Electronic Payments
As long as Iım discussing Web server and security issues, I should discuss the one element that separates traditional Web servers from commerce servers: Money. The concept of electronic payments over the Web is still evolving, and as such you should be aware of the fundamentals so you can protect yourself from future obsolescence.
 There are three basic ways to pay your way in cyberspace: cash, check or credit card. Electronic cash has been the slowest to evolve because in effect it involves customers actually ıgivingı merchants electronic manifestations of greenbacks. At the moment, this is an awkward concept because it requires third-party software to create the electronic cash and both the customer and merchant need to be running that software to be able to do business.
The advantages of electronic checks are easier to understand. In this model, a customerıs ıcheckı is actually a series of data packets that are run through an encryption engine using the customerıs personal key, which basically takes the form of a digital signature. The merchant then uses the senderıs public key (sent with the message or kept on file) to decrypt the check and process payment. The use of public and private keys ensures that the person who sent the check is authorized to do so.
The credit-card model, however, is still by far the most popular payment method on the Web today and likely to remain so. Simply present a secure form to the customer at checkout time, upon which the customer fills out pertinent credit information. The merchant then sends that information out via an even more secure and dedicated payment gateway, receives authorization from the credit-card company and ships out the product or service. Itıs quick, easy to implement and, above all, customers donıt need anything except whatıs in their wallets. Electronic cash and checks both require additional software and effort on the part of their customers.
While electronic checks and debit systems are slowly becoming more popular, credit-card services really are the way to go right now. Electronic cash is a fringe alternative you can implement if you want to offer total access, but frankly, thereıs little need if you support credit cards and checks.
Naturally, all of the above is aimed at Web storefront commerce. Business-to-business transactions usually use different means: the aforementioned EDI/EFT and other cousins like ACH. Detailing the mechanics of these services here would be space prohibitive, and really isnıt necessary. If you require either of these methods, you already know it. Either your company uses them or your business partners do. Both require the intervention of third parties to function, so youıll run into experts no matter what. EDI requires the use of a VAN, while ACH (Automated Check Handling) requires support from the bank. Nevertheless, do not wait until the end of the project cycle to tackle these issues. Both can have a huge impact on application architecture, so itıs best to get the specifics mapped out early.
Summary
As weıve seen, building an enterprise level e-commerce server has far less to do with choosing server hardware than it does with paying attention to network health, application development and security. Designing as detailed an application map as possible before beginning any of the real work usually determines your level of success.
You may have noticed that we pushed for external hosting fairly hard in some sections. Thatıs not to say weıre against in-house server hosting in some situations, we just want to be sure you explore all options. Expert hosting services can go a very long way in cutting down your design and implementation time as well as easing your future management chores by an order of magnitude. As early as last year, experts on Web commerce were hard to find, so if you had one on staff that alone may have swayed the decision towards in-house servers. Today itıs a different ball game. The need for smaller ISPs to sell services to keep themselves differentiated from the megaplayers has created a glut of available expertise. By all means avail yourself of it. Itıs a buyerıs market, so as long as youıre careful about the quality of your hosting service, you can save yourself a ton of work at a relatively small cost.
Oliver Rist is contributing technical editor at InternetWeek and technical director at GCN Labs. He can be reached at orist@cmp.com.
|
REPORTS
ANALYTICS
Follow 
