The history of spam is quite interesting, while is may be annoying to you today, it’s been around in various forms for a number of years. 

While it’s been called spam for only a few decades, the first recorded instance of sending unsolicited messages was over a century ago.  In 1864 Western Union proudly introduced a new telegraph feature where users could send a single telegraphic message to multiple destinations on their network.  This new feature was almost immediately used by a British dentist who sent out a mass unsolicited advertising message via telegraph.  

The first email spam as we know it was sent on March 5, 1994 by lawyers Laurence Canter and Martha Siegel who used the original USENET system to broadly advertise their immigration law services.  Clearly, a certain Nigerian prince took notice.

In the early days of electronic messaging, mass solicitations quickly dominated email traffic and most inboxes.  Prior to any sort of ad filtering technology it was estimated that spam email constituted 80% or more of all emails, but it wasn’t yet called spam, although it was called many other colorful names.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

While spam is mainly thought of as email spam, form spam incidents are increasing daily.  A typical website has a number of forms with various functions including contact forms, newsletter sign-ups, comment forms and product review forms.  Form spammers inundate these forms with huge volumes of unwanted submissions.  The most common spam submissions include links to questionable sites and links to potential malware and phishing sites.  One of more common spam attacks include links to a spammers revenue per click site which may even include a hyperlink to other sites so that they can gain link equity and increased SEO value.

The costs of form spam to a site owner’s business include an impact on user experience as human visitors (potential customers) must scroll through these spam entries to actually get to a true product review or comment.  The user experience is further eroded by a potential increase in lag time which not only decreases user experience but also impacts search engine rankings as one key measure is response time.  Additionally, site owner staff must engage in the daily chore of manually deleting all form spam submissions which has the hard cost of devoting team members to this extremely annoying task.

The most common solutions for battling form spam fall into the category of Turing Tests which all require some form of user response to prove that the visitor is in fact a human.  Virtually everyone has by now experienced the most common Turing Test called CAPTCHA where the user must exactly retype a difficult to read word.  Most recently we have all seen reCAPTCHA where the user might have to identify specific details from a fragmented photograph such as identifying which fragments have at least some portion of a stop sign.  These are always exhausting and don’t seem to be enhancing the user experience.

While theoretically solid solutions and quite effective when first introduced, spambots have since learned to bypass these methods with high accuracy as human site visitors became increasingly frustrated with often multiple failed attempts to pass the test.

These difficulties have a direct and obvious impact on conversions as studies show that roughly 3-5% of users depart a site immediately after being presented a CAPTCHA and a many as 30% of site visitors fail on the first attempt, with a percentage of visitor departures with each failed attempt.

A non-Turing Test methodology is the Ellipsis Human Presence Technology which is available commercially as Ellipsis Human Presence, as Shop Protector in the Shopify app store and as Human Presence in the WordPress app store.  The Ellipsis technology differs from Turing Tests in that the Human Presence technology invisibly monitors and studies human timing and movement characteristics during the normal course of a browser session with no need for any other interaction by the site visitor.  The Human Presence Technology then is able to identify if a site visitor exhibits human behavioral characteristics, or not.  The Human Presence Technology further protects individual forms throughout a site to totally protect from all types of form spam attacks.  Human Presence allows the site owner to offer an unencumbered user experience, improved response time while eliminating the need to dedicate staff to cleaning our form spam.

For more information, please visit us on the Ellipsis website, or on the Shopify or WordPress app stores.

In a recent Statistica study, worldwide eCommerce sales hit $3.46 trillion in 2016, up from $1.5 trillion as recently as 2015. Looking forward, eCommerce sales are forecasted to be $6.54 trillion in 2020 according to the same report. According to Statistica the top 3 online stores’ revenue amounted to almost $100 billion in 2017. Online shopping is one of the most popular online activities worldwide but the usage varies by region – in 2016, an estimated 19 percent of all retail sales in China occurred via eCommerce but in Japan the share was only 6.7 percent. Desktop PCs are still the most popular device for placing online shopping orders but mobile devices, especially smartphones, are catching up rapidly.

With this growth and visibility the eCommerce community has become a target for malicious hackers led by a host of spambots. A standard mode of attack is to bombard the contact, lead-generation, comment or product review forms of a site with an avalanche of commercial, political or other unwanted messages which prove to be a constant nuisance for true buyers and site administrators. This creates an environment where real human customers find it too unwieldy to sort through a massive stream of spam to read real buyer reviews and comments. Additionally, merchant employees need to allocate time daily removing unwanted form entries, a laborious and time consuming task.

