✅ E-Commerce security definition
✅ Kay dimensions of E-commerce security
✅ Security threats to E-Commerce
Meaning of security in E-Commerce.
Ans:- Several security measures are available in recent times to protect confidential data and most useful data such as passwords , encryption , firewalls and virus protection. The following are two types of security systems :-
A) Access Security :- It is the security to be provided to prevent and unauthorised user to access your computer or computing resources and ensuring that the computers are available to authorised users only.
B) Transaction security :- Transaction Protection: – It includes services such as confidentiality, authenticity and message integrity in transactions on the Internet.
Q:- Key dimensions of E-Commerce security.
Ans:- There are six dimensions to E-Commerce security :
1) Integrity :- Ensures that the information displayed on a website or the information sent or received through the Internet is not altered in any way by any unauthorized party.
2) Non- repudiation : Make sure e-commerce participants do not deny their online actions.
3) Authenticity : Verifies an individual’s or Business’s identity.
4) Confidentiality : Determines whether information shared online, such as through email communication or an order process, can be viewed by anyone other than the intended recipient.
5) Privacy: Users want to limit the use of information shared during online transactions to the extent that their personal information can be passed on to other organizations, while merchants want to prevent information from falling into the wrong hands.
6) Availability : Determines whether a website is accessible and operational at any given moment.
The Scope of the Problem in the E-Commerce Security Environment…
2002 The Computer Security Institute surveys 503 security personnel in US corporations and governments.
80% of respondents had detected computer security breaches in the past 12 months, resulting in financial losses.
Only 44% were willing or able to account for the losses, totaling $456 million.
40% reported attacks from outside the organization.
40 % experienced denial of service attacks.
Q: Indetify the key security threats in the e-commerce.
Ans:- The nine most common and most damaging forms of security threats in e-commerce sites include :
1) Malicious code : Viruses , worms, Trojan horses , and bot networks are threat to a system’s integrity and continued Operation, often Changing how a function system functions or altering documents created on the system.
2) unwanted programs ( adware , spyware , etc) : A knind of security threat that arises when programs are surreptitiously installed on your computer or computer network with.
3) phishing : Any fraudulent, online attempt to obtain confidential information from a third party for financial gain.
4) Hacking and cyber vandalism: Intentionally disrupting , defacing, or even destroying a site .
5) Credit card fraud / theft : One of the most feared occurrences and one the main reasons more consumers do not participate in E-Commerce . The most common cause of credit card fraud is a lost or stolen card that is used by someone else , followed by employee theft of consumer numbers and stolen identities.
6) spoofing: Occurs when hackers attempt to hide their true identities or misrepresent themselves by using fake e-mail addresses or masquerading as someone else. Spoofing may also include redirecting the web link from the desired address to a different address, in which case the site is tilted as the desired destination.
7) Denial of service attacks: Hackers flood a web site with useless traffic to inudate and overwhelm the network , frequently causing it to shut down and damaging a site’s reputation and customer relationships.
8) Sniffing: A type of eaves dropping program that monitors information traveling over a network , enabling hackers to steal proprietary information from anywhere in a network , including e-mail messages, company files , and confidential report. Sniffing poses the risk of making secret or personal information public.
9) Insider jobs :- Although the bulk of Internet security efforts are focused on keeping outsiders out , the biggest threat is from employees who have access to sensitive information and procedures.
10) Poorly designed server and client software : The increase in complexity and size of software programs has contributed to an increase in software flaws or vulnerabilities that hackers can exploit weakness.