Increasing importance of online shopping and e-commerce have made it essential to take right steps to ensure the security of customers. Ministry of Customs and Trade researched different practices in other countries and decided to introduce Security Seal.
The ministry aims to identify the e-commerce websites which provide minimum standards and encourage the customers to shop on these secure websites so that the customers will be protected from fraud and other risks of online shopping.
The communiqué published in the Turkish Official Gazette on June 6th 2017 determined the minimum standards for e-commerce websites to be eligible for Security Seal. According to the communiqué, the e-commerce websites should meet these minimum standards :
- All the transactions which include personal data and/or payment information should be protected via SSL certificate.
- Leak tests should be done by certificated leak test service providers on a regular basis.
- The e-commerce website content and sales on the website should be in compliance with the legal regulations.
- Detailed and accurate information about the products and services, delivery tracking information of products and images should be provided for customers.
- An internet-based communication method and telephone number should be accessible for the requests and complaints of the customers.
- The service provider who is applying to obtain Security Seal should not have been punished because of violating the criminal laws mentioned in the communiqué.
- If the service provider who is applying to obtain Security Seal has gone bankrupt, its reputation should be returned to obtain Security Seal.
The e-commerce service providers may apply to the Security Seal Providers (“SSP”) to obtain Security Seal. SSP should check whether service provider meets the minimum standards or not. Also after granting Security Seal, SSP should check the actual status of e-commerce service provider periodically. If the e-commerce service provider cannot meet the minimum standards anymore, after obtaining Security Seal; SSP should demand the elimination of deficiencies from service provider in 15 days. Otherwise, granted Security Seal would be suspended until the minimum standards are met by the service provider again.
In the cases mentioned below, Security Seal will be canceled by the SSP:
- Cancellation request of service provider,
- Termination of e-commerce activities,
- Determination of lack of minimum standards required within 30 days after suspension of Security Seal,
- Activities violating legal regulations mentioned in the communiqué,
- Determination of actions which require 3rd time suspension in a calendar year,
- Determination of missing information or misleading documents regarding minimum standards,
- Bankruptcy of service provider.
Kerem Utku Örer