fbpx
  • BONGO IT BLOG

BongoIT News

All the news, as it happens

eCommerce Website Development and PCI DSS Compliance

Bongo IT specialise in eCommerce websites

 

Our eCommerce platforms turn over tens of thousands of pounds, and makes the customers very happy

 

The Rise of eCommerce

 

eCommerce is the fastest growing segment online. In particular in the USA apparel and accessories are now growing faster than any other eCommerce product segment. Health & Beauty is a top performing segment as you might imagine and the online 

ordering of food is growing voraciously, and I must admit Just Eat is very handy. The companies benefitting from eCommerce "done right" are outperforming competitors every time as they are creating loyal returning customers who engage with their 

brand. As you may well be aware return business is roughly 80% more cost effective to maintain than winning new business. 


 

About PCI DSS

 

PCI DSS compliance is now a necessity for all merchants selliing online whether they outsource the services or not. The following is an extract taken from the guidance provided by the PCI Security Standards Council:

 

"Merchants choosing to sell their goods and services online have a number of options to consider, for example:

 

  • Merchants may develop their own e-commerce payment software, use a third-party developed solution, or use a combination of both.
  • Merchants may use a variety of technologies to implement e-commerce functionality, including payment-processing applications, application-programming interfaces (APIs), inline frames (iFrames), or hosted payment pages.
  • Merchants may also choose to maintain different levels of control and responsibility for managing the supporting information technology infrastructure. For example, a merchant may choose to manage all networks and servers in house, outsource management of all systems and infrastructure to hosting providers and/or e-commerce payment processors, or manage some components in house while outsourcing other components to third parties.

 

No matter which option a merchant may choose, there are several key considerations to keep in mind regarding the security of cardholder data, including:

 

  • No option completely removes a merchant’s PCI DSS responsibilities. Regardless of the extent of outsourcing to third parties, the merchant retains responsibility for ensuring that payment card data is protected. Connections and redirections between the merchant and the third party can be compromised, and the merchant should monitor its systems to ensure that no unexpected changes have occurred and that the integrity of the connection/redirection is maintained.
  • E-commerce payment applications such as shopping carts should be validated according to PA-DSS, and confirmed to be included on PCI SSC’s list of Validated Payment Applications. For in-house developed e-commerce applications, PA-DSS should be used as a best practice during development.
  • Third-party relationships and the PCI DSS responsibilities of the merchant and each third party should be clearly documented in a contract or service-level agreement to ensure that each party understands and implements the appropriate PCI DSS controls. Appendix B of this document can be used as a high-level checklist to help all entities understand which parties are responsible for the individual PCI DSS requirements.

 

Essentially this all means that you must COMPLY!...Don't worry though we have experience that will guide you through this tricky area. For most people it is a simple form that needs filling in.

 

Quick Case Study

 

Pre-amble

 

We met Womersley Fruit & Herb Vinegars at a local evening networking meeting (Experience Chipping Norton), Rupert the owner bought me (Andrew) a pint. Excellent way to start!  After we started talking it became apparent that whilst Womersley had an excellent blog site, and links to resellers, they did not sell their own product online. Further investigation showed that they didn't have great control over their online pressence as some items were being sold on Amazon by 3rd parties but with the Womersley's details meaning Rupert had to field calls for products he hadn't sold directly. it was strongly agreed to get control back of the online sales and start making sales to the general public as well as to trade.

 

Process

 

We booked an initial meeting to create a Content Strategy. This outlines where the business is now with it's digital strategy, where it wants to go and how to get there. During this stage we also look at SEO and what this might look like on and off a website. After some off-site work and the presentation of the document we confirmed we could move forwards with building the eCommerce solution. We then agreed on a rough design, fonts, logo and colours before moving forwards. During the next stage (the build) we were in direct contact with Rupert at each stage to review sections as they were added. We exported and rationalised his existing content for it to be better indexed by Google and added some neat features of our own like the mailing list management tool which is built into the website. When it comes to the front end look of the site we enjoyed adding our specialist expertise to use the latest CSS and HTML effects to make it sparkle. During the process we ensured that Rupert had all the correct documentation in place to be PCI DSS compliant. 

 

Savings! - Vouchers Supplied

 

Thames Valley Chambers of Commerce had a pot of money to put towards learning digital skills. This covered the creation of a Content Strategy and paid for 50% (cash back) of the website build. The Go-To voucher for Buckinghamshire and Oxfordshire also allowed Womersley to claim an additional £150 back meaning that the total saving was over 50%.

 

Result

 

A happy customer who has been taken on a journey, and most importantly can continue his journey with a suitable platform. After just one week Womersley have made back ~50% of the remainder of the website build costs. Pretty good going for a fantastic yet niche brand. Rupert now has more control over the online sales of his brand and we continue to work with him in various capacities.

 

 

 

 
 
 
Continue reading
  5352 Hits

How To Personalise Your Outlook Emails And Add A Signature

Personalise Your Outlook Emails And Add A SignatureYour brand is your advert to the world. It should be consistent, evolving and engaging. Using a signature and Office Stationary is the standard for most businesses.Keeping a consistent brand image can be made easier by using some of the simple tools available to you. Email is a primary form of communication for many companies and should contain your branding material. Information in the footer of your email, also known as a signature, should at least contain: your name, website, telephone numbers, fax, social media links, perhaps even your latest news. You may wish to also include a disclaimer such as this: "CONFIDENTIALITY NOTICE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. Have a nice day". 


  Moving on quickly let's look at how we set up a signature to put all this information into an Outlook (Desktop) email. This is the same process for the Microsoft Office 365 version of Outlook too.  Open a new mail Look in the middle of the top bar (of the new mail) for the signature icon and click it Chose signatures Click new and name your signature (it is possible to have multiple signatures) Click ok In the text box provided type in your full signature starting with the usual end to your mails such as "Kind regards, Fred" and add the other details afterwards. You may wish to add a logo to the top of your signature too. Click ok, it is now the default signature, and close the window Now when you create a new mail your signature will appear. The next step is to create Office Stationary to really personalise your messages. In the Outlook main program window go to File Options Mail Stationary and Fonts Theme, and pick your theme. Try a few different themes to see what suits you and have a play with the other settings.  Right that's all folks, have fun :-)

Continue reading
  8053 Hits
  • FREE IT STRATEGY SESSION

  • At Bongo IT, we know that technology is increasingly dominant and crucial to maintaining business performance and productivity.

    Organisations should make sure they are making the right IT decisions for their current needs, whilst also planning for the future with flexible and scalable solutions.

  • As a special offer, we are offering a FREE one hour consultation to address your current IT setup and recommend an effective strategy for your future requirements.

    Addressing issues such as computer hardware, broadband, data security, file sharing, compliance and more, we’ll help you build a plan and ensure you deploy the most cost-effective IT strategy for your company’s needs.