- Author By Rick Wilson |
- Posted on
This is Part 3 of a 4 Part blog series by Rick Wilson, President of Miva Merchant. Check back weekly for more insight on How to Start Selling Online!
Now that you know you want to sell online and what you are going to sell online, the next thing that you really need to dig into is finding the right ecommerce platform for you.
All too often, I talk to merchants who either personally made a bad choice for their ecommerce platform (for example, picking the first one they encountered or heard about), or they hired a web developer who chose something on their behalf that wasn’t quite right, or they never finished the project and the business owner was left with a half-built solution that doesn’t work and they’re out a lot of time and money.
I can’t stress enough how important it is to do your due diligence, researching platforms at the beginning, before you wake up one day and you’re stuck and the future success or failure of your business is being determined by your ecommerce software.
Today, I’m going to dig into 3 Key Areas to examine when looking for the right fit:
- Reliability and Security
- Flexibility and Support
- Licensing Models and Pricing
Reliability and Security
Reliability and Security are things most businesspeople would like to just take for granted. Well, the first takeaway from today is simple DON’T!
If you assume that just because a company offers a product that sounds good, that reliability and security are a given, there’s a very high chance you’re going to be let down, and more importantly, it can and will hurt your business and cause you to lose money.
Virtually everyone offers a 99.9% Uptime Guarantee. The problem with this is that these guarantees are meaningless. Let’s explore why:
- 99.9% allows for almost 9 Hours per year of downtime (8.76 to be exact)
- 9 hours of downtime is a lot more than more people expect when they see 99.9%
- You normally have to request in writing that the Guarantee be triggered
- Your compensation will generally be limited to a maximum of one month’s free service
It’s not an inherently bad thing that companies limit their exposure to some free service and choose a guarantee percentage that sounds great while it’s simultaneously pretty easy to achieve. We do the exact same thing here at Miva. At the price points involved in SMB Ecommerce, it’s just not financially feasible to offer a more significant guarantee.
However, with that said, that doesn’t preclude us from attempting to greatly exceed our goal. We strive for 100% uptime, and for the vast majority of our customers, we hit somewhere between 99.99% and 99.999% uptime.
Another big “gotcha” is that server uptime isn’t the only measure of reliability, and often isn’t the most meaningful measure. If your server is up but your page load speed is 30 seconds per page, you’re most likely not running afoul of anyone’s guarantee, but you’re site certainly isn’t functional from a customer’s perspective. In that same vein, if your shipping calculations are timing out or payment isn’t working smoothly, having servers that show your webpage is hardly a comfort.
The key takeaway here is to look for a company and platform that has a reputation for keeping your business up and operational, not just to the letter of the guarantee, but to the spirit of the guarantee.1 , 2
When it comes to security, the first thing to realize is that security is more than just PCI Compliance.
PCI-DSS and PA-DSS are the two standards around credit card security for the ecommerce world. The rules are created and enforced by the PCI Security Council, which is an industry trade organization created by Visa, MasterCard, etc.
“PCI,” as it’s generally referred to in the ecommerce world, can at times seem silly and pointless, but the truth is that at the heart of the PCI standard there is a systematic approach to protecting Credit Card data from being compromised en masse.
The first thing you want to make sure of is that your ecommerce platform is either being offered by a PCI Certified Service Provider (be wary of anyone who’s Level 2 or “Self Certified”, it’s just not the same thing), or you’re using a PA-DSS Validated Payment Application (like Miva Merchant). You can check the PCI Security Council website for an up-to-date listing of Certified Service Providers and Validated Applications.
However, you’ll want to go a little bit farther than just making sure your tools are compliant. For example, right now there’s a popular trend, by Payment Gateway companies, to offer Hosted Checkout options. Generally speaking, these Hosted Checkout options (PayFlow Link, Authorize.net’s SIM, etc…) take your ecommerce site “out of scope” for PCI, and therefore, there’s a tendency for many merchants to want to choose an option of this sort and just absolve themselves of having to think about PCI.
