axis vMerchant eCommerce White Papers

1. Successful Retail eCommerce

Selling on a Retail or Retail-Style Web Site is different from a B2B trade web site; your customers may not know you other than from your site, it is much easier for customers to switch to competitors and, with possibly less customer loyalty, it is more important to keep yourself in your customer's mind as the first stop for your products.

If you are making the switch from B2B to B2C then the following areas are worthy of additional consideration:

1. Customer Service

B2C is typically more intensive from a Customer Service point of view - you get more instances of customers ordering the wrong goods or not knowing what to order. Can your infrastructure handle this?

2. Logistics

B2C is normally characterised by a larger number of smaller deliveries. Do you have the logistics in place to handle the increased load on order picking and despatch?

3. Identify your "Sales Pitch"

Selling in a retail web environment is highly competitive; you need to be clear from the outset what your offering is and gear your brand and your marketing around that - are you, for example, selling on price, expertise, availability, breadth of range or on your "green credentials"? In short, you need to be able to answer for yourself the question "why would a customer buy from me rather than a competitor?"

4. Don't underestimate Usability

Usability is the art of making sure that your customers can find their way around the web site easily, find the products that they want easily and be helped on their way through the buying process.

Remember - on the Internet, your customer is only two clicks from a competitor; anything that frustrates or annoys a shopper will simply encourage them to close your site and open a competitors.

Sites that have paid attention to usability will generally have a better visitor-to-order conversion ratio.

For more information, see the whitepaper An Introduction to Web Site Usability.

5. Look at Cost Effective Web Marketing

Search Engine Optimisation is a slow and expensive business to do properly. For better short term results (instead of, or in parallel to) you should look at paid-for advertising, typically PPC (Pay Per Click).

For more information, see the whitepaper An Introduction to Search Engine Optimisation.

6. Keep Marketing to Existing Customers

Your best customers are those that already know about your site. Make sure you stay in their minds as the best supplier of the products that you offer. Look at regular email campaigns, at a frequency that is often enough that it achieves that goal but not too frequently that your customers become annoyed and unsubscribe.

For goods that are an occasional purchase, e.g. luxury electronic goods such as large screen TVs, email frequencies of about once a month seem to be about right.

For goods that are a regular purchase, e.g. consumable items such as inkjet cartridges or blank DVDs, a frequency of at most once a week may be more appropriate.

7. Use Appropriate Special Offers

In order to use email marketing effectively, you must be sending out enticing offers - the purpose of the regular emails is to persuade existing customers to come back to your site and only very keen offers will achieve that. For example, selling off Christmas decorations at bargain basement prices in January will not drive lots of traffic to your site whereas a special offer on Christmas decorations in October or November will do it.

To use the supermarket analogy, your special offers should be loss-leaders, like the 5p tin of baked beans - the supermarkets are selling the beans at a loss, just to increase the visitors to their store.

8. Take every opportunity to "up sell"

Your web site is also your sales assistant so it needs to be able to tempt the shopper with additional items. This can be via linked selling ("you may also be interested in...") or by increasing the quantity of items purchased. This can be achieved by creative use of delivery charges ("free delivery over £100" for example, can encourage people whose purchase is perhaps £80 or £90 to add a little extra to their basket) or by quantity pricing (for example £4.99 for one or £4.49 each for quantities over 5).

9. Take Security Seriously and Highlight to Your Customers

As mentioned above, anything that makes customers feel uneasy will send them off to a competitors web site very quickly. At the Checkout stage, this is particularly true where Security is concerned. When asking customers to provide their credit card details, do everything you can to reassure them that their details are safe. In short, don't just take adequate security measures, be seen to be taking adequate security measure.

10. Monitor and React to Your Site Metrics

"Site metrics" are that statistics showing how people move around your site, what they look at and what they look for.

For example, one of the most elementary uses of Site Metrics is to identify the searches that people do that do not find any matches. This is either because they are searching for products that you don't have or they are failing to find the products that you do have because they are searching using keywords you have never thought have.

In the case of the former, this might mean you are paying more than you need for pay-per-click advertising because people do not realise early enough what your site is about or it might mean you want to look at extending the range of products that you sell.

In the case of the latter, you might want to take the opportunity to look at the descriptions or keywords associated with your key products to ensure that when they are found.

11. Keep the Site Fresh

Make sure your chosen eCommerce solution has a simple way to keep advertising banners on your site updated to match your latest email marketing campaign and, if relevant, a content management system to keep News Stories or Forthcoming Events up-to-date.

There is nothing worse than visiting a site and seeing that the most recent News Story is two years old, or that it is advertising a Spring Special Offer when it is October! Not only does this not look professional, it will put some people off shopping from your site if it looks as if there may not be a real, active company behind the site - again, anything that can worry customers, or give them doubts about how safe their credit card details will be will send them off to a competitors site very quickly.

12. Use Voucher Code Promotions to Monitor Marketing Activity

Voucher Codes are a method of publicising a code that shoppers enter at the checkout that will give them a discount.