Before a number of technological solutions came along that can protect a site from these spambot attacks, many eCommerce merchants simply disabled all forms on their site. While ending the frustration for shoppers and eliminating the employee tasks involved with removal, this proved to be a counter productive solution by eliminating the ability of shoppers to read reviews from prior purchasers. In effect this destroys the lifeblood of a successful eCommerce business, namely, soliciting user input through buyer product reviews, endorsements and product usage comments. A Power Reviews study of Amazon online sales states that even a single review (as opposed to none) can increase sales of an item by 65%. Additionally, 20% of overall sales are driven by reviews, and at least one-third of customers report that they won’t buy a product listed with no customer reviews.

Form spam encompasses the range of activities involved with the automated filling out and submission of website forms often with irrelevant, dangerous or false information. These submissions include links to questionable sites, malware sites, phishing sites, links hoping to direct visitors to the spammers revenue per click site and a wide variety of other scams. Other spam attacks are simply site scraping bots that are gathering content to include on their sites, the most common attacks in this are can be found in listing sites (autos, real estate, etc.), recruiting agencies (resumes), travel sites, price comparison sites, scraping for sales leads and in eCommerce, product data is lifted to be immediately re-listed with another vendor.

Bots are readily available for purchase on the internet which has created an invisible army of clandestine spammers infecting sites with their content hoping to get one or two visitors to take their bait.

The hard costs to the website owner are manifold. First of all, true human site visitors must sift through a number of spam submissions to actually find the true content that they are looking for while hopefully not clicking on a spam submission laden with malware. Repeated user experiences like this lower user engagement which greatly impacts sales and conversions and ultimately lowers repeat visits to the site.

Beyond these quantifiable hard costs there are a number of soft costs of form spam to website owners, and they are equally as painful. These soft costs include increased lag time on the site in general as well as in intra-site applications. Slow site response times lead to a frustrating experience for users and lower search engine rankings (loading times are a key measurement for determining search ranking). As bot traffic gains a foothold on a particular site, the volume of spammers will generally increase which could drive additional costs in site operation and ultimately infrastructure modifications. Conversely, being able to block spam bots can allow sites to operate efficiently with existing infrastructure.

The most common current solutions are predominantly in the Turing Test category and require a human interaction and response which are in themselves annoying to site visitors who simply came to an
eCommerce site for information and to buy a product. CAPTCHA is the most popular Turing Test and the one which most eCommerce site owners are familiar with. Research has shown however that a large percentage of prospective buyers depart a site immediately upon being presented with a CAPTCHA and as many as 40% fail on the first attempt decreasing customer experience and stopping prospective customers before they can complete a transaction. This has led to the advent of form spam prevention solutions that require no interaction with the site visitor and therefore eliminating the loss of buyers due to Turing Test related issues.

Beyond form spam, there are new bot attacks emerging daily, a rapidly evolving area of attack falls under the overall term of “sneaker bots” which are highly sophisticated bots that search the web for a specific make and model of a newly released sneaker, primarily for resale by the bot owner. When a new model of sneaker is released and it is generally in limited quantity, the sneaker bots can find the item anywhere in the world and fully execute thousands of transactions in a matter of minutes. These days “sneaker bot” is a bit of a misnomer as these bots now search for any limited inventory product including all lines of streetwear, collectibles, limited production jewelry and more.

The leading eCommerce platform, Shopify, offers a number of security related apps through their app development partners, the number one rated Shopify app in this category is Shop Protector. According to a recent study which reviewed Shopify apps in this category, their ranking shows the best Shopify security apps available today. The bot attacks are real and there are many current technological solutions available to eCommerce merchants, but you do need to protect your store and your investment.

Bill West is the Founder and CEO of Ellipsis Technologies. Ellipsis has developed an eCommerce security technology which allows a website owner to invisibly detect human traffic while quarantining all suspicious visitors. The Ellipsis technology utilizes user timing and movement data coupled with a historical human behavior database and proprietary machine learning algorithms to allow human site visitors to avoid CAPTCHA or other turing tests with a focus. Ellipsis also protects against form spam by identifying and blocking all spam bot attacks. Available on the Shopify app store (Shop Protector), as a Drupal module and a WordPress plug-in (Human Presence), it is also integrated into the Convesio WordPress hosting platform. Mr. West was previously COO of Carolina Phone, COO of Dial Page and President of USTelecenters.

The history of spam is interesting.  While it’s been called spam for only a few decades, the first recorded instance of sending unsolicited messages was over a century ago.  In 1864 Western Union proudly introduced a new telegraph feature where users could send a single telegraphic message to multiple destinations on their network.  This new feature was almost immediately used by a British dentist who sent out a mass unsolicited advertising message via telegraph.  

