 |
|
|
Where Will You Buy Today? It has been an important time for the e-commerce world recently. Firstly, EU telecomms ministers have approved a law giving digital signatures on contracts agreed upon over the Internet the same legal status as their handwritten equivalents. EU member states now have 18 months to implement the bill, which is expected to boost e-commerce and help Europe close the e-business gap between itself and the US. With expectations that half of the European population will be connected to the Internet by 2005, it is important that we can begin to effectively secure and trust the documents and transactions we initiate over the Internet. Only by Government and industry providing the framework for this trust will e-commerce succeed. The new law establishes minimum rules on security and liability, ensuring that electronic signatures are legally recognised across the European Union, and sets certain requirements that must be met for the signatures to be recognised. It also stipulates that electronic signatures bear the same legal weight as their ordinary handwritten equivalents and says they can be used in legal proceedings. In the mean time, of course, we have to soldier on with things as they are. With minimal legislation in place at the moment, how many of you are happy to purchase goods over the Internet? Quite a few of you if the figures are anything to go by. It would seem, though, that whilst most of you will buy books, CD’s, DVD’s and small items of clothing, there are fewer of you who are willing to buy something expensive and difficult to return, such as a car, in this manner. And who can blame you? And what is stopping the rest of you from buying the small stuff? Simple – you don’t know who you can trust. We all remember the days of the fly-by-night advertisers in the daily press promising all sorts of wonderful goods at cut prices on 28 days delivery. You would send off your cheque, and that was the last you would hear of it. Or you would receive shoddy goods that bore little resemblance to those advertised, and then find that there was no way you could return them. Things are better today because of schemes such as MOP – Mail Order Protection – that guarantees some form of recompense if you get stung in this way. And you can be sure that if a scheme like MOP has to pay out often enough, the advertiser responsible for the scam will not be around for too long. What we need is the equivalent in the electronic world. It is no longer enough (if, indeed, it ever was) for an electronic transaction to suddenly switch into “secure” mode – displaying the little golden padlock in your browser – half way through the purchase. When you go to a particular Web site with the intention to buy, there should be some form of independent “seal of approval” up front that guarantees to you the customer that this organisation meets certain e-commerce standards. The organisation in question should obviously have a secure system, but this should extend to more than just secure transmission of data. What is the point of encrypting your credit card details from browser to server if those details are then stored in the clear on a server outside the vendor’s firewall for anyone with a little hacking knowledge to access? The vendor should employ a recognised, certified firewall, but it should also be configured correctly. The links to the back office systems should also be secure, as should links to third parties where the vendor sub-contracts parts of its operations. It could well be that all the various components of the vendor’s e-commerce system are certified and secure in their own right, but what happens when they are connected together into a single system – do holes suddenly open up? In short, it should be required that every e-commerce vendor has its systems fully and completely audited to ensure that your confidential details remain confidential while they reside on that system. But there is more to it than pure security. If something goes wrong with your order, you need to be able to contact customer services to track it, and you don’t want to be held in a queue for four hours before you get through. Support staff – both pre- and post-sales – should be courteous and helpful, and there should be clear returns and refund policies in place should to wish to return goods that are faulty or with which you simply are not satisfied. In short, you need a guarantee – backed by an independent organisation – that an e-commerce site (and the organisation behind it) is trustworthy and efficient from beginning to end (including a reasonable performance from its Web front-end please). Such an initiative has already been launched in the UK via a Government-sponsored organisation called TrustUK (www.trustuk.org.uk). This seems to provide most of what I have outlined above, and is looking to operate with selected partners to provide the missing pieces. An ideal partner would be Checkmark (www.check-mark.com), another UK initiative that specialises in certification of security devices and e-commerce systems. I would encourage you to check out both of these sites and push for e-commerce vendors to seek independent certification. It is time for the e-commerce industry to take that next step forward. We have had enough of “experimental sites” and half-baked e-commerce strategies. Put our money where your mouth is and give us efficient systems that work, are secure, and make on-line shopping a genuine pleasure.
|
|
Send mail to webmaster
with questions or�
|
