SlideShare a Scribd company logo

Security issues in e commerce

Download as PPTX, PDF
S
sadaf tst

This presentation is about Security issues in E-commerce

Internet
1 of 42
SECURITY ISSUES IN E-COMMERCE PRESENTED BY: SADAF WAJID ALI
CONTENTS • INTRODUCTION TO SECURITY ISSUES • TYPES OF ISSUES • PRIVACY • AUTHENTICATION • NON-REPUDIATION • PHISHING • CONFIDENTIALITY
CONTINUE… • SECURITY THREATS • DENIAL OF SERVICES • UNAUTHORIZED ACCESS • THEFT AND FRAUD
CONTINUE… • TYPES OF SECURITIES • ENCRYPTION • DECRYPTION • CRYPTOGRAPHY • BIOMETRIC
INTRODUCTION • E-COMMERCE CAN BE CLEARLY DEFINED AS THE BUYING AND SELLING OF SER- VICES OVER INTERNET. • IT CAN ALSO BE REFERRED TO AS E-BUSINESS. • WIKIPEDIA DESCRIBES MOBILE COMMERCE AS THE DELIVERY OF ELECTRONIC COMMERCE CAPABILITIES DIRECTLY INTO THE CONSUMER’S HAND. • THERE’S AN INCREASES IN E-COMMERCE AND AS A RESULT THIS HAS LED TO A LOT OF SECURITY ISSUES PARTICULARLY IN THE MOBILE COMMERCE ARENA. • PEOPLE USING THE INTERNET FOR COMMERCIAL TRANSACTIONS ALWAYS REMAIN AT RISK OF THEIR CONFIDENTIAL INFORMATION (PASS, CREDIT CARD)
BASIC SECURITY • AUTHENTICATION • AUTHORIZATION • CONFIDENTIALITY • INTEGRITY • NON-REPUDIATION
AUTHENTICATION • AUTHENTICATION IS DEFINED AS ESTABLISHING THE IDENTITY OF ONE PARTY TO ANOTHER. • AUTHENTICATION MECHANISMS ALWAYS WORK IN TWO DIRECTIONS • USER THAT HAS TO PROVE HIS IDENTIFY TO AN INFORMATION SYSTEM • THE INFORMATION SYSTEM HAS TO CONFIRM THIS IDENTITY • ONCE THE AUTHENTICATION TO A SYSTEM IS PERFORMED CORRECTLY, THE USER IS AUTHORIZED FOR FURTHER ACTIONS • E.G. EDITING PERSONAL SETTINGS OR CLOSING CONTRACTS.
AUTHENTICATION
AUTHORIZATION • AUTHORIZATION IS THE PROCESS OF GIVING SOMEONE PERMISSION TO DO OR HAVE SOMETHING. • THE PROCESS OF GRANTING OR DENYING ACCESS TO A NETWORK RESOURCE. • MOST COMPUTER SECURITY SYSTEMS ARE BASED ON A TWO-STEP PROCESS. • THE FIRST STAGE IS AUTHENTICATION • WHICH ENSURES THAT A USER IS WHO HE OR SHE CLAIMS TO BE • THE SECOND STAGE IS AUTHORIZATION, WHICH ALLOWS THE USER ACCESS TO VARIOUS RESOURCES BASED ON THE USER'S IDENTITY. • IN MULTI-USER COMPUTER SYSTEMS, A SYSTEM ADMINISTRATOR DEFINES FOR THE SYSTEM WHICH USERS ARE ALLOWED ACCESS TO THE SYSTEM AND WHAT PRIVILEGES OF USE • E.G.: ACCESS TO WHICH FILE DIRECTORIES, HOURS OF ACCESS, AMOUNT OF ALLOCATED STORAGE SPACE, AND SO FORTH.
CONTINUE…
CONTINUE…
DIFFERENCE B/W THEM
CONFIDENTIALITY • CONFIDENTIALITY IS THE PROTECTION OF PERSONAL INFORMATION. • MEANS KEEPING A CLIENT’S INFORMATION BETWEEN YOU AND THE CLIENT, AND NOT TELLING OTHERS INCLUDING CO-WORKERS, FRIENDS, FAMILY, ETC. • INDIVIDUAL FILES ARE LOCKED AND SECURED • SUPPORT WORKERS DO NOT TELL OTHER PEOPLE WHAT IS IN A CLIENT’S FILE UNLESS THEY HAVE PERMISSION FROM THE CLIENT • INFORMATION ABOUT CLIENTS IS NOT TOLD TO PEOPLE WHO DO NOT NEED TO KNOW
CONTINUE… • THE TYPES OF INFORMATION THAT IS CONSIDERED CONFIDENTIAL CAN INCLUDE: • NAME, DATE OF BIRTH, AGE, SEX AND ADDRESS • CURRENT CONTACT DETAILS OF FAMILY, GUARDIAN ETC • BANK DETAILS • SERVICE RECORDS AND FILE PROGRESS NOTES • INDIVIDUAL PERSONAL PLANS • INCOMING OR OUTGOING PERSONAL CORRESPONDENCE. • PRIVACY IS ABOUT PEOPLE. CONFIDENTIALITY IS ABOUT DATA.
INTEGRITY • IT REFERS TO THE CORRECTNESS AND COMPLETENESS OF DATA. • RELIABLE AND TRUSTABLE (ERROR FREE DATA). • BY LOGICAL MEANS (IN THE DATA BASE DATA MUST BE CONSISTENT) • ENSURING THAT INFORMATION WILL NOT BE ACCIDENTLY OR MALICIOUSLY ALTERED OR DESTROYED.
