The presentation discussed the what is e-commerce security and its dimensions, threat concerns, ways to protect e-commerce site from hacking and fraud. It also includes the different e-commerce payment methods.
The presentation is all about the e-commerce infrastructures pertaining to the internet, web and mobile. It include class discussion about augmented reality, HTML 5 advantages / disadvantages and mobile apps benefits. Topics include e-commerce web store requirements, background about internet, html, web servers, websites and web browsers. The presentation was used during the Doctor in Information Technology Advance E-Commerce Course at the University of the East - Manila Campus.
The presentation covers lecture how to build e-commerce presence and website. The presenter also included ideas or reasons in developing mobile website and building m-commerce presence. In addition, provided tips how to build mobile applications in 12 easy steps.
The presentation is all about the e-commerce infrastructures pertaining to the internet, web and mobile. It include class discussion about augmented reality, HTML 5 advantages / disadvantages and mobile apps benefits. Topics include e-commerce web store requirements, background about internet, html, web servers, websites and web browsers. The presentation was used during the Doctor in Information Technology Advance E-Commerce Course at the University of the East - Manila Campus.
The presentation covers lecture how to build e-commerce presence and website. The presenter also included ideas or reasons in developing mobile website and building m-commerce presence. In addition, provided tips how to build mobile applications in 12 easy steps.
Web business is the significance of improvement. It is the market by driving arrangements by exposing issues around an online store's picture and thing commitments. That suggests at whatever point you buy and offer something on the web then you get drew in with online business. It is starting at now a champion among the most basic parts of the Internet to create.
Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. - sans.org
Internet based e-commerce has besides, great advantages, posed many threats because of its being what is popularly called faceless and borderless.Privacy has been and continues to be a significant issue of concern for both current and prospective electronic commerce customers. In addition to privacy concerns, other ethical issues are involved with electronic commerce. The Internet offers unprecedented ease of access to a vast array of goods and services. The rapidly expanding arena of "click and mortar" and the largely unregulated cyberspace medium have however prompted concerns about both privacy and data security.
Ethical, Social, and Political Issues in E-commerceNor Ayuzi Deraman
Internet, like other technologies, can:
Enable new crimes
Affect environment
Threaten social values
Costs and benefits must be carefully considered, especially when there are no clear-cut legal or cultural guidelines
Web business is the significance of improvement. It is the market by driving arrangements by exposing issues around an online store's picture and thing commitments. That suggests at whatever point you buy and offer something on the web then you get drew in with online business. It is starting at now a champion among the most basic parts of the Internet to create.
Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. - sans.org
Internet based e-commerce has besides, great advantages, posed many threats because of its being what is popularly called faceless and borderless.Privacy has been and continues to be a significant issue of concern for both current and prospective electronic commerce customers. In addition to privacy concerns, other ethical issues are involved with electronic commerce. The Internet offers unprecedented ease of access to a vast array of goods and services. The rapidly expanding arena of "click and mortar" and the largely unregulated cyberspace medium have however prompted concerns about both privacy and data security.
Ethical, Social, and Political Issues in E-commerceNor Ayuzi Deraman
Internet, like other technologies, can:
Enable new crimes
Affect environment
Threaten social values
Costs and benefits must be carefully considered, especially when there are no clear-cut legal or cultural guidelines
Christian Larsen, Regional Manager, International, SMS Passcode
Virtualization Forum 2014, Prague, 22.10.2014
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).
Cyber insurance : Fraud, waste or abuse?Priyanka Aash
Cyber-insurance is quickly becoming one of the hottest selling products on the market and an ever-increasing variety is being offered to businesses. Did you know that a security breach caused by dry rot, acts of terrorism or a known vulnerability won’t pay out? After careful review of cyber-policies, you may find them to be fraudulent, a waste of money, abuse of power or the best thing ever.
(Source : RSA Conference USA 2017)
10 ways to protect your e commerce site from hacking & fraudWebSitePulse
According to the Hacked Website Report by Sucuri, the number of websites getting compromised by hackers is increasing every year. The damage related to cybercrime is expected to hit $6 trillion by the end of 2020.
If you are planning to launch an eCommerce website or already running a successful one, you must have to upgrade the security of your website regularly. Here, I am sharing some useful ways to keep your eCommerce site safe from hackers and fraudsters.
