How to build an effective e-retail site

By Eric Hammond
May 28, 2001

Related Links

So you want to move the business part of your agency to the Internet? Why not? Despite the wave of high-profile dot-com failures, it's clear that the future lives on the World Wide Web.

Before trying to kick-start your e-retail site, give careful consideration to design. And keep in mind each of these areas, which are critical to the success of your e-retail site: security, payment processing, database and application integration, usability and customer service.

Security First

Security should be your biggest concern in any e-retail undertaking. You have no business selling on the Web if you can't take the basic steps needed to secure your data and the data of your customers.

Ensure that the server environment that hosts your site is secure. This isn't a one-time deal. Continually test the security of your systems, applications and databases to ensure that no security holes have been introduced.

Also, the transmission of data between you and your customers must be secure. This means using strong — 128-bit — Secure Sockets Layer encryption for all sensitive information sent between you and your customer. You may need to provide weaker SSL encryption for international users and others without 128-bit encryption, but you should explain the ramifications of using the weaker security.

The most sensitive data to handle will be your customers' credit card numbers. Store this information encrypted in your database. Access to full credit card numbers should be granted only to those members of your staff who absolutely need it, and such access should be logged and controlled by a unique user name and password.

Card information should be stored on secure servers behind your firewall, never on your public Web servers. Visa has an excellent checklist of best practices for securing card transactions and data in its Visa Merchant Resource Center (www.visabrc.com), which contains a wealth of information for folks setting up an electronic storefront.

Of course, as with any IT system, you need an effective backup and disaster-recovery plan.

The final component of your security plan should be a clearly defined privacy and security policy that is communicated to your customers and your staff. It's foolish to believe that you can create a 100 percent secure Web site, especially as time passes and new holes are uncovered and changes are made to your systems, software and databases. By following the practices outlined above, however, you can ensure that security problems are rare and that their impact is minimized.

Processing the Transactions

Payment processing can seem scary until you've set it up once or twice. It really is just a matter of jumping through a few technical and administrative hoops and forking over some cash.

If you already accept credit cards via more traditional purchase methods, you're halfway to being able to accept credit cards via the Internet. If you don't have a merchant account, which allows you to perform card transactions, you'll need to set one up. Once you have an account, you can use an Internet card processing service such as RTWare or VeriSign Inc. to accept and process transactions. RTWare offers a good overview of card processing basics at www.rtware.net/onlinedocs/overview.htm.

Typically, you will obtain a snippet of code that takes the card information entered by your customers and transmits it (encrypted, of course) to the card processor, which then processes and confirms the transaction and reports the results back to your system.

Fitting It Together

Database and application integration is a critical component to e-retailing. You can conduct business fairly simply via the Internet using e-mail or by submitting data via simple CGI- or ASP-based forms. However, the benefits of integrating your e-retail site with your existing databases and applications, as well as the added security of not relying on plain-text e-mail for transmitting sensitive information, mean that you'll likely want to integrate your e-retail site with your existing systems.

There are several ways to do this. You can write your application from the ground up, which gives you the most flexibility and easiest integration with your existing systems, but this is likely the most time-consuming and expensive option.

Another option is to integrate third-party products such as Cart32 by McMurtrey/Whitaker & Associates Inc. for your shopping cart and RTWare for your card processing. This gives you less flexibility and control over the look and feel of your site, but it saves development time and comes with solid out-of-the-box functionality.

You also can use a complete, hosted e-commerce service, such as a Yahoo storefront, which you can get up and running in an afternoon. These options, however, may provide little or no integration with your existing systems.

For many e-retailer wanna-bes, the second solution may be the most appealing. You can quickly integrate third-party solutions with your existing Web site, customize them a bit with applications built from ASPs, CGIs or Java, and be up and running with a credible e-retail site.

Keep Users in Mind

Decisions that you make about usability can greatly impact the level of effort needed to construct your e-retail site and can have an impact on how complete your integration with your existing systems needs to be.

Different e-retail applications have different critical requirements based on the products sold, the logistics involved in delivering the products, and the type and number of customers buying the products. A site with five products shipped directly to 1,000 or so customers will probably look very different from a site with 500,000 products and 1 million customers who sometimes buy for themselves and sometimes buy for others.

Find a site that approximates the level of complexity you're expecting for your own site. If you're looking to deliver a large number of products to a large number of users, you might want to look at Amazon.com. Obviously an e-retail behemoth, Amazon offers many of the features that any aspiring e-retailer would want to build into his or her site, but these features aren't for everyone.

First, check out the site's navigation tools. Amazon sells literally millions of products, so this requires a somewhat sophisticated interface for users to browse. Simply putting up a text field with a "search" button wouldn't give customers access to as many products as possible. Amazon breaks products out by "stores" and then by categories and provides many different ways to view products. Amazon includes comparison shopping features in many of its stores and also provides ways for users to rate products.