NON REPUDIATION • NONREPUDIATION IS THE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING. • TO REPUDIATE MEANS TO DENY. • FOR MANY YEARS, AUTHORITIES HAVE SOUGHT TO MAKE REPUDIATION IMPOSSIBLE IN SOME SITUATIONS. • YOU MIGHT SEND REGISTERED MAIL, FOR EXAMPLE, SO THE RECIPIENT CANNOT DENY THAT A LETTER WAS DELIVERED. • SIMILARLY, A LEGAL DOCUMENT TYPICALLY REQUIRES WITNESSES TO SIGNING SO THAT THE PERSON WHO SIGNS CANNOT DENY HAVING DONE SO.
CONTINUE… • A DIGITAL SIGNATURE IS USED NOT ONLY TO ENSURE THAT A MESSAGE OR DOCUMENT HAS BEEN ELECTRONICALLY SIGNED BY THE PERSON BUT ALSO, • SINCE A DIGITAL SIGNATURE CAN ONLY BE CREATED BY ONE PERSON • TO ENSURE THAT A PERSON CANNOT LATER DENY THAT THEY FURNISHED THE SIGNATURE. • SINCE NO SECURITY TECHNOLOGY IS ABSOLUTELY FOOL-PROOF, • IT IS SUGGESTED THAT MULTIPLE APPROACHES BE USED, SUCH AS • CAPTURING UNIQUE BIOMETRIC INFORMATION • AND OTHER DATA ABOUT THE SENDER OR SIGNER THAT COLLECTIVELY WOULD BE DIFFICULT TO REPUDIATE.
THE BIGGEST E-COMMERCE SECURITY ISSUES • PRIVACY ISSUES • PHISHING
PRIVACY • COMPROMISED PRIVACY IS ONE OF THE MOST COMPLICATED PROBLEM. • THEY GATHER, AND THEY ARE RESPONSIBLE FOR, PERSONAL DATA THAT ARE IDENTIFIABLE, AND MAY TRIGGER IDENTITY THEFT AND IMPERSONATION. • CURRENTLY, ANY RISK TAKEN IN THE FORM OF AN E-COMMERCE TRANSACTION LIES IN THE HANDS OF THE PROVIDER. FOR EXAMPLE, PAYPAL, AMAZON ETC… • FORTY-ONE PERCENT OF WEB BUYERS SURVEYED LAST YEAR THEY SAID THEY HAVE CONTACTED A SITE TO BE TAKEN OFF THEIR DATABASES BECAUSE THEY FELT THAT THE ORGANIZATION USED THEIR
CONTINUE… • MOST ONLINE CONSUMERS ARE AWARE THAT VARIOUS WEBSITES ARE COLLECT- ING AND STORING THEIR PRIVATE INFORMATION. • THEY FEAR, SOMETIMES RIGHTLY, THAT IF THIS DATA WERE TO FALL INTO THE WRONG HANDS, THEY COULD BE IMPERSONATED AND PERHAPS LEFT OUT OF POCKET
PHISHING • IT IS THE CRIMINALLY FRAUDULENT PROCESS TO ACQUIRE SENSITIVE INFORMATION SUCH AS • USERNAMES, PASSWORDS AND CREDIT CARD DETAILS, BY PRETENDING AS A TRUSTWORTHY ENTITY. • PHISHING SCAMS GENERALLY ARE CARRIED OUT BY EMAILING THE VICTIM WITH A ‘FRAUDULENT’ EMAILS. • WHEN THE VICTIM FOLLOWS THE LINK EMBEDDED WITHIN THE EMAIL THEY ARE BROUGHT TO AN ELABORATE AND SOPHISTICATED DUPLICATE OF THE LEGITIMATE ORGANIZATIONS WEBSITE. • PHISHING ATTACKS GENERALLY TARGET • BANK CUSTOMERS, ONLINE AUCTION SITES (SUCH AS EBAY), • ONLINE RETAILERS (SUCH AS AMAZON)
CONTINUE…
SECURITY THREATS DENIAL OF SERVICES UNAUTHORIZED ACCESS THEFT AND FRAUD
DENIAL OF SERVICES ATTACK • DENIAL OF SERVICE (DOS) ATTACKS CONSIST OF OVERWHELMING A SERVER, A NETWORK OR A WEBSITE IN ORDER TO PARALYZE ITS NORMAL ACTIVITY . • DEFENDING AGAINST DOS ATTACKS IS ONE OF THE MOST CHALLENGING SECURITY PROBLEMS ON THE INTERNET TODAY. • SYMPTOMS OF DENIAL-OF-SERVICE ATTACKS TO INCLUDE • UNUSUALLY SLOW NETWORK PERFORMANCE • UNAVAILABILITY OF A PARTICULAR WEB SITE
CONTINUE… • INABILITY TO ACCESS ANY WEB SITE • DRAMATIC INCREASE IN THE NUMBER OF SPAM EMAILS RECEIVED • PHLASHING – ALSO KNOWN AS A PERMANENT DENIAL-OF-SERVICE (PDOS) IS AN ATTACK THAT DAMAGES A SYSTEM SO BADLY THAT IT REQUIRES REPLACEMENT OR REINSTALLATION OF HARDWARE • RECENTLY TWITTER WAS THE SUBJECT OF A DOS ATTACK.
