Introduction

Retail shopping has evolved dramatically over the years. In the earlier days of shopping, a shopkeeper would sit behind a counter and respond to requests from a customer, selecting a product from the shelf and handing it to the customer for her consideration. The customer would then indicate whether she was interested in buying it. If so, the product would be set aside, the shopkeeper would respond to the customer's next request, and after the customer was satisfied with all the items set aside, the shopkeeper would prepare the final bill and accept payment. If the customer didn't like a product, the shopkeeper would naturally reshelve it.

Today, most stores allow customers to do their own shopping. A customer may ask for assistance from one of the attendants, but on the whole, products are displayed in ways that make shopping easy. Thus stores can cater to many customers, each going about his shopping individually. The entire shopping experience has been made easy for the customer. Factors such as product layout, arrangement of displays, location and width of aisles, location of check out counters, and the availability of human assistance all play a key role in the overall shopping experience.

Another innovation in the shopping experience was the advent of "catalog shopping." Here the entire storefront was replaced with a printed catalog of products and a precise method of placing orders via phone or mail. This new approach allowed businesses to operate in an entire region or an entire nation without maintaining retail stores. Catalog shopping offered competitive prices, as there was no overhead for maintaining retail stores, inventory, staff, and stocking logistics; few central warehouses and a well-established delivery system were used to fill orders. From the customer's viewpoint, the entire shopping experience was now available from home.

Electronic shopping is an attempt to combine the shopping experience of both in-store shopping and catalog shopping. Web-based applications offer more interactivity than a printed catalog. They also have the ability to provide more media forms, such as audio, video clips, and animation, in addition to static text and pictures all in an effort to enhance the shopping experience and, in the end, sell more merchandise. In fact, the success of the online shopping experience depends almost entirely on ease of shopping coupled with factors such as richer media.

Customers have their own shopping styles and sets of needs when they go shopping. A storefront and its contents look different and more or less appealing when viewed through the eyes of different customers. Thus the greatest challenge facing electronic storefronts is to cater to diverse customer needs and desires over a Web-based interface. The set of customer choices also varies. For example, one customer may like to pile up all potential purchases while shopping but delay the final decision of which item(s) to purchase until the very end. Another customer may like to make a single selection at a time. Customers have different payment habits too. Although the majority use credit cards to pay for retail purchases, customers still like to pay cash or by check in some cases. Even with credit cards, customers may prefer one credit card company to another. Shopping systems have to anticipate and take care of all these needs and preferences.

As Web shopping applications have matured, some technologies and components became standard for every electronic storefront implementation. In this chapter we focus on the two most important aspects of an electronic storefront shopping carts and payment gateways. The purpose of this chapter is to familiarize you with a few key concepts and issues related to security. We apply concepts from this chapter when discussing attacks on electronic storefronts in Chapter 10, E-Shoplifting.