Secure Transactions with Your Mobile Customers - dummies

Secure Transactions with Your Mobile Customers

Security is one of the biggest hurdles that mobile commerce has to clear. Your customers watch TV ads about having their identities and credit card numbers stolen (particularly the ones that show little old ladies chortling in a gruff, male voice, bragging about all the expensive stuff they scammed by stealing Granny’s identity).

Above all, make sure your site is secure and reassure your customers by explaining what you’ve done to protect their security.

Here are the three main goals of security:

  • Protect your customer. Customers who don’t get robbed are much more likely to come back — and still have money in their pockets when they arrive.

  • Protect the merchant. You want to keep your site from being used to launder money or having all your products drop-shipped to a P.O. Box in some prince’s name in some far away land.

  • Protect yourself. If you’re a web designer creating m-commerce sites for clients, you don’t want an angry customer coming after you with a lawsuit because someone hacked the system you designed.

If you’re a designer and don’t take security seriously, you could face legal ramifications. If credit card numbers and personal identities are stolen, expensive lawsuits could result. Depending on the kinds of contracts you develop with clients, you may be liable. Consult an attorney for the best way to protect your business and consider investing in a business insurance policy that covers online commerce.

The standard technology to protect transactions is Secure Sockets Layer (SSL). All the information sent between a computer or mobile phone and the payment site is encrypted. Options range from 128- to 256-bit encryption, but 128-bit is more than enough for most businesses.

Banks and brokerage houses that transfer billions of dollars around the world use 256-bit security, but they pay a high price for that level of security, as well as the bandwidth and computing power that go along with a site built to securely manage such high-end services.

Think of mobile security this way: You don’t need to hire a helicopter gunship to hover over your business to fend off robbers, but an alarm system and a good insurance policy are well worth the expense. Be safe but not so paranoid that you blow all your potential profits on security.

To set up a secure website, you also need to get a Secure Sockets Layer (SSL) certificate to provide protection when you transfer vulnerable data, such as credit card numbers, online. SSL certificate prices vary depending on where you purchase the certificate and whether you complete the setup task yourself or use a service that handles it for you.


Many web hosting services offer SSL certificates as add-ons to their regular hosting fees; others make it possible for you to set up your own SSL, which can be purchased from a number of different sources, including VeriSign, as shown. One advantage of using an all-inclusive e-commerce service, such as Google Checkout or the Yahoo! Store services, is that they take care of the SSL certificate for you.