Protecting Your Business from Cybercrime - Cybersecurity 101David J Rosenthal
Cybercrime impacts a lot of users every year.
Indirectly (compromised merchant – credit card)
Directly (compromised login credentials)
Cybercrime’s impact can be financial and reputation to your company
Impacts 1 in 5 small businesses every year
Cybercrime is a global business
The Internet allows attackers to be anywhere in the world and attacking victims anywhere in the world
Today more organized and motivated than any time in history
Presentation by Charl van der Walt, Jaco van Graan and Roelof Temmingh at ISEC in 2000.
The presentation begins with a discussion on commercial crime statics and trends. Security fundamentals such as encryption and the four pillars of information security are discussed. The presentation ends with a series of discussions on the seven steps of the security process.
Lecture presentation to identify sets of principles, standards, or rules that guide the moral action of an individual; illustrate morality and code of conduct; apply the ten commandments of computer ethics; determine some ethical issues in computing; analyze the relevant laws in computing; criticize and argue legal issues of Data Privacy, Cybercrime and Intellectual Property.
Introduction to Computing lecture presentation to analyze the number systems handled by digital computing devices to process data, convert decimal to binary, solve Binary Arithmetic, and extend understanding of other number systems (Octal and Hexadecimal).
Digital computer deals with numbers; it is essential to know what kind of numbers can be handled most easily when using these machines. We accustomed to work primarily with the decimal number system for numerical calculations, but there is some number of systems that are far better suited to the capabilities of digital computers. And there is a number system used to represents numerical data when using the computer.
This lecture presentation recognizes the difference between IS and IT, reflection on its role in different disciplines and anticipate careers in IT or IS fields.
The presentation is about the career path in the field of Data Science. Data Science is a multi-disciplinary field that uses scientific methods, processes, algorithms, and systems to extract knowledge and insights from structured and unstructured data.
Week 02 to 03 Presentation
This course provides an overview of the computing industry, the computing profession, including research and applications in different fields of Computer Science, Information Technology, and Information System. The emphasis is to train students to gain knowledge of the fundamentals of the computing world and its application to the various disciplines using research as a method of understanding.
This course provides an overview of the computing industry, the computing profession, including research and applications in different fields of Computer Science, Information Technology, and Information System. The emphasis is to train students to gain knowledge of the fundamentals of the computing world and its application to the different disciplines using research as a method of understanding.
This piece of work entitled “Oasis of Sparkling and Refreshing Truisms” shall serve as a reference for those seeking to inspire and to provoke serious thinking and challenging people to live life to the max through nuggets.
These are ageless and enduring sayings from an executive whom everyone will admire most, especially if you have a personal conversation with him, the Honorable President of the Laguna State Polytechnic University DR. RICARDO A. WAGAN.
I invite the readers of this piece of work to ponder deeper thoughts as you read Dr. Wagan’s shining and uplifting truisms. . . not a boring moment will exist, or an idle word escape your lips if you make these words of wisdom a part of your life.
The software installation track is composed of 11 phases. It covers creating ISO File, creating bootable disc, configuring the boot sequence of computer or laptop, partitioning the hard disk or disk drive, installing Microsoft Windows Operating System, installing Microsoft Office applications, installing Anti-Virus, installing web browser, installing Adobe Acrobat Reader, installing data Compression tool and computer hardware drivers installation.
More from Laguna State Polytechnic University (20)
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
3. “◎“If you think technology can solve
your security problems, then you don’t
understand the problems and you
don’t understand the technology.”
◎– Bruce Schneier
5. TABLE OF CONTENTS
• E-commerce security and
its dimensions
• E-commerce Threat
Concerns
• E-commerce Threats
• Ways to Protect your
Ecommerce Site from
Hacking and Fraud
• E-Commerce Payment
Methods
6. WHAT IS E-COMMERCE SECURITY?
E-commerce security
is the protection of e-commerce assets from
unauthorized access, use, alteration, or destruction.
8. E-COMMERCE THREATS
Threats: anyone with the capability, technology,
opportunity, and intent to do harm.
Potential threats can be foreign or domestic, internal
or external, state-sponsored or a single rogue
element.
