Tony Sarno20 February 2007, 9:14 PM
Since the Geek Gear server is going to accept credit card information we needed to secure it with an SSL certificate, which authenticates it and encrypts the data flowing between it and the customer's browser.
Since the Geek Gear server was going to accept credit card information it would need to be secured with an SSL certificate, which would authenticate it and encrypt the data flowing between it and the customer’s browser. In reality, as with many third-party hosted shopping cart solutions, the checkout process for Geek Gear actually happens on another server that's already secured with SSL.
Ezimerchant points all customer websites to https://secure.ezimerchant.com for the checkout phase. Had we wanted the checkout process to happen under our own domain name we would have had to buy an SSL certificate. Although issued by companies such as Verisign, Thawte or InstantSSL, they are resold by most e-commerce hosting providers. An InstantSSL certificate costs around $100.
Another SSL certificate option for Geek Gear now being investigated by NetMerchant is an EV SSL certificate. This stands for Extended Validation SSL – a new type which became available in January 2007.
It’s like a normal certificate with an extended component that’s recognised by at least IE7 and Firefox. When this extended component is encountered the address bar turns green, providing an additional level of trust. The certificate authorities that issue EV SSL certificates also make more stringent checks on the legitimacy of the entities which buy them.
Ironically, this is what all SSL certificates were supposed to be providing in the first place. At $635, the EV SSL certificate is much more expensive, but we think it might be worth it if it engenders more trust for our store.
NEXT: Selection of stock and categorisation of products