More about Securitygreenspun.com : LUSENET : S-Mart Shopping Cart : One Thread
I'm a little in the dark about how to ensure I'm running an SSL server. Can anyone give a little background on this? How is the email made secure? I'm sure my customers would want to know that their credit card info coming in email is safe.
-- Bob Orr (BobOrr@ourshoponline.com), January 04, 1998
There are several facets to providing on-line secure shopping using S-mart or any other shopping program.
- Your server must have the shttpd (Secure httpd dameon) installed to support Secure Sockets Layer (SSL) i.e. https://xxx.com It provides the encyption.
- You must have a digital certificate installed on your server. Currently the most popular certificate is the Verisign. The certificate is required. It provides authentication between the browser and the server. (Your Web Site is who it says it is!)
- you must modify S-MArt to prevent CC info from being emailed. The emails can only be used for alert (to the merchant) confirmation (to the buyer) of orders.
The only other alternative is to contract for secure service witha third party.
-- denny ladwig (firstname.lastname@example.org), January 05, 1998.