https://www.owasp.org/index.php/Session_Management_Cheat_Sheet
https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet
https://www.owasp.org/index.php/HTTP_Strict_Transport_Security
Alternative zum Zahlungen selbst implementieren? : https://stripe.com/de