UNAUTHORIZED ACCESS • WHEN A PERSON WHO DOES NOT HAVE PERMISSION TO CONNECT TO OR USE A SYSTEM GAINS ENTRY IN A MANNER UN-INTENDED BY THE SYSTEM OWNER. • THE POPULAR TERM FOR THIS IS “HACKING” • INFORMATION TO SECURE YOUR SYSTEM : • CHANGE PASSWORDS OFTEN. IT IS RECOMMENDED AT LEAST ONCE EVERY FEW MONTHS. • CREATE A BIOS PASSWORD. • WHEN CREATING A PASSWORD, ADD NUMBERS OR OTHER CHARACTERS TO THE PASSWORD TO MAKE IT MORE DIFFICULT TO GUESS; FOR EXAMPLE: 1MYPASSWORD23!.
THEFT AND FRAUD • CARD-BASED PAYMENTS FRAUD: • INTERNET PAYMENT FRAUD IS CONSTANTLY INCREASING, AND IS, APPARENTLY, UNSTOPPABLE • THE NUMBER OF FRAUD CASES HAS INCREASED BY 19 PERCENT COMPARED TO 2013 • FRAUD IS NOT EXCLUSIVE TO CREDIT CARD PAYMENTS • USE OF MALWARE TO COMMAND ONLINE BANKING LOGINS VIA PHONES, TABLETS AND COMPUTERS • USING THE STOLEN BANK ACCOUNT DETAILS TO MAKE FRAUDULENT PAYMENTS • ALTERNATIVE” PAYMENT METHODS ARE ALSO ATTRACTING CRIMINALS • FRAUD OCCURS WHEN THE STOLEN DATA IS USED OR MODIFIED.
DIFFERENCE • FRAUD HAS THE INTENTION OF HIDING THE CRIMINAL ACT OF STEALING, • WHILE THEFT DOES NOT. • THIEVES KNOW THEY CAN’T HIDE THE ACT SO THEY DON’T MAKE MUCH EFFORT TO HIDE IT, • WHILE THE FRAUDSTER MAKES AN EXTRA EFFORT TO HIDE THE ACT. • BANK ROBBERY IS THEFT WHILE BANK EMBEZZLEMENT(GHAPLA) IS FRAUD.
TYPES OF SECURITIES ENCRYPTION DECRYPTION CRYPTOGRAPHY BIOMETRIC TWO STEP VERIFICATION
ENCRYPTION • THUS "ENCRYPTION" BASICALLY IS SOME PROCESS OR ALGORITHM (KNOWN AS A CIPHER) TO MAKE INFORMATION HIDDEN OR SECRET • THE PROCESS OF SCRAMBLING A MESSAGE IN SUCH A WAY THAT IT IS DIFFICULT, EXPECTING OR TIME CONSUMING FOR AN UNAUTHORIZED PERSON TO UNSCRAMBLE (DECRYPT) IT. • METHODS OF ENCRYPTION: HASHING, SYMMETRIC METHODS ,ASYMMETRIC METHODS
DECRYPTION • THE PROCESS OF UNSCRAMBLING A MESSAGE IN SUCH A WAY THAT IT IS UNDERSTAND BY UNAUTHORIZED PERSON.
CONTINUE…
CRYPTOGRAPHY • CRYPTO" STANDS FOR "HIDDEN, SECRET", • AND "GRAPHY" DENOTES "A PROCESS OR FORM OF DRAWING, WRITING, REPRESENTING, RECORDING, DESCRIBING, ETC., • CRYPTOGRAPHY IS THE SCIENCE CONCERNED WITH THE STUDY OF SECRET COMMUNICATION • THE CONVERSION OF INFORMATION FROM A READABLE STATE TO APPARENT NONSENSE.
BIOMETRIC • IT REPLACES THE TRADITIONAL VERIFICATION METHODS OF SHOWING IDENTITY CARDS • OR ENTERING PASSWORDS • WITH THE SCANNING OF FINGERPRINTS, • FACE • OR A PALM. • BIOMETRICS ALSO INCLUDES THE IDENTIFICATION OF BEHAVIORAL ASPECTS SUCH AS • VOICE • SIGNATURE • OR THE WAY A USER STRIKES THE KEYS ON A KEYBOARD.
CONTINUE… • BIOMETRICS ASSISTS CUSTOMERS IN RETAINING THEIR IDENTITY RATHER THAN REMEMBERING PASSWORDS, CODES, OR SECRET QUESTIONS.
TECHNOLOGIES USED TODAY
TWO STEP VERIFICATION • TWO-STEP VERIFICATION IS A PROCESS THAT INVOLVES TWO AUTHENTICATION METHODS • PERFORMED ONE AFTER THE OTHER TO VERIFY THAT SOMEONE OR SOMETHING REQUESTING TO ACCESS IS WHO OR WHAT THEY ARE DECLARED TO BE. • 2-STEP VERIFICATION. • YOU ADD AN EXTRA LAYER OF SECURITY TO YOUR ACCOUNT. • YOU SIGN IN WITH SOMETHING YOU KNOW (YOUR PASSWORD) • AND SOMETHING YOU HAVE (A CODE SENT TO YOUR PHONE). • EVEN IF SOMEONE ELSE FINDS YOUR PASSWORD, THEY'LL BE STOPPED IF THEY DON'T HAVE ACCESS TO YOUR SECURITY INFO
CONTINUE… • IF YOU TURN ON TWO-STEP VERIFICATION, • YOU’LL GET A SECURITY CODE TO YOUR EMAIL, PHONE, OR AUTHENTICATOR APP EVERY TIME YOU SIGN IN ON A DEVICE THAT ISN'T TRUSTED.
Security issues in e commerce

