It sounds promising, but the profitability of Australia’s ecommerce industry has shrunk over the past five years. Several factors eat into profit margins. Among these are intense competition domestically, international operatives, and high start-up and maintenance costs for major websites. For the sustainability of your business, consider these ways to improve your risk management.
Server reliability and website downtime:
Your website is your lifeline, but it’s useless if your customers can’t access it due to a glitch with your hosting service or the server is overloaded. Check your hosting solution for reliability – find out their uptime percentage. If the provider claims a 99% uptime, that means it would be offline for more than 3.5 days a year. That’s why you should be working towards 99.9%. You can use this website to check if your site is down, just for you or everyone.
Ask your hosting provider if they have an explicit policy to ensure services won’t be overloaded? What happens if your site has a surge in traffic – will it cope?
Cyberattacks such as ransomware, phishing, bots, distributed denial of service, man-in-the-middle interceptors, spamming, and malware are common for ecommerce businesses. The official Scamwatch website is handy for updates.
Be sure your site is secure with a https protocol, which is also good for your website’s Google search ranking. Install, update and regularly run anti-malware and anti-virus software on your computers and keep your firewall up. Secure your admin panel and server with complex passwords you change often. You can also have the panel notify you when a foreign IP seeks access to it. Back up your data and continually upskill your staff in website security practices, ensuring you delete former employees’ details and systems access promptly.
Cyber supply chain:
Consider the supply chain risks within your control (internal) and outside your control (external). The Australian Cyber Security Centre explains internal risks include incorrect user privileges and data accessibility. Meanwhile, external threats relate to third party involvement and foreign control. Here are more details.
Friendly fraud is when a customer buys from your ecommerce site, then asks for a chargeback from the payment processor, saying the transaction was invalid. They might get the item free, then claim they never received it or tell their credit card company they returned it. Be a step ahead of them with a chargeback management software tool to cut your fraud loss and help you resolve disputes.
Other fraud may occur with stolen credit cards where the user may argue for a cashback claiming an accidental overpayment. When you try to send the funds, the fraudster will ask you to redirect the reimbursement as they’re closed the credit card. If a hacker steals customers’ personal data from your site, they can take over others’ accounts, meaning your customers will lose trust in your systems. Fraudsters can also intercept orders to change the delivery address.
To deal with these issues:
- Make sure your site is PCI-DSS compliant if you store your customers’ credit card information on your database
- Use a third party such as Stripe, Square, or PayPal to handle payment transactions away from your site
- Tap into a third-party fraud detection solution to raise red flag transactions
- Maintain a blacklist of customers who test credit cards on your site
- Be alert, particularly during holidays, because customers tend to be laxer with security and merchants preoccupied.
- Keep up to date with trends such as the surge in customers using digital/mobile wallets and the Federal Government’s move to consider the Trusted Digital Identity bill in the spring session. Four government agencies and one private company are accredited to provide digital identification services under the digital identity framework. It aims to allow a safe, secure, and simple way to verify identity online.
An extra layer of risk management:
You can also protect your online business with tailored commercial insurance. Typically, ecommerce stores should consider these types of cover:
- Cyber insurance (including privacy protection, hacker damage, data breach costs, cyber liability, cyber business interruption, and cyber extortion)
- Product liability insurance if you sell items to the public
- Professional indemnity insurance if you offer services or advice
- Shipping and cargo insurance if your goods are transported or stored in a warehouse
- Personal accident insurance if you’re a sole trader.
Our experience in organising policy packages for ecommerce businesses like yours means we can customise cover to your needs.