During the .com boom, businesses were frantically developing Internet presences without taking the time to research and guarantee that customer's private information was being handled in a safe and secure way. Consequently, countless credit card processing companies sprung up to take advantage of the increased demand and offered cheap and easy transaction methods to get businesses up and running online as quickly as possible. Many of these companies compromised quality in exchange for cheap, easy and fast solutions, taking advantage of unknowing businesses that were new to the Net.

However, if your credit card processing is not set up correctly, businesses may be exposing themselves, as well as their customers, to a huge security risk.

It is important to understand that while we all send and receive e-mail or surf from page to page on the World Wide Web, the information we view is constantly being sent back and forth between users and servers across the Internet.

And, it is very simple for experienced programmers to maliciously intercept this information and view it without ever being detected.

Therefore, when you operate an online store and send and receive sensitive information, such as credit card numbers and expiration dates, it is essential that the entire process is encrypted and secure.

In order to accomplish this, it is necessary to analyze the entire transaction process, beginning when the customer enters their payment information and ending when the business charges their credit card.

Ideally, this process is accomplished by optimizing three components of the transaction: a shopping cart that is fully integrated within the look and feel of the rest of the site, a secure version of your domain name and a reputable online credit card processor. This set up minimizes risk and will establish the highest level of trust and comfort with your potential customers.

Having your shopping cart and checkout pages integrated with the rest of your site is very important. However, it is complex to develop a solution like this, and many businesses have cut corners, opting for a solution that doesn't seem to fit in with the rest of the site. While technically, this may handle basic transactions, it is likely to confuse and create a level of mistrust from potential customers, resulting in lost sales.

Plus, when Web sites transmit their shopping cart information to a third party to complete the payment and credit card processing, it is possible to intercept and modify that information. Specifically, without much effort, the price and quantity can be changed, regardless of what was entered into the shopping cart.

A successful Web site will have a consistent look and feel on every page. Carrying this design concept through the entire shopping cart and checkout pages will give your site a professional image and help maximize sales and return customers. It also eliminates the possibility of a person intercepting an order and editing prices and quantities without authorization.

The second component is the secure version of your domain name. Most people are familiar with the small lock that appears in your browser when you view a secure Web page. To accomplish this, you need to purchase a secure socket layer (SSL) digital certificate.

This certificate encrypts the information that is sent to and from the customer or person viewing the Web page and the Web site server. This includes any information the person fills out and submits when purchasing a product online.

The most popular and trustworthy digital certificate companies are Thawte (http://www.thawte.com) and Verisign (http://www.verisign.com).

That brings us to the final component of the recommended ordering process -- the credit card processor. To automate the process, it is common to hire a company that specializes processing credit card transactions.

When done correctly, as soon as a person places an order at an online store, the processing software instantly verifies that the funds are available on the specified account and holds those funds during the time it takes for the business to ship the order. Once shipped, the funds are transferred.

Of course, all this information is transmitted securely and the opportunity for that information to be maliciously viewed or stolen is virtually eliminated.

Again, Verisign (http://www.verisign.com) is the most trustworthy company for online payment processing and offers a service that fully integrates within a company's own Web site.

However, while this is the most secure option, this process requires the business to pay monthly fees, setup fees and per transaction fees as well.

So, there is one safe alternative to this option and that is sending the customer's credit card information directly to the business owner via e-mail. Many businesses select this option and punch the credit card information into their existing terminal by hand, thus eliminating the additional charges that occur with the method described above. At least until they start receiving a high volume of orders.

However, very few businesses choosing this method are receiving the information in a secure way. And, as I said before, e-mail that is not encrypted as it travels across the Internet and can easily be intercepted and read by a skilled programmer with malicious intent.

So, choosing this method requires the additional step of encrypting the customer's sensitive information as the e-mail that is sent from the Web site server to the business. If this is not done, the business is exposed to a majority security risk.

In the end, selling products over the Internet can be a great way to find new customers and develop a new stream of revenue. But, how this is done should be carefully planned and, when dealing with their customers' sensitive information, businesses should not cut corners that put their information at risk. Ultimately, businesses, not the consumers, are held responsible for unauthorized credit card charges.