Small Business Digest Header Icon   •    •    •    •    •    •    •  
Small Business Digest


Small Businesses Need To Develop High Security Protocols When Developing an eCommerce Program

Sometimes, small businesses neglect an important safeguard when developing an eCommerce site.

Studies have shown many smaller enterprises fail to obtain or properly use an SSL (secure sockets layer).

SSL is a security protocol enabling computers to communicate securely with one another.  It is used specifically in securing private information via algorithmic encryption such that it may be transmitted between sources with diminished risk of hackers or “crackers” stealing confidential information. 

Currently, percentages of sales conducted as online business transactions are experiencing rapid gains. 

According to Ziff Davis, “Cyber Monday sales increased 20% in 2012 to $1.5B and, according to comScore, in the first 26 days of November, people spent $ 16.3B online… a 16% increase over the last year”. 

SSL is an encryption cipher that aids in the safety of these transactions.

Any small business contemplating an eCommerce program needs to ensure the highest security for the transaction.

SSL works by compartmentalizing the public and private aspects of online computerized transactions. 

When a client computer connects with a merchant computer, a “digital certificate” is transmitted from the merchant’s server (computer) to the client’s computer. 

This constitutes the “public” segment of an online business transaction. 

The client’s web browser, which contains also holds a digital certificate which contains “keys”, both public and private ones – the public keys being sent to the merchant server, (which can be seen by third parties) but the private one remains on the host computer and cannot be seen, since it never leaves its original server. 

SSL works by only allowing the public key to be decrypted “in the presence of the host machine’s private key”. 

Due to the fact that private keys are incredibly difficult to obtain, third parties cannot read the message being sent back and forth because the host computers are encrypting data via the other computer’s public keys instead of their own.

 If a client sends information to a merchant, it is encoding information using the merchant’s public key, not the client’s (using a complex, virtually unbreakable mathematical cipher).

SSL’s are one step in keeping these transactions secure.

Many smaller enterprises rely on CAs or certificate authorities.

These are digital certificates that are signatures created by third parties assuring, (amongst other things) that the private and public keys are authentically correspondent. 

CAs are particularly important in establishing relationships with credit card companies, as they will not do business with merchants who do not possess them. 

CAs, however offer softer security than the use of SSL.  They often provide guarantees of authenticity and encryption, which in turn offer a sense of comfort to merchants, but fall short in the arena of cipher security. 

Due to its mathematical precision and complexity, SSL is the most salient measure of safety in the eyes of major credit card companies like American Express and Master Card.

Any small enterprise needs to build the highest security into their Internet communications.

© 2018, Information Strategies, Inc.
P.O. Box 315, Ridgefield, NJ 07657