E-BUSINESS SPECIAL REPORT
Is Internet Security Killing E-Business?

E-commerce has come a long way from the days when shoppers would abandon purchases in droves rather than wait several minutes for tortoise-slow secure transaction pages to be processed.

Thanks to millions of dollars in investments on the merchant end and widespread upgrades to broadband connections by consumers, e-commerce has begun to move at a faster pace. Still, transactions can bog down, especially over dial-up connections, and security remains one of the biggest impediments to speedier transfers.

"The threshold is still there," Lloyd Taylor, vice president of technology and operations at Keynote Systems, a Web site performance measurement firm, told the E-Commerce Times. "People will still abandon purchases if they take too long."

Please Hold

While some analysts say the eight-second rule -- if a Web site does not process a transaction in eight seconds, it is too slow -- is growing stale in a high-speed access environment, how quickly customers will bail out of a purchase depends on how much time and energy they have invested in the shopping process and how readily available the items they want are at other sites.

"If it's something I can only get there and I've decided I need it, I'm going to wait as long as it takes," Gomez Inc. senior performance analyst John Lovett told the E-Commerce Times. "But if they know they can get it elsewhere, the threshold is much lower than ever."

Despite the risk of shopping-cart abandonment and the fact that Web site performance measurement has become routine, with many companies measuring their own site load times and those of their competitors down to tenths of seconds, companies are reluctant to boost speed at the expense of security.

"The very large e-commerce sites especially are very sensitive to trading off security with performance," Taylor said. Companies know that although liability is a risk, a bad security breach can be far worse, costing millions of dollars in actual damages and doing untold harm to a brand name.

Making Strides

Fortunately, experts say the tradeoff between performance and security is becoming easier to swallow as security technology becomes increasingly integrated with enterprise systems -- but they also say it will never completely disappear.

"Some aspect of that tradeoff is always going to be there," David Pike, Web architect at online payment services provider Cybersource, told the E-Commerce Times. "It's still evolving. It's definitely much better than it was two years ago, and companies like ours have spent a lot of time and energy focusing on ways to address it."

In fact, most of Cybersource's customers, who average more than US$5 million worth of transactions per year, are looking for a blend of speedy performance and solid security, he added.

Willing To Wait

By and large, consumers may not mind waiting as much as they once did, since awareness of security issues has risen along with the size and sophistication of the online population. Pike said high-profile efforts by Visa, MasterCard and others to tout the security of their products for online shopping has helped boost overall understanding of fraud and related issues.

"Managing customer expectations is critical," said Keynote's Taylor. "As people are doing more and more broadband, they expect much faster overall [performance]. As performance gets better, people expect better. It's like you're running a race in circles and you'll never get to the end."