Professional Documents
Culture Documents
Refcard 348 e Commerce Development Essentials 2021
Refcard 348 e Commerce Development Essentials 2021
E-Commerce CONTENTS
∙ Introduction
Development Essentials
∙ Build or Buy
∙ Conclusion
JAMES SUGRUE
CTO, OVER-C TECHNOLOGY
Since the dot com boom, e-commerce has meant big business for e-commerce solutions that allow the flexibility and freedom to
all involved. Amazon, eBay, and Etsy all used the technology to deploy your own service.
1
Start building on the
leading commerce platform
With access to powerful APIs and 1.7M+ merchants worldwide,
Shopify is the platform to flex your creativity and build solutions
for every part of commerce.
75%
3 in 4 merchants use apps
Off-the-Shelf Solutions • Hosting and security are the provider’s • You will need to pay for the service
Use a proven e-commerce platform to concern • Limited customization options
avoid any development work. The most • Inventory management will be included • Recovery from service outages is not in your
straightforward and fastest approach to get • Proven features and simple setup control
selling.
• Quick startup time
Hybrid • Bring in the services that you don’t want to • Multiple systems to manage
Best of both worlds. Customize parts of the implement • Service costs
system but leverage an existing platform or • Better customization options to help
set of services. This is the approach that will differentiate from other online stores
suit most.
DIY • Full creative and technical control • You will need to work hard to build a feature
Build your own system from scratch — with all • Lower, or no, service costs set to match existing services
the benefits and drawbacks of full ownership. • Responsibility for entire system
Recommended only if creating a platform or • Scaling concerns
marketplace is part of your strategy.
• Cost of development
• Delay in time to retail
Of all the options listed above, the DIY option is by far the riskiest if The following is an overview of the functionality provided by each
you are building an offering that you expect to scale. As well as all the component:
functional considerations, the non-functional requirements such as
security and scalability become critical. MERCHANT FUNCTIONALITY
• Inventory Management
As you are building something that deals with cash, expect your
A central system where all stock is added. This is the place
system to get the attention of hackers. Make sure to put a significant
where you will add products, categories, and groupings to
amount of investment into securing your system and make frequent
manage transactions like sales and discount codes. This will be
penetration tests part of the product development cycle once the
supported by a database and potentially file storage in
initial implementation is built.
the backend, and will need to provide a user interface for the
merchant. It will also be essential to incorporate Search Engine
OVERVIEW OF E-COMMERCE Optimization (SEO) into the catalog to increase success.
ARCHITECTURE
• Order Management
Any e-commerce system is composed of multiple complex parts.
As orders are made by customers, they will need to be managed
Each module is focused on either the shopper or the merchant. The
between different states from: Received > Processing >
following diagram looks under the hood of a typical e-commerce
Dispatched > Shipped. The customer will also need to be
platform, highlighting both the functional and non-functional
provided with tracking information for their shipment. Finally,
requirements:
this will need to be equipped to handle returns. As orders move
to processing, inventory will also need to be updated.
• CRM
The customer relationship management tool will deal with
email, newsletters, and outreach to your shoppers.
make their selections. This will present everything in your soon. Make sure to have your basket as long-lasting as possible, especially
inventory, ideally displaying stock counts and rich media with registered users.
• Shopping Cart
• Database
As the user selects items, they will be added to a shopping cart
Every e-commerce system is really a set of services running over
or basket. The best shopping cart interfaces make it clear how
a database server. While traditional approaches have centered
many items have been added and allow quick previews of cart
around relational databases such as PostgreSQL and MySQL,
content.
it is more common to see these used for the management of
• Checkout transactions.
• Chatbots
Check out our Scalability and High Availability Refcard for more
To assist the user during their shopping experience and answer
on this topic.
any immediate questions, a chatbot interface can provide fast
answers. • API
Layer Security (TLS) certificate active on the site. You should use the In the case of all the services listed below, payment details are stored
OWASP Top 10 security risks list to identify and address some of the by the provider, reducing risk and exposure to fraud.
most common risks for your application. Following this, it makes
SERVICE DESCRIPTION
sense to run an independent penetration test against the system to
find any other potential weaknesses or vectors of attack. Fast becoming one of the internet's most popular
payment services, Stripe prides itself in being
The system will be processing PII (Personally Identifiable developer first, with client and server libraries
Information), so you will need to be particularly aware of data Stripe available for all platforms, and pre-built integrations
into platforms such as Shopify, WooCommerce, and
breaches. Additionally, if you are processing payments or storing
NetSuite. Detailed analytics and reports are available
card details, you will need to be familiar with PCI (Payment Card for merchants.
Industry) security standard requirements. You should consider the
creation of a data privacy framework to ensure the protection of One of the original payment providers, PayPal
provides a basic Smart Payments integration, along
this sensitive and valuable information and run a privacy impact with additional features for shipping changes,
assessment for the system. advanced look and feel, refunds, and dispute
PayPal handling. Customization of checkout pages is also
If the site operates in the European Union, you will need to ensure available for merchants.
compliance with the General Data Protection Regulation (GDPR), A complete set of REST APIs are available, covering
which sets out rules on how personal data should be processed and anything you need for a payment system.
grants EU citizens more rights and control over their own data.
As well as providing an e-commerce platform, Square
unsurprisingly provides a complete payment service
UTILIZING THIRD-PARTY SERVICES that integrates with everything from WooCommerce
Square and Magneto to Wix and Wordpress. This all works
FOR YOUR ARCHITECTURE with the physical Square terminal, a point-of-sale
Now that we have outlined core components of the system, let’s device. Full developer APIs also exist to accept
look at how each part might be implemented using existing services payments and create and track orders.
You will find some of the categories we listed earlier are not covered SERVICE DESCRIPTION
here. In the case of Order Management, Product Catalog, and
Apple provides an API and buttons for payment
Shopping Cart, these are the core services provided by the larger e-
but relies on e-commerce platform integration to
commerce platforms and separating out those services does not Apple provide other functionality. For customers who have
make huge business sense. Pay Apple Pay set up on their devices, this can be a faster
payment system to use, but not as fully featured as
Another example is Account Management for customers. In all three others.
orders, as well as providing the product catalog for shoppers. systems, and typically provide great API capabilities:
Standalone inventory management systems are rare, with this being
SERVICE DESCRIPTION
the core selling points of larger e-commerce systems.
CRM SYSTEMS
The following CRMs are considered the leading in the business. As
such, they have integrations into the most popular e-commerce
Rather than needing to build your own infrastructure for an e-commerce application, you can leverage a number of different APIs and SDKs from
established platforms. With these APIs, you can integrate and extend the built-in features of the platform.
This chart looks at the developer API functionality that is exposed across five of the most used e-commerce platforms:
API TYPE
REST ✔ ✔ ✔ ✔ ✔
GraphQL ✔ ✔ ✔
API CATEGORIES
Inventory ✔ ✔ ✔ ✔
Orders ✔ ✔ ✔ ✔ ✔
Products ✔ ✔ ✔ ✔ ✔
Profiles / Users ✔ ✔ ✔ ✔ ✔
Transactions ✔ ✔ ✔ ✔
CRM ✔ ✔
Cart ✔ ✔ ✔
Analytics ✔
EXTRAS
Webhooks ✔ ✔ ✔ ✔
Open Source ✔ ✔
If you wish to have the option of full control over your store, without an e-commerce system, and it’s clear that it’s far from trivial. Online
needing to consider any third-party platforms, but want to avoid shopping has never been more popular, and there are a huge variety
building the architecture from scratch, you should investigate some of paid and open-source choices if you want to build your system.