Article overview

Which Site Seal do People Trust the Most? (2013 Survey Results)

· By · 27 comments ·

In prior research we have documented how users have little understanding of the actual technical security of web pages and instead mainly rely on what their gut feeling is telling them. It’s therefore recommended that you add visual clues – such as borders, background colors, and site seals – to your online payment forms to increase the perceived security of the sensitive fields in the form in order to make your users feel more comfortable when handing over their credit card information.

This recommendation raises an interesting question: which site seals are actually the most trusted by users? Multiple studies exist which test site seals (also known as ‘trust logos’ and ‘SSL badges’), but very few studies – if any – use an adequate sampling size, are of a recent date, and is not sponsored or paid for by one of the site seal vendors.

We therefore decided to conduct a survey on site seals with a large sample size (2,510 responses) and of recent date (Jan 9-11, 2013), testing up-to-date versions of 8 of the most popular site seals.

The Test

The following site seals were tested and the respondents had to click one of them as an answer to the following question: Which badge gives you the best sense of trust when paying online?

The survey received 2,510 responses (1,286 responses on actual seals, the remaining chose “Don’t know or no preference”) and ran from January 9-11th, 2013. All the respondents were adults from the US. The survey was conducted using Google Consumer Surveys. During testing, five answer options were displayed concurrently and their order was randomized to avoid position bias. Each answer was shown an equal amount of times within a +-1.83% margin except for the “Don’t know or no preference” answer which was always displayed and positioned as the fifth and last option.

Since we at Baymard primarily focus on checkout usability we wanted the respondents to consider an online payment scenario, and therefore specifically clarified the survey question with “when paying online”.

The Results

If we remove the “Don’t know or no preference” answers and normalize the scores for the 1,286 site seal answers we get the following distribution:

Norton 35.56%, McAfee 22.87%, TRUSTe 13.24%, BBB Accredited 13.16%, Thawte 6.03%, TrustWave 3.21%, GeoTrust 3.09%, Comodo 2.84%

Norton was shown to be the seal which gave customers the best sense of trust when purchasing online with ~36% of the votes. McAfee is a clear second with ~23%. The TRUSTe and BBB Accredited seals are at a tie for the third and fourth place, both with ~13%. Thawte comes in fifth (making it the second best SSL seal). Finally Trustwave, GeoTrust, and Comodo, share 6th, 7th, and 8th place at ~3%.

Trust Seals vs. SSL Seals

As discussed earlier, it’s not the actual security of your page that matters the most to users as they have little to no technical understanding of TLS/SSL encryption or even how forms are submitted. Rather it is the perceived security that’s of importance to this vast majority of users. This is why we included both SSL seals (Norton, Thawte, Trustwave, Geotrust, Comodo) and trust seals (McAfee, BBB Accredited, TRUSTe) in the survey. What we wanted to test is which site seal makes the user feel the most secure, not which seal actually represents the strictest technical / security compliance.

Looking at the results it’s very interesting to see that the second, third, and fourth most trusted site seals are all “trust seals”, whereas the rest are SSL seals, which – with the exception of Norton – all scored rather low. This is noteworthy because SSL seals suggest actual technical security of the payment form (preventing man-in-the-middle attacks and network eavesdropping), whereas the trust seals often don’t indicate any technical security at all but is rather a certification of the company and/or its consumer relations. This again further points in the direction that what matters for the average user is the perceived security, not the actual technical security.

Furthermore its noteworthy that the two most trusted site seals, by far, are from anti-virus software brands. It would seem likely that people recognize these brands better and associate them with security, and therefore trust their site seals (which include the company logos) more.

So Should I Just Use Norton?

It depends. Yes, if you just want a single site seal, although McAfee does not lack that far behind. However, if you want to go all in you may consider investing in three site seals: a Norton SSL seal to indicate an encrypted connection, a McAfee seal to indicate a clean, non-infected “hacker safe” site, and finally either a BBB Accredited or TRUSTe seal for establishing trust in consumer relations. This way you display all of the top 3 most trusted site seals, while at the same time catering to the customers with a high level of technical expertise who actually do know the difference between an encrypted connection, a hacker safe site, and a company with decent consumer relations.

