Punching Above Its Weight: UK E-commerce and Cybersecurity

When it comes to e-commerce, the scrappiest fighter for online sales has long been the United Kingdom. While geographically smaller than the US, the UK has the most advanced e-commerce market in Europe and are second in the world in online spending per capita. So why does the UK seem to punch above its weight in online sales, and what does that mean to security for online retailers and payment processors?

Online retailers in the UK have several advantages over their EU counterparts. First, the size of the UK lends itself to shipping efficiencies. Many retailers offer next day service, even when ordering late into the evening. Marks and Spencer will deliver orders next day when placed by 8 p.m., clothier Boohoo.com will ship orders as late as 9 p.m., and Amazon will deliver orders next day when placed by midnight.

Second, UK’s Distance Selling Regulation also makes it easier for consumers to return items, and many retailers have extended return deadlines during the pandemic. UK businesses have a legal requirement to allow shoppers to return items within seven days. Many provide free returns and an extended return period, building trust with online shoppers.

High rates of technology adoption and low costs of internet services are a third advantage that lowers the barriers to e-commerce in the UK. British consumers pay the least for their communications services and use the most mobile data compared to other EU countries. Combined with one of the highest smartphone penetration rates in Europe, these factors make the UK ideal for online and mobile shopping. In 2019, an astounding 86% of UK shoppers purchased from online retailer Amazon.

Fourth, the English language also provides some advantage. As the world’s most popular second language, shoppers are more likely to look for retailers in English if they are unable to find comparable ones in their native languages. US firms that offer retail or payment processing technology look to the UK as the first market for expansion simply due to the lack of a language barrier.

And while online sales represented 18.9 percent of all retail purchases in February 2020, that number jumped to 32.8 percent in May due to the global pandemic. As more UK shoppers turn to e-commerce out of necessity, more retailers and service providers will be forced to meet customer demand. In their speed to keep up, some may find they have sacrificed security for speed and convenience.

Given this mass adoption in smartphone and online purchases, security has become paramount for organizations faced with an increasing number of threats. Even as many struggle to maintain business continuity during the pandemic, privacy controls brought about by GDPR remain critical just as PCI DSS compliance remains mandatory. Combined, it is a tough scrap for UK organizations in a country of rapid adoption and high expectations.

Learn more about GDPR.

Learn more about PCI DSS.

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals