Building Customer Trust with Secure E-Commerce by VIP PowerN

Whether your e-commerce operation involves selling an entire catalogue of items, a small collection of goods, or even just one product, the simple reality is that unless people buy the items for sale on your Web site, you won't make any money. And while the last few years have done a lot to make consumers more comfortable with the idea of shopping online, a significant effort is still necessary, on your part, to convince a potential consumer that they will be doing business with a secure and trustworthy operation.

And because you'll have to employ some form of remote payment, you'll have to do business with some type of transaction processing business. And even more than your customers, your billing solution partners will demand some assurance that your operation is secure before they involve themselves in your transactions.

To put it simply: in the e-commerce business, securing trust in your company is essential to your success. Trust is as important to a potential customer's purchasing decision as the products you offer him. And an essential element of building that trust, with both customers and partners, is the assurance that your e-commerce operation meets the demanding security standards required of organizations handling sensitive financial information.

<u>Setting up a Storefront</u>

A big part of building trust with your customers is your presentation. The very fact that they're browsing your online store is a good indicator that they're familiar with the possibilities of online shopping, and are prepared to consider buying. What you do to convince them, and the effectiveness of your efforts, may be the deciding factor in a possible sale.

The shopping interface you introduce to customers is arguably the most important piece of your e-commerce site's presentation. A familiar, easy-to-navigate interface can go a long way toward establishing the trust you're after. Seasoned online shoppers will know what to expect from an e-commerce site, and meeting those expectations is a good way to gain their confidence. And novice surfers will probably be more comfortable if your online store closely resembles the major e-commerce interfaces they might have encountered.

Building a storefront compatible with your customers' expectations is one of the more obviously beneficial features of using an e-commerce software product such as those provided by Miva (www.Miva.com), BizCrafter (www.BizCrafterCorp.com) or eCartSoft (www.eCartSoft.com) to build your site. Most of these programs will help you to build a simple, effective and familiar shopping interface that can include pictures, shopping cart functions and a number of useful security features.

In addition to helping you build an attractive online shop, most e-commerce software has features allowing it to help manage your inventory, interact with your payment processing systems, simplify your relationships with suppliers and affiliates and even promote your site.

E-commerce software can usually be purchased online from the maker, but is also quite often included as part of a specialized e-commerce package from any of the many Web hosts that support such operations.

<u>Finding a Commerce-Friendly Web Host</u>

Assuming that this is one of your first efforts at building an e-commerce Web site, it's a safe bet that you'll be outsourcing most, or at least some of the site's technical operations to a Web hosting company. This is by no means a bad thing, and in fact can free up your time and IT resources, allowing you to focus on the operations of the business itself.

More than simply freeing your time, however, many Web hosting companies have plans tailored specifically to the needs of customers developing or operating e-commerce Web sites. A few hosting companies offering enhanced e-commerce features include VIP PowerNet Web Hosting (www.VIPWH.com), ValueWeb (www.ValueWeb.com) and Global Internet Solutions (www.GISol.com). These commerce-friendly hosting plans often include a software license for one of the storefront building programs with your monthly fees, as well as a number of other support services, designed to provide you with a secure platform from which to do business.

And while software and services may be convenient, there are other reasons why a host that understands e-commerce is critical to your business. A good e-commerce host will already have the means in place to secure your online transactions with protocols such as SSL. It may be able to process transactions for you, or help you set up a merchant account. And most importantly, it will have the service level guarantees suitable to the high demands of your e-commerce operation.

Of course, in addition to the products and services they provide, it's hard to argue against the value of experience. And a Web host well versed in e-commerce should be able to help you by answering whatever questions you may have.

<u>Securing Information Using SSL</u>

At the core of any e-commerce operation is the financial transaction between Web site and consumer. One of the most common methods for accepting payment from your customers is accepting the submission of credit card information online. But by accepting your customers' credit card information through your Web site, you are also accepting the responsibility for the security of that information.

The standard protocol for securing communications on the Web is Secure Sockets Layer (SSL). Developed by Netscape Communications Corporation, the SSL security protocol provides data encryption, server authentication, message integrity and client authentication for TCP/IP connections, allowing client/server applications to communicate in a way that prevents eavesdropping, tampering or message forgery.

SSL is built into all major web-browsing software, so simply installing a digital certificate on the server side of the communication will turn on the browser's SSL capabilities. The protocol is available in both 40-bit and 128-bit strengths, referring to the length of the "session key" generated by each encrypted transaction.

In order to establish an SSL session with a customer's browser, your server has to be able to generate a public key and a private key and have them authenticated by a certificate authority, such as VeriSign (www.VeriSign.com), Thawte (www.Thawte.com), Tucows (www.Tucows.com) or InstantSSL (www.InstantSSL.com). Your Web host may include an arrangement with one if these authorities, or may allow you to use its certificate.

<u>Processing Transactions</u>

Once your customer is willing and able to give you his or her credit card information, you still have to make arrangements to be able to process the transaction and receive your payment. Obviously, credit card processing is a complicated process, and a number of organizations can be involved, from both your bank and the user's bank to a credit card processing company and the credit card communications network.

Your involvement in the processing operation will vary according to how much of the responsibility you want to outsource. It can be as simple as employing a "buy button" solution hosted by a third party provider, where all you have to do is include a piece of HTML code on your site and the processing company will send you a check. But keep in mind that the more responsibility you take on yourself, the smaller percentage of your profits you'll have to hand over to service providers.

In a more hands-on solution, many of the storefront-building software solutions include tools and ongoing support services to handle payment processing functions. Your Web host may have already set up this sort of pre-arranged processing option. For storefronts not equipped to provide payment processing, there are service providers, such as IBill (www.IBill.com) or CCBill (www.CCBill.com), designed to do just that. These providers charge a scaling service that can reach as high as 15 percent, for their services. And these charges can be avoided by setting up your own merchant account.

If you decide to handle most of the processing yourself, saving many of the fees associated with outsourced payment processing, you'll have to enable your Web server and applications to send and receive information from the credit card network. In order to do this, you'll have to obtain your own merchant ID and terminal ID, numbers that will identify you and the source of your transactions. These IDs can be obtained from a merchant bank by applying for a merchant account enabled to receive payments by credit card. The merchant bank will have relationships with acquiring banks that can handle both credit card processing and Internet payments. Once the merchant bank supplies you with merchant and terminal IDs, you'll use these numbers to configure your payment software or provide them to your outsourced processor.

There are plenty of responsibilities beyond security involved in running an e-commerce Web site, not including managing the supply chain relationships and inventory and, of course, fulfilling your customers' orders. But, when dealing with the sensitive data involved in processing customers' credit card information, there can be no question that earning the trust of your customers through a comprehensive and responsible approach to security should be a primary concern.

Please refer following web sites for useful resources related to web site hosting:

http://www.vipwh.com
http://www.vippowernet.com
http://www.thehostingguide.com
About the Author

Paras Shah Chief Technology Officer VIP PowerNet, Inc. Phone: (713)787-6501 Email: paras@vippowernet.com http://www.vipwh.com