This is a popular topic here and I often see posts about it. This is some background information that may help you understand how this all works.
I have been doing internet marketing for 20 years, half of that with e-commerce websites of some form. I currently run a website on the Big Commerce platform, which I will discuss, but I am not affiliated with them or any other company I mention.
The first thing to understand is the chain in a secure transaction. You visit a merchant's web page, enter your credit card and hit Confirm. On a good, secure site, your credit card information is immediately heavily encrypted and sent to the processor. The owner of your website never sees your credit card information. (Unless you choose to store your credit card info with the merchant, NEVER a good idea!)
The processor is a separate business entity and actually handles the communication to your bank or credit card company. The good ones are incredibly secure and held to very stringent standards. The processor communicates with your bank and receives a message either approving or deying the transaction. The processor then sends an encrypted message back to the merchant's website, authorizing or denying the transaction.
Let's break this down into steps.
The first thing is the merchant's website. Almost all e-cig vendors' sites are on hosted e-commerce platforms. These platforms are separate business entities and "rent" you a storefront. You input the text, pictures, and product info and they handle everything else. You can setup an e-commerce site in a couple of hours if you know what you're doing, and it's cheap. I pay $50/month for a site that's doing $1 million/year.
Of course there are good platforms and bad ones. There are really big, secure, well-run ones like Big Commerce, Volusion, and others. There are of course bargain basement options, as well as do-it-yourself. The big companies host tens of thousands of stores, their reputation is everything because it's incredibly cheap to create a new store on a better platform. It's basic evolution- the best platforms are the biggest- they keep security super tight because they control everything except the text, pictures, and product info on all those sites. And they throw a lot into developing an interface that's easy to use, so vendors don't have to be web experts to create one. The good ones are elegant, secure, stable and safe.
There is a small percentage of do-it-yourself sites that are secure. If you really know what you're doing, you can do it for free, but that requires some deep knowledge and maintenance.
So, most vendors don't actually "own" the site. It's kind of like a flea market- they have their booths but all the transactions are handled up front at the main register.
The second step is the processor. Again, there are very, very good ones. Authorize.net is probably the biggest and is very secure. They are also not cheap. They take a portion of each transaction, depending on how much volume you're doing. The big platforms mentioned above have established relationships with the better processors and offer easy linkups.
So, what should you look for to make sure a vendor is secure?
Find out what platform they are on. This is often listed in tiny type at the bottom of the web page. Or ask the vendor before you purchase. Google "Top 10 e-commerce platforms." If you don't see their platform on that list, be careful. If they are hosting it themselves, be VERY careful. I would not purchase from these sites with anything but PayPal.
Find out who the processor is. You'll have to ask, but if they don't tell you, don't do business with them. Goolge the processor and see if they're in the top 5. If not, stick to PayPal or don't shop there.
What can you do to safeguard yourself?
Never store your credit card info on the web site. I don't care if it's Amazon, don't do it.
Do some research on your vendor's site. Check out the platform and the processor.
Use a pre-loaded card, or PayPal.
I have been doing internet marketing for 20 years, half of that with e-commerce websites of some form. I currently run a website on the Big Commerce platform, which I will discuss, but I am not affiliated with them or any other company I mention.
The first thing to understand is the chain in a secure transaction. You visit a merchant's web page, enter your credit card and hit Confirm. On a good, secure site, your credit card information is immediately heavily encrypted and sent to the processor. The owner of your website never sees your credit card information. (Unless you choose to store your credit card info with the merchant, NEVER a good idea!)
The processor is a separate business entity and actually handles the communication to your bank or credit card company. The good ones are incredibly secure and held to very stringent standards. The processor communicates with your bank and receives a message either approving or deying the transaction. The processor then sends an encrypted message back to the merchant's website, authorizing or denying the transaction.
Let's break this down into steps.
The first thing is the merchant's website. Almost all e-cig vendors' sites are on hosted e-commerce platforms. These platforms are separate business entities and "rent" you a storefront. You input the text, pictures, and product info and they handle everything else. You can setup an e-commerce site in a couple of hours if you know what you're doing, and it's cheap. I pay $50/month for a site that's doing $1 million/year.
Of course there are good platforms and bad ones. There are really big, secure, well-run ones like Big Commerce, Volusion, and others. There are of course bargain basement options, as well as do-it-yourself. The big companies host tens of thousands of stores, their reputation is everything because it's incredibly cheap to create a new store on a better platform. It's basic evolution- the best platforms are the biggest- they keep security super tight because they control everything except the text, pictures, and product info on all those sites. And they throw a lot into developing an interface that's easy to use, so vendors don't have to be web experts to create one. The good ones are elegant, secure, stable and safe.
There is a small percentage of do-it-yourself sites that are secure. If you really know what you're doing, you can do it for free, but that requires some deep knowledge and maintenance.
So, most vendors don't actually "own" the site. It's kind of like a flea market- they have their booths but all the transactions are handled up front at the main register.
The second step is the processor. Again, there are very, very good ones. Authorize.net is probably the biggest and is very secure. They are also not cheap. They take a portion of each transaction, depending on how much volume you're doing. The big platforms mentioned above have established relationships with the better processors and offer easy linkups.
So, what should you look for to make sure a vendor is secure?
Find out what platform they are on. This is often listed in tiny type at the bottom of the web page. Or ask the vendor before you purchase. Google "Top 10 e-commerce platforms." If you don't see their platform on that list, be careful. If they are hosting it themselves, be VERY careful. I would not purchase from these sites with anything but PayPal.
Find out who the processor is. You'll have to ask, but if they don't tell you, don't do business with them. Goolge the processor and see if they're in the top 5. If not, stick to PayPal or don't shop there.
What can you do to safeguard yourself?
Never store your credit card info on the web site. I don't care if it's Amazon, don't do it.
Do some research on your vendor's site. Check out the platform and the processor.
Use a pre-loaded card, or PayPal.
