar and padlock in green, and more information on the issued certificate. They also require the applying business to undergo more stringent checks to authenticate.

Regular SSL certificates are still secure, but only flash up a padlock and there's no readily available information on the certificate. These are also issued more easily, with fewer checks.

Of greater concern are the four retailers which had no secure certificate in place for visitors to their site. This means users not only see no padlock or branded address bar, but there’s also a “not secure” warning displayed in the browser which could put many off from shopping on the site.

Cards Galore, Selfridges and Arcadia Group’s Dorothy Perkins and Topshop were all guilty of failing to secure their websites, according to the Sectigo study.

"Businesses grow when they can inspire trust in their customers. In the age of online shopping, the onus is on every online business to guarantee that their customers are as safe when navigating through their online stores as they are when visiting their physical ones,” explained Sectigo senior fellow, Tim Callan.

“The easiest and most efficient way to assure them of this is the Extended Validation certificate, which verifies that the website is genuinely operated by the expected online business and not some fraudster trying to cheat you. Businesses that use these certificates optimize their relationships with customers, increasing revenue and adding an essential competitive advantage to their side."

The news comes as retailers will be expecting a major rush of customers this weekend looking to grab any Black Friday/Cyber Monday bargains.

What’s Hot on Infosecurity Magazine?