Monday 1 February 2016
Q.1 Explain any 10 online payment systems and services.
Ans. : 10 Online payment systems and services are given below :
1. Google Wallet
This is essentially Google’s version of PayPal, complete with money transfers and a Google
Wallet Card! Since we’re all addicted to the Big G, it shouldn’t be all that difficult to spend
and receive money. Google also announced last month that it will be releasing a physical
card connected to users’ accounts so they can utilize Google Wallet at retail businesses. For
convenience, and the number of users, Google Wallet tops our list of the top 10 online
payment solutions.
2. PayPal
Obviously PayPal would be included in this list – it’s only one of the world’s most widely
used payment acquirers processing some 8 million payments every day. As of this writing,
PayPal has over 137 million active accounts in 193 markets and 26 currencies around the
world, which makes it easy to transfer and request payments. Other PayPal perks include
accepting checks through a smartphone’s camera, a card swiper, and allowing customers to
make a purchase without leaving your site.
3. Dwolla
Dwolla is a more recent competitor to PayPal with some outstanding benefits. For example,
you can transfer funds through email, phone, Facebook, LinkedIn, or Twitter. But, what
makes Dwolla so appealing is the fact that there are no fees for transactions less than $10
and $0.25 per transaction for transactions over $10.
4. Amazon Payments
Amazon Payments is a safe, easy and convenient method for users to receive money by
using Amazon’s API. Users can also send money via ACH (Automated Clearing House). Since
almost everyone has an Amazon account, all your important information has already been
stored.
5. Authorize.Net
It’s been stated that Authorize.Net is the most widely used payment gateway on the
internet – probably because it’s been around since 1996. Currently, there are over 375,000
merchants handling more than $88 billion in annual transactions safely through credit cards
and e-checks. Something’s going right over there.
6. ACH Payments
ACH Payments has several key features that make it one of the top payment systems
around. Pros include: being able to make global payments, as well as serving as a payment
gateway, merchant account, credit card processor, and mobile payment processor. It can
also handle ACH payments and can be used as a payroll system.
7. WePay
What makes WePay standout isn’t the fact that it’s a payment processor allowing internet
merchants to accept credit cards and bank account payments online, it’s the fact it’s
incredibly simple. In fact, you can begin accepting payments in under a minute. The only
drawback is that it’s only available for U.S. citizens.
8. Stripe
If you’re a developer, you should already be using Stripe. Developers use Stripe to integrate
a payment system into their projects through Stripe’s robust API. This prevents the need for
a merchant account, and also allows you to build your own payment forms that can bypass
PCI requirements.
9. WooCommerce
WooCommerce allows WordPress users to create their very own e-commerce shop. There
are several neat features that make this payment processor worth your time. Besides being
vendor and customer friendly, you can run coupon campaigns, manage your store’s daily
activities, learn about shipping and tax rules, and view your store’s overall performance.
10. 2CheckOut
2CheckOut is a payment processor which is a combination of a merchant account and
payment gateway that doesn’t require PayPal or a Merchant account. Simply register and
verify your account and you can start accepting credit card payments, and even PayPal
payments. The company also offers international payments, shopping cart stores, and a
recurring billing feature.
Q.2. How can e-commerce portals make shopping secure.
Ans. : E-commerce portals make shopping secure many ways and some ways are given
below :
Ans. : 10 Online payment systems and services are given below :
1. Google Wallet
This is essentially Google’s version of PayPal, complete with money transfers and a Google
Wallet Card! Since we’re all addicted to the Big G, it shouldn’t be all that difficult to spend
and receive money. Google also announced last month that it will be releasing a physical
card connected to users’ accounts so they can utilize Google Wallet at retail businesses. For
convenience, and the number of users, Google Wallet tops our list of the top 10 online
payment solutions.
2. PayPal
Obviously PayPal would be included in this list – it’s only one of the world’s most widely
used payment acquirers processing some 8 million payments every day. As of this writing,
PayPal has over 137 million active accounts in 193 markets and 26 currencies around the
world, which makes it easy to transfer and request payments. Other PayPal perks include
accepting checks through a smartphone’s camera, a card swiper, and allowing customers to
make a purchase without leaving your site.
3. Dwolla
Dwolla is a more recent competitor to PayPal with some outstanding benefits. For example,
you can transfer funds through email, phone, Facebook, LinkedIn, or Twitter. But, what
makes Dwolla so appealing is the fact that there are no fees for transactions less than $10
and $0.25 per transaction for transactions over $10.
4. Amazon Payments
Amazon Payments is a safe, easy and convenient method for users to receive money by
using Amazon’s API. Users can also send money via ACH (Automated Clearing House). Since
almost everyone has an Amazon account, all your important information has already been
stored.
5. Authorize.Net
It’s been stated that Authorize.Net is the most widely used payment gateway on the
internet – probably because it’s been around since 1996. Currently, there are over 375,000
merchants handling more than $88 billion in annual transactions safely through credit cards
and e-checks. Something’s going right over there.
6. ACH Payments
ACH Payments has several key features that make it one of the top payment systems
around. Pros include: being able to make global payments, as well as serving as a payment
gateway, merchant account, credit card processor, and mobile payment processor. It can
also handle ACH payments and can be used as a payroll system.
7. WePay
What makes WePay standout isn’t the fact that it’s a payment processor allowing internet
merchants to accept credit cards and bank account payments online, it’s the fact it’s
incredibly simple. In fact, you can begin accepting payments in under a minute. The only
drawback is that it’s only available for U.S. citizens.
8. Stripe
If you’re a developer, you should already be using Stripe. Developers use Stripe to integrate
a payment system into their projects through Stripe’s robust API. This prevents the need for
a merchant account, and also allows you to build your own payment forms that can bypass
PCI requirements.
9. WooCommerce
WooCommerce allows WordPress users to create their very own e-commerce shop. There
are several neat features that make this payment processor worth your time. Besides being
vendor and customer friendly, you can run coupon campaigns, manage your store’s daily
activities, learn about shipping and tax rules, and view your store’s overall performance.
10. 2CheckOut
2CheckOut is a payment processor which is a combination of a merchant account and
payment gateway that doesn’t require PayPal or a Merchant account. Simply register and
verify your account and you can start accepting credit card payments, and even PayPal
payments. The company also offers international payments, shopping cart stores, and a
recurring billing feature.
Q.2. How can e-commerce portals make shopping secure.
Ans. : E-commerce portals make shopping secure many ways and some ways are given
below :
- Choose a secure ecommerce platform. "Put your ecommerce site on a platform that uses a sophisticated object-orientated programming language," says Shawn Hess, software development manager, VoIP Supply.
- "We've used plenty of different open source ecommerce platforms in the past and the one we're using now is by far the most secure," Hess says. "Our administration panel is inaccessible to attackers because it's only available on our internal network and completely removed from our public facing servers. Additionally, it has a secondary authentication that authenticates users with our internal Windows network."
- Use a secure connection for online checkout--and make sure you are PCI compliant. "Use strong SSL [Secure Sockets Layer] authentication for Web and data protection," says Rick Andrews, technical director, Trust Services, Symantec.
- "It can be a leap of faith for customers to trust that your ecommerce site is safe, particularly when Web-based attacks increased 30 percent last year. So it's important to use SSL certificates "to authenticate the identity of your business and encrypt the data in transit," Andrews says. "This protects your company and your customers from getting their financial or important information stolen." Even better: "Integrate the stronger EV SSL [Extended Validation Secure Sockets Layer], URL green bar and SSL security seal so customers know that your website is safe."
- "SSL certificates are a must for transactions," Hess agrees. "To validate our credit cards we use a payment gateway that uses live address verification services right on our checkout," he says. "This prevents fraudulent purchases by comparing the address entered online to the address they have on file with their credit card company."
- Don't store sensitive data. "There is no reason to store thousands of records on your customers, especially credit card numbers, expiration dates and CVV2 [card verification value] codes," says Chris Pogue, director of Digital Forensics and Incident Response at Trustwave.
- "In fact, it is strictly forbidden by the PCI Standards," Pogue says. He recommends purging old records from your database and keeping a minimal amount of data, just enough for charge-backs and refunds. "The risk of a breach outweighs the convenience for your customers at checkout," he says. "If you have nothing to steal, you won't be robbed."
- Employ an address and card verification system. "Enable an address verification system (AVS) and require the card verification value (CVV) for credit card transactions to reduce fraudulent charges," says Colin O'Dell, lead Magento developer for Unleashed Technologies.
- Require strong passwords. "While it is the responsibility of the retailer to keep customer information safe on the back-end, you can help customers help themselves by requiring a minimum number of characters and the use of symbols or numbers," says Sarah Grayson, senior marketing manager for the Web Security Group at McAfee. "Longer, more complex logins will make it harder for criminals to breach your site from the front-end," she says.
- Set up system alerts for suspicious activity. "Set an alert notice for multiple and suspicious transactions coming through from the same IP address," advises Deric Loh, managing director at digital agency Vault Labs. Similarly, set up system alerts for "multiple orders placed by the same person using different credit cards, phone numbers that are from markedly different areas than the billing address and orders where the recipient name is different than the card holder name."
- Layer your security. "One of the best ways to keep your business safe from cybercriminals is layering your security," says Grayson. "Start with firewalls, an essential aspect in stopping attackers before they can breach your network and gain access to your critical information." Next, she says, "add extra layers of security to the website and applications such as contact forms, login boxes and search queries." These measures "will ensure that your ecommerce environment is protected from application-level attacks like SQL (Structured Query Language) injections and crosssite scripting (XSS)."
- Provide security training to employees. Employees "need to know they should never email or text sensitive data or reveal private customer information in chat sessions as none of these communication methods is secure," says Jayne Friedland Holland, chief security officer and associate general counsel at technology firm NIC Inc..
- "Employees also need to be educated on the laws and policies that affect customer data and be trained on the actions required to keep it safe," Holland says. Finally, "use strict written protocols and policies to reinforce and encourage employees to adhere to mandated security practices."
- Use tracking numbers for all orders. "To combat chargeback fraud, have tracking numbers for every order you send out," advises Jon West, CEO, AddShoppers, a social commerce platform for retailers. "This is especially important for retailers who drop ship."
- Monitor your site regularly--and make sure whoever is hosting it is, too. "Always have a real-time analytics tool," says Punit Shah, director of Marketing at online jeweler My Trio Rings. "It's the real-world equivalent of installing security cameras in your shop. Tools like Woopra or Clicky allow you to observe how visitors are navigating and interacting with your website in real time, allowing you to detect fraudulent or suspicious behavior," he says. "With tools like these we even receive alerts on our phones when there is suspicious activity, allowing us to act quickly and prevent suspicious behavior from causing harm." Also, make sure whoever is hosting your ecommerce site "regularly monitors their servers for malware, viruses and other harmful software," says Ian Rogers, SEO and Web developer, Mvestor Media, an SEO and website design company. "Ask your current or potential Web host if they have a plan that includes at least daily scanning, detection and removal of malware and viruses on the website.".
- Perform regular PCI scans. "Perform regular quarterly PCI scans through services like Trustwave to lessen the risk that your ecommerce platform is vulnerable to hacking attempts," advises West. "If you're using third-party downloaded software like Magento or PrestaShop, stay on top of new versions with security enhancements," he says. "A few hours of development time today can potentially save your entire business in the future."
- Patch your systems. "Patch everything immediately--literally the day they release a new version," says Kyle Adams, chief software architect for Junos WebApp Secure at Juniper Networks. "That includes the Web server itself, as well as other third-party code like Java, Python, Perl, WordPress and Joomla, which are favorite targets for attackers." "Breached sites are constantly found running a three-year-old version of PHP or ColdFusion from 2007," says Pogue. So it's critical you install patches on all software: "Your Web apps, Xcart, OSCommerce, ZenCart and any of the others all need to be patched regularly."
- Make sure you have a DDoS protection and mitigation service. "With DDoS [Distributed Denial of Service] attacks increasing in frequency, sophistication and range of targets, ecommerce sites should turn to cloud-based DDoS protection and managed DNS services to provide transactional capacity to handle proactive mitigation and eliminate the need for significant investments in equipment, infrastructure and expertise," says Sean Leach, vice president of Technology, VeriSign. "The cloud approach will help [ecommerce businesses] trim operational costs while hardening their defenses to thwart even the largest and most complex attacks," he argues. "In addition, a managed, cloud-based DNS hosting service can help deliver 100 percent DNS resolution, improving the availability of Internet-based systems that support online transactions and communications."
- Consider a fraud management service. "Fraud does happen. And for merchants, the best resolution is to make sure you are not holding the bag when it does," says Bob Egner, vice president of Product Management at EPiServer, a .NET content management and ecommerce product company. "Most credit card companies offer fraud management and chargeback management services. This is a practical approach to take because most security experts know there is no such thing as 100 percent safe."
- Make sure you or whoever is hosting your site is backing it up--and has a disaster recovery plan. "Results from a recent study by Carbonite revealed businesses have big gaps in their data backup plans--putting them at risk for losing valuable information in the instance of power outage, hard drive failure or even a virus," says David Friend, CEO of Carbonite. So to make sure your site is properly protected, back it up regularly--or make sure your hosting service is doing so.