Compatibility Be sure to test your site in a number of browsers and operating systems. If the site does not work for a popular browser or operating system, you will look unprofessional and lose a sec- tion of your potential market. If your site is already operating, your Web server logs can tell you what browsers your visitors are using. As a rule of thumb, if you test your site in the last two versions of Microsoft Internet Explorer and Netscape Navigator on a PC running Microsoft Windows, the last two versions of Netscape Navigator on a Apple Mac, the current version of Netscape Navigator on Linux, and a text-only browser such as Lynx, you will be visible to the majority of users. Try to avoid features and facilities that are brand-new, unless you are willing to write and maintain multiple versions of the site. Providing Services and Digital Goods Many products or services can be sold over the Web and delivered to the customer via a courier. Some services can be delivered immediately online. If a service or good can be trans- mitted to a modem, it can be ordered, paid for, and delivered instantly, without human interac- tion. The most obvious service provided this way is information. Sometimes the information is entirely free or supported by advertising. Some information is provided via subscription or paid for on an individual basis. Digital goods include e-books and music in electronic formats such as MP3. Stock library images can be digitized and downloaded. Computer software does not always need to be on a CD, inside shrink-wrap. It can be downloaded directly. Services that can be sold this way include Internet access or Web hosting, and some profes- sional services that can be replaced by an expert system. If you are going to physically ship an item that was ordered from your Web site, you have both advantages and disadvantages over digital goods and services. Shipping a physical item costs money. Digital downloads are nearly free. This means that if you have something that can be duplicated and sold digitally, the cost to you is very similar whether you sell one item or one thousand items. Of course, there are limits to this—if you have a sufficient level of sales and traffic, you will need to invest in more hardware or band- width. Digital products or services can be easy to sell as impulse purchases. If a person orders a phys- ical item, it will be a day or more before it reaches her. Downloads are usually measured in seconds or minutes. Immediacy can be a burden on merchants. If you are delivering a purchase Running an E-commerce Site C HAPTER 12 12 RUNNING AN E-COMMERCE SITE 275 16 7842 CH12 3/6/01 3:43 PM Page 275 digitally, you need to do it immediately. You cannot manually oversee the process, or spread peaks of activity through the day. Immediate delivery systems are therefore more open to fraud and are more of a burden on computer resources. Digital goods and services are ideal for e-commerce, but obviously only a limited range of goods and services can be delivered this way. Adding Value to Goods or Services Some successful areas of commercial Web sites do not actually sell any goods or services. Services such as courier companies’ (UPS at www.ups.com or Fedex at www.fedex.com) track- ing services are not generally designed to directly make a profit. They add value to the existing services offered by the organization. Allowing customers to track their parcels or bank bal- ances can give the company a competitive advantage. Support forums also fall into this category. There are sound commercial reasons for giving cus- tomers a discussion area to share troubleshooting tips about your company’s products. Customers might be able to solve their problems by looking at solutions given to others, inter- national customers can get support without paying for long distance phone calls, and customers might be able to answer one another’s questions outside your office hours. Providing support in this way can increase your customers’ satisfaction at a low cost. Cutting Costs One popular use of the Internet is to cut costs. Savings could result from distributing informa- tion online, facilitating communication, replacing services, or centralizing operations. If you currently provide information to a large number of people, you could possibly do the same thing more economically via a Web site. Whether you are providing price lists, a catalog, documented procedures, specifications, or something else, it could be cheaper to make the same information available on the Web instead of printing and delivering paper copies. This is particularly true for information that changes regularly. The Internet can save you money by facilitating communication. Whether this means that tenders can be widely distributed and rapidly replied to, or whether it means that customers can communicate directly with a whole- saler or manufacturer, eliminating middlemen, the result is the same. Prices can come down, or profits can go up. Replacing services that cost money to run with an electronic version can cut costs. A brave example is Egghead.com. They chose to close their chain of computer stores, and concentrate on their e-commerce