Recommended

Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Electronic Payment Systems in E Commerce
Electronic Payment Systems in E CommerceElectronic Payment Systems in E Commerce
Electronic Payment Systems in E CommerceVinay Chaithanya
 
Security Threats in E-Commerce
Security Threats in E-CommerceSecurity Threats in E-Commerce
Security Threats in E-CommerceDattatreya Reddy Peram
 
overview of electronic payment system
overview of electronic payment system overview of electronic payment system
overview of electronic payment system Kavitha Ravi
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
History of E commerce- Brief History
History of E commerce- Brief HistoryHistory of E commerce- Brief History
History of E commerce- Brief HistoryJustine Therese Zamora
 

Recommended

Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Electronic Payment Systems in E Commerce
Electronic Payment Systems in E CommerceElectronic Payment Systems in E Commerce
Electronic Payment Systems in E CommerceVinay Chaithanya
 
Security Threats in E-Commerce
Security Threats in E-CommerceSecurity Threats in E-Commerce
Security Threats in E-CommerceDattatreya Reddy Peram
 
overview of electronic payment system
overview of electronic payment system overview of electronic payment system
overview of electronic payment system Kavitha Ravi
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
History of E commerce- Brief History
History of E commerce- Brief HistoryHistory of E commerce- Brief History
History of E commerce- Brief HistoryJustine Therese Zamora
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment systemGc university faisalabad
 
Chapter 8 / Electronic Payment
Chapter 8 / Electronic PaymentChapter 8 / Electronic Payment
Chapter 8 / Electronic PaymentEyad Almasri
 
E-Commerce Security
E-Commerce SecurityE-Commerce Security
E-Commerce SecuritySyed Maniruzzaman Pabel
 
E-Commerce PPT
E-Commerce PPTE-Commerce PPT
E-Commerce PPTOTHERS
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerceakhand Akhandenator
 
architecture framework for ecommerce
architecture framework for ecommercearchitecture framework for ecommerce
architecture framework for ecommercepreetikapri1
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
Legal ethical issues E commerce
Legal ethical issues E commerceLegal ethical issues E commerce
Legal ethical issues E commerceWisnu Dewobroto
 
e payment system ppt
e payment system ppte payment system ppt
e payment system pptminisharma35
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemDattatreya Reddy Peram
 
E commerce infrastructure
E commerce infrastructureE commerce infrastructure
E commerce infrastructureRaj vardhan
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemRitesh Goyal
 
e-cheque
e-chequee-cheque
e-chequeraksha93
 
electronic payment system
electronic payment system electronic payment system
electronic payment system RonakJain191
 
E commerce and its applications
E commerce and its applications E commerce and its applications
E commerce and its applications ksingh777
 
E - Commerce
E - CommerceE - Commerce
E - CommerceShashank Gupta
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
E commerce business models
E commerce business modelsE commerce business models
E commerce business modelsVikram g b
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce securitypolitegcuf
 
E - Marketing
E - Marketing E - Marketing
E - Marketing Jeril Peter
 
Security Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptxSecurity Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptxAnshika865276
 
Social engineering
Social engineering Social engineering
Social engineering Abdelhamid Limami
 

More Related Content

What's hot

Chapter 8 / Electronic Payment
Chapter 8 / Electronic PaymentChapter 8 / Electronic Payment
Chapter 8 / Electronic PaymentEyad Almasri
 
E-Commerce PPT
E-Commerce PPTE-Commerce PPT
E-Commerce PPTOTHERS
 
architecture framework for ecommerce
architecture framework for ecommercearchitecture framework for ecommerce
architecture framework for ecommercepreetikapri1
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
Legal ethical issues E commerce
Legal ethical issues E commerceLegal ethical issues E commerce
Legal ethical issues E commerceWisnu Dewobroto
 
e payment system ppt
e payment system ppte payment system ppt
e payment system pptminisharma35
 
E commerce infrastructure
E commerce infrastructureE commerce infrastructure
E commerce infrastructureRaj vardhan
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemRitesh Goyal
 
electronic payment system
electronic payment system electronic payment system
electronic payment system RonakJain191
 
E commerce and its applications
E commerce and its applications E commerce and its applications
E commerce and its applications ksingh777
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
E commerce business models
E commerce business modelsE commerce business models
E commerce business modelsVikram g b
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce securitypolitegcuf
 

What's hot (20)

Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment system
 
Chapter 8 / Electronic Payment
Chapter 8 / Electronic PaymentChapter 8 / Electronic Payment
Chapter 8 / Electronic Payment
 
