How do I know if my store is secure?

Standard

By Brendan Fitzpatrick

Google

If you don’t know then read this closely!

There is a major difference understanding if your site is secure if you hired someone to build your site vs. coding your own site. I will assume that you hired someone that understands the basics of coding and security compliance. If you are more interested in technical concepts and risks then I will publish another article based on my personal experience with being hacked!

If you are taking credit card orders online and don’t know the technical details such as “am I saving credit card information in my database?” or “is my site safe?” then you may want to temporarily shutdown your web site until you feel comfortable with the details of how your site works.

First off, you should navigate to the page where your users enter their credit card information, look at the URL (Universal Resource Locator) at the top of your browser, if it does not show https:// (note the “s”) then your site may have major issues. If you have the ability to submit a test transaction then do so – if the results page still indicates http:// (instead of https://) then you have just confirmed serious security issues. If you see https:// in the browser then you can feel safe that the information such as your credit card and personal information has been encrypted (ie. cannot be stolen while in transit, within reason).

If you determine that your transation proces is secure (https://) then the next is to know whether or not if you are storing credit card information in your database.. You should be using an e-commerce solution hooked up to your bank which avoids you from having to save credit card information.. If you are actually saving credit card information to your database then get rid of your development company IMMEDIATELY. It is illegal to store credit card information and the chances of you doing it properly is close to NILL. If you need to perform recurring billing then start with paypal services, otherwise make sure that you and your developer completely understand and comply with all options for your bank!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s