activities. Although building a significant e-commerce site obviously costs money, a chain of more than 70 retail stores has much higher ongoing costs. Replacing an existing service comes with risks. At the very least, you will lose customers who do not use the Internet. E-commerce and Security P ART III 276 16 7842 CH12 3/6/01 3:43 PM Page 276 Centralization can cut costs. If you have numerous physical sites, you need to pay numerous rents and overheads, staff at all of them, and the costs of maintaining inventory at each. An Internet business can be in one location, but be accessible all over the world. Risks and Threats Every business faces risks, competitors, theft, fickle public preferences, and natural disasters, among other risks. The list is endless. However, many risks that e-commerce companies face are either less of a risk, or not relevant, to other ventures. These risks include • Crackers • Failing to attract sufficient business • Computer hardware failure • Power, communication, or network failures • Reliance on shipping services • Extensive competition • Software errors • Evolving governmental policies and taxes • System-capacity limits Crackers The best-publicized threat to e-commerce comes from malicious computer users known as crackers. All businesses run the risk of becoming targets of criminals, but high profile e-commerce businesses are bound to attract the attention of crackers with varying intentions and abilities. Crackers might attack for the challenge, for notoriety, to sabotage your site, to steal money, or to gain free goods or services. Securing your site involves a combination of • Keeping backups of important information • Having hiring policies that attract honest staff and keep them loyal—the most dangerous attacks can come from within • Taking software-based precautions, such as choosing secure software and keeping it up-to-date • Training staff to identify targets and weaknesses • Auditing and logging to detect break-ins or attempted break-ins Running an E-commerce Site C HAPTER 12 12 RUNNING AN E-COMMERCE SITE 277 16 7842 CH12 3/6/01 3:43 PM Page 277 Most successful attacks on computer systems take advantage of well-known weaknesses such as easily guessed passwords, common misconfigurations, and old versions of software. A few sensible precautions can turn away nonexpert attacks and ensure that you have a backup if the worst happens. Failing to Attract Sufficient Business Although attacks by crackers are widely feared, most e-commerce failures relate to traditional economic factors. It costs a lot of money to build and market a major e-commerce site. Companies are willing to lose money in the short term, based on assumptions that after the brand is established in the market place, customer numbers and revenue will increase. At the time of writing, Amazon.com, arguably the Web’s best-known retailer, has traded at a loss for five consecutive years, losing $99 million (U.S.) in the first quarter of 2000. The string of high-profile failures includes European boo.com, which ran out of money and changed hands after burning $120 million in six months. It was not that Boo did not make sales; it was just that they spent far more than they made. Computer Hardware Failure It almost goes without saying that if your business relies on a Web site, the failure of a critical part of one of your computers will have an impact. Busy or crucial Web sites justify having multiple redundant systems so that the failure of one does not affect the operation of the whole system. As with all threats, you need to determine whether the chance of losing your Web site for a day while waiting for parts or repairs justifies the expense of redundant equipment. Power, Communication, Network, or Shipping Failures If you rely on the Internet, you are relying on a complex mesh of service providers. If your connection to the rest of the world fails, you can do little other than wait for your supplier to reinstate service. The same goes for interruptions to power service, and strikes or other stop- pages by your delivery company. Depending on your budget, you might choose to maintain multiple services from different providers. This will cost you more, but will mean that, if one of your providers fails, you will still have another. Brief power failures can be overcome by investing in an uninterruptible power supply. Extensive Competition If you are opening a retail outlet on a street corner, you will probably be able to make a pretty accurate survey of the competitive landscape. Your competitors will primarily be businesses E-commerce and Security P ART III 278 16 7842 CH12 3/6/01 3:43 PM Page 278 that sell similar things in surrounding areas. New competitors will open occasionally. With e-commerce, the terrain is less certain. Depending on shipping costs, your competitors could be anywhere in the world, and subject to different currency fluctuations and labor costs. The Internet is fiercely competitive and evolv- ing rapidly. If you are competing in a popular category, new competitors can appear every day. There is little that you can do to eliminate the risk of competition, but, by staying abreast of developments, you can ensure