There are a few problems with this approach. First and foremost, it’s still possible for someone to gain access to your underlying HTML and put themselves in between your site and the iFrame for payment and scrape card numbers. If this happens and your business gets a reputation for having an insecure website, even if you didn’t technically violate PCI, your business reputation could be destroyed.
In addition to reputational risk, it’s highly likely that the PCI Security Council will address this issue in an upcoming version of the specification, then this “loophole” will no longer be available and you’ll be right back where you started, needing to worry about your PCI issues again.
At the end of the day, it’s important to take a comprehensive look at how you handle security in your business, and make sure you treat the responsibility that comes with having people’s personally identifiable information and personal credit information with the care and respect it deserves. That process begins with choosing an ecommerce platform that takes that same responsibility just as seriously.
The best way to tell how an ecommerce platform thinks about security is to look at their online documentation and talk to their support reps. Does their documentation point to loopholes or give you incorrect instructions about how to “pass a PCI Scan” instead of focusing on how to actually build and maintain a secure online business? If so, then that should be your first clue to pass on that platform and find someone who takes security as seriously as you do.
Flexibility and Support
Once you’ve found a platform that you trust, and you’re confident in both their reliability and their security, the next thing to examine is how flexible the platform is (both from a design perspective, as well as a business rules perspective), and what kind of support they offer to you, the business owner?
How can you tell if the underlying architecture will allow you to keep your look and feel in line with current trends in design and technology?
A great ecommerce platform starts with a great content management system. A great content management system should allow you to maintain the look and feel (HTML and CSS) of a very large online store (literally millions of SKU’s), with minimal design effort, by being able to manage them in bulk through a high-powered CMS.
For example, if you want to add code to your global footer so that it shows up on every single page in your store, you shouldn’t need to update hundreds or thousands of individual pages, nor should you have to wait for them to release an update to their software to give you that support. You should simply be able to make a change and apply it globally throughout your entire store.
Another great example is the rise of Mobile, Tablets and Responsive Web Design. As the technology landscape evolves, and new devices, screen types, and interaction methods appear, it’s vital that you be able to upgrade your existing look and feel to take advantage of the changing trends in web design. If your current platform doesn’t have a way for you to update your look and feel to a Responsive Web Design (from a technological perspective), then you have a problem.
In addition to flexibility, when it comes to design, how you operate your business is equally if not more important.
In the current age of easy-to-use consumer services and mobile apps, many business software companies have rushed to dumb-down their application, so that virtually anyone could use it. Don’t get me wrong, I like excellent UI and well thought-out products as much as anyone (thank you Jonathan Ive), but even Apple doesn’t try to oversimplify their business class software products.
While it’s true that virtually anyone can pick up an iPhone and just start using it, the same cannot be said for Aperture or Final Cut Pro, and I’m sure that professional photographers and videographers around the world are grateful for that complexity.
It’s vitally important that your ecommerce store software can be customized to work around your business needs, and not require you to change how you do business to work around its shortcomings.
Businesses are like snowflakes, no two are exactly alike. You need to make sure that you’ve thought through key things like:
How do you want your customers to pay you?
- Will you accept Credit Cards?
- Purchase Orders?
- Alternative Payments like PayPal?
- All of the above?
- Does your payment process need to connect to an ERP?
How are you going to ship your items?
- Are you selling digital downloads?
- How are you going to manage DRM and Download Rights?
- Are you shipping physical goods?
- Will you ship worldwide or just domestically?
- Are you going to use a fulfillment center?
- Do you have multiple warehouses?
- Are you going to calculate shipping costs or include it in your base price?
What are your sales tax responsibilities?
- Do you need to connect to an advanced sales tax tool like Avalara?
How is your inventory going to be managed?
