Join ISIS / Trusted Shops
Retailer Guidance
Taking your business online for the first time can be a daunting
prospect. Whether you already have an offline business, or this is your
first venture into e-Retail, we have pulled together some useful
information on this page which will guide you through the setting up
process. We also hope that established retailers will find this a useful
resource.
Retail
Industry Insight
Patricia Davidson is the author of
six books about online shopping for consumers, the latest being The
Shopaholic’s Top 1000 Websites. She runs
www.thesiteguide.com
and also writes at '
Web Hints
– What Makes People Click' which includes weekly web advice
for online retailers. She also runs an independent e-retail
consultancy
Customer
Service
When a consumer chooses your website to
make a purchase it is important that the level of service the customer
receives creates a happy shopping experience which will encourage them
to return to your website in future. A consumer will have expectations
about the service they should be receiving and particular areas of your
website such as contacting the retailer, delivery methods, the checkout
process and the usability of your website. If a consumer is unable to
contact your company, or receive a timely response to a general enquiry
then it is likely they will choose not to shop with you again, thereby
damaging your reputation and losing you potential customers. This will
also be the case if a failed delivery is not resolved in a satisfactory
manner.
It is important that your procedures are
legal, honest and fair and further guidance is available for retailers
in the Trusted Shops Code of Practice.
The link below
goes to the OFT Guidance Notes on the Distance Selling Regulations.
This document provides an excellent reference when reviewing or writing
your Terms and Conditions.
OFT Guidance Notes for Retailers on Distance Selling
Regulations
Example
Terms and Conditions
The document below
is guidance, which was jointly developed by Trading Standards and IMRG,
and provides a set of model terms to help internet retailers comply with
consumer protection laws.
Model
Term for e-Retailers
Suppliers
Directory
The Suppliers Directory is a listing of
IMRG Supplier members who provide a wide range of services to
e-Retailers. Representing companies of all sizes, you will find
suppliers who have good reputations in the market place and can help you
make the most of your web-presence.
IMRG, the
industry body for e-retail, has amongst it's membership industry leading
suppliers who can help both small and larger retailers. Please follow
the link below which will take you to the IMRG
website.
IMRG
Suppliers Directory
Information Commissioners
Office
Charged with implementing the Government's
Data Protection legislation, the ICO provide guidance to businesses
with regards to their obligations under this legislation, processes
applications for organisations to be registered under the Data
Protection Act, and investigates queries from the general public. We
recommend that you contact the ICO to ensure that your organisation is
operating within their guidelines.
Information Commissioner's
Office Website ICO
guidance for organisations Data Protection Guide
Customs
and Excise
H.M. Customs and Excise are
responsible for managing VAT and these links provide invaluable guidance
for e-Retailers.
Guidance on
VAT and VAT registrationGuidence on Taxation
Companies
House
The main functions of Companies House are
to:
• incorporate and dissolve limited companies;
• examine and store company information delivered under the
Companies Act and related legislation;
• and make this
information available to the public.
The United Kingdom has
enjoyed a system of company registration since 1844. Today, company
registration matters are dealt with in law, by the Companies Act 1985
and the updating legislation contained in the Companies Act 1989.
All limited companies in the UK are registered at
Companies House, an Executive Agency of the Department of Trade and
Industry. There are more than 2 million limited companies registered in
Great Britain, and more than 300,000 new companies are incorporated each
year.
Companies
House
Payments
3D
Secure - Payments Security
InitiativeAPACS, the Payments industry
body, have a website deidicated to the provision of information to
retailers and consumers realting to 3D Secure; the collective name for
Verified by Visa and MasterCard SecureCode.
Verified
by Visa (VbV) and MasterCard SecureCode (MCSC)
As of
July 2007, MasterCard have made it a mandatory requirement that any
organistion wanting to accept online Maestro payments must be MCSC
enabled. For smaller e-Retailers this will generally be handled by your
Payments Service Provider (PSP). However, you should check with your
PSP, Acquiring bank or payments processing team to ensure that you have
MCSC in place for Maestro payments by July 2007. There are many
advantages to being enabled, such as reduced chargebacks, increased
protection against fraudulent transactions and the ability to take
cross-border orders with the same level of
protection.
MCSC is part of an industry initiative
called 3D Secure; Visa's Verified by Visa (VbV) is also part of this
program. VbV and MCSC provide an interface which can appear in your
payments process through which your customer can enter a pass code to
validate their transaction. Think of it as the online version of
Chip-n-PIN. Card holders can register in a variety of ways; either via
their card issuing bank or during the payments process on your
website.
For more information, please visit the cards
schemes websites by following the links below:
Mastercard Securecode Verified by Visa
Payment Service
ProvidersPayment Service Providers are
third party companies contracted by retailers to process payments. They
offer the consumer confidence that their personal card details are
maintained in a secure environment and handled with in the latest
guidelines and industry best practice. They offer the e-retailer
convenience, the ability to accept payments online, reduce the
investment required to handle electronic payments and the ability to
accept a wide variety of payment types. Typically, the PSP passes the
funds back to the retailer monthly or fortnightly. A small commission is
charged for the service. Some industry leaders
include:
Barclaycard
Business CyberSource PayPal ProtxPayPoint.net
SecureTrading WorldPay
Card
SchemesThe card schemes are the
organisations responsible for managing credit, debit and charge cards.
The cards, whichever their type, are managed by the banks; roughly as
Issuers for consumers and Acquirers for business. However, both Issuers
and Aquirers, and indeed retailers, have to operate within the card
scheme rules. More information can be seen
below;
Major Card Schemes Operating in the
UK
Mastercard for BusinessVisa for
Business American Express for Business
Delivery
Delivery
is often the area which receives the least attention from an online
retailer. Most of the resources will go in to the website and marketing
but the delivery aspect is the last point at which your customer has
contact with your organisation. Therefore, it is the element which many
customers will judge your business on. Remember, the delivery agent is
the 'public' face of your company and to this end it is important to
choose the right partner to deliver your orders and to ensure that
details of your delivery service, and what the customer should expect,
are highlighted on your website. One of the biggest reasons for people
dropping out of the shopping process on a website is because retailers
were not upfront about delivery costs and
expectations.
IMRG have recognised the importance of
delivery in e-Retail and have instigated the IDIS (Internet Delivery Is
Safe) program. This is a subset of the ISIS scheme and more information
can be found by clicking the logo below.
About PCI
The PCI
Security Standards Council offers robust and comprehensive standards and
supporting materials to enhance payment card data security. These
materials include a framework of specifications, tools, measurements and
support resources to help organizations ensure the safe handling of
cardholder information at every step.
The keystone is
the PCI Data Security Standard (PCI DSS), which provides an actionable
framework for developing a robust payment card data security process
including prevention, detection and appropriate reaction to security
incidents.
Tools to assist organizations validate their PCI DSS
compliance include Self Assessment Questionnaires.
For device vendors and manufacturers, the Council provides the
PIN Transaction Security (PTS) requirements, which contains a single set
of requirements for all personal identification number (PIN) terminals,
including POS devices, encrypting PIN pads and unattended payment
terminals.
For further information, the PCI DSS
Website can be accessed HERE.