A.  A site visitor is anyone that just comes to the site and browses around but does not do anything that creates a record for them in the database.  Site visitors are not recorded or tracked in the software.  An anonymous customer is a site visitor that interacts with the site in a way that creates a record in the DB – for example choosing a locale or adding to the cart.  If the customer goes on to register, they become a registered customer.

Q.  What are the pros and cons of allowing anonymous checkout?

A.  Anonymous Checkout allows customers to go through checkout without creating an account and choosing a password.  The checkout process is slightly shorter, but customers lose the ability to automatically reorder previous purchases, check order status, and use gift registries or wishlists.  Research shows that even though the time saving is only a few seconds, many customers (almost a quarter) will not complete purchases on sites that require registration. Please see the manual page on this feature for more details.

Q.  What are the differences between PayPal’s different services (Standard, Express, and Pro)?

A.  PayPal Standard takes customers off of the storefront site to pay through the main PayPal site.  After payment is received, PayPal tries to send customers back to the storefront site.  PayPal Express functions the same way, but allows customers to check out from the shopping cart page rather than going all the way to the payment page.  PayPalPro is a fully-integrated payment gateway – customers check out on your site.

Q.  How do I extend the admin timeout period?

A.  Set the SessionTimeoutInMinutes AppConfig to a higher value.  Note: Setting this timeout period to higher than 15 minutes is a PCI PA-DSS violation.

Q.  Does AspDotNetStorefront support B2B (Business to Business) sites?

A.  The software has several features that allow businesses to restrict who can shop on the site.  Store admins can force all customers to log in before viewing products, use customer level filtering to determine which customers see which products, or set up wholesale sites that prevent unregistered customers from seeing prices or adding products to the cart.

Q.  How do I know if my site needs to worry about PCI compliance?

A.  The PCI Security Standards are a formalized set of requirements created by the Payment Card Industry Security Standards Council to protect private credit card information.  These standards are enforced through the means of payment gateways denying or shutting down merchant accounts for sites that are not in compliance.  “The PCI DSS applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data.  If you are a merchant who accepts or processes payment cards, you must comply with the PCI DSS.”  The majority of ecommerce sites are going to be required to adhere to these standards.  As a PCI DSS certified application, AspDotNetStorefront helps attain that compliance.

Stores that use so-called ‘boomerang’ gateways (see below) may not be responsible for meeting these standards.  Please view the full standards documentation to determine if your site is liable.

Q.  What is a ‘boomerang’ gateway?

A.  Boomerang gateways (also known as hosted payment gateways) take customers off of the storefront site to pay.  While these gateways can sometimes eliminate the need to adhere to the PCI DSS guidelines (see above), they generally increase customer abandonment rates as customers can be hesitant to enter payment information on sites they don’t recognize, and communication back to your storefront site is not always 100% reliable.

AspDotNetStorefront supports the following boomerang gateways:

            - PayPal Standard

            - PayPal Express

            - Worldpay

            - Google Checkout

            - Ogone (3-tier method)

Q.  Can I restrict products to certain customer groups?

A.  Yes, through the use of customer levels, products can be filtered to only appear to certain customers.

Q.  Does AspDotNetStorefront store credit card numbers?

A.  Not by default, though it can be set to do so if desired.  Note:  Storing credit card affects PCI PA-DSS compliance (see above).

Q.  Does AspDotNetStorefront run on my hosting provider?

A.  AspDotNetStorefront will run on the majority of .NET-supporting hosting providers that meet the software requirements.  Note that some hosts are not compatible due to resource or security limitations.  Please see our hosting page for a list of recommended and known incompatible hosts.

Q.  Does AspDotNetStorefront support ‘wholesale’ sites?

A.  Yes, the software has a built-in wholesale mode, which allows unregistered customers to view products, but not see their prices or add to the cart.