If you can't read please download the document
Upload
luke-stokes
View
1.424
Download
6
Embed Size (px)
Citation preview
Building
E-Commerce Sites
It doesn't have to suck.
#bcn10ecom
Who's here?
What's in it for me?
Developers
New to ecommerce:Overview
What Options you have
Experienced in ecommerce:Cover some details you may not have thought of
Best practices
What's in it for me?
DevelopersDesigners
Awesome website design, awesome ecommerce
What's in it for me?
DevelopersDesignersMerchants / Marketers
Modern ecommerce:Modal cart
Single page checkout + signup/login
mobile commerce
social commerce
Security:PCI-DSS
PA-DSS
The Payment Application Data Security Standard (PA-DSS)
The Payment Card Industry Data Security Standard (PCI DSS)
Who is this guy?
General projects team leader and developer at DaveRamsey.comCo-Founder and core developer of FoxyCart.comLuke [email protected]@lukestokes
FoxyCart founded in 2007We've processed over 300,000 transactions this year alone for over $30M
over 1400 websites using FoxyCart to power their ecommerce
NOT A SALES PRESENTATION
US E-Commerce Revenues
http://www.census.gov/econ/estats/http://www.singularity.com/charts/page104.htmlOut of date, but you get the idea... ecommerce is important
E-Commerce Overview
Use the right tool for the job, work with what you're comfortable using.
Legacy Systems
QuickbooksSalesforceCustom fulfillment systemsYour CMS of choice
The Store
Again, work with what you're comfortable with.- table based layout?- font tags?
The Store
CMS + E-Commerce (self hosted)
Security issues: card holder data passing through your infrastructureDifficult to styleTries to be the one-size-fits-all solution for everyoneCreates a disconnect between your website and your online store
The Store
CMS + E-Commerce (hosted)
Difficult to integrateHave to learn new template languages
The Store
CMS + E-Commerce (CMS Specific)
Keeps you using the tools you're comfortable with (CMS) but may not give you the flexibility you need on the eCommerce side of things.
The Hybrid Store
Integrates your website with your ecommerceBrings the purchase closer to your content
The Hybrid Store
CMS:
E-Commerce:
Cons Requires customizationInventorycategory pages
Pros:Stick with the tools you knowOne website, not 2Service based let each system do what it does bestMore control to integrate with the tools you're already using (not one size fits all)Not cookie cutter, allows for flexibility of catalog, cart and checkout pagesOh, look, another osCommerce store...
Lots of great options, many of which didn't exist when we started FoxyCart
Payment Gateway
Payment Gateway
Connects your website to your merchant account
Merchant Account
Merchant Account
Allows your bank account to accept payments via credit and debit cards
Discount rates: percentage of transactionTransaction rates: set fee for each transaction ($.30 to $.50)Chargebacks: $30-$50, total PITA.Application feesOngoing feesSettlement fees: $.05 to $5
Keep in mind that it can take quite some time to get your merchant account setup so get the ball rolling early. Full credit checks are often part of the process. Be sure to read the fine print of what is and isn't allowed.
Profit!
Profit!
Meet real needs, serve well, get paid
Issuing Bank
Acquiring Bank
Tangent:Lots of hands in the cookie jar.Make sure your business model is profitable FIRSTDon't jump into an idea with tons of venture capital
YouTube made $240 million in 2009 and spent $700 million to do it
FoxyCart's story isn't sexy it's just a hell of a lot of work with very little sleep. We were profitable right away because we never borrowed money. Our growth has been steady because our users spread the word because we're meeting a real need: ecommerce for developers.
For your business idea: meet a REAL need. Get feedback from tools like User Voice. Make a profit!
Integration
Think about how the information you collect online will integrate with other parts of your business
Gotchas
SecurityIntegrationUpgradesFeatures
Gotchas - Security
Multiple attack vectorsClient NaivetNo such thing as "Secure"Security is HARD
Multiple attack vectors:Systems/HostingSoftwareSocial EngineeringClient NaiveteEmailing CC numbersNo such thing as "Secure"High profile failures includeJC PennyGoogleFacebookSecurity is HARDPCI is 200+ requirements. You can't take care of it by paying a simple fee (don't be scammed)PEN testing requiredSSL CertificatesServer Monitoring
Gotchas - Integration
CRMEmail MarketingInventoryAccounting
WorkflowCurrentFutureThink about moving to a service based architecture
Don't duplicate your data
Use the best tools for the job
Gotchas Upgrades
Security Hot-fixesNew features your client needsCustomizations
Fired a client 2 years ago and that version of osCommerce is getting hacked? What then?
Customize self-hosted package too much, how can you upgrade?
Gotchas Features
90% may not be good enoughsubscriptions / downloadables /registrations / coupons / gift certificates /custom fieldsWorkaroundsFuture business needs
Figure out your needs first and ensure the features are there
Brett story, 3-4 different shopping cart solutions for the same client.
Ensure you have workarounds
Doing conference registrations now, but what about selling the tracks as downloadables?
Demo
http://www.twelvesouth.comhttp://www.modernash.comhttp://www.thenerdmachine.com/apparel/shirts/mens-nes-black
Takeaways
Be familiar with all the pieces involved
Use the tools best suited for your needs
Have a plan for handling PCI compliance, security and ongoing maintenance including bug fixes and feature requests
Legacy Systems, Website, Store, Payment Gateway, Merchant Account and back to your legacy systems
Use the best in breed tools
Security is EVERYONE's job
Questions?
Shameless plug:FoxyCart handles much of your PCI concerns, has the features you need or ways to integrate with them, removes the need for an SSL certificate, supports multiple accounts with one login, lets you design your site how YOU want it, has one of the best checkout flows in existence and integrates with anything that can handle XML