The first email spam as we know it was sent on March 5, 1994 by lawyers Laurence Canter and Martha Siegel who used the original USENET system to broadly advertise their immigration law services.  Clearly, a certain Nigerian prince took notice.

In the early days of electronic messaging, mass solicitations quickly dominated email traffic and most inboxes.  Prior to any sort of ad filtering technology it was estimated that spam email constituted 80% or more of all emails, but it wasn’t yet called spam, although it was called many other colorful names.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

While spam is mainly thought of as email spam, form spam incidents are increasing daily.  A typical website has a number of forms with various functions including contact forms, newsletter sign-ups, comment forms and product review forms.  Form spammers inundate these forms with huge volumes of unwanted submissions.  The most common spam submissions include links to questionable sites and links to potential malware and phishing sites.  One of more common spam attacks include links to a spammers revenue per click site which may even include a hyperlink to other sites so that they can gain link equity and increased SEO value.

The costs of form spam to a site owner’s business include an impact on user experience as human visitors (potential customers) must scroll through these spam entries to actually get to a true product review or comment.  The user experience is further eroded by a potential increase in lag time which not only decreases user experience but also impacts search engine rankings as one key measure is response time.  Additionally, site owner staff must engage in the daily chore of manually deleting all form spam submissions which has the hard cost of devoting team members to this extremely annoying task.

The most common solutions for battling form spam fall into the category of Turing Tests which all require some form of user response to prove that the visitor is in fact a human.  Virtually everyone has by now experienced the most common Turing Test called CAPTCHA where the user must exactly retype a difficult to read word.  Most recently we have all seen reCAPTCHA where the user might have to identify specific details from a fragmented photograph such as identifying which fragments have at least some portion of a stop sign.  These are always exhausting and don’t seem to be enhancing the user experience.

While theoretically solid solutions and quite effective when first introduced, spambots have since learned to bypass these methods with high accuracy as human site visitors became increasingly frustrated with often multiple failed attempts to pass the test.

These difficulties have a direct and obvious impact on conversions as studies show that roughly 3-5% of users depart a site immediately after being presented a CAPTCHA and a many as 30% of site visitors fail on the first attempt, with a percentage of visitor departures with each failed attempt.

A non-Turing Test methodology is the Ellipsis Human Presence Technology which is available commercially as Ellipsis Human Presence, as Shop Protector in the Shopify app store and as Human Presence in the WordPress app store.  The Ellipsis technology differs from Turing Tests in that the Human Presence technology invisibly monitors and studies human timing and movement characteristics during the normal course of a browser session to identify if a site visitor exhibits human behavioral characteristics, or not.  The Human Presence technology further protects individual forms throughout a site to totally protect from all types form spam attacks.  Human Presence allows the site owner to offer an unencumbered user experience, improved response time while eliminating the need to dedicate staff to cleaning our form spam.

For more information, please visit us on the Ellipsis website, or on the Shopify or WordPress app stores.

While unsolicited email advertisements have been around for decades, it wasn’t until a few years later that it was commonly called “spam”.  The story on how it came to be called “spam” is an interesting one.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu (shown left) where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage, or a real email. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

The actual dialog from that sketch drives the word spam into your head, the scene is set in a cafe, incredibly one table is occupied by Vikings wearing horned helmets.  Whenever the word “spam” is mentioned (and it is uttered 132 times in the sketch), they break into spam songs and chants.  A couple enters the restaurant to inquire about breakfast and the dialog is as follows: 

