Did you miss our SSL webinar last week? Then you’ll definitely want to read on.

We were really pleased to have Bob Angus, Product Marketing Manager at VeriSign join us via the web to present “Get the Sale: Overcoming Four Common Objections When Selling SSL”.

Bob provided some really good, practical tactics and strategies that will help you sell smarter and move more SSL units.

He covered everything from how to figure out whether the potential customer is ready to buy, to how to use some basic stats and resources to sell EV and other higher margin SSL products.

Based on the lively Q&A session that followed, it was clear that our Resellers are hungry to sell more and are looking for the tools that they can use to do just that. Bob’s presentation provided some of those tools and tactics, and attendees went away equiped with at least two or three things that they could put to immediate use to counter competitors and tackle those common questions buyers might have.

Archive Video is Available Now

We did record the entire session including an informative question and answer session. That video and the accompanying PDF of the presentation slides is available now.

→ View the archive

(if you registered for the event at GotoWebinar, you should already have received the link to the archived version via email).

We were playing around with domain transfer-in data and we discovered this number.  2.4%.  Across the OpenSRS network, this is the average ratio of domain transfers-in for a year to domains under management (at the end of that year).  It’s an indication of the “fair share” of transfers-in you should be getting based on the size of your business.  I strongly encourage you to figure out your ratio (using the last calendar year, the past twelve months or any recent twelve months) and see how it compares to our average.

If your ratio is below 2.4%, we have some suggestions on how you can improve it.  The images you see below are all from Web sites.  Web sites just give us the cleanest comparison across businesses.  However, success might come through email promotions, outbound sales, account management, support and other tactics.  The winning tactics all seem to support the following three strategies.

1. Ask for it.

This is sort of the number one rule of sales (and dating in junior high school).  You’re not going to get anything if you don’t go for it.  Make it very clear that transfers-in is a service you provide.  Some integrate it boldly into their domain name purchase path…

…others do more of a presumptive sell on the Hosting path.  (”If you want our hosting and you have a domain name, well then you’re gonna wanna be bringin’ it with you.”)

2. Don’t forget the value proposition.

There is some pain involved in a domain name transfer.  Customers need to know why they’re doing it.  That could be your everyday great service, your every day great prices, the convenience of domain, hosting and other services in one place or a special offer.  But there should always be some clear, compelling benefits.

3. Hold her hand.

(Another best practice in junior high school.  Man, why didn’t I do better in junior high school?!)  Help make a potentially painful process as easy as possible.  We all know there is a lot beyond your control when it comes to transfers-in.  But you can explain the process well and you can offer some valuable support along the way.

Consider all the product development in your pipeline and all the costs per acquisition in your marketing plan.  Transfers-in could be an easy win.  It is additional revenue from customers you already have or prospects you have already driven to your front door.  And it might take just some well-placed messages to earn your fair share.

As Community Specialist here at OpenSRS, it’s my job to create and curate spaces for you to talk to us and to each other. The blog has been one such space, but we felt that we needed another place where everyone could make a contribution.

So back in November of 2008, we quietly launched a new forum for our resellers. Over the past few months, we learned quite a bit about what both we and you wanted in a forum. With all that in mind, we relaunched our forum toward the end of June, using a more robust forum software package. We’ve also kept the relaunch pretty quiet, but we’re confident now that the new forum is ready to show off.

There are categories for each of our major services (Domains, Email, SSL, Storefront) as well as dedicated categories for the API and for New Resellers’ questions. OpenSRS people from all departments are active participants. Like any community, we expect it will grow and change with your contributions, and we’re eager to have as many resellers as possible join us there.

Registration takes only a few minutes. Come and join us at http://forum.opensrs.com/, and then why not introduce yourself?

Thanks to Flickr user Havovubu for making his photo available under a Creative Commons license.

This was originally posted back in February of 2008, but the information is still quite valid. We get calls daily from domain holders who have fallen victim to domain slamming. Every domain holder who pays the ‘bill’ and transfers a domain to the domain slammer is a customer lost. Make sure you are educating your customers about this.

---

Domain name renewal schemes are nothing new – we’ve been dealing with them for years – but we figured it wouldn’t be a bad idea to bring them to your attention once again. A quick Google search brings up thousands of examples.

The usual tactic, known as domain slamming, is fairly basic – unethical companies mine WHOIS records for Registrant information and domain expiry dates. Then, months in advance, they contact the Registrant either by mail or email with a very official looking and sounding document or message that tells them to protect their valuable name by renewing early. A Google Images search brings up a couple of scanned examples.

Of course, when the Registrant sends the cheque or pays by credit card, thinking they are doing the right thing, what actually happens is that a Registrar transfer is initiated. The Registrant will then blindly go through the steps to complete the transfer, again thinking they are doing the right thing to protect their valuable domain name.

Combatting this is really fairly simple. I spoke with Paul Karkas, our Compliance Manager, who has been dealing with this kind of thing for years and has a few recommendations for resellers:

1. WHOIS Privacy. This is the absolute best protection. It stops the practice dead in its tracks as there is no way for to contact the Registrant directly. Encourage your customers to take advantage of WHOIS Privacy and the protection it offers. Tucows includes WHOIS Privacy for free as part of our domains package.
2. Domain locking. A locked domain can’t be transferred, again, preventing the domain slam. The transfer attempt may generate a support call by the Registrant to remove the lock, in which case you have the perfect opportunity to make sure the transfer is legitimate.
3. Communication. Let your customers know about this practice and ensure that your customers know who you are and who their Registrar is. Clearly spell out your communication policies surrounding renewals (i.e. “We never send mail invoices reminding you to renew.”) before the scammers have a chance to spread their mis-information.

The Registrant is only one of the victims in domain slamming. When your customers get taken by fake notices like these, you lose their domain business. But if you take the time to educate your customers, you reap the benefits of a better relationship in which the customer knows that you are on their side, looking out for their interests.

Yesterday, a few members of our marketing team and myself conducted a conference call with one of our resellers, brainstorming ideas to help them improve their use of social media. Unless you’ve been hiding under a rock lately, you’ve probably been hearing a lot about this “social media” thing and why your business should be using it. For a quick intro, check out the clever video above.

Simply put, the web has evolved to the point where our web sites are no longer one-way broadcasts to an unseen, unheard audience. Tools like blogs, podcasts, photo- and video-sharing sites and forums have democratized the web forever, allowing customers to talk back to the companies whose products they use. This can feel a bit scary for companies just venturing in. We’ve been doing this for a while, and although we still learn something new every day, I thought it might be useful to share a few general principles we’ve found to be useful:

• Communicate in a human voice, not a corporate voice: Your customers are human beings and they like dealing with other human beings. The truth is that every company is run by real people. Don’t be afraid to show a little of your unique personality online.
• Your customers are talking about you online. Make sure you know what they’re saying: Brand monitoring is essential, and can be as simple as setting up some free Google alerts that email you when your company name shows up on a web page. Sometimes customers don’t tell us things directly, but they always want to be heard and listened to.
• Own your brand: Social media tools are springing up all the time, and it’s important to check them out early, even if it’s just to register your company name as a username. If you don’t, you leave yourself vulnerable to a disgruntled customer doing it for you. Not every celebrity on Twitter is the actual person, and it’s the same for companies.

In true social media style, we’d like to hear from you. Are you using social media tools yet at your business? What’s been most effective for you? Have any pointers for us and our resellers?

P.S. While we’re at it, why not follow us on Twitter? I’m @JamesMOpenSRS, and you can follow our main account by clicking on the nifty icon in the sidebar. You can also receive status page updates by following @OpenSRSstatus.

I thought I could spot a phish. But recently, I took a quiz online that asked me to identify which sites were phishing sites. I was surprised by how hard it was to identify these fake ponds. I am quite familiar with SSL certificates from my online retailing days and being an avid online shopper and loving the convenience of being able to access banking online. But my sub-par test results gave me a jolt. It dawned on me how trusting I was of things like generic seals of approval and basic signs like a standard SSL cert. These indications were quite ingrained in me subliminally and I realized that I was often taking security on websites for granted.

Just as we are careful to rip up or shred any documents that have our names, addresses, or other personal information before throwing it in the trash, ensuring that a website is secured should be an everyday practice. This is not only important from a consumer perspective but as a business owner where you are collecting information, you have a responsibility to show that you value your customer’s privacy and security when dealing with you.

