Top 4 noodsaaklikhede van e-handelsekuriteit

As jy inteken op 'n diens vanaf 'n skakel op hierdie bladsy, kan Reeves and Sons Beperk 'n kommissie verdien. Sien ons etiese verklaring.

Soos jy begin om besigheid op die web te doen, gaan jy drie spesifieke tipes mense teëkom:

• Diegene wat by u wil koop
• Diegene wat van u wil steel
• Diegene wat wil steel van diegene wat by u koop

Die paradoks wat elke webwerf-eienaar in die gesig staar, is dat jy die eerste tipe persoon met ope arms wil verwelkom, maar die ander sal jy wil probeer uitsluit. In 'n tradisionele vanlyn winkel is dit gewoonlik maklik om te sien waar moeilikheid vandaan gaan kom. Om aanlyn sake te doen, beteken egter dat jy daardie belangrike intuïsie verloor.

Security must always be your highest priority if you are selling online through your own website. It is also the case that you can’t work out your online security by trial-and-error. You have to get it right the first time, because recovering from mistakes is difficult for big business, and virtually impossible for a small business. If you do manage to screw up on security and it gets known about, expect to have to rebuild your business and your reputation from scratch. In the rest of this article, we’ll give you some pointers on how to avoid that fate.

1. Don’t store more informatioon as wat jy eintlik nodig het

Baie webwerwe het ingewikkelde vorms wat ingevul moet word voordat 'n kliënt selfs die mees basiese aankope kan doen. Dikwels versoek hierdie vorms allerhande informatioon wat nie relevant is vir die verkoop nie. Dit is gewoonlik die fout van die bemarkingsafdeling wat probeer om oorbodige demografiese of CRM informatioon. Die probleem is dat voorafverkoping nie die regte plek is om die soort data aan te vra nie.

Legally you have a responsibility to protect the data that you store about your customers. There’s even certain types of data that you’re not legally permitted to store (CVS numbers, for example). Even so, many websites do store that informatioon wat hulle nie veronderstel is om te stoor nie.

It’s much better for you not to do that. In the pre-sale phase, you can actually lose customers by asking for too much information. They will go some place where purchasing is simpler and where they don’t feel like they’re facing the Grand Inquisition.

Mense raak meer bekommerd oor die informatioon wat hulle aanlyn deel, so jou doel moet wees om altyd die minimum hoeveelheid in te samelformation possible, as that helps to build trust. If you’re using PayPal or a similar service to process your payments, you probably don’t have to collect any information van jou kliënt, want PayPal voorsien jou van alles wat jy moet weet om die bestelling te voltooi.

Hoe meer informatioon wat jy stoor, hoe meer is daar potensieel beskikbaar vir iemand om te steel en te ontgin. As hul diefstal ontdek en na jou teruggespoor word, sal daar later baie meer probleme daaruit voortspruit.

2. If you’re collecting sensitive information, jy benodig SSL

Die ideaal is vir elke webwerf SSL by verstek, but unfortunately it’s quite a hassle to get SSL sorted out, and there are even major internet companies that get it wrong (for their sake, we’re not going to name them).

SSL gee jou enkripsie wat dit moeiliker maak (maar nie onmoontlik nie) vir iemand om of ander te kaapwise inmeng met die transaksie. Dit beskerm ook tot 'n mate die informatioon wat oorgedra word.

The most important feature of SSL—maybe even more important than the encryption—is that it positively identifies your site. Even this isn’t perfect, but it’s better than nothing at all.

3. Make a conscious decision about whether you’re processing your own transactions

Deur self transaksies te verwerk, kan u 'n bietjie geld by elkeen spaar. As u transaksies met 'n lae volume hoë waarde doen, kan die besparing aansienlik wees. PayPal op hul ergste, byvoorbeeld, sal u ten minste 4.5% van die waarde van 'n transaksie hef (die bedrag verminder met hoër transaksievolumes).

Tog is daar baie voordele verbonde aan die gebruik van eksterne betalingstelsels soos PayPal, Skrill, and WorldPay. The primary advantage is that you’re no longer directly collecting financial informatioon van jou kliënt, en ideaal gesproke nie versamel enige informatioon glad nie. Dit beteken al die onus vir PCI-nakoming en verbruikersdatabeskerming val op die skouers van die betaaldiens en nie op jou skouers nie. Vir die KMO is dit 'n groot las wat opgehef word, dit verminder jou potensiële aanspreeklikheid ernstig en vereenvoudig die vloei van jou transaksies.

On the other hand, there have been horror stories for some merchants. The main culprit when it comes to meddling in other people’s business is PayPal. Taking their duty to protect the world from money laundering extremely seriously, PayPal will freeze an account at the slightest hint that there’s anything odd going on, and getting the freeze lifted can be quite a hassle.

A big part of the PayPal problem is that it is quite difficult to contact them. Another infuriating thing that is not entirely limited to PayPal alone is the over-zealous hand holding, where they try to protect you way too much and without your request for them to do so. This means if you attempt to log in to your account from a device that PayPal doesn’t recognize, or if you have made the foolish mistake of registering a cell phone number with them, you can lock yourself out of your account merely by traveling to another country or changing your phone service. In a world where business is becoming increasingly global and people travel internationally much more often, this is unacceptable.

Hierdie probleem kan ook ander dinge beïnvloed waarop u besigheid staatmaak. Facebook, Twitter, Yahoo, GMail, and scores of other services can all make really big headaches for you when you travel outside your usual area and don’t have global roaming enabled on your phone. Logging in from an unfamiliar device (or a familiar device with an unfamiliar SIM card) from a location outside your home country can really screw things up for you, but at least none of those services has direct control over your cash flow. Payment services do, so if they block you, the consequences are more serious.

The greatest reason to let somebody else handle the transactions for you? Customers are notorious for not filling in forms correctly. When you’re unable to ship their product because of this, they will blame you. That can result in nasty things like charge-backs, and over time this can affect your business, and possibly also your reputation. Hand over all the information collection to a third party, and technically you’re off the hook.

4. Kontroleer alle transaksiebesonderhede voordat u produkte versend

Vir sommige ondernemings kan dit 'n bietjie ingewikkeld wees. As u byvoorbeeld digitale produkte soos e-boeke verkoop, verwag kliënte gewoonlik om hul produk byna onmiddellik te ontvang. As u fisiese goedere verkoop, het u 'n bietjie meer tyd om alles na te gaan, en u moet dit gebruik.

Maak seker dat die hoeveelhede, pryse en produkbeskrywings ooreenstem met wat daarby pas. Kyk ook of enige afslag- of koeponkodes geldig is.

Soos u kan sien, verg baie moeite of onkostes om veilig te bly. Dit beteken basies dat u die gewoontes van groot korporasies laat val. Met ander woorde:
• Don’t spy on your customers
• Don’t collect information you don’t strictly need
• Beskerm die informatioon wat jy wel versamel
• Delegeer verantwoordelikheid, indien moontlik, deur die verwerking van derdeparty-transaksies
• Gaan bestellings na voordat u produkte stuur

The one other thing you should always do is check that refund requests match the amount of the original transaction. It has been known for people to purchase at sale price and refund for full price, and staff don’t always notice.

Funksie-beeld op die rand van Fireart Studio

Kommentaar Kommentaar

Lewer Kommentaar

Jou e-posadres sal nie gepubliseer word nie. Verpligte velde gemerk *

Gradering *

Hierdie webwerf gebruik Akismet om spam te verminder. Leer hoe jou opmerking verwerk is.