|
Lets say you happen to be running an on line store and your products are blue widgets. Your particular brand of blue widgets happen to come in a box and are something your customers will hold in their hands.
It is common sense to picture the delivery scenario for such a product; You, as the merchant, receive notification that an order has been submitted and the credit card transaction has been approved. You go to your stockroom of blue widgets, select a shinny one from the shelf, place it in the proper sized box, add some foam peanuts for protection, tape the box closed, print out and attach the delivery label, notify UPS or FedEx that you have something to ship, the shipper show up to retrieve the package, and finally a day or two later the package is delivered to your customer.
It is a process that existed long before there was anything referred to as the Internet. However it was not long after the introduction of that same World Wide Web that a new category of marketable good came to be, that being digital. Anything that can be recorded to some form of media, CD, DVD, hard disk, etc, and which can be retrieved for use on an individual's computer or other form of player may be referred to as a digital good. Software would be a clear example of a digital good, videos, mp3's, images, and e-books are also products that a person might market and fit into this category.
Digital goods offer the advantage, from a merchants perspective, of being able to reproduce them an infinite number of times for each new sale. And while a digital good may be "burned" to a CD or DVD for delivery by the traditional process, the question has to be asked why go through all of that effort? Just as the order can be placed over the Internet, a digital product can be delivered that way as well.
Not only is it much less expensive to deliver products electronically in terms of time and money, it is also something customers have come to expect. It is one of the drivers for the "get it now" society in which we live. It also can be something that has a significant impact on the number of initial and repeat sales for an Internet merchant. If a potential customer knows she or he can have the product delivered immediately the impulse to buy becomes stronger. And if the customer happened to enjoy the product she or he might even be back to purchase another within days or hours rather than weeks or months.
There are a handful of complex tasks which need to occur in order for the electronic delivery of a digital good to take place. Fortunately those tasks are usually performed by software that a merchant has installed on his or her web site. The merchant is left with the tasks of selecting software to do the job and configuring it to work with a payment processor capable of the transaction.
The payment processor Paypal uses the term Instant Payment Notification, IPN, and things work in similar fashion with most other Internet enabled credit card processors. The customer goes through the store checkout by entering their payment information. That information is run through a series of checks and is either approved or disapproved by the processor. The processor then sends a response back to merchant web site. If the transaction was approved, the customer is presented with the ability to immediately download the product usually with a link on the actual merchants web site and followed up with a receipt of the transaction through email. If the transaction was not approved, the customer is notified of the decline also with a web page display.
As far as the customers interaction with the payment processor, this generally comes in two flavors. The first is referred to as a "Hosted" solution. With a hosted solution the payment processor "hosts" the entry form for the transaction. This means the customer is transferred to the payment processor's web site once she or he clicks the checkout button. An example of this would be a customer who clicks the pay button and finds herself at the Paypal login page. She logs in to her Paypal account and enters any additional required information for the transaction. At the conclusion of the transaction she is either automatically or by manually clicking a button or link is transferred back to the store web site to pick up the product.
The advantages of a hosted solution are; All required forms and pages are maintained by the processor and the merchant is relieved of that responsibility. Secondly the merchant is not required to install an SSL certificate on his or her web site, thereby avoiding those costs.
The disadvantages are; the transaction lacks a professional appearance as the customer must interact with a third party directly. As well as there is always the potential that something can interrupt the flow as the customer travels between web sites. This is particularly true of the return trip from the processor to the merchant site, which can result in disgruntled customers who have a difficult time picking up their download information.
The second form of transaction involves the customer never leaving the merchant site, what I will refer to as non-hosted. All information forms are located at the merchant site and the communication with the processor is invisible to the customer as it happens behind the scenes. In this particular situation it is vital the merchant have an SSL certificate installed on the merchant's web site. An SSL certificate facilitates the transmission of encrypted data between the merchant site and the payment processor. Information transferred in this manner cannot not be intercepted and read by a third party for which it is not intended.
As you might imagine the advantages and disadvantages of this type of configuration are mostly a mirror of the hosted solution. The merchant site appears more professional and because the user never leaves the site, there are no navigation issues. However the merchant is responsible for the SSL certificate fees as well as having it configured and installed.
Both methods have their pluses and minuses, and the decision as to which method to use can fall on the capabilities of the payment processor, however most support both. The non-hosted method is generally considered to be the preferred method mostly due to its professional appearance. It is not unusual for a merchant to start out using the hosted method because it is less costly and once she or he becomes more established switch over to the non-hosted method.
Previously mentioned was the fact that digital goods generally have no constraints on the number of times an item can be replicated. This is a good thing for the merchant because there is no such thing as inventory to worry about. However it also creates a concern that products may fall into the hands of those who may have not paid for them. These issues will always exist in one form or another, but there are a few common solutions to help reduce the risks within current technology.
One method is the implementation of Digital Rights Management, DRM. This is a topic that can get rather involved so I will try to explain it in a nutshell. With DRM the actual digital product cannot be executed on a users computer unless it has access to a certificate or code. The certificate or code is accessed through a connection over the Internet and is usually only valid for the specific computer and user under which it was initially registered. This discourages an individual from sharing the digital product with another because it is virtually worthless to do so.
DRM is normally used with products such as down loadable movies and the like. Some of the major software companies have also in recent years started using DRM type methods to protect their products. In general DRM can be an expensive solution that may be out of reach and not currently practical for most small e-commerce business owners. However I do mention it here because I believe it is a technology that will evolve to the point where it is more readily available at reasonable costs.
The other more common implementation of security for digital goods are technique rather than systems such as DRM. The first of these techniques is to cloak the the download link of the product. This is accomplished by creating a virtual link that is created at run time, and presented to the user rather than the actual physical link. This is effective because it does not reveal the location of the "vault" to the customer and therefore an unethical user does not have the ability to go lurking in places where they do not belong. It also removes the need to password protect the directory containing the digital goods which produces a more user friendly experience for the customer.
Security minded merchants will commonly place the directory containing the digital goods on the server but outside the structure of the publicly accessible web site. This prevents anyone from stumbling upon the directory through their browser as the web server is unable to display the directory under normal viewing conditions.
It is also wise that on line merchants place limits on the downloads of their digital goods. This normally takes the form of limiting the number of download attempts as well as the length of time the download link will be available. It is practical to provide a customer multiple opportunities to download a product for which she or he has paid because things do happen, connections are dropped and the power some times goes out. However is it reasonable and expected to place limits in order that the links no be shared with others who have not paid for the product. Some even take this a step further and record the IP address of the initial download request. Any subsequent attempt to download the product will fail if it is not being performed from the IP address on record.
If one where to attempt to implement any of the items I have mentioned in this article by writing the software from scratch, it would be a major project for even a team of seasoned developers. Fortunately for most merchants those wheels have already been invented. Excellent shopping cart applications both commercial and open source are readily available. osCommerce and Zen Cart are two of the open source options available. Both of these systems are popular and well supported through their respective communities. With the exception of DRM, both products fully support all of the methods and techniques that have been mentioned here. I would certainly recommend either as a place to initiate a search for an e-commerce solution.
Here's to your successful enterprise, thank you for stopping by.
|