Our Service

API Driven Approach


The entire solution is architected in a manner that any front end developed for the platform communicates with the DataBase and the Business Logic Layer only via. the API's

Unlike any existing Ecommerce platforms, we have created a very secure API layer between the front end and the entire DB and Business logic layer. Be it the Web front -or- the Mobile app -or- the Admin Panel -or- the Seller Dashboard.... everything can access the core of the platform only via. the super secure API layer!

Questions? Shoot a mail to:  help@primefusion.net
rest-api

Prime Technology


The Tech Stack that powers Prime Fusion, is that which powers Unicorns like Google, FaceBook, Amazon etc. The entire platform is built using Node JS, Angular JS & Mongo DB.

Did you know? The world has moved from PHP / MySQL. In Technology to achieve high performance you need Turbo Tech. So we employed a team of experienced professionals to develop Prime Fusion using the hottest technologies in the industry today. While the upcoming mobile apps are done using native Android & SWIFT, we have built the backend & front end using Node JS, Angular & Mongo DB.

Questions? Shoot a mail to:  help@primefusion.net
technology

Most Secure


Believe it -or- Not, we can proudly say that PRIME FUSION can be considered the most secure eCommerce platform on the world. Here is a list of security measures that have been taken:

AUTHENTICATION SYSTEMS (Signup/Signin/2 Factor/Password reset)

  • Used HTTPS everywhere.
  • All password's are hashed using Bcrypt. Hashed content cant be de-crypted at all.
  • Destroyed the session identifier after logout.
  • Destroyed all active sessions on reset password (or offer to).
  • Made state parameter in OAuth2.
  • No open redirects after successful login or in any other intermediate redirects.
  • When parsing Signup/Login input, sanitized for javascript://, data://, CRLF characters.
  • Set secure, http Only cookies.
  • In Mobile OTP based mobile verification, not sent the OTP back in the response when generate OTP or Resend OTP API is called.
  • Limited attempts to Login, Verify OTP, Resend OTP and generate OTP APIs for a particular user.
  • Have an exponential backoff set or/and something like a captcha based challenge.
  • Checked for randomness of reset password token in the emailed link or SMS.
  • Set an expiration on the reset password token for a reasonable period.
  • Expired the reset token after it has been successfully used.

USER DATA & AUTHORIZATION

  • Any resource access like, my cart, my history should check the logged in user's ownership of the resource using session id.
  • Serially iterable resource id is avoided. Used /me/orders instead of /user/37153/orders. This acts as a sanity check in case you forgot to check for authorization token.
  • Edit email/phone number feature is accompanied by a verification email to the owner of the account.
  • Any upload feature is sanitized by the filename provided by the user. Also, for general reasons apart from security, upload to something like S3 (and post-process using lambda) and not your own server capable of executing code.
  • Profile photo upload feature is sanitized with all the EXIF tags also if not required.
  • For user ids and other ids, used RFC compliant UUID instead of integers.
  • Used JWT for APIs.

SECURITY HEADERS & CONFIGURATIONS

  • Added CSP header to mitigate XSS and data injection attacks. This is important.
  • Added CSRF header to prevent cross site request forgery. Also added SameSite attributes on cookies.
  • Added HSTS header to prevent SSL stripping attack
  • Added your domain to the HSTS Preload List
  • Added X-Frame-Options to protect against Clickjacking.
  • Added X-XSS-Protection header to mitigate XSS attacks.
  • Added sub-resource integrity checks if loading your JavaScript libraries from a third party CDN. For extra security, added the require-sri-for CSP-directive so you don't load resources that don't have an SRI sat.
  • Used random CSRF tokens and expose business logic APIs as HTTP POST requests. Not exposed CSRF tokens over HTTP for example in an initial request upgrade phase.
  • Not used critical data or tokens in GET request parameters. Exposure of server logs or a machine/stack processing them would expose user data in turn.

SANITIZATION OF INPUT

  • Sanitized all user inputs or any input parameters exposed to user to prevent XSS.
  • Always used parameterized queries to prevent SQL Injection.
  • Sanitized user input if using it directly for functionalities like CSV import.
  • Sanitized user input for special cases like robots.txt as profile names in case you are using a url pattern like coolcorp.io/username.
  • Not handled code or build JSON by string concatenation ever, no matter how small the object is. Used language defined libraries or framework.
  • Sanitized inputs that take some sort of URLs to prevent SSRF.
  • Sanitized Outputs before displaying to users.