Terrorists, insiders, disgruntled employees, and
hackers are included in this profile.
13. Intellectual Property Threats
use existing materials found on the Internet without
the owner's permission, e.g., music downloading,
domain name (cybersquatting), software pirating
22. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Start by Going with an e-commerce
Platform You Know is Secure
• A secure online checkout
• Enterprise-level, layered security
• Encryption for all customer data, including
tools that don't store any of the credit card
information
• Constant fraud monitoring
• PCI compliance and scans
• Card verification value
• Address verification system
23. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Some Words on the Address Verification
System (AVS) and the Card Verification
Value (CVV)
24. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Have a Backup Plan
25. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Prevent Chargebacks with Tracking
Numbers and a Human Monitoring All
Orders
26. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
An Automated Fraud Detection System
Helps Too
27. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Configure System Alerts For When
Suspicious Activity Occurs
28. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Force Yourself and All Employees to
Have Strong Passwords
29. WAYS TO PROTECT E-COMMERCE SITE FROM HACKING AND FRAUD
Set Limits on Purchases from Accounts
on a Given Day
- Eavesdropping is secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary.[1] The practice is commonly believed to be unethical.
- A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
Sniffer program. A computer program that analyzes data on a communication network to gather intelligence, such as detecting passwords of interest that are transmitted over the Internet. Sniffers are used by crackers on compromised systems to spy on network traffic and steal access information for even more systems.2. Backdoor. A backdoor is a method, often secret, of bypassing normal authentication or encryption in a computer system, a product, or an embedded device (e.g. a home router), or its embodiment, e.g. as part of a cryptosystem, an algorithm, a chipset, or a "homunculus computer"[1] (such as that as found in Intel's AMT technology). Backdoors are often used for securing remote access to a computer, or obtaining access to plaintext in cryptographic systems.
3. a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data, thereby gaining an illegitimate advantage.
4. A denial-of-service attack is a security event that occurs when an attacker takes action that prevents legitimate users from accessing targeted computer systems, devices or other network resources.
Encryption
* Public-key encryption (asymmetric) vs Private-key encryption (symmetric) (Figure 5-6)
* Encryption standard: Data Encryption Standard (DES), Advanced Encryption Standard (AES)
Protocol
* Secure Sockets Layer (SSL) (Figure 5.10)
* Secure HyperText Transfer Protocol (S-HTTP)
Digital signature
* Bind the message originator with the exact contents of the message
* A hash function is used to transform messages into a 128-bit digest (message digest).
* The sender’s private key is used to encrypt the message digest (digital signature)
* The message + signature are sent to the receiver
* The recipient uses the hash function to recalculate the message digest
* The sender’s public key is used to decrypt the message digest
* Check to see if the recalculated message digest = decrypted message digest
Access control and authentication
* Digital signature from user
* Username and password
* Access control list
Firewalls (Figure 5.11)
* International Computer Security Association's classification:
Packet filter firewall: checks IP address of incoming packet and rejects anything that does not match the list of trusted addresses (prone to IP spoofing)
Application level proxy server: examines the application used for each individual IP packet (e.g., HTTP, FTP) to verify its authenticity.
Stateful packet inspection: examines all parts of the IP packet to determine whether or not to accept or reject the requested communication.
The Payment Card Industry Data SecurityStandard (PCI DSS) is a set of security standardsdesigned to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
We've all encountered the CVV. It's the little three digit code on the back of your credit card. With reputable ecommerce platforms with solid checkouts you're going to have this system already configured. If not, you might have to go out and find an app or a service for that. However, it's a wonderful way to prevent fraud from people who have only stolen the credit card numbers and not the CVV.
The AVS is a little different. Customers don't see this on the frontend of the site, but once again, most reputable platforms provide this service. Basically, it checks to see if the address in the billing address field matches that of the address on file for the credit card. For instance, a fraudulent user might want to send a product to their address, but a stolen credit card would have another person's address on file, triggering a warning for you.
Fraud generally doesn't cause any problems with your content, but hacking does. Even with all of your security you might end up getting hacked. In that case, there's a possibility of having to relaunch your site or bring it back from the dead.
