Web services transactions are orders to perform a series of tasks for a user over the Internet. Many of these transactions are business-related, such as when someone orders something online, but this is not necessarily the case. They could also involve complex database queries and other activities. Standardized protocols are available for use in web services transactions to ensure that they run smoothly.
In web services transactions, multiple tasks must be performed, or the entire procedure aborts. For example, in e-commerce, if an Internet user places an order for a new laptop and carrying case, this initiates a web services transaction in which that request is sent to the seller's server. The server in turn requests a method of payment. Both the order and payment must go through for the merchant to fill the order; buyers don't want to pay for something that doesn't arrive, and merchants don't want to send something for which they have not been paid.
This can be a complex process, and web services transactions streamline the process by using a series of steps. These steps allow servers to send information and requests, confirm that the information is getting through and then commit to completion of the transaction. When something goes wrong, the entire transaction fails, and the user receives an error. This could be something such as a notice to enter a new credit card number or check an address, or it might be a notice to contact the other party to address an issue with the order.
It is not enough for web services transactions to run smoothly and correctly. They also usually need to be secure. Users do not want to disclose private financial or contact information, because this could make them vulnerable. Thus, the transaction also needs to be encoded to protect the data and limit access to it. Various encoding methods are available, with variable levels of security, and websites might display a notice that provides information about the security and confidentiality of transactions.
Web services transactions themselves can also be used as a tool for abuse in a denial-of-service attack, in which an attacker sends multiple requests to the server to overload it. Programming routines to handle web services transactions need to take this risk into account and develop a protocol for handling suspicious, repeat and unusual transactions. The goal typically involves blocking the bogus transactions while allowing legitimate ones to get through, thus preventing the denial-of-service attack from taking down a server and causing an interruption.