The survey did not test whether one or multiple site seals is preferable (this would be an obvious case for doing an A/B test). Also, please note that this is a comparison of the 8 tested site seals, so just because Comodo only scored 2.8%, that doesn’t mean their seal fails to inspire any confidence. Instead, what it means is that Norton’s seal is vastly preferred over Comodo’s.

49% Don’t Know or No Preference

Forty-nine percent of the survey respondents chose the “Don’t know or no preference” option. The survey had a median response time of 13.6 seconds, which indicates that the respondents at least took the time to review their options and look at the site seals before answering.

A portion of this 49% is likely comprised of respondents who don’t care about participating in a survey. We did not want to introduce this bias into the other answering options so we provided a “Don’t know or no preference” option. Besides not caring to participate in a survey, the following three reasons for picking the “Don’t know” answer comes to mind:

  • The respondent doesn’t care about site seals.
  • The respondent genuinely has no preference.
  • The respondent is unable to rationalize a choice (to him/herself) and therefore doesn’t want to pick one.

Disclaimer

More than half of the Fortune 500 companies within B2C e-commerce have purchased either our checkout research or a checkout audit. This includes Symantec, the parent company of Norton as well as several other smaller companies within the SSL certificate industry. None of these companies have been involved in the making of this survey, or even informed about its existence. The survey was paid for entirely by the Baymard Institute using Google Consumer Survey and thus Google’s respondent recruiting and testing mechanisms.

Jessica Enders January 22, 2013 Reply to this comment

As always, interesting!

Just curious: how was the sample for your Google Consumer Survey chosen? Is it a pre-existing panel, a pop-up on Google sites or something else?

Cheers,
Jessica

Christian, Baymard Institute January 22, 2013 Reply to this comment

Hi Jessica, Google Consumer Survey have made arrangements with a variety of content publishers to set the poll up at their sites and split the revenue (often used as a non-monetary paywall for the websites premium content). (See short intro here: http://marketingland.com/google-consumer-surveys-9008 )

The publisher distribution for this site seal survey was:
News: 63.7%, Arts & Entertainment: 24.2%, Reference: 11.2%
Using Google’s derived demographic data the survey got a 1.9% weighted average of the difference between the US Census predicted population sample (CPS) and the actual respondent demographics. See here: https://www.dropbox.com/s/31nreh3di4ikh52/sampling%20bias.png (although it’s debatable how precise this derived demographic data actually is)

Adam Hopkinson January 22, 2013 Reply to this comment

I think there’s another possible reason for the results. As soon as I saw the set of logos, it struck me that Norton, TRUSTe and McAfee were the most simple and ‘clean’ seals and may therefore do well – and these were then the top three.

I’d agree that most people either don’t care or have no opinion, but I don’t think you can put the result down to brand awareness without questioning logo clarity.

Christian, Baymard Institute January 22, 2013 Reply to this comment

If there’s interest we’d consider doing a followup survey testing various design elements of a seal, including clarity, brand, “fake” logos, etc.

Tony September 19, 2013 Reply to this comment

That’s a good point. I’m sure the cleanliness of the logos would have some (more noticeable) weight in the decision if none of the brands were recognizable. But most people are completely clueless and when they see a brand they know, it makes a connection in their head.

Another factor in this, which would probably be bigger if not for Norton and McAfee’s recognizability, is maybe how often a user has seen that logo before.

For me, I know that I would not trust Norton and McAfee more simply because I recognize their names from anti-virus software (and I also am a little biased against them because of the idea of bundled PC bloatware that nags you after 30 days), so I sort of penalized/eliminated them in my head. And I’ve never actually looked into the guidelines for Norton’s, McAfee’s, or any of the other seals, but in my head, I almost wanted to say I’d choose TRUSTe or Comodo because of the (not exactly correct) gut instinct that they must be good if a lot of people use them.

Peep Laja January 22, 2013 Reply to this comment

How people think they behave and how they actually behave are not the same. People are very poor at predicting behavior.

