Trust seal
Encyclopedia
A Trust seal is a seal
awarded by proprietary companies to businesses to display, in an attempt to boost customer confidence. There are several well-known trust seals from different companies, and the requirements for the displaying merchant vary, but typically involve a dedication to good security practices or the use of secure methods for transactions or most importantly verified existence of the company. Trust seals can come in a variety of forms, including data security seals, business verified seals and privacy seals and are available from a variety of companies, for a small fee. A Trust seal can be either active or passive. Most seals are validated when they are created and remain so for a specific duration of time, post expiry of which the business/process has to be re-validated.
Hacker Safe, however, have been criticized as not doing enough to protect the security of visitors to a site such as because they intentionally mark as 'Hacker Safe' websites known to McAfee to have an XSS vulnerability
. This is possible because most seals are a simple image that a hacker can simply copy and post onto their own site. Such lapses highlight the importance of anti-XSS protection security measures. Trust seals can give a false sense of security as they are awarded at a certain point of time, unless the website is scanned on a daily basis and the scan date is displayed. When a site is not scanned daily, a change in technology and loopholes are not updated along with the trusted seal, so it does't represent flaws in the updated technology. The iconographical value is too high to mislead customers unaware about these changes.
Seal (device)
A seal can be a figure impressed in wax, clay, or some other medium, or embossed on paper, with the purpose of authenticating a document ; but the term can also mean the device for making such impressions, being essentially a mould with the mirror image of the design carved in sunken- relief or...
awarded by proprietary companies to businesses to display, in an attempt to boost customer confidence. There are several well-known trust seals from different companies, and the requirements for the displaying merchant vary, but typically involve a dedication to good security practices or the use of secure methods for transactions or most importantly verified existence of the company. Trust seals can come in a variety of forms, including data security seals, business verified seals and privacy seals and are available from a variety of companies, for a small fee. A Trust seal can be either active or passive. Most seals are validated when they are created and remain so for a specific duration of time, post expiry of which the business/process has to be re-validated.
Purpose
Trust seals provide assurance that an e-commerce website's identity has been verified by a third-party and that the website has been scanned for vulnerabilities. This results in a higher number of customers and more sales per customer, due to increased customer assurance.Privacy Seal
A privacy seal outfits a company with an accurate privacy statement suited to its business practices. It also helps the company identify potential privacy threats that would otherwise go unnoticed.Business Identity Seal
A business identity seal, also known as, Verified Existence Seal is one which verifies the legal, physical and actual existence of the business by verifying multiple parameters such as statutory details, contact details, management details, etc. Verified existence Trust seals add weight to the profiles of the deployers and boost confidence of prospective clients. A major benefit of a Verified Trust seal is it represents due diligence certificate for the business.Security Seals
Security Trust Seals are the most popular type of trust seal verification. There are two different types; Server Verification and Site Verification. Server Verification services perform daily scans on the hosting server, to check for server vulnerabilities or attacks. Site Verification services verify the existing security of web sites, to ensure that customers are protected under normal circumstances.Criticisms
Third party verification from a reliable source and a strategically placed trust seal may assure customers about the safety and security. Some trust seals, such as McAfeeMcAfee
McAfee, Inc. is a computer security company headquartered in Santa Clara, California, USA. It markets software and services to home users, businesses and the public sector. On August 19, 2010, electronics company Intel agreed to purchase McAfee for $7.68 billion...
Hacker Safe, however, have been criticized as not doing enough to protect the security of visitors to a site such as because they intentionally mark as 'Hacker Safe' websites known to McAfee to have an XSS vulnerability
. This is possible because most seals are a simple image that a hacker can simply copy and post onto their own site. Such lapses highlight the importance of anti-XSS protection security measures. Trust seals can give a false sense of security as they are awarded at a certain point of time, unless the website is scanned on a daily basis and the scan date is displayed. When a site is not scanned daily, a change in technology and loopholes are not updated along with the trusted seal, so it does't represent flaws in the updated technology. The iconographical value is too high to mislead customers unaware about these changes.