By careful use of Voucher Codes, you are able to research and monitor the effectiveness of various promotional activities. For example, you could advertise a specific Voucher Code in a specific newspaper ad; by looking at the volume and value of orders received using that Voucher Code you can monitor just how effective that specific newspaper ad was.

13. Take the Opportunity to Sell What You Want, Not What The Customer Wants

Imagine, for example, that you sell pens and that you stock twenty different varieties of red pen.

When a customer calls you on the phone and asks for a Red Pen, you have the option of deciding which red pen to offer them. When a customer visits your site, you do not have that opportunity.

Make sure that when a visitor searches on your web site for "red pen", that the red pen that you want to sell is the one that comes up first in the list; this might be the pen that you make the most margin on, the one that you keep in stock or the one that you know you are most competitive on (and therefore have the greatest probability of selling). Make sure that the eCommerce solution you choose can offer this flexibility.

14. Keep your Pricing Policy Simple & Easy To Understand

One of the greatest annoyances for retail shoppers is finding that the price they are asked to pay at the checkout is more than they were expecting; this is a major cause of people abandoning their shopping basket at the last moment. Typically, they will feel cheated and will go to another site.

There are two main causes of this frustration - an unclear delivery charge mechanism and showing prices exclusive of VAT without making that clear.

It is often wise to accept that you will lose on some delivery charges on the basis that you can keep your structure simple to understand - for example "up to £100, delivery is £5.95, over £100 free".

You might ensure that you cover all of the possibilities of different sizes, weights, etc. by having thirty different delivery charges and having the web site automatically calculate the correct one to use but your customers need to be very clear on what you will charge before they add items to their basket.

 

2. An Introduction to Search Engine Marketing

Search Engine Marketing chiefly falls into three categories:

Pay-Per-Click or Sponsored Keyword Advertising

If you search for something in Google, for example, you will typically see a column on the right-hand side headed "Sponsored Links".

These sites appear because they have agreed to pay for the privilege of being listed. How high up the list they are shown is a combination of two factors - how much they have agreed to pay and how often they get clicked on. In other words, you cannot simply buy yourself to the top of the list.

The cost (currently, although this may change) is based on a "pay per click" model; every time a visitor sees your sponsored link on the search results and clicks on it, you incur a charge, regardless of whether they then go on to spend £1000 in an order with you or take one look at your landing page and decide it's not for them and go elsewhere.

The cost will largely depend on how popular the keyword combination in question is - in other words, it works very much like an auction and if lots of companies are bidding high values to get listed then you will have to as well. Generally, the more obscure the keyword or keyword combination, the less competition and the cheaper it gets.

With Sponsored Keyword Advertising, you do not have to worry about the cost running away out of control; you agree a maximum budget and, when that budget starts expiring, the Search Engine simply stops showing your ad as frequently. You are able to say, for example, that you are willing to pay 50p per click-through but no more than £50 per month.

There are two important skills in running a successful Sponsored Link campaign; choosing the right words and writing the right message to appear underneath it.

In a recent test, we found that to sponsor the keyword "camera" would cost approximately £5 whereas to sponsor "canon eos 5d digital camera" would cost less than 50p.

The former would mean your ad would appear if someone searched for "speed cameras in kent" or "box brownie camera" whereas the latter would not.

Thus not only do you incur a lower cost per click but you also reduce the number of times your ad appears when it is not relevant, reducing wasted click-throughs.

Under your ad you have the opportunity to right a one-sentenance introduction to your site. The purpose of this is two-fold; firstly you need to entice people looking for what you have on offer to visit your site but, just as importantly, you need to discourage people who are looking for something else entirely from visiting your site.

The objective with Pay-Per-Click advertising should not just be to drive traffic to your site but to drive relevant traffic to your site, otherwise the cost per order will spiral out of control.

For example, if you are paying 50p per click and you find one in a hundred people place an order then you are looking at £50 added to the bottom line cost of sales on each order. If you discourage half of the visitors from coming to your site without discouraging the ones that will buy then you will end up with one in fifty ordering; that reduces your cost per order to £25.

Organic Search Engine Optimisation

The results that appear on the left (with the exception of the top two which are sponsored links) on a search engine's results page, such as Google, are there because the Search Engine has arbitarily decided that of all the pages on all the sites on the Internet that it has indexed, those are the most relevant.

The way in which the Search Engine determines that is a closely held secret, since the Search Engine Companies do not want third parties manipulating the results. The Internet is full of forums where the exact methods currently used (because they do change) are debated and speculated on.

This means that there are no hard and fast rules on how to get to the top of the list. It also means that, despite what some claim, no one can guarantee getting you to number one!

There are some good basic rules for designing pages and sites that make it easier for the Search Engines to understand what your pages are all about, and you should follow these rules (or make sure that your eCommerce provider has a solution which follows these rules).

Beyond that, you will find that an excessive amount of time is required to optimise specific pages for specific keywords. This may well be worthwhile in the long run but be aware that this is a slow process, taking many months.

