<< Back to Table of Contents

E-Commerce 1.0

Introduction to E-Commerce
Security and Personal Data

 

E-Store Security
When dealing with personal details and financial transactions, the security and integrity of the data is of the utmost importance. To ensure your customer's data is secure we utilize 128bit encryption for both transmission and storage of all transactions. 128bit encryption is also used by financial and military institutions to ensure that data is secure.

When a customer enters the 'checkout' procedure on your e-store they will begin an encrypted 'session', which will ensure that no one can eavesdrop as data is transmitted. The customer’s browser will display the 'closed padlock' icon to assure them that they are at a secure site. Once the customer’s transaction is complete, all details regarding their order are stored within an encrypted database. In the unlikely event that this database is compromised, the data would be unreadable without a unique key that cannot be accessed by the public.

Despite the security measures we have put in place to protect your customer's data, there are certain processes that are beyond our direct control and will require a certain amount of care and diligence on your part.

Securing your Internal Processes
Your e-store is an 'offline' system that requires you to authorize credit card payments via your own credit card machine or payment system; therefore, your e-store temporarily stores credit card details in its secure database. It is important that you process the payment and then delete the credit card number using the method outlined later in this manual. It is also important that you log-out of the Administrator Panel once you are finished, as this will prevent unauthorized access to your customer's data.

The Administrator Panel has an invoice feature that allows you to print a copy of an order for your records if you wish. When using this feature the credit card number is automatically obfuscated leaving only the last 4 digits. You may still view the full card details by logging in and clicking on an order. Any print-outs you make should always be stored securely to prevent unauthorized access to your customer's personal data.

If you have the Instant Gift Certificate feature installed on your e-store it is important that you do not allow unauthorized access to your username and password to prevent fraudulent adjustments of Gift Certificate balances.

 

Continue to 'Getting Started' >>