Ecommerce Web Design Blog

Selling online can be an ideal way of breaking into the tough US market. You can even use US suppliers and distributors.

If you're an Australian looking to break into the US market, e-commerce could be the solution for you.

Americans are heavy Internet users and frequently look to the Internet for ideas and products to purchase. As at the end of December 2007, Nielsen/Net Ratings reports 212 million US Internet users which represents 70% of the US population. Other sites report even higher figures. A report published by Forrester Research in May 2007 predicted that total online sales (excluding travel) would break $259 billion for the year ($174 billion excluding travel). This represents a huge potential for any business looking to export online.

Australians can take advantage of the heavily developed logistics industry in America. Warehousing, merchandise storage and even dropshipping are very developed in the US market and in many cases more developed than in Australia. For example, the US have a number of fulfillment warehouses, which are large warehouses that store products from multiple suppliers and industries and allow you to outsource the distribution element of your logistics.

If you are selling online to the US, think carefully about the shopping cart software you purchase. Can it be reconfigured for multiple currencies, international tax, can it add American payment methods? ozCart is tailored for Australians but can be easily re-configured for the US market - just ask us about using ozCart to sell to America.

If you are looking to use ecommerce to export to the US, think about the following:

• Once you have gained purchases from US based customers, you could use permission-based email marketing to continue to keep them informed about your products and services and come back to buy more. Encourage trial, as in many industries the US market is nervous about new products until they are proven
• Try contact the Australian Trade Commission (Austrade). They have a section on their website devoted to helping people exporting online.
• Research the US market you are selling to. You'll usually find plenty of information by searching for your product market and adding the words "online sales", "statistics", "market size", "market information" or combinations of these words. Look out for 2008 versions of the reports referred to in this article and visit the Internet World Statistics website for up-to-date statistics on worldwide Internet usage and patterns.
• Give it time. Exporting case studies often report it takes three years for the American market to build sufficient trust in your products to generate enough regular repeat buyers.

There are many success stories about online exporting to the US market. Is it time for you to take advantage of this business opportunity?

What are the PCI DSS standards and how could they affect your business if you are accepting credit cards?

To protect against credit card fraud online, in October 2007, new Payment Card Industry Data Security Standards (PCI DSS) were introduced. These new standards applied for merchants handling credit card data. These standards affect anyone who is storing, processing or transmitting credit card information. How could it affect you?

The standards include a number of mandatory requirements and procedures that need to be followed if you are collecting, storing or transmitting credit card details online. These credit card details are called PANs in industry-jargon which stands for Primary Account Numbers. The standards also apply to the network components (your computers, servers, and applications that process the credit card details).

They were developed PCI Security Standards Council, which includes companies like Visa, MasterCard, American Express and JCB. The purpose of the standards is to encourage the takeup of consistent data security procedures all around the world.

PCI DSS standards are not specific laws in most countries, but are enforceable because of the contract you sign when you get your merchant account. Processing transactions via Visa or MasterCard forms a contract with those organisations under the terms and conditions of your merchant account. Those terms and conditions allow Visa and MasterCard to impose heavy fines for failure to comply, so it is important that you make sure you understand the requirements.

Read on to find out how PCI DSS affects you and some simple steps you can take to make sure you stay compliant.

If you are using a bank or third party payment provider's website to collect and process credit card details
The good news for you is that you don't need to do anything else because customer credit card details are being collected on another website to yours. You and your website are not in possession of or responsible for the customer's credit card data at any time. This means the new standards apply to the third party provider - it services like Paypal, Paymex, NAB's Payment Gateway Service and Paymate who are subject to the new standards, not you. Payment providers like e-path are subject to the rules too, as they collect credit card details as if they were a third party processor but do not actually process the card transactions. You log in and process them manually. This means that you will need to treat the credit card details you receive from them in the same way you would if you were processing them manually in a physical store.

If you are using manual credit card processing in your ozCart store
The manual credit card processing application takes half of the card information collected and emails it to you, so only half is saved in your store. This means that a hacker would have to penetrate both your email and your store in order to engage in a fraudulent transaction. This level of security complies with PCI DSS if you are using SSL on your store and a firewall on your email application because credit card details are not being stored in one place.

