How not to jam your fingers when a window of opportunity to credit card security closes
Sydney Morning Herald and The Age Newspapers
By BRAD HOWARTH February 5th, 2008
Many Australian e-commerce operators risk being fined, or banned from accepting online card payments, because they are unaware of a new security standard for the software that manages the transactions.
A draft of the new standard from the international Payment Card Industry Security Standards Council, dubbed Payment Application - Data Security Standard (PA-DSS), was released in November and a final version is due before the end of March.
Existing e-commerce traders and developers have about a two-year window before they face possible penalty. But industry observers warn many risk starting too late on what could prove a complicated compliance process.
"They should look at it right now," says Mike Ryan, director of corporate development at the information technology and security company Vectra Corporation. "Anyone that's familiar with the task of developing applications would recognise that things don't happen overnight with software. In order for an organisation to develop documentation and make sure it has the right business processes internally to reach compliance - it just can't happen overnight."
He believes there has been little action undertaken by software developers, many of whom he says are completely unaware of the new standard.
"The lack of awareness is on the behalf of not only the developers, but also the users of those applications, and that's probably more disturbing than anything," Mr Ryan says. Barely 200 software applications have been validated against Visa's two-year-old PABP standard - leaving many more who that have not.
The new standard is backed by the world's five largest card suppliers, who hope it will lead to fewer security breaches and less fraud. It applies to payment applications that store, process, or transmit cardholder data as part of a transaction. Each supplier will determine whether the standard is mandatory, and what penalties apply to traders using not-certified technology.
Visa has set July 2010 for all point-of-sale and payment applications to be compliant.
Brisbane-based developer ZacWare, which develops the open source e-commerce platform Freeway, has been working with Vectra to ensure its software meets the new standard. Chief executive officer Damian Hickey is disturbed by the lack of discussion on the new standard among developers. "In Australia it's an invisible subject - not many people know about it, and most people are hoping that it won't happen and will be delayed," he says.
NetRegistry deploys open source e-commerce
Computerworld
By RODNEY GEDDA December 14th, 2007
Domain name and hosting company NetRegistry has selected the locally-developed Freeway open source e-commerce system to resell to its customer base.
NetRegistry chose Freeway after an "extensive review" of eight potential e-commerce platforms and plans to resell the products to its customers who need online stores.
Freeway is developed by Brisbane-based ZacWare, and was formerly known as osCommRes, a fork of the open source osCommerce.
ZacWare CEO Damien Hickey said Freeway is the world's most advanced open source e-commerce system for bookings and events - not only selling products online, but also services, events and subscriptions.
"As Freeway was released under the GPL open source licence system, it guarantees long-term supportability and adaptability - the nature of Freeway will enable NetRegistry to gain access to a world-wide open source developer network," Hickey said.
Hickey said huge changes are about to take place in the e-commerce software space with regards to Visa's Payment Application Best Practices (PABP) certification.
From January 1, 2008, Visa will introduce a series of mandates to eliminate the use of non-secure payment applications from the Visa payment system.
"ZacWare's Freeway e-commerce system is already compliant with these measures," he said.
NetRegistry chief operating officer Brett Fenton said Freeway is a natural fit for the company.
"By dealing with an Australian company, NetRegistry will be able to access a level of instant technical support that is much harder to reach when outsourcing overseas," Fenton said. "In addition, the open source nature of Freeway meant that ZacWare was happy to take our suggestions on board and adapt the software to suit our needs. This two-way dialogue will not only benefit NetRegistry, but our customers." NetRegistry will begin to deploy Freeway eCommerce in January, 2008.
ZacWare plans to expand its services to include a security monitoring tool for daily Visa PABP certification status of Freeway merchants.
The company is also developing an enterprise-grade hotel booking module which will remove a hotel's dependency on "high cost", hosted booking systems.
Tools to Lighten the Load
Sydney Morning Herald and The Age Newspapers
By BRAD HOWARTH September 11th, 2007
Queensland-based software developer ZacWare hopes to turn the world's websites into mini-YouTubes with software that enables webmasters to easily embed video footage.
