3. Risks Associated With Internet
Transactions
Risk as the “possibility of loss or injury” or
someone or something that creates or suggests a
hazards."
Losses or injuries in a digital society may occur
in many different ways:
• Data stolen, corrupted, misused, altered, or
falsely generated.
• Attacks on hardware may occur the system
unable to operate properly.
4.
5. INFORMATION RISK
• Information risks stem from information
published and contained in web sites and
associated with the conduct of e-
commerce. Peripheral to information risks are
risks associated with misuse of information,
such as violation of laws in the United States and
other countries.
6. TECHNOLOGY RISK
• Technology risks include risks involving
hardware, software, telecommunications and
databases. These risks include the
consequences resulting from the misuse of
technology or the use of inappropriate
technologies required to address business
needs.
7. BUSINESS RISK
• Business risks concern customer and supplier
relationships, and risks associated with products
and services marketed and distributed over the
Internet. They also include risks associated with
managerial aspects of the business including
personnel and contractual relations.
8. Risks faced by customers when they
transact online:
False or Malicious Websites : Malicious websites are
typically set up for the purpose of stealing visitors' IDs and
passwords, stealing credit card information, spying on a
visitor's hard drive, and uploading files from the visitor's hard
drive.
Privacy and the Use of Cookies (Browser Safety)
• The issue of privacy on the Internet is of concern to many
people.
• Cookies from web browser is use to stored small piece
information in client side.
• Were designed to allow Web servers to operate more
efficiently, provide a better response time to repeat visitors
to their sites, and more accurately track how many different
users visit a site.
11. FRAUD
• Access to data and programs by insiders have
always been a primary concern to auditors. The
internal control devices were easier to
implement and monitor in centralized.
12. INFORMATION THEFT
• Data files that are stored digitally and connected
to public telecommunications lines can
potentially be accessed by an unauthorized user
without the perpetrator ever having to leave the
comfort of home
13. CUSTOMER DISPUTES AND CHARGE
BACKS
• Stripe receives a notification of the disputed charge.
We automatically send you an email with details.
Additionally, we send a charge.dispute.created event
to any webhook URLs you have.
• As you know, customers or cardholders obtain credit
cards from banks, which are referred to as the
"issuing bank." A chargeback (also known as a
reversal) is a form of customer protection provided
by the issuing banks, which allows cardholders to
file a complaint regarding fraudulent transactions
on their statement. Once the cardholder files a
dispute, the issuing bank makes an investigation
into the complaint.
14. SABOTAGE OR DEFACEMENT
• This is when a website is attacked and the visual
appearance and/or website functions are
changed.
15. Denial of Service Attacks
• A denial of service attack is used by an
individual to destroy, shut down, or degrade a
computer or network resource.
• Other denial of service scenarios include the
deletion of the startup files on a computer,
rendering it unbootable, or deleting Web pages
from a Web server.
16.
17. BUSINESS RECOVERY PLANS
All firms should have a disaster recovery plan,
which is a contingency plan for resuming operations
for those 'situations in which operations are
interrupted for any reason, including when an
unforeseen man-made or natural disaster occurs.
Natural disasters include incidents such as fires,
smoke, floods, tornadoes, earthquakes, and high
wind and electrical storms.
Man-made disasters include incidents such as
viruses. hardware failure, sabotage, and error.