Man:	You sit here, dear.
Wife:	All right.
Man:	Morning!
Waitress:	Morning!
Man:	Well, what’ve you got?
Waitress:	Well, there’s egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam;
Vikings:	Spam spam spam spam…
Waitress:	…spam spam spam egg and spam; spam spam spam spam spam spam baked beans spam spam spam…
Vikings:	Spam! Lovely spam! Lovely spam!
Waitress:	…or Lobster Thermidor a Crevette with a mornay sauce served in a Provencale manner with shallots and aubergines garnished with truffle pate, brandy and with a fried egg on top and spam.
Wife:	Have you got anything without spam?
Waitress:	Well, there’s spam egg sausage and spam, that’s not got much spam in it.
Wife:	I don’t want ANY spam!
Man:	Why can’t she have egg bacon spam and sausage?
Wife:	THAT’S got spam in it!
Man:	Hasn’t got as much spam in it as spam egg sausage and spam, has it?
Vikings:	Spam spam spam spam… (Crescendo through next few lines…)
Wife:	Could you do the egg bacon spam and sausage without the spam then?
Waitress:	Urgghh!
Wife:	What do you mean ‘Urgghh’? I don’t like spam!
Vikings:	Lovely spam! Wonderful spam!
Waitress:	Shut up!
Vikings:	Lovely spam! Wonderful spam!
Waitress:	Shut up! (Vikings stop) Bloody Vikings! You can’t have egg bacon spam and sausage without the spam.
Wife:	I don’t like spam!
Man:	Sshh, dear, don’t cause a fuss. I’ll have your spam. I love it. I’m having spam spam spam spam spam spam spam beaked beans spam spam spam and spam!
Vikings:	Spam spam spam spam. Lovely spam! Wonderful spam!
Waitress:	Shut up!! Baked beans are off.
Man:	Well could I have her spam instead of the baked beans then?
Waitress:	You mean spam spam spam spam spam spam… (but it is too late and the Vikings drown her words)
Vikings:	(Singing) Spam spam spam spam. Lovely spam! Wonderful spam! Spam spa-a-a-a-a-am spam spa-a-a-a-a-am spam. Lovely spam! Lovely spam! Lovely spam! Lovely spam! Lovely spam! Spam spam spam spam!

Technically, Shopify apps play an important and integral role in the Shopify platform. It would be impossible to imagine this platform without the applications. With the applications, developers and businesses will be able to offer better products and services to their customers. This is an important stage in boosting the performance of your retail store. Of course, this is also an effective technique for hosting many additional functionalities. When it comes to Shopify applications, you have innumerable options to choose from. Every functionality and every need has a unique application to choose from. Some of these apps are absolutely free of cost. And, others will expect you to pay a nominal fee. When you are looking for an application to support your business in Shopify, there are few things you should focus on.

First of all, you must appreciate the fact that Shopify apps are not only meant to attract more traffic to your website. Instead, these apps can be integrated into your daily business processes. With the help of these applications, you will be able to offer specialized assistance to your customers. Indeed, this plays an important role in building the credibility of your business.

When you decide to host your security application in Shopify, here are few benefits you are bound to witness:

1. With the help of Shopify applications, you will be able to access a variety of information about eCommerce.
2. You will be able to control your website like a true professional. You will be given an admin panel, which makes you the owner of it all!
3. The entire application will be designed with analytics and other add-on facilities.
4. You can access your applications using desktop and smart devices. The user experience offered by Shopify security apps is remarkable.
5. You can make use of an array of advertisement and customization options from Shopify.

Top Trust and Security Applications in Shopify

With this being said, let us understand more about a few interesting security applications in Shopify.

#1 Shop Protector by Ellipsis Technologies

Image source

First things first, if you own an eCommerce website, it needs to be protected. Just like how you would protect your physical store, your online venture has to be safeguarded. This is when apps like “Shop Protector” are an absolute necessity.. The ultimate purpose of Shop Protector is to protect your investment, your store and your customers. The application offers users a 14-day free trial, after which you pay an attractive $4.99 USD each month.

With the help of a Shop protector, you will be able to safeguard your Shopify store from bot attacks, specifically form spam and fake account creation attacks. Not only is your entire Shopify store protected from invisible bots but Shop Protector is the best solution for preventing the impact of annoying spam messages that clog up your forms and require your staff to purge on a daily basis. With Shop Protector you can ensure that bots are not filling the forms in your Shopify store. . Shop Protector effectively fights against two of the most commonly found issues in eCommerce world, general bot attacks and form spam..

Shop protector runs quietly and invisibly within your Shopify store while analyzing your store visitors behaviors and protecting the store completely.

App URL: https://apps.shopify.com/ellipsis-human-presence-technology

#2 EU Cookie Bar ‑ Cookie GDPR by Booster Apps

Image Source

As suggested by its name, this application is customized for EU customers. It ensures that a cookie banner is offered to all EU customers. This falls in line with the GDPR consent. The application is completely free. Three important aspects of this application are: the cookie consent bar is designed in compliance with the EU. It will be shown to all customers visiting your eCommerce store. Secondly, this is a one-click, customizable bar. When the customer agrees to the terms and conditions, the bar would be hidden automatically. This is important when all customers from the EU need to comply with your store, before making a purchase.

App URL: https://apps.shopify.com/eu-cookie-bar

#3 Shop Secure by Eggflow

Image Source

When you want to filter frauds and keep them away from your website – Shop Secure will be extremely useful. Once again, this application offers an immediate consent banner. Customers who fail to agree will not be allowed to shop from your website. Above all, they may be asked to pay a big fine. The application keeps track of customers who keep visiting your website. With this data, you will be able to improve the overall functionality of your store by leaps and bounds.