that your venture remains competitive. Software Errors When your business relies on software, you are vulnerable to errors in that software. You can reduce the likelihood of critical errors by selecting software that is reliable, allowing sufficient time to test after changing parts of your system, having a formal testing process, and not allowing changes to be made on your live system without testing elsewhere first. You can reduce the severity of outcomes by having up-to-date backups of all your data, keep- ing known working software configurations when making a change, and monitoring system operation to quickly detect problems. Evolving Governmental Policies and Taxes Depending on where you live, legislation relating to Internet-based businesses might be nonex- istent, in the pipeline, or immature. This is unlikely to last. Some business models might be threatened, regulated, or eliminated by future legislation. Taxes might be added. You cannot avoid these issues. The only way to deal with them is to keep up-to-date with what is happening and keep your site in line with the legislation. You might want to consider joining any appropriate lobby groups as issues arise. System Capacity Limits One thing to bear in mind when designing your system is growth. Your system will hopefully get busier and busier. It should be designed in such a way that it will scale to cope with demand. For limited growth, you can increase capacity by simply buying faster hardware. There is a limit to how fast a computer you can buy. Is your software written so that after you reach this point, you can separate parts of it to share the load on multiple systems? Can your database handle multiple concurrent requests from different machines? Few systems cope with massive growth effortlessly, but if you design it with scalability in mind, you should be able to identify and eliminate bottlenecks as your customer base grows. Running an E-commerce Site C HAPTER 12 12 RUNNING AN E-COMMERCE SITE 279 16 7842 CH12 3/6/01 3:43 PM Page 279 Deciding on a Strategy Some people believe that the Internet changes too fast to allow effective planning. We would argue that it is this very changeability that makes planning crucial. Without setting goals and deciding on a strategy, you will be left reacting to changes as they occur, rather than being able to act in anticipation of change. Having examined some of the typical goals for a commercial Web site, and some of the main threats, you hopefully have some strategies for your own. Your strategy will need to identify a business model. The model will usually be something that has been shown to work elsewhere, but is sometimes a new idea that you have faith in. Will you adapt your existing business model to the Web, mimic an existing competitor, or aggres- sively create a pioneering service? Next In the next chapter, we will look specifically at security for e-commerce, providing an overview of security terms, threats, and techniques. E-commerce and Security P ART III 280 16 7842 CH12 3/6/01 3:43 PM Page 280 CHAPTER 13 E-commerce Security Issues 17 7842 CH13 3/6/01 3:36 PM Page 281 E-commerce and Security P ART III 282 This chapter discusses the role of security in e-commerce. We will discuss who might be inter- ested in your information and how they might try to obtain it, the principles involved in creat- ing a policy to avoid these kinds of problems, and some of the technologies available for safeguarding the security of a Web site including encryption, authentication, and tracking. Topics include • How important is your information? • Security threats • Creating a security policy • Balancing usability, performance, cost, and security • Authentication principles • Using authentication • Encryption basics • Private Key encryption • Public Key encryption • Digital signatures • Digital certificates • Secure Web servers • Auditing and logging • Firewalls • Backing up data • Physical security How Important Is Your Information? When considering security, the first thing you need to evaluate is the importance of what you are protecting. You need to consider its importance both to you and to potential crackers. It might be tempting to believe that the highest possible level of security is required for all sites at all times, but protection comes at a cost. Before deciding how much effort or expense your security warrants, you need to decide how much your information is worth. The value of the information stored on the computer of a hobby user, a business, a bank, and a military organization obviously varies. The lengths to which an attacker would be likely to go in order to obtain access to that information vary similarly. How attractive would the contents of your machines be to a malicious visitor? 