Top 6 Shopping Cart Security Tips

1. Have a secure certificate – and keep it up to date

A secure certificate ensures that hackers can’t spy on the traffic – such as credit card numbers – traveling between your customers web browsers and your web servers. You can tell if you have a secure certificate if the page where you enter your credit card number has an address starting with https:// instead of http://. If you don’t, and you want one, talk to your web host.
Secure certificates will also expire, normally after 12 months, so make sure you renew it regularly.

2. Keep your customers data secure

Ensure that your shopping cart software encrypts your customers credit card numbers automatically – or doesn’t store it at all. When searching for a customer by an email address or invoice number, you should be able to see that they paid with a credit card, but you should not be able to see the complete credit card number. In most cases, only the last four numbers of the credit card number will be shown.

3. Choose a good password

When choosing your password to let you control your shop, be sure to use a combination of both numbers and letters. Avoid using words and numbers that are easy to figure out. For instance, your only child's first name and year of birth is easy information to figure out. Any word found in a dictionary is also easy – there are hacker programs that will automatically try all dictionary words. Something like d901ks237 is better than julie1987. You should also require your customers to use a combination of letters and numbers when setting up their passwords. Passwords should be at least eight characters long, and changed frequently.

4. Don’t leave a paper trail

If you print out order forms, make sure that they do not contain any of your customers identifying billing information. Set up a system for tracking sales that does not include such information, and destroy the printed order forms and order logs.

5. Be careful of employees

If you have employees, restrict access to customers billing information if possible. However, if they must have access to perform their jobs, you need to ensure that they are not sharing your customer’s information with anyone. Don’t forget to close their accounts if an employee leaves. If you must provide access to a third party, such as a programmer, make sure that you go in and change the password as soon as the job is completed.

6. Stay up to date

For greater shopping cart security, make sure that you are using the most up-to-date version of your shopping cart software. Check the developers site on a regular basis for information about updates, known bugs, and security issues. You will also need to make sure the server your website and shopping cart are hosted on is up-to-date. Ask your webhost how often they update both the servers and their operating systems, and keep an eye on the hosts site for information about bugs and security issues as well. Also make sure your PC is up to date – you’ll need a firewall, and to apply all the latest patches. Most operating systems (including Windows XP) have a function to do this automatically.

You should also verify that your host is using a firewall to protect sensitive information, and that a log is kept of all visitors to your website - even if they do not buy anything. These files are not to be used to capture personal data about your visitors. The main information you are interested in is their IP number, which will be needed in case your site is hacked.

Talk with your webhost, shopping cart host, merchant account service provider, and anyone else involved with the set up of your ecommerce website. Work with them to ensure that you can guarantee your customers the greatest amount of privacy and security possible.


P.S.: And the bonus tip. If you need safe shopping cart migration to another eCommerce platform simply use Cart2Cart. All the data transfer processes are performed on Amazon EC2 servers with use of SSL connection. So, your data security is guaranteed. To get your free demo migration simply register an account and get 100% safe and accurate migration.