A brief e-Commerce Tutorial

It's easy to get confused and even frustrated when you're working to get your products online -- Merchant accounts, Authorization services, Payment gateways and APIs, Security issues, Shopping carts. There's a lot of competing services out there, with plenty of variation, so before you make any moves, or invest much money, you should know that the ability to collect money over your Web site will usually require several different components. Before you decide on anything, you want to make sure all the components will work together.

You might think of the eCommerce components like a car stereo system. You want to play music in your car, right? So you get a top notch CD deck. But will it play your CD-Rs? Will your MP3 player hook up to it? How fast and loud do you want it? If it won't hook up to your MP3 player, how are you going to get those MP3 songs into your car?

All things you ask when buying a Deck. So, make sure all the pieces fit when you plan your Online Payment System. How will you get an order or credit card number from your Web Site to your Bank Account? Make sure the method(s) you decide on will get all the way from Step 1 to Step 4 below. It can get confusing, because there are thousands of products and services related to the four Steps below, which may provide any combination of the four components listed below. The Merchant OrderForm Shopping Cart Information & Support Center has an area dedicated to collecting some organized information on Products & Services, and the various combinations they provide in the Process outlined below.

Various Scenarios

Complete eCommerce Hosting Packages offer all Four Components in one Stop. These services provide everything you need to go from Step 1 to Step 4, but expect to pay Monthly Fees. The Fees vary, and can get pretty expensive. If you use one of these services, make sure you understand all the possible costs for the kind of Sales you Expect to process. For example, these services typically base Fees on the Number Of Orders Processed, or they may base Fees on How Many Items You are allowed in your Online Store. These types of Services can be the best way to go for someone lacking experience with the Web or Web Site building.

A disadvantage with Complete eCommerce Hosting Packages is you'll be limited to using only the Shopping Cart and Cart Features provided by the Service. Make sure the Shopping Cart technology has the features you need and/or can be set to look like you want. Most of these types of services have Shopping Carts that use several design templates. So, you can change the Cart's appearance, but you might not be able to match it exactly to your site.

If You Already Have Hosting For Your Web Site

If you already have your site set up, chances are that your Hosting Service provides some kind of in house Shopping Cart. You should check that out first to see if it will fit your needs.

Remote Shopping Cart Services

The Remote Shopping Cart is a Web Application (program) that exists on a "Remote" computer. Usually, these types of Services charge a Monthly Fee for using the Cart. Be careful when you Sign up for this type of Service, because there is a lot of variation on which pieces of the Steps above they may provide.

For example, a Remote Shopping Cart Service may provide the Cart at one price, and the Payment Processing Gateway at another price. Most of them do not provide a Merchant Services Banking Account. So, if you will need to establish a Merchant Services Account, then make sure the Remote Cart and/or Payment Processing Gateway will be compatible with your Merchant Services Account.

Let's take an example here: CoolCart is a reputable Remote Shopping Cart Service, which is compatible with the Authorize.NET Payment Processing Gateway (among others). Authorize.NET has been around a long time and is compatible with probably any Merchant Services Account.

So, let's say you are a Conventional Business that has existing Merchant Services at your local Bank. You already accept credit card payments, and process charges either by telephone, terminal, or your PC. You want to sell your Products Online. You decide to use CoolCart (Step 1 - Shopping Cart), additionally you decide to use Authorize.NET (Step 3 - the Processing Gateway) component of CoolCart. When your customer completes an Online order, CoolCart sends the order amount to Authorize.NET, which in turn sends the charges to be posted to your existing Merchant Services Account.

The components to collecting Online Payments are very similar to the way you collect Payments at a conventional Business, just the terminology is different.

What you need to know here is each one of these Steps may cost you Fees. (1) You pay wages to a Cashier, (3) pay a Free for Renting the Terminal, (4) and pay Fees and Discount Points to your Merchant Services Provider.

Similarly, on the Web, you could pay Fees at each Step. (1) You may need to Rent or Purchase a (Web Based) Shopping Cart Application, (3) and pay Fees to use the Processing Gateway Service, (4) and pay Fees or Discount Points to your Merchant Services Provider.

Setting Up Your Own Shopping Cart Application

Following the examples above, a Merchant might decide to Set Up their own Shopping Cart integrated into their Web Site, rather than use a Remote Cart method. The obvious advantage to this plan is now you have the choice of using one of the thousands of Shopping Cart Web Applications out there, giving you a much greater selection of Cart Features or Cart Design. The Down side of this, is you will need some technical ability, to a greater or lesser degree, to set up and maintain the Shopping Cart.

When choosing an Independent Shopping Cart Package, you must always make sure all the Pieces from Step 1 through Step 4 will Fit together.

