Thursday, January 16, 2020
E-Commerce Security Issues
[pic] INTERNAL ASSIGNMENT Name of the candidate: ISHA Enrollment no. : 01215903911 Course: MBA Batch: 2011-13 Subject: E-business Subject code: MS-114 Topic of assignment: Is security a real or perceptual problem in Web commerce. Subject Teacherââ¬â¢s name: Ms. Sneha Chopra ABSTRACT This project report contains the study of ââ¬Å"is security a real or perceptual problem in web commerceâ⬠. The content includes the security related issues being faced by the companies or organizations in their business through e-commerce. The tools being available in market to cope with such issues and a company named ZANTAZ being involved in solving such issues like threats, hacking, frauds, and theft etc. The example of such company facing hacking issues (Facebook) is also included in the study. The emerging security related issues how been tackled and their impact on the business transactions are being discussed. Table of content |S. no |Content |Pg no | | | | | |1. Introduction |4 | |2 |Advantages & disadvantages of e-commerce |5-7 | |3 |Security a real problem |7-9 | |4 |Security issues |10-11 | |5 |Security tools |12 | |6 |Ex-Facebook |13-14 | |7 |Conclusion |15 | |8 |Viper report |16 | |9 |Source |17 | INTRODUCTION According to Wiegand (1997): ââ¬Å"Any form of economic activity conducted via electronic connectionsâ⬠is called e-commerce. Web commerceà is a form ofà electronic commerceà that is conducted primarily through theà World Wide Webà and other aspects of theà Internet. In e-commerce the business transactions are carried out on internet and includes purchase and selling of goods and services. Many business firms set up their website in order to display their products & services for consumers to purchase or to get access by using web browser. Websites present the consumer with various options for searching and selecting products and services, which offer speed and convenience of shopping from home or the office. The consumer gains benefits of shopping 24 hours a day. [pic] Recently the Worldwide E-Commerce Fraud Prevention Network was formed by American Express and e-tailers such as Amazon. com and Buy. com to establish common grounds for reducing the threats created by increasing reliance on the Internet for commerce. Membership has expanded swiftly to now include 375 large and small players united to promote the growth of e-commerce in large part by keeping fraud to a minimum. Consumer privacy is becoming the most publicized security issue replacing theft and fraud as top concerns in e-commerce. The DDOS attacks demonstrated that business sites did not maintain adequate security protection and intrusion detection measures. Security, however, is not just a matter of technology; implementing technology without the proper organizational processes will not solve security problems. There are a number of critical social and organizational issues with security. The first is that the weak link in security is often users or employees, rather than the technology. The second is software engineering management, or managing how security technology is deployed. The third is the development of adequate organizational processes for risk management, separation of duties, and development of security policies, access control, and security assurance. Advantages of E-commerce Lower Cost Doing e-business is cost effective; it reduces logistical problems and provides a small business with competitive advantage with giants such as Amazon. com or General Motors. E commerce helps in reducing cost of business as it enables to get access to large population. Economy It helps in development of economy. It provides the business an international platform to do transactions and get a competitive advantage in the economy and increase the productivity. Higher Margins E-business along with higher margins helps in gaining more control and flexibility and enables to save time when manual transactions are done electronically. Better Customer Service Eââ¬âcommerce means better and quicker customer service. Online customer service makes customers happier. Instead of calling your company on the phone, the web merchant gives customers direct to their personal account online. This saves time and money Quick Comparison Shopping Eââ¬âcommerce helps consumers to comparison shop. Automated online shopping assistants called hop bots scour online stores and find deals on everything from apples to printer ribbons. Productivity Gains Implementing the web throughout an organization means improved productivity. For example IBM incorporated the web into every corner of the firm ââ¬â products, marketing, and practices. Teamwork It has made the interaction easier through e-mails. It has transformed the way organizations interact with suppliers, vendors, business partners, and customersââ¬âmail is one example of how people collaborate to exchange information and work on solutions Information Sharing, Convenience, and Control Electronic commerce improves information sharing between merchants and customers and promotes quick, justââ¬âinââ¬âtime deliveries. They can interact at any time through internet without any traffic jams, no crowds etc. Disadvantages of Eââ¬âcommerce