App URL: https://apps.shopify.com/shop-secure

#4 Google Customer Reviews by AdNabu

Image Source

It would be impossible to run a successful online business without the help of Google reviews. This is why this application proves to be useful. As suggested by its name, this application focuses on showing Google reviews of your business. It captures reviews and badge ratings for your business. These details can be improved and positioned to suit your business. Google Customer Reviews is an absolutely free service. This is where the search engine allows customers to provide feedback about a business. These reviews help potential customers decide if they should buy from a site or not!

Indeed, this application is necessary when you want to improve conversion rates and establish customer trust.

App URL: https://apps.shopify.com/google-customer-review-and-badge

#5 Cozy AntiTheft by Cozy eCommerce Addons

Image Source

Cozy Anti-Theft solves a very interesting problem. In this modern era, search engines like Google pay close attention to the originality of content. If your content is fake, the overall ranking of your website will drop. Just like content, the images and links in your website should be genuine. Cozy Anti-Theft ensures that the content and images in your site are never stolen. This way, you will be able to ensure that all the data mentioned in your website is authentic. You can disable right-click, and copy using this Shopify App.

App URL: https://apps.shopify.com/cozy-antitheft-for-images-and-more

#6 Rewind Backups by Rewind

Image Source

The ultimate aim of this application is to secure all your backups, created for Shopify stores. The backups are secured automatically. Unlike many other platforms, Shopify is not coded to help you recover lost content. If you are not relying on applications like Rewind Backups, you will lose all your data without any second thoughts. Fortunately, with Rewind Backups, such issues will not be faced. This application gives developers and business owners great peace of mind. Any unwanted changes in your Shopify site can be resolved with just a few clicks of a button. The app is capable of handling millions and millions of images, texts and contents seamlessly.

App URL: https://apps.shopify.com/backup

#7 TrustedSite by TrustedSite

Image Source

Just like how Google Reviews work, TrustedSite is all about increasing conversion rates and boosting trust. This application works with McAfee Secure. And, the application is absolutely free. When a customer lands on your website, they will look for factors that make your venture appear trustworthy. It is important to portray your website as a genuine platform. You can do this with the help of TrustedSite. This application issues a certificate that guarantees to every customer that your business and website are reliable. The app begins by focusing on security issues, and it also verifies important contact details.

App URL: https://apps.shopify.com/mcafee-secure

#8 Vault ‑ Premier AntiTheft by Electric Apps

Image Source

If you are aiming for another application that can prevent people from copying your content and images – consider Vault Anti-Theft. Most of the time, your rivals will want to steal information from your website. And, if you have built a stunning site with one-of-a-kind details, anyone would want to get hold of it. Images, text and content are precious to any business. After all, SEO strongly claims that content is king. However, you cannot invest all your time and effort in fixing these issues. That is why you need a professional application like Vault Anti-Theft to protect your Shopify store.

App URL: https://apps.shopify.com/vault-antitheft-protection-app

#9  B2B Verify Customers by Singleton software

Image Source

Before your customer can see the prices of your products, and consider adding items to the cart – do you wish to verify and authorize them? If yes, B2B Verify Customers is a great choice for you. With the help of this application, you will be able to design your very own B2B store. The store will be visible only to authorized customers. And, only these authorized customers will be able to place orders. The decision of approving and rejecting customers will be made by the admins. And, if a visitor tries to access your website, they will be allowed to view the content, but never make a purchase.

App URL: https://apps.shopify.com/b2b-verify-customers

#10 Locksmith by Lightward

Image Source

Last but certainly not least, you have Locksmith! This application is all about offering access control to your website. In fact, anything and everything on your website can be protected. With the help of this application, you can create locks for various customers. And, the keys will be shared with customers who can unlock the specific content! For instance, if only certain customers can receive your newsletter, you can lock it using this app. When customers with the “correct key” access your site, their option to receive newsletters will be enabled. Using this application is useful when you have different types of customers, with various levels of expertise and requirements. Of course, you can customize the locks and keys based on your business.

App URL: https://apps.shopify.com/locksmith

Conclusion

These are ten Shopify Trust and Security Applications for your business. This list doesn’t end here! You have so many other applications to help you with a well-protected and an efficient site.

When you design a Shopify website or application, you must acknowledge the fact that it has to be protected and managed safely. Trying to incorporate all of the above-mentioned features into your application or website using first-hand code – is equivalent to reinventing the wheel. Thus, save your time and effort by using these pre-designed and tested Shopify Security apps.

