Monday 6th February 2017
In the early days of the web, many people were anxious about using their credit card online, but now a wide variety of businesses exist who sell solely through the internet. Read on for our guide to selling on the web.
Security and encryption
Not a month goes by without a new high-profile hack of a big company. There are a number of steps you can take to make sure that your company isn't in the news for the wrong reasons. We have a number of company policies regarding security:
- We recommend all websites run over HTTPS. This is now Google's policy too, so it also improves your website's search engine placement.
- We never store any credit card details on our servers. This makes us a less attractive target for hackers because there's nothing valuable for them to steal.
- We never store user's passwords on our servers. We subject passwords to a one-way process called salting, hashing and stretching that makes them unreadable, and when users log in we apply the same process to the password they supply. If the passwords match they're in! This makes us a less attractive target because it's not possible to recover the passwords from a database.
- We only use high-end hosting companies. Our servers are in a state-of-the-art data centre in the Midlands, monitored 24/7 and regularly patched by a company with a reputation for high security.
A payment gateway is a company who process your user's credit card details for you: Worldpay, Sage pay, Paypal, Paymentsense; the list is endless.
Good payment gateways will offer a small monthly fee for the service and a small transaction fee each time someone pays you. A typical cost might be £10 per month and 2% +20p per transaction, depending on the volume of sales.
All good payment providers now use the three-digit CCV (Card Code Verification) numbers and Verified by Visa systems to improve their security. If you have a preferred payment gateway please let us know and we can integrate your website with them.
Our preference for e-commerce software is Shopify. The advantages are:
- Easy to use - Most clients are comfortable using the system after a one-hour training session
- Customisable - Shopify stores can look exactly how you want them, and the system has hundreds of plug-ins to extend it
- Hosted - Shopify manages all updates and security patches, reducing the likelihood of getting hacked
We currently manage three Shopify sites for clients:
This store was built for a company based in Fowey, and features pages of text and images, and a very simple blog all running inside the Shopify system. An older site, it is not fully responsive.
Doxy Massager Store
This adult toy manufacturer in Callington has the majority of their website running outside of Shopify (in our own CMS), with everything under the Shop now navigation item inside Shopify. They make use of a Shopify plug-in that allows dynamic currency conversion.