Increasing the security of eBay’s massive and growing auction and sales platform will be a top priority during 2007, according to company executives.
The recent announcement of an enhanced password program for PayPal users is just one example of a larger effort to curtail phishing and fraud at the auction site.
The challenge of increasing eBay’s security is mounting as the firm sees more international sales transactions on its platform, which can complicate the process of rectifying a sale that goes bad. eBay and its PayPal online payment subsidiary are also favorite targets of phishing attacks, in which fake e-mails lead to spoofed Web sites that cyber criminals use to steal personal information that can lead to identity theft.
Too Much Fraud
“It’s no secret that online criminals who target sites like eBay and PayPal have grown in number and sophistication over time,” said William C. Cobb, president of eBay North America. “Where we’ve historically put an emphasis on transparency and free choice, today the security threats are more complex, and we’re more actively protecting our buyers from fraud.”
Cobb unveiled the security initiatives as part of his annual keynote address to the eBay community, a sort of state of the company report to the millions of buyers and sellers who are key to eBay’s long term survival.
eBay planned to simplify the site in order to improve ease of use and to “take a more proactive approach to trust and safety,” said Cobb.
eBay broke new ground by recently saying it would offer a password-generator key fob to PayPal users. The automatic pass code generators will mean that users can choose to have two passwords, their original self-chosen code, along with the randomly generated code, to access their sites. That move is aimed directly at cutting down on successful phishing attacks.
Trust and Verify
Part of the push would be aimed at improving the customer experience on eBay by holding sellers to higher standards, Cobb remarked, adding that will include more aggressive policing of the site for potentially counterfeit products, something that already takes place behind the scenes.
“Make no mistake — counterfeits are illegal and not welcome on eBay,” he said. “We’ve cooperated with copyright and trademark owners to bring down counterfeit listings for years, but recently we put stricter measures in place to further safeguard the buyer experience.”
On sales of items known to be “favored by counterfeiters” — such as high-end fashion items, jewelry and sports-related items — eBay is now requiring additional seller verification steps. “So far, these effortsappear to be paying off with minimal disruption to our legitimate sellers,” Cobb said.
Protecting E-MaileBay is also taking steps to protect buyers’ e-mail addresses, enabling them to keep them hidden when making bids on high-end items.
Such users are often targeted with malicious e-mails after it becomes known they placed bids on expensive items.
eBay is also withdrawing its tacit support for what it describes as unsafe payment methods, requiring all newly registered sellers to accept only PayPal or a merchant credit card as payment options and forcing sellers who want to sell outside their home country to have their identities verified by PayPal.
In addition, sellers will no longer be able to hide their unfavorable feedback and eBay will closely watch shipping costs charged in some product categories, which is meant to ensure that sellers are not taking advantage of buyers.
Both PayPal and eBay have traditionally been favorite targets of cyber criminals. In addition, problems common to online auctions — such as products that are never delivered and products being misrepresented in auction listings — are always a top source of complaints to the U.S. Federal Trade Commission.
Traditionally, eBay has sought ways to make good on purchases gone bad, but has been reluctant to raise the bar for sellers too high for fear of reducing the variety and scope of products available on theplatform, which is what draws millions to shop there and makes eBay one of the top e-commerce sites on the Web.
“It’s clear we have a shared responsibility with our sellers to make sure our buyers have satisfactory experiences,” Cobb added.
“Historically, eBay’s philosophy has been to allow practically anyone to sell, with few restrictions,” he noted. “Going forward, we’ll apply higher minimum standards for selling on the site. These changes will improve the marketplace for the vast majority of sellers who deliver a good customer experience.”
Losses due to online fraud cost companies billions of dollars each year and pose a long-term risk to the health of e-commerce if not addressed.
eBay and other e-commerce sites need to walk a fine line, providing enhanced security without altering the shopping experience, Gartner analyst Avivah Litan said.
“People shop online for convenience, so enhanced security has to fit that model,” she said.
That balancing act may be particularly difficult for eBay, as it has both buyers and sellers as its customers and because the open community style approach to commerce is what eBay has long claimed sets it apart from other e-commerce outlets.
“Companies are beginning to recognize that the risks of continued losses to fraud and identity theft are enough to warrant them to take additional steps to make shoppers feel more confident and secure,”Litan added.