Clearly, all of this functionality would be extremely time-consuming to duplicate. If you already have a product database with complete product information and the tools already built for updating the database, then the e-retail site developer can focus efforts on the functionality that the site's users will want.

Think about what you are selling and how people would want to browse it. Don't put in complex search and retrieval functions that will only confuse the end user, especially if they are so complex that you won't be able to implement them correctly the first time around. Keep it as simple as you can to still present the catalog information in a useful way.

Also, keep in mind that you don't have to do everything in the first release of your site. Focus first on making it easy for a user to add an item to the "shopping cart" from the online catalog.

Shopping Cart Protocol

Shopping cart functionality is an area where you can make your users' experience positive and move them toward the ultimate goal of closing a sale. While Amazon's shopping cart is informative and moves the user toward closing the sale, it feels a bit cluttered to me. A site with a shopping cart that I really like is PC Connection, which includes all the information you need to see in the shopping cart and also includes a handy shipping cost calculator that updates on the fly. This is a nice feature that gives visitors a clear idea of the total cost of the items they are purchasing.

The important thing to remember about shopping cart functionality: Most shopping carts work one way, and whenever you depart from that basic functionality, you risk confusing and therefore losing customers. Keep it simple. Keep the customer moving toward closing the sale.

The final piece of the transaction involves entering the payment, billing and shipping information. At a minimum, this phase of the transaction will need to be conducted via an SSL connection.

If you provide your shoppers with a user name and password, you can store billing, shipping and even credit card information. But think about how the site will be used and by whom. Building this type of functionality is pointless if users will buy from you only once.

Take Care of the Customer

The final piece of the e-retail puzzle is customer service. Simply putting up a catalog and a shopping cart isn't all there is to running your e-store. There are a few key points to good customer service on the Web.

First, provide your customers with many ways to resolve problems. Ideally, customers should be able to contact you any way that they feel comfortable to get a problem resolved: via telephone, e-mail, Web-based forms and perhaps even faxes.

Clearly state your policies regarding privacy, security, shipping, sales tax and returns. If customers see that you have thought about these issues, they will feel more comfortable pressing the "buy" button.

Make sure that you've set up your card processing to deal with the array of situations that you will find. Your customer service team will need to be able to issue refunds, check the status of charges and delete charges that are wrong. In some cases, you may need to build administrative tools to help with these tasks. Don't forget to account for this effort when you plan the project. These tools shouldn't be an afterthought.

Finally, your e-retail system should communicate to the consumer the inventory status of the items they're buying and give them a clear idea of when they can expect the product to arrive.

Clearly, there are many things to consider in building an e-retail site. The task can appear daunting from the start, but if you think about what you're selling, to whom you're selling it and how you're selling it, the path to building your e-retail system will become clear.

Hammond is a Denver-based freelance writer and a program director at L7, a company that specializes in building IT infrastructure.

E-Mail this page

Printable Format

Featured

2019 Fed 100

The 2019 Federal 100

This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!
Cybersecurity

NIST pushes new encryption protocols for quantum, connected devices

The National Institute of Standards and Technology is inching closer to developing two new encryption standards to protect the federal government from new and emerging cybersecurity threats.
Cybersecurity

DHS official: no evidence federal domains hijacked in global DNS campaign

A two-year campaign that prompted the Department of Homeland Security to issue its first-ever emergency directive to agencies to shore up cyber defenses appears in part to have been an attempt to spy on U.S. government internet traffic.

Advanced Search

Stay Connected

FCW INSIDER

Email Address

Country

Terms and Privacy Policy consent

Yes, I agree No, I don't agree

Select primary job function

Select agency/branch/business type

I agree to this site's Privacy Policy.

How to build an effective e-retail site

Related Links

Featured

The 2019 Federal 100

NIST pushes new encryption protocols for quantum, connected devices

DHS official: no evidence federal domains hijacked in global DNS campaign

Stay Connected

FCW INSIDER

New from FCW

TSP withdrawals spiked during shutdown

Watchdog dings Public Buildings Service for bumpy cloud shift

USAF's Kessel Run looks to industry for developers

Federal networks escaped harm in DNS tampering campaign, official says

What students think of government cyber jobs

FCW Insider: March 25

What students think of government cyber jobs

USAF's Kessel Run looks to industry for developers

NIST pushes new encryption protocols for quantum, connected devices

Federal networks escaped harm in DNS tampering campaign, official says

FCW Insider: March 25

USAF's Kessel Run looks to industry for developers

DHS supply chain task force tees up plans

DOD's cloud strategy puts JEDI at the top

DOD looks to counter drone swarm strikes