Subscribe to Entrepreneur for $5

Privacy/Security Issues & Adding E-Commerce Capabilities

When it comes to your site, privacy and security are top of mind for most online customers. And if you really want them to spend their online shopping dollars on your site, you'd better get your e-commerce operations right from the start.

Opinions expressed by Entrepreneur contributors are their own.

To help ensure your ' confidence--and encourage them to shop--there are several approaches you can take: posting--and adhering to--a well-crafted , applying for a privacy seal, offering plenty of payment options and securing their online transactions. And to ease your e-commerce headaches, we'll tell you what you can do to prevent shopping cart abandonment and lower your return fraud rates.

31. Include a privacy policy. Drafting and boldly posting a privacy policy is a must-do when building your website--it's a necessity today for building consumer confidence. A good policy includes a description of how data is collected and used; a way to allow users to choose not to provide data or permit their data to be shared; and a description of the procedure for users who want to request or update data. You can also follow fair-information practices laid out by the . And remember: Once a privacy policy is posted on your site, you'd better adhere to it, or you can expect to find yourself in legal trouble.

The Direct Association has an online guide to help entrepreneurs develop a privacy-policy statement. The guide encourages companies to complete a questionnaire and create a privacy-policy statement consistent with the association's Privacy Principles for Online Marketing.

32. Make sure your policy is thorough. A good privacy policy should cover questions anybody visiting your site might have. Your policy will need to:

Reveal what personally identifiable information is being collected through your site, including that which is automatically collected when users log on. For instance, you may want to state that your business collects information on visitors' internet addresses and browser types to help with site maintenance.

Tell your visitors how the information will be used. Is it for shipping and billing purposes? Do you share the information with anyone else? Inform visitors about choices they have concerning the collection, use and sharing of that information. If visitors must register and provide information, allow them to opt not to receive newsletters or other e-mail.

Describe security procedures used to protect visitor data from loss, misuse or alteration, including your secure server and encryption methods. Let them know how they can view the information you've collected on them and correct any inaccuracies.

33. Apply for a privacy seal. Online seal programs are like a Better Business Bureau for the web. It works like this: If a business follows certain privacy rules, it's allowed to display a seal of approval on its site. Customers logging on to your site will feel more confident buying your wares; the seal offers proof that your business takes privacy seriously and uses the information collected in a responsible way.

Two leading privacy-seal programs are TRUSTe(Trusted Universal Standards in Electronic Transactions) and BBBOnLine, a subsidiary of the Council of Better Business Bureaus. To include either of these programs' privacy seals on its website, a company must agree to post a privacy statement that's easily accessed and understood; further, the business must implement privacy principles that reflect fair-information practices.

34. Choose a shopping cart system that works for you. To accept online payments, you must have a shopping cart system that allows your customers to select and purchase products from your website. A shopping cart system typically consists of three components: the product catalog, the shopping cart and the checkout/payment system. The product catalog displays the items you have for sale on your site. The shopping cart system allows your customers to select products by clicking an "add items to cart" button, and the checkout/payment system allows customers to complete the checkout process and pay for their purchases with a .

To select the shopping cart system that's best for your business, you should consider a number of factors, including the product you're selling, the depth of your product line, the purchase options you wish to offer customers, the inventory control functionality and the extent of automation you desire. Numerous companies can assist in the setup of your shopping cart and online credit card payment system. These companies typically charge several hundred to several thousand dollars for their services--but, like anything, you get what you pay for, so always use a company with good references in this area. The money you spend now will be returned many times in increased sales volume from credit card customers.

35. Start accepting credit cards on your site. The decision to accept credit cards is a wise one for any retailer. Research has shown that accepting credit cards increases revenue and helps with cash flow, since you receive the money within a few days instead of waiting up to a week for a check to clear. And credit cards don't bounce, as some checks have a tendency to do. To accept online payments, you'll need the following:

  • An electronic shopping cart system
  • A payment gateway service
  • A credit card processor
  • An internet merchant account issued by a bank or other financial institution or service bureau

Here's how online credit card processing works:

  • Your customer submits his credit card information at checkout on your site.
  • The shopping cart software sends the transaction to the gateway.
  • The gateway routes the information to the processor.
  • The processor contacts the bank that issued the customer's credit card.
  • The issuing bank approves or declines the transaction.
  • The processor routes the result back to the gateway, which then passes the result back to the Web site shopping cart system.