If you are using a payment gateway provider like eWay or DirectOne with SSL
As in many cases accepting credit cards in your store directly improves conversation rates from fewer clicks, being compliant without shifting to a third party payment solution is something definitely worth striving for. How easy is it to do? The good news is that answer to this is that with ozCart, compliance can be an easy process. Compliance covers the software used to collect credit cards and transmit them to a gateway like eWay, and the transmission system themselves. The rules also extend to the servers your store is housed on, which are managed by us.

There are 12 specific rules that apply under the standards:

• Install and maintain a firewall (Our servers are heavily firewalled and this is monitored 24/7. We regularly track potential exploits and tweak our firewall rules to protect against them.)
• Do not use vendor default passwords (Every customer receives their own randomly generated password to access the secure section of their site)
• Protect stored data (Behind the scenes all customer passwords are encrypted in the database, and credit card details are not saved)
• Encrypt transmission of cardholder data (Customers using payment gateways are required to use SSL Certificates for this purpose. The payment providers make this a mandatory requirement. Platinum customers get SSL included for free for the first 12 months)
• Use and regularly update anti-virus software or programs (You should ensure your computers have anti-virus whenever you do anything online)
• Develop and maintain secure systems and applications (We actively manage the security of our servers and install new updates and patches as required. Our servers are managed 24/7)
• Restrict access to cardholder data by business need-to-know (full credit card information is not saved in your store and cookies are not used to save sensitive data)
• Assign a unique ID to each person with computer access (Each customer has their own username and password)
• Restrict physical access to cardholder data (Full card information is not saved in your store)
• Track and monitor access to cardholder data (Your server logs the IP address of every visitor and the time of their visit and what pages they accessed. Full cardholder data is not saved by your store)
• Regularly test security policies and procedures (The server your site is housed on is actively managed and tested.)
• Maintain a policy of information security for employees and contractors (Our datacenter requires a two part physical badge process for all access to the DC and has 24/7/365 video monitoring of all entry/exist points and common areas. We have information security policies in place for support staff and suppliers, you should ensure you have these for your employees too.)

Merchants that need to comply with the standards are divided into four categories. The categories are:

• Level 1 - Visa and MasterCard global transactions totalling $6 million and up, per year, and any merchants who experienced a data breach.
• Level 2 - Visa and MasterCard transactions totalling $1-$6 million per year.
• Level 3 - Visa and MasterCard e-commerce transactions totalling $20,000-$1 million per year.
• Level 4 - Visa and MasterCard e-commerce transactions totalling 1-$20,000 per year.

Most Internet merchants processing transactions through payment gateways fit into level 4.

What does it take to comply?

• Ensure you have developed a privacy policy, returns policy
• If you are accepting credit cards, ensure you have SSL on your site. Platinum customers get this for free for the first 12 months, Advanced package customers can purchase this additional ecommerce feature for $99
• Complete a self assessment questionnaire. Some elements of the questionnaire relate to your own office computer network so you will need to complete an on-site audit to answer everything.
• Provide a PCI Compliance Statement on your website (optional)
• Pass network scans (quarterly) through an approved vendor such as ScanAlert™ (who offer the Hacker Safe TrustMark). Level 1 merchants must also pass penetration tests.

Completing the questionnaire is easy and can help you identify potential security vulnerabilities - protecting yourself against potential hackers and security breaches online and offline as well.

For more information
Visit http://www.pcisecuritystandards.org

The growth in online shopping is only set to continue in Australia and worldwide.

In Australia and worldwide, Online shopping is growing massively. Retailers that wish to stay ahead of their competition are well advised to start thinking about starting an online store today.

In the next five years, US$1 trillion will be purchased online or influenced by information found about products and services online, according to Forrester Research. As at the end of December 2007 there were 15 million Internet users in Australia representing 75% of Australia's population. Not all of them are shopping online yet, but Hitwise Australia reported that last July, 28,000 classifieds and shopping sites were visited by Australian Internet users and accounted for almost 6% of all Australian Internet traffic. The potential is huge.

Some of the trends Hitwise Australia have reported are:

• Huge growth in the online House and Garden sector (consumers browse online and buy in store).
• Growth in the electronics sector - with car audio, games, LCD TVs, DVDs, XBox 360s and CDs all commonly searched
• Continued growth in traffic to shopping and classifieds websites

Security remains a key factor for both buyers and sellers. Buyers want to know they can trust the site to get their goods and that the privacy of their credit card details will be preserved. Sellers want to know that they are not being defrauded.

