Payment Card Industry (PCI) Data Security Standard (DSS) – (PCI DSS)

https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-1.pdf

https://www.pcisecuritystandards.org/documents/PCIDSS_QRGv3.pdf

 

Advertisements

Pay Per Click Strategy

There are many sources of traffic for an ecommerce website. Some of them are:

• Search engines
• Social media
• Word of mouth
• Conventional media
• Pay per click (PPC).

Each traffic source has its pros and cons. I find it fascinating that many ecommerce businesses are maintaining healthy profits, and growth, solely with PPC ads.

The PPC Math
The clicks that you are paying for can quickly add up to a large number. Hence it is important to get a grasp on the Math involved in PPC campaigns for ecommerce businesses. Here are some important terms that you will have to keep in mind before understanding the Math.

• Cost Per Click (CPC)
  The CPC is the cost that you pay the PPC ad network, such as Google AdWords, to get one click on your ad. That translates to one visitor to your ecommerce website. Often the CPC is not a number that is determined before hand. Ad networks such as Google AdWords use an auction mechanism. As a result your actual CPC is usually lower than the maximum CPC setting.If you want your calculations to be conservative, you can consider your CPC to be the maximum CPC that you have permitted. A more accurate calculation could be obtained by considering the actual CPC that you end up paying. The problem with using the actual CPC is that it changes from time to time. A sudden spike in CPC could derail your pay per click strategy.
• Conversion Rate (CR)
  Based on your track record, you should know the proportion of visitors who end up making a purchase on your ecommerce website. For instance, if you find that, on an average, 3 visitors out of every hundred make a purchase, then your conversion rate is;(3 ÷ 100) = 0.03
• Yield per Conversion (YPC)
  Divide the total profit made, by the number of visitors who made those purchases. This gives you your yield per conversion. In calculating profit, make sure to deduct your cost of procuring the goods sold. Also deduct costs such as payment gateway charges and shipping. Do not deduct fixed overheads, which are not directly related to the cost of goods sold, such as your establishment costs. Also, do not deduct the expenditure on PPC advertising.
• Yield per Visitor (YPV)
  Yield per visitor is the product of CR and YPC, i.e.,YPV = CR × YPC

  The yield per visitor gives you the average amount of money you expect to make per visitor to your website.

The PPC Profitability Formula for Ecommerce Businesses
You are making money if:

CPC
For those who hate Algebra, let me elucidate. As long as the cost per click you bear is lower than your yield per visitor, you are making money.

To put it another way, the CPC is what you spend to get one visitor, and the YPV is what you earn per visitor. As long as the YPV is greater, you are making money.

An Example
Suppose you set up a PPC campaign on Google AdWords, and your CPC is $0.25. Based on your experience, you know that 2% of the visitors to your site make a purchase. So your CR is 0.02. Now assume that the average profit you make per sale is $12.5, i.e., your yield per conversion is $12.5. We can see that:

CPC = $0.25
CR = 0.02
YPC = $12.5

YPV = CR × YPC = 0.02 × 12.5 = $0.25

Hence CPC = $0.25 = YPV

This situation where CPC equals YPV is called breakeven. At the breakeven point you are neither making nor losing money.

Notes on Computing PPC Profits

• Though the calculations indicate that you will make money above breakeven, you should try and ensure that you are far above breakeven, so that you make a healthy profit.
• All variables in the computation are within your control; at least to some extent. Try to increase your CR and YPC, while lowering your CPC.
• Because fixed business overheads are not factored into this computation, most small ecommerce businesses need the YPV to be much higher than the CPC, often by a multiple of 5 or more.

Reference: http://ecommerce.about.com/od/eCommerce-Marketing-Strategies/a/Pay-Per-Click-Strategy.htm

ID-Less URL Structure Demystified – How Does to Resolve ID-Less URLs?

