Download presentation
Presentation is loading. Please wait.
Published byEllen Fox Modified over 9 years ago
1
awicaksi E-Commerce Security & Payment System E-Commerce
2
Learning Objectives Basic Security Issues Threats and Attacks Managing E-Commerce Security Payment Revolution Online Payment
3
Case: eBay
4
Basic Security Issues Today’s web security problem has three primary facets: Securing web server and data on it Securing information that travels between web server and user Securing end user’s computer and other devices that people use to access the Internet
5
Basic Security Issues (cont’d)
6
Threats and Attacks 1. NONTECHNICAL ATTACK (SOCIAL ENGINEERING) 2. TECHNICAL ATTACK Technical Attack An attack perpetrated using software and systems knowledge or expertise Social Engineering An attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access
7
Social Engineering Dear user of stmp.ciputra.ac.id, We have detected that your email account was used to send a large amount of spam during the recent week. Obviously, your computer had been compromised and now runs a trojan proxy server. We recommend you to follow the instruction in the attachment (stmp-ciputra.zip) in order to keep your computer safe. Regards, ICT Support Ciputra University Dear user of stmp.ciputra.ac.id, We have detected that your email account was used to send a large amount of spam during the recent week. Obviously, your computer had been compromised and now runs a trojan proxy server. We recommend you to follow the instruction in the attachment (stmp-ciputra.zip) in order to keep your computer safe. Regards, ICT Support Ciputra University
8
Phishing examples
9
Social Engineering (cont’d) Social Engineering, the USB Way Steve Stasiukonis VP & founder of Secure Network Technologies, Inc.
10
Social Engineering (cont’d) COUNTERMEASURES Education and training Policies and procedures Penetration testing
11
Social Engineering (cont’d)
12
Technical Attack DDoS
13
Managing EC Security Security Policy Risk Assessment Authentication methods: ‣ Something you know: password ‣ Something you have: smart cards ‣ Something you are: biometrics
14
Managing EC Security (cont’d)
17
Managerial Issues Have we budgeted enough for security? What are the business consequences of poor security? Should organizations be concerned with internal security threats?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.