You also need to be absolutely certain that the keywords that you are optimising your pages for are actually the keywords that people are searching on! It is no use optimising your web page for "power driver" if everyone is typing "power screwdriver" into their Search Engines.

Running with a Sponsored Keyword Campaign in the short term can be an ideal way of determining exactly which keywords are being searched on by analysing the relevant number of clicks. In the example above, you could sponsor both "power driver" and "power screwdriver" and, over a month or two, identify how many click-throughs you have seen and, just as importantly, how many orders have resulted from the two different campaigns. You are in a position to optimise your pages for the right keywords.

Finally, remember the basic purpose of your web site is to be visited by humans! It is very easy to optimise the site for the Search Engines and forget the basic rules of Web Usability. There is little point driving lots more visitors to your site if, when they get there, they give up without ordering. For more information on Usability, read the Introduction to Web Usability whitepaper.

Shopping Comparison Sites

There is an extensive number of Comparison Sites, of which Kelkoo, PriceRunner and Google Products (previously known as Froogle) are perhaps the best known.

With the exception of Google Products, all currently operate on a Pay-Per-Click basis - in other words, you pay each time someone clicks on your entry from all of the suppliers listed.

As with Sponsored Keyword advertising, the secret to success is to make sure that only those visitors that are likely to buy follow your link.

Furthermore, because there is little opportunity to expand on your offering, there is little to differentiate potential suppliers apart from price and brand awareness. Shoppers will select the supplier who seems to offer the best deal or a supplier that is already trusted.

For this reason, unless you are already a well-known brand then Shopping Comparison Sites are possibly not a good avenue if your proposition is based on anything other than best price - for example, if you are market position is one of being a specialist with extensive expertise and backup whilst not necessarily being the cheapest, you are unlikely to see much success through a Shopping Comparison Site.

If you know that your pricing is particularly keen on one small sub-section of the products you offer, consider providing just that sub-section of products to the Shopping Comparison Site.

It is also essential that the pricing shown on the Shopping Comparison Site is up to date - if a shopper clicks on your product listing because you are advertising a product at £9.99 but when they get to your site it is actually listed at £10.99 then they will be irritated and immediately switch to one of the other suppliers - but you will still have been charged for the click-through.

If you are going to use Shopping Comparison Sites it is therefore vital that you look for an eCommerce solution that can provide regular updates to your chosen sites as regularly as your pricing changes - this is typically done overnight, every night.

Summary

Use Sponsored Keyword Advertising to get immediate results and to identify the keywords that people are actually searching on in the real world. Use this information to build your organic Search Engine Optimisation but only view this as a medium to long term goal. Use Shopping Comparison Sites only if you are able to offer keen pricing and only then if you are able to the data supplied up-to-date.

Monitor the effectiveness of all of these compaigns and look at the net result - the number of orders that result from each of these sources and adjust and refnine your campaigns accordingly. For example, if you find that from one particular Shopping Comparison Site, you are only getting one order for every fifty click-throughs, but from Sponsored Keyword Advetising you are achieving one order for every twenty click-throughs then consider switching that advertising budget to sponsoring additional keywords.

3. An Introduction to Web Site Usability

Web Usability is the science of designing your web site to ensure that people are able to navigate through it easily and confidentally.

Web Usability has an important impact on your conversion rate - i.e. the ratio between the number of visitors and the number of orders. This is particularly important where you are using various paid-for advertising to drive traffic to your site, such as Sponsored Keyword Advertising. If each visitor is costing you a click-through charge then if you can double the conversion rate by applying Web Usability principles then you halve the cost of achieving the sale.

How can Usability affect Conversion Rate?

Remember that a visitor is only ever two clicks from visiting one of your competitor's web sites. Anything on your site that confuses people, worries them or simply leaves them unsure how to proceed will send them straight to one of the other sites.

So what is Web Usability?

Web Usability essentially covers two areas - firstly, the actual design of the pages themselves need to follow conventions that are familiar to the visitor and, secondly, the construction of the data behind the site needs to be such that they can easily find the products they are looking for.

Web Design

Extensive research has been done into the ways in which people's eyes track around a web page and this has led a number of the leading eCommerce web sites being designed with that in mind. As a result, there are a number of unwritten conventions appearing for the layout of an eCommerce web site - for example, the logo in the top left, phone number, help and login options in the top right, product division navigation on the left hand side, shopping basket and checkout on the right, etc.

Fortunately, this means you do not need to carry out this research yourself - by ensuring that your site follows these simple guidelines, you can make sure that your site is familiar to anyone that is used to shopping online. The basic rule here is that a first time visitor should not have to learn how to use your site to be able to buy from you.

There are also a number of visual "keys" that confirm to the visitor that this is an online shop, and they can buy products online. One is the Shopping Basket and another is the familiar string of Credit Card symbols (Visa, Mastercard, etc.). If someone has happened across your site, this will immediately confirm to them that this is somewhere they can buy the products they are looking for - but only if those visual keys are where they expect to see then.

