E-Commerce Development Essentials

Section 1

Introduction

Since the dot com boom, e-commerce has meant big business for all involved. Amazon, eBay, and Etsy all used the technology to their advantage, while PayPal, Stripe, and Shopify have positioned themselves as integral components to the fabric of the internet, providing services that make buying and selling on the internet simple and frictionless for the shopper and the merchant.

If you are considering setting up your own e-commerce offering, there is a lot you need to consider, and this Refcard will help you navigate these options. You should first gather the requirements for your online store and decide which features are essential. From there, build or buy decisions will become clearer. Alternatively, you may be looking to build your own platform for others to use; if that's the case, this will act as a resource, highlighting the necessary steps involved.

This Refcard is broken up into five key sections:

Build or buy – an overview of common approaches to building e-commerce applications
Overview of e-commerce architectures – a high-level view of various components of the e-commerce system
Utilizing third-party services – an examination of third-party services that can be used to create hybrid e-commerce offerings focused on payment services, chatbots, and recommendation engines
APIs for e-commerce platforms – an assessment of five APIs provided by the most popular e-commerce solutions
Open-source alternatives – a list of several open-source e-commerce solutions that allow the flexibility and freedom to deploy your own service

Section 2

Build or Buy

There are three main options available that include using an existing off-the-shelf solution, taking parts from existing services to build a hybrid offering, or taking the leap to building it all yourself. The table below will help you balance the pros and cons of each approach:

Table 1

Approach	Pros	Cons
Off-the-Shelf Solutions: Use a proven e-commerce platform to avoid any development work. The most straightforward and fastest approach to get selling.	Hosting and security are the provider's concern, inventory management is included, proven features and simple setup, quick start-up time	Need to pay for the service, limited customization options, recovery from service outages is not in your control
Hybrid: Best of both worlds. Customize system parts but leverage an existing platform or set of services. This approach will suit most.	Bring in services you don't want to implement, better customization options to help differentiate from other online stores	Multiple systems to manage, service costs
DIY: Build your own system from scratch with all the benefits and drawbacks of full ownership. Recommended only if creating a platform or marketplace is part of your strategy.	Full creative and technical control, lower, or no, service costs	Must build a feature set to match existing services, responsibility for entire system, scaling concerns, development cost, time-to-retail delay

Of all the options listed above, the DIY option is by far the riskiest if you are building an offering that you expect to scale. As well as all the functional considerations, the non-functional requirements, such as security and scalability, become critical.

As you are building something that deals with cash, expect your system to get the attention of hackers. Make sure to put a significant amount of investment into securing your system and make frequent penetration tests part of the product development cycle once the initial implementation is built.

Section 3

E-Commerce Architecture Overview

Any e-commerce system is composed of multiple complex parts. Each module is focused on either the shopper or the merchant. The following diagram looks under the hood of a typical e-commerce platform, highlighting both the functional and non-functional requirements:

Figure 1

Below is an overview of the functionality provided by each component.

Merchant functionality:

Inventory management – A central system where all stock is added. This is the place where you will add products, categories, and groupings to manage transactions like sales and discount codes. This will be supported by a database and potentially file storage in the back end, and will need to provide a user interface for the merchant. It will also be essential to incorporate search engine optimization (SEO) into the catalog to increase your store's chances of success.
Order management – As orders are made by customers, they will need to be managed between different states from: Received > Processing > Dispatched > Shipped. The customer will also need to be provided with tracking information for their shipment. Finally, this will need to be equipped to handle returns. As orders move to processing, inventory will also need to be updated.
Business intelligence and analytics – To ensure a store's success, the merchant must have access to in-depth analytics related to product performance and customer behavior. By integrating a good analytics solution into your system, you will be able to understand behavior such as cart abandonment.
Customer relationship management (CRM) – The CRM tool will deal with email, newsletters, and outreach to your shoppers.
Billing and invoice system – Once orders have been placed, this system is responsible for generating and sending invoices and receipts to the customer.