All of these questions and many more (a lot of which you won’t think of until it’s “too late”) are going to impact how you choose to run your online business, and the results of these decisions can have a huge impact on your online success or failure (if you don’t believe me, go shop for a TV at Amazon.com, and then at BestBuy.com, and tell me which one has a better experience. If you don’t choose Amazon, I’ll be shocked. It’s a key reason why Amazon is the undisputed leader in ecommerce, because they understand the multiplying consequences of all of these critical decisions, and to date, BestBuy has not had the same epiphany, or at least has not been able to truly execute on it).
Make sure you pick an ecommerce application that has built business flexibility into its DNA. If you find, that right from the beginning, you have to make significant trade-offs just to make it work “their way,” then you should begin looking for a new platform that fits your business needs more appropriately.
Customer Service by your platform provider can be a critical factor in your success (or failure).
Have you ever noticed, every company claims they have Nordstrom-level customer service, but most customer service experiences aren’t the same as what you receive at Nordstrom’s?
I think, with a little diligence, you can quickly find out what kind of support you’re going to get from a company. Does the leadership of the company seem involved with their product and community? Is there evidence that the company “eats their own dog food” by both using their product and directly helping customers use their product?
At a bare minimum, you should look for these key markers:
- 24/7/365 (366 on Leap Years) Phone and Email Support
- Do they have publicly available and vibrantly active Community Forums?
- What do the real customers on those Forums think about the product (remember if you choose this platform, you’re going to be one of them soon)?
- Support should be owned and operated by the company itself, and not outsourced,
- They should offer both technical support (my shopping cart isn’t working, how do I fix it?), as well as customer support (I need to be able to accept payments from international customers. What do you think I should do?).
Licensing Models and Pricing
The last key feature to work through on your ecommerce platform due diligence list is Licensing Models and Pricing Models. What exactly do I mean by this?
Generally speaking, you have 3 options in the world of ecommerce:
- Licensed Software that you purchase, install and operate on your own servers or hosting
- Open Source Software that’s “free” installed and operating on your own servers or hosting
- SaaS (Software-as-a-Service), where you sign up for a software package that’s already hosted for you, and you simply configure and operate it via a web browser
Each of these models has its own advantages and disadvantages, and it’s important to understand the differences so you can choose what’s right for your business.
Licensed Software and Open Source Software both require you to be in charge of hosting and maintaining the software on your own. There are some hosting companies that will attempt to do some or all of this for you, but ultimately, it’s simply not possible to maintain this type of software with the same ease that you can maintain a SaaS solution.
This can be a good thing or a bad thing, depending on your perspective. Does your company like to host everything on your own servers and never use an external hosting company? If that statement fits you, then you absolutely need to choose either Licensed or Open Source Software.
However, if that statement couldn’t be further from the truth in your case, then you need to choose a SaaS solution.
The next big question, when it comes to platform choice, is how do they manage your upgrades and updates?
If you can’t update or upgrade, then for all intents and purposes, you are stuck on that version of that platform. If a security update or key feature come out that you must have, you’ll need to go to extraordinary lengths to make it work.
Licensed and Open Source Software generally require you to download and manually install any upgrades or patches. This can be a huge issue, especially with Open Source Software. The key thing to remember here is that if you (or your developer) start modifying the Source Code of your Open Source Software package, there is a VERY high likelihood that when the next update or upgrade comes out, you simply will not be able to install it (without undoing all of your modifications). If you can’t update or upgrade, then for all intents and purposes, you are stuck on that version of that platform. If a security update or key feature come out that you must have, you’ll need to go to extraordinary lengths to make it work.
The last thing to consider, when it comes to Licensed and Open Source Software (especially Open Source Software), is how are you going to get support for your site. This may seem like an easy question to gloss over, and just assume you’ll get it from the company that provided the product. That’s not a safe assumption when you’re hosting it yourself. Many of the issues that arise when operating an ecommerce site online are a mix of server configuration, underlying technology, and third party systems.