You should make sure that your home page, and any other "landing pages", i.e. those linked to from Sponsored Keyword Adverts, should make it very clear what you do, what you sell and who you are. Make sure that the important information appears "above the fold" - in other words, when the page is viewed on a typical screen (research shows that over 90% of visitors to a site will be running a screen with a resolution of 1024x768) they should not have to scroll down to see important information.

Furthermore, you should ensure that the site guides them through the shopping procedure from start to finish, so they are never left wondering "so what do I do now?". This is especially important at the checkout stage - a large number of visitors will "bail out" at the checkout if they are unsure what is happening. They should be told what the process is going to be, and how far they are through the process.

Product Database

Web Usability also applies to how you construct the product database; remember that half of your visitors will choose to navigate by product categories to find the items they are looking for and the other half will go straight to the Search facility.

To help this, it is important that the product descriptions and any associated keywords are logical and meaningful, and that your Product Categories fit in with the way in which people will expect to browse.

For example, if you sell Computer Monitors, don't hide them away in a Category called "Other Peripherals" since those people looking for Computer Monitors are unlikely to find them there.

If the products that you sell are often from well-known manufacturers then consider offering a "Shop by Brand" option; if people are unlikely to know the brands that they are looking for, then this can only add confusion.

4. Choosing an eCommerce Solution for Retail

When evaluating possible eCommerce Solutions for a B2C (retail) web site, you should consider the following points:

5. Choosing an eCommerce Solution for Trade

When evaluating possible eCommerce solutions for a B2B (trade) web site, you should consider the following points:

6. Credit & Debit Card Processing for Beginners

Many companies that have traditionally dealt with account customers are now increasingly moving towards accepting payments by credit and debit cards. The reasons may vary but typically include;

Whatever the reasons, moving into card payment processing for the first time can involve a daunting range of new terminology.

Acquiring Bank

When you wish to begin accepting payment cards, you will sign up for an account with an Acquiring Bank, who will collect the funds on your behalf. Acquiring banks and their "brands" include, for example, Lloyds CardNet and NatWest Streamline.

Issuing Bank

The Issuing Bank is the bank that issued the credit card to your customer.

Merchant Account

When you sign up with an Acquiring Bank, your account is called a Merchant Account and you are referred to as the Merchant.

Transaction Types

When the customer is stood in front of you and physically hands over their card, this is a Customer Present or Point of Sale transaction. Since the advent of Chip and Pin, this is almost always processed through a Payment Terminal, although these are often referred to as PDQ Machines, but this is a brand name and so is akin to referring to a vacuum cleaner as a hoover.

When the customer is not stood in front of you (i.e. you do not physically see the card) then this is a Customer Not Present transaction, often abbreviated to CNP.

CNP transactions fall into two types - those originating via the Internet are called eCommerce transactions whilst all other CNP transactions are called MOTO transactions. MOTO stands for Mail Order/Telephone Order.

Payment Service Providers

It is not possible for ordinary companies to interface their IT systems to those of the Acquiring Banks. When you want your software systems to collect payment details and pass them on to your Acquiring Bank to collect the funds, you must go through an intermediary. These intermediaries are called Payment Service Providers, or PSPs.

Latest information on the PSPs supported by axis diplomat and/or axis vMerchant can be found on the Payment Service Provider PSP Interfaces module overview.

How Do PSPs Work?

As far as your Acquiring Bank is concerned, the PSP is emulating a Payment Terminal (or PDQ machine). The card details are collected by the PSP. The PSP sends the details, including transaction details, such as the total amount, to the Acquiring Bank and receives either Approved or Declined, and passes these details back to your own IT system.

Authorised and Paid Transactions

When your PSP contacts your Acquiring Bank with the details of a transaction, it can do one of two things - it can Authorise the transaction or it can collect the funds with a Payment transaction. Authorised transactions do not result in the transfer of funds, but are merely a check on the validity of the card details supplied, and that the customer has sufficient funds available. It does result in a "shadow" being placed on the available funds for the amount being authorised. For example, if a customer has £1250 of credit available and you authorise a £400 transaction then his available credit drops to £850.

When you ship the goods against an authorised transaction, your software will then contact the PSP to arrange collection of the funds at that point.

A credit limit "shadow" will last for a varying length of time, depending on the issuing bank. Typically this is around 10 days.

How Secure Is It?

In order to be allowed to communicate with the Acquiring Banks, a PSP's own systems must be incredibly secure. Once your PSP has collected the information from the shopper, or your telesales operator, the PSP will return a unique reference so that your systems do not need to know the card details, only the PSPs reference number. This eliminates the need to hold customer's card details on your own system.

SSL

When you are interacting with a secure web site, it's address will begin https:// instead of http:// and the web browser will show a padlock icon (where exactly will depend on the browser - browsers such as the later versions of Internet Explorer, Firefox and Google Chrome show the padlock in the top right corner, at the end of the address bar, earlier browsers showed it in the lower right corner).

The ability to secure a web site in this way is provided by having an SSL Certificate installed on the web server that confirms the identity of the web site owner (or publisher).