E-Commerce Security
E-Commerce SecurityE-Commerce Security
E-Commerce Security
 
E-Commerce PPT
E-Commerce PPTE-Commerce PPT
E-Commerce PPT
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerce
 
architecture framework for ecommerce
architecture framework for ecommercearchitecture framework for ecommerce
architecture framework for ecommerce
 
E commerce security
E commerce securityE commerce security
E commerce security
 
Legal ethical issues E commerce
Legal ethical issues E commerceLegal ethical issues E commerce
Legal ethical issues E commerce
 
e payment system ppt
e payment system ppte payment system ppt
e payment system ppt
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment System
 
E commerce infrastructure
E commerce infrastructureE commerce infrastructure
E commerce infrastructure
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment System
 
e-cheque
e-chequee-cheque
e-cheque
 
electronic payment system
electronic payment system electronic payment system
electronic payment system
 
E commerce and its applications
E commerce and its applications E commerce and its applications
E commerce and its applications
 
E - Commerce
E - CommerceE - Commerce
E - Commerce
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
E commerce business models
E commerce business modelsE commerce business models
E commerce business models
 
Ecommerce security
Ecommerce securityEcommerce security
Ecommerce security
 
E - Marketing
E - Marketing E - Marketing
E - Marketing
 

Similar to Security issues in e commerce

Security Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptxSecurity Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptxAnshika865276
 
Cyber Crime and Prevention Tips
Cyber Crime and Prevention TipsCyber Crime and Prevention Tips
Cyber Crime and Prevention TipsTayyab Farooq
 
Date security identifcation and authentication
Date security identifcation and authenticationDate security identifcation and authentication
Date security identifcation and authenticationLeo Mark Villar
 
NIS-CH 1-PART 1 (1).pptx
NIS-CH 1-PART 1 (1).pptxNIS-CH 1-PART 1 (1).pptx
NIS-CH 1-PART 1 (1).pptxchandutidake
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityDheeraj Kumar Tiwari
 
Cyber Crime & Precautions
Cyber Crime & PrecautionsCyber Crime & Precautions
Cyber Crime & PrecautionsTalwant Singh
 
Cyber law (identity theft)
Cyber law (identity theft)Cyber law (identity theft)
Cyber law (identity theft)Jermaine Smith
 
Cyber Law (Identity Theft)
Cyber Law (Identity Theft)Cyber Law (Identity Theft)
Cyber Law (Identity Theft)Jermaine Smith
 
Edu 3 arya. s 24 Cyber privacy
Edu 3 arya. s 24 Cyber privacy Edu 3 arya. s 24 Cyber privacy
Edu 3 arya. s 24 Cyber privacy ARYAS87
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
PROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACYPROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACYDoubleXDS
 
Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)aleeya91
 
H -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringH -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringGAURAV. H .TANDON
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technicalStephen Cobb
 

Similar to Security issues in e commerce (20)

Security Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptxSecurity Issues in E-Commerce.pptx
Security Issues in E-Commerce.pptx
 
Social engineering
Social engineering Social engineering
Social engineering
 
Cyber Crime and Prevention Tips
Cyber Crime and Prevention TipsCyber Crime and Prevention Tips
Cyber Crime and Prevention Tips
 
Date security identifcation and authentication
Date security identifcation and authenticationDate security identifcation and authentication
Date security identifcation and authentication
 
NIS-CH 1-PART 1 (1).pptx
NIS-CH 1-PART 1 (1).pptxNIS-CH 1-PART 1 (1).pptx
NIS-CH 1-PART 1 (1).pptx
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and security
 
Information Privacy
Information PrivacyInformation Privacy
Information Privacy
 
Cyber Crime & Precautions
Cyber Crime & PrecautionsCyber Crime & Precautions
Cyber Crime & Precautions
 
Cyber law (identity theft)
Cyber law (identity theft)Cyber law (identity theft)
Cyber law (identity theft)
 
Cyber Law (Identity Theft)
Cyber Law (Identity Theft)Cyber Law (Identity Theft)
Cyber Law (Identity Theft)
 
Edu 3 arya. s 24 Cyber privacy
Edu 3 arya. s 24 Cyber privacy Edu 3 arya. s 24 Cyber privacy
Edu 3 arya. s 24 Cyber privacy
 
Fraud Awareness
Fraud AwarenessFraud Awareness
Fraud Awareness
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Identity theft
Identity theftIdentity theft
Identity theft
 
Dangers of Computer devices
Dangers of Computer devices Dangers of Computer devices
Dangers of Computer devices
 
PROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACYPROTECTION PERSONAL PRIVACY
PROTECTION PERSONAL PRIVACY
 
Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)
 
H -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringH -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroring
 
Security and trust in e payment
Security and trust in e paymentSecurity and trust in e payment
Security and trust in e payment
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 

Recently uploaded

VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 

Recently uploaded (20)

VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 

Security issues in e commerce

  • 1.
  • 2. SECURITY ISSUES IN E-COMMERCE PRESENTED BY: SADAF WAJID ALI
  • 3. CONTENTS • INTRODUCTION TO SECURITY ISSUES • TYPES OF ISSUES • PRIVACY • AUTHENTICATION • NON-REPUDIATION • PHISHING • CONFIDENTIALITY
  • 4. CONTINUE… • SECURITY THREATS • DENIAL OF SERVICES • UNAUTHORIZED ACCESS • THEFT AND FRAUD
  • 5. CONTINUE… • TYPES OF SECURITIES • ENCRYPTION • DECRYPTION • CRYPTOGRAPHY • BIOMETRIC
  • 6. INTRODUCTION • E-COMMERCE CAN BE CLEARLY DEFINED AS THE BUYING AND SELLING OF SER- VICES OVER INTERNET. • IT CAN ALSO BE REFERRED TO AS E-BUSINESS. • WIKIPEDIA DESCRIBES MOBILE COMMERCE AS THE DELIVERY OF ELECTRONIC COMMERCE CAPABILITIES DIRECTLY INTO THE CONSUMER’S HAND. • THERE’S AN INCREASES IN E-COMMERCE AND AS A RESULT THIS HAS LED TO A LOT OF SECURITY ISSUES PARTICULARLY IN THE MOBILE COMMERCE ARENA. • PEOPLE USING THE INTERNET FOR COMMERCIAL TRANSACTIONS ALWAYS REMAIN AT RISK OF THEIR CONFIDENTIAL INFORMATION (PASS, CREDIT CARD)
  • 7. BASIC SECURITY • AUTHENTICATION • AUTHORIZATION • CONFIDENTIALITY • INTEGRITY • NON-REPUDIATION
  • 8. AUTHENTICATION • AUTHENTICATION IS DEFINED AS ESTABLISHING THE IDENTITY OF ONE PARTY TO ANOTHER. • AUTHENTICATION MECHANISMS ALWAYS WORK IN TWO DIRECTIONS • USER THAT HAS TO PROVE HIS IDENTIFY TO AN INFORMATION SYSTEM • THE INFORMATION SYSTEM HAS TO CONFIRM THIS IDENTITY • ONCE THE AUTHENTICATION TO A SYSTEM IS PERFORMED CORRECTLY, THE USER IS AUTHORIZED FOR FURTHER ACTIONS • E.G. EDITING PERSONAL SETTINGS OR CLOSING CONTRACTS.
  • 10. AUTHORIZATION • AUTHORIZATION IS THE PROCESS OF GIVING SOMEONE PERMISSION TO DO OR HAVE SOMETHING. • THE PROCESS OF GRANTING OR DENYING ACCESS TO A NETWORK RESOURCE. • MOST COMPUTER SECURITY SYSTEMS ARE BASED ON A TWO-STEP PROCESS. • THE FIRST STAGE IS AUTHENTICATION • WHICH ENSURES THAT A USER IS WHO HE OR SHE CLAIMS TO BE • THE SECOND STAGE IS AUTHORIZATION, WHICH ALLOWS THE USER ACCESS TO VARIOUS RESOURCES BASED ON THE USER'S IDENTITY. • IN MULTI-USER COMPUTER SYSTEMS, A SYSTEM ADMINISTRATOR DEFINES FOR THE SYSTEM WHICH USERS ARE ALLOWED ACCESS TO THE SYSTEM AND WHAT PRIVILEGES OF USE • E.G.: ACCESS TO WHICH FILE DIRECTORIES, HOURS OF ACCESS, AMOUNT OF ALLOCATED STORAGE SPACE, AND SO FORTH.
  • 14. CONFIDENTIALITY • CONFIDENTIALITY IS THE PROTECTION OF PERSONAL INFORMATION. • MEANS KEEPING A CLIENT’S INFORMATION BETWEEN YOU AND THE CLIENT, AND NOT TELLING OTHERS INCLUDING CO-WORKERS, FRIENDS, FAMILY, ETC. • INDIVIDUAL FILES ARE LOCKED AND SECURED • SUPPORT WORKERS DO NOT TELL OTHER PEOPLE WHAT IS IN A CLIENT’S FILE UNLESS THEY HAVE PERMISSION FROM THE CLIENT • INFORMATION ABOUT CLIENTS IS NOT TOLD TO PEOPLE WHO DO NOT NEED TO KNOW
  • 15. CONTINUE… • THE TYPES OF INFORMATION THAT IS CONSIDERED CONFIDENTIAL CAN INCLUDE: • NAME, DATE OF BIRTH, AGE, SEX AND ADDRESS • CURRENT CONTACT DETAILS OF FAMILY, GUARDIAN ETC • BANK DETAILS • SERVICE RECORDS AND FILE PROGRESS NOTES • INDIVIDUAL PERSONAL PLANS • INCOMING OR OUTGOING PERSONAL CORRESPONDENCE. • PRIVACY IS ABOUT PEOPLE. CONFIDENTIALITY IS ABOUT DATA.
  • 16. INTEGRITY • IT REFERS TO THE CORRECTNESS AND COMPLETENESS OF DATA. • RELIABLE AND TRUSTABLE (ERROR FREE DATA). • BY LOGICAL MEANS (IN THE DATA BASE DATA MUST BE CONSISTENT) • ENSURING THAT INFORMATION WILL NOT BE ACCIDENTLY OR MALICIOUSLY ALTERED OR DESTROYED.