What this survey says is that people know Norton and McAfee brands. Whether those seals will actually positively affect conversions is a complete unknown. It might very well be that Comodo seal or a fake seal will have the same effect on conversions as Norton – this is no information available on this.

Christian, Baymard Institute January 22, 2013 Reply to this comment

Hi Peep,

Thanks for bringing this up.

Yes as we stated: “Also, please note that this is a comparison of the 8 tested site seals, so just because Comodo only scored 2.8%, that doesn’t mean their seal fails to inspire any confidence. Instead, what it means is that Norton’s seal is vastly preferred over Comodo’s.”

What we do know is that visual cues matters to users level of perceived security. One such visual cue is site seals, and it is therefor relevant to know which one is best known/recognized. As with nearly all our suggestions you should always run it as a split-test to make sure it performs well in you specific context. For the same reason a single a/b case on site seals will give no final answer as well as performance might be heavily impacted by context (traffic type, industry, customer mix, product type, brand awareness, needed level of confidence, payment type, etc.)

Craig Sullivan January 23, 2013 Reply to this comment

Yes – as Peep says – recognition doesn’t tell us much about their thinking that happens after that. I get your point on the initial scan visibility, which will always work better with more well known brands. However, it’s the bit after that I’m always interested in.

In many cases, actually showing seals near or on critical parts of a checkout process (payment, personal details entry) can have a negative impact. Split testing is the way to go but don’t be surprised if you find the placement, page or step location and contextual wording to be different from what you thought would work logically.

Security, Privacy and Trust are complex and subtle things that need careful handling. I know – I’ve borked (and fixed) many pages over time. Testing sure beats my guessing (lol).

Raquel Hirsch January 30, 2013 Reply to this comment

Craig, as usual, spot on.

Jamie, Baymard Institute January 31, 2013 Reply to this comment

Absolutely Craig, people should always do A/B tests. Generalized findings such as these can help you figure out what to test. Of course, many people don’t do A/B testing for a myriad of reasons (insufficient traffic, technical barriers, etc). Those people will probably still benefit from generalized findings like these, but we agree that A/B testing is the ideal way to test and verify (re)designs. Of course, A/B testing doesn’t tell us why people act the way they do, and this is where qualitative studies have their merit.

Salman Aslam August 8, 2014 Reply to this comment

Agree with you Craig. The best thing is to carry out test and the impact of conversions by using the trust seals.

Do you have any data about impact of conversions using As Seen On Media placements?

Raquel Hirsch January 30, 2013 Reply to this comment

Interesting hypotheses and directional findings.

However, I think your research reflects primarily brand recognition and not actual web user behaviour.

It would be significantly more useful (and it would do away with the pesky “49% Don’t Know or No Preference”) if you conducted a statistically valid A/B/n test. Then you would know “for sure” whether or not web users take action given a seal (or no seal, of course).

Just sayin’

Jamie, Baymard Institute January 31, 2013 Reply to this comment

Hi Raquel Hirsch, thanks for your comment. We agree that A/B tests are hugely valuable, but they tend to be very site-specific.

There are so many elements in play on any given e-commerce website that are not part of the test yet have a great influence on why your variations perform the way they do. Changing your headers to a blue shade instead of red may sell better on site #1 but the same may not be true for site #2 because of how the blue shade clashes with other elements on the page and diverts the user’s attention to less important elements.

A/B test results, especially of elements such as site seals that appear very late in the shopping experience, are therefore not optimal for generalized findings, but the results are of course invaluable to the business itself. We therefore always recommend that you test implementations and use generalized findings such as these as pointers as to what to test.

Paul January 31, 2013 Reply to this comment

An interesting survey survey and thought-provoking results! so, most of us don’t care about SSL and are vulnerable to frauds. I prefer Norton. Perhaps, another interesting thing to do is to the the same set pf survey questions -worded differently and then see the results. SoGoSurvey has some good samples you can check.

Thomas February 28, 2013 Reply to this comment

Interesting questions and answers/discussions at the comments part.