ANDROID / IOS APP

  • Salt from payment gateways is not hard-coded.
  • Secret / auth token from 3rd party SDK's not hard-coded.
  • API calls intended is done server to server not from the app.
  • In Android, all the granted permissions is carefully evaluated.
  • On iOS, store sensitive information (authentication tokens, API keys, etc.) in the system key-chain. Not storing this kind of information in the user defaults.
  • Certificate pinning is highly recommended.

Documentation


In our years of experience in Technology, we have learnt that quality documentation leads to quality Software.

The entire API layer is documented in a clear-cut manner using Swagger, so you can hand over the API documentation to anyone and start developing new features on the front end effortlessly. Also present is a detailed User manual for the platform along with an on-boarding tour for the Admin Panel and Seller Dashboard as well.

Questions? Shoot a mail to:  help@primefusion.net
Document-icon

Responsive


People browsing the internet via. smart phones and tablets is increasing everyday. Prime Fusion has a 100% Responsive layout, which helps viewers have the best viewing experience across a wide array of mobile devices.

This is an approach to web design aimed at allowing desktop webpages to be viewed in response to the size of the device one is viewing with. Responsive web design has become more important as the amount of mobile traffic now accounts for more than half of total internet traffic. So the ultimate goal of responsive design is to build web pages that detect the visitor’s screen size and orientation and change the layout accordingly.

Questions? Shoot a mail to:  help@primefusion.net
Responsive1

Admin Panel


A mobile friendly admin panel to help the website owner to manage their users, sellers, products, orders, inventory, revenue and all other site settings to change the static and dynamic contents of the site.

A dynamic admin panel empowers the admin to gain the master control of the website. This dashboard, in website administration, is typically the index page of the control panel for a website's content management system. it is primarily a website maintenance tool for even the non-technical people to make changes to the website and at the same time manage all operations and participants of the website easily.

Questions? Shoot a mail to:  help@primefusion.net
analytics_img

Seller Dashboard


An independent mobile friendly dashboard for the sellers to manage their sales and orders. Your seller standards dashboard will help you monitor your progress as a seller, maintain excellent customer service, and keep your account in good standing.

Sellers can have their own dashboard that has all value added services that will boost their sales and help fast shipments. From adding a product for sales to getting the product delivered to the end user all necessary plugins are integrated to make sellers work easy. Sellers can set their own shipping rates and upload tracking number to make it easier for the users to track orders. Return merchandise management as well is one of the key features that has been integrated.

Questions? Shoot a mail to:  help@primefusion.net
sellerdashboard

Payment gateway


PayPal being one of the world's largest Internet payment companies operates as a payment processor for online vendors, and other commercial users. This online payment service allows individuals and businesses to transfer funds electronically

Accept and send payments around the world in a single click using Paypal payment gateway. The gateway is integrated in the script for easy and secured admin-seller-user online transactions. Paypal by default comes with Buyer protection policies that would make the website owners job much easier to guarantee and secure the payments they make for purchasing a product on the portal

Questions? Shoot a mail to:  help@primefusion.net
Payment

Shipment Tracking


Make it easy for your sellers and users to track and deliver orders efficiently. Set up shipping rates by fixed-price, tiered pricing, weight-based, and location-based rates from the seller dashboard on uploading each product.

Once an order is made everything is made transparent between the user and seller to update and notify on the shipment status with tracking/reference numbers. Sellers can change the order status at each stage from "Yet to be Shipper" to delivered which will get reflected in the user order dashboard for the user to know exactly about the status of the order made. Also Seller can input the tracking or reference number of the shipment company using which the user can track the order easily.

Questions? Shoot a mail to:  help@primefusion.net
shipment

Blog Integration


Create your own blog and help your audience socialize using it. Admin can create and maintain the blogs through blog manager, while users can read and comment. Fresh informative blog content can draw additional attention

Admin can make the blog interactive, allowing visitors to leave comments on the blog posts, and it is this interactivity that will distinguishes them from other static websites.In that sense, blogging can be seen as a form of social networking service making the marketing of the website easier to acquire more user base into the application. As the popularity of blogging continues to rise, the commercialization of blogging is rapidly increasing as well to increase advertising and engage online communities towards their products.

Questions? Shoot a mail to:  help@primefusion.net
blog

Search Engine Friendly


The application is made SEO friendly script to encourage high search engine ranking. The entire script is done with consultation by Growth hackers, to make it super SEO friendly at all levels - to attract tremendous search traffic.

This provides SEO friendly URLs, and potential SEO options like Meta description, Meta tags in each item and each page. More frequently a site appears in the search results list, the more visitors it will receive from the search engine's users, and these visitors can be converted into customers. SEO has proved to have generated an adequate return on investment.