I believe many of you nopCommerce pro users and developers are aware that nopCommerce 2.70 and 2.80 have employed a cleaner URL compared to the previous versions. From URLs that are suffixed with ‘.aspx’ in versions 1.XX; to extentionless but rather verbous URLs in versions 2.65 and below, we have seen a lot of changes in the URL structure in nopCommerce. However, none of them are as mysterious as the URLs in 2.70 and 2.80. Why? Because nopCommerce seems to know the magic to convert from any arbitrary texts to integer IDs.

For example, the link for my NopLite – nopCommerce Responsive Theme ishttp://www.pronopcommerce.com/noplite-nopcommerce-responsive-theme. You don’t see ANY integer in the URL, but nopCommerce somehow knows how to map from the URL to the appropriate ID. On the other hand, the nopCommerce 2.65 URL for my NopLite theme would have been:http://www.pronopcommerce.com/p/7/noplite-nopcommerce-responsive-theme. Note the ‘7’ somewhere in between the URL, that’s the Integer Product ID.

So the question is, how does nopCommerce 2.70 and 2.80 know the ID without looking the ID?

The UrlRecord Database Table

Well, the information is actually stored in a database table called UrlRecord. The table stores the slugs of entities to be mapped. A slug is any URL friendly-text and must be unique per nopCommerce installation. And then there is the EntityId column, which actually maps back to the actual entity represented by the slug. Last but not least, the EntityName column tells nopCommerce the actual entity type (Category, Product, BlogPost and etc) that an EntityId represents.

This table, although useful, is only one part of the equation. We have stored the information, then there must be a way to connect the dots to somehow retrieve the information from the database, and map it with the URLs. The next part of the “magic” lies in the code.

Connecting the Dots – GenericUrlRouteProvider, GenericPathRoute and GenericPathRouteExtensions

First of all, let’s open Nop.Web.Framework.Seo.GenericPathRoute.cs, and you’ll see something like below:

Basically what the GenericPathRoute class does is to retrieve the RouteData information from the HttpRequest, extract the slug, and compare it with the database record (remember our UrlRecord database table?). If it eventually finds any active exsting record, it then provides additional values to the RouteData (see figure below) such as the Controller, the Action and the ID. In short, GenericPathRoute.cs encapsulates the logic that glue together the three pieces: UrlRecord database table, the actual Controller & Action that is responsible for producing the HTML result, and any other parameters required for the Action to perform correctly.

But we are still missing one thing – we need to actually tell MVC to map the ID-less URLs to our freshly baked GenericPathRoute class. In other words, we have to let MVC routing engine knows that: when there is any ID-less URL coming in, we’ll let GenericPathRoute to do the heavy lifting of determining which Controller and Action to call and with what parameters. The figure below shows the GenericUrlRouteProvider class (found inNop.Web.Infrastructure.GenericUrlRouteProvider.cs) doing exactly this job. See the lines around the MapGenericPathRoute() method. The MapGenericPathRoute() method can be found inNop.Web.Framework.Seo.GenericPathRouteExtensions.cs.

Conclusion – There is Actually No Magic in nopCommerce ID-less URLs

Yeap, the whole architecture in nopCommerce ID-less URLs is pretty clever, but there is really no magic in it. To recap, here are what make up of the ID-less URLs architecture:

• UrlRecord database table – to store the mapping between a slug and the actual entity
• GenericPathRoute class – to map a slug with the actual entity with the help of UrlRecord, thereby providing the RouteData to MVC’s routing engine
• GenericUrlRouteProvider class – to tell MVC’s routing engine to let GenericPathRoute class handle ID-less URLs

Hope this explains the issue! Have any other topics that you want explained? Let me know in the comments, or better yet, use the UserVoice feedback widget at the right side to tell me your ideas! 🙂

 

Reference : http://www.pronopcommerce.com/nopcommerce-id-less-url-structure-demystified-how-does-nopcommerce-270-and-280-resolve-urls

Processing E-Commerce Transactions

E-commerce merchants do not have the benefit of interacting with consumers face-to-face, which increases the risks of processing fraudulent transactions. It also presents communication challenges that brick-and-mortar merchants do not face. In order to minimize fraud risks and to promote customer satisfaction, all e-commerce organizations must adhere to the following policies and principles:

