Donate
‹ Back
Building Trust 16 April 2019

Announcing the Online Trust Audit & Honor Roll Results

Megan Kruse
By Megan KruseBusiness Director, Online Trust Alliance

Do you know how – or even if – your favorite retailer, or your bank, or your ISP is working to protect you? The Online Trust Alliancerecognizes excellence in consumer protection, data security and responsible privacy practices. Today, we released the 10th annual Online Trust Audit & Honor Roll, covering more than 1,200 predominantly consumer-facing websites, and found that 70% of the websites we analyzed qualified for the Honor Roll. That’s the highest proportion ever, driven primarily by improvements in email authentication and session encryption.

Highlights

Overall, we found a strong move toward encryption, with 93% of sites encrypting all web sessions. Email authentication is also at record highs; 76% use both SPF and DKIM (which prevent spoofed/forged emails) and 50% have a DMARC record (which provides instruction on how to handle messages that fail authentication).

It’s not all good news, though. We also found that only 11% of organizations use mechanisms for vulnerability reporting, which allows users to report bugs and security problems. Only 6% use Certificate Authority Authorization, which limits certificate abuse. And overall privacy scores dropped compared to last year, primarily due to more stringent scoring in light of the E.U.’s General Data Protection Regulation and the California Consumer Privacy Act. In addition, 15% of organizations had at least one data loss or cyber breach incident.

The U.S. Federal government sector surged to the front with 91% of sites placing on the honor roll, a dramatic turnaround from 2017 when they had bottomed out at 39%. Consumer services (including social media, payment services, video streaming, file sharing, and dating) finished second this year at 85%. News & Media and then Banks came in at 78% and 73%, respectively. Internet Retailers came in at 65%, barely edging out ISPs, carriers, hosters and email providers at 63%. Healthcare, a new sector this year, had the lowest overall honor roll placement at 57%.

Top Scorers

The Top 50 (Appendix C) shine bright with the best overall scores across all 1,200 sites we analyzed. They are:

  • Top Overall: Google Play
  • Top Bank: First National Bank of Omaha
  • Top Consumer: Paypal
  • Top Healthcare: 23andMe
  • Top ISP/Host: Google Cloud Platform
  • Top News: Google News
  • Top Retailer: Google Play
  • Top U.S. Federal: Federal Emergency Management Agency (FEMA)

Audit Resources

Too many numbers in here? We have some resources to help distill down the highlights, including:

Webinar

We’re hosting a webinar to discuss the Audit results on 24 April, from 1PM-2PM EDT (17:00 UTC) for the ISOC community webinar. See https://www.internetsociety.org/events/ota-honor-roll-webinar/ for more information.

Improve Your Security & Privacy

How would your organization do in the Audit? Check out Appendix E – the Best Practice Checklist – to see how you’d stack up, and use it to improve your site’s security and privacy.

We hope you’ll read the report, view the infographic, watch the video, share the news, and/or join us on the webinar. And be sure to watch OTA on TwitterFacebook, and LinkedIn and share using #OTATrustAuditHonorRoll!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

2017 Online Trust Audit Released - What Did We Learn?
2017 Online Trust Audit Released - What Did We Learn?
Building Trust20 June 2017

2017 Online Trust Audit Released – What Did We Learn?

Today the OTA released the 9th annual Online Trust Audit and Honor Roll. This year’s Audit is our most comprehensive ever, assessing...

10 Years of Auditing Online Trust – What’s Changed?
10 Years of Auditing Online Trust – What’s Changed?
Building Trust22 April 2019

10 Years of Auditing Online Trust – What’s Changed?

Last week we released the 10th Online Trust Audit & Honor Roll, which is a comprehensive evaluation of an organization’s...

Announcing the 2020 U.S. Presidential Campaign Audit
Announcing the 2020 U.S. Presidential Campaign Audit
Building Trust8 October 2019

Announcing the 2020 U.S. Presidential Campaign Audit

Today, the Internet Society's Online Trust Alliance released a new report, the "2020 U.S. Presidential Campaign Audit," analyzing the 23...

Join the conversation with Internet Society members around the world