Not all SSL Certificates are the same, however - some are more secure than others. This is not a feature of the technology behind the certificate itself so much as the processes the owner had to go through in order to obtain the certificate (in other words, the application process is more rigorous for some certificates than others). Newer browsers identify the more secure SSL certificates by changing the colour of the address bar. These newer more secure certificates are known as EV SSL.

The level of certificate security that is appropriate to your business may well be governed more by the expectations of your customers than by the realities of the security of the site. In other words, your customers may begin demanding the highest level of SSL security so that they know you are who you say you are. This will be particularly true of businesses that rely on passing trade (e.g. people finding the site via search engines) rather than regular loyal customers.

3D Secure

In order to address merchants concerns over card security, two schemes have been introduced by the card issuers - one by MasterCard, called MasterCard SecureCode and one by Visa called Verified by Visa. Collectively, these are known as 3D Secure. These schemes work at the checkout pages of a web site by taking the shopper to an extra page that is supplied by their own issuing bank, which asks them for details that supposedly only the true owner could know.

From the merchant's point of view, the advantage of 3D Secure is that you can be more sure that the person placing an order is who they say they are since they have been through that additional verification process. Generally, if a transaction has been verified by 3D Secure and subsequently proves fraudulent then the issuing bank will accept liability. If a fraudulent transaction had not been verified by 3D Secure then the merchant must accept liability. Since 3D Secure only applies to eCommerce transactions, this means that web transactions can have a lower risk than MOTO transactions.

How Much Does It All Cost?

Your Acquiring Bank will have negotiated a rate with you, which will typically be a fixed fee for processing debit cards and a percentage rate for processing credit cards. The rate will be based on their assessment of the number of transactions you are likely to process (generally speaking, the more you put through, the cheaper each transaction gets), the perceived risk of your transactions and your own credit rating. Expect to pay in the region of 2.5% for processing a MOTO credit card transaction.

When you process payments via a PSP, you still pay the usual transaction charges to your Acquiring Bank but, in addition, the PSP will make a handling charge on the transaction as well. This will normally be a flat charge (typically around 10p) per transaction, regardless of whether it is a credit card or a debit card but expect a flat monthly fee if your transaction levels are low (typically around £20 per month).

 

7. Internet Terminology for Beginners

For many, contemplating a move into eCommerce for the first time can be bewildering simply because of the terminology used. The underlying basic concepts of web sites and the Internet, however, are remarkably straightforward once this terminology is understood. This document attempts to explain some of the most commonly encountered terms:

ISP

Attaching directly to the 'real' Internet requires some very expensive communications equipment and communications lines, well beyond the reach of most commercial enterprises. The connection is therefore made by a 3rd party company, called an Internet Service Provider, or ISP. When you connect to the Internet, you are in reality connecting to the ISP's network, which then transparently routes you through to the Internet using their communications equipment.

Web Server

When you request a web page from a web site on the Internet, that page is delivered to you by the web server; in essence, the web server is the computer that is attached to the Internet that contains your web pages and sends them over the Internet to anyone that requests them.

In the same way that connecting your own computer or network directly to the Internet is impractical, so is hosting your own web site on your own network. A web server needs to be accessible 24 hours a day and to have a high-speed reliable connection to the Internet. For these reasons, web servers are normally hosted by an ISP at their own premises.

Note that the ISP that provides a web server to host your web site does not necessarily need to be the ISP that provides the Internet connection to you or your company.

Broadband

Broadband is the generic term for a range of technologies that provide relatively high-speed connections to ISPs.

ADSL

ADSL is a specific type of Broadband technology that uses high-frequency data signals "piggy-backed" onto a normal analogue telephone line. The 'A' in ADSL stands for Asymmetric, which means that the download speed is different from the upload speed. In practice, this means that you receive data from the Internet at a much higher speed that you send it. For web browsing, this is perfect, as you only send a small amount of data, requesting a web page, for example, but receive a larger amount of data - the web page itself, containing large quantities of graphics, etc.

This is another reason why it is impractical to host a web site on your own network, since a web server sends out much more data than it receives and, using an ADSL connection, this would be extremely slow.

Server Farm

An ISP that specialises in providing web servers will host those servers in a purpose-built facility known as a Server Farm or Data Centre. As well as having extremely high-speed Internet connections into the Server Farm, it will typically provide very high levels of fault-tolerance, in terms of redundent mains power supplies (often from different local sub-stations), along with Uninterruptable Power Supplies and diesel generators, redundent Internet connections (often from different local exchanges) and highly efficient air conditioning.

The buildings that house Server Farms are usually physically highly secure as well, without windows and with ant-ramraid bollards, 24 hour security, and so. This is particularly important where web servers are processing eCommerce transactions since the theft of a web server could potentially include the theft of vital credit card data.

IP Address

Every connection to the Internet must have a unique IP (Internet Protocol) address so that data can be sent to the right place in the world. These IP Addresses appear as four sets of numbers, separated by dots, so are of the form 123.123.123.123.