• What technology does the Shopping Cart use? Perl/CGI, PHP, mySQL, ASP, ColdFusion, Java?
  Does your Hosting Server provide the technology? If not, you can't use it, or you'll need to find another Hosting Service to use the Cart. which means moving your site.
  
  
• How Do You Plan to Collect Payments? Credit Cards, Mailing Checks, On Account, PayPal, COD?
  And how will you get these funds into a Checking Account to use the funds? Mailed checks or Money Orders can be deposited directly into a Personal Bank Account, but you're going to miss lots of credit card sales. PayPal can be an attractive alternative, but you're still going to miss some credit card sales if you use PayPal as your only payment option.
  
  
• Can You Collect Payment Information Security? If you take Credit Cards over your Web Site, do you have security? Does your Hosting Service make Shared or Dedicated SSL available to your Web Site, and at a reasonable price? Is the SSL ability configured correctly, or is it messy? (more about security below). If you use a service like PayPal, then you probably don't need to mess with SSL Issues, PayPal does all the secure processing from their Site.
  
  
• How Do You Plan to Process Payments? How will you Process the card number? Maybe you already have a Merchant Services Account. Will you just collect the card number on your Web Site and use an Offline Terminal, Offline Software? Or does the Shopping Cart need to connect to a Specific Payment Processing Gateway? What Gateways can the Cart Use? What Banks can the Gateway Processing Service use?
  
  
• Do You Need a Merchant Services Banking Account? If you will process credit card numbers yourself, then yes, you do? If you will only use a Service like PayPal, then you don't. Which Merchant Services provider should you use?

Also, something to note when making the decisions outlined above, is that the Banking Industry is regularly redefining Rules & Regulations for Internet transactions where Merchant Services are provided. These regulations are written into your particular Merchant Services Agreement. Case in point: Recently the Banking Industry has issued some regulations requiring that "Online Sales" must be processed via an Online Processing Gateway, rather than processed Offline using your regular MOTO transaction methods or existing Business terminals. Check your Contracts.

Other Banking Industry regulations prohibit Businesses from storing credit card number in Online databases, or specify that an Online Business can only reference the last four digits of a consumer's card number in invoices, or Email. Check your Contracts.

The Merchant OrderForm Shopping Cart Information & Support Center has an area set aside for useful information regarding eCommerce Products, Services, and Developments.

What About Security ?

If you operate your own Shopping Cart .. The other important component of operating your own Shopping Cart is that your Web Site must have SSL encryption available to use. Wherever you will ask the Online Customer for sensitive information, you must have a secure connection between the Server where your Web Site is hosted, and across the Internet lines to the Web Browser your Shopper is using.

Secure communications (SSL) is not a function of a Shopping Cart. It is a function of your Web Browser and the Server it is communicating with. All browsers and Hosting Servers have the ability to exchange SSL encrypted data. However, not all Hosting Services will make SSL encryption available for your Web Site to use, or a Hosting Server may not make the SSL available in an efficient way.

SSL Security issues can get very messy if a Hosting Server is not set up properly to deliver your Web Site's Activity via the SSL Protocol. If you plan to set up your own Shopping Cart, I recommend that you use only Strong Commercial Hosting Servers, that know what they're doing. These days, a good Hosting Server can provide what is called "Shared SSL" to your Web Site's File-space, where the Browser's Internet Address can call up SSL Secure Pages from the exact same File-Space used for non-Secure Browsing.

What the Heck Does That Mean? It means simply that Secure Browsing calls up the exact same files and pages from your Web Site that non-Secure Browsing calls up. In Secure Browsing, the files and pages are simply processed through the SSL Encryption software on the Hosting Server, before being sent out to the Browser that is requesting the file or page from your Web Site. When you request Web Pages in non-Secure Browsing, the files and pages are delivered to the requesting Browser directly as is. Pages and files do not pass through the SSL Encryption Software first. For Example,

• This Internet Address Requests one of the MOFcart Templates from a Web Site:
  http://www.searchwise.org/mofcart/mofviewcart.html
• This Internet Address Requests the Exact Same Template File, using Shared SSL
  https://commerce26.pair.com/mpal/searchwise/mofcart/example_viewcart.html

Your Browser triggers a Request for a Secure Page or a Regular Page by the prefix in the Internet Address (URL).

When you request a Page starting with "HTTP://www.somesite.com.." your browser is Requesting a Regular File or Page, using the HTTP Protocol (Hyper Text Transfer Protocol). When you request a Page starting with "HTTPS://www.somesite.com" your browser is Requesting a Page that will be Run through the Servers SSL Encryption Software before delivered to the Requesting Browser, using the HTTPS Protocol (Hyper Text Transfer Protocol Secure).

