[Mr. Wobbles]

I'm amazed at the community and support available here at TCH. I manage my employer's web site at another host, and we're paying much more for much less. I will suggest a change.

But while these forums have tons and tons of "how", there's very little "what" -- specifically, a "check list", if you will, of what one needs to consider in setting up e-commerce on one's web site.

There doesn't seem to be one single place where this information is available in a concise form. I've spent the last week's evenings looking at this forum and others, payment gateways (which concept was discovered by accident), merchant accounts (again, which concept was discovered almost by accident). There's plenty of "how do I do this", but what's also needed is a "what do I need to consider/do in order to implement e-commerce on my site."

This lengthy post is intended to remedy that.

This is what I've discovered during the past week. Please correct me if I'm wrong.

I. Shopping cart: there are tons available, it seems, and plenty of comments on which ones work better. (It looks like safe choices are those supported by your Host, Payment Gateway, and Internet Merchant Account).

A. You also might not need one at all, depending on what and how many items you're selling, and the level of security you need.

II. Security (SSL Certificate): you can purchase one (again, tons of providers, both affordable and absurdly expensive), or use a shared one (free, and provided on TCH, other Hosts, and sometimes bundled with your Payment Gateway or Internet Merchant Account.

B. There are differences between the two, and you might not even need one depending on what you're actually doing. (What those differences are isn't my point here -- this is a checklist of things you need to consider).

III. Payment Gateway: Needed if you want instant authorization and "timely" deposit of credit card payments. "A secure internet bridge between your Web site and the credit card processing networks," according to Authorize.net. If you just want to collect e-mailed credit card numbers and manually enter them into your regular Merchant Account, you might just need the right shopping cart and an SSL certificate.

IV. Internet Merchant Account: if you already accept credit cards because you've also got a bricks and morter operation, or are doing the "collect credit card number and manually entering them", you've already got a Merchant Account. But to accept credit cards online, you need an Internet Merchant Account: "a type of bank account that allows a business to acccept internet credit card payments." (Authorize.net, again).

There are variations on this theme that you'll need to research yourself: third party payment processors (such as Paypal), Payment Gateways that also include a shared SSL (such as Verisign's PayflowLink), collecting credit card numbers on a secured site (using the shared or paid SSL) and entering them manually (or even batch uploading).

As for recomendations, I don't have the experience yet. It seems that safe shopping carts are those supported by the companies you'll be using: for example, TCH seems to like oscommerce, and forum posters also recommend Zencart and Mals-ecommerce. Payment Gateway Authorize.net lists oscommerce and Mals (among many others) in their "certified" list; Verisign goes with Mals and Zencart (among others), and Echo likes, among others, oscommerce.

SSL certificates are available in many places: TCH has both their free, shared, certificate and one for purchase ($35 to install, $150 to purchase and install); GoDaddy.com has extremely reasonable prices; other providers have some prices that look absurd. The prices are yearly.

Payment Gateways I've run across in various forums include Authorize.net, Verisign, and Echo.

Internet Merchant Accounts I've run across in various forums include MerchantPlus, and CDG Commerce.

Everyone has various programs and packages, at various prices. You'll also find that Payment Gateways have their IMA recomendations, and vice versa.

According to my week of research (and what seems to be the lack of this particular information gathered in one place) these are the four essentials (the "what") that need to be considered in setting up e-commerce. The "hows" are described in tutorials, forums, from the company's web site, and the instructions that come with the software.

If I've made a mistake or overlooked something, please feel free. I'm hoping this helps other people in my situation: until now, I didn't even know enough to ask a question.

[GroovyFish]

Mr. Wobbles,

I think you have great list there, it will certainly help people just getting started. There is only one thing I would add. It may seem obvious, considering where this is posted, but I think selecting a web host should also be on the list. And it really goes hand-in-hand with selecting a shopping cart. Every shopping cart is going to have different server requirements; platform, whether or not it needs a database and what kind would be the very basics, but some carts do have very specific requirements and you will need to make sure that the host you select can support those.

I throw that in in the interest of keeping your list more general, but of course I would suggest they choose TCH as their host an use a cart that works here, there are plenty to choose from .

