Shopping cart abandonment emails

According to a study by my favourite research hub Marketing Sherpa, shopping carts abandonment rates are at around 59% (at the time of the study). This doesn't come as a surprise to us in the business of Ecommerce but it is staggering how high the numbers are. Even a small decrease in this number could mean a huge increase in revenues.

Further studies have identified that the number 1 reason for people abandoning baskets is delivery charges. I'll write a separate post on this soon.

One way of reducing the abandonment figure is by auto sending emails to customers who've abandoned their basket with a handy link they can use to continue where they left off. Results for the success rates of this tactic vary from 5% going up to 35% of people clicking through and completing the sale. Those etailers that incentivise the return visit tend to achieve the higher numbers.

What's interesting however is that such a minority of etailers actually implement this on their sites. A US survey by Listrak indicated that out of the fortune 500 retailers they were able to conduct the test on, only 10.55% used this on their sites. The report doesn't detail the reasons why etailers had not implemented this type of solution, but implies that they considered the cost of the set-up and infrastructure limitations as the primary barriers.

It only takes a very simple equation for ecommerce managers to decide if this is worth it for them. Take 5% of your abandoned baskets over a 12 month period, apply your AOV to it and see how quickly you'll be making your money back.

I think this low-hanging fruit is a must have for any ecommerce operation. Low risk with a potential for very high rewards.

So why aren't more of you doing it?

Are you PCI compliant?

Ok, so it's a bit of a dull subject, so i'll keep it brief, but it's a very serious one for anyone that's transacting online:

For those not aware, PCI DSS stands for the 'Payment Card Industry Security Standard'. It was set up by Visa and Mastercard and compliance ensures the security and protection of sensitive customer information (like credit cards).

The issue is not about having a secure website with an SSL certificate (you need one of those too), it's the availability of sensitive information that could be used for fraudulent activity. This includes anyone who has access to the data; from the web agency that maintains the website (that can access the database) to the customer service rep that's taken a telephone order! An example we sometimes cite is when ordering over the telephone, and the conversation is recorded 'for training purposes'. That tape contains your confidential information and can be accessed by your data can be used by an unauthorised person.

As you can imagine, when looked at in granular detail, it's a minefield. The key points of the PCI DSS require merchants and service providers to:

- build and maintain a secure network

- protect card holder data

- maintain a vulnerability management programme

- implement access control measures

- maintain an information security policy

The deadline has come and gone and merchants who are not compliant face hefty fines , but will also not be able to accept Visa or Mastercard (the two organisations behind this standard).

So if you run an ecommerce website (or indeed any retail operation), get yourself audited (http://pci.evolve-online.com) and make sure that your agency/ecommerce provider is also PCI compliant.