Posts by:
It has been a little while since our last posting, but we have been very busy over the last few months. We’ve had several new members join our growing team, and we’ve expanded our office. This has been driven by growing sales and several new major customers.
Here at Aspidistra, since 1998, we’ve created hundreds of B2B ecommerce websites, all integrated with a full accounts package, many with B2C as well as B2B. Often customers pick our brains, and we will willingly oblige.
The Aspidistra office may be caught in the middle of a heatwave, but there are only five more pay days to Christmas, and that means we are more than half way through 2014 and the UK’s “Year of Code“. You may have heard of it back in February when the director of Year of Code appeared on Newsnight and admitted she couldn’t actually write code herself and then upset some people (me) by saying it only takes a single day to train a programming teacher. Not the best piece of PR, but that doesn’t necessarily make Year of Code a bad idea. The aim is to encourage everyone to learn “to code” and eventually make “coding” part of the curriculum at school. So what does that actually mean? It means we want our kids to make software.
SagePay Version 3 gives us the facility to use ‘Low Profile Payment Pages’. These are embedded in an IFrame in the checkout so you appear never leave the site when you enter your Credit Card details. In reality you do and the transaction is just as secure as going to SagePay’s normal payment pages. The great thing is that you can upload a template to ensure these pages exactly match the rest of your site. However, you need to convince your customers the site is secure. When you go to the normal SagePay pages you get the comforting Padlock and green address bar; with Low Profile even though it is just as secure the customer sees the status of the surrounding page on your site. So unless you secure it there is not padlock and this might put off a customer. We can supply you with the certificate to put back the padlock and if you want the green we can supply an EV certificate instead.
Now we have implemented SagePay Version 3, our Shopfront clients have the facilities to surcharge their customers when using debit and/or credit cards – but should they? I suspect like you, I find it annoying when there is a surcharge or ‘booking’ fee when using a credit card for flights or tickets and only pay it because they all charge the extra. If I knew I was going to be surcharged for buying a T-shirt I would look for another site and if I was surcharged without knowing, I would never come back!
We have just finished integrating our product to SagePay version 3 which brings with it ‘Tokens’ which in layman’s terms means we can now offer ‘Remember My Card Details’ as a feature. It is secure because SagePay remembers the card not us. How much validation then should be applied when someone wants to reuse a card? We are going to want them to log in so to protect the ‘token’ but are we going to want them to enter their security number again? Do we want 3d Secure validation by the bank to be triggered?
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, usernames and passwords.
Who found the Heartbleed Bug?
If growing your ecommerce site was simple then everyone would be setting up a Shopfront powered ecommerce site, sitting back, and watching the sales flood in. Growing any business takes time and effort, with a degree of trial and error.
Aspidistra’s ecommerce solution, Shopfront, provides seamless integration into Sage, and the latest mobile add-on simply extends this in a phone friendly format. We’ve been asked by several customers if we can create an iPhone or Android application. As a software company we have the skill and experience to do this, buy why would we want to reinvent the wheel?
I’ve recently taken delivery of a new company car and the inboard electronics seemed to suggest I could connect up my mobile phone using Bluetooth.