• Authorize all transactions. The floor limit in e-commerce transactions is always zero, which means that all transactions must be authorized. An authorization approval ensures the merchant that there are enough funds in the account and that the card has not been reported lost or stolen. Yet, an approval is not a proof that the true cardholder is making the purchase or that a legitimate card is used.
• Comply with the Associations’ card-not-present chargeback rules. Because of the greater fraud risks involved in a card-not present environment, even if a transaction has received an authorization approval from the card issuer, the merchant may still be liable for afraudulent transaction. Web-based merchants need to build adequate risk managementsystems to counteract these risks.
• Enter an accurate Electronic Commerce Indicator (ECI) for all online transactions.The ECI must be included in the authorization and settlement message and it identifies the transaction as “e-commerce.”
• Comply with the Payment Card Industry (PCI) Data Security Standard (DSS). PCI DSS is a is a worldwide information security standard, created to help organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. Compliance with the standard is mandatory for all organizations which hold, process, or pass cardholder information from any card branded with the logo of one of the card brands.
• Never store the card security codes. Card security codes are the 3-digit numbers placed on the back of Visa (CVV2), MasterCard (CVC 2) and Discover (CID) cards and the 4- digit numbers on the front of American Express (CID) cards. These codes are used as an additional way to verify that the customer is in a physical possession of the card at the time of the transaction.
• Display on your website the logo of the credit card brands that your organization accepts.
• Accept all credit and debit cards that belong to the brands you have elected to honor. The cards should be accepted regardless of the dollar amount of the transaction.
• Include all applicable taxes in the total transaction amount. You should not collect taxes separately. Cardholders must have written records of the total amount of their purchase, including taxes.
• Deposit transactions with your processing bank only for your business. It is prohibited, under any circumstances, to accept card payments for other businesses.
• Deposit transaction receipts within five calendar days of the transaction date. Be advised that, for card-not-present transactions, the transaction date is the shipping date, not the order date. Transactions deposited more than 30 days after the transaction date may be charged back to you.
• Provide customers with the expected delivery date. For card-not-present transactions, cardholders should be informed of the delivery method and of the expected delivery date. Transactions cannot be deposited until the products or services have been delivered.
• Make your organization’s return and credit policies available to consumers through clearly visible links on your website. Placing these links in your website’s footer or header will usually make them present on all pages.
• When a delivery is running late, follow these steps to obtain two authorizations:
  • Create two transaction receipts, one for the deposit and another for the remaining balance. Write “Deposit” and “Balance” on the receipts.
  • Obtain an authorization for each transaction receipt on their respective transaction dates and make sure that the authorization response code appears on each receipt.
  • Write “Delayed Delivery” on each transaction receipt.
• Never impose a surcharge on a card transaction. You are allowed to offer a discount if your customer selects a different payment method, e.g. cash or check.
• Never use a card to collect other debts or dishonored checks.

Be advised that card issuers have 120 days from the transaction date to charge back transactions in which the cardholder claims to have not participated. In card-not-present environment, the transaction date is the shipment date, not the date when the order is placed.

 

Reference: http://blog.unibulmerchantservices.com/processing-e-commerce-transactions/?PageSpeed=noscript

Selling online: an overview of the rules

There has been a steady growth in the variety and volume of goods and services which are available on-line to both businesses and consumers, and on-line selling is increasingly seen as a major way for all businesses to save costs. Almost inevitably, as the practice of on-line selling proliferates so does the amount of legislation governing it. This article provides an overview of the law governing on-line sales in the UK and an analysis of the issues that a business should consider before setting up an on-line sales process.

The law governing online sales

There are two distinct types of legislation that affect on-line retailers. Firstly, traditional consumer protection regulations apply to all consumer sales made on-line. These regulations are well established, but it is important to remember that they apply to on-line retailers as much as they do to traditional ones. Secondly, there are regulations designed specifically to deal with problems and issues facing retailers on-line.

