Security and Privacy Issues in eCommerce Website Development and Designing
If you are thinking of eCommerce website development and designing, do consider the customer security and privacy issues first. Your eCommerce website should be developed and designed in such a way that it should be secure enough to handle the processing of your customer's credit card and sensitive information. You should use SSL encryption algorithms, secure and reliable payment gateways in your eCommerce website to carry customer credit card transactions online. A lot of online credit card frauds happen everyday, so as an eCommerce website owner, you should consider following measures to avoid security and privacy issues.
1. Use Secure Socket Layer Encryption Algorithms
While development of your eCommerce website, the developers should use SSL Secure Socket Layer encryption algorithms to encrypt sensitive customer data, credit card information etc. Web pages that are encrypted with SSL layers will show a "padlock" at the bottom right of the web browser if you are using Internet Explorer.
2. Use Payment Gateways
Do not store customer's credit card information on the server. While development of your eCommerce website, make sure that your developers are using secure and reliable payment gateway. Your eCommerce website should process transactions through your payment gateway (such as Authorize.net or Verisign) and let your payment gateway vendor be responsible for the credit card security. You may also store half of the customer's credit card number on the server and have half of the number emailed to you if you wish to manually process the order.
3. Collect the Card Verification Value of the credit card (3 digit number located on the back of the card) for further card verification.
4. Use your credit card processor's Address Verification System to verify the correct billing address (street and zip) of the credit card. If the address does not match it may be best to cancel the order. Using this method along with #5 will prevent 99% of your fraudulent orders.
5. Do not ship to an address other than the billing address of the credit card.
6. You may wish to collect the issuing bank name and issuing bank phone # of the credit card. If the transaction looks suspicious you can call the bank to make sure it is not a stolen credit card.
7. Use common sense, if the order looks suspicious, do not process it, or wait until the next day. Often if the card is stolen the card will be reported as stolen the next day and you will avoid the fraudulent transaction.
8. For foreign country orders you may want to only take money orders or cashiers checks. Foreign banks, sometimes, do not have address verification systems and the transactions are riskier.
Related Articles on Payment Gateways