Gaining Trust Thru’ E-Commerce Security
Last Thursday, I had a very great talk with Ariady Sugita, a cool photographer in town. We are discussing about opportunities of collaboration in business. It was a great meet up.
And what came in his mind is, he is considering about creating an online store. He was asking for my advise about this, and what came first in me is security. It will definitely be a website where credit card transaction takes place.
After the talk, I think it is good if I spend some times to write down an article about e-commerce security and share it here.
E-commerce is about making money, well in the bottom line, all business is about making money. :). Of course, it comes by offering good services or products for your customers, and it will be hard to make money if your customers don’t feel safe to shop at your store.
In e-commerce case, it is about gaining trust from your customers to execute transaction on your website. That is what Security Socket Layer or SSL in short form all about.
This article is just a short information about SSL and website security. It is not deep but it should be able to give a good understanding for our prospects and clients.
Here is the basic principles of web security:
- Privacy : Only authorized person can view or read the information
- Integrity : Information shouldn’t be altered or tampered with
- Authentication: Identities of sender and recipient must be proven
- Non-repudiation : There should be a proof that information is received
What is SSL?
SSL was introduced in 1994. It has qiuckly became the standard for e-commerce transaction security. SSL is about data or information encryption. For instance, when you purchase a book from Amazon.com, you’ll pay it with credit card. Your credit card number must be received safely by the website admin who handle this. The information will be encrypted to prevents it being stealed by the bad guy.
And when you see a web address starts with https, that means you’re in an SSL protected page.
SSL Certificate
This is the most important thing for ecommerce website, The SSL certificate helps to prove that the website is belong to someone trustable and contains owner information, domain of the website, the country, the root, Certificate Authority or CA (Verisign, Thawte, etc.) who issued it, the entity’s public key and time stamps that indicate the certificate’s expiration date.
SSL Certificate has two types of keys which used as ciphers to encrypt and decrypt information. private keys are issued to entities and are never given out, as public key are given out freely. Data encrypted by public key cannot be decrypted with the same key, private key must be used.
Getting an SSL Certificate
There are two ways of getting a certificate, purchase from CA, or create it yourself. Each way has its own good and bad sides. Purchasing from a CA is a good way, but of course it will cost you quite sums of money, especially when you just start the business, while creating yourself is cheaper but it is not recommended because of its fundamental problem, the client browser will notify it as unknown authority and not trusted. E-commerce businesses need trust so it can generate business for you. Well, in the end, it is up for you to choose.
Choosing the SSL Certificate Vendor
if you have decided to purchase rather than creating yourself, make sure you give some considerations before deciding which vendor you’re going to buy from.
Here are some thoughts to bear with:
- Reputation and credibility (go have a look at their client list and testimonials and check how long are they in the business)
- Is the root embedded in all browsers?
- Support from the vendor
- And of course, how much does it cost.
Lastly, starting an e-commerce business is not just a one night works. Security is the most important thing to be considered. It is the key for your e-commerce success.
Welcome to Beegamax ART+ or Article Plus. This is where I put all articles and thoughts. They could be design idea, marketing related post or other stuffs too. Enjoy your stay here. 