Additional resources on Shopify Success

1. Ultimate Guide to Selling on Shopify
2. How to create your first Shopify Store?
3. How to get more traffic to your Shopify store?
4. How to get more loyal customers to your Shopify store?
5. How to do Conversion Rate Optimization to your shopify store?

Guest Post by AdNabu

AdNabu helps improve sales in Google Ads for eCommerce companies. If you are running search, shopping or display campaigns in Google Ads, Their software will be able to increase your sales. Sign up today for a 14-day free trial from here.

The Shop Protector app available on the Shopify app store is now protecting thousands of Shopify merchants from unwanted form spam while also protecting from fake account creation. With the Shop Protector solution, Shopify merchants can improve the user experience for human visitors and increase their conversion rate while taking action to prevent form spam. Additionally, Shop Protector includes a full analytics dashboard which shows site owners the level of human and suspicious traffic on their site.

Unwanted site traffic from bots is a constant source of threat and irritation for Shopify merchants. Beyond the annoyance of form spambots, competitors and other parties can use these automated programs to gather data from websites which is extremely irritating to shoppers and annoying to merchant staff that must be in a never ending battle to cleanse store forms from these spam entries which include newsletter signups, product reviews, comments, etc. Many merchants today combat this problem by forcing users to solve various Turing Tests, such as puzzles or tests where users are required to type in difficult-to-read characters–the most common method is the use of CAPTCHA—in order to prove they are human.

While partially effective, CAPTCHA-type solutions are extremely intrusive, frustrating to customers, driving lower user satisfaction and frequently becoming a barrier to completing online sales–at a real and significant cost to Shopify merchants. Shop Protector solves this problem with proprietary algorithmic models that invisibly monitors and measures user behavior patterns in the background to determine in real-time whether the behavioral characteristics of each site visitor matches historical human patterns, while specifically creating barriers for bots to post entries on any store form.

The Shop Protector solution is completely transparent and frictionless to the human store visitors. Shop Protector identifies the non-human behavior within milliseconds and goes into action to protect all store forms.  Moreover, using proprietary techniques, Shop Protector identifies non-browser spambots that are making automated HTTP requests to a form’s action and stops spam submissions from going through, allowing human customers to have an unencumbered user experience.

In short, the Shop Protector solution enables website owners to improve the user experience for legitimate human users while identifying and defending against spam bots and other malicious traffic.

The Shop Protecor technology is based on a set of proprietary algorithms, human behavior analysis, advanced risk detection and machine learning techniques. The machine learning tools allow the model to evolve and improve over time, providing highly sensitive discrimination.

The Shop Protector form protection technology was developed to solve the problems personally witnessed working with Shopify merchants that were using traditional techniques to detect bot traffic. The Shop Protector approach is unique in that it focuses on modeling human behaviors, rather than just spotting bot markers to clearly identify a human presence on the site. With the Shop Protector solution, Shopify merchants can greatly improve the user experience for human on-line shoppers by invisibly detecting spam bots and other malicious bots while eliminating the need to subject human site visitors to validation testing of any kind, which dramatically increases conversions. Shopify merchants have seen increases as high as 300% after removing CAPTCHA from their checkout using Shop Protector Plus as their sole deterrent.

Shop Protector and Shop Protector Plus can be found on the Shopify app store at https://apps.shopify.com/ellipsis-human-presence-technology

For the last few years Ellipsis Technologies has been focused on identifying and eliminating the many bot attacks in the eCommerce industry.  From simple site scraping bots to form spam to more insidious fake account creation and fraud through bot-based checkouts, each with their own method of penetration.  The bulk of the research focused on and was conducted with the extraordinary help of Shopify merchants. For the last year Ellipsis has been protecting thousands of Shopify merchants from all areas of attack with our Shop Protector suite of apps and have been humbled by the acceptance of our solutions in the Shopify community.

As anyone in the eCommerce world has experienced, bots today are increasingly being built to be more intelligent and designed to employ mechanisms that can circumnavigate many security and platform protocols. All of these attacks with all levels of sophistication cause costly problems for merchants who must deal with each attack individually.

Simple form spam attacks for example can create hundreds of posts within Comment Forms, Product Review Forms and Email Submission Forms creating havoc for real customers who must navigate through these fake submissions or more often, just give up.   These submissions also cost merchants in the form of merchant staff spending countless hours eliminating these submissions on a daily basis. Ellipsis dealt with this issue first and is now successfully protecting thousands of Shopify stores worldwide.

