Each of the "e-commerce solutions" described here has its own advantages
and disadvantages: generally, the more complex and difficult
ones give you more capabilities. Use this guide to choose the one most
appropriate for your application.
Audience: Merchant staff developing e-commerce websites.
Some e-commerce solutions put information about your orders in two separate
streams of data, which have to be reconciled (joined) in your back
office. For example, you may get the details of an order by email while
the credit card payment for it goes directly into OMARS. Later on, you'll
have to match payments to orders to confirm all your customers have paid.
Remember these data and watch for the way they are handled by the
various e-commerce tools introduced later on.
If you need to get a credit card number from a customer, use the telephone
or a secured FAX machine.
E-Commerce Solution |
Skills Needed |
Effort to Setup |
Collect Extra Data? |
Custom Look? |
Calculations? |
Multiple Items? |
Hosted? |
Simple OMARS payment form |
None. |
Minimal. |
One 64-character line. |
Slightly; background color only. |
No. |
No. |
ChargeMIT server. |
OMARS with Custom HTML form |
HTML coding, forms. |
Low to moderate. |
One 64-character line. |
Yes, although receipt page is fixed. |
No. |
No. |
ChargeMIT and Web locker. |
cgiemail Version 1 and Custom HTML form |
Good HTML, CGI skills and cgiemail experience. |
Substantial planning and development work. (est. 20 hours) |
Handles any extra data that can be input to Web form.
Amount to charge must be entered by user, however. |
All pages but receipt can be customized completely. |
No. |
No. |
ChargeMIT and Web locker. |
cgiemail Version 2 and Custom HTML form |
Good HTML, CGI skills and cgiemail Version 2 experience. |
Substantial planning and development work. (est. 25 hours) |
Handles any extra data that can be input to Web form.
Can transform inputs and make computations from inputs. |
All pages but receipt can be customized completely. |
Yes. |
Yes, but not entered in ClearCommerce. |
ChargeMIT and Web locker. |
FileMaker Pro forms |
Extensive FileMaker Pro web development skills and HTML, CGI. |
Substantial effort to design database and Web interface. |
Any extra data that can be input to FileMaker. |
All pages but Receipt can be customized in Filemaker. |
Yes. |
Yes, but not entered in ClearCommerce. |
Your FileMaker server and ChargeMIT. |
ShopSite (catalog/shopping cart software) |
HTML authoring helpful but not necessary. ShopSite
admin interface easy to learn. |
Variable, depending on degree of customization. A few hours or more. |
Limited use of renamed inputs in order-entry forms, optional fields. |
Yes; simple adjustments are easy, extensive custom forms are possible. |
Yes, limited to parameters in products. |
Yes, but not entered in ClearCommerce. |
ChargeMIT and Web locker. |
OMARS Order Entry API |
Java programming in webserver environment required. |
Extensive development effort (at least 2 person-weeks est.). |
Yes, whatever application can implement. |
Yes, all pages are completely custom. |
Yes (under control of custom web services). |
Yes, this is the only way to enter multiple items into ClearCommerce. |
Your Web server and ChargeMIT. |
2.1 Fast Food: Simple OMARS Payment Form
This is easy and quick to create, but it shows. It is adequate for some
very simple applications, such as paying bills online.
- Pro:
-
- Only requires minimal effort and no extra knowledge to set up.
- Customizable background color and some labels.
- Con:
-
- Cannot control appearance of order entry form.
- Customer must calcuate and enter the amount to pay.
- Minimal "extra data": just order category and Order Comments field.
- Digital (email) receipts available through ClearCommerce/OMARS.
This solution gives you a very simple and utilitarian web page that
accepts and processes a credit card payment. The form was originally
developed for merchants' back office point of sale applications, as
a replacement for the "telephone terminal", but it also works as a public
e-commerce page.
You cannot control the
look and feel of this page aside from some labels and the background
color.
For more information, see the Point-of-Sale section of the
OMARS Merchant Setup Questionnaire. This explains the
options available in setting up the form.
Example
https://shopmit.mit.edu/payment/alchemy_public
You can configure these features of the payment page:
- Background color
-
Sets the background color of the automatically-generated Web pages. The foreground
colors are all dark so choose a pale shade.
- Transaction Type
-
The type of credit-card transaction, either PreAuth or Auth.
- Charge Description
-
Optionally, modify the message sent to the customer on Amex transactions.
This is usually not needed since the default message TUITION/FEES
is appropriate, and we recommend keeping the default.