Security Security continues to be a problem for online businesses. A customer does not feel confident about the secrecy of the payment process before they purchase anything. Unauthorized access and hacking of information are the major concern. System and Data Integrity Data protection and the integrity of the system are serious concerns. Viruses cause unnecessary delays, file backups, storage problems, danger of hackers and other similar difficulties. System Scalability A business develops an interactive interface with customers with a website. A website must be scalable, or upgradable on a regular basis to make sure customers remain with them. Eââ¬âcommerce is not free Establishing a web based organization involves huge funds or investment by the management. Brands are expected to lower search costs, build trust, and communicate quality. Customer Relations Problems It is the foremost objective of the organization to maintain the customerââ¬â¢s loyalty with them because they cannot survive in the market for long term without them. Products People won't buy online People mostly donââ¬â¢t prefer to buy furnitureââ¬â¢s for ex, online because they want to sit on it feel the texture of the fabric and therefore a website called furniture. com or living. com, have failed. Fake sites There are many bad sites which eat up customersââ¬â¢ money. Product quality There is no guarantee of product quality as customers cannot touch or test the product before the deal. [pic] Security is a real problem in web commerce. Security issues are rising day by day in web commerce and have become a major problem in the economy. The opaqueness of data collection methods on the World Wide Web has given rise to privacy concerns among Internet users. The number of hacking cases has risen and fake sites are countless on net. From this we can assume how secure our business transactions on the internet. To overcome this problem many software such as firewall, etc has been developed and installed in the organizations database so that the information is been secured from outside users. Security means ââ¬Å"freedom from risk and dangerâ⬠. In e-business security is the main concern of the business. How safe you are while conducting business on internet is the issue of nowadays. Consumers fear the loss of their financial data, and e-commerce sites fear the financial losses. Studies have shown that consumers are concerned about the lack of privacy on the Web. For example, Ryker et al. [2002] quote a Price Water House Coopers study indicating that 92% of consumers are worried about privacy, with 61% refuses to shop online. Forrester research has found that privacy fears inhibit nearly 50% of consumers from shopping online and suggests that consumers often decline to provide data requested by websites and provide false information. Online privacy and online security are distinct. Privacy concerns arise when consumers' personal information is retrieved online without the consumer's consent or knowledge and is sold to third parties without the consumer's consent or knowledge. Whereas, online security relates to the confidentiality of the information, system's ability to secure itself against the conduct of unauthorized third parties, such us hackers, who attempt to access the Web site's stored information. Security Issues in web commerce:- Three types of security threats 1. Denial of service, 2. Unauthorized access, and 3. Theft and fraud 1). Denial of Service (DOS):- Two primary types of DOS attacks: spamming and viruses a) Spamming Sending unsolicited commercial emails to individuals E-mail bombing caused by a hacker targeting one computer or network, and sending thousands of email messages to it. Surfing involves hackers placing software agents onto a third-party system and setting it off to send requests to an intended target. DDOS (distributed denial of service attacks) involves hackers placing software agents onto a number of third-party systems and setting them off to simultaneously send requests to an intended target. b) Viruses: self-replicating computer programs designed to perform unwanted events c) Worms: special viruses that spread using direct Internet connections d) Trojan Horses: disguised as legitimate software and trick users into running the program 2). Unauthorized access a) Illegal access to systems, applications or data b) Passive unauthorized access ââ¬â listening to communications channel for finding secrets. May use content for damaging purposes c) Active unauthorized access. â⬠¢ Modifying system or data. â⬠¢ Message stream modification â⬠¢ Changes intent of messages, e. g. to abort or delay a negotiation on a contract d) Masquerading or spoofing ââ¬â sending a message that appears to be from someone else. â⬠¢ Impersonating another user at the ââ¬Å"nameâ⬠(changing the ââ¬Å"Fromâ⬠field) or IP levels (changing the source and/or destination IP address of packets in the network) e) Sniffers ââ¬â software that illegally access data traversing across the network. 