Just as food or car buyers do, digital consumers need reassurance about the security of products they use.
Displaying the “country of origin”, especially for meat, has become a quality standard in many restaurants. Not labelling food can make clients run away, afraid by the lack of transparency.
There is a similar trend on the Internet, focusing this time on personal and banking data. With all the scandals that recently came to light about hacking, data stolen and resold on black markets, security on the Internet has become a criterion of trust and success.
Communicating on security
As soon as a web application (website or mobile app) processes data, users are looking for signs of security, showing that the application is trustworthy.
This quest for signs of security is more or less conscious but, in any case, a lack of confidence results in shopping or subscription dropouts.
It is therefore important to show to your users, consumers or customers that you take the security subject really seriously. Communicating clearly and simply will help maintaining and building confidence.
Things you should communicate
Personal data, business and bank data are things users care about.
It is therefore possible to communicate about the web application architecture. In particular, the resilience of the website hosting is a good argument. You can rely on the reputation of the hosting company if renowned, its quality standards and its infrastructure.
Then, data encryption and more broadly data protection during its transit and storage is a common subject that can help building confidence. How is collected data being stored, transmitted to third parties or protected in case of a system intrusion? (password hashing is an example)
Sharing information about actions you take like security controls or security audits of your web platform is also very important and efficient to show your users that you take their security seriously.
Just as car manufacturers communicate about their vehicles crash test results, actions performed in terms of security audits and penetration tests are likely to generate trust.
Choosing your words carefully to talk about security
Unless your audience is mostly made up of security experts or computer specialists, you can assume your clients know nothing about security. It is then totally useless to use technical terms or to detail improvements you made following your latest security audit.
Using simple words, jargon-free, without abbreviations is much more efficient. Talking about resilience and reputation, solid and secure infrastructure can be great to illustrate the security of your hosting provider. You can also announce that a security audit has been conducted, to reassure customers about your web applications.
Employing a positive vocabulary and avoiding frightening words is essential!
Avoid using words like: data theft, piracy, espionage, flaws… But prefer: secured, robust, tests, resilience…
When should you communicate about security?
Sharing information about security makes sense when you release a new version of your website or mobile app, or release new features. And of course after a major security action like an audit.
If security is not your core business, you should be careful not to publish security-related information too frequently, to avoid a feeling of mistrust that was not your initial intention.
In a nutshell: security is not a taboo, quite the contrary!
Like in other industries, the security of a website must not be a taboo. Talking about it (to bring forward the positive aspects!) will reassure your clients and consolidate the reputation of your brand and services.
You can use your usual communication channels to spread the word: blog, newsletters, social networks.
The security of your applications is a competitive advantage. At equal service, users will choose the most reassuring solution.
So don’t hesitate to communicate, without beating around the bush.