« Back to blog

Viewed
times
Favorited 0 times
About Me

Maciek Saganowski - User experience advocate, online product consultant, business developer & internet entrepreneur. Co-founder of pstro.pl. Runs a UX consultancy boutique - Ultimo, helping out with usability work, online product management and user experience engineering. Maciek also advises to web companies entering the Polish online space. Services include partners sourcing, business development & online marketing.
Contact: via linkedin

Get Updates
 

Padlock trick. Can favicon help you convert better?

Ssl-padlock

Yes it can. At least in some tiny part, a 16 x 16 pixel logo in the url bar can have a small contribution to your conversion. And it's not about the touchy-feely branding, but about making your user notice they've progressed onto the SSL-protected part of the site and it's all nice and safe from here. Here's how it could work.

Each e-commerce transaction goes via 2 states:

1) customer arrives on the site (http:// - unsecured part of the site)
2) having decided to purchase the customer clicks on the 'proceed to checkout' button or similar call to action and enters an SSL protected part of a site, where the e-commerce transaction occurs via a personal detail forms or a credit card payment (https:// - secured part of the site)

Let's look at some examples. That's how Amazon's URL looks in different browsers at these 2 distinct steps:

On Firefox

1) upon opening the site you see this:
Firefox_unsecured

2) when you decide to progress to check-out you see this:
Firefox_secured

(Firefox indicates entering SSL zone by including a certicate owner's name on the right hand side of the favicon)

On Safari

1) unsecured
Safari_unsecured

2) secured
Safari_secured

(Safari seems to disregard this problem completely and does not change the url bar at all. Little chance the less savvy user ever notices the https)

On Chrome

1) unsecured
Chrome_unsecured

2) secured
Chrome_secured

(Chrome does quite a lot to notify the user of the ssl state. Little padlock however is positioned on the far right side of the URL, hence it's often missed, as users don't look there)

Now. Here is the interesting part. What I've noticed on many occasions while doing usability study for my clients - Before the customer starts entering their credit card details online, often they double-check that the site they're inputting their CC on is secured and "has this little yellow paddlock". If it is, then it's good to go and the site is safe.

I kid you not. I heard from my usability participants that the "little yellow padlock = safety heaven" so many times that I've decided to find a way to overcome browsers' inconsistency in displaying SSL area.

The simplest way, it seems, is emphasizing the SSL by applying a special format of the favicon on the secured site. So now, it could look like this:

Screen-capture-6
Basically, the idea is simple. I'm proposing one format of favicon for the regular pages and another type (ie. with padlock) for SSL protected pages.

I realize it's a tiny little thing and its impact on conversion might be minimal. Still, worth a shot if you serious about boosting the perceived safety of your site.

For a small local shop, this will unlikely make any visible contribution to the revenue. For a bigger player, like Orbitz, it could have a tangible effect and pay for drinks at their annual Christmas party :)

Posted

9 comments

May 11, 2010
Nik said...
Both orbitz links have the https:// prefix.
Nice idea but wouldn't this be open to abuse?
May 11, 2010
Maciek Saganowski said...
ouups, my bad. You're right. The second Orbitz should have a https:// naturally.
Open to abuse? I don't think how it could. Got an idea?
May 11, 2010
Nik said...
It would be possible to spoof the padlock addition on your own favicon, for a nonSSL page no?
May 11, 2010
Maciek Saganowski said...
all right. That yes. Hmmm. Have no fix for that :(
Let's just hope folks would you the padlock trick responsibly.



May 11, 2010
Nik said...
Needs a good standard though as I think recently in Chrome on Windows Google experimented with now showing the http(s):// prefix on urls.
May 11, 2010
Nik said...
"now showing" = "not showing".

(Must type slower, sorry).

May 11, 2010
Maciek Saganowski said...
not showing https://. I don' think it would do wonders to conversion for some sites.
May 20, 2010
 said...
You haven't mentioned about "hard cache"; you won't see any difference on the adress bar in all major browsers.
May 20, 2010
Maciek Saganowski said...

my bad. still, though the idea needs some further enhancement, problem remains the same, how to ensure users they're now on the SSL, as browsers don't do job good enough or it's inconsistent

Leave a comment...