Questions? Shoot a mail to:  help@primefusion.net
SEO

Revenue Management


As e-commerce has developed, many options have emerged for creating revenue online. An e-commerce revenue model is a plan for generating revenue for an online business. Commission based revenue model is a type that has proved to be more successful

The system allows you to a set a public commission % for all sellers on registering. On every sale that a seller makes you get a commission %. There is a separate commission tracking dashboard that will automatically calculate the commission you get out and the amount you owe to the seller after a sale is made successfully. This help you determine how successful you are in running the business

Questions? Shoot a mail to:  help@primefusion.net
Revenue

Mobile Apps


Native and stunning Android & IOS apps that work perfectly in sync with the web version. Check the DEMO and be amazed!

Mobile App Mobile App

Questions? Shoot a mail to:  help@primefusion.net
Mobile App

Geo-Based Multi-Language


The language on the entire website will change based on the country or region your visitors come from.

New Languages can be added at will. Never miss any visitor from any part of the world due to language compatibility. With this incredible feature, you can add as many languages you like!

Questions? Shoot a mail to:  help@primefusion.net
Geo

Seller Subscription


Collect a monthly subscription from each seller for helping them sell their products on your marketplace.

This feature enables you to Setup a monthly subscription rate & your sellers can pay directly from their dashboard. The feature automatically charges your sellers every month and transfers the money to your account!

Questions? Shoot a mail to:  help@primefusion.net
Seller

Video Listings


Gone are the days of only having images posted for the listed items. Allow your users to upload stunning videos as well.

This incredible feature allows your sellers to upload videos along with images for the products they sell on your platform.

Questions? Shoot a mail to:  help@primefusion.net
Mobile App

Digital Products Download


Why only Physical goods? Let your sellers sell Digital products as well.

Via. this powerful feature, your sellers will be able to sell Digital goods like eBooks, Music, Videos, Pictures, Code, Templates etc. The entire Digital Product Download mechanism has been handled beautifully! Once your users purchase a digital good, he can download it directly from his account on your marketplace :) Check a sample HERE

Questions? Shoot a mail to:  help@primefusion.net
Mobile App
Agatha Beatrice

"This is beautiful. Got my Toy Shop online in minutes! My online store looks solid and works like a charm. Cant still believe I got this at this rate. Cheers :) "

Agatha Beatrice
Domenico Bottari

" Ok. I should admit, these guys know their game. I not only get help with technology but also extreme Business help. Such clarity & knowledge in the eCommerce space only fascinates me!"

Benjamin Cooper
Hailey Grace.jpg

" Thumbs UP to you folks. You don’t need to ask me for a testimonial. I will rave about you guys on my Blog! Am completely sold out on this & eagerly await the next version. Thanks a Ton!"

Hailey Grace

" I have done my bit of research. No other eCommerce platform is as Business ready as Prime Fusion. The people behind this have put in their heart & soul to forge this piece of ART"

Domenico Bottari

Upcoming Features

All upGrades are FREE for LIFE.

Multi-currency

Geo-Based Multi-Currency

Nov 30, 2016
Read More
Promoted

Promoted Listings

Nov 30, 2016
Read More
Payment

Multiple payment gateways

Nov 30, 2016
Read More
Dispute

Dispute Management

Nov 30, 2016
Read More

We would love to see you WIN

Features Deluxe
FREE
Prime
$399
Prime Enterprise
Contact us
Download Now Buy Now Contact us
100% source code
Web Script View Demo View Demo View Demo
Android app Mobile App
ios app
Multi Vendor Marketplace
2 Angular JS templates
Template 1, Template 2
2 React JS templates
Template 1, Template 2
Unlimited Users
Unlimited Products
Separate Seller dashboard
Dynamic admin dashboard
SEO friendly
Paypal payment gateway
Stripe payment gateway
Meta data/Meta keywords options for products
Digital Downloads
Social ecommerce (Like,Share & comment)
Coupon code
Blog
Shipment tracking
Commission tracking
Dispute management
CDN integration
Mandrill integration
Facebook / Google login
Invite friends
Location based search
Add to wishlist
Google map integration to upload products
Geo based multi-currency
Express Delivery
Free website installation
Free app installation
Free upgrades
Free support
Download Now Buy Now Contact us

Version 1.6:  Done by 7 experts over 45 days ie. 1500+ hours spent.

Prime Fusion is everything you need to start WINNING!

PRIME Version Demo


Deluxe Version Demo

(415)315-9573