eCommerce Security Privacy

1,977 views
1,744 views

Published on

In this lecture you will be able to learn fundamentals of the privacy and security in ecommerce industry. The aim of this lecture is to increase awareness amongst students and business owners about the importance of the privacy and security online for successful online business.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,977
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
41
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

eCommerce Security Privacy

  1. 1. eCommerce Security & Privacy Hajrë Hyseni, University of Hertfordshire March 2011 1Wednesday, 30 March 2011
  2. 2. Security Basics Top security Threats Spams/Threats? Quick discussion eCommerce Security and Conveying Trustworthiness Safe shopping Q/A 2Wednesday, 30 March 2011
  3. 3. Customer Security Basics • Customer privacy/integrity/authentication • Digital Signatures and Certificates (Verisign, Thawte) - document author is known • SSL Secure Socket Layers - encrypted transactions between servers and browsers https://. Created by Netscape • PCI, SET and Firewalls - The PCI card (peripheral component interconnect card) usually is added for protection. SET (Secure Electronic Transaction) - developed by Visa and Mastercard • Continuos eCommerce security solution checks! 3Wednesday, 30 March 2011
  4. 4. Top security THREATS! • Vulnerable web apps • Sophisticated phishing and pharming - Fake emails and scams for money from banks • Spam - About 90 percent of all email messages are either spam or phishing attempts (Semantic) • Social media attacks - exploiting inadequate password security and insecure free apps and the security settings for personal and sensitive data • Fake Investments and job offers • Click Ads Scam and survey scam • Fake Lottery  Jackpot  Offer and money transfer scam 4Wednesday, 30 March 2011
  5. 5. Home Office estimated £1.7bn per annum costing the UK 5Wednesday, 30 March 2011
  6. 6. “There are over 1 million viruses and malicious codes in circulation.” Symantech (2007) 6Wednesday, 30 March 2011
  7. 7. Spotify music streaming service Hackers targeted: In 2009 thousands of customers personal details were stolen. 7Wednesday, 30 March 2011
  8. 8. Top security THREATS! • Theft of credit-card details - Perhaps only 5% of e-commerce websites are PCI DSS-secure. • Exploiting the latest technology - new technologies, iPhone, iPad and other smart devices apps are very vulnerable: One example is the exploitation of IP- based telephone systems to perform vishing campaigns. Vishing makes calls from a compromised phone system that appears to be a trusted source. • Increased outsourcing - large amounts of sensitive data, including customer and employee personal information, are being shared with outside vendors. • Rise in super-portable data - reports on loss of usb devices, laptops, portable data holding between 2GB to 500GB • Complacency - increase awareness through training, seminars and other staff briefs to follow security policies 8Wednesday, 30 March 2011
  9. 9. 9Wednesday, 30 March 2011
  10. 10. 9Wednesday, 30 March 2011
  11. 11. Spam/Threat? 10Wednesday, 30 March 2011
  12. 12. Spam/Threat? 11Wednesday, 30 March 2011
  13. 13. Spam/Threat? 12Wednesday, 30 March 2011
  14. 14. Spam/Threat? 13Wednesday, 30 March 2011
  15. 15. eCommerce Security and Conveying Trustworthiness • Digital Certificates - are encrypted credentials that verify the users identity for online transactions • Transactions support (paypal, sage, visa) • Privacy in Transactions - TRUSTe Steal • eCommerce Reliability - deliver on promise! 14Wednesday, 30 March 2011
  16. 16. Tips for safe shopping • Buy from a reputable company • Do they have a real-world presence? Can you see their address and phone number? • Is their website secure? Look for ‘https://’ and the padlock (before giving any payment details, credit card, or personal information • Do they have clear privacy and returns policies? • Not convinced? Search for the company on the internet and check their reputation. Call them! • When it comes to handing over your money, choose a safe journey such as PayPal or a credit/debit card. 15Wednesday, 30 March 2011
  17. 17. Tips for safe shopping • Conmen are very good at persuading you to do what they want • Learn to spot the telltale signs • They will promise huge rewards: lottery wins, lost inheritances etc. • A false sense of urgency • Odd, superfluous details • Requests for upfront payments or private information 16Wednesday, 30 March 2011
  18. 18. Safe browsing Tools http://www.german-websecurity.com/en/ http://asafesite.com/home/ 17Wednesday, 30 March 2011
  19. 19. 18Wednesday, 30 March 2011
  20. 20. Activity 1 Select at least three eCommerce sites 2 Perform the following checks: • Digital Certificates • SSL • Privacy in Transactions 3 Report back the results in your Research File 19 23 Dec, 2010Wednesday, 30 March 2011
  21. 21. Security Basics Top security Threats Spams/Threats? Quick discussion eCommerce Security and Conveying Trustworthiness Safe shopping Q/A 20Wednesday, 30 March 2011
  22. 22. Q/A 21Wednesday, 30 March 2011

×