Shopper functionality:

Product catalog – The listing of products for the shopper to browse through and make their selections. This will present everything in your inventory, ideally displaying stock counts and rich media content. This is the most crucial part of any e-commerce system and must have intuitive, responsive search as well as sensible category breakdowns.
Shopping cart – As the user selects items, they will be added to a shopping cart or basket. The best shopping cart interfaces make it clear how many items have been added and allow quick previews of cart contents.
Checkout – When the shopper wants to complete their order, they will go through a checkout mechanism, providing their address and payment details. As such, it's crucial that this is completely secure. It is here that you will need to manage the application of promotional codes and discounts, and provide shipping options.
Account management – To ensure repeat customer visits, you will want to provide the ability to create accounts. This will feed into the merchant's CRM system.
Chatbots – To assist the user during their shopping experience and answer any immediate questions, a chatbot interface can provide fast answers.
Recommendation engine – Once considered advanced, recommendations that can be made to the user based on either their own buying patterns or those of others can help sell more products.

There are a few things that you can do as a seller to improve the customer experience. Sending email notifications through the CRM when the user has a shopping cart that hasn't been checked out may prompt the customer to come back, especially if they were distracted.

Many stores infuriate users — and lose sales — by emptying the basket too soon. Make sure to have your basket as long-lasting as possible, especially with registered users. A well-implemented chatbot can be a huge advantage, giving the user contextual answers as they are viewing a particular product.

Technical Components

Some of the following components may not apply if you adopt off-the-shelf or hybrid approaches. However, it is worth being aware of how they can contribute to your system architecture, the three main parts of which will be your database to store any information, a load balancer to manage network traffic at scale, and an API layer to enable others to use your system.

Database – Every e-commerce system is really a set of services running over a database server. While traditional approaches have centered around relational databases such as PostgreSQL and MySQL, it is more common to see these used for the management of transactions. Modern stores tend to rely on document databases such as MongoDB, DynamoDB, and Redis, which are used to power the product catalog and gather aggregated data for merchant reporting.
Load balancer – A single server approach will never work as a long-term solution. For any platform that expects to achieve scale and wants to remain resilient, particularly during sale events, integrating a load balancer into your system architecture is essential. Load balancing will distribute traffic evenly across your servers and also eliminate any points of failure.
API – Adding an API layer around your system can be useful if you want to create a platform or marketplace that is used by other merchants, allowing them to use your underlying infrastructure at a price. This is not a small undertaking and will require dealing with security concerns, providing access tokens, and dealing with more vectors for hackers and denial-of-service attacks.

Security and Compliance

As a system that operates with both personal information and payments, security has to be one of the core considerations. At a minimum, your site will need to run securely with a Transport Layer Security (TLS) certificate active on the site. You should use the OWASP Top 10 security risks list to identify and address some of the most common risks for your application. Following this, it makes sense to run an independent penetration test against the system to find any other potential weaknesses or vectors of attack.

The system will be processing personally identifiable information (PII), so you will need to be particularly aware of data breaches. Additionally, if you are processing payments or storing card details, you will need to be familiar with Payment Card Industry (PCI) security standard requirements. You should consider the creation of a data privacy framework to ensure the protection of this sensitive and valuable information and run a privacy impact assessment for the system.

If the site operates in the European Union, you will need to ensure compliance with the General Data Protection Regulation (GDPR), which sets out rules on how personal data should be processed and grants EU citizens more rights and control over their own data.

Section 4

Utilizing Third-Party Services for Your Architecture

Now that we have outlined core components of the system, let's look at how each part might be implemented using existing services available. Note that for complete implementations, you might want to skip this section and move to the "Paid e-Commerce Platforms" part of this Refcard. This list is by no means exhaustive but looks to capture the most popular solutions available. All services listed have a developer API available, meaning that integration between systems is possible.

You'll find that some of the categories listed earlier are not covered here. Order management, product catalog, and shopping cart are the core services provided by the larger e-commerce platforms and separating out those services does not make huge business sense.

Another example is account management for customers. In all three cases, if you weren't using a central e-commerce system, you would likely build them yourself, powering it all through a database, which is a caveat of hybrid architectures; unless you're willing to build some parts from scratch, you'll need to consider one of the large e-commerce players.

Billing and Invoice Systems

For both the shopper and merchant sides of the business, a single service can suffice, managing everything from checkout to billing and invoicing. The services listed below are considered the premium players in online payments and provide numerous permutations of services and integrations. In the case of all the services listed below, payment details are stored by the provider, reducing risk and exposure to fraud.

Table 2

Service	Description
PayPal	One of the original payment providers, PayPal provides a basic Smart Payments integration and additional features for shipping changes, advanced look and feel, refunds, and dispute handling. Checkout page customizations are also available for merchants. A complete set of REST APIs are available, covering anything you need for a payment system.
Square	As well as providing an e-commerce platform, Square provides a complete payment service that integrates with everything from WooCommerce and Magneto to Wix and Wordpress. This all works with the physical Square terminal, a point-of-sale device. Full developer APIs also exist to accept payments and create and track orders.
Stripe	Quickly becoming one of the internet's most popular payment services, Stripe prides itself in being developer first, with client and server libraries available for all platforms and pre-built integrations into platforms such as Shopify, WooCommerce, and NetSuite. Detailed analytics and reports are available for merchants.

Checkout Services

The following services provide a simple checkout button for payment, leaving billing and invoicing to partner integrations, or for you to build yourself. These systems are perfect when you want to leave all card details outside of your system.

Table 3

Service	Description
Amazon Pay	Amazon Pay allows the addition of a payment button to your site and integration with e-commerce providers along with a developer API. Payments are made through the shopper's own Amazon account.
Apple Pay	Apple provides an API and buttons for payment but relies on e-commerce platform integration to provide other functionality. For customers who have Apple Pay set up on their devices, this can be a faster payment system to use but not as fully featured as others.
Google Pay	Google Pay allows customers to use any payment method saved in their Google account. It integrates with Shopify, Magneto, and other major e-commerce platforms.

Inventory Management

The following services help in managing store inventory and orders, as well as providing the product catalog for shoppers. Standalone inventory management systems are rare, with this being the core selling point of larger e-commerce systems.

Table 4

Service	Description
Square	Square provides complete APIs and services for managing product catalogs, adjusting inventory as well as order creation and tracking. There is even a set of functionality covering customer management that provides a lightweight CRM for your store.
Shopventory	An extensive suite of inventory tools, including reporting, to help manage your supply chain. Offers integrations for Shopify, Square, BigCommerce, WooCommerce, Clover, and PayPal. API access is also available.
Zoho Inventory	Strong integration capabilities to Shopify and Zoho's own offering as well as payment services (e.g., PayPal, Stripe). Zoho's solution has the flexibility to work as a standalone service or can be wrapped up with their other products. A detailed API gives you control over every possible feature.

Business Intelligence and Analytics

The following services are proven to give business owners better insight into what their customers are doing when visiting their website:

Table 5

Service	Description
Google Analytics	One of the most popular analytics solutions for the web, Google Analytics allows you to track and report on almost anything once you add the appropriate tracking codes and plan the flows and metrics that you want to observe. One of the attractions of the service is that it's free, but the data does reside on Google's servers.
HotJar	HotJar allows you to view exactly where your users are clicking and scrolling on your site using heatmaps, giving a more visual approach to understanding your users. It also lets you replay what your shoppers are doing on the site. For A/B testing or improving UX, this can be useful.
KissMetrics	With integration into Shopify, KissMetrics is a paid analytics solution that allows you to view key metrics at a high level and understand cohorts of users.

CRM Systems

The following CRMs are considered leaders in the business. As such, they have integrations into the most popular e-commerce systems and typically provide great API capabilities.

Table 6

Service	Description
Salesforce	Salesforce has cornered the CRM market, offering a large marketplace and integrations into all major e-commerce platforms. However, the API can seem a bit daunting at first.
Zoho CRM	Zoho's core strength is the simple integrations with many tools and services, from Office365 and GSuite to SurveyMonkey and MailChimp. Along with their API, one of the most interesting parts is the Deluge serverless functions, which allow developers to write event-driven code, making this the most developer-friendly option.

Chatbots

The following table contains several Chatbots from prominent players:

Table 7

Service	Description
Amazon Lex	As part of AWS' expansive suite of services, Lex has the benefit of being able to hook into serverless functions (AWS Lambda) to make the possibilities of the chatbot conversational flow limitless. Integration with Amazon Polly allows text-to-speech functionality within the bot. This can also be created using the web interface or through the Amazon CLI (command line interface).
Facebook Messenger	For those who already have a Facebook page and want to have the same bot experience running between all online properties, a Facebook Messenger bot is a great start. With their Customer Chat Plugin, you can integrate the Messenger bot directly into your own website.
HubSpot Chatbot	HubSpot provides a no-code solution for building their chatbot, delivering templates for you to get started or allowing you to start from scratch. HubSpot Chatbot can be integrated into HubSpot's CRM, which allows you to give more personalized feedback to known customers.

Recommendation Engine

Below lists an industry-leading recommendation engine:

Table 8

Service	Description
Amazon Personalize	As a leader in e-commerce, it's no surprise that Amazon provides one of the best recommendation engine implementations. Machine learning (ML) is involved in building recommendations, but the interfaces make this easy to manage without ML experience. As well as giving unique homepage experiences for customers, it can be used for more personalized marketing communication.

Section 5

APIs for E-Commerce Platforms

If the prospect of building an entire e-commerce application appears daunting, but you still want to maintain some creative control, there are a number of approaches that you can take. Using SDKs and APIs, you can integrate with existing platforms, saving yourself infrastructure headaches. Rather than needing to build your own infrastructure for an e-commerce application, you can leverage a number of different APIs and SDKs from established platforms. With these APIs, you can integrate and extend the built-in features of the platform.

The following chart looks at the developer API functionality that is exposed across five of the most used e-commerce platforms:

Table 9

	Platform
	Magneto	Shopify	SquareSpace	Wix	WooCommerce
*API Type*
REST	X	X	X	X	X
GraphQL	X	X			X
Specialized access				Velo
*API Categories*
Inventory	X	X	X	X
Orders	X	X	X	X	X
Products	X	X	X	X	X
Profiles/users	X	X	X	X	X
Transactions	X	X	X	X
CRM	X			X
Cart	X	X		X
Analytics		X
*Extras*
Webhooks		X	X	X	X
Open source	X				X

Section 6

A Look at Open-Source Alternatives

If you wish to have the option of full control over your store without needing to consider any third-party platforms, but want to avoid building the architecture from scratch, you should investigate some open-source e-commerce libraries. It's notable that PHP has been the most popular language for open-source platforms. Along with WooCommerce and Magneto, the following are some of the most used open-source alternatives:

Table 10

Product	Description	Language
Shopizer	Includes shopping cart, product catalog, search, checkout, administration, and a REST API. Includes a CloudFormation stack for deploying to the AWS cloud.	Java
OpenCart	Allows management of multiple stores from one admin back end; offers a large feature set; is mobile and SEO friendly. The OpenCart marketplace has additional modules and themes and includes a REST API.	PHP
PrestaShop	Has an Addons Marketplace with templates for e-commerce sites and additional modules for metrics and checkouts.	PHP

Section 7

Conclusion

This Refcard has highlighted the considerations and components of an e-commerce system, making it clear that it's far from trivial. Online shopping has never been more popular, and there are a huge variety of paid and open-source choices if you want to build your system. The gains can be great for those who roll out their own solutions; however, it is not an undertaking for the risk-averse with the associated security and data privacy concerns. A hybrid approach is likely to suit most entrants, with each of the major platforms offering customizations to differentiate your store from the competition.

E-Commerce Development Essentials

The Building Blocks to a Successful E-Commerce Architecture

Introduction

Build or Buy