Ads

Collapse

Announcement

Collapse
No announcement yet.

E Commerce Security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • E Commerce Security

    Hi

    I'm new and have been reading the threads for some time. Hope everyone is ok. I would welcome people's view on e-commerce security. I'm currently building a site with Mr Site and it's come up with a warning that my PC does not support SSL.

    Having gone away and looked at a few sites, my brain is absolutely frazzled. Not sure to go with 40-bit, 128-bit, SGC etc, etc.

    Does anyone have any views as to what would be an appropriate level of security for a start-up business.

    Thank you in advance for any pointers.

  • #2
    I use OSCommerce and ZenCart for my shops and I've been looking into SSL. Like you, my brain is blown away, I only have customers contact details stored on our site at the moment and leave the secure payment details up to Paypal. Then the money part is taken out of my hands.

    I am constantly trying to figure out the correct configuration as I don't want customers having problems with secure and unsecured elements on the pages.

    I will be keeping an eye on this thread
    Del
    Visit us on the web at www.grinandcraftit.co.uk
    Find us on Facebook & Twitter
    www.3dcrafts.co.uk
    Personal Facebook page (Deryck Obray)

    Comment


    • #3
      Its all depends..

      SSL is https which basically encryption of form fields submitted over the web..

      You get a lock symbol on your browser (normally at top but depends on what browser your using) ..

      https is needed to take credit card (cc) info and NO uk merchant account will allow you to take CC info over the web without it.

      regarding using a 3rd party e.g. paypal then all the https secure side of things is done by them..

      hope that helps a little
      .


      Promote your craft site today : Add Your CRAFTS
      (£5.50 a month or £50 per year)

      Fun new blog: Snowboard Stuff

      Comment


      • #4
        Originally posted by grinandcraftit View Post
        I am constantly trying to figure out the correct configuration as I don't want customers having problems with secure and unsecured elements on the pages.
        You must not mix non https with http as warning will hit customer like mad.. If you using paypal then either put your logo in a secure area behind https or remove the graphic logo and just use text..
        .


        Promote your craft site today : Add Your CRAFTS
        (£5.50 a month or £50 per year)

        Fun new blog: Snowboard Stuff

        Comment


        • #5
          Thank you 0103media.

          I understand the bit about SSL and https vs just http.

          I think I might be confused with the whole email thing. I tried to set up email from Mr Site to link up to webmail or in my case Outlook & it doesn't seem to be working. I've put it down to the fact that my PC doesn't support SSL? Not sure if I have to buy a separate CA (Certificate Authority) or the fact that I already have a merchant account (only just got it) with PayPal is sufficient.

          The reason for all of this is order confirmation etc.

          Thanks for any further pointers.

          Comment


          • #6
            Originally posted by grinandcraftit View Post
            I use OSCommerce and ZenCart for my shops and I've been looking into SSL. Like you, my brain is blown away, I only have customers contact details stored on our site at the moment and leave the secure payment details up to Paypal. Then the money part is taken out of my hands.
            I would personally suggest that you look into securing the collection of customers details too - certainly, under the Data Protection Act (are you registered, by the way, if your site stores contact details?) - you have an obligation to take "necessary steps" to ensure they are safe.

            Essentially it's a due diligence issue, and I would feel a bit unsure transmitting them via a unsecured connection.

            Not as critical as payment details, mind you - you're right there!
            --Matt

            Web Development
            Beads, Charms & Findings - Jersey Craft Shop

            Comment


            • #7
              Originally posted by genesis View Post
              Thank you 0103media.

              I understand the bit about SSL and https vs just http.

              I think I might be confused with the whole email thing. I tried to set up email from Mr Site to link up to webmail or in my case Outlook & it doesn't seem to be working. I've put it down to the fact that my PC doesn't support SSL? Not sure if I have to buy a separate CA (Certificate Authority) or the fact that I already have a merchant account (only just got it) with PayPal is sufficient.

              The reason for all of this is order confirmation etc.

              Thanks for any further pointers.
              Ah. I think you mean that when you access bits of MrSite, the browser warns you that it 'doesnt support SSL'?

              Which browser are you using?

              If it's a very recent IE (7/8), then go into "Internet Options" -> "Advanced" -> "Security" and make sure that "Use SSL 2.0" and "Use SSL 3.0" are both ticked on
              --Matt

              Web Development
              Beads, Charms & Findings - Jersey Craft Shop

              Comment

              Working...
              X