Majority of HK online shoppers cannot tell if a site is unsafe

Over 70% of respondents to a recent survey in Hong Kong said they did not know how to distinguish a secure website from an insecure one. With online shopping on the rise across the territory and the recent cases of high profile sites being compromised, online security is becoming top of mind for consumers and businesses.

The survey conducted by the Hong Kong Internet Registration Corporation (HKIRC) also found that 20% of respondents had experienced the theft of personal data or credit card details after shopping online. The survey covered 2264 respondents from a pool of 100,000 Internet users in Hong Kong.

While the prospect of greater threat is clear for online shoppers, Hong Kong has in the past been praised for its safe e-commerce environment which was highlighted in a recent study by PayPal which also noted that nine in ten Hong Kong shoppers make purchases online at least once per month, and around 20% do so at least once per week.

The HKIRC survey aimed to unveil the key factors affecting online purchase behavior, as well as public awareness and views on the safety of online shopping. When asked about the factors impacting users' intention on making online purchases, respondents cited the following top five factors:

  • Privacy of personal data provided to shopping websites should be protected
  • Transaction data should be well protected
  • Terms of purchase should be stated clearly
  • Product details should be clearly listed
  • Contact details should be prominently displayed

Jonathan Shea, CEO of HKIRC, noted that much greater education is required to raise public awareness on the issue online security. While he also admitted it would be difficult to give everyone the necessary technical know-how of how to spot in an insecure site, he hoped that websites using his organization's .hk domain could be seen as trusted sites.

HKIRC's survey suggested that .hk web sites ranked 8.6% higher than sites in the area of "shopping safety" which evaluated respondents' ratings on trust, positive impression and overall perception of safety across a range of websites.

Shea noted that HKIRC adopts very strict criteria for website registration and its recent enhanced services (link to: around domain name server (DNS) protection--a common target for malicious activity--will help .hk sites be better protected from online threats.

While security is the top concern for web users, the growth in online shopping continues with HKIRC citing numbers from the MasterCard 2013 Online Shopping Survey that indicated 82% of credit card holders in Hong Kong in 2012 had conducted online transactions.

Other findings in the survey showed that over 60% of respondents do not make immediate purchases in physical stores as they may make an online purchase a few days later. Additionally, over 80% of respondents refer to product information online before making purchases in store.

"The survey indicates that the buying behavior of local consumers has changed as more experience with the online shopping process is gained by both the buyers and sellers. Consumers now tend to check online before making a purchase in store, or vice versa," said Shea.

This growing trend of converging online and offline activities was the key focus at the 2014 Digital Marketplace Seminar organized by HKIRC and held at the Cyberport this week. Companies such as Bank of East Asia, Mabelle and many others shared views on the growing impact of online-to-offline (O2O) activities.

"Businesses can make use of both online and traditional channels to provide more interactive, efficient and assuring services on their websites, while preserving the good attributes of traditional shopping experience," said Shea. "Retailers who sell their products via offline channels can also grasp this opportunity and achieve breakthroughs with the ongoing development of the new digital economy."

For useful tips and information on how to spot insecure websites, try these well-known and one would presume secure and trusted sites: - test if your site is safe

Join the CSO newsletter!

Error: Please check your email address.

Tags online safetye-commercesecurityHong Kong Internet Registration Corporationinternet

More about PayPal

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Chee-Sing Chan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts