The state of e-commerce

Electronic commerce, more often known as e-commerce, continues to grow at a staggering rate. In 2014, worldwide e-commerce sales totaled $1.3 trillion and by the end of 2017, e-commerce sales topped $2.3 trillion dollars. In 2017, U.S. Black Friday e-commerce sales alone amounted to $5.03 billion. With so much money being transferred electronically, many people are concerned about how to protect themselves online while still enjoying the convenience of e-commerce.

Improving e-commerce security

Computer Know How has been developing and operating e-commerce sites for many years, and recently we discovered a much more secure form of payment processing called tokenization.  We discovered tokenization after we were notified that our old payment processing software was shutting down.  As we found alternatives that we could use, we discovered that each of these alternatives (Heartland Payment Systems, Stripe, and Authorize.net) each had the option of using tokenization for more secure credit card payments.

What is tokenization?

Tokenization is a method of transferring sensitive data by substituting the sensitive data with a non-sensitive “token” that is used as a reference to the original data.  The diagram below demonstrates the difference between e-commerce websites that do not use tokenization, and e-commerce websites that do use tokenization.

As seen in the first half of the diagram where tokenization is not implemented, customer credit card data is processed as follows:

  1. Customer enters credit card data
  2. Credit card data is sent to your web server
  3. Credit card data is sent to the merchant processor to make the payment

Because your web server is in the path of the credit card data, you are now responsible for the safety of that data as it travels between the customer and the merchant processor.

Now, consider the same situation but with tokenization implemented (as shown in the bottom half of the diagram).

  1. Customer enters credit card data
  2. Credit card data is sent to the tokenization service
  3. Tokenization service sends the secure token to your web server
  4. Secure token is sent to the merchant processor to make the payment

By adding the tokenization step, the likelihood that a customer’s credit card will be compromised because of your website borders on impossible.

How do I get started?

If you would like more information about tokenization or you would like help implementing it on your e-commerce website, contact us for a quote to secure your website.