Technology Guidelines

When it comes to good e-Commerce practices, technology is the key. It plays a vital role in all aspects of implementing an efficient e-Commerce system and value chain.

By keeping up to date with the latest technology-related best practices for your business, you can enhance security, and drive efficiency and sales, ensuring an improved customer experience.

We have compiled a list of important technology practices that you should adopt for your business:

Identity Management: Sign-in
Single factor identification – at least one mode:
  • User registration (username-PW) with Level of Assurance LoA2 ISO/IEC DIS 29115
  • Social Login (Google, Facebook, Twitter) based on SAML (OpenID/Oauth or as alternative)
  • National identity management scheme (when available), based on SAML/SSON
Identity Management: Payment Confirmation
  • In case of payment with acquirers or PSPs with credit card, it is recommended to have MasterCard SecureCode, 3D Secure by Visa (Amex is a closed loop circuit with its own policy)
  • In case of wallet use two factor authentication - Level of Assurance LoA3-4 of ISO/IEC DIS 29115 (for B2B transactions force use of digital certificates - LoA4)
  • For customers who are requiring maximum security, recommended use of specs on “2nd factor experience” to simplify the purchase experience
  • In case of smart cards or USB certificates comply with PKCS#11/ISO24727 (OTP with OATH)
Information Security
  • Comply with ISO 27001 Security standards (and On Web Trust certification – optional)
  • In case of storage of payment data, comply with PCI-DSS or use certified outsourcers following tokenization guidelines from Visa and MasterCard
  • Follow QCert and TCG (Trusted Computing Group) recommendations and certifications
  • Use DRM compliant with ETSI standards (Common encryption) for digital video
  • Enable both Web and Mobile – better to also have smart TV and social media access
  • Comply with W3C, HTML5 - Follow WCAG 2.0 checklist – Avoid use of Flash
  • Multilanguage (English, Arabic)
  • In case of use of on-line video, follow ETSI-DVB standards (H264+, CENC, DASH, HBBTV 2)
  • Comply with IAB standards for digital advertising (VAST 3.0)
Design best practices (see also web-design guidelines)
  • SEO/SEM, Mobile Friendly (also useful for search ranking)
  • Multimedia Content richness (e.g. slideshow), and clarity
  • Speed test and quality coding test
  • Include dynamic promotions, update contents, customize messages and experience
  • Forum, Blog, Rating, Email, Contact center
  • Multiple payment instruments available (cash on delivery, e-Payment)
  • Integrated with most popular social media (Facebook, Twitter, Youtube, Instagram, Google+)