June 1, 2002 by Miriam Fitzgerald, solutions marketing at Watchfire Corp.
Everything in life has some element of risk – but in the insurance and financial services industries the element of online risk can have a huge, if not disastrous effect, because of the sensitive information shared between users and service providers. For example:
A major financial institution finds profanity and inappropriate racial content on its corporate site;
An insurance site uncovers links to a site that instructs readers on how to commit suicide and;
Personally identifiable information is inadvertently passed to a third-party site from a pharmaceutical AIDS site.
Could this happen to your company? Internet web properties are a key business asset, but they also represent a significant risk from litigation, government intervention, brand erosion, and consumer backlash. Users often leave a website because of bad experiences due to poor search results, inaccessible content, and links that go nowhere. The consequences of website errors can extend to a company’s offline presence as well – if a user is not successful on your site, how likely are they to interact with the rest of your organization?
There are a host of online content risks and errors that can affect insurance and financial websites. These include:
Potential Privacy Glitches. Many websites display a privacy statement explaining what the organization does with the information it collects from users. Most organizations want to ensure that a link to the statement is included on every page. Other organizations require that every page that collects information from users include a link to the privacy statement.
“P3P”. The goal of P3P (the Platform for Privacy Preferences Project) is to increase user trust and confidence in the web. With P3P, users need not read the privacy policies at every site they visit, but instead the key information about what data is collected by a website can be automatically conveyed to a user, and discrepancies between a site’s practices and the user’s preferences can be automatically flagged. P3P has come to recent attention with media and privacy advocates due to Microsoft’s adoption of P3P cookie settings in Internet Explorer (IE) 6.0. Organizations failing to P3P-enable their sites could alienate an estimated 35 million IE 6.0 users and incur sizable revenue losses and brand erosion. If your website sets cookies – either from your own organization or from third parties – then you’ll probably want to take steps to comply with P3P so that the functionality of your website will not be negatively impacted when users with P3P-enabled browsers access your website. Websites that are not P3P compliant and rely on cookies to track visitors will encounter difficulties with IE 6.0 browser users.
Faulty interactions. Interactions occur whenever a user interacts with your site, whether it is filling out a form, buying a product or service, or using your site’s search engine. According to leading industry analysts, 84% of users abandon websites because of defects such as slow download times and broken links. Users become nervous if the site crashes, the transaction process is slow, or if it fails completely. Their trust in your organization may disappear and you may never regain it.
Inaccurate, missing, or obsolete information. As your site changes, it is not uncommon for existing but obsolete content to remain accessible to users – this can result in business or legal issues for your organization. For example, if you had a price promotion on one of your products or services that expired, but a user could still access the page after the promotion period, they could insist on buying your product or service for that lower price. You may be bound to honor that price because it is posted on your site. Also, pages can be missing content because someone deleted records in a database. Incomplete pages can sometimes be accidentally uploaded from your staging server to the live server. How will you know they are there?
Risky Content. In order to manage your company’s legal exposure, a heightened knowledge of your site’s data practices is required. Determining what type of data your website collects will help determine what regulations apply. You will also want to ensure that there is not any objectionable language or content on your site.
Some of the most trusted brands in the world may be exposing their customers to pornography – and they don’t even know it. Over the last few months, “porn napping” has been on the rise. “Porn napping” is the practice of buying up expired domain names and pointing the URL to a pornography site. Before the Internet economy crashed, more than 75% of expiring domain names were renewed. Now, only about 50% of the 500,000 domain names that expire each month are re-registered by their owners. Many companies are not paying attention and are letting their registration renewals lapse. They often do not know the URL has been “kidnapped” until they receive irate phone calls from customers. Even large organizations have been caught off guard. For instance, in late November 2001, America Online removed a prominent hyperlink to a hardcore pornography site from its Web-based search engine for children2. Only by regularly analyzing your corporate website can you identify risky content and reduce your danger of exposure.
Third-party links. You have no control over what others do on their site, but your site may be blamed if there are problems. A link is often interpreted as an implied endorsement. If you do not know your external links have expired, then you will continue to send your users down a path of no return on a broken link. It is also important to know which external websites your site links to because your organization may bear reputation and litigation risks if a linked site has questionable privacy practices. Identifying links to third-party sites can help you monitor these risks.
Many organizations lack insight into what users are experiencing on their website and have no means of finding the issues that drive users away. The consequences of these problems can be severe. They can affect your ROI with impacts such as lost customers, brand erosion, and reduced conversion and customer retention rates. They can also affect the bottom-line through decreased productivity, increased litigation risk from lack of compliance to corporate or government standards, and a lack of “e-metrics” to manage the website effectively.
Have your say: