|
<%=Header%> |
E-Commerce - Security
First of all, let's explain all the excitement and media hype around this issue of security. Just consider for a moment that once any data leaves your computer and begins its journey over the Internet, it is, for all intents and purposes, public domain. In other words, if someone were so inclined, they could get their hands on this data and do with it what they will. It's not quite as easy as that, but it is a reality.
The main concern your customer will have around security is whether or not their payment information, usually in the form of credit card, will be sent over the Internet and subject to this possibility of someone getting his or her hands on it. They may even be concerned about where their information is later stored and whether someone could ever hack into this repository of information and obtain their credit card number.
The solution is SSL (Secure Socket Layers) and Digital Certificates. These two items really go hand in hand; the Digital Certificate is a recognized standard for confirming a given web site (actually the web server the site is hosted on) uses SSL when transmitting or receiving data. This should tell you that you only require this function on those pages of your site where you actually request the customer's payment information. Without getting into a lot of the technical details, suffice it to say these are so much a standard that, without SSL and a Digital Certificate, no one will buy your products.
So, how do we get SSL and this Digital Certificate? For the most part, you won't have to worry about this. Your web site-hosting provider will ensure all the necessary steps are taken and they usually bundle all of these little details together with your e-commerce-hosting package. It is a good idea to make the fact you have all this security is on your site very conspicuous. Both VeriSign and Thawte, the recognized digital certificate authorities, allow you to post logos on your site once you have purchased a certificate.
VeriSign (http://www.verisign.com) and Thawte (http://www.thawte.com) have all the information on their web sites. If you are developing, hosting, and maintaining the entire project in house, VeriSign is a "must visit" web site.
|
|
|
|