EDIT: After re-reading your list, I see where you have touched on using a cart supported by your host. I broke my own rule about posting before coffee. However, I would suggest that selecting a host is a major point and it will require research, especially if you choose your shopping cart first. If you already have a host, then of course choices are limited to what will run on that host.

This post has been edited by GroovyFish: 14 October 2005 - 08:51 AM

[Mr. Wobbles]

Thank you, Mrs. Fish.

Yep, I did make the assumption that we were looking to add e-commerce to an existing web site.

But you are right: if we're starting from the ground up, then selecting a web host needs to be at the top of the list.

And as I get further into my own project here, I'm discovering that you almost need to juggle all four (or five) items at the same time: which host works with which shopping cart; which shopping cart works best with which payment gateway; and on and on in a relentless circle that's just driving me mad! Mad, I tell you!

But I digress.

Thanks.

In a few days I'll be getting some responses from the gateways and internet merchant accounts I've contacted, and I'll post my results.

[crippen]

Thanks for the post Mr Wobbles. The company I maintain a site for has a merchant account for the bricks and mortar business. The name of the merchant account provider is "IC-Verify". I don't know if they do internet merchant accounts or what ... this is all very confusing to me how it all works.

I've been researching and reading into the basics of setting up a merchant account (why I came across your post) and I still don't really get it. Basically I don't get how the whole internet merchant account thing works, and how to implement it into a site with a shopping cart. This is the next step the site is going into now so I need to get to work on it. Anyway, as I understand your post above, our company will also need a separate internet merchant account, correct? The bricks-and-mortar merchant account isn't going to cut it, in other words. Should we contact our bank and ask what internet merchant accounts they would use? Maybe this seems completely obvious but I am new and don't know where to start setting all this up. Any advice/comments would be great, thanks!

[TCH-Rob]

Quote

Should we contact our bank and ask what internet merchant accounts they would use?

Yes, that would be my first step as you might get a better deal with them than what you could get by going with someone else. Then if you use them you either need to find a cart that works with them OR code whatever cart you will be using to work with them.

[crippen]

Thanks for the confirmation Rob. Another question - does it matter to TCH what internet merchant account I use? In other words, will some be not supported by TCH?

Also, is "internet merchant account" the same thing as "payment gateway"? Just trying to get some of the terminology straight ...

[TCH-Rob]

You can use any you want. A payment gateway links your purchase page to the credit card associations and to your merchant account.

[TCH-Mark]

Hello,

I just wanted to point out that remember if your just a small guy and can't justify the cost of a full internet merchant account remember that there is always paypal.com and 2checkout.com

[crippen]

TCH-Mark, on Jan 17 2006, 06:31 AM, said:

Hello,

I just wanted to point out that remember if your just a small guy and can't justify the cost of a full internet merchant account remember that there is always paypal.com and 2checkout.com

Thanks for that. I will be looking into paypal as an option. We have x-cart software which I believe has an option to allow us to take the credit card orders online, but the actual processing we can do manually through IC-Verify. We're already manually running each order through IC-Verify now, so this may be the most effective solution...

What I'm wondering is, would doing it this way bypass a need altogether for an internet merchant account? Or is there some other issue that I am overlooking ...?

This post has been edited by crippen: 18 January 2006 - 02:14 AM

[crippen]

Just to follow up to my previous post, it does seem that we can bypass the need for an internet merchant account by simply running each order manually through IC-Verify. X-cart can simply store the customer info in a database, which we can then extract for order processing. Apparently we are liable, though, if the database is hacked and CC #s are stolen ...

[TCH-Rob]

Quote

Apparently we are liable, though, if the database is hacked and CC #s are stolen ...

And is that a risk you are willing to take to save a couple of dollars a month?

[crippen]

TCH-Rob, on Jan 19 2006, 12:31 AM, said:

And is that a risk you are willing to take to save a couple of dollars a month?

We're still checking into all our options...

And I thought developing websites was gonna be so simple

[TCH-Mark]

Hello,

If you do go down the route of storing credit card details check to see what encryption and protection that x-cart offers.