Try your hand at identifying the phish. Maybe you’ll pass the test, but at the very least, it will provide a good exercise in identifying the signs of a phishing site.

Take the test!

Once you’re done with the test, you might find yourself in the need for a good chuckle. If so, check out the Cart Whisperer series of videos from last year. Remember, to instill confidence in online shoppers, you need to make them feel safe.

From “No More Abandoned Carts”.

It’s worth mentioning that Resellers are free to take, use and adapt any of the content that we provide on the blog. So, if you see stuff here that you think you can use to help sell products and services to your customers, by all means, grab it and use it. Nothing makes us happier than to see resellers take our stuff and use it to drive sales and educate their customers.

To make it official for our Resellers: Please steal content from us! Content on this blog is licensed under a Creative Commons Attribution 2.5 Canada License. and Resellers are free to use the content for commercial purposes, including remixing or adapting the content as required. We like attribution (and please retain any attributions we’ve included), but we don’t require that Resellers attribute the material to us if they are using this to market to their customers.

Along with domain names and email, all OpenSRS Resellers are able to sell a range of GeoTrust SSL Digital Certificates through OpenSRS. Many, but not all, of our Resellers are taking advantage of the opportunity that selling SSL provides. I thought it would be worthwhile to provide a primer on how SSL Certificates work in advance of some pretty big news that we’re hoping to be able to talk about later this week and early next week. You’ll want to keep an eye on this blog and your inbox.

A lot of what follows comes from Verisign (who own GeoTrust, our current SSL provider). Both the Verisign and GeoTrust websites have extensive information available for you to better understand, and therefore sell SSL Certificates.

What SSL Certificates Do:

Secure Sockets Layer (SSL) technology protect websites and make it easy for visitors to trust websites in three essential ways:

1. An SSL Certificate enables encryption of sensitive information during online transactions.
2. Each SSL Certificate contains unique, authenticated information about the certificate owner.
3. A Certificate Authority verifies the identity of the certificate owner when it is issued.

Who needs an SSL Certificate?

If you, or your customers fit into any of the following categories, then an SSL Certificate is a must:

• Operate an online store or accept online orders and credit cards
• Offer a login or sign in on your site
• Process sensitive data such as address, birth date, license, or ID numbers
• Require compliance with privacy and security requirements
• Value privacy and expect others to trust you.

How SSL Encryption Works

Imagine sending mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might take it or change it. An SSL Certificate establishes a private communication channel between the browser and web server enabling encryption of the data during transmission. Encryption scrambles the data, essentially creating an envelope for message privacy.

Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (the website) and the client (the web browser). An encryption method is established with a unique session key and secure transmission can begin. True 128-bit SSL Certificates enable every site visitor to experience the strongest SSL encryption available to them.

How Authentication Works

Imagine receiving an envelope with no return address and a form asking for your bank account number. In the case of organization- or Extended-validation certificates, every SSL Certificate is created for a particular server in a specific domain for a verified business entity. The validation process for EV certificates is quite extensive and provides fuller information about the website owner than a standard certificate. When the SSL handshake occurs, the browser requires authentication information from the server. By clicking the closed padlock in the browser window or certain SSL trust marks (such as the VeriSign Secured Seal or GeoTrust True Site Seal), the website visitor sees the authenticated organization name. In high-security browsers (IE7/8, Firefox 3.0+, Safari 3.2+, Chrome and Opera 9.2+), the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning.

A Matter of Trust

At the end of the day, SSL Certificates are all about trust. If you want to develop and instill a sense of trust with website visitors, an SSL Certificate is the way to do it. An SSL-protected site gives users the confidence to share personal information without having to worry about whether that data is safe as it travels around the Internet. And, the SSL Certificate provides further peace of mind to web users by offering verification that those in control of the web server are who the web surfer thinks they are.

If trust is important to the end users of your customers – and I’d venture a guess that it is – then they need to know that one of the best ways to build that trust is to secure their websites with an SSL Certificate along with a prominently displayed site seal that end users recognize and trust.

A few weeks back, I blogged about the presentation that Bob Angus, from Verisign gave at WebhostingDay in Germany. Bob had some great tips for how to drive sales through SSL digital certificates.

