Tuesday, March 24, 2009

Checkouts & Security: Your Web Host Is Key

by: Frederick Townes

From a commercial site owner's perspective, the checkout is the most rewarding of all site pages. It's the reason the site was built - to generate sales. Smooth, hassle-free transactions.

Unfortunately seven out of ten visitors who place an item in their carts never complete the sale. Many times, the problem lies in the site's checkout - its look, feel, security and most importantly, its ease of use.

Your web designer and host should offer a tool box of checkout solutions free, or at preferential pricing. Your web host should also provide the server security you want and need.

What Do Potential Buyers Expect At The Checkout?

The same thing they expect in a brick-and mortar outlet. Convenience, no long lines, security and politeness. So, how do these visitors' needs translate to a site's checkout design?

Convenience:

Numerous payment options are a convenience. Naturally, any site must accept credit cards - the big ones, any way. But what about PayPal, electronic bank transfer or how about an old-fashioned, hard copy check or mail order? The more ways to pay, the more sales are made. And a one-click checkout option for regulars boosts sales even more.

No Long Lines

Clear, easy-to-follow directions on every check-out page. And limit the number of checkout clicks and checkout pages.

Security

And plenty of it. Buyers expect complete, secure encryption of their transactions. They want to see the padlock lower-right, the http s in the address box and an SSL secure logo. Or no sale.

Politeness

Checkout copy that's reassuring. The ability to back out to previous pages and a follow-up thank-you/confirmation e-mail are all ways of demonstrating commitment to customer care.

Checkout Apps

Checkouts are available as separate applications that simply bolt on to your site's back office. Some of these checkouts are open source, while others cost a few bucks.

osCommerce is an open source application that's under constant development by experts from the ecommerce community who volunteer their time to refine this free and fee-free software. It's a great option for start ups - simple interface, straightforward administrator's console and compliant with all site servers - a critical consideration.

MIVA Merchant 5 comes in at the other end of the checkout spectrum, providing numerous checkout options, a feature rich administrator console, sales metrics, visitor tracking and many more features.

Most web hosts offer open source checkouts as part of their applications libraries, a real money saver when first starting out. And upgrading to a more sophisticated checkout is easy for the site owner and the hosting service.

Web Hosting and Checkout Security .

If you've been in business on-line for a year, you have a great deal of sensitive data stored on your web host's server. Names, addresses, credit card numbers - a veritable treasure trove to any script-kiddie or cracker. The information collected during the buyer checkout process must be secure for the sake of your business and for the sake of your buyer's confidence in your enterprise.

Regardless of whether you opt for an open source checkout or spend big bucks on the out-of-the-box supermall edition, your web host should provide site security in several ways.

SSL Certification

In order the take credit card payments, sites must be SSL certified and receive an SSL ID code.

Any reputable site host supports SSL certified secure connections. So, if you subscribe to a shared hosting package, in which you share server space with other sites, you'll be able to use the host's SSL certification to accept credit card payments through your site. There shouldn't be a charge for this since the host must have the SSL cert any way.

Is There A Steel Cage Around Your Checkout?

If a site accepts credit cards and uses other payment options (PayPal, Paystation, etc.), it must be secure. Now, a site owner can (and should) install quality software on the business system, but that's just the beginning. What kind of security does your hosting service offer?

Sensitive customer data, names, addresses and credit card numbers, make small sites attractive targets to hackers. And since this sensitive data is stored on your business system and your host server, that web host better have state of the art security on its shared and private servers.

And not just one layer of protection - a firewall and virus zapper. To protect the business and keep check-out transactions private, web hosts require multiple layers of security to protect against a variety of digital malpractice: brute force attacks, wardriving, malware injections and other forms of server intrusion.

Today's most advanced (and reliable) security is capable of defending itself automatically, detecting suspect incoming data and diverting it before it even reaches the host server.

Sure, any site owner must locally defend against intrusion with top-flight malware protection installed on the office computer or network. But without a secure server, the doorway to the www is wide open and anyone can walk in.

Downtime

Another important feature to consider when searching for a hosting service is downtime. When an on-line enterprise suddenly finds itself off-line due to a server malfunction, you might as well close up shop until the problem is solved.

Regardless of what checkout application you employ, from low-cost open source to high-priced tools that do it all, a host that can't deliver reliable, consistent service is going to cost money in downtime.

What kind of reliability should you expect? 99% plus. That's right, almost perfect uptime. Today's technology makes 99% reliability achievable. And that's what any site owner should expect from a hosting service.

The Bottom Line? Your Bottom Line.

When looking for a web host to connect you to the www, it's essential that you and the host consider checkout options to determine that the package you select is compliant with the host's servers and other hardware.

A well-equipped host should offer a toolbox of useful applications including an open source (free) site design and management package. And as you grow, it's important that your host be able to upgrade your checkout app without any downtime. Remember, you may start out small but you'll grow, your business will process more and more orders and you want to make sure your host can grow right along with you, offering everything you need to expand your on-line empire.

For shared hosting accounts, you should be able to use the host's SSL certification to enable you to take credit card orders. This service should come as part of the hosting plan, not as an add-on.

Finally, learn all you can about the host servers' security. Look for multiple layers, hardware- and software-based firewalls, virus detection, spam shooters and other 'at the gate' features to keep intruders at bay.

Working with your web host, you'll be able to design and develop an on-line checkout that's simple to use, accessible to customers 24/7/365 and impervious to threats from the outside.

Then, it's time to hang out the 'Open for Business' sign.