17 7842 CH13 3/6/01 3:36 PM Page 282 E-commerce Security Issues C HAPTER 13 13 E-COMMERCE SECURITY ISSUES 283 Hobby users will probably have limited time to learn about or work towards securing their sys- tems. Given that information stored on their machines is likely to be of limited value to anyone other than its owner, attacks are likely to be infrequent and involve limited effort. However, all network computer users should take sensible precautions. Even the computer with the least interesting data still has significant appeal as an anonymous launching pad for attacks on other systems. Military computers are an obvious target for both individuals and foreign governments. As attacking governments might have extensive resources, it would be wise to invest personnel and other resources to ensure that all practical precautions are taken in this domain. If you are responsible for an e-commerce site, its attractiveness to crackers presumably falls somewhere between these two extremes. Security Threats What is at risk on your site? What threats are out there? We discussed some of the threats to an e-commerce business in Chapter 12, “Running an E-commerce Site.” Many of these relate to security. Depending on your Web site, security threats might include • Exposure of confidential data • Loss or destruction of data • Modification of data • Denial of service • Errors in software • Repudiation Let’s run through each of these threats. Exposure of Confidential Data Data stored on your computers, or being transmitted to or from your computers, might be con- fidential. It might be information that only certain people are intended to see such as wholesale price lists. It might be confidential information provided by a customer, such as his password, contact details, and credit card number. Hopefully you are not storing information on your Web server that you do not intend anyone to see. A Web server is the wrong place for secret information. If you were storing your payroll records or your plan for world domination on a computer, you would be wise to use a com- puter other than your Web server. The Web server is inherently a publicly accessible machine, 17 7842 CH13 3/6/01 3:36 PM Page 283 and should only contain information that either needs to be provided to the public or has recently been collected from the public. To reduce the risk of exposure, you need to limit the methods by which information can be accessed and limit the people who can access it. This involves designing with security in mind, configuring your server and software properly, programming carefully, testing thoroughly, removing unnecessary services from the Web server, and requiring authentication. Design, configure, code, and test carefully to reduce the risk of a successful criminal attack and, equally important, to reduce the chance that an error will leave your information open to accidental exposure. Remove unnecessary services from your Web server to decrease the number of potential weak points. Each service you are running might have vulnerabilities. Each one needs to be kept up- to-date to ensure that known vulnerabilities are not present. The services that you do not use might be more dangerous. If you never use the command rcp, why have the service installed? 1 If you tell the installer that your machine is a network host, the major Linux distributions and Windows NT install a large number of services that you do not need and should remove. Authentication means asking people to prove their identity. When the system knows who is making a request, it can decide whether that person is allowed access. There are a number of possible methods of authentication, but only two commonly used forms—passwords and digi- tal signatures. We will talk a little more about both later. CD Universe offers a good example of the cost both in dollars and reputation of allowing con- fidential information to be exposed. In late 1999, a cracker calling himself Maxus reportedly contacted CD Universe, claiming to have 300,000 credit card numbers stolen from their site. He wanted a $100,000 (U.S.) ransom from the site to destroy the numbers. They refused, and found themselves in embarrassing coverage on the front pages of major newspapers as Maxus doled out numbers for others to abuse. Data is also at risk of exposure while it traverses a network. Although TCP/IP networks have many fine features that have made them the de facto standard for connecting diverse networks together as the Internet, security is not one of them. TCP/IP works by chopping your data into packets, and then forwarding those packets from machine to machine until they reach their des- tination. This means that your data is passing through numerous machines on the way, as illus- trated in Figure 13.1. Any one of those machines could view your data as it passes by. E-commerce and Security P ART III 284 1 Even if you do currently use rcp, you should probably remove it and use scp (secure copy) instead. 17 7842 CH13 3/6/01 3:36 PM Page 284 . is to keep up-to-date with what is happening and keep your site in line with the legislation. You might want to consider joining any appropriate lobby groups as issues arise. System Capacity Limits One. fiercely competitive and evolv- ing rapidly. If you are competing in a popular category, new competitors can appear every day. There is little that you can do to eliminate the risk of competition,. software and keeping it up-to-date • Training staff to identify targets and weaknesses • Auditing and logging to detect break-ins or attempted break-ins Running an E-commerce Site C HAPTER 12 12 RUNNING