Two-Step Authentication

Posted on February 18, 2011, 12:14 pm, by David Hills and received No Comments ».

If you have ever watched the original Get Smart television series, you’ve seen in the opening credits how Agent 86 walks through a series of security doors before getting to a phone booth that descends to take him to headquarters.  The series of doors reflect how secure the building is.  I was reminded of this scene when Google introduced two-step verification for their apps this past week.

Two-step (or two-factor) authentication requires two things before you can gain access.  The first step is the typical login name and password.  The second step, in Google’s case, is a code – six digits – sent to your cell phone or generated by their app on your smartphone.  Since only you should have access to your cell phone, even if a malicious site got a hold of your password, they would still not be able to gain access because they do not know the random code.

ShopSite has provided two-factor authentication since version 8.1.  For merchants that store credit cards, two-factor authentication is one of the requirements for PCI compliance.  Besides logging in with a username and password, ShopSite has a Merchant Key that needs to be uploaded (the second step) before you can view credit card information.  The Merchant Key is an encrypted file that is stored locally on your computer or a memory stick.  Without the key, ShopSite cannot decrypt the credit card data, so it is important to have a backup copy of the key stored on a CD or other device.

Besides making a merchant’s access to credit cards much more secure, the Merchant Key allows stores where multiple employees can log in the ability to restrict credit card information to only those employees that have been given the key.  For example, an order fulfillment employee without access to the Merchant Key can log in to process an order, but cannot view the credit card information.

I have no doubt that two-step authentication is here to stay.  And the more important the data, the more one needs this feature.  It is an extra step, but that’s the way security works – the more security we have, the more inconvenient it becomes.  At least we don’t (yet!) need to go through multiple doors and a phone booth like Maxwell Smart, Agent 86, had to!

Increase In Wireless Data Usage Is Good for Ecommerce

Posted on February 4, 2011, 10:44 am, by David Hills and received No Comments ».

Wireless data traffic will see a 26 times increase in 5 years.  That was the headline that caught my attention.  Traffic will not just double or triple but increase 26 times!  An increase in smartphone and tablet use by consumers will be the driving force behind this.  And which service will be producing most of the traffic?  Video.

You might be asking yourself “How is this good for ecommerce?”  Well, the more online services that are available at peoples’ finger tips, the easier it is for them to shop.  Video looks best on larger screens and we’ve already seen smartphone screen sizes getting larger.  That same larger screen will also make it easier for a shopper to navigate within a merchant’s store.

Talking about larger screens, we’ve seen how successful the iPad tablet has become.  Whether surfing the web or placing orders with your favorite merchants, it is easy to use (see iPads, e-commerce and ShopSite).  While there are a few other tablets available right now, the field is about to get a lot more crowded.  Just this week Google announced Honeycomb – their Android OS designed for tablets.  The Motorola Xoom looks to be the first tablet to support Honeycomb and it has been getting a number of positive pre-release reviews.

As more and more smartphones and tablets become available, competition will continue to drive prices down, thus getting them into the hands of even more shoppers.  Mobile carriers are also doing their part to speed up web surfing.  You can’t watch a phone commercial any more without a carrier touting the faster speeds of 4G (fourth generation) networks.  All of this bodes well for ecommerce.

Tags: , ,

E-mail Notification of Orders in ShopSite

Posted on January 19, 2011, 9:42 am, by David Hills and received No Comments ».

You might think that the subject line of an order notification e-mail doesn’t matter too much.  You might also think that having that order notification come from the shopper’s e-mail address would be ideal, since you could then just reply to the e-mail if you had a question about the order for the shopper.  But, if you thought this to be the case (as I did), you would be wrong… at least according to some merchants.

For over 14 years ShopSite order notification e-mails have taken the following format:

From:  JaneSmith@gmail.com

To:      sales@extracoolstore.com

Subject: Order number 1858 from Jane Smith for extracoolstore

As you can see in the example, the subject line details who placed the order (Jane Smith), the order number (1858), and if you have multiple stores, you can even see which store the order came from (extracoolstore).  What more could you need?

For some merchants, having the shopper’s e-mail address in the “From” field causes their spam filter to complain, possibly sending the order notification e-mail to a junk folder.  If the order notification e-mail could be sent from the same address every time, the spam filter could be configured to allow e-mail from that specific address.

Additionally, some mail servers (typically on Windows) will not forward e-mail that is from a domain name that is different from the server for the merchant’s store (where ShopSite is generating the e-mail notification.)

As for the subject line, some merchants prefer to have the order total included, as well.  By including the order total they could quickly determine if they have a large, important order or perhaps a large, fraudulent order.  When viewing e-mails on your computer, scanning the body for the order amount is probably not going to be a big deal.  But, if you are having the notifications sent to your mobile phone, then the subject line becomes important in determining if you are going to take the time to open the e-mail and read it on your small screen.

Mobile users may also prefer a shorter subject line.  For example, if you only have one store, there is no need to have the store name in the subject.  Likewise, you could replace “Order Number” with just “#” to reduce the number of characters in the subject field, etc.

Whatever the case, ShopSite can accommodate either need. Beginning with v10 sp2 (service pack 2) e-mail settings were enhanced and consolidated in the Commerce Setup > Order System > E-mail section.  The main part of this section is displayed below.

In the Merchant e-mail address field above, I’ve placed “[The Extra Cool Store]” before the merchant’s e-mail address.  When the shopper gets the e-mail, the “From” field will now look similar to:

From: The Extra Cool Store [sales@extracoolstore.com]

As you can see from the example above, I’ve also modified the e-mail receipt subject line for both the merchant and the shopper.

Instead of:

Order number 1858 from Jane Smith for extracoolstore

it will appear to the merchant as:

Order #1858 for $75.99 from Jane Smith

In the settings above I am using the shopper’s e-mail address as the From address for the merchant notification.  But you can see how I could have changed it to a specific address.  Hopefully you will find a few of these features for e-mail notifications as useful as I have.

Tags:
« Older Entries
Newer Entries »
ShopSite Online Shopping Cart Software BlogShopSite Online Shopping Cart Software On YouTubeShopSite Online Shopping Cart Software On TwitterShopSite Online Shopping Cart Software On FacebookQuestions?888-373-4347E-commerce Blog