One of a hotel or hostel’s greatest assets is their website. Keeping it safe and secure is extremely important. In order for consumers to successfully book online, they must feel confident that their credit card numbers and personal information is being protected. There are many certifications any company can obtain to ensure the site’s safety and give consumers peace of mind.
Most popular e-commerce sites are secure, and they broadcast their security certifications everywhere. This helps consumers feel safe transacting online. The same is not true with most hotels. Every site that manages bookings, processes or records credit cards, and transfers other sensitive information should implement basic security measures to protect themselves, their customers, and others. Thankfully, there are some easy ways hoteliers can add security to their website booking processes. Security certifications help increase search engine rankings and revenue. Some of the most popular options are listed below.
Buy an SSL Certificate
SSL stands for Secure Sockets Layer and is the standard security technology for establishing an encrypted link between a web server and a browser. SSL prevents a third-party from stealing information while moving from server to browser.
Your existing website hosting provider likely offers SSL. All you need to do is call them, or purchase an SSL certificate from their website.
If your website hosting provider does not offer SSL certificates, several other companies offer SSLs such as: Comodo, Symantec, GoDaddy, and GlobalSign. Each offers different levels of protection based on the type of website.
For example, GlobalSign offers four different levels of security:
- DomainSSL offers the necessary protections for e-commerce, logins, webmail, and more.
- High assurance SSL shows website visitors your authenticated identity so the customer knows who they are dealing with.
- ExtendedSSL: Activates the green address bar for the highest trust & conversions. Website visitors will instantly know the site is protected from hackers.
- Wildcard and Multi-Domain SSL: Necessary only if you need to secure multiple websites with a single certificate and on a single IP address.
GlobalSigns’ tiered levels of protection are representative of similar SSL offerings, but offer slight variations in price and protection. We suggest hoteliers research each provider thoroughly in order to make the best decision for their property.
Each provider has a badge that website owners can display to increase buyer trust, such as the ones above.
Prices vary anywhere from free basic coverage, to upwards of $600/year for comprehensive coverage. (This option is used by huge websites with lots of data to protect–most hotels will never spend this much on SSL). Every provider’s pricing differs per package. Most hotels can get away with paying nothing to $5 per month for adequate SSL protection.
Pro Tip: In 2014, Google altered their algorithm to give priority to websites with proper security measures, primarily sites with strong HTTPS encryptions. In order to rank well on Google, websites that process secure information like credit card numbers and passwords need to have up-to-date and strong encryption certificates. You can read all about how they rank based on security here.
[creativ_alertbox icon=”” colour=”yellow” custom_colour=””]Note: When you turn on your SSL certificate for your website, the URLs of your website and pages will change. This has SEO ramifications. Make sure that you have 301-redirects in place for all of your existing content, so that you do not lose any search rankings. Make sure that you bring this up with your hosting provider before turning on SSL for your website.[/creativ_alertbox]
Norton Secured Seal
SSL provider, Symantec, owns Norton Secured Seal. According to their website, they are the most recognized trust mark on the Internet and are seen almost a billion times per day. The seal is different from SSL, and should compliment it, not replace it.
The seal offers:
- Daily malware scanning and vulnerability testing
- ECC and DSA algorithm agility
- Improved SSL Tools for certificate checking
- Express and auto-renewals
- Enterprise offering – Certificate Intelligence Center
According to their research, 90% of respondents are likely to continue an online purchase when they see the Norton Secured Seal during the checkout process.
Their lowest coverage starts at $399/year and increases up to $1999/year for a Secure Site Wildcard. We consider this a “nice to have” if you have the budget for it. Publishing the Norton Secured Seal on your website and booking engine may increase conversions.
The McAfee Secure badge appears everywhere from search results to the checkout process on a website. The McAfee SiteAdvisor appears in Google search results to millions of McAfee users to alert them a site is safe. The software ensures users that the site has no malware or malicious links, no phishing, and detects valid SSL certifications. Each site is tested and certified. Tens of thousands of sites use McAfee Secure to protect their businesses, customer identities, and financial information. This is another option that should compliment SSL, not replace it. You can use multiple seals at the same time–Norton and McAfee together, if you want.
You can sign up for McAfee Pro here.
Pricing varies based on business size and becomes available after signing up for a free account.
TRUSTe offers a number of security products including privacy assessments that provide a comprehensive review of your customer/employee data collection and usage practices powered by their privacy professionals. They benchmark security measures based on industry standards and best practices. They also provide a results report along with a roadmap of recommended privacy program changes.
TRUSTe provides an annual subscription certification that is an integrated set of services. They offer different types of certifications including:
- Enterprise Privacy Certification (EU Safe Harbor, APEC, FIPs, OECD, GAPP)
- Kid’s Privacy Assessment & Certification
- European Advertising Certification
- TRUSTed Data Certification
- TRUSTed Downloads Certification
- TRUSTed Smart Grid Certification
Most hotels will not need to worry about security assessments like these. In fact, much of the software they already use has likely passed security inspections like TRUSTe. However, if a hotelier is hosting his or her own website using a CMS like WordPress, or collecting credit card information using a simple contact form, Excel spreadsheet, or WordPress plugin, then they may need to become inspected and certified by groups like TRUSTe.
Prices vary greatly on a per client basis. Contact them to discuss your individual needs. You can contact them here.
Better Business Bureau
The Better Business Bureau accredited businesses pay a fee for accreditation review and monitoring for continued compliance and for support of BBB services to the public. Businesses based in the United States, Canada, and Mexico are eligible to receive the BBB accreditation. Businesses are not required or obligated to obtain the accreditation. The Better Business Bureau will accredit any business who would like it. Click here to find your local office.
BBB accreditation has little to do with website security. But they do provide your guests with greater confidence, which can help you get more reservations. We list it as another badge option to promote on your website.
Cost is dependent upon location and number of employees. It is calculated on a monthly basis. After the bureau accredits a business, they can place the badge on their website and other materials.
Homemade or Customized Badge
Monetize Pros suggest creating and testing your own badge such as “100% Money Back Guarantee” or “Satisfaction Guaranteed” to increase trustworthiness. They cite a study which showed that a “100% Money Back Guarantee” resulted in a 32% increase in conversion rate. While adding your own badge does not increase the security of your website, it increases the consumer benefit, and may improve bookings.
There are many security providers and solutions that ensure your website is safe from hackers and other malicious web deviants. SSL and security certifications provide exactly what you need to keep customers and your business safe. Take these precautionary steps to ward off any potential hacks before it is too late.