Online security is
all-important for consumer confidence. It is likely the
company you select for your ecommerce site will use SSL
(secure socket layer) security.
Research has indicated that the other major concern of
business and the public (apart from Privacy) is the security
of on-line communications and payments.
Everyday many millions of electronic messages are directed
through the worldwide web, from general emails to on-line
orders with credit card details, commercial contracts and
payments to the banking system.
There are many types of encryption techniques available to
business and the public to ensure that these communications
remain confidential.
SSL Transaction Security -
SSL works by using a private key to encrypt data that's
transferred over the SSL connection. Both Netscape Navigator
and Internet Explorer support SSL, and many Web sites use the
protocol to obtain confidential user information, such as
credit card numbers. By convention, URLs that require an SSL
connection start with https: instead of http:.
For example, banks already employ encryption devices to ensure
the integrity and security of their Internet payment
mechanisms. Similarly, many thousands of businesses do the
same with their on-line ordering or payment systems. This
security section discusses some of the terms and methods that
are common to on-line security from different viewpoint,
consumer, business, etc. When this is implemented properly,
the closed padlock symbol on Firefox and Internet Explorer
browsers will be highlighted. |
|
This is probably the most
important thing you can do to reassure your customers that
ordering online is secure and safe.
Potential Liability for Stolen Credit Card Numbers -
One of the highest risks for a company doing transactions
online is protecting credit card numbers from hackers and
thieves. One way to do this is to pass through the credit card
to your payment gateway (like Authorize.net) without storing
the number locally on your servers database. This way you do
not run the risk of someone hacking into your system and
stealing credit card numbers. If you do opt to keep the
numbers in your database, then you will have to take
additional steps to help protect against security breaches
both from external sources and internal sources from within
your company.
Fraud Management - A good, secure merchant
security plan might include the use of the following: Use of a
firewall
Keeping our security patches up-to-date
Encrypting all stored and transmitted data
Avoiding repeating, forwarding or sending credit card, payment
or order information via e-mail
Use and regularly update anti-virus software
Restrict employee access to sensitive data to a need-to-know
basis.
The system requires unique IDs to everyone with access to data
We track access by ID
Avoid using default settings for passwords
Regularly test security systems
It is expected that these security initiatives may reduce
Internet transaction disputes by up to 50%.
Terms of Use, Privacy Policy - A page of
explanation regarding the security used on your site is also a
good idea. |