For example, if you can’t accept payment because you’re unable to connect to Authorize.net, who do you contact when you host it yourself – Authorize.net, your platform provider, or your host? It all depends on what’s causing the problem, and having 3 or more providers that you need to involve to figure it out can cost you lots and lots of time, and therefore, money. A harsh but very real example is when Bonobos had a multi-day problem, starting around Black Friday 2011. It took days to unravel, and ultimately it was determined to be a confluence of events between their platform provider, hosting environment, and their payment gateway.
When it comes to Upgrades and Updates on a SaaS solution, it’s not automatically a good thing for your business, just because the platform handles your upgrade process. The key things to understand about Upgrades/Updates on a SaaS platform are whether you have control over the timing of the updates, and more importantly, whether there is any chance that it will break your store. You need to understand these items and have a plan to mitigate any associated risks.
Price is generally the first thing everyone looks at (including me), but ironically, it shouldn’t be deeply examined until you have your list of possible platforms culled to a short list of 2 or 3 choices (except to make sure that you can afford everything on your list, of course).
Pricing has three distinctly unique costs:
- Day-to-day operating costs
- Price of the platform itself
All to often, people only look at the price of the platform itself, and completely forget about the other two cost centers, when the other two costs usually exceed the cost of the platform by many orders of magnitude.
Development and deployment costs are often very hard to figure out until it’s far too late. Assuming you’re going to use an outside company to assist you in getting your site built, most companies don’t (and really can’t) offer truly flat bid pricing (even though they try, and make it seem like they do in some cases). Make sure you talk to some people who have launched and deployed with that platform, and gauge how many hours it really took to get live, what issues there were, etc.
This is one of the key places where “free” Open Source Software for ecommerce really fails the test. The license to the software may be free, but if development time is 5 to 10x longer on an hourly basis, it’s usually going to be far more expensive to use the “free” solution versus a well designed and maintained corporately backed platform.
Once you understand what it’s going to truly cost for you to get a site built and deployed (and don’t forget, your personal hours cost money too), then the next thing to make sure you calculate is what it’s going to cost you to operate and maintain on a day-to-day basis. Things you need to make sure to include in your thinking when it comes to this:
- Ease of maintaining and managing the catalog (products, prices, etc.)
- Do you need a professional developer just to add a product or category?
- Are the Order Management features designed to save you time and get your work done?
- Is it going to cost you when you need to upgrade or update the software (don’t forget developer time, if you’ve customized an Open Source product)?
All of these things take hours, and hours cost you real money.
Finally, once you’ve figured out how much it’s going to cost you to build, deploy and operate your new site, then add on top of that the cost of the platform itself (make sure you include the per transaction fees, if your platform charges them), and then you can calculate a true Total Cost of Ownership.
If you’re still with me, thanks for making it to the end of what’s likely the longest Blog post I’ve ever written. And to recap, here are the key takeaways:
- Understand the true Reliability of your platform of choice (and remember that if you’re store is down, your business is down).
- Security is more than just PCI Compliance. Choose a platform that takes security seriously and demonstrates that with their actions and architecture.
- Don’t paint yourself into a corner with a product that can’t keep up with the constantly evolving technology in the world of web development (think Responsive Web Design).
- Make sure your platform can handle the very unique features of your business. and don’t settle for something that doesn’t fit.
- Choose a platform that is well known for support, and has a reputation for “eating it’s own dog food.”
- When it comes to price, only looking at the cost of the platform is a huge mistake. If you don’t understand your true and total cost of ownership, you’re setting yourself up to make an uninformed (and likely bad) decision.
Obviously I’m a little biased, but I think you’ll find Miva Merchant is a truly great ecommerce platform. Check out this page for more info.
1 Press Articles about downtime from SMB Ecommerce Platforms:
2 User Generated Shopping Cart Reviews on Miva Merchant: