In prior research we have documented how users have little understanding of the actual technical security of web pages and instead mainly rely on what their gut feeling is telling them. It’s therefore recommended that you add visual clues – such as borders, background colors, and site seals – to your online payment forms to increase the perceived security of the sensitive fields in the form in order to make your users feel more comfortable when handing over their credit card information.
This recommendation raises an interesting question: which site seals are actually the most trusted by users? Multiple studies exist which test site seals (also known as ‘trust logos’ and ‘SSL badges’), but very few studies – if any – use an adequate sampling size, are of a recent date, and is not sponsored or paid for by one of the site seal vendors.
We therefore decided to conduct a survey on site seals with a large sample size (2,510 responses) and of recent date (Jan 9-11, 2013), testing up-to-date versions of 8 of the most popular site seals.
Update October 2016: we have published an updated version of this “site seal trust” test at baymard.com/blog/perceived-security-of-payment-form also testing fake seals.
The following site seals were tested and the respondents had to click one of them as an answer to the following question: Which badge gives you the best sense of trust when paying online?
The survey received 2,510 responses (1,286 responses on actual seals, the remaining chose “Don’t know or no preference”) and ran from January 9-11th, 2013. All the respondents were adults from the US. The survey was conducted using Google Consumer Surveys. During testing, five answer options were displayed concurrently and their order was randomized to avoid position bias. Each answer was shown an equal amount of times within a +-1.83% margin except for the “Don’t know or no preference” answer which was always displayed and positioned as the fifth and last option.
Since we at Baymard primarily focus on checkout usability we wanted the respondents to consider an online payment scenario, and therefore specifically clarified the survey question with “when paying online”.
If we remove the “Don’t know or no preference” answers and normalize the scores for the 1,286 site seal answers we get the following distribution:
Norton was shown to be the seal which gave customers the best sense of trust when purchasing online with ~36% of the votes. McAfee is a clear second with ~23%. The TRUSTe and BBB Accredited seals are at a tie for the third and fourth place, both with ~13%. Thawte comes in fifth (making it the second best SSL seal). Finally Trustwave, GeoTrust, and Comodo, share 6th, 7th, and 8th place at ~3%.
Trust Seals vs. SSL Seals
As discussed earlier, it’s not the actual security of your page that matters the most to users as they have little to no technical understanding of TLS/SSL encryption or even how forms are submitted. Rather it is the perceived security that’s of importance to this vast majority of users. This is why we included both SSL seals (Norton, Thawte, Trustwave, Geotrust, Comodo) and trust seals (McAfee, BBB Accredited, TRUSTe) in the survey. What we wanted to test is which site seal makes the user feel the most secure, not which seal actually represents the strictest technical / security compliance.
Looking at the results it’s very interesting to see that the second, third, and fourth most trusted site seals are all “trust seals”, whereas the rest are SSL seals, which – with the exception of Norton – all scored rather low. This is noteworthy because SSL seals suggest actual technical security of the payment form (preventing man-in-the-middle attacks and network eavesdropping), whereas the trust seals often don’t indicate any technical security at all but is rather a certification of the company and/or its consumer relations. This again further points in the direction that what matters for the average user is the perceived security, not the actual technical security.
Furthermore its noteworthy that the two most trusted site seals, by far, are from anti-virus software brands. It would seem likely that people recognize these brands better and associate them with security, and therefore trust their site seals (which include the company logos) more.
So Should I Just Use Norton?
It depends. Yes, if you just want a single site seal, although McAfee does not lack that far behind. However, if you want to go all in you may consider investing in three site seals: a Norton SSL seal to indicate an encrypted connection, a McAfee seal to indicate a clean, non-infected “hacker safe” site, and finally either a BBB Accredited or TRUSTe seal for establishing trust in consumer relations. This way you display all of the top 3 most trusted site seals, while at the same time catering to the customers with a high level of technical expertise who actually do know the difference between an encrypted connection, a hacker safe site, and a company with decent consumer relations.
The survey did not test whether one or multiple site seals is preferable (this would be an obvious case for doing an A/B test). Also, please note that this is a comparison of the 8 tested site seals, so just because Comodo only scored 2.8%, that doesn’t mean their seal fails to inspire any confidence. Instead, what it means is that Norton’s seal is vastly preferred over Comodo’s.