Traditional consumer protection regulations

These protect purchasers and consumers whether they are buying the goods over the counter of a shop or over the internet. For instance the

Sale of Goods Act gives certain rights to purchasers about the quality of the goods they receive, and their rights if the goods fail to live up to these standards. The Consumer Credit Act protects consumers’ rights when they enter into an agreement for someone to provide them with loans or credit facilities including circumstances where they buy goods or services using a credit card. The Unfair Terms in Consumer Contract Regulations protect consumers’ rights where they enter into agreements with retailers who try to impose unfair terms in the agreement. There are also numerous other pieces of legislation, many of which will apply to different contract and product types.

Online regulations

These regulations are new, and were brought into force largely to protect consumers’ rights when they buy products either over the internet or by telephone. They largely derive from EU Directives, and include the E-commerce Regulations , the Distance Selling Regulations and the Electronic Signatures Regulations . These are the regulations that control the actual on-line sales process and they provide the starting block from which we can consider the practical business requirements of on-line retailers.

Although the traditional consumer regulations are important for all sales processes, this article focuses on the on-line regulations and how they affect the various stages of the on-line sales process. The next five sections take you through what the regulations require including information that must be provided to a purchaser, the use of electronic signatures, contract formation issues and ensuring your contract is legal.

Information that must be supplied

The various regulations share a central theme: companies should not hide themselves from purchasers, and should provide as much information to purchasers as possible.

Company information that must be supplied under the E-Commerce Regulations

The E-Commerce Regulations require that all commercial web sites make the following information directly and permanently available to consumers via the website:

• the company’s name, postal address (and registered office address if this is different) and email address;
• the company’s registration number;
• any Trade or Professional Association memberships;
• the company’s VAT number.

All of this applies regardlessof whether the site sells on-line. In addition, any commercial communication – that is any email or even SMS text message – used in providing an “Information Society Service” must display this information.

The E-Commerce Regulations also require that all prices must be clear and unambiguous, and web sites must state whether the prices are inclusive of taxes and delivery costs.

Contractual information that must be supplied under the E-Commerce Regulations

When it comes to actually going through the contractual process the requirements for information increase once again and the consumers must be told:

• the steps involved in completing the contract on-line;
• whether the contract will be stored by the retailer and/or permanently accessible;
• the technical means the site uses to allow consumers to spot and correct errors made while inputting their details prior to the order being placed;
• the languages offered to conclude the contract;

The website must also provide links to any relevant Codes of Conduct to which the retailer subscribes and set out the retailer’s Terms and Conditions, in a way which allows users to save and print them.

All of this information must be provided before the purchaser selects the product and starts the contractual process and it is possible to convey it early on in the sale, without deterring users with an unwieldy sales process. The most common route is to bundle as many of these details into the terms and conditions as possible, and ensure that consumers are appropriately directed to read them.

Information that must be supplied under the Distance Selling Regulations

These Regulations set out the information which must be provided to a consumer prior to the conclusion of the contract.

The information must be provided in a clear and comprehensible manner which is appropriate to the means of distance communication used. This means that the information can be set out on a web page, provided that the information is brought to the attention of the consumers before the contract is entered into. The information to be provided includes all of the information which a supplier should, in any event, wish to provide in relation to:

• the identity of the supplier;
• the main characteristics of the goods or services;
• their price;
• arrangements for payment and delivery; and
• the existence of the right of cancellation created under the Distance Selling Regulations.

Information that should be set out in the terms and conditions

The terms and conditions should:

• make it clear who is selling the product, together with the geographical and email address;
• describe clearly what the customer is getting and what it will cost, including all taxes and delivery costs; and
• identify the arrangements for delivery of the product.

The terms and conditions of the site are very important, and will vary for every retailer. It is important that the terms and conditions are properly drafted, as poorly drafted terms and conditions will expose the retailer to unnecessary risk.

