On one of the mailing lists I frequent, Zack Halbrecht posted a list of best practices for e-commerce websites. It's a simple list, and much of it is common sense, but sometimes it's good to state what should be obvious. Clearly it's NOT so obvious as so many e-commerce sites don't do this...
Zach wrote:
- Don't charge the card until you ship
- Don't store credit card information - leave that up to the payment processor unless you really want to become PCI compliant, which is costly and a pain. Most payment processors have some sort of recurring billing api too.
- User account information should be protected with a salted hashed password. Do not store passwords in plaintext.
- Offer real time shipping quotes w/ Tracking # in confirmation if possible.
- Keep it simple. Collect as little information as possible. NO OPT OUT (checkbox already checked) marketing! OPT IN ONLY.
- Get your privacy policy visible and sensible.
Thanks for this. I'm thinking on and off about offering a few eproducts. I'm glad for your highlights here.
Posted by: Chris Brogan... | August 26, 2008 at 02:00 AM
e-commerce is getting more and more popular. this creates the need of having good tools to help shoppers make right decisions while buying online. reizit.com is a place where shoppers can recommend or bury a product, share experience and discuss shopping deals.
Posted by: reizit | January 10, 2009 at 09:46 AM