Tracking numbers give you a clear picture of how much inventory you have and what happens to a package after it's sent out from your warehouse. Most ecommerce platforms don't require tracking numbers and you can skip the whole UPS/USPS/FedEx tracking thing, but I recommend against that. It's the only evidence you have against someone who claims they never received their package.
Check with your ecommerce platform to see which types of fraud detection tools they use. Sometimes you have to pay a little extra for this.
Every time a suspicious user is on your site, you should know. Every time a person makes a purchase with a fishy address, you should know. This notification shouldn't be sent to a random folder you made in your email inbox, because it's big news that should be addressed instantly.
Don't write passwords down, and try to change them every month. There's really no reason to remember passwords with tools like Dashlane and Roboform. These password managers make up complicated passwords to combat brute force attacks, and you don't have to think of what you made your password last time.
Let's face it. Sometimes you're not going to be able to take a look at every single sale that goes through your site. Therefore, a random fraudulent purchase might slip through the cracks and get through. However, many ecommerce platforms allow for setting limits on purchases in a given day or other time frame. For example, you might set a limit of $1,000 per day per customer.
This way, if someone comes to your site and tries to buy $5,000 worth of merchandise, your website stops the transaction and notifies you. You're given a little extra time to breath and look at the transaction, and you might even scare away a criminal.
Cash on delivery (COD), sometimes called collect on delivery, is the sale of goods by mail order where payment is made on delivery rather than in advance. If the goods are not paid for, they are returned to the retailer.
Electronic funds transfer (EFT) is the electronic transfer of money from one bank account to another, either within a single financial institution or across multiple institutions, via computer-based systems, without the direct intervention of bank staff. EFT's are known by a number of names. In the United States, they may be referred to as electronic checks or e-checks.
The term covers a number of different payment systems, for example:
cardholder-initiated transactions, using a payment card such as a credit or debit card
direct deposit payment initiated by the payer
direct debit payments for which a business debits the consumer's bank accounts for payment for goods or services
wire transfer via an international banking network such as SWIFT
electronic bill payment in online banking, which may be delivered by EFT or paper check
transactions involving stored value of electronic money, possibly in a private currency.
Credit cards such as a Visa or a MasterCard, has a preset spending limit based on the user’s credit limit.
Debit cards removes the amount of the charge from the cardholder’s account and transfers it to the seller’s bank.
A charges card is a card that provides a payment method enabling the cardholder to make purchases which are paid for by the card issuer, to whom the cardholder becomes indebted. The cardholder is obligated to repay the debt to the card issuer in full by the due date, usually on a monthly basis, or be subject to late fees and restrictions on further card use. It can also be a smart card.
Though the terms charge card and credit card are sometimes used interchangeably, they are distinct protocols of financial transactions. Credit cards are revolving credit instruments that do not need to be paid in full every month. There is no late fee payable so long as the minimum payment is made at specified intervals (usually every thirty days). The balance of the account accrues interest, which may be backdated to the date of initial purchase. Charge cards are typically issued without spending limits, whereas credit cards usually have a specified credit limit that the cardholder may not exceed.
A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside -- a normal credit card is a simple piece of plastic. The inside of a smart card usually contains an embedded microprocessor. The microprocessor is under a gold contact pad on one side of the card. Think of the microprocessor as replacing the usual magnetic stripe on a credit card or debit card.
Electronic cash is a general term that describes the attempts of several companies to create a value storage and exchange system that operates online in much the same way that government-issued currency operates in the physical world.
A system that allows a person to pay for goods or services by transmitting a number from one computer to another.
Like the serial numbers on real currency notes, the E-cash numbers are unique.
This is issued by a bank and represents a specified sum of real money.
It is anonymous and reusable.
E-Wallet allows you to store multiple credit card and bank account numbers in a secure environment, and eliminate the need to enter in account information when making your payment. Once you have registered and created E-Wallet profiles, you can make payments faster and with less typing.
Based on algorithm that generates unique tokens that can be used in “real” world
Example: Bitcoin
a type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank.
Virtual Money can be defined as a digital representation of value that is issued and controlled by its developers, and used and accepted among the members of a specific (virtual) community. Unlike regular money, it is relying on a system of trust and not issued by a central bank or other banking authority.
Circulate within internal virtual world
Example: Linden Dollars in the virtual world called Second Life, Facebook Credits