Click to return to the Essentials home page    
Web Workshop  |  Essentials

For Starters: #11. Building an Online Business

Mary Haggard
Program Manager
Microsoft Corporation

February 17, 1998

The following article was originally published in Site Builder Magazine (now known as MSDN Online Voices).

Since the recent release of several easy-to-implement commerce solutions for the Internet, such as Microsoft Site Server, electronic commerce is no longer the domain of those with big budgets and large C++ development staffs. More and more organizations are using these tools to build online shopping into their Web sites. The emerging challenge for these sites is to provide customers with a successful online shopping experience that is dynamic and personalized, evolves to meet changing customer demographics, supports secure online payment options, and provides users with added value -- above and beyond the value they receive from traditional shopping experiences.

Online commerce offers the ability to expand into new markets, reduce costs of customer service and support, communicate effectively with an existing customer base, and deliver a personalized shopping experience rivaling that of a sales staff.

Who's Buying?

The Internet commerce market is fairly new and underdeveloped, but it is expanding at an unbelievable rate. Every time you look at research reports that discuss the future of online shopping, the numbers grow. For instance, data from research companies in 1996 indicated that online consumer commerce would not exceed 10 billion dollars by 2000. In December of 1997, numbers from similar reports were forecasting sales of over 100 billion dollars in the year 2000 timeframe.

Currently, many companies are finding that online purchases are being made by a different customer demographic than they have seen before, either in their retail stores or mail-order catalog businesses. An online commerce site should be flexible enough to target traditional customers, but also should look at potential new markets that the Internet opens up to them. Some of the Web sites that have Internet demographic information and access to online-commerce reports are Cyberatlas Non-MS link, International Data Corp Non-MS link, Forrester Research Non-MS link, and Intelliquest Non-MS link. As more and more people learn the benefits of secure shopping online, expect that this market will only grow.

What Do They Want?

Providing a valuable, secure, and personalized experience both at the point of sale and afterward is a great way to encourage customers to use your online offering again. For instance, a searchable online product catalog might allow a user to learn immediately if a certain product is available. This is a benefit to users if it saves them from finding their print catalog, calling or faxing an order, and not knowing if or when the product will arrive. Any process that you can make easier for a customer through your Web site will provide value for them, and almost always will save costs on your side.

Security is a major consumer concern. Educating users about the security of Web transactions is a big part of most commerce sites. In fact, many sites guarantee the safety of credit card transactions on their sites. Read more about security protocols below.

Personalize the experience. At a bookstore in Seattle, one of the clerks would hold books that he thought I might like. He used his knowledge about books I had purchased in the past to decide which books he would put aside for me. That inspired my loyalty as a customer, and kept me coming back to that store for years. I was reminded of this the first time Amazon.com Non-MS link, the online book seller, welcomed me back to the site by name, and suggested books I might enjoy based on what I had purchased before. Think of the power of this kind of personal customer experience in an online environment! Your Web servers and a database of customer information could become your best sales force.

Other personalization ideas are online clubs that reward frequent online buyers or e-mail newsletters that keep you in touch with customers. The potential list of commerce-based solutions you can build with available technology goes on and on. Very interesting commerce applications are being developed through clever use of software, so don't limit your thinking!

How Does It Work?

How does a transaction take place over the Internet? There are a few ways that this works, but one of the most common is the following: To purchase goods and services through the Internet, users use their Web browser software to enter their order information, including credit card, within a secure form. The information is sent via secure connection to your Web server. The Web server reads the order information and passes the encrypted credit card information over a secure connection to some type of authorization organization, such as the issuing bank for the credit card. That institution decrypts the credit card, sends through the authorization information to your Web server, and the order is processed.

In many ways, this is the same process you go through when you use your credit card in a more traditional way, such as paying for dinner. However, there is one important difference. Note how encrypted transmission of the credit card numbers protects users both from getting their credit card numbers intercepted as an insecure transaction, and from merchant fraud, because the merchant never sees the credit card numbers. In this case, commerce on the Internet is more secure than traditional credit card usage. (Have you ever really thought about the security risk of handing your credit card to a waiter who disappears to the back of the restaurant for an unknown amount of time to process the transaction?)

I spend a lot of time reassuring friends and relatives that buying something on the Internet is secure. If you find yourself repeating this information over and over, I suggest pointing people to Safety in Numbers: The Microsoft Wallet Non-MSDN Online link -- one of the best explanations of security on the Internet for non-techies that I've found.

Encryption Technologies

The most secure transactions on the Internet combine a secure connection from the browser to the Web server, encrypted credit card information, and client software that contains credit card and other user information.

The Secure Sockets Layer (SSL) encryption protocol is fully supported by major browsers and Microsoft Windows NT® Server/Internet Information Server (IIS). Through certificate authentication, it provides both encryption and secure channel support, allowing a secure communications channel for any information across the Internet. Many Internet sites are currently using SSL for credit card transactions, and many are beginning to deploy SET.

Secure Electronic Transaction (SET) Non-MS link, recently developed by a consortium led by Visa and Mastercard, is a protocol and a standard for handling credit card transactions on the Internet. Designed for card processors (cardholders, merchants, and banks), SET also uses digital certificates to ensure the identity of the client and browser. (A digital certificate acts as an electronic version of your driver's license, ensuring that you are who you say you are.) SET also encrypts the credit card information, along with other order data, and the SET application (such as the Wallet) submits the payment instructions to the browser. The encryption model for SET is the same worldwide.