- Order Classification
-
This optional setting lets you collect an extra piece of data with
each order, a "classification" meant to indicate the purpose or
description of the payment. It can be used to sort orders later in the
back office. The set of classifications is fixed, set at the time your
store is configured, although it can be changed later.
- Order Comments
-
This is another optional input to associate a piece of data with the order.
It can be up to 64 characters long and may contain anything. You configure
whether or not this input appears on the Web form, its label and an
optional line of instructions to the user.
We recommend using the Order Comments field to store a reference
identifier such as a bill or invoice that lets you match the credit-card
payment with an entry in your main recordkeeping system. For example,
if you ask customers to pay their invoices online, collect the invoice
number so you can easily find the invoice corresponding to each payment
and log the amount paid.
There is also an option to add some scripting code to check the value
entered in the Order Comments field. This is a script that runs in
the browser (e.g. javascript) to put up a warning message if the value
is missing or unacceptable. Most merchants don't bother with this option.
- Shipping Address
-
The form may optionally be configured to include entry boxes for another
mailing address, designated the "shipping" address because it is
intended to be used for orders where the goods are shipped to a
a different address from the credit card billing address.
The input fields can be given a different label if you wish to use
them for something other than shipping.
- Separate Tax, Shipping amounts
-
Add input boxes for separate amounts for tax and shipping. Most of
our merchants do not need to charge tax, so this is usually not an issue.
The separate shipping box is only needed if you want to specifically
track the amount charged for shipping. The tax and shipping inputs are
automatically added to the subtotal entered to get the total amount charged.
We recommend leaving these input boxes turned off.
- Store Name
-
The title at the top of the page does not need to match the name
of your store, although by default it does. Configure a different
store name if needed.
2.2 Blue Plate Special: OMARS with Custom HTML form
This uses the same
OMARS Order Entry service as the
Simple OMARS payment form described above,
but lets you substitute your own custom HTML page instead of the plain
automatically-generated one.
The capabilities are no different, but you can design the payment
page to blend into your website and provide appropriate documentation
to your customers.
- Pro:
-
- Relatively little effort to set up, only requires basic HTML knowledge.
- Form page is completely customized. You can hide or omit irrelevant fields.
- ChargeMIT takes care of hosting the page securely if you upload it
to your Web locker (exactly the same as for sites on web.mit.edu).
- Digital (email) receipts available through ClearCommerce/OMARS.
- Con:
-
- Customer must calcuate and enter the amount to pay.
- Minimal "extra data": just order category and Order Comments field.
- "Receipt" page is not customizable (aside from background color).
Your custom page must contain a FORM and inputs with the
names and size limits expected by OMARS. Please see our documentation page:
OMARS Order Entry from Custom HTML Forms.
Hosting the Page
Your custom HTML page should be installed in
a locker provided by I/S Web Communications,
since there simple and well-documented procedures for maintaining
websites this way. However, this only offers an unencrypted web page to
the public at large. You will find that knowledgable
e-commerce customers are reluctant to enter a credit card number in
an unencrypted page (one that starts with http: instead of
https:). (Note: The web.mit.edu server
does have an https service but it requires MIT personal
certificates and so is not usable by the public.)
We offer a solution to this problem. Our e-commerce server,
shopmit.mit.edu, also provides access to websites in
WCS
(Athena) lockers, but it is configured to give encrypted https
access to the public.
If you change the URL to use shopmit your customers will
be loading the exact same pages out of your locker, but they'll just go
through the shopmit.mit.edu server
instead of through the web.mit.edu server.
To derive the new URL you should advertise to your customers, start with
the web.mit.edu URL you'd normally use to load the page.
Then substitute "https://shopmit.mit.edu/"
for "http://web.mit.edu/" at the start of the URL of the page
that you offer to customers; e.g., change
http://web.mit.edu/mylocker/www/pay-me.html
to
https://shopmit.mit.edu/mylocker/www/pay-me.html
Example
For an example of a payment page using a custom HTML form see:
https://shopmit.mit.edu/cao/payar/cao-payment.html
You can join an OMARS payment page to a
cgiemail application
to make an e-commerce site that is capable of collecting any number of extra
data from the customer.
- Pro:
-
- With cgiemail you can collect as many answers from the customer
as you need.
- All pages are completely custom. You can hide or omit irrelevant fields
from the payment page.
- ChargeMIT takes care of hosting the pages securely if you upload them
to your Web locker (exactly the same as for sites on web.mit.edu).
- Digital (email) receipts available through ClearCommerce/OMARS.
- Con:
-
- Customer still must calcuate and enter the amount to pay.
(See next section on cgiemail2 for a solution to this.)