3). Theft and fraud a. Fraud occurs when the stolen data is used or modified b. Theft of software via illegal copying from companyââ¬â¢s servers c. Theft of hardware, specifically laptops, pen drive, cds, hard disk etc. E-COMMERCE SECURITY TOOLS:- 1. Firewalls- software and hardware 2. digital certificates 3. digital signatures 4. ublic key infrastructure 5. encryption software 6. Biometrics- retinal scan, fingerprints, voice, etc. 7. passwords 8. Locks and bars- network operations centers. An example:- Driven by information preservation rules, corporations within the financial services sector have begun to seek assistance from companies such as ZANTAZ, a leading provider of Compliance Technology Solutions. With the help of companies like ZANTAZ, a corporation can deploy proactive compliance initiatives that: a) Automatically capture, archive and instantly retrieve email, attachments, and IM; b) Monitor and supervise email, IM and other electronic communication; and ) Quickly restore data from back-up tapes in the event of an audit, litigation or investigation. Companies like ZANTAZ have gone to great lengths to empower a corporation to quickly, efficiently, and cost effectively deploy proactive compliance solutions associated with electronic communication preservation, supervision, and record-keeping regulations. Example- ââ¬Å"Facebook ââ¬â security issuesâ⬠One of the example of the company facing security issue worldwide is Facebook. Facebook has been under heavy attack since the last two year as the popular social networking site has become the victim of a severe hacking spree affecting nearly every user on the site. it has become a severe problem worldwide and is still increasing. The hacks do not seem to have specific targets but happen at random with some userââ¬â¢s newsfeeds being littered with objectionable content and others not seeing anything. This led to the temporarily blocking of site and unable to access the information by the users. Some of the hacks happen in the form of ââ¬Å"click' spam being sent out. A popular spam involves Kim Kardashian with a link to a video. It will say something like ââ¬Å"After watching this video I lost all respect for Kim. â⬠Upon clicking, the link takes the unsuspecting person nowhere, and hacks the account sending the same spam to all of the userââ¬â¢s friends. Other spams include mass messages and tagged photos leading people to believe they are in the link or involved with it because it is not personalized. Those will also have the same result, and continue the spamming of others walls. Impact on customer Users are outraged and some are considering deleting their profiles. Actress and director, Courtney Zito, told The ChristianPost, ââ¬Å"I have 5000 friends. My feed is littered with porn. I can't even check my news feed with anyone around because of itâ⬠. This led to the decrease in the market share and people have removed their pictures and are now afraid of posting anything on profile. Computer hackers attempt to break into at least 600,000 Facebook accounts using stolen username and password details every day, the social networking giant have revealed. The latest revelation came after Facebook issued a security announcement promoting its new ââ¬ËTrusted Friends' password restoration technique. Many of the hackers are caught out by additional authentication questions, such as asking users to identify friends in pictures, but many attempts are successful. this problem has helped contribute to the demise of Myspace a couple of years ago. The spam ran rampant ultimately causing many of the users to switch to the ââ¬Å"saferâ⬠Facebook. [pic] Conclusion Security is now understood to be largely imperfect, the continual cat-and-mouse game of security expert and hacker. Important technical developments have been deployed in the last five years; however, it is clear that organizational policies may play as an important role in site security. The results of this study provide support for the assumption that consumer e-commerce adoption/rejection decisions are determined by rational behavior in terms of channel net value seen as the perceived balance of power between the overall benefits that are likely to accrue by using the Internet, and the overall barriers encountered to using it or to deriving the sought benefits: Internet adopters, and especially the consumers who have embraced online shopping, perceive the total benefits of e-commerce as exceeding the total impediments to embracing/using e-commerce, whereas Internet non-adopters consider the impediments to e-commerce as drastically surpassing the benefits offered by the commercial Internet. VIPER REPORT [pic] SOURCES 1. http://www. allbusiness. om/technology/software-services-applications-online-security/11565464-1. html#ixzz1kNGJjj94 2. http://www. allbusiness. com/technology/software-services-applications-online-security/11565464-1. html 3. www. manjeetss. com/art icles/advantagesdisadvantagesecommerce. htm 4. http://www. allbusiness. com/technology/software-services-applications-online-security/11565464-1. html#ixzz1kNOllPwd 5. http://www. pcworld. com/article/160545/facebook_hit_by_five_security_problems_in_one_week. html 6. http://www. dailymail. co. uk/sciencetech/article-2054994/Facebook-hackers-attempting-crack-600-000-accounts-day. html 7. http://www. eecs. umich. edu/~ackerm/pub/03e05/EC-privacy. ackerman. pdf
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.