Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

E-commerce Security Issues

No description
by

Tom Donovan

on 27 January 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of E-commerce Security Issues

End
Prevention of hacking
Hacking: a person who secretly gets access to a computer system in order to get information, cause damage, etc.

Prevention of hacking in e-commerce allows good security and, stops someone gaining personal, or private information about yourself or another person.

Prevention of hacking in e-commerce: Data encryption, this would allow hackers to have to decrypt data to actually gain the information greatly increasing the security of a e-commerce site. Also use of strong passwords can help the site to verify the correct user and provide a layer of protection against the hacker. Other hacker prevention methods include: SSL (Secure Socket Layer), which provides sites with and SSL certificate which helps with site security and identity and firewalls.
Viruses
Virus: a program that is capable of replicating itself and causing an "infection" which may cause private/personal information to be accessed and ad-ware which may be potentially more virus ridden to be added. As well as this memory space such as HDD space can be taken.



Viruses and prevention in e-commerce: Use of anti-virus such as Norton or Avast would protect against potential threats encountered on the e-commerce site, these utilities may also provide real-time protection to allow threats to be found before they can infect the system. Use of tools such as ad blockers and using a secure web browser that could offer a comprehensive range of security methods.

Identity theft
Identity theft: stealing the identity of another person for personal gain. Hackers can gain personal/private information to work on which may allow them to pose as another person, this can allow them to use any of the information such as bank information, name, age and location etc for their personal gain.


identity theft and identity theft prevention in e-commerce: Identity theft is a serious issue in e-commerce that can means people who wish to buy items or pose as someone else can, and can cause serious issues for this person. To prevent identity theft on e-commerce, passwords required for the site should be made up of numbers and letters with some capitalized. Options for forgetting, not saving account, customer information should always be available after a transaction as well. An authentication method other than a password may be needed to be utilized.
Firewall impact on site performance
Firewall: software or hardware designed to protect a computer from unauthorized access.





Firewall impact on site performance in e-commerce, and how this can be prevented: A firewall can impact the performance of data sent to the e-commerce site as the actual data has to be authenticated, making sure it is destined for the correct port and does not contain malicious files/content. To avoid this and improve performance on the host/s devices concerned with running and maintain the site, to avoid this use, turning off specific features of the firewall and not using other software such as anti-malware utilities that could perform the same function. The Firewall can dramatically reduce site performance so combating this is a must.
SSL
SSL (Secure Socket Layer): a protocol used to manage the security of a message transmission on the internet.


Using SSL as security in e-commerce: Secure Socket Layer can be gained as a certificate and can an e-commerce site to authenticate that it is the site it claims to be, SSL also provides encryption methods allowing data to be much harder to glean useful information from and allowing the e-commerce site in question to increase its security, the SSL certificate can be installed on the server, and removes the issue of data in plain text.
E-commerce Security Issues prevention (Tom Donovan)
Overview
Prevention of hacking
Viruses
Identity theft
Firewall impact on site performance
SSL
HTTPS
RSA certificates
Strong passwords
Alternative authentication methods
HTTPS
HTTPS (Hyper Text Transfer Protocol Secure): A protocol used for secure protocol communication over a network, a version of HTTP. HTTPS is much more secure than HTTP, which only has speed in mind to send data.


HTTPS in e-commerce security: HTTPS is a secure protocol that makes it harder for web pages and sites to be hacked. And makes customer tracking in the site very difficult. This like using SSL makes sure that information/data is not sent in plain text but sent encrypted, this is made possible by the use of a digital certificate. Sites using HTTPS protocol will usually be secure and incorporate many security methods.




RSA certificates
RSA (Rivest, Shamir and Adelman) certificates: RSA is an encryption technology for data.
RSA certificates in e-commerce: RSA is a method of security which allows customers to have a sites public key available which can be used for data encryption, the e-commerce site can have a RSA private key available which allows them to decrypt the data, the private key cannot be used customers/visitors on the site.
Strong Passwords
Strong password: a password is used for authentication of a user to allow them access to their own information/resources. A strong password is one which usually is long and contains numbers and letters etc.
Alternative authentication methods
Strong passwords in e-commerce: Using secure strong passwords in e-commerce is a really useful idea to stop identity theft/hacking. If the password is connected to personal information e.g. age, name or family it is more likely to be stolen. In an e-commerce site strong password usually contain numbers and letter, with some are capitalized.
Alternative authentication methods: methods other than passwords used for user authentication. These may include: pattern authentication, fingerprint scanning and voice authentication.
Alternative authentication methods in e-commerce: An alternative authentication method in e-commerce is a good idea to provide an extra layer of security. In an E-commerce site this may include voice or pattern authentication which can stop any potential hackers from getting posing as another customer.
Benefits:
Stops unwanted persons from accessing personal/customer information
Gives customers a good impression as the site is shown to be reliable in this aspect
Provides a service which may prompt customers to enter confidential information with confidence
Disadvantages:
Prevention methods may slow site performance
Authentication methods may be cause site problems such as forgotten passwords and passwords that require patterns to be given
The SSL method may be expensive and require updating
Benefits:
A hugely important utilization of software which may be the difference between the sites success or downfall
Can speed up site performance by eliminating the threat of speed reducing malware

Disadvantages:
Anti malware utilities can slow down the site, as authentication methods may be in place.
Important files may be detected as .PUP or another malware type which if deleted may cause problem
Anti malware utilities have to be constantly updated to eliminate newer threats
Benefits:
Firewalls can stop anyone/thing with malicious intent from accessing or causing problems with the e-commerce site
High protection to price ratio, meaning that cheaper firewall solutions can be effective
Prevents strict access during periods when malicious activity is detected
Disadvantages:
Can slow the system down as individual packets may be inspected and thoroughly checked
Can be hard to maintain, staff may need special training to utilize the implementation of firewalls
Benefits (theft protection):
Strong alpha numeric passwords can be very hard to gain
Utilization of password forget tools allow users to gain confidence in the site
Disadvantages:
Users may connect passwords with personal information making identity theft easier
Benefits:
SSL provides a secure way to access the e-commerce site
Puts off potential hackers, due to advanced security methods
Data becomes unencrypted meaning that plain text becomes available again
Protects personal information, such as credit card etc.
Disadvantages:
SSL can cause degradation of site performance
SSL methods may cost a lot to implement and to buy the certificate
SSL may be needed to work in unison with another security feature to maximize security
Benefits:
Data is not sent in plain text which adds a layer of security
Different media can be sent encrypted making HTTPS a valuable protocol
Disadvantages:
Can cause problems with other sites, such as access problems
Can cause problems, such as high maintenance/checks cost

Benefits:
Efficient encryption method, that can be a strong security method/layer
Seamless security method, fast key transactions
If the key gets corrupted it can be fixed
Disadvantages:
Although seamless this can can slow still slow down site performance
The key may be discovered, and by someone with malicious intent
Benefits:
Strong passwords can provide a good way to prevent against/deter hackers
It gives users confidence that they have a secure way to access personal details, and specific site with high security
Disadvantages:
Is a lengthy step to access the site/records or personal info on the site
Passwords that are successfully stolen, can be used to access personal info such as credit card numbers, addresses etc.
Benefits:
Allows a security level for each e-commerce business, such as weaker (passwords), stronger (pattern, voice)
Gives users/customers a choice of memorable user identification methods
Disadvantages:
Some things like voice recognition may not recognize users after time periods
if authentication methods such as patterns are forgotten, the recovery period may be significant
Full transcript