During a meeting with a potential client this week I made a casual inquiry, asking which payment processor they currently used for the ecommerce web site.
“Oh, we do it manually” they said. It turns out they use an antiquated system that sends them the customer’s credit card information via email. They then take that information and run it through their Point of Sale software to charge the account.
Oops. That is a dangerous if not illegal procedure.
Emails, by their very nature, travel from computer to computer across the internet. There are ample opportunities for one of these relaying computers to cache a copy of the email, with the customer credit card information. This then creates an opportunity for the information to not be secure. If this data is encrypted, it is reasonably secure. If not, it is a ticking time bomb. I don’t want to be there when the ticking stops.
Once the email has arrived, a host of other security issues arise:
- Is the network secure?
- Is the computer secure?
- What happens with the email after the transaction has been processed?
- Was it printed out?
- If it was printed out, what is done with the print out after the transaction has processed?
In Colorado it is, to my understanding, illegal to store a hard copy of the complete credit card number of a customer.
If you are a merchant and aren’t sure if your system is compliant, a good place to get started is https://www.pcisecuritystandards.org/merchants/.
Another valuable source is EduCyber Endorsed SGP Services. Give Sean a call at 303-697-7799.
What does it take to build a better web site? Do you need to be flashier? Do you need to have bells and whistles? Should it have music playing? Do you need to cram it full of links?
Actually the best web sites are often the simplest. And the simplest thing to do is help people quickly find the information or product they want so they can move on to something else. With that in mind, when we talk to folks looking for a web site, the first question we ask is “What are the goals for your site?”
More customers is NOT a good answer to that question. Convert five web site visitors to customers each month IS a good answer. With that kind of clearly defined goal you can begin to look at what is the most effective way to convert a visitor to a customer and design around that.
The second question I usually ask is “Who is your target market?” And no, everyone, is not a good answer. The more clearly you can build an image of who the target market is, the more focused your site can be. If a Tuxedo shop, for example wanted to target brides (because they make the decision on what tuxes will be used) and their mothers, that will help to dictate what colors are used (white and baby blue perhaps), what textures the site should have (lots of lace in this example) and even what kinds of lines or shapes (rounded corners will look softer and more inviting).
So if you want to build a better web site, you don’t necessarily have to go cutting edge. Just determine what you want the site to do and who you want to market to and you’ll be well on the way to building a better site.