Blog Post
Safe and Secure
By now we’ve seen that there’s a lot that goes into getting an e-commerce store online. And we’ve only just started scratching the surface! Before we close the book on this crash course, there’s one more thing we have left to address: the security of your payment processing system.
Anyone who places an order on your site has to be confident that their information is safe with you. Trust is paramount. A customer who doesn’t trust your site will move right along to the next site, so you have to make darn sure their first visit convinces them that you’re legitimate.
“How do I do that,” you say? Glad you asked! Here are three of the biggest steps you can take.
1. SSL certificate
The very first thing is to sign up for an SSL certificate. That’s the tool that allows you to have an ‘s’ in your Web address (https:// as opposed to http://). What that means is, all the data being sent from your customer’s computer to your Web server is encrypted. No one will be able to intercept the transmission and steal a customer’s credit card info that way.
2. PCI-DSS compliance
This issue is the hardest to accomplish. PCI-DSS is the security standard established by the major credit card companies (Visa, MasterCard, etc.) to which all online merchants are required to adhere. Over the last few years, PCI requirements have become increasingly strict. If you’re running your store on your own site, usually you have to sign up for one of the expensive Dedicated or virtual dedicated servers, and there are a multitude of hoops to jump through.
Just because it’s a requirement, however, doesn’t mean that all merchants follow the rules. If you don’t secure your site to PCI standards, there’s usually a fine involved – but they don’t shut you down. So while it’s possible for you the store owner to skate by without being compliant, it’s also possible for you the consumer that the site you’re buying from is not compliant. How then are we to prove to our customers that our site is safe? Drum roll please…
3. 3rd-party verification
There are a number of security firms out there who will scan your site and report back to you on whether you’re in compliance or not, and if not, what you need to do to fix it. Once you pass the test, you get to put their badge on your site that links to a page verifying that your site is secured. There’s usually a fee involved for this service, which your payment gateway provider might cover for you.
This is like having the house you want to buy inspected by a neutral third-party home inspector, or getting your jewelry appraised by an independent gemologist. Written proof from a reputable security company demonstrates beyond doubt that your site is safe and ready for business.
E-commerce is a big issue to tackle, and it can be one scary beast. With the right partner/developer, it becomes a lot easier. If you need a sherpa through the wilderness of online sales, please contact us! We’ll be happy to help navigate the rough terrain and get you safely to the peak.