Five Ways to Secure Your eCommerce Website

Your customers will appreciate a good secure shopping experienceWebsite security is about doing all you can to protect your online store, your clients’ information, your reputation, and your client’s confidence, so they return time and time again. Security is approached in layers, and your website developer should have all these covered… Just in case, here’s a good list of what to look for.

1. Your store’s checkout must trigger the ‘little lock icon’ on your web browser.
This is the most basic of security measures. Encrypt all transmission of client data with an SSL Certificate. This ensures that your website’s checkout funnel is encrypted, preventing anyone from eavesdropping on the communication between your client and the store. It goes a long way toward building confidence. Failure to do this puts all of your clients at risk of having their credit card details stolen.

2. Your store must encrypt all communications with your credit card processor.
This is one where you must trust your website developer, and hope they do the right thing. Just like you want to protect the data as it travels between your customer and your website, you also must make sure you encrypt that data as your website communicates with the bank. Imagine how many credit cards can be stolen as your website processes them! Insist that all communication with your credit card processor is completely protected.

3. Choose a good host.
Here as well, your web developer should help you. Many business customers opt for a low cost host, without understanding the implications. Low cost usually means your site is sharing a home with hundreds of other websites. The hosting company has no inherent reason to protect your valuable online store, over any other run-of-the-mill website. Make sure your hosting company has a proactive approach to security, employs encryption, performs backups, keeps logs, and has a good network monitoring system. You wouldn’t want the next account at your host to start poking around your website!

4. Use an online credit card gateway.
If you take credit cards online, and don’t process them immediately, you have a host of issues to contend with. The credit card may or may not be valid and must be checked by hand, possibly delaying a sale or causing customer dissatisfaction. The cost of a good credit card processor is negligible, and worth all the benefits in security and efficiency. Your web developer can help you select a reputable processor.

5. Your store must never save credit card information.
This is a follow up to the previous point. You’ve done your homework, use an SSL certificate, encrypt all communications, have a good reliable host, and use a credit card processor. Still, bad things can happen, and there are few things worse than having a break-in where the database is stolen. When this happens, you will be glad to know that no credit card information is in that database. How can you take credit cards online and not store them? This is a function of your website developer helping you choose a credit card gateway that supports customer profiles, and that the developer uses them. Each time your store needs to process a credit card, the system creates a customer profile at the processor. This is like ‘hot potato’ – your store only touches the credit card number long enough to get approval, yet the system even supports recurring charges.

Need assistance securing your store or website? Give us a call and we can give you a free assessment.

Posted in General content, Security, Tech Tips |

Make sure your website developer has more than a hammer in his toolbox!

The right tools make all the difference...Let’s face it, you probably don’t care if your website is built with WordPress, Joomla, or Drupal. However, hiring a web developer who doesn’t have the experience necessary to select the best platform for the job can and often is detrimental to a project. You’ve heard the saying before, “If all you have is a hammer, everything looks like a nail.” Website developers’ experience, knowledge, and skills vary greatly. Lower cost developers or inexperienced ones, often have to stick with what they know. For many, this means getting a copy of WordPress, changing some simple settings in a pre-canned theme, maybe installing a plugin or two, and off they go, they’re a web developer. From that point on, any website project that comes through the door is a WordPress site. We have been creating websites since 2004, so we understand the pattern of growth developers go through, and we’ve seen and cleaned up the damage they can make.

Experience and skill cannot be purchased, yet they can easily be overlooked, and sadly, under valued. Owning a copy of PhotoShop doesn’t make me an artist or a designer. An expensive camera doesn’t make me a photographer. Being able to install XYZ content management system also doesn’t make me a web developer, any more than owning a set of Wusthof knives makes you a chef. These are all tools, that in the right hands, those with experience and skill, can create great works of art, photographs that take your breath away, or websites that turn visitors into customers.

This is where we stand proud… We’ve done this enough times and for long enough that we have superior knowledge of the top three content management systems used to build websites: WordPress, Joomla, and Drupal. Each has its benefits and draw-backs, and our experience confirms none is perfect. When choosing your website developer, be certain to ask and be reasonably assured, that they have created websites using several platforms and can explain why they recommend one system over another.

Contact us to discuss your project’s needs, and together we can choose the ideal system to achieve your goals.

Posted in General content |

Making Repeat Clients Feel Welcome in VirtueMart: Return Login Simplified

Joomla and VirtueMart are very capable, and we make extensive use of them. However, the return login mechanism for VirtueMart is not as friendly as it could be. Today I’ll show you what we have done to make it easier for return clients to log back into their accounts in a Joomla VirtueMart store.

The problem as we have experienced it, is that clients not only do not remember what their username or password was, but that they may not even recall that they already have an account. This has been the case on a few of the websites we have built, where clients were expected to login maybe once a year and forgot they already had an account. They were so frustrated by the system, they left without completing their purchase.

What we have done is ask the client for their email address right up front, before even allowing them to complete the New Account registration form. This lets us check the database and take more control of the process, deciding if a client already exists or is really a new client. Here’s how it works:

So there you have it… A much smoother mechanism to handle clients which return to your store and have forgotten they already have an account. Here are the code changes required to make this work:

impressM-VirtueMart Return Login PDF

Posted in General content, Tech Tips | Tagged , |

How to configure UPS shipping integration in VirtueMart

We were unable to find a single source that outlined the steps required to configure UPS live quotes in VirtueMart, so here is a step by step howto. Credit goes to Cristian Zwick, who put it all together for me to blog about.

To begin, let’s make sure we have everything we need to make this as smooth as possible. Check that you have the UPS live quotes module available in your installation of VirtueMart. This should be integrated, as is the case with the version we are using, 1.1.4. Part of the process will have you requesting an Access Key from UPS as a developer, and that process involves having a valid UPS shipper account. If you or your client do not currently have this, get that process rolling early, so it doesn’t hold up your efforts. Login or request the following from your client:

  • UPS Account Number
  • Account Name (this is the user ID)
  • Postal Code (this is the ZIP code of the business)
  • Invoice Number (last invoice works)
  • Charges This Period
  • Invoice Date
  • Control ID (this may or may not be present on the invoice, and is required if its shown)

While you’re waiting for the UPS account to get processed, or your client to provide the required information, proceed with enabling the UPS live shipping quotes module in VirtueMart:

VM -> Admin -> Configuración -> Shipping, and enable “UPS Online Tools Shipping calculation”.

We also want to make sure VirtueMart will ask for a Shipping Method during checkout:

VM -> Admin -> Configuración -> Checkout, and enable ”Please select a Shipping Method!”.

The products will all require a Weight, so make sure this has been done:

VM -> List Products -> {look up a product} -> Item Dimensions and Weight -> Weight (make sure it’s there for all the products that need shipping calculated on the fly)

Also, make sure the address of the store is properly configured. The UPS module will make use of this:

VM -> Store -> Edit Store

Now that the groundwork is ready, you will have to create a developer account at UPS, by registering here:

Make sure you’re logged in and visit, then click on “Request an access key”, under “How to Get Started”.

Here you will need the information gathered at the start, to tie the developer registration with an actual UPS account. While on the Request Access Key page, notice the section labeled, “Additional Registration Information”. Here you will “Add a UPS Account”. You will have to provide the following:

  • UPS Account Number
  • Account Name (this is the user ID)
  • Postal Code (this is the ZIP code of the business)

In the next step, UPS will want to verify you have a valid UPS account by requesting the following:

  • Invoice Number (last invoice works)
  • Charges This Period
  • Invoice Date
  • Control ID (this may or may not be present on the invoice, and is required if its shown)

Once completed, click on “Request Access Key”, and by default, you will receive the Access Key for the “Rating – Package” API by email. This is the API which VirtueMart needs to provide live shipping quotes… done. However, if you require a different API, you can look under Access and Administration and Manage Access Keys, including activating for production use.

Now that you have received the API Access Key, we can complete the configuration in VirtueMart:

VM -> Store -> Shipping Module List -> Configure Ship Method

Enter the following information:

UPS access code -> This is the API Access Key
UPS user id -> this is the UPS shipping account User ID
UPS password -> Password for said UPS account
Ship From Zip Code -> empty (this needs to be completed if different from the Store address)

The rest are the various shipping options which can be enabled, as necessary. Save and go test!

I hope this saves you a ton of time, as the first time we did this a while back, it was hours of trying to figure out who needed what and what it all meant.

Posted in Tech Tips | Tagged , , , |

YMCA of Greater Bergen County, NJ Launches new impressM Website

The YMCA of Greater Bergen County, New Jersey, is the latest YMCA to get the impressM website makeover and join the rebranding effort begun last year. Research showed that most people associated the Y primarily with swimming and fitness programs rather than a cause. Y-USA needed a consistent, inspirational brand platform to elevate the YMCA’s cause and areas of focus.

The result of extensive research has led to the development of a refreshed brand with a visual identity that is bold, active and welcoming—representing the Y’s commitment to social progress. The logo, was refreshed to reflect the public’s reference to the brand as “the Y,” and is set in multicolored combinations to symbolize the diversity and vibrancy inherent in the organization and its communities.

We were first contacted by Julie Morrow, Communications & Development Director for the YMCA of Greater Bergen County, in NJ, and within a few weeks we had completed the project. The rebranding guidelines provide clear direction so that all Y’s have a very similar look. However, we were able to build them a site unique to them, to serve them well, through easy website management and continued support. Julie has recommended us to several other YMCA’s looking for a rebrand, and her testimonial shows our commitment to building the very best websites and provide the very best on-going support.

Julie writes, “I would absolutely recommend impressM websites.

“I researched various options and companies. They were by far the most reasonable in hosting fee price and in the cost to design/launch. We were the first Y website that they designed with the NEW branding. They understood the parameters and followed the guidelines.

“They continue to be helpful in training me on how to update the site by myself as our old site was in Dreamweaver and a challenge to learn.”

Proof positive, impressM websites in New Jersey, gives you impressive results. Call us today for a FREE website review and let us show you how we can help your organization benefit from our development expertise.

Posted in General content, Project Spotlight | Tagged , |