Ecommerce sites interested in accepting credit cards must have merchant accounts. Merchant accounts are provided by the merchant banks. Transaction settlements move the value of the sale to this account. Banks consider these important factors before creating a merchant account. Business type, possibility of fraud, charges in cases of default is considered before offering a merchant account. It is to be noted that merchant banks benefit 5% through e-commerce sales but the risk of fraud is over 50% of the total sales executed.

Credit card payments are enabled through Payment gateways. Payment gateways are contracts executed by the retailer with the credit card processing organization. These gateways serve as a point of sale system with all the functionalities of a POS integrated in them.

E-commerce website with payment gateway contacts the credit card processing organization. The organization secures the sale by providing authorization from the credit card issuing merchant bank. Authorization is followed by funds transfer into the retailer merchant account. Messages are sent to the merchant and the customer on the sale settlement with relevant information.

Contract with the credit card processing organization provides a bank account, provision for the website to access the payment gateway and security for credit card information input by the customer. Cost of contract involves a startup cost, monthly charges for payment gateway, address verification and statement fees, transaction fee charged per transaction and discount rate applied as a percentage on the transaction.

Charges add up on the cost and reduce profit factor but an ecommerce site has multiple benefits than a brick and mortar business that makes cost an insignificant consideration.

 

The Internet has expanded markets, but criminals have used technology to engage in e-commerce credit card fraud. In 2006, there were $500 million in chargeback fees worldwide. While the United States limits customer liability to $50 - when notifiying the bank of a lost card - the merchant usually bears a large portion of the financial loss.

The e-commerce credit card fraud crime is a "fraudulent transaction" when the merchant is unaware that the transaction won't be paid for by the customer. Thieves steal either the credit card or the personal data. Sometimes, store clerks copy sales receipts. Other scams include "phishing" "skimming" or "shoulder surfing".

Basic fraud detection targets the limited amount of personal customer data held by thieves. Some merchants request the Credit Verification Value (CVV2) number: a three- or four- digit value printed on the card. Knowledge of this number usually means the holder has the physical card in possession.

Many "payment gateway services" have screening procedures preceding credit card transactions. Secure Sockets Layer (SSL) 128-bit encryption technology enhances security. The merchant can also manually check transactions. The Address Verification System (AVS) compares billing and bank details.

A Fraud Scoring System (FSS) calculates the likelihood of fraud based on suspicious cardholder behaviors, analysis of common schemes and comparison to global transaction data. Firewalls are another popular security option.

Confirmation of the Internet Protocol (IP) address and requesting a phone number are also good options. Finally, the merchant can call the issuing bank in order to prevent e-commerce credit card fraud.

E-commerce is a multi tier system with client, web server, application server, database server and data management system as its components starting with client as Tier 1. Two way communications exists between all the tiers and the smooth functioning of E-commerce relies on technologies such as internet, World Wide Web, web architecture, system components, application components, security, cryptography etc.

E-commerce works on the key processes adopted by the organization for customer attraction, customer interaction, order management, and organization reaction to customers. The first process of customer attraction is achieved through advertisement and marketing. Customer attraction is followed by customer interaction. It happens through catalog presentation and deal negotiations. Order management works on order capture, payments, transactions and order fulfillment. Once an order is fulfilled, the organization reacts by following up with customer service and order tracking.

E-commerce benefits Consumers by providing the convenience of buying from home, making it easier to compare similar products and prices, and choice of wider selection. Risks to consumers involve possible security issues, trespassing privacy, purchases on the basis of pictures and descriptions with more emphasis son difficulty encountered in product returns.

Business benefit by introduction of e-commerce through reduced cost of operation, improvement in customer satisfaction, more focused data management resulting in higher earning possibilities. Risks run by business include the need for a robust and reliable website, fraudulent sales or purchase transactions, customer defiance in executing a purchase online and increased competition due to ease of procedures of online business establishment.

The e-commerce Payment Card Industry Data Security Standard (PCIDSS) compliance standards were established by the major credit card companies, working as the Payment Card Industry Security Standards Council (PCISSC). These e-commerce PCI compliance standards were meant to prevent security breaches and identity theft.