The HTTPS (SSL Encryption) prevents any unwanted onlookers from seeing and deciphering sensitive information like credit card numbers while in transit from Server to Browser -- Browser to Server.

What can get complicated when Setting Up your own Shopping Cart Securely is that everything must be run through the SSL Encryption to be Secure. All components of your Web Site's Output must be run through the SSL Encryption, i.e., Shopping Cart Scripts, Database Activity, Images, Java Scripts, Style Sheets, Flash Animations, etc. If your Hosting Server does not provide the "Shared SSL" to your Web Site in a Clean, orderly way, then things could get very confusing adding Files, Images, CSS, Icons to all the variously mapped locations. You want the SSL Requests mapped to the exact same File-Space to minimize all the confusion.

Things are going to be hard enough getting all your Web Site components running under SSL, you don't want to be working with alternately mapped File locations adding an order of magnitude to the complexity. If your Hosting Server doesn't provide Free or very reasonably priced Shared SSL with Clean, Orderly mapping, then find a Hosting Service that does. They are too common to settle for less. QWK.net is a good one.

Do I Need My Own SSL Certificate?

No. Shared SSL is just fine. What you are looking for is Secure Payment Collections, it doesn't matter if the SSL Encryption uses a Data Encryption Certificate (Key) that belongs to your Business Name or your Hosting Service Business Name.

Dedicated SSL Certificates bring Online Integrity to your Business. They show your Business has been Issued a Registered Certificate under a Legitimate Business Name. The Certificates are issued to Verify Your Business Name has been Registered using a Specific Server's Fingerprint, and to run under a Specific Domain Name. The Certificates are so exact, that if it is issued to the Domain : "www.Site.com", and a visitor requests a secure page using only "Site.com" without the "www" then the Visitor's Browser will trigger a Certificate Error - Name Doesn't' Match.

Selling Online Does Not Always Involve Credit Card Numbers

I would say that if you plan on doing any serious Online Selling, you will want to provide your shoppers with the ability to use their Credit Cards. This is not always the case, though. A Business may collect Payments for Online Products and Services by Monthly Invoicing, by having the customer Mail in a Money Order or Personal Check, by having the customer Call In Credit Card Information, COD.

I set up Online Shopping Carts for several large Businesses that only wanted to generate a Sales Request, where prices were not listed, but the total order detail was forwarded to a Sales Representative to follow up. Several Businesses sold Wholesale, and only Wanted a valid Account Number to accompany a detailed Invoice or products. The Account Activity was then integrated into a Monthly Invoicing database.

I've also set up quite a few Online Shopping Carts for artisans and crafts-people, where they wanted only to provide instructions for Mailing a Check or Money Order. The product was shipping after the Check arrived.

Alternatives and Variations

Services like PayPal can provide some nice alternatives to the complicated process explained above. PayPal can simplify things considerably for the Small Business person who doesn't want to take on the expense of their own Shopping and Processing System.

Services like PayPal offer secure Accounts where money can be moved in and out of the PayPal System. In a sense, PayPal provides all the components similar to the complete eCommerce Package, but without the headache of setting up Merchant Services or a Processing Gateway. With PayPal, you provide the Web Site, and simply install buttons around your Site and Products. PayPal shows you how to make the buttons, and provides a Free Remote Shopping Cart you can use if you sell more than one item over your site.

A shopper then clicks on the "buy" button for your product, is taken to the PayPal System to make payment from their PayPal Account to Your PayPal Account. If your shopper is not a PayPal member, then PayPal will present a Membership Page for them to sign up. Once I am a PayPal Member, I can pay money from my PayPal funds to your PayPal Account with a few clicks.

I've been selling Online for over Three years, and have always provided the PayPal option for payment in addition to conventional Credit Cards. PayPal Members often prefer to pay you by PayPal because it's much faster, and reliably secure.

Web Technology by MerchantPal.com - Sophisticated Web Applications, Small Business Prices.

Delivering custom solutions for Web based businesses & Web enhanced marketing since 1996. We know web technology. If it has anything to do with Web based technology, we know about it. We offer personalized consulting, development, programming, design technology, creating server side interactive databases, Web based interactive custom programming, adaptation of web technology for sites, technology assistance for graphics designers, illustrators, writers, marketing specialists, anyone needing technical assistance with web projects.

We know how to help with your web project, we have been making custom solutions for Web based projects since 1996. Project prices range from 3 to 4 digits, based on complexity. For a Free consultation and recommendation, please drop me a note with some of the details. Rate estimates on a per job basis.

For Merchant OrderForm Shopping Cart ver 2.5 see MerchantPal.NET
To Contact Me at MerchantPal use this Email Me form.