Ecommerce Implementation  «Prev  Next»
Lesson 1

Transaction Security and Payment Infrastructure

Thus far, you have a business plan, you have mapped software and hardware issues, and you have considered security. Now it is time to focus on the payment process in an e-commerce setting. The approach based on credit card use, the implementation of (SSL)Secure Socket Layers[1], and common HTML forms is common. This solution is fairly secure and simple, because it eliminates the need to install special software on a client's computer.
Except for a digital certificate for the SSL session, this approach does not require special procedures or software, such as payment gateways. Unfortunately, this method requires manual validation and order processing. This method is less secure than other approaches because it allows many parties to view sensitive client information, such as credit card information, once the e-commerce company receives the information.
Another approach uses automated processing applications (such as Net.Commerce and Site Server E-Commerce Edition) in combination with transaction models such as SSL, Secure Electronic Transactions [2] (SET), and digital cash[3]. These systems require more work. However, this approach is much more secure and convenient because it automates validation and order processing.

By the end of this module, you will be able to:
  1. Outline the considerations of a secure transaction
  2. Explain the issues involved in choosing a payment method
  3. Design your Web site for secure transactions and payments
  4. Describe protocols used to secure transactions, including SSL and SET
  5. Establish secure transactions through the use of digital certificates
The next lesson discusses the methods used and requirements for processing payments online.
[1]Secure Sockets Layer (SSL): An encryption method enabled by digital certificates.
[2]Secure Electronic Transaction (SET): A method of information exchange that allows businesses and clients an extra level of protection while conducting business.
[3]Digital cash: The use of proprietary software to convert "real" money into information easily transferred over a public network.