BROUGHT TO YOU IN PARTNERSHIP WITH

E-Commerce CONTENTS

∙ Introduction

Development Essentials
∙ Build or Buy

∙ Overview of E-Commerce Architecture

∙ Utilizing Third-Party Services for

The Building Blocks to a Successful Your Architecture

E-Commerce Architecture ∙ APIs for E-Commerce Platforms

∙ A Look at Open-Source Alternatives

∙ Conclusion

JAMES SUGRUE
CTO, OVER-C TECHNOLOGY

INTRODUCTION • Open-Source Alternatives — A list of several open-source

Since the dot com boom, e-commerce has meant big business for e-commerce solutions that allow the flexibility and freedom to

all involved. Amazon, eBay, and Etsy all used the technology to deploy your own service.

their advantage, while PayPal, Stripe, and Shopify have positioned

BUILD OR BUY
themselves as integral components to the fabric of the internet,
There are three main options available that include using an existing
providing services that make buying and selling on the internet
off-the-shelf solution, taking parts from existing services to build a
simple and frictionless for the shopper and the merchant. 
hybrid offering, or taking the leap to building it all yourself.
If you are considering setting up your own e-commerce offering,
The following table will help you balance the pros and cons of each
there is a lot you need to consider, and this Refcard will help you
approach:
navigate these options. You should first gather the requirements for
your online store and decide which features are essential. From there,
build or buy decisions will become clearer. Alternatively, you may be Continued on Page 3.
looking to build your own platform for others to use; if that’s the case,
this will act as a resource, highlighting the necessary steps involved.   

This Refcard is broken up into five key sections: 

• Build or Buy — An overview of common approaches to building

e-commerce applications.

• Overview of E-Commerce Architectures — A high-level view

of various components of the e-commerce system.

• Utilizing Third-Party Services — An examination of third-party

services that can be used to create hybrid e-commerce offerings
focused on payment services, chatbots, and recommendation
engines.

• APIs for e-Commerce Platforms — An assessment of five APIs

provided by the most popular e-commerce solutions.

1
Start building on the
leading commerce platform
With access to powerful APIs and 1.7M+ merchants worldwide,
Shopify is the platform to flex your creativity and build solutions
for every part of commerce.

Launch your app on the world’s largest

commerce platform
$230M (USD)
With a built-in market of 1.7M+ merchants in over App developer earnings in 2020

175 different countries, the Shopify App Store is

the best place to sell your app.

75%
3 in 4 merchants use apps

A platform designed for

you to succeed

As a Shopify developer youell have access to 6

AWR documentation, speciali[ed support, and Apps installed on average ®²
merchants who use apps
a community of 3,500+ industry-leading

developers to help you every step of the way.

Start buildin today

Become a Shopify Developer

 REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS

APPROACH PROS CONS

Off-the-Shelf Solutions
Use a proven e-commerce platform to
avoid any development work. The most
straightforward and fastest approach to get
selling. 
• Hosting and security are the provider’s
concern
• Inventory management will be included
• Proven features and simple setup
• Quick startup time
• You will need to pay for the service 
• Limited customization options
• Recovery from service outages is not in your
control 

Hybrid
Best of both worlds. Customize parts of the
system but leverage an existing platform or
set of services. This is the approach that will
suit most. 
• Bring in the services that you don’t want to • Multiple systems to manage
implement  • Service costs
• Better customization options to help
differentiate from other online stores

DIY
Build your own system from scratch — with all
the benefits and drawbacks of full ownership.
Recommended only if creating a platform or
marketplace is part of your strategy. 
• Full creative and technical control
• Lower, or no, service costs
• You will need to work hard to build a feature
set to match existing services 
• Responsibility for entire system
• Scaling concerns
• Cost of development
• Delay in time to retail

Of all the options listed above, the DIY option is by far the riskiest if
you are building an offering that you expect to scale. As well as all the
functional considerations, the non-functional requirements such as
security and scalability become critical.
As you are building something that deals with cash, expect your
system to get the attention of hackers. Make sure to put a significant
amount of investment into securing your system and make frequent
penetration tests part of the product development cycle once the
initial implementation is built.
OVERVIEW OF E-COMMERCE
ARCHITECTURE
Any e-commerce system is composed of multiple complex parts.
Each module is focused on either the shopper or the merchant. The
following diagram looks under the hood of a typical e-commerce
platform, highlighting both the functional and non-functional
requirements:
The following is an overview of the functionality provided by each
component:
MERCHANT FUNCTIONALITY
• Inventory Management
A central system where all stock is added. This is the place
where you will add products, categories, and groupings to
manage transactions like sales and discount codes. This will be
supported by a database and potentially file storage in
the backend, and will need to provide a user interface for the
merchant. It will also be essential to incorporate Search Engine
Optimization (SEO) into the catalog to increase success.
• Order Management
As orders are made by customers, they will need to be managed
between different states from: Received > Processing >
Dispatched > Shipped. The customer will also need to be
provided with tracking information for their shipment. Finally,
this will need to be equipped to handle returns. As orders move
to processing, inventory will also need to be updated.

• Business Intelligence & Analytics

To ensure the success of a store, the merchant will need to have
access to in-depth analytics related to product performance
and customer behavior. By integrating a good analytics solution
into your system, you will be able to understand behavior such
as cart abandonment.

• CRM
The customer relationship management tool will deal with
email, newsletters, and outreach to your shoppers.

3 BROUGHT TO YOU IN PARTNERSHIP WITH

 REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS

• Billing and Invoice System 

Once orders have been placed, this system is responsible for
generating and sending invoices and receipts to the customer.
SHOPPER FUNCTIONALITY
• Product Catalog
The listing of products for the shopper to browse through and
WHAT MAKES A GREAT E-COMMERCE EXPERIENCE
There are a few things that you can do as a seller to improve the customer
experience. Sending email notifications through the CRM when the user has
a shopping cart that hasn’t been checked out may prompt the customer to
come back, especially if they were distracted.
Many stores infuriate users — and lose sales — by emptying the basket too

make their selections. This will present everything in your soon. Make sure to have your basket as long-lasting as possible, especially

inventory, ideally displaying stock counts and rich media with registered users.

content. This is the most crucial part of any e-commerce system

A well-implemented chatbot can be a huge advantage, giving the user
and must have intuitive, responsive search as well as sensible
contextual answers as they are viewing a particular product. 
category breakdowns.

• Shopping Cart
• Database
As the user selects items, they will be added to a shopping cart
Every e-commerce system is really a set of services running over
or basket. The best shopping cart interfaces make it clear how
a database server. While traditional approaches have centered
many items have been added and allow quick previews of cart
around relational databases such as PostgreSQL and MySQL,
content.
it is more common to see these used for the management of
• Checkout transactions. 

When the shopper wants to complete their order, they will go

Modern stores tend to rely on document databases such as
through a checkout mechanism, providing their address and
MongoDB, DynamoDB, and Redis used to power the product
payment details. As such, it’s crucial that this component is
catalog and gathering aggregated data for merchant reporting. 
completely secure. It is here that you will need to manage the
application of promotional codes and discounts, and provide • Load Balancer
shipping options. A single server approach is never going to work as a long-term
solution. For any platform that expects to achieve scale and
• Account Management
wants to remain resilient, particularly during sale events,
To ensure repeat customer visits, you will want to provide the
integrating a load balancer into your system architecture is
ability to create accounts. This will feed into the merchantʼs
essential. Load balancing will distribute traffic evenly across
CRM system.
your servers and also eliminate any points of failure. 

• Chatbots
Check out our Scalability and High Availability Refcard for more
To assist the user during their shopping experience and answer
on this topic.
any immediate questions, a chatbot interface can provide fast
answers. • API

Adding an API layer around your system can be useful if you

• Recommendation Engine
want to create a platform or marketplace that is used by other
Once considered advanced, recommendations that can be
merchants, allowing them to use your underlying infrastructure
made to the user based on either their own buying patterns or
at a price. This is not a small undertaking and will require
those of others can help sell more products.
dealing with security concerns, providing access tokens and
dealing with more vectors for hackers and denial of service
TECHNICAL COMPONENTS
attacks. 
Some of the following components may not apply if you adopt
off-the-shelf or hybrid approaches. However, it is worth being aware
SECURITY AND COMPLIANCE
of how they can contribute to your system architecture, the three
As a system that operates with both personal information and
main parts of which will be your database to store any information, a
payments, security has to be one of the core considerations.
load balancer to manage network traffic at scale, and an API layer to
enable others to use your system. At a minimum, your site will need to run securely, with a Transport

4 BROUGHT TO YOU IN PARTNERSHIP WITH


Layer Security (TLS) certificate active on the site. You should use the
OWASP Top 10 security risks list to identify and address some of the
most common risks for your application. Following this, it makes
sense to run an independent penetration test against the system to
find any other potential weaknesses or vectors of attack.
The system will be processing PII (Personally Identifiable
Information), so you will need to be particularly aware of data
breaches. Additionally, if you are processing payments or storing
card details, you will need to be familiar with PCI (Payment Card
Industry) security standard requirements. You should consider the
creation of a data privacy framework to ensure the protection of
this sensitive and valuable information and run a privacy impact
assessment for the system.
If the site operates in the European Union, you will need to ensure
compliance with the General Data Protection Regulation (GDPR),
which sets out rules on how personal data should be processed and
grants EU citizens more rights and control over their own data.
UTILIZING THIRD-PARTY SERVICES
FOR YOUR ARCHITECTURE
Now that we have outlined core components of the system, let’s
look at how each part might be implemented using existing services
available. Note that for complete implementations, you might want
to skip this section and move to the paid e-commerce platforms
section of this card. This list is by no means exhaustive but looks to
capture the most popular solutions available. All services listed here
have a developer API available, meaning that integration between
systems is possible.
You will find some of the categories we listed earlier are not covered
here. In the case of Order Management, Product Catalog, and
Shopping Cart, these are the core services provided by the larger e-
commerce platforms and separating out those services does not
make huge business sense.
Another example is Account Management for customers. In all three
cases, if you were not using a central e-commerce system, you
would likely build them yourself, powering it all through a database.
This is one of the caveats of hybrid architectures; unless you are
willing to build some parts from scratch, you will need to consider
one of the large e-commerce players.
BILLING AND INVOICE SYSTEMS
For both the shopper and merchant sides of the business, a single
service can suffice, managing everything from checkout to billing
and invoicing. The services listed below are considered the premium
players in online payments and provide numerous permutations of
services and integrations.
5 BROUGHT TO YOU IN PARTNERSHIP WITH
REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS
In the case of all the services listed below, payment details are stored
by the provider, reducing risk and exposure to fraud.
SERVICE DESCRIPTION
Fast becoming one of the internet's most popular
payment services, Stripe prides itself in being
developer first, with client and server libraries
Stripe available for all platforms, and pre-built integrations
into platforms such as Shopify, WooCommerce, and
NetSuite. Detailed analytics and reports are available
for merchants.
One of the original payment providers, PayPal
provides a basic Smart Payments integration, along
with additional features for shipping changes,
advanced look and feel, refunds, and dispute
PayPal handling. Customization of checkout pages is also
available for merchants.
A complete set of REST APIs are available, covering
anything you need for a payment system.
As well as providing an e-commerce platform, Square
unsurprisingly provides a complete payment service
that integrates with everything from WooCommerce
Square and Magneto to Wix and Wordpress. This all works
with the physical Square terminal, a point-of-sale
device. Full developer APIs also exist to accept
payments and create and track orders.
CHECKOUT SERVICES
The following services provide a simple checkout button for payment,
leaving billing and invoicing to partner integrations, or for you to
build yourself. These systems are perfect when you want to leave all
card details outside of your system.
SERVICE DESCRIPTION
Apple provides an API and buttons for payment
but relies on e-commerce platform integration to
Apple provide other functionality. For customers who have
Pay Apple Pay set up on their devices, this can be a faster
payment system to use, but not as fully featured as
others.
Amazon Pay allows the addition of a payment
Amazon button to your site and integration with e-commerce
Pay providers along with a developer API. Payments are
made through the shopper’s own Amazon account.
Google Pay allows customers to use any payment
Google method saved in their Google account. Integrates
Pay with Shopify, Magneto, and other major e-commerce
platforms.
INVENTORY MANAGEMENT
The following services help in the managing store inventory and

orders, as well as providing the product catalog for shoppers.
Standalone inventory management systems are rare, with this being
the core selling points of larger e-commerce systems.
SERVICE DESCRIPTION
Square provides complete APIs and services for
managing product catalogs, adjusting inventory
as well as order creation and tracking. There is
Square
even a set of functionalities covering customer
management that provides a lightweight CRM
for your store.
An extensive suite of inventory tools, including
reporting, to help manage your supply chain.
Shopventory Integrations available for Shopify, Square,
BigCommerce, WooCommerce, Clover, and
PayPal. API access is also available. 
Strong integration capabilities to Shopify and
Zoho’s own e-commerce offering as well as
payment services such as Stripe and PayPal.
Zoho
Zoho’s solution has the flexibility to work as a
Inventory standalone service, or can be wrapped up with
their other products. A detailed API gives you
control over every possible feature.
BUSINESS INTELLIGENCE & ANALYTICS
The following services are proven to give business owners better
insight into what their customers are doing when visiting their
website:
SERVICE DESCRIPTION
One of the most popular analytics solutions for
the web, Google Analytics allows you to track
and report on almost anything, once you add
Google
the appropriate tracking codes and plan the
Analytics flows and metrics that you want to observe. One
of the attractions of the service is that it’s free,
but the data does reside on Google’s servers.  personalized feedback to known customers.
With integration into Shopify, KissMetrics is a
paid analytics solution that allows you to view
KissMetrics
key metrics at a high level and understand
cohorts of users. 
HotJar allows you to view exactly where your
users are clicking and scrolling on your site
using heatmaps, giving a more visual approach
HotJar to understanding your users. It also lets you
replay what your shoppers are doing on the
site. For A/B testing or improving UX, this can be
really useful.
CRM SYSTEMS
The following CRMs are considered the leading in the business. As
such, they have integrations into the most popular e-commerce
6 BROUGHT TO YOU IN PARTNERSHIP WITH
REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS
systems, and typically provide great API capabilities:
SERVICE DESCRIPTION
Salesforce has cornered the CRM market, with a
huge marketplace and integrations into all major
Salesforce
e-commerce platforms. However, the API can
seem a bit daunting at first.
Zoho’s core strength is the simple integrations
with many tools and services, from Office365 and
GSuite to SurveyMonkey and MailChimp. Along
Zoho CRM with their API, one of the most interesting parts
is the Deluge serverless functions, which allow
developers to write event-driven code, making
this the most developer friendly option.
CHATBOTS
SERVICE DESCRIPTION
As part of AWS’s huge suite of services, Lex has
the benefit of being able to hook into serverless
functions (AWS Lambda) to make the possibilities
of the chatbot conversational flow limitless.
Amazon Lex
Integration with Amazon Polly allows text-to-
speech functionality within the bot. This can also
be created using the web interface or through the
Amazon CLI (Command Line Interface).
For those who already have a Facebook page, and
want to have the same bot experience running
Facebook between all online properties, a Facebook
Messenger Messenger bot is a great start. With their Customer
Chat Plugin, you can integrate the Messenger bot
directly into your own website. 
HubSpot provides a no-code solution for
building their chatbot, delivering templates for
HubSpot you to get started or allowing you to start from
Chatbot scratch. HubSpot Chatbot can be integrated with
HubSpot’s CRM, which allows you to give more
 
RECOMMENDATION ENGINES
SERVICE DESCRIPTION
As a leader in e-commerce, it’s no surprise that
they provide one of the best recommendation
engine implementations. Machine learning is
Amazon involved in building recommendations, but the
interfaces make this easy to manage without ML
Personalize
experience. As well as giving unique homepage
experiences for customers, it can be used for
more personalized marketing communication. 
 REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS

APIS FOR E-COMMERCE PLATFORMS

If the prospect of building an entire e-commerce application appears daunting, but you still want to maintain some creative control, there are a
number of approaches that you can take. Using SDKs and APIs, you can integrate with existing platforms, saving yourself infrastructure headaches.  

Rather than needing to build your own infrastructure for an e-commerce application, you can leverage a number of different APIs and SDKs from
established platforms. With these APIs, you can integrate and extend the built-in features of the platform.

This chart looks at the developer API functionality that is exposed across five of the most used e-commerce platforms: 

SHOPIFY WOOCOMMERCE WIX SQUARESPACE MAGNETO

API TYPE

REST ✔ ✔ ✔ ✔ ✔

GraphQL ✔ ✔ ✔

Specialized Access Velo

API CATEGORIES

Inventory ✔ ✔ ✔ ✔

Orders ✔ ✔ ✔ ✔ ✔

Products ✔ ✔ ✔ ✔ ✔

Profiles / Users ✔ ✔ ✔ ✔ ✔

Transactions ✔ ✔ ✔ ✔

CRM ✔ ✔

Cart ✔ ✔ ✔

Analytics ✔

EXTRAS

Webhooks ✔ ✔ ✔ ✔

Open Source ✔ ✔

7 BROUGHT TO YOU IN PARTNERSHIP WITH

 REFCARD | E-COMMERCE DEVELOPMENT ESSENTIALS

A LOOK AT OPEN-SOURCE CONCLUSION

ALTERNATIVES This Refcard has highlighted the considerations and components of

If you wish to have the option of full control over your store, without an e-commerce system, and it’s clear that it’s far from trivial. Online

needing to consider any third-party platforms, but want to avoid shopping has never been more popular, and there are a huge variety

building the architecture from scratch, you should investigate some of paid and open-source choices if you want to build your system.

open-source e-commerce libraries. It’s notable that PHP has been

The gains can be great for those who roll out their own solutions;
the most popular language for open-source platforms. Along with
however, it is not an undertaking for the risk-averse with the
WooCommerce and Magneto, the following are some of the most
associated security and data privacy concerns. A hybrid approach is
used open-source alternatives:
likely to suit most entrants, with each of the major platforms offering
customizations to differentiate your store from the competition.
SERVICE DESCRIPTION LANGUAGE

Includes shopping cart, product

catalog, search, checkout,
Shopizer administration, and a REST API. Java
Includes a CloudFormation stack
for deploying on the AWS cloud. 
WRITTEN BY JAMES SUGRUE,
CTO, OVER-C TECHNOLOGY
Allows management of multiple
stores from a single administration
James is CTO at Over-C Technology, a
backend, with a large feature set, provider of solutions for compliance and
OpenCart mobile and SEO friendly. Additional PHP task management. He is an AWS Community Builder, with an
modules and themes are available expertise in serverless technologies and data analytics. James
in the OpenCart marketplace and has worked in the software industry for 20 years, and builds
include a REST API. products using Java, JavaScript, Swift, and Python. He is also
founder of donatecode.com, which helps match developers with
charitable causes in need of free technical expertise.
With an Addons Marketplace full
of templates for e-commerce sites
PrestaShop and additional modules for metrics PHP
and checkouts, this is one of the
best open-source options out there.

DZone, a Devada Media Property, is the resource software Devada, Inc.

developers, engineers, and architects turn to time and
again to learn new skills, solve software development
problems, and share their expertise. Every day, hundreds of
thousands of developers come to DZone to read about the
latest technologies, methodologies, and best practices. That
makes DZone the ideal place for developer marketers to
build product and brand awareness and drive sales. DZone
clients include some of the most innovative technology and
tech-enabled companies in the world including Red Hat,
Cloud Elements, Sensu, and Sauce Labs.
600 Park Offices Drive
Suite 150
Research Triangle Park, NC 27709
888.678.0399 919.678.0300
Copyright © 2020 Devada, Inc. All rights reserved. No part
of this publication may be reproduced, stored in a retrieval
system, or transmitted, in any form or by means of electronic,
mechanical, photocopying, or otherwise, without prior
written permission of the publisher.

8 BROUGHT TO YOU IN PARTNERSHIP WITH