Riddell is a premier designer and developer of protective sports equipment. They are the recognized leader in football helmet technology and innovation for professional and amateur athletes. Riddell also specializes in manufacturing of shoulder pads and reconditioning services (cleaning, repairing, repainting and recertifying existing equipment).
The Commerce of Helmets
The U.S. market for sports protective equipment was worth $1.8 billion in 2012. The market is projected to increase to nearly $1.9 billion in 2013 and $2.1 billion in 2018. Even as the market grows, there are concerns about the safety of the players.
Athletes in the U.S. suffer 3.8 million sports-related concussions each year. In a widely publicized 2013 interview, President Obama said that "if I had a son, I'd have to think long and hard before I let him play football," due to the risk of long-term brain damage many football players suffer as a result of repeated head trauma and concussions.
Riddell has been both a pioneer and leader in innovating, developing, manufacturing and supplying protective sports equipment. They have developed a smart helmet technology that monitors and alerts sideline staff when significant single and multiple impacts are sustained during a football game or practice.
Riddell was keen on improving its web presence as it was gaining more traction online. It wanted a high performing website combined with great customer experience.
They had a Magento Enterprise system that integrated with SAP. Critical data was flowing back and forth between the above two systems. It was important that this dataflow was not affected for any reason whatsoever.
Magento had reported a few vulnerabilities and had released patches to resolve them. Also, SAP stopped support for its RFC connector that connected Magento and SAP. On the payment front, as a merchant, implementing PCI compliance was mandatory. Riddell needed a solution for all the above challenges – the solution had to be seamless and in no way affect the experience of the customer.
PCI Compliance - The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.
Any merchant that accepts payment cards is required to be compliant with the PCI Data Security Standards. Security of the customer was of highest priority and Riddell was keen to implement PCI DSS compliance.
Site Security - In the older version on Magento 18.104.22.168, there was a flaw that compromised critical information including customer sensitive data.
SAP-Magento Connector – In the existing system, SAP and Magento were tightly connected. Business critical Information like inventory, tax calculations etc were passed on to-and-fro between SAP and Magento.
SAP offers an open source connector called SAP RFC to act as a connector between SAP and Magento. Recently, SAP announced that it will stop support and improvement of SAP RFC connector for future releases of SAP application versions. This meant that another connector had to be identified and implemented immediately.
Thus, Riddell had a challenge of upgrading Magento, implementing PCI and customizing a new connector for SAP and Magento, all in one go , without in any way affecting the customer experience.
An Account Manager who had built extensive relationship with Riddell was assigned to ensure that the upgrade was delivered with precision. An onsite and offshore team with deep domain and technical expertise was formed.
We assigned an expert team to work in Riddell location in the US. This team absorbed culture, operational processes, challenges and business goals. The onsite team worked closely with the offshore team along with the Account Manager. By investing in this Global Delivery Process, we were able to build strong client relationship, better communication with offshore team, tightly managed projects that was in alignment with Riddell's business needs.
Technical solutions include:
- PCI Compliance – DCKAP team analyzed the payment and the PCI compliance process and suggested third party Payments Integration Security provider ‘Paymetric’. Further analysis was done on the payment options provided by Paymetric and an appropriate tokenization solution was implemented. This solution will return back a ‘Credit Card Token’ on submission of Original Credit Card number. Now, the current database will store the ‘Reference of Credit Card Token Number’ instead of storing the sensitive Credit Card data. Implementing Paymetric made the website PCI compliant.
- Site Security - The existing ecommerce store had Magento enterprise 22.214.171.124 version. This version had a critical flaw that allowed unauthorized access to store. It allowed hackers to obtain the control over a store and its sensitive data, including customer information. Magento had released security patches to fix this. Instead of just applying patches, DCKAP recommended upgrade to the latest Magento Enterprise version (126.96.36.199) with security patches as a solution as it had security enhancements and other advanced features.
- SAP-Magento Connector - SAP RFC is a Remote Function Call used by SAP ABAP Program to connect external program languages like (PHP, ASP, Java, C, C++ etc.,) and its different systems in SAP environment. By executing the SAP RFC, functions from third party language application can directly insert and access data from SAP Application. SAP announced that it will stop support to SAP RFC and improvement of SAP RFC connector for further release of SAP application versions. It was now imperative to change the connector and implement a new one. DCKAP analyzed and narrowed down to SOAP (WSDL) to communicate between SAP and Magento. WSDL is an industry acceptable standard approach which used to exchange the information between different applications.
The challenge of Magento Enterprise Upgrade, PCI Compliance, and customizing connector was executed seamlessly.
- Riddell's ecommerce store is PCI Complaint.
- Security vulnerabilities eliminated after Magento Enterprise upgrade,
- Advanced features like Visual Merchandizing available now
- Re-indexing performance improved by 100%.
- Support for responsive design in future.