Wednesday 24 August 2016

Security Issues in E-commerce

ecommerce solution providers in India

E-commerce is nothing but buying and selling products or services over electronic systems such as Internet. Nowadays, wide variety of commerce is conducted via e-Commerce. E-commerce systems are based upon internet use developed by ecommerce solution providers in India and across globe, which provides open and easy communications on a global basis. Consumers browse through catalogues, searching for best offers, order goods and pay them electronically.

Doing some electronic business on the Internet is already an easy task. As is cheating and snooping. The use of the internet means that your internal IT and e-commerce systems are potentially accessible by anyone, irrespective of their location. So threats to e-Commerce systems are increasing day by day.

Some of the more common threats  to e-commerce systems include:
  • Carrying out denial-of-service (DoS) attacks that stop access to authorised users of a website, so that the site reduces level of its service.
  • Gaining access to sensitive data such as price listing, service catalogues and valuable intellectual property and altering, destroying or copying it
  • Altering your website and so harming your reputation or directing your customers to another site
  • Gaining access to financial information about your business or your customers, with a view to committing a fraud
  • Using viruses to corrupt your business data

Security of E-commerce is protecting e-commerce assets from unauthorized access, use, alteration, or destruction. Some major security features are as follows:
  • Authentication:
    Verifies who you say you are.
    It enforces that you are the only one who can login to your Internet banking account.
  • Authorization:
    Allows only you to manipulate your resources.
    This can help you prevent increasing the balance of your account or deleting a bill.
  • Encryption:
    Deals with information hiding.
    It ensures cardholder data is hidden during Internet banking transactions.
  • Auditing:
    Keeps a record of operations. 
    Sellers use auditing to confirm that you bought specific merchandise.
  • Integrity:
    Prevention against unauthorized data alteration.
  • Non-repudiation:
    Prevention against any one party from disagreeing on an agreement after the fact.
  • Availability:
    Prevention against data delays or removal.
There are majorly three types of security threats for e-Commerce:
  1. Denial of service
  2. Unauthorized access
  3. Theft and fraud
Denial of service attack:

Two primary types of DOS attacks: spamming and viruses

Spamming:
  • Sending unsolicited emails to everyone.
  • A hacker responsible for E-mail bombing targeting one computer or network, and sending many number of email messages to it.
  • Surfing involves hackers placing software agents onto a third-party system and setting it off to send requests to a specific target.
  • DDOS (distributed denial of service attacks) involves hackers placing software agents onto a number of third-party systems and setting them off to simultaneously send requests to an intended target.
Viruses:

  • Compromised computer programs designed to perform unwanted events.
Unauthorized access:
  • Illegal access to systems, applications or data
  • Listening to communications channel for finding secrets.

Theft and fraud:
  • Cardholder data theft during online shopping using e-Commerce.
  • Fraud occurs when the stolen data is modified or misused.
  • Steal software via illegal copying from company‘s servers.
  • Steal hardware, specifically laptops.

Conclusion:

There are so many security issues going on in e-Commerce. This is very major concern for ecommerce solution providers in India and across globe. So there should be some security mechanisms to overcome these security issues.