Shopping Cart Security
If you take payments online it is a necessity to encrypt the transfer of data in your store. Digital certificates are one of the main tools for privacy and trust utilized for electronic payments.
We will explain and implement the following security measures to ensure your customers have a safe online shopping experience:
- Digital Certificates - The Certificate Authority certifies by your Digital Certificate that you are proves you are who you say you are.
- Secure Protocol (HTTPS) - provides privacy between the customer (browser) when entering credit card information to your online store.
- Secure E-mail - provides privacy with critical email sent to you by your online store.
- A Privacy & Security Policy - provides your customer with an understanding of how you will use their information.
A digital certificate is designed for two things, to prove you are who you say you are for the customer's peace of mind through the verification of your business by a trusted third party. When someone views the "certificate" on your website, they're viewing the certificate that was signed by a trusted third party. The certificate identifies whom the key is for (your business), the domain it was intended for (eg. www.onyourmark.com), who issued the key (the trusted third party), when it was issued, and when it expires.
At OnYourMark we will guide you through the entire process of requesting a digital certificate to give your customers or clients the privacy and piece of mind they need.
Secure Protocol (HTTPS)
World Wide Web (WWW) security is important as increasing amounts of sensitive information, such as credit card numbers, are transmitted over the Internet. We invoke this security by calling a URL with HTTPS instead of HTTP. After your customer's browser and your web server have agreed on what secret code to use, the rest of the conversation between them occurs naturally but is encrypted. Security isn't necessary, however, until the customer is giving you his or her private information. The form(s) where they tell you who they are, where they live, their shipping address, contact info and credit card number should all be protected by a secure transaction. We will build your web store with all web pages secured appropriately.
Secure Email (PGP)
It is important for all Internet users to understand that regular email offers no privacy, and can actually be read by many people other than who it is sent to. With PGP encryption, all of these people can have free access to your email, and still have no idea as to its content - that is real privacy!
With PGP, you can digitally sign your email: Automatically, PGP will calculate a complex mathematical value based on the exact content of your email message, and will then encrypt that value to your private key. And since only you have the private key that encrypted the email, only you will be able to read that email. So when PGP says that the signature is good, that indicates that the message is both unaltered (integrity), and from who it says it is from - that is authenticity!
Privacy & Security Policies
Our policy dictates that we do not, and will not, work with companies that sell or re-sell private information collected via the web. This is true for all information, including email addresses.
The Security Policy should tell the customer exactly how you protect their private information. You don't need to tell them about how HTTPS works but you should tell them that their credit card transaction with you is safe by displaying your "Certificate Seal". And you should always have a link to your privacy page that states their private information is encrypted and kept safely and securely for their safety (and yours). Make this policy available on any page you secure and any page that leads to a secured page.
There is a lot more to security and privacy, through technology or common sense, be assured that we can make your online store trustworthy!