All data sent from one place to another across the Internet is addressed to a specific IP address and from a specific IP address.

So, for example, when you request a page from a web site, your computer needs to know the IP address of the web site to know where to send the request and, conversely, the computer that is running the web site needs to know the IP address that the request came from in order to send the web page back.

Every IP address must be unique across the entire planet and since each of those four numbers can only go up to 255 there are only 4 billion possible IP addresses. This may sound a lot but they are most definitely a finite resource.

Dynamic IP Address

If you have a domestic Internet connection, or a budget commercial Internet connection, for your own computer(s) to connect to the Internet, then your own IP Address will be allocated to you each time you connect to the Internet. Since IP addresses are a relatively expensive commodity, a mass-market ISP probably has more customers than it does IP addresses. Each time you connect, it allocates a free IP address from the pool of free ones; when you disconnect from the Internet, the IP address that you are using goes back into the pool. The upshot of this is that your IP address may be different today to what it was yesterday.

Fixed IP Address (or Static IP Address)

The draw back with Dynamic IP addresses is that it makes it impossible for the receiving computer to know anything about the sending computer, because there is nothing unique about it's IP address. This is fine if the requestor is just asking for a publicly-available web page, since the web server does not care who the requestor is. Whenever security or restricted access becomes an issue, it is therefore essential for the recipient to know who the requestor is, which it can only do if that requestor always has the same IP address.

For example, if you have a system whereby your computer regularly updates data in a database on a web server (for an ecommerce solution, for example), you would not want anyone being able to update that database and a simple user id/password block would not provide adequate protection. The web server would therefore be configured to only accept database updates from your IP address. Naturally, this cannot be done if you have a Dynamic IP address, which changes every day. Your connection to the Internet must, in these circumstances, always have the same IP address. This is achieved by having the ISP allocated a Fixed or Static IP Address so that you always use the same one.

Web servers must, by definition, always have a fixed IP address since anyone browsing to that web site needs to be able to find it.

Furthermore, if anyone is to initiate a connection to your network then they need to be configured with your IP address and so, again, your network would need to have a fixed IP address; this would include any form of remote access (such as home workers or mobile workers), distributed email, etc.

Domain Names

IP Addresses are not particularly friendly for humans to deal with. The BBC's web site address is, for example, 212.58.251.195 but it would not be very helpful if the BBC announced "for further information, please visit our web site at http://212.58.251.195"!

A Domain Name, such as bbc.co.uk, is simply a human-friendly alias to an IP address.

Sub Domains

In reality, one domain name can be associated with multiple IP addresses by prefixing the domain name with an additional name, in which case it becomes a Sub Domain. For example, www.bbc.co.uk is a sub-domain of bbc.co.uk, news.bbc.co.uk is a different sub-domain and can point to a different IP address (and therefore a different web server).

This is often done when the main corporate web site is hosted by a different server (possibly even a different ISP) to the eCommerce web site - www.mysite.co.uk can point to one IP address on a server provided by one ISP whilst shop.mysite.co.uk points to an entirely different IP address on another server, provided by another ISP altogether.

NB: a web site can be at {anything}.yourdomain.co.uk (or .com, .net, etc.), it is only convention that it should "www." but since most people will assume that your web site begins with "www." then anything else is confusing unless it is a separate web site that is linked to by your main web site. A good example of this is the News section of the BBC web site - you start off at www.bbc.co.uk but as soon as you click on "News", you end up at news.bbc.co.uk, but most people will not even notice this.

DNS

When you type a domain name into your web browser, your browser needs to translate that domain name into an IP address. It does this by looking up the domain name (or sub domain) in a directory, called a Domain Name Service, or DNS.

For performance reasons, the DNS that your browser uses is probably hosted by your ISP since, otherwise, every request out to the Internet would require two transactions; one to find the IP address for a given domain name, and one to send the data.

Your ISP's DNS needs to synchronise itself with all of the other DNS servers around the world so that it always contains the latest information on the domain names in use, and which IP address they correspond to. This synchronisation is happening around the clock but is a permeation, as one DNS server refreshes from another. Furthermore, each DNS entry has a timeout associated with it, which is usually 24 hours, which means that once a DNS Server has retrieved an entry for a particular domain, it does not need to get it again for that length of time. This means that if you change a DNS configuration (or more likely, your ISP changes a DNS configuration) because, for example, you have moved a web site from one server to another, or you have registered a new domain name, it can typically take up to 24 hours for that change to be picked up by all of the DNS servers around the world.

'A' Records and 'MX' Records

The DNS entries for a domain will actually be quite complex but there are two parts of a DNS entry that are referred to a lot - the A record and the MX record. Put simplisitically, the A record indicates the IP address of the web site for that domain and the MX record indicates the IP address of the email server for that domain.

This means that the email server for mysite.co.uk can be entirely different to the web server for mysite.co.uk; they can even be provided by different ISPs. This is what makes it possible to move your web site from one ISP to another without affecting your email (or vice versa).

