Some 46% of leading global websites have been found vulnerable to existing online security threats, according to Online Trust Alliance’s (OTA) annual audit of nearly 1,000 sites including leading banks, retailers, social, media, news, government and IoT sites.
Nearly half of the Top 1,000 websites don’t adequately protect consumers from phishing and other social engineering threats and have insufficient privacy policies and poor disclosure notices, in comparison to last year’s 30%.
Internet of Things and media sites fare worst, with fail rates over 75%, while Twitter scores as most trustworthy. From the top 50 Internet of Things device makers, focused on wearable technologies and connected home products, 76% failed the assessment, while only 20% scored high enough to qualify for OTA’s Online Trust Honor Roll. News mediasites received the lowest scores, with an 80 percent fail rate. These sectors fared poorly primarily due to inadequate privacy policies and a lack of domain and consumer protection standards, the audit shows.
“The results of this audit serve as a wake-up call to Internet of Things companies who are handling highly sensitive, dynamic and personal data,” said Craig Spiezle, Executive Director and President of OTA. “In rushing their products to market without first addressing critical data management and privacy practices, they are putting consumers at risk and inviting regulatory oversight.”
USAA Federal Savings Bank, The Federal Deposit Insurance Corporation (FDIC), Dropcam, Bloomberg Businessweek and American Greetings Interactive scored highest in their industries.
“These highly public failures and vulnerabilities have a negative impact on consumer trust. Left unchecked and without a commitment to meaningful self-regulation and enforceable codes of conduct, the reputation of brands and the health of the internet is at risk,” the authors of the study said.
OTA is a nonprofit organization that completed comprehensive audits analyzing more than 1,000 domains and privacy policies, including approximately 100,000 web pages and more than 500 million emails for this report.