Thus far, you have a business plan, you have mapped software and hardware issues, and
you have considered security. Now it is time to focus on the payment process in an e-commerce setting. The approach based on credit card use, the implementation of (SSL)
Secure Socket Layers[1], and common HTML forms is common.
This solution is fairly secure and simple, because it eliminates the need to install special software on a client's computer.
Except for a digital certificate for the SSL session, this approach does not require special procedures or software, such as payment gateways. Unfortunately, this method requires manual validation and order processing. This method is less secure than other approaches because it allows many parties to view sensitive client information, such as credit card information, once the e-commerce company receives the information.
Another approach uses automated processing applications (such as Net.Commerce and Site Server E-Commerce Edition) in combination with transaction models such as SSL,
Secure Electronic Transactions [2] (SET), and
digital cash[3].
These systems require more work. However, this approach is much more secure and convenient because it automates validation and order processing.