Tuesday, April 2, 2013

News for March 2013



News for March 2013.

During March we peaked at 6,100,000 daily page requests, and saw a total of 1,600,000 unique human visitors. To put that into perspective, during March of 2012 we peaked at 2,300,000 page requests – a 2.6x year-over-year increase in traffic volume. During March our customer websites sold $765,000 in parts (total receipts were $915,700), conversion rates were up 7% over February, average purchase size was down 2% from February and daily visitors were up 8% from February.

We do have outages to report this month. During our maintenance window (Midnight to 7am EST) on 3/19 and 3/20 we experienced a total of 30 minutes of spotty connectivity during hardware upgrades to our networking infrastructure at our primary datacenter. The maintenance was planned, but the extent of the outages was unexpected. We ultimately decided to pull the gear for further testing and try again at a later date.

Industry News
Google
Google rolled out their “final” formal Panda update this month – they call it #25 and it went live around 3/14. Google tells us that while they will continue to roll out search/ranking algorithm changes, this will be the last one under this naming scheme. The sequence of Panda changes which began in February of 2011 were focused on eliminating low quality websites from search results – specifically targeting thin content, spammy links, sites with lots of ads and a host of other quality issues.
We saw no impact from this latest Panda change to our family of websites.

Google has unofficially announced a new Merchant Quality Rating system, which it will presumably use to influence Search and Shopping results. This new system will launch later this year, and aims to remove “low quality” merchants in order to protect shoppers.

While no hard detail has been provided yet, one can presume the following signals will (at a minimum) be a part of the system:
1.       How complete is the merchant’s Google Shopping profile? How long have they been participating? How do their products perform?
2.       Does the merchant participate in Google Trusted Stores?
3.       How recognizable is the brand? Larger, well known brands can be expected to get prominent placement.
4.       Merchant reviews and ratings – both as provided by Google and through third parties.
5.       Physical proximity of the merchant’s store to the shopper’s physical location

This will impact everyone, so start getting prepared now.


EBay
EBay is forecast to power $300 billion online sales in FY2015 – this includes revenue from its marketplace, online payments and commerce technology/services.
http://www.internetretailer.com/2013/03/28/ebay-expects-generate-300-billion-commerce-2015
EBay has reduced and simplified their seller’s fee structure, in order to be more competitive against Amazon.
http://techcrunch.com/2013/03/19/to-compete-with-amazon-ebay-debuts-free-listings-and-simpler-fee-structures-for-sellers

This month EBay discontinued their paid advertising program with Google. For years, EBay has been using AdWords to drive traffic – unsuccessfully, they decided. After a series of controlled experiments they came to the conclusion that they were better served not advertising with Google at all. This decision likely carried as much for political reasons, as for revenue.

But let’s look at the technical side in more detail. EBay’s strategy was to use AdWords “Keyword Insertion” feature, which allowed them to bid on every keyword under the sun and when searches were performed on Google, an ad for EBay was shown which simply took the search keywords and showed them as/in the ad text. It’s simple, and can be very effective if used properly – in fact, it’s one of the techniques that our AdWords team uses.

Used incorrectly, however, Keyword Insertion will end up generating bizarre (and expensive) ads. Google charges more money for ads which are irrelevant to the target website, or which very few people click on – meaning EBay paid a great deal of money for ads that didn’t make much sense, and didn’t sell any product. This is an example (from the WordStream article referenced below) from actual EBay AdWords advertising where someone Googled “wife”:




Other Industry News
Sears has begun offering fulfillment services to online merchants. Sears will now warehouse your merchandise, pack your boxes and ship your orders for you – giving smaller merchants the ability to leverage Sears’ efficiencies of scale. This puts them into competition with Amazon, who offers the same fulfillment services. 
http://www.internetretailer.com/2013/03/22/sears-rolls-out-fulfilled-sears-program-retailers

Amazon’s fees have increased – some quite significantly. From a merchant (a seller of fashionable shoelaces) interviewed for the article below:
Prior to the spike in Amazon fees, the base fee for selling a pair of Lock Laces was $2.37. Today, the base fee is $3.62 -meaning for an item that is $7.99 – you (the seller) are only getting $4.37 of that sale.

MasterCard has raised the rates they charge to third-party intermediaries like PayPal and Google Wallet. Visa is expected to follow suit soon. These third party processors do not share transaction level detail (what was bought) with Visa/MC, and as a result are now paying a premium.


                Online Fraud cost e-retailers $3.5b in 2012
It is estimated that online fraud in 2012 cost retailers $3.5 billion, up 3% from 2011 – this according to a survey of 312 online retailers conducted by CyberSource.
·         0.8% of all accepted orders were later found to be fraudulent
·         1.4% of accepted mobile-specific orders were later found to be fraudulent
·         1.6% of accepted international orders were later found to be fraudulent
·         7.5% of international orders were rejected (not accepted) for suspicion of fraud
·         2.9% of domestic orders were rejected (not accepted) for suspicion of fraud
·         73% of online retailers reported performing a manual review of online orders
o   Those that did reported reviewing only 25% of orders
o   The average time taken for this review by large merchants was 5 minutes
o   The average time taken for this review by smaller merchants was 15 minutes
·         The average valid order was $149, and the average fraudulent order was $200
               


                Security and Connectivity
In the last few months, and particularly within the last 30 days, we have seen an explosion in attacks – both physical and virtual – upon both individual merchants and the Internet infrastructure. The scale and impact of these attacks is growing. The latest attacks in the past week were so large in size that they are reported to have affected traffic speeds for users worldwide. As more and more websites move “to the cloud” onto centralized resources, attackers can now take down many websites by targeting a single point of presence, which greatly ups the stakes.

Behind these attacks are individuals, groups and state actors. Some attacks are meant to compromise sensitive data, while others are meant simply to knock a website offline.
·         Compromise-type attacks generally involve intrusion attempts using malware, viruses and human intelligence – someone figures out a password or a back door, breaks into a network and takes something.
·         Attacks which knock a website offline commonly use what is called a Distributed Denial of Service (DDoS) attack. In this scenario a network of many computers around the world all start asking for the same website and do so at a rate which that web server cannot possibly support. This not only makes the web server cripplingly slow, it also clogs the internet connection to that server – both of these combined make the website effectively unusable to the general public. The goal here is generally disruption, not theft.

Understand that you can be affected by this in several ways.
·         As a merchant selling online, if the Internet is compromised (or even slowed down somewhat) your sales will be affected.
·         As a merchant selling online, you are vulnerable to this kind of attack.
o   A compromise could expose customer names, addresses and payment information
o   A direct DDoS attack could take your website down for hours or days
o   A DDoS attack to a different website on the same Internet segment that our servers live on could effectively take your website down

I’ve included some examples from the last ten days (!) below:

The American Express website was taken down for two hours by a DDoS attack on 3/28
http://arstechnica.com/security/2013/03/funded-hacktivism-or-cyber-terrorists-amex-attackers-have-big-bankroll/

Rite Aid pharmacies were down on 3/26 for several hours, due to a suspected DDoS attack
http://www.internetretailer.com/2013/03/26/rite-aids-web-sites-go-offline


The non-profit Spamhaus organization, a group that tracks and documents sources of spam on the Internet (so that others can block traffic from those networks), found itself the subject of a DDoS attack that lasted more than 10 days. During that time, its website and services were entirely unavailable to customers. It is believed that one of the networks this organization identified as being spammy did not like that designation, and retaliated with the attack.
http://arstechnica.com/security/2013/03/when-spammers-go-to-war-behind-the-spamhaus-ddos/

Payments startup Dwolla experienced a two-day DDoS attack which began on 3/28 and took the service entirely offline for almost 48 hours.
http://techcrunch.com/2013/03/28/dwolla-latest-victim-of-ddos-attacks-started-yesterday-continue-today/

Egyptian naval forces caught three men trying to cut an undersea cable in the Mediterranean which provides Internet connectivity to North Africa, Western Europe, Southeast Asia and the surrounding region.
http://tech.slashdot.org/story/13/03/27/239246/egyptian-forces-capture-3-divers-trying-to-cut-undersea-internet-cable

SeaCom, an undersea cable link connecting most of the world to Africa, the Middle East, Asia and Europe had one of its lines severed by a ship’s anchor on the 22nd of March. This interrupted service to some countries entirely, and circuitously re-routed traffic to others causing significant slow-downs.




 


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.