Most recently, Ellipsis has been focused on protecting merchants from bot-based checkouts which most commonly occur during flash sales and limited inventory events. The bots in this arena are extremely sophisticated and have developed a number of workarounds and exploits to game the system.  While some solutions have attempted to solve this issue, the more sophisticated bots can actually skip the store and checkout protocols altogether, effectively bypassing these solutions together and giving them an overwhelming advantage over true human customers during the limited window of inventory availability.  These tactics are extremely effective and frustrate your loyal human customers at every turn which greatly affects return buyers. The Ellipsis Shop Protector Plus app is the only available Shopify option which allows Shopify merchants to control the playing field by completely protecting their checkout.  Additionally. Shop Protector Plus allows the merchant to have total control as to the level of protection they need through a number of optional features.  Some of the critical configurable options are:

• Checkout Protection

• Reduce Bot-based Fraud

• Configurable Rules for Auto-mitigation

• Bulk Cancel Orders

• Better Order Insights

Both the Shop Protector and Shop Protector Plus solutions are available in the Shopify app store( https://apps.shopify.com/ellipsis-human-presence-technology ) with our technical service team available to assist if needed.   All Shop Protector apps come up with a free 14 day trial.

Greenville, SC, May 1, 2017–Ellipsis Technologies announces today the release of their Shopify app focused on combating form spam in the Shopify eCommerce environment. The Ellipsis Technologies Human Presence™ app is now available on the Shopify app store: https://apps.shopify.com/ellipsis-human-presence-technology. The app is a web security software technology that enables website owners to validate the presence of human visitors to their sites while flagging and deflecting traffic from automated, and often malicious, “bots.” With the Human Presence™ solution, Shopify users can improve the user experience for human visitors while taking action to prevent form spam and can optionally use the Human Presence API to also prevent site scraping, click fraud and other malicious activity from bots as well.

Unwanted site traffic from bots is a constant source of threat and irritation for eCommerce site owners and operators. Beyond the annoyance of form spambots, competitors and other parties can use these automated programs to gather data from websites, often overwhelming servers with non-human traffic. Many websites today combat this problem by forcing users to solve various Turing Tests, such as puzzles or tests where users are required to type in difficult-to-read characters–collectively referred to as CAPTCHAs–in order to prove they are human.

While partially effective, CAPTCHA-type solutions are intrusive, frustrating customers, decreasing user satisfaction and frequently becoming a barrier to completing online sales–at a real and significant cost to website owners. Human Presence™ solves this problem with proprietary algorithmic models that monitor and measure user behavior patterns in the background to determine in real-time whether the behavioral characteristics of each site visitor matches historical human patterns.

The Human Presence™ solution is completely transparent and frictionless to the site visitor. Human Presence™ identifies the non-human behavior within milliseconds, providing a tool which allows the site operator to choose how to respond to suspicious traffic. For instance, the site operator can allow human visitors to proceed without interference, while choosing to automatically test the suspected non-human site visitors with additional verification steps such as a CAPTCHA. Moreover, using proprietary Ellipsis techniques, Human Presence™ identifies non-browser spambots that are making automated HTTP requests to a form’s action, providing customers of Shopify site owners to have an unencumbered user experience.

In short, The Human Presence™ solution enables website owners to improve the user experience for legitimate human users while identifying and defending against spambots and other malicious traffic.

The Human Presence™ technology is based on a set of proprietary algorithms, human behavior analysis, advanced risk detection and machine learning techniques. The machine learning tools allow the Human Presence™ model to evolve and improve over time, providing highly sensitive discrimination between human and bot behaviors and visitors.

As Ellipsis CEO Bill West explains: “We developed the Human Presence™ technology to solve the problems we had personally experienced in our other businesses using traditional techniques to detect bot traffic. Our approach is unique in that it focuses on modeling human behaviors, rather than just spotting bot markers, to clearly identify a human presence on the site. With the Human Presence™ solution, we can greatly improve the user experience for human on-line shoppers by invisibly detecting spambots and other malicious bots while eliminating the need to subject human site visitors to validation testing of any kind.”

For more information please contact Ellipsis at info@ellipsistech.io or visit the Ellipsis website at www.ellipsistech.io.

About Ellipsis Technologies:

Ellipsis is a software technology company headquartered in Greenville, South Carolina that has developed a proprietary web security technology, Human Presence™, which allows a website owner to invisibly detect human site visitors while quarantining all suspicious visitors or bots.

Ellipsis is also in development of individual human identification technology with use cases in access management and control, seat license compliance and as a data source for academic and military projects involving cognitive aging and traumatic brain injury studies.

About Shopify:

Shopify is a Canadian eCommerce company headquartered in Ottawa, Ontario that develops computer software for online stores and retail point-of-sale systems. Shopify was founded in 2004.

