The last thing your business can afford is public recognition of lapses in privacy and security. But the concerns go far beyond customer perception as well. The emergence and growth of PCI Compliance puts a serious legal and financial burden on companies of all sizes to protect their customers' credit cards and other financial information in an effort to prevent fraud.

If you haven't performed a recent review of your practices relating to both privacy and security, now is a good time. And if you've never really given it much thought, please keep reading and then develop your own plan to maintain your customer's valuable information.

The First Step: An SSL Certificate

An SSL certificate is essential to protect sensitive information as it is transmitted over the internet, such as when a form containing personal or financial information is submitted by a customer. SSL Certificates can be purchased from a number of providers, including Verisign, GeoTrust, Comodo, and many others. The SSL certificate is engaged when the web site is accessed with a URL beginning with "https" instead of "http", encrypting both the request (submission of the form or requesting a web page via a URL) and response (the information that is sent back to the browser).

All sensitive information should be collected and presented on pages served over HTTPS using the SSL certificate. Customers often look to the "lock icon" in the corner of their browser window to ensure that a page asking for this information is secure.

Credit Card Information

The best thing you can do to protect customer's credit card information is to NEVER store it in the first place. If your website uses a real-time payment gateway such as Authorize.net or Payflow, the customer's credit card is passed through to the gateway, and charged or authorized for the sale, and typically doesn't need to be stored on your server at all. Instead, reference or transaction numbers are stored in your system so that transactions can be reviewed and pre-authorizations can be captured. If your site or database gets compromised, there are no raw credit card numbers and expiration dates that can be stolen.

If you can't use a real-time gateway for any reason, make sure you download the payment data over a secure connection (https over a browser, or sFTP instead or regular FTP). Then delete it from your web server as quickly as possible, as well as removing it from your local systems, once the payment has been processed. If you make efforts to delete the data regularly, then a breach of your web site will expose as few credit card numbers as possible (those that have been provided since you last deleted data).

The one thing you should never store in any capacity is the CVV number, also known by other acronyms including CVC, CVV2, and CID. This is the 3- or 4-digit number on the front or back of credit cards, separate from the actual credit card number, that is not embossed or raised and therefore doesn't show up on a credit card imprint. Credit card companies such as VISA and MasterCard pose significant fines on merchants who violate the mandate to not store the CVV code, even if a breach has not occurred. You may also lose the ability to process credit card transactions in the future.

Customer Names and Addresses

Although not as fraught with concerns as issues with payment data, protecting customers identifying information, especially their home address, is still of ultimate importance. Customers often don't want other people finding out their full names or their home address, or even their employer, due to concerns about identity theft. (The more information a potential identity thief collects, the more likely he can impersonate the victim).

All pages that refer to a customer's account, full name, and address should be served over HTTPs, so that the SSL certificate encrypts the data being transmitted. Other pages such as order history are also recommended for SSL protection, especially if your products are sensitive - think medical supplies, prescriptions, adult items, etc.

You should also test your site's account creation, log-in, and forgotten password functions. Make sure there are no security holes in these processes.

Think Carefully about Open-Source Software

Open-source shopping carts are growing in popularity, due to the low cost (often free) and the typically large developer/user communities surrounding them. However, in the case of software whose source code is available to the public, it's often much easier for hackers to find and exploit holes. WordPress, arguably the most widely-used blogging platform, has had to issue numerous updates to patch security holes and bugs that were found by hackers. Shopping cart software is no less prone to problems, and the results of losing customers' credit card numbers can be much worse than having your blog replaced by a defaced page (porn or not!)

Additionally, open-source software is often not subjected to the same compliance issues as software that is funded by sales instead of being free. For example, even Magento's Community Version, the current golden child of the open-source shopping cart market, won't be PA-DSS compliant...so unless you purchase the Enterprise Edition (which is not free!) you won't meet this required standard.

Shared Information

Another area of your site to review includes searchable areas like gift registries, wishlists, and other kinds of customer lists (such as those Amazon allows customers to create and share). For example, when a person searches your gift registry, does your site return too much information about matching records? If you display first and last name, city, and state, it could be too much information to maintain customers' privacy. Limit the information to as little as possible, while still allowing gift shoppers to recognize the person they are shopping for.

Limit Employee Access

You should also limit your employee's access to customer and payment information only to those people who need to access it to perform their jobs. Employees come and go, sometimes under contentious circumstances. When an employee leaves the company, delete his or her account or change its password so that the former employee can no longer access the information. Also, encourage (or enforce) employees to use strong passwords and to periodically change them to protect their accounts from unauthorized access.

Many shopping carts and accounting systems allow you to configure user accounts to access only certain parts of the application. Often, you can allow your web developers, customer service representatives, and other employees to access the necessary parts of your system without giving them access to customer records and payment details.

Application Integration and Data Sharing

When sharing data between your cart and other applications (such as accounting systems, CRM systems, even a mailing list application), don't transfer more data than necessary. Your mailing list doesn't need the customer's credit card information - not even the last four digits. So why bother? If it's not needed, don't keep it there. Don't download data you don't need into Excel and keep it on your hard drive either. And be very careful to make sure you don't email credit card information to anyone! It's surprising how many retailers and developers aren't conditioned or informed about the risks of emailing sensitive data.

Review Your Database

Look at how your shopping cart stores customer records and allows forgotten passwords to be retrieved. Are your customers' passwords encrypted before being stored in your database? Are passwords mailed in plain-text, where anyone with a packet sniffer can intercept them? Or do you email the customer a password reset link sent instead? Can site administrators see the old password or just reset it to a new one?

Communicate the Good

Finally, it's also good to spell out the details of how you maintain customer privacy in a detailed Privacy Policy on your site. Most sites link to their privacy policy from their footer. But also consider hitting the highlights in a few bullet points in a more conspicuous place, perhaps on the view cart page, or the page where customers enter their credit card number. Add a "View our Complete Privacy Policy" link below it for customers who want to read all the nitty-gritty details.

The larger and more visible your company grows, the more important it becomes for you to deal with these issues BEFORE you a breach occurs. When it makes sense financially to do so, consider online services such as McAfee Secure or ControlScan, and later, consider hiring a company that specializes in website and computer security services. The peace of mind, and lack of future problems, will likely make it worth every penny.

1. Be Transparent - In a medium as anonymous as the Internet, the concept of transparency means being clear about who you are and your motives and goals. Transparency is especially important on ecommerce sites. Customers want to know that the people behind the site are honest and trustworthy, not someone who's using the site as a front for fraud. One way to do this is on your "About" page. Identify the person or people behind the business, including a brief background as it pertains to the business (education, career, etc). A picture is a great benefit, because visually-oriented customers can develop a sense of the people they are doing business and communicating with. Video is even better!
   

   About Page from Melissa and Doug

2. Start a Blog - Publishing a blog takes commitment, but it's a great way to show your business personality to customers, and to show them that behind the site is a living, breathing business. Frequently-updated content also shows commitment, a kind of "TLC" to your audience. Allow comments, too, so that you can start a conversation back-and-forth with readers of the blog.
3. Use a dedicated SSL certificate - They are relatively inexpensive and typically require very little work on your part. When customers see your site go from http://www.yoursite.com to https://site12345.somelargehost.com/yoursite/whatever during checkout, it can be disconcerting. On a related note, make sure that your checkout pages don't include content that is not loaded securely, because a warning message will appear.
   

   Avoid Security Warnings

4. Use Security Badges - Demonstrate security with standard graphics that customers have come to expected. Credit card icons show that you have taken the time to select and integrate true payment-processing into your site, instead of relying solely on Paypal or checks by mail. Many SSL certificate providers offer badges that customers can click to confirm that the site uses standard encryption. Take that a step further by signing up for McAfee or Controlscan, which also offer site testing measures. Traditional businesses often display Better Business Bureau window stickers or Chamber of Commerce plaques; there are equivalent BBB and Chamber images that accomplish the same thing on ecommerce sites.
   

   Credibility Badges from Newegg.com

5. Phone, Email, Live Chat - Make it easy for customers to contact you using a variety of methods. Publish a phone number - a toll-free one if possible - in a prominent location on all pages, and try to answer calls during business hours. If you can't always answer it, return voice messages quickly. Use a live chat service for customers who don't want to interrupt their surfing to look for a phone, or offer contact forms on every page that are quickly answered by email.
   

   Crutchfield offers a variety of contact methods

6. Display Customer Testimonials - Gather customer testimonials and publish them on your website. While it's ok to ask customers for testimonials, don't make them up; people can spot fakes pretty easily. Offer a single testimonial on your homepage, and link to a page of additional testimonials.
   

   IDWholesaler.com shows one testimonial on their Homepage

7. Publish Store Policies - Publish your policies and link to them from your sitewide footer and within your help section. At a minimum, you should publish:
   • a privacy policy covering customers' personal and financial information
   • a return policy outlining what products can be returned and what the process is
   • shipping policies that describe what carriers you use, what the lead or fulfillment time is, and whether you guarantee shipping delivery dates
8. After The Sale - Follow up on your promises and thank your customer for their business. A customer's first order with your store solidifies (or demolishes) any credibility created on your actual ecommerce site. Offers customers a fair price and a good shopping experience, and many will return. When you make a mistake: Explain, apologize, and offer to make amends.