Posts filed under 'Ecommerce Websites'
I have been very busy lately, which has resulted in a reduced quantity / quality of posts. The site just got switched to a new server and everything should run much more smoothly now.
I often run into website owners that are confused about the SSL requirements a website must have to process payments. Specifically, why would a SSL certificate be required if a website is using a payment gateway.
The answer to this is simple. Payment gateways are independent of SSL certificates and do nothing themselves to make a website secure. However, some Payment Gateways do not use an API (Application Program Interface) method to integrate with a website. A SSL certificate is normally not required if a website is not using an API method and not processing a customer’s credit card on their own site. Instead, the website’s visitor is redirected to a secure checkout page on the domain of the payment gateway. I think this redirection is where the main confusion is created.
Types of payment gateway integration:
Basic Integration - A website visitor browses and adds products to a shopping cart on a website. When they go to pay for their selected merchandise, they are redirected to a secure web page that is hosted with the payment gateway.
API Integration - This is a more advanced and better integration. The website is connected securely to the payment gateway. The visitors shops on the website, and makes payment on the same website. This is a completely seamless integration, and the website must have the ability to provide a secure connection between the user, in addition to a secure connection between the website and the payment gateway.
Which method is better:
There are benefits to both integration methods, but I think that the API integration method is much better that the simple method. API integration keeps a visitor on the same website that they are shopping with, it allows for easier visitor and order tracking, and is generally a much better practice for usability concerns. If you look at any major ecommerce website out there, you will find that they use the API version of whichever payment gateway they are using.
The simple method is easier to implement, and doesn’t require a SSL certificate. The drawbacks are mainly the loss of control of website visitors when they go to make a purchase, difficulty in tracking user behavior on a website since they leave it before a conversion is completed, lack of control over the payment abilities of a website, and poor website usability.
Many websites start out using a simple method of integration, but will later want the added capabilities of the API version.
I recommend using the authorize.net payment gateway using the AIM API integration method for any business.
August 30th, 2006
I’ve compiled a list of merchant account and ecommerce related blogs that offer good information from knowledgeable, professional people. I’m leaving SEO and online marketing specific blogs off because my list would be far to large for a reasonable post.
It is hard to find merchant account related blogs that offer objective information because most of the blogs out there are run by companies. Although my blog is also company sponsored, I try very hard not to bias my information on anything but my personal opinion and observations.
Merchant-account-services.org run by John Conde is a good merchant account blog. John offers some great articles and information relating to merchant accounts, and his information remains as objective as any out there. John is also responsible for creating the foundation for the merchant account wikipedia article.
An Ecommerce blog that I find interesting is about.com’s Online Business Blog run by Ana Rincon.
The ecommerce times offers a great ecommerce news and articles. While this isn’t a blog by definition, it is updated with great articles daily and the quality of the content at Ecommerce Times is far above most if the internet.
The most comprehensive blog covering payment processing and ecommerce related news is Payments News, operated by Glenbrook Partners LLC. I have had several articles syndicated by Payments News. They are updated many times a day with highly relevant, interesting news covering everything related to payment processing.
The shopping cart Volusion, offers an interesting ecommerce related blog. The blog topics are focused more on the analytics, usability, and SEO sides of online business.
Lastly, practical ecommerce is a ecommerce magazine offering free and paid ecommerce articles and three ecommerce blogs. Practical ecommerce is fairly new, but I think they have a lot of potential in the world of ecommerce.
That’s it for this list. Email me if you own or know of an ecommerce or merchant account related blog that deserves to be on my list.
August 21st, 2006
Factoring is discussed in this article: Factoring: There’s Money in Your Receivables from the Ecommerce Times.
A business can also factor using their merchant account. By using their credit card processing history, a business can take out an advance backed by their business’s processing volume and history. This works just like the factoring in this article but the lender is basing their funding from a business’s history instead of their accounts receivable.
Business can get cash very quickly, and without strict credit requirements since business history is what a lender is basing the advance from. Factoring from a merchant account will put money paid in processing fees toward paying off the advance, which can also make it much easier to repay.
Many small businesses get stretched thin on their available credit, so factoring against their sales can be a great way to get extra funding, fairly quickly.
What should the money be used for:
Since any money advanced through factoring is backed specifically by the sales of the business, it is important that the money advanced goes back into the business. Whether this be a remodel, increased marketing efforts, opening a new location, or anything else, the money advanced should always go back into the business.
If you are interested in factoring against your sales through your merchant account you can talk to your current provider to see if they offer this service, or contact me. We have several factoring options available for our customers.
Also, don’t confuse this type of lending with the type of merchant account fraud: credit card / merchant account factoring.
August 21st, 2006
While browsing in a forum that I often watch, I found a great ecommerce information resource. The site: Practical Ecommerce offers a magazine in both Print and Digital versions and is specifically targeted at people interested in ecommerce.
Each article covers topics relating to ecommerce. August’s magazine topics include Pay-Per-Call online advertising, securing a business’s wireless network, and an interview with Jupiter Research’s Patti Freeman Evans, just to name a few.
Each month there are a number of free, as well as premium paid articles.
The site itself features several blogs, a discussion forum, a website services directory. From what I can tell, it is shaping up to be a great source of information for both new and existing website owners, online marketers, and anyone interested in learning more in the department of ecommerce.
Check them out…
August 7th, 2006
A joint news release was issued just a few days ago from Visa, Mastercard, American Express, Diners Club, JCB and Discover outlining what businesses need to do to secure cardholder data. This brief article is applicable for all businesses and is a very easy to follow, guide to protecting cardholder information.
What makes this short guide very good, is that any one can understand it.
TO: All Merchants
FROM: American Express®, Diners Club®, Discover® Card, JCB®, MasterCard International®, Visa® U.S.A.
RE: Merchant Requirements for Securing Cardholder Information
The rising incidence of stolen cardholder account data is a major concern for all participants in the payment industry. As a result of these thefts, merchants and financial institutions suffer fraud losses and unanticipated operational expenses, and consumers are inconvenienced significantly. To protect your business, your customers (cardholders), and the integrity of the payment system, each of the card companies has in place a set of requirements governing the safekeeping of account information. This document gives a brief overview of the most critical aspects of those requirements.
|
Storage of Cardholder Information
|
• Do not store the following under any circumstance:
- Full contents of any track from the magnetic stripe on the back of the card.
- Card-validation code
- the three-digit value printed on the signature panel of a MasterCard®, Visa®, Discover®Card, JCB®, or Diners Club® card, and four
- digit code printed on the front of an American Express® card.
• Store only that portion of the customer’s account information that is essential to your business
- i.e. name, account number or expiration date.
• Store all material containing this information (e.g., authorization logs, transaction reports, transaction receipts, car rental agreements, and carbons) in a secure area limited to authorized personnel. |
|
Destruction of Cardholder Information
|
• Destroy or purge all media containing obsolete transaction data with cardholder information. |
Use of Agents or Third Parties (Vendors, Processors, Software Providers, Payment Gateways, or Other Service Providers)
|
• Advise each merchant bank or processing contact (representing each of your card brands) of any agents that engage in, or propose to engage in, the processing or storage of transaction data on your behalf-regardless of the manner or duration of such activities.
• Make sure these agents adhere to all rules and regulations governing cardholder information security. Any violation by your agent may result in unnecessary financial exposure and inconvenience to your business. |
| Reporting a Security Incident |
• In the event that transaction data is accessed or retrieved by any unauthorized entity, notify the merchant bank or processing contact for each card brand immediately.
• This report will not only minimize risk to the payment system, but protect your customers in the most responsible manner. Systems and procedures are in place to immediately stop the unauthorized use of compromised data, but are effective only when you do your part to promptly report a security incident. |
We continue to work on your behalf to reduce payment card fraud, and offer this communication to enhance your awareness, minimize risk, and protect your customers. If you have any questions or would like to have more information, please visit our web sites or contact your representatives for any of the card brands sponsoring this correspondence.
The actual PDF is available on the download page.
August 4th, 2006
Paypal has a built in shopping cart function that allows paypal users to easily add products to their website. The cart works by letting users paste an html form on their website, and when a visitor clicks on the form button, the specific product is added to their cart as they are redirected to paypal. It is a very simple, easy to use shopping cart system.
Lack of proper security:
The problem with the paypal shopping cart, is that is has a major flaw. The seller’s email address is publicly displayed in the product form on their website. This makes is easy for spammers to search for paypal product forms, and harvest the email addresses from them. What makes the problem even worse is that the email address are all but guaranteed to be good and used. They are also the same email addresses of active paypal users. This opens these users up to massive spam, and opens them up to phishing attempts of their paypal addresses. Every website that uses the paypal shopping cart, has their paypal email address displayed in the html code of their website.
If you use the paypal cart:
If you use the paypal shopping cart setup a separate email address for your product forms. This way at least you can cut down on some spam to your general email inbox. Otherwise, I would suggest finding a separate shopping cart for your website. It may take a little extra work, but you are the only one that will pay for Paypal’s lack of security.
Fixing the problem:
It wouldn’t take a lot of work for paypal to fix the problem. They would need to integrate a program that stores your email address, and replaces that space in the form with an encrypted code that links a visitor to your account. Are they going to implement something like this? Highly unlikely.
I wish that I could say that Paypal is going to take a proactive approach in resolving this simple problem, but I just cant see them going out of their way for that. Whatever the case, paypal’s system is an example of completely irresponsible programming, and their customer are the ones that are affected by it.
I completely missed this blatant disregard for customer privacy until a commenter on the blog let me know about it. Here is his original press release: http://www.riverpages.com/paypal-spam-risk.html
July 19th, 2006
Online marketing and website production are two very common things that I deal with. Often I come across situations where the dificulty of a task at hand exceeds anyone’s ability or time that works for my company. So, where do you go when you need to get work done, and you dont want to do it yourself. You can hire a freelancer to do it.
Why freelancers are great:
Hiring a freelance programmer / designer / marketer to do work for you can be a great method of getting things done. Most programmers, business owners, and project managers don’t have the time or resources to get everything that they need to get done. By using a freelancer to outsource some work to, you can get a highly professional product, and often at a lower cost than doing it yourself. Freelancers are professionals, sometimes with degrees, that can get just about anything done, and always at a good price. You can alway’s have your local web deisnger, or design firm do something for you, but it normally comes at a higher price than a freelancer.
Where to hire freelancers:
There are a variety of freelance marketplaces on the internet where you can posts your specific project, and receive bids from the thousands of freelancers that watch those website’s. Freelance marketplaces work much like ebay. You post your project with specific details, a price range, and a deadline for completion of the project. A freelancer will see your project and bid on it if they have the skills to complete it, and the price is in their range for the specific work that needs to be done. When their work is complete, you pay them the agreed upon fee, and they deliver to you the finished product. After the entire transaction is complete, you rate your experience with the freelancer and they rate you as a buyer.
Just about any project imanigable can be outsourced at a freelance marketplace. Anything from search engine optimization, a basic or complex complete website, ecommerce design, graphic design, traditional marketing and advertising, advanced programming, if you can think of something, it can proably be outsourced.
About the prices:
Since you are receiving bids on your project from multiple providers, the price on your project is very fair. There is feirce competition for projects between freelancers which helps drive down the price. Prices on freelance marketplaces tend to be very reasonable. But, quality work always demands a fair price. You should be wary of providers with low or no feedback, or if their price is substancially lower than everyone else’s.
Keep in mind that while prices are low, nothing comes free. Highly complex projects are very expensive no matter who does them. Also keep in mind that if you are trying to integrate your website, or ecommerce system across to another platform, it will be expensive. Same thing goes for any type of ‘web services’ or advanced XML / SOAP / AJAX / CUSTOM DATABASE / API integration and managerment etc.
Freelance Marketplaces:
http://www.getafreelancer.com (recommended)
http://www.rentacoder.com (recommended)
http://www.elance.com
http://www.scriptlance.com
http://www.codelance.com
http://www.freelancersdirect.com
http://www.thecentralmall.com/index.html
http://www.scriptjobs.com
http://www.radlance.com
http://www.smartbids.co.uk
http://www.nasnap.com
http://www.looksurf.com
http://www.ecknowledge.com
http://www.contractedwork.com
July 18th, 2006
Original Article
Here is a very significant story regarding banks making consumers liable for fraud if the cause was their own computer. While I think that businesses would appreciate any removal of liability on their behalf, I think it is presumptuous to assume that the average consumer has the time or resources to ensure that their computer is secure.
“HSBC has already been considering it,” Murtagh said. “There is the potential that the banks will go back to the consumer and say, ‘We’ve offered you good practice guidelines online and 12 months free antivirus. If you don’t [make use of these] we refuse to pay out.’”
If something like this occurs in the UK, I think that it could become the standard. Considering that banks are planning on offering free subscriptions to anti-virus and anti-spyware software, it seems that these consumers have no excuse.
July 17th, 2006
When I hear the word ebook, I normally cringe with the thought of thousands of worthless, poorly written, scams that don’t deserve the bandwidth that it takes to download them. I was asked to review an e-publication created by a company called MindValley. The publication called “40 Ecommerce Tactics†is essentially a guide to successfully operating, and marketing a website. MindValley authors are made up of professionals with different ecommerce related backgrounds, and include an Ebay senior executive, Microsoft web developer, and numerous other web professionals. 40 Ecommerce Tactics is written by professionals that have been directly involved in every aspect of running an online business. That direct involvement is apparent in each writer’s knowledge and expertise throughout the guide.
40 Ecommerce Tactics is a very thorough guide to operating and marketing an ecommerce website. The guide is organized in a way that the reader can skip to whichever chapter they are interested in, if they don’t want to read the entire guide start to finish. The guide itself is over three hundred pages long, but these three hundred pages are completely void of filler content. The guide is clearly written and edited, and the only thing that stopped me from reading it all the way through was my own lack of time.
Topics Covered:
- Product creation
- Setting up a website
- Email marketing
- Pay per click (PPC) advertising
- Increasing customer conversion
- Closing a sale on a website
- Untapped marketing channels
- and the Overall growing of a business
Each topic contains a series of sub-chapters which cover the detailed areas within each topic. Everything from usability, search engine optimization, alternative marketing strategies, writing copy that sells, web analytics programs and anything else that is necessary for a website to be successful is covered in detail in the guide. Specific examples and recommendations are also linked throughout the guide, which can help to give real uses of the ideas covered in the guide. The guide is complete enough, that I would be comfortable saying that it is the only resource someone would need to jump, successfully, into ecommerce.
Unlike many other guides out there, 40 Ecommerce Tactics actually guides the reader. One thing that I really like about it is that it tells the reader exactly what works, what doesn’t, what to do, and how to do it. This is especially important as many less-savvy website owners struggle with actually figuring out how to implement much of the advice that is out there.
This guide is very successful in its purpose of providing the reader with the foundations for a successful ecommerce website. In this age, just about any information needed can be found on the internet. What the guide does that sets it apart from any other resource like it, is that is puts everything needed together in a easy to read, and very accurate guide. The guide completely avoids filler content, and although long, doesn’t contain any unnecessary information. The reason that the guide is long, is that it is thorough, and there is simply that much important information. The only improvement that I can think of, would be the ability to download the entire guide as a single file. The information in this guide would take the average website owner years to find on their own.
The Most Benefit:
I highly recommend this guide to website owners and entrepreneurs that are just getting into ecommerce. This guide although not free, will easily save you the money it costs, in time you would otherwise spend over the years figuring all of this out on your own. It will unquestionably give a new website a huge jump-start.
What you get when you purchase the guide:
- 40 Ecommerce Tactics Guide
- Lifetime access to the guide, including future updates
- 90 Day risk free, money back guarantee
- A best ecommerce guide book, money back guarantee
- A 1 hour consulting for your website with a MindValley professional
Conclusion:
This is a great guide for anyone in the ecommerce field. I’m not being paid to write this. I have no affiliation with Mind Valley in any way. I highly recommend this guide as a jump-start to making a well planned, successful website. In truth, this guide probably could have saved me a solid year of research time, if I had it when I entered into ecommerce.
Download the 7 free tactics and see for yourself.
July 11th, 2006
Google Checkout is finally released.
You can sign-up at: https://checkout.google.com/
As expected, it is only for US businesses right now. I would expect that some other select countries will be joining the list shortly.
June 29th, 2006
Next Posts
Previous Posts