CAPTCHA-like tests are annoying, frustrating and costly to online businesses. At Ellipsis, we’re changing the game with our proprietary web security technology that invisibly verifies human site visitors while protecting against harmful bots.

Ellipsis Case Study: http://www.kopisusa.com/case-studies/ellipsis/

East-EE, a security researcher, has discovered that Google’s reCAPTCHA is susceptible to a robot attack that leverages its own speech recognition service.

In 2016, another team of security researchers from Columbia University, identified flaws in the technology that would enable hackers to influence the risk analysis, bypass restrictions, and deploy large-scale attacks. Source.

East-EE posted a proof-of-concept script of the hack on GitHub. Using the Python programming language which enables an attacker to automatically bypass reCAPTCHA fields used to protect websites from spam and bot traffic. ReBreakCaptcha works in three stages, which you can find on East-EE’s blog.

Survey also shows majority of retailers haven’t invested in cybersecurity in the past year

By Matt Hamblen

Nearly a fifth of shoppers would avoid at a retailer that has been a victim of a cybersecurity hack, according to a survey.

The 2016 KPMG Consumer Loss Barometer report surveyed 448 consumers in the U.S. and found that 19% would abandon a retailer entirely over a hack. Another 33% said that fears their personal information would be exposed would keep them from shopping at the breached retailer for more than three months.

The study also looked at 100 cybersecurity executives and found that 55% said they haven’t spent money on cybersecurity in the past yearand 42% said their company didn’t have a leader in charge of information security.

Those responses confirmed worries that retailers are falling behind other industries like financial services and technology on cybersecurity issues.

“There is a lot at stake here for retailers,” Mark Larson, KPMG business leader for consumer markets, said in a statement. “Retailers that don’t make cybersecurity a strategic imperative are taking a big gamble.”

Tony Buffomante, cybersecurity leader for KPMG, said many retailers are not doing enough to protect their businesses from cyberattacks or react to them when they do occur. Paying more attention to cybersecurity could help their businesses, he added.

The survey results, posted Tuesday online, found that retail and automotive industries were laggards in appointing leaders to assess cyberthreats and opportunities. The financial services and tech industries were leaders.

Cyberattacks were also called “rampant” in the survey, showing that retail executives reported the most malware and internal and botnet attacks of the four industries (financial services, tech, retail and automotive).

KPMG advised companies to think about cybersecurity less as an IT-managed risk and more as a strategy issue. “Branding, loyalty, sales, overall customer relationships and business agility all hang in the balance,” KPMG said.

The survey findings and KPMG’s conclusions echo other surveys and comments by analysts who have called on businesses generally to focus more squarely on cybersecurity protections.

Original: www.computerworld.com/article/3111447/cybercrime-hacking/19-shoppers-would-abandon-a-retailer-thats-been-hacked.html

                                                                    Image credit: iStock / Public Domain

Article by: Kate Horowitz

GREENVILLE, SC – Ellipsis Technologies, which launched its Human Presence technology in 2015, announced that Bill Mahoney, former CEO of SCRA and current CEO of WTM Development, will join Ellipsis as a Senior Advisor to the Board of Directors. Mr. Mahoney will assist the Ellipsis board and team with both capital structure and strategic partner relationships. Bill West, the Ellipsis Chairman and CEO stated, “Bill is very well known for his work in fostering technology growth in South Carolina and increasing technology employment across multiple industry sectors in our state.”

“Ellipsis’ extensible architecture shows particular promise in serving both commercial and government cybersecurity segments,” said Mahoney. “I am very pleased to be working with this team to meet evolving needs in rapidly-moving markets.”

Ellipsis Human Presence is a web security software technology that identifies human website visitors through human behavior analysis and proprietary machine learning algorithms. Ellipsis enables website owners to validate the presence of human visitors to their sites while flagging and deflecting traffic from automated, and often malicious “bots.” With the Ellipsis Human Presence solution, site owners can improve the user experience for human visitors by eliminating the need for Turing tests like CAPTCHA while taking action to prevent site scraping, click fraud and other malicious activity from bots.

While Ellipsis is initially focused on website security, new products currently in beta or design phase include individual identity management for access controls and pure university and military research focused on concussion and traumatic brain injury studies.

Ellipsis has recently been selected as an SCLaunch company and has been approved by the State of South Carolina for an angel tax credit for investors in the company. Ellipsis has additionally been approved as an IBM Security Partner and an Amazon Web Services Technology Partner. The Ellipsis Human Presence technology is also now available as an app in the WordPress app store.