Electronic signatures

The Electronic Signature Regulations apply to any contract and not just those entered into with consumers. In order for there to be a binding contract the following essential elements of a contract must be present:

• an unconditional offer;
• an unconditional acceptance of that offer;
• consideration passing from both parties other than in Scotland where consideration is not a requirement; and
• an intention to create legal relations, i.e. the parties must intend to enter into a legally binding contract.

There must also be certainty as to the terms, parties and subject matter of the contract. For the majority of contracts there is no legal requirement for a signature.

Whenever a person buys or sells something he or she is entering into a contract, no matter how small the purchase. In the newsagents, when a person buys a newspaper he or she contracts with the newsagent for the purchase. The newsagent makes an ‘Invitation to Treat’ by placing the publication on sale. The person offers to purchase it from the newsagent, proffering money, and the offer is accepted (concluding the contract) by taking the money. This is still a contract, although not a word needs to be said, and nothing is written down. However, the essentials of a contract have been formed: an offer (to buy, or sell), an acceptance of that offer, and (everywhere except Scotland) consideration (whether money being paid, or some other form of consideration) for the sale. The various stages of the contractual process will be discussed in more detail later, as it is important to distinguish between who is making the offer and who is accepting it.

Signatures are not actually necessary for the conclusion of every contract (your visit to the paper shop could become a chore), but they can have three essential functions when we consider on-line contracts:

• To identify the person who has bought the product;
• To indicate a personal involvement, or trustworthiness; and
• To indicate an intention to be bound to the contract.

The principal, and simple effect of the Electronic Signature Regulations is to make electronic signatures legally valid. Most of the discussion, and further interpretation of electronic signatures actually comes from a report published in December 2001 by the Law Commission entitled “Electronic Commerce: Formal requirements in Commercial Transactions”, and in subsequent guidance from the DTI.

Depending on exactly what is being sold the method of collecting the electronic signature will vary. In most cases, the function required of the electronic signature is the third one listed above – indicating that the purchaser is making an offer to contract. However, for more complex products being sold on-line, for instance financial services products, the role of the signature may become more important for one or both of the first two reasons.

Depending on the value and/or importance of the transaction the parties may want a greater degree of certainty as to reliability of the signature. This may involve the use of public key infrastructure, for example.

Contract formation issues

The main issues considered in this section are how, when and where the contract is formed. This involves an analysis of the contract formation procedure based on the principle of offer and acceptance and the significance of the “country of origin” principle.

The offer and acceptance procedure online

Step 1: Establishing the offer and acceptance procedure

This is where the E-commerce Regulations can be used to the seller’s advantage. It is possible to sell on-line and take payment by credit card without concluding the contract on-line. The solution is to provide that the customer is making an offer on the site and that the contract will be formed only if the customer’s order is accepted – and that taking payment from the customer’s credit card does not indicate cceptance.

On-line merchant accounts provide for making refunds to a customer’s credit card. Therefore, the terms should explain that, while the customer’s card may be debited before the contract is formed, if the customer’s order is ultimately rejected, a refund will be made immediately.

Step 2: Completing the order form

The customer is taken to the order form where he completes the quantity of goods and his delivery details. It would be good practice to offer three buttons: submit, clear and cancel. The “clear” button is needed because the E-Commerce Regulations require a means for the customer to correct any errors.

Step 3: Incorporating the terms and conditions

At the bottom of the terms and conditions page the purchaser should, ideally, be required to check a box to indicate that he or she has read, understood and accepted the terms and conditions, before clicking the “Accept” button. The “Accept” button should not work until the box has been checked. Equally the page should be designed in such a way that the consumer cannot check the box and click “Accept” until the page has fully loaded onto the screen. By doing this, you improve your position in the event that a purchaser claims there was no opportunity to read your terms.

While there is no responsibility on the retailer to ensure that the consumer has in fact read them, following this procedure will demonstrate that reasonable efforts have been made to bring them to purchasers’ attention. The terms and conditions should be in a format that can be printed or saved – therefore avoid pop-up windows and ensure that they fit within the width of the page and are presented in a way that they will print properly.