Browser

In order to view web sites, you use a Browser, or web browser to be more precise. Historically, the most commonly used browser is Microsoft's Internet Explore ("IE" for short).

Microsoft Internet Explorer established major predominance because it was always shipped with Microsoft Windows. There is, however, a greater and greater movement away to 3rd party browsers, including

It should be noted that the layout of a web page is described in a text file by the web site and it is down to the browser to render (i.e. draw) the image of that web page as the designer intended. Thus not all browsers will render the same page in the same way. This may be down to the design of the browser, the age of the browser, but more often is caused by bugs in various web browsers!

HTML

The language used by the web designer to describe the content and layout of a web page is HTML (or Hypertext Markup Language).

HTML is plain text but with extra bits which describe the fonts, colours, size, etc. of text and the positioning of images. One of the challenges of web design is ensuring that this HTML produces the desired results for all visitors, regardless of the size of their screen, the type of browser, the type of computer (whether a Mac, a PC or an iPhone, for example) and which fonts, etc. they have installed.

Images used on web pages are not part of the HTML file - the HTML file simply describes where the browser can go and download the image(s) from and where to place them on the page. Thus, for example, the images on a web page do not need to have come from the same web site as the page itself!

Cookies

Cookies are small pieces of data that a web site can download onto the computer of the visitor so that, if they return to that site, they can be identified again. We use a cookie, for example, if you log in to this web site and tick the "remember me" box, we store an identifier in a cookie on your computer so that you do not need to log in again. This is the standard mechanism for identifying returning visitors to a site.

 

8. Domain Names and DNS Explained

Are you confused by the difference between "Domain Management" and "DNS Management"? Do you want to understand who has control over your domains? This article aims to answer these and other related questions in simple terms.

This article builds on the previous article Internet Terminology for Beginners.

Domain Names and Domain Name Management

Your domain name is used to point people and systems and certain resources. For example, your domain name may be mycompany.co.uk. This single domain name could be used for a variety of purposes - for example:

As can be seen, domain names may be used for a lot more than just being the address of your website.

Who Manages Your Domain?

Each top-level domain (.co.uk, .com, .org. etc.) will have a separate organisation known as an Internet Registry, responsible for maintaining a register of who owns each domain name.

In the UK, for example, .co.uk domains are managed by Nominet. You can find out more about Nominet by visiting their website.

Nominet and other Internet Registries do not, however, deal directly with those people and organisations who wish to register a domain name for themselves - instead, they deal through 3rd parties known as Registrars. These are typically ISPs and other Internet-based businesses based around offering the service of registering domain names.

The Registrar will manage your domain.

What Does Managing The Domain Mean?

Domain Name registrations are for a fixed period of time (typically two years) and so Domain Management means dealing with the ownership of that domain, dealing with the renewal process of that domain and controlling who provides the DNS Management (see below) without actually providing the DNS Management itself.

Domain Management does not cover any aspects of what the domain is used for - it does not, for example, provide management of the information about where your website is hosted or which server deals with the email sent to that domain. That is covered by DNS Management.

How Do I Find Out Who Is Managing My Domain?

To find out who the owner of a given domain is, and who the administrative contact is (typically this will be the registrar of the domain), you need to carry out a "Who Is" query. Many websites offer a "Who Is" lookup - for .uk domains, the Nominet website itself will provide this service whilst there are 3rd party websites available which also offer this service - for example DNSStuff.com - or simply type "who is" into a search engine. Remember, when typing your domain name into a "Who Is" query that your domain name is simply mycompany.co.uk and not www.mycompany.co.uk - the address including the "www" part is called a sub-domain.

DNS Management

When someone types "www.mycompany.co.uk" into their web browser, their computer needs to turn that domain name into an IP address in order to identify the web server to ask for the web page. DNS is all about providing the mechanism the translate domain names into IP addresses.

This happens by looking at the domain name record itself (as shown by the "Who Is" enquiry) and finding out what it's name server is. A name server is a server somewhere on the Internet that simply has vast lookup tables to indicate that a particular domain name is equivalent to a particular IP address. In fact there won't be a single entry but many since there will be one to indicate the IP address for www.mycompany.co.uk (generally refered to as the 'A' record), one for email (the MX record) and maybe others for things like remote.mycompany.co.uk and blog.mycompany.co.uk in the example above. The organisation that hosts these lookup tables on their servers is providing you with the DNS Management.

TTL ("Time To Live")

If your computer needed to look up the Names Server for your domain every time it wanted to load something from your website, it would introduce a massive overhead - since it would need to look up your domain to find your Names Server then look up your Names Server to find your web server - three lookups instead of one.

This means that when your computer looks up a name in a names server, it stores the results locally so it does not need to look them up again. This is called DNS Caching. It cannot store these details forever, though, since then it wouldn't know about changes (such as if you move your website to a new web server). Every DNS entry has a TTL, or Time To Live, associated with it and this tells any computers storing this information how long they can hold on to it before they need to go back to the Names Server to get updated information.