The PCIDSS standardized the Primary Account Number (PAN) information, providing 12 procedural and system requirements.

The 12 PCIDSS requirements were broken into 6 categories:
A.) Secure Network - 1.) Firewall and 2.) Reset Passwords
B.) Protect Cardholder Data - 3.) Protect Data and 4.) Encryption
C.) Vulnerable Management Program - 5.) Anti-Virus Software and 6.) Secure Systems
D.) Access Controls - 7.) Restrict Computer Access, 8.) Unique Access ID and 9.) Restrict Physical Access
E.) Monitor and Test Network - 10.) Monitor and 11.) Test Network
F.) Information Security Policy - 12.) Maintain Policy

PCIDSS affects e-businesses, banks, vendors and credit card companies. The PCI has published a Self-Assessment Questionnaire with four different versions. The PCI includes a time-consuming audit of systems processing credit cards and fines for noncompliance.

PCI compliance includes validation of database access, cloaking of Web infrastructure and filtering transmissions. The firewall hides the payment processing center behind electronic and physical barriers.
Firewall software measures common hacker tools and footprints - such as protocol violations, cookie usage and cross-site scripting (XSS) injections to steal data. Through monitoring, analyzing, preventing and reporting these attacks, Information Technology (IT) professionals can address possible hacker attacks.

The e-commerce PCI compliance standards protect personal information against theft.

The best e-commerce software successfully merges appearance, organization and functionality. Businesses should do honest self-evaluations before entering the e-business field. A "business-to-customer" B2C firm will have different needs than a "business-to-business" B2B firm. Likewise, a brick-and-mortar store will have different goals than a completely Internet-based company.

The wise business creates an appealing Web page - with an uncluttered look and a comfortable feel - making the customer visit enjoyable. The best-selling products should be displayed prominently.

An easy "keyword" search box, readily accessible contact information - phone, e-mail and physical - and easy-to-use department tabs are basic necessities.

Web surfers are very fickle. They want variety, ease-of-use and speed. They want one "click" for action.

Businesses should consider which e-commerce software best organizes accounting, Customer Relationship Management (CRM), inventory, order fulfillment, payment processing, sales and shipping. Fees, contract and support will differ.

Standard e-commerce software provides a product catalog, shopping cart, checkout process and online billing. The best e-commerce software directs customers to purchase products with "call-to-actions", using interesting graphics like cartoons or avatars.

Logistics must run efficiently with real-time inventory and data collection. The best e-commerce software provides accurate information immediately. The business must be able to build, maintain and update content without too many interruptions.

Great customer service is essential. Many consumers use the Internet to bypass red tape and bureaucracy. Competitors are only a click away. Successful firms customize and personalize the customer experience, allowing for checking order fulfillment too.

Links to partners and related Web sites are also good demonstrating status in Web community.

The best e-commerce strategy builds on the special characteristics of the Internet. The World Wide Web has expanded the reach of anyone connected to it; enabling anytime, anywhere, always transactions in the e-economy.

The successful e-business becomes the "goto" Web site for customers, needing a certain product or service. Companies must master every stage of business success: vision, system, promotion and logistics.

Companies that 'enable' customer goal achievement conquer their competition. Consumers trust those who have proven their worth.

Great firms learn from mistakes - like the "dot.com" bubble. Technology is a tool, it isn't the business. The Web is a means, tool or arena where transactions take place. It cannot replace a failed business plan.

Successful e-businesses build on successful traditional business models. They grow through "creative collaboration". Many "dot.com" failures lacked firm roots that withstood attacks.

Web surfers want to bypass bureaucracy. Logistics are necessary for success, so wise firms "hide the bureaucracy".

Businesses can reach more potential customers via the Internet. Yet, most of these consumers have divided loyalties and short attention spans.

The best e-commerce strategy builds itself gradually. It creates a "great customer experience every time". "Maintain the best, restructure the rest."

Good companies know their customers personally. They sell what people want. They support customer needs. The best firms will gain Search Engine Optimization (SEO) due to popularity.

The successful manage their businesses, anticipating problems before they occur. They innovate - unleashing creative energy - to retain customer interest. They develop and maintain an "edge" over their competition.