According to ZacWare chief executive officer Damian Hickey, the Smackbiz software enables site operators to upload, index, manage and present online libraries of video content, without special expertise.
Mr Hickey cites potential examples such as an insurance company being able to easily receive video clips relating to insurance claims online and create an archive of claims, or a real-estate agent creating an online video library of available residences.
A second application, called Smack, has been developed for consumers to help compress their own video clips before posting them to sites such as YouTube, MySpace and Facebook. Mr Hickey says this accelerates the upload process and saves consumers bandwidth when posting videos.
He says product trials have shown it to be up to 100 times faster than conventional uploading of uncompressed AVI video files.
The development of the tools began when the 22-strong ZacWare team decided to build a video presentation showcase module for the e-commerce reservation software system it had developed, called Freeway (formerly osCommRes).
The software has been beta-tested by organisations including the Queensland Government-sponsored film and video industry development agency Qpix.
Agency manager Kerry O'Rourke says online media is a big growth area for film and video exhibition, and it is important that clients and participants in the Qpix centre learn about new distribution systems.
"This automatic formatting structure (of Smackbiz) is really going to save us time," Mr O'Rourke says. "We'll be trialling it internally to get a feel for how it works, and then we'll start to get our clients involved in using it as well."
The Smack video upload tool is available for a free trial, with a price of $10 for ongoing use.
The Smackbiz library and display management tool is also available for free for the first 10 videos in the library, and is then priced on a per-video basis.
Builder Magazine, 22nd January 2007
If You've Got the Money Honey
Sydney Morning Herald and The Age Newspapers, 29th August 2006
By BRAD HOWARTH August 29, 2006
CREATING an e-commerce system for the services industries was never Damian Hickey's plan. But when funding for the overseas volunteers program he had signed up to in 2004 was cut by the Federal Government, Mr Hickey found himself with two years' unpaid leave, and his options wide open.
At the same time, the Yogababy yoga studio operated by Mr Hickey's wife, Suzanne Swan, was growing rapidly. Mr Hickey, a UNIX systems administration with Workcover Queensland before taking unpaid leave, began looking for an e-commerce system to manage his wife's bookings.
"I had time on my hands for an extended period, where I could look around and see what was available, and I became aware that there wasn't anything there," Mr Hickey says.
"We live in a services economy but e-commerce available at the moment is basically product-based and that doesn't really make sense any more. People are expecting that they can purchase anything over the web right now - I certainly do. And the software hasn't until recently been available for it."
Mr Hickey describes the e-commerce packages he saw as online check-outs incapable of handling complex time-based bookings, such as for yoga classes. He says that functionality was only in packages costing hundreds of thousands of dollars, or developed by companies that needed it, such as in the travel industry, by connecting their internal systems to the internet.
Failing to find a suitable system, he based his own on the open source e-commerce project osCommerce. Mr Hickey estimates the team of 17 has compiled 10 coder-years of development, helping him deliver an updated version, "osCommRes", to manage complex e-commerce transactions needed by services companies.
"With products, you are selecting from a bunch . . . on the shelf but with services you are also buying the time, so that adds in layers of complexity," Mr Hickey says.
Ms Swan says that osCommRes gave her back four to six hours a week she spent organising her classes.
"I was growing rapidly as a small business and I couldn't cope with the amount of work that was required, so things had to change," she says. "It's enabled me to grow a more profitable business without the amount of effort that was required before."
Ms Swan's yoga caters to pre- and post-natal women, including birth education services. osCommRes sends text messages to students to remind them to sign up for their next block of classes. Mr Hickey sayes osCommRes has 11 clients with whom it has been working through its developmetn period. He also says that his company is profitable today, deriving revenue from complexintegration work around osCommRes and he estimates that total investment in development to date has been close to $250,000.
CIO Magazine August 24th 2006
http://www.cio.com/blog_view.html?CID=24197
Network World August 24th 2006
http://www.networkworld.com/news/2006/082406-services-based-e-commerce-goes-open.html
Computerworld August 23rd 2006
http://www.computerworld.com.au/index.php/id;1699498100;fp;16;fpid;0