E-commerce Security By John Doran. What is e-commerce?  the buying and selling of products or services over the internet [3].  Most e-commerce transactions.

Slides:



Advertisements
Similar presentations
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.
An Investigation into E-Commerce Frauds and their Security Implications By Kevin Boardman Supervisor: John Ebden 1 November 2004.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Chapter 5 Security and Encryption
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Electronic Transaction Security (E-Commerce)
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
E-Commerce Security Brett Hinshaw Kevin Hooker Jeff Hunter Shane Worrell.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Chapter 8 Web Security.
Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Securing Information Systems
Chapter 10 E-Commerce Security.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
E-commerce Vocabulary Terms. E-commerce Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the Internet.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
An Investigation into E-Commerce Frauds and their Security Implications By Kevin Boardman Supervisor: John Ebden 29 July 2004.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Types of Electronic Infection
Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,
Oz – Foundations of Electronic Commerce © 2002 Prentice Hall Security and Privacy Issues.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Networking E-commerce. E-commerce ► A general term used to describe the buying and selling of products or services over the Internet. ► This covers a.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
E-Commerce & Bank Security By: Mark Reed COSC 480.
Copyright © Terry Felke-Morris Web Development & Design Foundations with HTML5 8 th Edition CHAPTER 12 KEY CONCEPTS 1 Copyright.
E-Commerce Infrastructure. Learning Objectives 1. Understand the major components of EC infrastructure. 2. Understand the importance and scope of security.
Securing Information Systems
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Lecture 5. Security Threats
Chapter 17 Risks, Security and Disaster Recovery
Chapter 5 Electronic Commerce | Security
Securing Information Systems
Chapter 5 Electronic Commerce | Security
Presentation transcript:

E-commerce Security By John Doran

What is e-commerce?  the buying and selling of products or services over the internet [3].  Most e-commerce transactions are for selling actual physical products.  also involves the sale of electronic services, or access to online content [2].

Examples of e-commerce businesses  Amazon.com  Netflix.com  Experian  iTunes  Napster

E-commerce is growing  According to ACNielsen study performed in 2005, more than 627 million people have shopped online [8].  the amount of Netflix subscribers grew from 6.32 million in 2006 to 7.48 million subscribers in 2007 [7].  Amazon.com alone had an estimated revenue of $14.8 billion for 2007 [7]

Reasons For Growth  most online businesses operate 24 hours a day  larger variety of products from different parts of the world  offer shipping services  *many consumers are confident that their private and financial data is secure [9] *

Protection Principle 1  Confidentiality - It is expected that the personal and transactional details of a purchase will not be intercepted or disclosed to unauthorized people.

Protection Principle 2  Integrity -both consumers and merchants expect to have accurate data.

Protection Principle 3  availability -If consumers must wait for pages to load or are not even able to access a website, they may go elsewhere to shop  on a single day during the Christmas season, Amazon customers ordered more than 5.4 million items or an average of 62.5 items per second [10].

Threats 1  Malware - any software that is designed to do something to a computer without that user’s consent. Malware includes viruses, worms, Trojan horses, and even spyware [11].  Bugbear was a worm that mass ed itself to many computers. One of its worst features is keystroke logging.

Threats 2  Denial of service (DOS) - DOS attacks prevent users from accessing a resource usually by flooding it with illegitimate traffic [12]  Website defacement - it damages the online retailer’s image and reduces consumer confidence in their security [1].

Threats 3  Data streaming - the theft of large amounts of sensitive personal information such as credit card information [1].  Phishing - is a social engineering technique where a criminal attempts to trick the user into revealing sensitive information [13].

Technical Measures 1  firewall protection  data backup  antivirus software  vulnerability patch management

Technical Measures 2  Secure Socket Layer or SSL -provides a private secure connection using a handshake protocol  Client and server authenticate each other by exchanging their digital certificates.  Also a secret symmetric session key is chosen to encrypt the data such as DES (Data Encryption Standard).  Validates the integrity of messages being sent by using a secure hash function such as SHA (Secure Hash Algorithm) [1].

Technical Measures 3  Secure Electronic Transaction (SEC).  designed specifically for credit card transactions.  uses certificates and digital signatures to ensure privacy.  The most interesting difference between it and SSL is that actual credit card information is not given to the merchant.  requires software to be installed on both the consumer and merchant end systems [1].

Technical Measures 4  3rd Party Verification  include Visa, Verisign, and eTrust  requiring certain standards of the merchant  help the merchant gain the confidence of consumers when they see the seal

Consumer Awareness  provide education to consumer.  Amazon.com has a help section titled “Identifying Phishing or Spoofed s”  a privacy policy will also help an e- commerce site to gain credibility.

References  1. Warkentin and Vaughn Enterprise Information Systems Assurance and System Security Hershey: Idea Publishing Group, 2006, Ch9.  2. Wikipedia (2008, April 1) “Electronic Commerce” [Online] Available:  3. U.S. Department of Commerce (2008, April 1) “What Is E-Commerce?” [Online] Available:  4. U.S. Census Bureau (2008, April 1) “” [Online] Available:  5. Wilkerson, David B. (2008, April 1) “Netflix's Profit and Subscriber Rolls Increase” [Online] Available: rolls-increase/story.aspx?guid=%7B50293CA4-41F C- 669C905843B8%7D rolls-increase/story.aspx?guid=%7B50293CA4-41F C- 669C905843B8%7Dhttp:// rolls-increase/story.aspx?guid=%7B50293CA4-41F C- 669C905843B8%7D  6. Netflix (2008, April 1) “How It Works” [Online] Available:  7. Business Week (2008, April 1) “Amazon.com Inc. Earning Estimates” [Online] Available: MZN.O MZN.O MZN.O

References (cont)  8. Nielsen (2008, April 1) “One-Tenth of the World’s Population Shopping Online” [Online] Available:  9. Saunders, Christopher (2008, April 1) “Online Consumer Confidence, Spending Grows” [Online] Available:  10. Austin, Marcus “Good News, Bad News, Part Two.” [Online] Available:  11. Wikipedia (2008, April 1) “Malware” [Online] Available:  12. Wikipedia (2008, April 1) “Denial-of-Service Attacks” [Online] Available:  13. Wikipedia (2008, April 1) “Phishing” [Online] Available:   14. Amazon.com (2008, April 1) “Identifying Phishing or Spoofed s” [Online] Available:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.