By default, this value is usually 24 or 48 hours.

For day-to-day purposes, this is fine but it does mean that if you are about to move your website, or launch a new one, then there will be a day or two when some people will see the old site and some people will see the new site. This is clearly very unsatisfactory so best practice is to reduce the TTL to, say, one minute a couple of days before the launch of the new site and then, once the transfer has taken place, put it back up. This way, everyone will pick up the new site almost immediately.

You cannot, of course, reduce the TTL to one minute immediately before updating the DNS entry since it will then be too late for the people that already have cached local copies that have a longer TTL associated with them.

Summary

Domain Management is all about looking after your ownership of your domain name but nothing to do with what it is used for.

DNS Management is all about configuring (and making available on the Internet) information about what a Domain Name is being used for, such as which server on the internet holds its website.

Both are required and are often provided by completely different organisations.

 

9. SSL Certificates Explained

Are you confused about SSL certificates? Do you need one? What do they cost?

This article builds on the previous article Internet Terminology for Beginners.

What do SSL Certificates do?

Put simply, an SSL certificate associated with your website will allow it to display a padlock symbol on your website indicating that it is secure. It allows the web address to be accessed using https://.... rather than http://...

Normally, traffic sent over the Internet is sent in clear text. This means that it is possible for unscrupulous third parties to intercept that traffic and see what is being transmitted. Normally, this doesn't matter - if all they are seeing is the latest weather forecast being downloaded from the Met Office web site, for example. But if that information contained your credit card details, or even your user id and password to login to your email account, then if someone else were to see that traffic, the consequences could be very serious.

An SSL certificate allows data to be encrypted whilst it is transmitted to and from your website and your customer's browser. This prevents the information being seen by anyone else whilst it is travelling across the Internet.

Once I have an SSL Certificate, are all of my Web Pages Secured?

Encrypting your web pages is only strictly necessary on pages that submit sensitive information (such as a login page or a checkout).

In late 2015, however, Google and Mozilla decided that, as the devices typically running web browsers become powerful enough to cope with the overhead of encrypting and decrypting web pages without a noticeable overhead, there was no longer a good reason not to encrypt every page on a site. As a result, Google started giving some extra weighting to sites that operated in https mode throughout.

So, whether all of your web pages are secured or just those that submit sensitive information will largely depend on the age of the site. For example, all sites built by axisfirst since early 2016 have operated in https mode throughout.

What is an EV SSL Certificate?

A standard EV certificate does nothing except encrypting the data between the website and the browser. An EV SSL certificate additionally provides some reassurance to the customer that the website that they are dealing with belongs to the organisation that it claims to.

In essence, anyone can register any domain name that is available and once you own that domain name, you can register a standard SSL certificate.

In order to register an EV SSL certificate, however, you must also prove that you are the legal entity that the website purports to be. An EV SSL certificate does nothing more than a standard SSL to protect the data in transit between the browser and the website - it's sole additional purpose is to reassure your customers that you are who you claim to be.

This is achieved by requiring anyone attempting to register an EV SSL certificate to provide more information on their organisation.

How Does My Customer Tell That I have an EV SSL Certificate?

The value of EV SSL certificates used to be minimal, as the general public was not aware of them. The latest incarnations of most popular web browsers do now, however, show them differently and this now means that EV SSL certificates are beginning to carry more weight.

Google Chrome, for example, will show a standard SSL certificate like this:

whilst an EV SSL certificate is shown like this:

Is There An Additional Cost for EV SSL?

Yes. EV SSL certificates are significantly more expensive because of the additional administrative steps that the issuing authorities must go through to validate that the applicant is who they say they are. Retail (B2C) websites in particular, however, should seriously consider the benefits to be had from the additional reassurance that they offer their customers.

10. Canonical Tags Explained

One of the clearest definitions of canonical tags is provided by the SEO software specialists, Moz:

A canonical tag is a way of telling search engines that a specific URL represents the master copy of a page. Using the canonical tag prevents problems caused by identical or "duplicate" content appearing on multiple URLs. Practically speaking, the canonical tag tells search engines which version of a URL you want to appear in search results.

Search engines dislike duplicate content - it may be an over-simplification but if the search engine finds three pages, all with the same content, each page gets one third of the page ranking it might otherwise achieve. The canonical tag tells the search engine which of those three pages is the master and the others are disregarded.

It can be perfectly valid for a number of URLs to deliver the same content. This can happen, for instance, if your web page's URL includes the description of your product and your product's description changes:

For example, you have a book called "A-Z of Roses", its URL could be

If you subsequently rename it "A-Z Roses, 196pp", its URL would become

The search engine will already have the previous URL in its index but when it next crawls the site, it will also find its way to the new URL via the sitemap or on-page navigation. It can now see two pages with the same content.

Provided that the Canonical Tag on both pages indicates the true, current, URL (i.e. https://egpl.axisfirst.co.uk/A-Z-of-Roses/product/BOOK002/BOOK002/) then the older one is disgarded, avoiding the duplicate content.