 | ||
|
| ||
| ||
|
| ||
Mary Haggard
Program Manager
Microsoft Corporation
February 17, 1998
The following article was originally published in Site Builder Magazine (now known as MSDN Online Voices).
Since the recent release of several easy-to-implement commerce solutions for the Internet, such as Microsoft Site Server, electronic commerce is no longer the domain of those with big budgets and large C++ development staffs. More and more organizations are using these tools to build online shopping into their Web sites. The emerging challenge for these sites is to provide customers with a successful online shopping experience that is dynamic and personalized, evolves to meet changing customer demographics, supports secure online payment options, and provides users with added value -- above and beyond the value they receive from traditional shopping experiences.
Online commerce offers the ability to expand into new markets, reduce costs of customer service and support, communicate effectively with an existing customer base, and deliver a personalized shopping experience rivaling that of a sales staff.
The Internet commerce market is fairly new and underdeveloped, but it is expanding at an unbelievable rate. Every time you look at research reports that discuss the future of online shopping, the numbers grow. For instance, data from research companies in 1996 indicated that online consumer commerce would not exceed 10 billion dollars by 2000. In December of 1997, numbers from similar reports were forecasting sales of over 100 billion dollars in the year 2000 timeframe.
Currently, many companies are finding that online purchases are
being made by a different customer demographic than they have seen
before, either in their retail stores or mail-order catalog
businesses. An online commerce site should be flexible enough to
target traditional customers, but also should look at potential new
markets that the Internet opens up to them. Some of the Web sites
that have Internet demographic information and access to
online-commerce reports are Cyberatlas 
, International Data
Corp , Forrester Research
, and Intelliquest . As more and more people learn
the benefits of secure shopping online, expect that this market
will only grow.
Providing a valuable, secure, and personalized experience both at the point of sale and afterward is a great way to encourage customers to use your online offering again. For instance, a searchable online product catalog might allow a user to learn immediately if a certain product is available. This is a benefit to users if it saves them from finding their print catalog, calling or faxing an order, and not knowing if or when the product will arrive. Any process that you can make easier for a customer through your Web site will provide value for them, and almost always will save costs on your side.
Security is a major consumer concern. Educating users about the security of Web transactions is a big part of most commerce sites. In fact, many sites guarantee the safety of credit card transactions on their sites. Read more about security protocols below.
Personalize the experience. At a bookstore in Seattle, one of
the clerks would hold books that he thought I might like. He used
his knowledge about books I had purchased in the past to decide
which books he would put aside for me. That inspired my loyalty as
a customer, and kept me coming back to that store for years. I was
reminded of this the first time Amazon.com , the online book seller, welcomed me
back to the site by name, and suggested books I might enjoy based
on what I had purchased before. Think of the power of this kind of
personal customer experience in an online environment! Your Web
servers and a database of customer information could become your
best sales force.
Other personalization ideas are online clubs that reward frequent online buyers or e-mail newsletters that keep you in touch with customers. The potential list of commerce-based solutions you can build with available technology goes on and on. Very interesting commerce applications are being developed through clever use of software, so don't limit your thinking!
How does a transaction take place over the Internet? There are a few ways that this works, but one of the most common is the following: To purchase goods and services through the Internet, users use their Web browser software to enter their order information, including credit card, within a secure form. The information is sent via secure connection to your Web server. The Web server reads the order information and passes the encrypted credit card information over a secure connection to some type of authorization organization, such as the issuing bank for the credit card. That institution decrypts the credit card, sends through the authorization information to your Web server, and the order is processed.
In many ways, this is the same process you go through when you use your credit card in a more traditional way, such as paying for dinner. However, there is one important difference. Note how encrypted transmission of the credit card numbers protects users both from getting their credit card numbers intercepted as an insecure transaction, and from merchant fraud, because the merchant never sees the credit card numbers. In this case, commerce on the Internet is more secure than traditional credit card usage. (Have you ever really thought about the security risk of handing your credit card to a waiter who disappears to the back of the restaurant for an unknown amount of time to process the transaction?)
I spend a lot of time reassuring friends and relatives that
buying something on the Internet is secure. If you find yourself
repeating this information over and over, I suggest pointing people
to Safety in Numbers: The Microsoft Wallet 
-- one of the best
explanations of security on the Internet for non-techies that I've
found.
The most secure transactions on the Internet combine a secure connection from the browser to the Web server, encrypted credit card information, and client software that contains credit card and other user information.
The Secure Sockets Layer (SSL) encryption protocol is fully supported by major browsers and Microsoft Windows NT® Server/Internet Information Server (IIS). Through certificate authentication, it provides both encryption and secure channel support, allowing a secure communications channel for any information across the Internet. Many Internet sites are currently using SSL for credit card transactions, and many are beginning to deploy SET.
Secure Electronic Transaction (SET) , recently developed by a consortium
led by Visa and Mastercard, is a protocol and a standard for
handling credit card transactions on the Internet. Designed for
card processors (cardholders, merchants, and banks), SET also uses
digital certificates to ensure the identity of the client and
browser. (A digital certificate acts as an electronic version of
your driver's license, ensuring that you are who you say you are.)
SET also encrypts the credit card information, along with other
order data, and the SET application (such as the Wallet) submits
the payment instructions to the browser. The encryption model for
SET is the same worldwide.
The Microsoft Wallet is a software payment program that allows
consumers to store credit and debit card numbers, as well as
addresses for shipping and billing, on their PC for access when
needed. The Wallet supports various payment methods, including
credit cards, online cash, and micropayments (small payments of
digital cash). It can be used with Internet Explorer versions 3.0
and 4.0, and with Netscape Navigator versions 3.0 and 4.0. (On
Internet Explorer, the Wallet functions as an ActiveX
control™. On Navigator, it is a plug-in.) Information from the
Wallet is used by a variety of back-end commerce solutions,
including Microsoft Site Server. It supports flexible payment
protocols, including SSL and SET; support for other types of
payment is available from third-party vendors or through the
Wallet's Software Development Kit (SDK). Use the Wallet Webmaster
Kit to learn more about deploying the Wallet on your site. More
information and both of the development kits are available on the
Wallet's Web site .
Microsoft Site Server is installed on the Web
server with Windows NT Server 4.0 and IIS versions 3.0 or 4.0. It
provides server components and management tools that reduce the
time required to build commerce-enabled Web sites, target
information by delivering personalized content, manage site
content, and analyze site traffic and usage patterns.
A core part of Site Server is the Commerce Server application, which enables development of secure Commerce sites. Commerce Server can be tied to any existing Online Database Connectivity (ODBC)-compliant database sales system. Sample stores and a Store Builder Wizard help quickly build commerce sites, and many configurable server components control aspects of the sales cycle -- such as billing, calculation of taxes, and all aspects of fulfillment.
Site Server comes complete with sample stores that represent various e-commerce business scenarios. For instance, one store provides a very simple but complete model for small inventories -- perfect for a pilot project. More complex sample stores bring personalization, reporting, and search functionality into the mix. If these sample stores meet the needs of your business, you should be able to adjust them accordingly and put them on the Web as your commerce site.
The Order Processing Pipeline (OPP) is a set of Active Server
Components that handle the stages that define the business rules of
how orders are managed at the commerce site. Define your order
process and configure the objects within the pipeline to meet your
needs, or build your own objects. Third parties also continue to
build components that extend the capabilities of the OPP. That
listing and more information can be found on the Microsoft Commerce
site .
As stated above, Commerce Server's strength in the security
arena comes from its tight integration with Windows NT Server as
part of the Microsoft BackOffice suite of products. Windows NT
Server/IIS support for SSL enables secure transfer of all data and
encryption without programming on the client side. Site Server's
support for the Microsoft Wallet and SET allows encrypted credit
card storage and transfer. The Windows NT Server's certificate
server ensures that browser validation occurs when necessary, and
its User and Domain Managers provide a model for securing access to
files on the machine. E-mail transactions can be secured through
the use of S/MIME in Microsoft Outlook and Exchange. More
information on Microsoft security strategies is available on the Security
Web site .
Personalization services can be a powerful tool when tied to Commerce Server. When users register on your site and enter information for an order or about themselves, that information is stored in a database. Using ASP code, the information can be compiled into pages that specifically meet a user's needs. For instance, each time a specific user returns to your site, a page can be generated that displays their current order status, offers upgrades or updated documentation for products they've already purchased, tells them about new products that may interest them, and lets them know about an online chat event with an industry specialist presented just for special members.
Usage Import and Report Writer can be used to import and filter IIS logs, and provide information and reports that detail Web site usage.
Each time a user interacts with your site, information about the interaction is recorded in the IIS log file. That information can be filtered into a customizable Microsoft SQL Server database. Then the analysis tools examine the data and reconstruct the visits, users, and organizations that interact with your site.
Use this capability to find information that can help improve the commerce portions of your site. For instance, you can see if international users are getting to areas of your site that are targeted to them. Reports will show which products users are particularly interested in, or what part of the ordering process those users may be shying away from. You can adjust your systems accordingly. Information on what organizations are using the site can allow you to offer those consumer groups special bonuses. Especially popular (or unpopular) parts of the site can be highlighted to get users to them.
Site Server boasts an impressive list of industry partners. If information you are looking for isn't provided here or in the Site Server documentation, check the Site Server Web site for a list of the latest software companies, solution providers, Internet service providers, systems integrators, banks and financial institutions, and streaming-media companies who are building supporting elements for Site Server in the form of payment solutions, hosting support, systems integration, and media extensions.
Since taking early retirement as commander of the Starship Enterprise and joining Microsoft, Mary Haggard has worked her way through the ranks to her lifelong goal, being Program Manager for the MSDN Online Web publishing team. Mary once worked in a paper mill, so she knows pulp when she sees it.
Mary Haggard loves to get your feedback and suggestions for this column (see below for info on sending her mail), but she cannot answer individual technical questions. For the latest answers on how-to questions, check in with MSDN Online's Web Men Talking.
From Microsoft Web Tech·Ed, read a summary of a Web-solutions report on Building E-Commerce Solutions, in MSDN Online Web Workshop.
Did you find this material useful? Gripes? Compliments? Suggestions for other articles? Write us!
© 1999 Microsoft Corporation. All rights reserved. Terms of use.
Back to top