  • 17. NON REPUDIATION • NONREPUDIATION IS THE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING. • TO REPUDIATE MEANS TO DENY. • FOR MANY YEARS, AUTHORITIES HAVE SOUGHT TO MAKE REPUDIATION IMPOSSIBLE IN SOME SITUATIONS. • YOU MIGHT SEND REGISTERED MAIL, FOR EXAMPLE, SO THE RECIPIENT CANNOT DENY THAT A LETTER WAS DELIVERED. • SIMILARLY, A LEGAL DOCUMENT TYPICALLY REQUIRES WITNESSES TO SIGNING SO THAT THE PERSON WHO SIGNS CANNOT DENY HAVING DONE SO.
  • 18. CONTINUE… • A DIGITAL SIGNATURE IS USED NOT ONLY TO ENSURE THAT A MESSAGE OR DOCUMENT HAS BEEN ELECTRONICALLY SIGNED BY THE PERSON BUT ALSO, • SINCE A DIGITAL SIGNATURE CAN ONLY BE CREATED BY ONE PERSON • TO ENSURE THAT A PERSON CANNOT LATER DENY THAT THEY FURNISHED THE SIGNATURE. • SINCE NO SECURITY TECHNOLOGY IS ABSOLUTELY FOOL-PROOF, • IT IS SUGGESTED THAT MULTIPLE APPROACHES BE USED, SUCH AS • CAPTURING UNIQUE BIOMETRIC INFORMATION • AND OTHER DATA ABOUT THE SENDER OR SIGNER THAT COLLECTIVELY WOULD BE DIFFICULT TO REPUDIATE.
  • 19. THE BIGGEST E-COMMERCE SECURITY ISSUES • PRIVACY ISSUES • PHISHING
  • 20. PRIVACY • COMPROMISED PRIVACY IS ONE OF THE MOST COMPLICATED PROBLEM. • THEY GATHER, AND THEY ARE RESPONSIBLE FOR, PERSONAL DATA THAT ARE IDENTIFIABLE, AND MAY TRIGGER IDENTITY THEFT AND IMPERSONATION. • CURRENTLY, ANY RISK TAKEN IN THE FORM OF AN E-COMMERCE TRANSACTION LIES IN THE HANDS OF THE PROVIDER. FOR EXAMPLE, PAYPAL, AMAZON ETC… • FORTY-ONE PERCENT OF WEB BUYERS SURVEYED LAST YEAR THEY SAID THEY HAVE CONTACTED A SITE TO BE TAKEN OFF THEIR DATABASES BECAUSE THEY FELT THAT THE ORGANIZATION USED THEIR
  • 21. CONTINUE… • MOST ONLINE CONSUMERS ARE AWARE THAT VARIOUS WEBSITES ARE COLLECT- ING AND STORING THEIR PRIVATE INFORMATION. • THEY FEAR, SOMETIMES RIGHTLY, THAT IF THIS DATA WERE TO FALL INTO THE WRONG HANDS, THEY COULD BE IMPERSONATED AND PERHAPS LEFT OUT OF POCKET
  • 22. PHISHING • IT IS THE CRIMINALLY FRAUDULENT PROCESS TO ACQUIRE SENSITIVE INFORMATION SUCH AS • USERNAMES, PASSWORDS AND CREDIT CARD DETAILS, BY PRETENDING AS A TRUSTWORTHY ENTITY. • PHISHING SCAMS GENERALLY ARE CARRIED OUT BY EMAILING THE VICTIM WITH A ‘FRAUDULENT’ EMAILS. • WHEN THE VICTIM FOLLOWS THE LINK EMBEDDED WITHIN THE EMAIL THEY ARE BROUGHT TO AN ELABORATE AND SOPHISTICATED DUPLICATE OF THE LEGITIMATE ORGANIZATIONS WEBSITE. • PHISHING ATTACKS GENERALLY TARGET • BANK CUSTOMERS, ONLINE AUCTION SITES (SUCH AS EBAY), • ONLINE RETAILERS (SUCH AS AMAZON)
  • 24. SECURITY THREATS DENIAL OF SERVICES UNAUTHORIZED ACCESS THEFT AND FRAUD
  • 25. DENIAL OF SERVICES ATTACK • DENIAL OF SERVICE (DOS) ATTACKS CONSIST OF OVERWHELMING A SERVER, A NETWORK OR A WEBSITE IN ORDER TO PARALYZE ITS NORMAL ACTIVITY . • DEFENDING AGAINST DOS ATTACKS IS ONE OF THE MOST CHALLENGING SECURITY PROBLEMS ON THE INTERNET TODAY. • SYMPTOMS OF DENIAL-OF-SERVICE ATTACKS TO INCLUDE • UNUSUALLY SLOW NETWORK PERFORMANCE • UNAVAILABILITY OF A PARTICULAR WEB SITE
  • 26. CONTINUE… • INABILITY TO ACCESS ANY WEB SITE • DRAMATIC INCREASE IN THE NUMBER OF SPAM EMAILS RECEIVED • PHLASHING – ALSO KNOWN AS A PERMANENT DENIAL-OF-SERVICE (PDOS) IS AN ATTACK THAT DAMAGES A SYSTEM SO BADLY THAT IT REQUIRES REPLACEMENT OR REINSTALLATION OF HARDWARE • RECENTLY TWITTER WAS THE SUBJECT OF A DOS ATTACK.
  • 27.