The Microsoft Wallet is a software payment program that allows consumers to store credit and debit card numbers, as well as addresses for shipping and billing, on their PC for access when needed. The Wallet supports various payment methods, including credit cards, online cash, and micropayments (small payments of digital cash). It can be used with Internet Explorer versions 3.0 and 4.0, and with Netscape Navigator versions 3.0 and 4.0. (On Internet Explorer, the Wallet functions as an ActiveX control™. On Navigator, it is a plug-in.) Information from the Wallet is used by a variety of back-end commerce solutions, including Microsoft Site Server. It supports flexible payment protocols, including SSL and SET; support for other types of payment is available from third-party vendors or through the Wallet's Software Development Kit (SDK). Use the Wallet Webmaster Kit to learn more about deploying the Wallet on your site. More information and both of the development kits are available on the Wallet's Web site Non-MSDN Online link.

Microsoft Site Server

Microsoft Site Server Non-MSDN Online link is installed on the Web server with Windows NT Server 4.0 and IIS versions 3.0 or 4.0. It provides server components and management tools that reduce the time required to build commerce-enabled Web sites, target information by delivering personalized content, manage site content, and analyze site traffic and usage patterns.

Commerce Features

A core part of Site Server is the Commerce Server application, which enables development of secure Commerce sites. Commerce Server can be tied to any existing Online Database Connectivity (ODBC)-compliant database sales system. Sample stores and a Store Builder Wizard help quickly build commerce sites, and many configurable server components control aspects of the sales cycle -- such as billing, calculation of taxes, and all aspects of fulfillment.

The sample stores

Site Server comes complete with sample stores that represent various e-commerce business scenarios. For instance, one store provides a very simple but complete model for small inventories -- perfect for a pilot project. More complex sample stores bring personalization, reporting, and search functionality into the mix. If these sample stores meet the needs of your business, you should be able to adjust them accordingly and put them on the Web as your commerce site.

The order processing pipeline

The Order Processing Pipeline (OPP) is a set of Active Server Components that handle the stages that define the business rules of how orders are managed at the commerce site. Define your order process and configure the objects within the pipeline to meet your needs, or build your own objects. Third parties also continue to build components that extend the capabilities of the OPP. That listing and more information can be found on the Microsoft Commerce site Non-MSDN Online link.

Secure transactions and Commerce Server

As stated above, Commerce Server's strength in the security arena comes from its tight integration with Windows NT Server as part of the Microsoft BackOffice suite of products. Windows NT Server/IIS support for SSL enables secure transfer of all data and encryption without programming on the client side. Site Server's support for the Microsoft Wallet and SET allows encrypted credit card storage and transfer. The Windows NT Server's certificate server ensures that browser validation occurs when necessary, and its User and Domain Managers provide a model for securing access to files on the machine. E-mail transactions can be secured through the use of S/MIME in Microsoft Outlook and Exchange. More information on Microsoft security strategies is available on the Security Web site Non-MSDN Online link.

Personalization

Personalization services can be a powerful tool when tied to Commerce Server. When users register on your site and enter information for an order or about themselves, that information is stored in a database. Using ASP code, the information can be compiled into pages that specifically meet a user's needs. For instance, each time a specific user returns to your site, a page can be generated that displays their current order status, offers upgrades or updated documentation for products they've already purchased, tells them about new products that may interest them, and lets them know about an online chat event with an industry specialist presented just for special members.

Site Server Analysis Tools for Commerce Sites

Usage Import and Report Writer can be used to import and filter IIS logs, and provide information and reports that detail Web site usage.

Each time a user interacts with your site, information about the interaction is recorded in the IIS log file. That information can be filtered into a customizable Microsoft SQL Server database. Then the analysis tools examine the data and reconstruct the visits, users, and organizations that interact with your site.

Use this capability to find information that can help improve the commerce portions of your site. For instance, you can see if international users are getting to areas of your site that are targeted to them. Reports will show which products users are particularly interested in, or what part of the ordering process those users may be shying away from. You can adjust your systems accordingly. Information on what organizations are using the site can allow you to offer those consumer groups special bonuses. Especially popular (or unpopular) parts of the site can be highlighted to get users to them.

Site Server Partnerships

Site Server boasts an impressive list of industry partners. If information you are looking for isn't provided here or in the Site Server documentation, check the Site Server Web site for a list of the latest software companies, solution providers, Internet service providers, systems integrators, banks and financial institutions, and streaming-media companies who are building supporting elements for Site Server in the form of payment solutions, hosting support, systems integration, and media extensions.

Since taking early retirement as commander of the Starship Enterprise and joining Microsoft, Mary Haggard has worked her way through the ranks to her lifelong goal, being Program Manager for the MSDN Online Web publishing team. Mary once worked in a paper mill, so she knows pulp when she sees it.


Mail to Mary?

Mary Haggard loves to get your feedback and suggestions for this column (see below for info on sending her mail), but she cannot answer individual technical questions. For the latest answers on how-to questions, check in with MSDN Online's Web Men Talking.

E-commerce solutions

From Microsoft Web Tech·Ed, read a summary of a Web-solutions report on Building E-Commerce Solutions, in MSDN Online Web Workshop.




For technical how-to questions, check in with the Web Men Talking, MSDN Online's answer pair.


Back to topBack to top

Did you find this material useful? Gripes? Compliments? Suggestions for other articles? Write us!

© 1999 Microsoft Corporation. All rights reserved. Terms of use.