I also have a question of how the survey was displayed? Was there always the same order of above named seals? Or do you have changed the order? As there are about the half of the participants that answered “Don’t Know or No Preference” I strongly suggest that if Norton was displayed on top user just click the first brand they know (“Norton? Oh, I know Norton!” – Click). This behaviour is for me equal to the user that answer with “Don’t Know or No Preference”.

Christian, Baymard Institute March 3, 2013 Reply to this comment

Nope. Their order was randomized to avoid position bias.

Stephen Joyce March 26, 2013 Reply to this comment

Thanks for the excellent article. I think Norton would be considered a trust seal as well. We use Trustwave for our web application PCI compliance scanning and for our secure certificate and use Norton for their Safe Site program which does daily malware and business verification services. I think the combination of the two is good, although the Norton brand is certainly more widely known than the Trustwave brand. Since the application is multi-tenant, we can extend the benefits across to our clients.

Marcus Arilius May 9, 2013 Reply to this comment

I may be mistaken, but i believe you should only be using the Norton Safe site without SSL. If you use SSL with Safe Site, it should be a Symantec SSL. Makes sense to offer a fluid user experience, and the seal and its relevant services are free with the certificate. You are pretty much paying for the certificate already.

Bongs May 9, 2013 Reply to this comment

I think this survey may have a flaw. Norton is number 1 probably b/c it’s a very reputable antivirus. I think sometimes people dont really look at the question carefully and dont want to answer a question as “dont know” especially when the question is “which badge gives you the most sense of trust” Norton is very popular and is know for “security and anti-virus” and thus people will be inclined to select that as the choice, if they dont recognize any of the other answers. I could be wrong, can anyone counter my opinion?

I do want to make one point. We know norton is a well known brand and if it is well know and trusted, it most likely is the best choice for a trust seal on your website. Too bad it’s very expensive :( Maybe not the best choice for small ecommerce merchants.

Vince L July 12, 2013 Reply to this comment

The very simple fact that nearly 50% of people said “Dont Know” debunks your idea that people dont want to answer as such.

Obviously being a highly visible AV company helps Symantec and McAfee, which supports Baymard’s theory that people care more about perceived security than actual security.

Gene June 24, 2013 Reply to this comment

Can you help me?
Which seals are most popular in Canada.
Thanks a lot

David September 19, 2013 Reply to this comment

Trust Seals from an independent reputable company can definitely help. One UK online site saw a 28% increase in sales over an 8 week period – confirmed as statistically significant by A/B split testing – see http://trust-verified.org/case-study-c/ for more details

Alexis September 20, 2013 Reply to this comment

Great article and interesting to learn 50% of the people don’t care which seal. Still it brings up the point that having ANY seal is preferable to not in the consumers mind.

Misty Evans February 7, 2014 Reply to this comment

It’s definitely true that having a seal is a huge advantage to not having a seal. It makes perfect sense since it’s impossible to just trust random people on the internet. I don’t shop online without some sort of security seal or third-party verification seal. It’s just too sketchy. However, I’m actually really surprised that this study left out Trust Guard’s Trust Seals. They have an excellent reputation as well and provide a great service (at a much better price than any of their competitors).

Will April 14, 2014 Reply to this comment

I think the most scary thing is that people do not really care about what is behind the seal. The requirements for obtaining some of these seals are very low compared to what a malicious hacker is capable of.

For me it means a lot more if a company e.g. runs a responsible disclosure or bug bounty program, where they are tested daily by the security community. Some examples of this.

https://www.facebook.com/whitehat
http://www.google.dk/about/appsecurity/reward-program/
https://www.crowdcurity.com

Hopefully this will be the one and only way in the future to display and communicate security.

Webygeeks April 27, 2014 Reply to this comment

Nice piece of information. I told my designer to use mcafee and norton for now as we can’t afford anything extra at this point. If we get conversions, surely we would buy more seals.

Balaji V Peri July 4, 2014 Reply to this comment

We are evaluating Trust sites for one of our customers, and this article is helpful for us to give them a recommendation. Selecting the top 3 seals seems a good idea.

Post a comment!

Close overlay