Trends such as these create opportunities for businesses to sell their products online and take advantage of store-pick-up methods of shipping. Or simply to showcase them and publish stock levels. Either option grows business revenue and cuts down on postage costs which are a huge deterrent for both buyers and sellers online.

Providing your customers with an easy-to-use shopping experience, good selection of payment options and a strong security policy to build trust can help online businesses be a success. Australia is poised for an online shopping explosion. As a business, how well are you placed to take advantage of it?

Payment gateways help make it easy to pay for goods and services using their credit card online. How do they work and how do you choose one?

If you want your customers to be able to pay for goods and services with their credit card in your online store, you can:

1. Use a payment service like Paypal IPN, Paymex or Paymate
2. Set up a merchant account and process credit card transactions manually (over the phone or by a service like e-path) or automatically through your site (using a payment gateway like eWay, DPS, Payment Express, Paystation, DirectOne)

For more information see our Payment Gateways page

See our Ecommerce Features & Pricing page for more information about the Payment Gateways ozCart accepts.

Every year, consumers in Australia, New Zealand and all around the world spend up big at Christmas in stores and online too. With online traffic at high and growing levels, you can expect Christmas 2008 to be a big one. For example, in New Zealand Visa International survey results released in October 2007 showed that over three quarters of New Zealanders spend online - with a strong proportion of spending being overseas in Australia because of the strength of the New Zealand dollar. Given the similarities between the two countries, similar figures may be expected in Australia.

If you're thinking of getting your business online to take advantage of Christmas spending sprees, now is the time to start thinking about it.

At Osc Works you could have your fully professional ecommerce online store up and running in just a few business days, fully configured for doing business in Australia or New Zealand. Here are some great online ideas for sites or promotions that you might want to consider:

• Christmas Decorations and wrapping paper - save your customers the hassle of going to stores, or offer specialised christmas crafts not available in stores
• Children's fashions - while in many families adults only give small Christmas gifts to eachother, children often receive gifts from many people in the family. Children's fashion is big business on auction sites, so why not have your own ecommerce store too?
• Office Gifts service - contact wholesalers of your choice and offer direct purchases for customers of gifts for office employees. If you are friendly with a senior corporate executive, you could encourage a whole department or company to purchase their 'secret santas' from you
• Online Christmas cards - at the last minute, expats or travellers often go online looking for christmas cards to send. While there is plenty of choice in stores, if you're a graphic designer or anyone artistic with Photoshop skills, you could produce cards that can be easily printed, sold online and dispatched. Or downloaded as a PDF for them to email on. Sure beats generic or North American based ecards.
• Gift buying service - if you like shopping this is for you. People purchase from you a voucher indicating how much they want to spend and then you (or your shopping delegates) purchase gifts on their behalf. Your ecommerce site could include a survey tool to find out more about the person you're shopping for, your cart could just have free text for your customers to tell you about the person. This business can extend to a Valentines Day or birthdays gift buying service too after the xmas season is over. Ask us about the Gift Wrapping options in ozCart stores.
• Crafts - whatever your hobby from pottery to painting, selling your products and services online could net you a tidy profit this Christmas. People looking for something unique and interesting for their special someone will be sure to be using the Internet to be looking for gift ideas. If you're online, you could be cashing in on those searches.
• Personalised Santa Letters - great for hamper stores - Children love to receive personalised letters from Santa and if you're a talented artist or graphic designer you could profit. If you're running a gift hamper store, these could be a great addition and a way to drive additional sales this
• Christmas Christmas lights - many people like to make a real statement with lights on their home. Run an online competition where people log in and vote - and entrants can purchase discounted lights for their home from you.
• You could sell candles and lights at other times in the year.
• Already have an online business? here's a promotional idea - shipping discounts or free shipping days - to drive additional sales consider running promotions on shipping costs. Shipping may be a small percentage of the cost of your products to you, but is often a cost that makes the difference to consumers.

Whatever your business idea, make sure you have your distribution strategy carefully planned. One of the biggest fears from customers and the complaints they will about ordering online are finding that perfect something for their loved one and then it not being delivered in time for Christmas. Make sure you are clear to customers about your service guarantee (and have this arranged with your distributors or courier company in advance).

Merry Christmas and happy selling. If you don't have your own ecommerce online store yet, it's not too late. Osc Works could help you have your own shopping cart solution and be online in just a few business days. View our ecommerce solutions page to find out more.