For Resellers who are already selling SSL certificates through OpenSRS, there was some great information that you can use to drive sales in your customer base. For Resellers not selling SSL certificates yet, have a look at that post and then ask yourself why you haven’t offered them to your customers yet.

What an SSL Certificate Does

You may be under the impression that SSL certificates are only for ecommerce sites, or banks and your customers aren’t Bank of America or eBay so you don’t need to offer SSL certificates. That kind of thinking can lead to you overlooking a huge potential market for SSL certificates that’s just waiting to be tapped.

SSL certificates really do two things:

• First, an SSL certificate provides security by encrypting the data between the browser and the web server. Obviously, data encryption is important for financial transactions or other situations where websites are requesting sensitive data from visitors. Without that SSL certificate, and the little lock icon in the browser, most web surfers won’t provide that data.
• Second, SSL also provides identity verification, primarily through the new Extended Validation (EV) certificates. You’ve probably seen EV in action – sites with an EV certificate will cause the address bar on Firefox, or IE to turn green, and you are able to view information about the website that will help you to confirm that you are dealing with who you think you are dealing with. I’ve grabbed a screenshot of GeoTrust’s EV certificate in action on Firefox that’s shown above.

Applications Where Encryption Matters

Think about that first use for SSL certificates for a minute – encrypting and protecting data – and then start thinking about all the cases where you, and especially your customers, might want to have an encrypted connection between the browser and the server. I’m thinking about web forums, blogging platforms, webmail, web server control panels, company intranets, corporate wikis, VPNs, customer portals, etc.

The list of potential applications for SSL certificates is nearly endless. Now ask yourself this: “Do my customers do any of those things?” The answer is most likely, “Yes.” Now ask yourself again “Why haven’t I offered them SSL certificates yet?”

By the way, you’ll want to keep an eye on the blog over the next few weeks. We’ll be talking a bit more about SSL certificates and why now might be a very good time to start selling through OpenSRS if you aren’t already.

A large part of my job here at OpenSRS is monitoring our brand online. By that I mean that I spend a lot of my day online listening to what people are saying about OpenSRS and Tucows. In some cases, it’s a customer who’s having some trouble navigating a domain transfer. In others, it might be a positive comment about some of our work on ICANN issues. We feel it’s important to be out there listening wherever people are talking about us.

We also feel that we should be listening to what people are saying about our competitors. So another part of my job is to monitor conversations about some of the other hosted email providers and domain registrars out there. And believe me, what I hear isn’t always good. Fortunately, these complaints are excellent sales opportunities for other registrars. But unfortunately, as OpenSRS, they’re not directly sales opportunities for us.

They are, however, sales opportunities for you, if you’re listening. We use a number of free tools to track mentions of the names of our own brands as well as those of our competitors and we suggest that you do so, too.

One of the easiest to use is Twitter, a “microblogging” service that lets you say whatever you like as long as it fits into 140 characters. People “follow” your account to be notified when you update, and you can follow people whose updates you’d like to receive as well. Setting up a Twitter account is fast and free. We use Twitter several ways, actually. We have an OpenSRS account (http://www.twitter.com/OpenSRS) which we use to notify followers about blog posts, promos, and other news. We also use the account to reply to people who are having issues. We also have an account for our status page (http://www.twitter.com/OpenSRSstatus) which allows people to track the status of various OpenSRS services without having to visit the Status page on our site.

Once you’ve set up your Twitter account, you can use the search function to look for mentions of your brand or your competitors’. Then, you can engage when there is an opportunity to help someone or to suggest your services when they’re unhappy elsewhere.

Here are a few general principles we’ve found helpful when deciding to engage:

• although your account should be in the company name, speak with a human voice, not a corporate one.
• listen more than you speak. Twitter can be a great source of feedback and ideas, even when you don’t directly respond.
• never reveal private information about customers.
• give people the opportunity to take the conversation to email, where the 140 character limit and privacy concerns won’t hamper your ability to communicate.

Finally, John Jantsch has put together a great resource page for anyone considering using Twitter for business.

p.s. Are you already using Twitter this way? We’d love to hear from you in the comments!