It is wise to also include a term like the following:

“By clicking the ‘Accept’ button you agree to these terms and conditions. By completing and submitting the following electronic order form you are making an offer to purchase goods which, if accepted by us, will result in a binding contract.”

The words, “if accepted by us,” are very important.

This approach is the suggested ‘best practice’ approach for relaying the terms and conditions, and ensuring that the consumer has read them. However, it is not the most consumer friendly approach to present the purchaser with a screen of ‘small print’ in the middle of what, to the consumer, was an otherwise normal shopping experience. Therefore a number of on-line retailers adopt a second-best approach, which is to include a link to the terms and conditions, and make the consumer tick a box to confirm that they have read and accepted the terms and conditions, before they click the main button to buy the product. This approach, while not as legally secure, is probably acceptable in a number of purchasing models.

Step 4: Taking the consumer’s credit card details on-line

At this stage, the user should be taken to the page on a secure server where his credit card details are taken. This page should state: “Your card will be debited with the sum of £X when you click the Submit button. This will be refunded if your offer is refused.” Repeat the choice of submit, clear and cancel.

Step 5: Acknowledging receipt of the order

When the card details are validated, the E-Commerce Regulations require that you give the customer an acknowledgement page and send an acknowledgement email. This should not confirm a contract; it should instead confirm that the order has been received and that the order is being “processed”. It is helpful to give the customer an order number at this stage so that he or she can chase-up any problems. It is good practice, though not legally required, to ask the user to click a button on a confirmation page to indicate that he has read the confirmation – e.g. a “Continue” button, linking to the homepage of the site.

Step 6: Providing confirmation of the information provided and the right to cancel

The Distance Selling Regulations now require the supplier to provide the consumer in writing or in another durable medium confirmation of the information provided prior to the conclusion of the contract and details of the right of cancellation. Generally a consumer has a period of seven working days within which to cancel the contract and return the goods to the supplier. The only cost to a consumer will be the cost of returning any goods received by it to the supplier.

A consumer will not be entitled to cancel a contract after it has been entered into, where the supplier has commenced the provision of services with the consumer’s agreement prior to the end of the cancellation period then the consumer will not have the right to cancel the contract for the provisional services. However, in order to benefit from this exception, the supplier must have advised the consumer that the consumer will not be able to cancel the contract once the performance of the services has begun with the consumer’s agreement.

It is not possible to contract out of the Distance Selling Regulations. Any term which attempts to do this will be void to the extent that it is inconsistent with the provisions of the distance Selling Regulations.

Step 7: Delivery

Finally, dispatch the goods. If a typo mislabelled an item costing £200 at £2 and someone ordered 500 of them, the site could politely – and legally – refuse the order. This is because by following the procedure set out above the dispatch of goods is in effect the acceptance of the offer made by the consumer at the start of the process. Until this point there has been no acceptance and only an acknowledgement.

The “country of origin” principle

The E-commerce Regulations apply a “country of origin” principle. In its simplest form, this means that as long as a UK business complies with UK laws, it can “ignore” the laws of other Member States. In general terms this is a definite bonus for on-line retailers. However, recognising that such an approach would be bad news for consumers, this basic rule is qualified.

The E-Commerce Regulations do not apply the country of origin principle to the terms of consumer contracts. In practical terms, this means that a UK-based e-commerce site’s terms and conditions should meet the laws of every Member State in which consumers can buy its products, not just UK laws.

As a result of the consumer contract exception, any site selling to French consumers must provide its terms and conditions in French – otherwise they may be considered invalid. If selling into Denmark, consumers must be given a 14 working day cooling-off period during which the consumer can change his or her mind about the purchase and return the goods for a refund. In the UK, the cooling-off period is only seven working days. These are only examples, of course there are many other differences.

Despite this significant qualification, there are still advantages in the Regulations’ country of origin principle that can benefit a UK-based business. For example, the UK’s retail laws are among the most relaxed in Europe. This can give UK businesses advantages over, say, German competitors. A German e-tailer must comply with any German restrictions on promotional offers; its UK rival escapes such restrictions, even when selling to German consumers.

Ensuring your contract is legal

It is important for e-commerce retailers to ensure that the contract which is formed with the consumer under the process described above is both legally correct and also affords the retailer the maximum protection. There are various ways in which the contracting process can be structured to be legally correct, and it is important to balance absolute best practice, and a more commercial approach which is still legally correct. Equally, it is surprisingly easy to structure the process in a way which is legally incorrect, and which exposes the company to more risk than is necessary.

 

Reference: http://www.out-law.com/page-424

WHAT IS THE BEST SIZE FOR ECOMMERCE PRODUCT IMAGES?

Good product images move merchandise on ecommerce sites. It’s a fact.

Yet it takes a lot of time to produce good ecommerce product images, unless you take the easy way and simply use whatever the manufacturer or distributor can send you. (If you do, your product pages will closely resemble the other sites using the exact same images).

Size is one of the most important characteristics of good product photography. (For the sake of this article, I’m talking about physical dimensions, not resolution). Assuming you’ve staged and lit the product effectively in your photos, taken sharply focussed images, and don’t have to do any PhotoShop work beyond cropping, the last two issues are file type and image size. While you’re likely going to choose between .png and .jpeg for file type., what is the best size for ecommerce product images?

In general, ecommerce sites use three sizes (the numbers below refer to pixels):

Small: Thumbnails

These are small (100 x 100 or 200 x 200) images that appear in product category or site search results listings. They are usually just large enough to convey shape, design and color. Clicking on the thumbnail launches either a dedicated product page (with a larger, full-sized image), or just the larger image.

Medium: Product pages

Every product needs good product page-quality images. These images (usually 640 x 640 or 800 x 800) should show the various perspectives of the item such as front, side, underneath, etc. Here is a great 880 x 667 picture from MarthaStewart.com.

 

Detail Views/Zoom

Depending on the product category, detailed close-ups are super important. Any products where fabric, surface texture, patterns, colors or manufacturing details are part of the product value and evaluation criteria require zoom functionality. You can do this in a couple of ways; take separate close-up shots, or integrate click-to-zoom or mouse hover functionality. 800 x 800 and 1000 x 1000 are plenty big enough for mouse hovers.

Fast fashion retailing giant Zara uses huge close-up photos that fill your screen. The Bird’s Eye suit page has six photos, all of which you can click to produce a closer view. In contrast, athletic footwear brand Saucony has used mouseover closeups for several years. Here is an example:

Platform Restrictions

Many ecommerce platforms have their own photo size restrictions that supersede what you just read. For example, LightSpeed’s Point of Sale application restricts maximum image size to 512 x 512. If you load a 1000 x 1000 image,  it is automatically reduced to a maximum of 512 X 512.

Shopify’s own recommendations are 1024 x 1024 at 72 dpi (dots per inch resolution). While this is the recommendation, the platform does support product images up to 2048 x 2048.

Magento recommends three different image sizes. A 50 x 50 thumbnail works for the thumbnail gallery, shopping cart, and Related Items suggestions. A 370 x 370 “Small Image” is recommended for listings on category and search results pages, as well as the Up Sells, Cross Sells, and the New Products sections. The main image on the product details page is referred to as the Base Image. 370 x 370 is the base non-zoom size, while 1100 x 1100 is recommended for image zoom situations.

Yahoo! Merchant Solutions restrict uploads to 2000 pixels in width or height.

Wix has two formats, 200 x 200 for the gallery images sizes and 400 x 400 for product pages. What’s interesting about Wix is the insistence that all images have an image ratio of 4:3. (They’re pretty rigid about this requirement).

What is the Best Size for Ecommerce Product Images?

The short answer is the one that works for your site. If you’re one of the millions of retailers hosted on platforms, your options are limited by the vendor. Whatever you choose, however, standardize on your categories. If you’re going to use thumbnail, product and zoom categories, pick three sizes (one for each category) and stick with them.

Reference: http://www.fastpivot.com/blog/ecommerce/what-is-the-best-size-for-ecommerce-product-images/