The entire process is done electronically and takes just seconds to complete.

36. Set up a merchant account. An Internet merchant account is a bank or account in which funds from online sales are deposited by the processor. Merchant accounts are usually issued by banks that are associated with the major credit card services, like and . Although many banks used to shy away from granting merchant accounts to internet merchants, now that online sales are a much more accepted shopping option, lenders are now much more likely to be willing to grant you a merchant account and everything else you need to accept online payments. Be warned, though: The fees are usually higher for online operations.

37. Protect your customers--and your business--from fraudulent payments. Although fraud rates are on the rise, credit card payments still remain one of the safest payment methods available online. And that's due to sophisticated solutions, such as the LinkPoint Secure Payment Gateway, which process credit card payments in real time using Secure Sockets Layer (SSL) technology that encrypts all confidential information during the transmission and authorization of transactions.

Other fraud-prevention tools, such as the Address Verification Service (AVS), make online credit card acceptance even safer. The service compares the numerical information in your customers' addresses with records stored by card-issuing banks. It then returns codes that indicate whether the numbers match. Although the information provided by the AVS does not affect the authorization of your transactions, it can help you make informed decisions about suspicious orders.

Besides the AVS, you can protect yourself by using the card validation code 2 (CVC2) and the card verification value (CVV2) verification systems of MasterCard and Visa, respectively. These verification services use the three-digit codes printed on all MasterCard and Visa cards to help you determine whether your customers possess legitimate cards.

38. Don't stop with address and card verification systems. Many experts say these are only a first step. Merchants selling valuable products that are easily resold, such as electronics, should also invest in the advanced fraud protection services offered by gateway providers. These services generally use fraud filters to screen for suspicious activity in real time. They cost an additional $30 to $1,500 per month, depending on the level of customization, along with additional setup and transaction fees.

Before implementing fraud-protection services, however, web merchants should design websites that are more fraud-resistant. One e-commerce expert recommends designing the checkout process so that after a consumer presses the "buy" button, the "back" button on the web browser no longer responds. Also, thank the customer for the order without indicating whether the card has been accepted. This way, the site doesn't serve as a tester for fraudulent account numbers.

39. Minimize shopping cart abandonment. Despite widespread knowledge of the problem, shopping-cart abandonment continues to plague e-tailers. Here are a few easy tips you can implement on your site to minimize shopping-cart abandonment:

  • Remind people of what they're getting as they're checking out.
  • Provide shipping costs early on.
  • Show stock availability on the product page, and offer an estimated delivery date.
  • Include a prominent "Next Step" or "Continue With Checkout" button on each checkout page.
  • Add "shop with confidence" messages that remind customers of your security/privacy policies.

The number of shopping carts abandoned could be reduced dramatically if retailers were to make these relatively minor changes to their online checkout processes. And finally, before making any changes to your shopping cart, you might want to use web analysis software to see how people navigate through a site. By doing so, you can learn not only what frustrates online shoppers, but also what keeps them opening their wallets.

40. Implement policies to curb return fraud. Brick-and-mortar retailers have always had to deal with return fraud. But with so many sales happening online, e-tailers are beginning to rethink their return policies to minimize fraud. Combating return fraud starts with posting a concise, reasonably restrictive return policy on your site. Such policies are important to online shoppers, according to a survey released by the NRF Foundation (an arm of the National Retail Federation) and the American Express Co. "The NRF Foundation/American Express 2004 Customer Service Survey" found that 70 percent of online consumers want returns to be accepted without problems, 70 percent want return policies to be clear, and 69 percent want them to be fair.

Some retailers have begun using The Return Exchange's Verify-1 to track return fraud. Verify-1 stores a customer's ID and payment information when he or she returns an item. The system then compares variables such as return frequency, dollar amounts and/or timing against rules that form the retailer's return policy. Although it's a bit pricey, the service might be worth it if it could slash the number of fraudulent returns you experience.

Entrepreneur Editors' Picks