- Back office staff must match cgiemail messages with OMARS orders.
- Building this kind of site requires thorough knowledge of HTML
and some time and effort learning cgiemail.
- Some features require adding the complexity of server-side includes.
- "Receipt" page is not customizable (aside from background color).
The customer is led through two web pages: the
first is the cgiemail application, where he/she chooses what to order,
and the second is a payment page that collects the credit card information
and processes the transaction. It may seem cumbersome to break up the activity
into two web forms but it is actually common for e-commerce websites to use
a separate page for credit-card payments. This design also lets you
offer other methods of payment by switching to different follow-on pages
instead of the credit card page.
Here is how it works:
- Customer loads the form page that drives cgiemail.
Customer fills out the form, chooses "credit card" payment method,
and submits it.
- cgiemail sends an email message with the form answers.
- cgiemail builds a response page out of the "success template"
for the credit card payment page and sends it to customer's browser.
- Customer now sees the second page of the form, pre-loaded with
any applicable answers from the first page such as name and amount to charge.
Customer adds credit card information and submits it.
- This form goes to OMARS order entry service, which processes the
transaction and returns a "receipt" page to the customer.
- Customer sees confirmation page saying his transaction was approved.
One disadvantage, to the merchant, is that information about orders arrives
from two separate sources: email messages with results of cgiemail forms,
and orders entered into your OMARS storefront. You have to correlate
order messages with their payments (or lack of payments).
For more information on building your site with cgeimail, please
see the manual
ChargeMIT E-Commerce with cgiemail.
Example
http://web.mit.edu/ecommerce/www/demo/alchemy/pubs.shtml
This is exactly the same as the
cgiemail Version 1 and Custom HTML form solution
described above except it takes advantage of features added to
cgiemail Version 2. "Cgiemail2" was developed to
make it easier to implement sophisticated e-commerce applications.
- Pro:
-
- With cgiemail2 you can collect as many answers from the customer
as you need.
- All pages are completely custom. You can hide or omit irrelevant fields
from the payment page.
- ChargeMIT takes care of hosting the pages securely if you upload them
to your Web locker (exactly the same as for sites on web.mit.edu).
- Amount of payment can be calculated automatically.
- Server-side includes (SSIs) no longer necessary.
- Digital (email) receipts available through ClearCommerce/OMARS.
- Con:
-
- Cgiemail2 is not supported by I/S and has not been
completely tested or documented. There is some risk in using it.
- Back office staff must match cgiemail messages with OMARS orders.
- Building this kind of site requires thorough knowledge of HTML
and some time and effort learning cgiemail2, which is
even more complicated and subtle than the original cgiemail.
- "Receipt" page is not customizable (aside from background color).
The new features in cgiemail Version 2 are:
- cgiemail2 has its own built-in unique identifier in
the [cgiuniqueid] variable so the initial page does not need
server-side includes to generate an identifier.
- With conditionalizations you can transfer the value from a SELECT
tag input in the initial page to a SELECT in the "success"
template. The example uses this feature to set the billing address country
field.
- Most significantly, cgiemail2 can edit variable values, assign
to variables, and perform calculations. This lets it extract prices and
quantities from the purchases chosen on the first page and compute
the amount to be charged automatically. Having the amount to pay
appear automatically on the payment page looks much smoother and more
professional than a confusing message begging the user to add it up.
cgiemail2
has a major disadvantage, however: it is not released, and is not
scheduled to be released because no resources are available to properly
test it. A few sites are using it anyway, at their own risk.
For more information on building your site with cgeimail2, please
see the manual
ChargeMIT E-Commerce with cgiemail.
Example
http://web.mit.edu/ecommerce/www/demo/alchemy/conf.html
FileMaker Pro is a small relational database and integrated Web
server product for the PC and Macintosh platforms. It can be used to
implement a Web form that collect its inputs and inserts as a new row
of a data table. In this function it is similar to cgiemail, only
it appends the data to a table instead of sending it in email.
- Pro:
-
- FileMaker form lets you collect as many extra inputs and answers from the customer
as you need.
- All pages are completely custom. You can hide or omit irrelevant fields
from the payment page.
- Amount of payment can be calculated automatically.
- Digital (email) receipts available through ClearCommerce/OMARS.
- Con:
-
- You are responsible for hosting and maintaining the FileMaker Pro application.
- Back office staff must match FileMaker entries with OMARS orders,
although this is easy to automate once OMARS report is imported into Filemaker.
- Special FileMaker Pro training and knowledge is required, as
well as some HTML skill.
The ChargeMIT team can only provide limited
advice and assistance, although I/S offers
FileMaker training courses (follow the link and look under
"Databases").
- "Receipt" page is not customizable (aside from background color).
To turn a FileMaker Pro form into
an e-commerce site, have it produce another form upon a successful
submission which drives the
OMARS custom form order entry service.
XXX TODO: add details about generating identifier for OrderComments
(or OrderId), importing reprts, etc.
Example
XXX None, yet.
- Pro:
-
- Impressive results from little effort; ShopSite is well-documented
and easy to use.
- Customer can choose multiple products and options, charge is
totalled automatically.
- Complete sales reports are available from ShopSite.
- Merchant does not need to know any HTML or programming, although
some HTML knowledge can be helpful.
- ShopSite is hosted and maintained by ChargeMIT.
- Credit card processing is integrated with OMARS, transactions
appear on OMARS reports.
- Con:
-
- ShopSite works well for e-commerce sites that conform to the
catalog-and-shopping-cart model, but is difficult to adapt to other
situations -- such as events and conferences. E.g., there is no way to "require"
that every shopper purchase an the "registration" product.
- Products must all have fixed prices, although options that change the
price up and down are possible.
- Many features and messages are difficult or impossible to customize.
(Prospective merchant is advised to experiment with one of our
demonstration stores if there are any pending questions.)
- Merchant must cover incremental cost of ShopSite license (about $325-900).
(Student groups can use it for free through SAFO.)
See ShopSite's website for
demonstrations and more details. We are running Release 5.0. Upgrades
are unlikely because of licensing issues.
The API is intended to be used by custom e-commerce applications such
as Java servlets on a web server. It offers ultimate control over
the order entry process and user interaction, at the cost of much
larger development effort than the other options.
It only submits new orders. It is not capable of order management
(e.g. marking orders "fulfilled") or of getting reports.
- Pro:
-
- All web pages, including receipt page, are completely custom.
- OMARS API is the only way to enter an order with multiple
items into ClearCommerce, so it can be fulfilled by-item.
- Digital (email) receipts available through ClearCommerce/OMARS.
- Con:
-
- High level of programming and Web design expertise is required.
- At least a few weeks of effort required to implement a site.
- Merchant is responsible for hosting and maintaining web server
and server-side Java infrastructure.
- OMARS API can only capture a few pieces of data outside of the
data directly relevant to the credit card order; the application
developer is responsible for capturing, storing, and relating any
extra data which does not fit in API.
Consult the ChargeMIT team for advice and documentation if you are
seriously interested in using the API.
3.1 Apertif: Relevant OMARS Pages.
When your store was created, you were issued an "OMARS home page" URL.
It contains a link to each OMARS service page for your store. Bookmark
that home page, and consult it, since it will be updated when new services
are added. The URL will look something like this one for the "alchemy"
demo store:
http://web.mit.edu/ecommerce/www/stores/store-alchemy.html
Ignore the lines describing Order Entry pages that mention an "External
Form page" -- these are for order entry through custom HTML forms. You can also
use the same custom HTML page in your back office, but people cannot use
the OMARS service directly.
Only the people permitted to use the service will be able to load the
service page. They must be using a Web browser with their personal
MIT Web certificate available.
3.2 Dessert: Tasks and Roles.
This section describes how to manage your e-commerce system from
the back office. The list below shows the tasks typically assigned to each
role -- your staff members will probably each
assume more than one role. (Some merchants have only one person for all
roles. We recommend having at least two people trained for each role
for coverage during absences.)
All operators must be explicitly granted the privileges to access
these roles in your store. This is usually done when your store
is set up. You can add and remove users from roles at any time by
sending mail to chargemit-help@mit.edu.
- Order Entry
-
Create new credit card orders, using either
the back office OMARS Order Entry page or the same e-commerce
interface as your customers. The orders come from customers
via telephone, Web form, physical mail, written forms, etc.
Order Entry operators need to be trained to fill in the Order Entry
page correctly, and which inputs are the most important. They also
need to know how to react to failures and correct them. The exact
instructions depend on how your store operates, possibly including:
- Choice of Auth or PreAuth transaction type.
- Choosing an order category.
- Reading the magnetic stripe on a credit card.
- Entering minimal address information for AVS (i.e. billing name,
billing street number, and ZIP code, only for US addresses).
- Capturing a ship-to address.
- Entering the CVM digits from the credit card.
- Entering Order Comments field correctly.
- Fulfillment
-
If your store uses PreAuth/PostAuth transactions, some of your
staff must be able to fulfill (i.e. PostAuth) orders.
You are allowed to fulfill an order
when the the purchased goods are shipped or otherwise made available
to the customer.
Fulfillment operators are trained to use the Order Management
pages to locate and fulfill relevant orders. Using the Order Detail
page they can adjust the fulfilled amount to less than the authorized
amount (but not more).
An authorized transaction must be fulfilled within 30 days or
it "times out" and gets voided automatically.
- Void
-
When an order is created by mistake (e.g. a duplicate order
entered through the Web ecommerce form), it can be voided
if caught before it gets settled.
Voiding an order cancels it and frees the hold on the customer's
available credit balance.
In most cases, Order Entry
operators should be trained and given access to void orders as well.
Use the Order Management page to void an order.
- Credit
-
A credit is separate transaction that sends money
from your store back to a customer. Since it takes money from
your store, this is a very sensitive operation. OMARS incorporates many
safeguards to prevent credit transactions from being used
fraudulently, but it is still best to restrict the Credit function
to a few experienced and trusted staff. Credits should not be
needed often anyway.
Use the Order Management pages to issue a Credit on an existing order.
- Report
-
All of your order-processing staff need the Reporting role
so they examine the history of orders and transactions.
You'll also want to include accounting and business staff who need to look
at credit card reports.
OMARS reports do not reveal complete credit card numbers or other
sensitive information, so they can be made available fairly widely.
Use the Order Management, Transaction Report, Settlement Report, and
Category Report OMARS pages to get reports.
3.3 Washing Up: Reconciliation and Accounting
3.3.1. Sorting Orders.
If your store gets orders from different sources -- e.g. an OMARS
back office Order Entry page as well as an e-commerce Web form -- you
need to know how to distinguish them. Uusually, your store is set up
to apply a different Order ID prefix to each type of order.
For example, the OrderID of an order from the e-commerce form
would have a "Web-" prefix like "Web-20030714233752.13845", while
the order entered in your back office would have the ID "BO-9001234".
Be aware of the different sources of orders so you can identify
where each one came from and know what has to be done with it.
3.3.2. Correlating Order Information.
When your store employs one of the e-commerce techniques that results
in two streams of order information, then your back office staff
has to correlate, or reconcile, that information.
For example, if you have a cgiemail Web form to initiate an
order which then leads to a credit-card payment form, you'll get an
email message for each credit-card order. (You may also get other email
messages which have no corresponding credit credit-card order because
the customer chose some other payment method.)
The task is to ensure that there is an order in OMARS for
each email message that should have one, and furthermore check the
status of the order -- was it settled successfully? Does it need to be fulfilled?
You may encounter any of the following failure modes:
- Abandoned orders: An email message was received but there
is no corresponding order in OMARS. Perhaps the email is a duplicate
created when the customer reloaded the Web page; check for other orders
from the same customer (matching name or email address) and discard if it
is a duplicate.
If it is not a duplicate,
the customer may have encountered some difficulty entering the credit card
transaction and simply given up. You can ignore the email, or
send a reply to ask if they need help.
- Orphaned credit-card transactions: Sometimes you may find
a credit card transaction which does not have a corresponding email
message. This should be very rare. The cause is probably either:
- Corresponding email message was lost, due to a failure on the
webserver or in the mail system.
- Customer managed to enter a credit-card order without going through
the order form first. This used to occur if they reloaded the Receipt
page and aggressively clicked through warnings, but with a new method
of entering cgiemail orders that should no longer be possible.
- Unpaid orders:
If the orders you are correlating are paid by PreAuth/PostAuth transactions,
then you need to watch out for unpaid orders. You can do this
using the OMARS Order Management page; choose the "list" view and
set the "Filter" choice to "Only Orders to be Fulfilled". This will only
show the unfulfilled orders.
If your store allows multiple payments on an order, e.g. an initial deposit
and later payments, the problem becomes more complicated since there
will be multiple OMARS orders that correspond to each message from cgiemail.
The e-commerce site should have been designed to put an identifier in the
OrderComments field of the OMARS orders that matches an identifier in
the email message they belong to. You can then employ a simple database
program, such as FileMaker Pro, to solve this problem: Get a Settlement
Report from OMARS listing the amount and OrderComments field. Create
a file for your order emails which also includes a column of the identifier
matching the OrderComments field. Now it is a simple matter of establishing
a relationship between those two tables, so you can effectively add a
column to the "orders" table which represents the total amount of
from all settled transactions matching the order. This shows how much
has been collected from the customer for each order.
XXX TODO: accounting, DTRs, etc.