  • 28. UNAUTHORIZED ACCESS • WHEN A PERSON WHO DOES NOT HAVE PERMISSION TO CONNECT TO OR USE A SYSTEM GAINS ENTRY IN A MANNER UN-INTENDED BY THE SYSTEM OWNER. • THE POPULAR TERM FOR THIS IS “HACKING” • INFORMATION TO SECURE YOUR SYSTEM : • CHANGE PASSWORDS OFTEN. IT IS RECOMMENDED AT LEAST ONCE EVERY FEW MONTHS. • CREATE A BIOS PASSWORD. • WHEN CREATING A PASSWORD, ADD NUMBERS OR OTHER CHARACTERS TO THE PASSWORD TO MAKE IT MORE DIFFICULT TO GUESS; FOR EXAMPLE: 1MYPASSWORD23!.
  • 29. THEFT AND FRAUD • CARD-BASED PAYMENTS FRAUD: • INTERNET PAYMENT FRAUD IS CONSTANTLY INCREASING, AND IS, APPARENTLY, UNSTOPPABLE • THE NUMBER OF FRAUD CASES HAS INCREASED BY 19 PERCENT COMPARED TO 2013 • FRAUD IS NOT EXCLUSIVE TO CREDIT CARD PAYMENTS • USE OF MALWARE TO COMMAND ONLINE BANKING LOGINS VIA PHONES, TABLETS AND COMPUTERS • USING THE STOLEN BANK ACCOUNT DETAILS TO MAKE FRAUDULENT PAYMENTS • ALTERNATIVE” PAYMENT METHODS ARE ALSO ATTRACTING CRIMINALS • FRAUD OCCURS WHEN THE STOLEN DATA IS USED OR MODIFIED.
  • 30. DIFFERENCE • FRAUD HAS THE INTENTION OF HIDING THE CRIMINAL ACT OF STEALING, • WHILE THEFT DOES NOT. • THIEVES KNOW THEY CAN’T HIDE THE ACT SO THEY DON’T MAKE MUCH EFFORT TO HIDE IT, • WHILE THE FRAUDSTER MAKES AN EXTRA EFFORT TO HIDE THE ACT. • BANK ROBBERY IS THEFT WHILE BANK EMBEZZLEMENT(GHAPLA) IS FRAUD.
  • 32. ENCRYPTION • THUS "ENCRYPTION" BASICALLY IS SOME PROCESS OR ALGORITHM (KNOWN AS A CIPHER) TO MAKE INFORMATION HIDDEN OR SECRET • THE PROCESS OF SCRAMBLING A MESSAGE IN SUCH A WAY THAT IT IS DIFFICULT, EXPECTING OR TIME CONSUMING FOR AN UNAUTHORIZED PERSON TO UNSCRAMBLE (DECRYPT) IT. • METHODS OF ENCRYPTION: HASHING, SYMMETRIC METHODS ,ASYMMETRIC METHODS
  • 33.
  • 34. DECRYPTION • THE PROCESS OF UNSCRAMBLING A MESSAGE IN SUCH A WAY THAT IT IS UNDERSTAND BY UNAUTHORIZED PERSON.
  • 36. CRYPTOGRAPHY • CRYPTO" STANDS FOR "HIDDEN, SECRET", • AND "GRAPHY" DENOTES "A PROCESS OR FORM OF DRAWING, WRITING, REPRESENTING, RECORDING, DESCRIBING, ETC., • CRYPTOGRAPHY IS THE SCIENCE CONCERNED WITH THE STUDY OF SECRET COMMUNICATION • THE CONVERSION OF INFORMATION FROM A READABLE STATE TO APPARENT NONSENSE.
  • 37. BIOMETRIC • IT REPLACES THE TRADITIONAL VERIFICATION METHODS OF SHOWING IDENTITY CARDS • OR ENTERING PASSWORDS • WITH THE SCANNING OF FINGERPRINTS, • FACE • OR A PALM. • BIOMETRICS ALSO INCLUDES THE IDENTIFICATION OF BEHAVIORAL ASPECTS SUCH AS • VOICE • SIGNATURE • OR THE WAY A USER STRIKES THE KEYS ON A KEYBOARD.
  • 38. CONTINUE… • BIOMETRICS ASSISTS CUSTOMERS IN RETAINING THEIR IDENTITY RATHER THAN REMEMBERING PASSWORDS, CODES, OR SECRET QUESTIONS.
  • 40. TWO STEP VERIFICATION • TWO-STEP VERIFICATION IS A PROCESS THAT INVOLVES TWO AUTHENTICATION METHODS • PERFORMED ONE AFTER THE OTHER TO VERIFY THAT SOMEONE OR SOMETHING REQUESTING TO ACCESS IS WHO OR WHAT THEY ARE DECLARED TO BE. • 2-STEP VERIFICATION. • YOU ADD AN EXTRA LAYER OF SECURITY TO YOUR ACCOUNT. • YOU SIGN IN WITH SOMETHING YOU KNOW (YOUR PASSWORD) • AND SOMETHING YOU HAVE (A CODE SENT TO YOUR PHONE). • EVEN IF SOMEONE ELSE FINDS YOUR PASSWORD, THEY'LL BE STOPPED IF THEY DON'T HAVE ACCESS TO YOUR SECURITY INFO
  • 41. CONTINUE… • IF YOU TURN ON TWO-STEP VERIFICATION, • YOU’LL GET A SECURITY CODE TO YOUR EMAIL, PHONE, OR AUTHENTICATOR APP EVERY TIME YOU SIGN IN ON A DEVICE THAT ISN'T TRUSTED.