E-Commerce Security Debate: Server-Based vs. Desktop Solutions

Can mainframes really make a comeback? The current browser/server model being touted as a “new” solution looks exactly like the mainframes of the 70s.

Merchants update their sites and prices — and process orders — using fixed forms. In contrast, nearly every other area of computing has settled on the desktop, which doesn’t require a continuous connection to the Internet. Still, over the last few months, there has been a virtual explosion of server-based e-commerce offerings from major companies such as Yahoo!, IBM, and others.

Recent breaches in online security have turned a critical eye to the safety of e-commerce platforms. Merchants have become aware of the need to reassure online shoppers that their sensitive credit card information is completely secure. As such, the browser interface, with processing somewhere on a remote server, is both foreign and frightening to modern businesses.

Sensitive Data, Ripe for Pickin’

Order information stored in a decrypted file on a server could potentially be exposed to anyone with access to the Internet — from the experienced hacker, to the average Web surfer with the right search terms. In the case of an e-commerce mall, access to one password could mean access to the purchase information in hundreds, even thousands of online stores.

This has major implications for merchants, and for ISPs running large online malls and e-commerce servers. Because they control the data as it sits on the server, merchants and ISPs could be held legally liable for any losses that incur, and could even be cited as part of any large fraud. Yet they continue to flock to the new server-based solutions, unaware of the true risks that they’re taking.

Desktop Advantages

To protect themselves, and their customers, merchants must deploy an e-commerce system that keeps sensitive information off the web server, and encrypted at all times. A desktop solution seems the obvious choice. Merchants can store sensitive information and process orders directly on their own PCs, greatly reducing the chance of fraud.

In addition to the value of online security, the desktop option offers merchants numerous other benefits. It is far quicker and easier to use a desktop application with an immediate response, than to endure network delays while waiting for a server — especially over the Internet. The process of changing a whole series of prices, or quickly satisfying customer requests, could take hours longer via server than through the desktop.

Still Not Convinced?

Think big. For a total business solution, it is essential for e-commerce systems to flexibly integrate with desktop software, such as accounting packages. It’s one thing to pick a cart or a payment system, but what is really needed is a complete business solution. A desktop e-commerce solution provides third parties with a simple means of systems integration. A server solution simply cannot.

With such a clear set of arguments for choosing desktop and offline models over the browser approach, why do browser e-commerce solutions remain so popular? The reason is simple. It is much easier to develop a server-based solution than one that is offline and desktop-based. A desktop solution must address the issues of co-existing with other products, working through proxy servers and so on. Developing these features is more difficult for the supplier, but the result is much better for the end-user.

The only real end-user benefit that browser-based solutions offer is that no additional products need to be installed. While this sounds convenient, it seems to overlook the fact that end-users voluntarily install new products on their desktops every day. Is this “added value” worth the price of security, convenience, compatibility?

It’s hard to see how this new browser/server will offer anything more than the mainframe ever did. We’ll have to see whether the market is ready to embrace such a retrograde step when offered an alternative.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More in

How often do you receive an email that you suspect is fraudulent?
Loading ... Loading ...

Technewsworld Channels