Uploaded byAnshika865276
PPTX, PDF15 views

Security Issues in E-Commerce.pptx

This document discusses various security issues related to e-commerce. It covers types of issues like privacy, authentication, non-repudiation, and phishing. It also discusses security threats including denial of service attacks, unauthorized access, and theft and fraud. Additionally, it outlines different types of securities used like encryption, decryption, cryptography, and biometric authentication.

Embed presentation

Download to read offline
SECURITY ISSUESINE-COMMERCE
CONTENTS • INTRODUCTION TO SECURITY ISSUES • TYPESOFISSUES • PRIVACY • AUTHENTICATION • NON-REPUDIATION • PHISHING • CONFIDENTIALITY
CONTINUE… • SECURITY THREATS • DENIAL OF SERVICES • UNAUTHORIZED ACCESS • THEFTAND FRAUD
CONTINUE… • TYPESOFSECURITIES • ENCRYPTION • DECRYPTION • CRYPTOGRAPHY • BIOMETRIC
INTRODUCTION • E-COMMERCE CAN BECLEARLY DEFINED ASTHE BUYINGAND SELLING OF SER- VICES OVERINTERNET. • IT CAN ALSO BEREFERREDTO AS E-BUSINESS. • WIKIPEDIA DESCRIBES MOBILE COMMERCEAS THE DELIVERY OF ELECTRONIC COMMERCE CAPABILITIES DIRECTLY INTO THE CONSUMER’S HAND. • THERE’SAN INCREASES IN E-COMMERCE AND ASA RESULTTHIS HAS LED TO A LOT OF SECURITY ISSUES PARTICULARLY IN THE MOBILE COMMERCE ARENA. • PEOPLEUSING THE INTERNET FOR COMMERCIAL TRANSACTIONS ALWAYS REMAIN AT RISK OF THEIR CONFIDENTIAL INFORMATION (PASS, CREDIT CARD)
BASIC SECURITY • AUTHENTICATION • AUTHORIZATION • CONFIDENTIALITY • INTEGRITY • NON-REPUDIATION
AUTHENTICATION • AUTHENTICATION IS DEFINED AS ESTABLISHING THE IDENTITY OF ONE PARTY TO ANOTHER. • AUTHENTICATION MECHANISMS ALWAYS WORK IN TWO DIRECTIONS • USERTHAT HAS TO PROVEHIS IDENTIFY TO AN INFORMATION SYSTEM • THE INFORMATION SYSTEMHAS TO CONFIRM THIS IDENTITY • ONCE THE AUTHENTICATION TO A SYSTEMIS PERFORMEDCORRECTLY,THE USERISAUTHORIZED FOR FURTHERACTIONS • E.G. EDITING PERSONAL SETTINGS OR CLOSING CONTRACTS.
AUTHENTICATION
AUTHORIZATION • AUTHORIZATION IS THE PROCESSOF GIVING SOMEONE PERMISSION TO DO OR HAVE SOMETHING. • THE PROCESSOF GRANTING OR DENYING ACCESSTO A NETWORK RESOURCE. • MOST COMPUTER SECURITYSYSTEMSAREBASEDON A TWO-STEP PROCESS. • THE FIRSTSTAGE ISAUTHENTICATION • WHICH ENSURESTHAT A USERISWHO HE OR SHECLAIMS TO BE • THE SECOND STAGEISAUTHORIZATION, WHICH ALLOWS THE USERACCESSTO VARIOUS RESOURCESBASED ON THE USER'SIDENTITY. • IN MULTI-USER COMPUTER SYSTEMS,A SYSTEMADMINISTRATOR DEFINESFOR THE SYSTEM WHICH USERSAREALLOWED ACCESSTO THE SYSTEMAND WHAT PRIVILEGES OFUSE • E.G.: ACCESSTO WHICH FILE DIRECTORIES, HOURS OFACCESS,AMOUNT OFALLOCATED STORAGE SPACE,AND SO FORTH.
CONTINUE…
CONTINUE…
DIFFERENCE B/W THEM
CONFIDENTIALITY • CONFIDENTIALITY ISTHE PROTECTION OF PERSONAL INFORMATION. • MEANS KEEPINGA CLIENT’S INFORMATION BETWEENYOU AND THE CLIENT, AND NOT TELLING OTHERS INCLUDING CO-WORKERS, FRIENDS, FAMILY, ETC. • INDIVIDUAL FILESARELOCKED AND SECURED • SUPPORTWORKERSDO NOT TELLOTHER PEOPLEWHAT IS IN A CLIENT’S FILE UNLESS THEY HAVE PERMISSION FROM THE CLIENT • INFORMATION ABOUT CLIENTS IS NOT TOLD TO PEOPLEWHO DO NOT NEEDTO KNOW
CONTINUE… • THE TYPESOF INFORMATION THAT IS CONSIDERED CONFIDENTIAL CAN INCLUDE: • NAME, DATE OF BIRTH, AGE, SEXAND ADDRESS • CURRENT CONTACT DETAILS OF FAMILY, GUARDIAN ETC • BANK DETAILS • SERVICE RECORDSAND FILE PROGRESSNOTES • INDIVIDUAL PERSONAL PLANS • INCOMING OR OUTGOING PERSONALCORRESPONDENCE. • PRIVACY ISABOUT PEOPLE.CONFIDENTIALITY ISABOUT DATA.
INTEGRITY • IT REFERS TO THE CORRECTNESS AND COMPLETENESS OFDATA. • RELIABLEAND TRUSTABLE (ERRORFREEDATA). • BYLOGICAL MEANS (IN THE DATA BASEDATA MUST BE CONSISTENT) • ENSURING THAT INFORMATION WILL NOT BEACCIDENTLY OR MALICIOUSLY ALTERED OR DESTROYED.
NON REPUDIATION • NONREPUDIATION ISTHE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING. • TO REPUDIATE MEANS TO DENY. • FOR MANY YEARS,AUTHORITIES HAVE SOUGHT TO MAKE REPUDIATION IMPOSSIBLE IN SOMESITUATIONS. • YOU MIGHT SEND REGISTEREDMAIL, FOR EXAMPLE, SOTHE RECIPIENT CANNOT DENY THAT A LETTER WAS DELIVERED. • SIMILARLY, A LEGAL DOCUMENT TYPICALLY REQUIRESWITNESSESTO SIGNING SOTHAT THE PERSONWHO SIGNS CANNOT DENY HAVING DONE SO.
CONTINUE… • A DIGITAL SIGNATURE IS USEDNOT ONLY TO ENSURETHAT A MESSAGEOR DOCUMENT HAS BEENELECTRONICALLY SIGNED BYTHE PERSONBUT ALSO, • SINCEA DIGITAL SIGNATURE CAN ONLY BECREATED BYONE PERSON • TO ENSURETHAT A PERSONCANNOT LATER DENY THAT THEY FURNISHED THE SIGNATURE. • SINCE NO SECURITYTECHNOLOGY ISABSOLUTELYFOOL-PROOF, • IT IS SUGGESTEDTHAT MULTIPLEAPPROACHES BEUSED, SUCH AS • CAPTURING UNIQUE BIOMETRIC INFORMATION • AND OTHER DATA ABOUT THE SENDEROR SIGNERTHAT COLLECTIVELY WOULD BE DIFFICULT TO REPUDIATE.
THE BIGGESTE-COMMERCE SECURITY ISSUES • PRIVACY ISSUES • PHISHING
PRIVACY • COMPROMISED PRIVACY IS ONE OF THE MOST COMPLICATED PROBLEM. • THEY GATHER, AND THEYARERESPONSIBLEFOR, PERSONALDATA THAT AREIDENTIFIABLE, AND MAY TRIGGER IDENTITY THEFT AND IMPERSONATION. • CURRENTLY, ANY RISKTAKEN IN THE FORM OFAN E-COMMERCE TRANSACTION LIESIN THE HANDS OF THE PROVIDER. FOR EXAMPLE, PAYPAL, AMAZON ETC… • FORTY-ONE PERCENTOF WEBBUYERSSURVEYEDLAST YEARTHEY SAID THEY HAVE CONTACTED A SITETO BETAKEN OFF THEIR DATABASES BECAUSETHEY FELTTHAT THE ORGANIZATION USEDTHEIR
CONTINUE… • MOST ONLINE CONSUMERSAREAWARE THAT VARIOUS WEBSITESARECOLLECT- ING AND STORING THEIR PRIVATE INFORMATION. • THEY FEAR, SOMETIMES RIGHTLY, THAT IF THIS DATA WERETO FALL INTO THE WRONG HANDS, THEY COULD BEIMPERSONATED AND PERHAPSLEFT OUT OF POCKET
PHISHING • IT ISTHE CRIMINALLY FRAUDULENT PROCESSTO ACQUIRE SENSITIVE INFORMATION SUCH AS • USERNAMES, PASSWORDSAND CREDIT CARD DETAILS, BYPRETENDING ASA TRUSTWORTHY ENTITY. • PHISHING SCAMS GENERALLYARECARRIED OUT BYEMAILING THE VICTIM WITH A ‘FRAUDULENT’ EMAILS. • WHEN THE VICTIM FOLLOWSTHE LINK EMBEDDED WITHIN THE EMAIL THEYARE BROUGHT TO AN ELABORATEAND SOPHISTICATED DUPLICATE OF THE LEGITIMATE ORGANIZATIONS WEBSITE. • PHISHING ATTACKS GENERALLY TARGET • BANK CUSTOMERS, ONLINE AUCTION SITES(SUCH AS EBAY), • ONLINE RETAILERS(SUCH ASAMAZON)
CONTINUE…
SECURITY THREATS DENIAL OF SERVICES UNAUTHORIZED ACCESS THEFTAND FRAUD
DENIAL OF SERVICES ATTACK • DENIAL OF SERVICE(DOS) ATTACKS CONSIST OF OVERWHELMINGA SERVER,A NETWORK ORA WEBSITEIN ORDER TO PARALYZE ITS NORMAL ACTIVITY . • DEFENDING AGAINST DOSATTACKS IS ONE OF THE MOST CHALLENGING SECURITY PROBLEMSON THE INTERNET TODAY. • SYMPTOMS OF DENIAL-OF-SERVICE ATTACKS TO INCLUDE • UNUSUALLY SLOW NETWORK PERFORMANCE • UNAVAILABILITY OF A PARTICULAR WEBSITE
CONTINUE… • INABILITY TO ACCESSANY WEBSITE • DRAMATIC INCREASE IN THE NUMBER OF SPAM EMAILSRECEIVED • PHLASHING – ALSO KNOWN AS A PERMANENT DENIAL-OF-SERVICE (PDOS) IS AN ATTACK THAT DAMAGES A SYSTEMSOBADLY THAT IT REQUIRESREPLACEMENT OR REINSTALLATION OF HARDWARE • RECENTLY TWITTER WASTHE SUBJECTOF A DOS ATTACK.
UNAUTHORIZED ACCESS • WHENA PERSONWHO DOES NOT HAVE PERMISSIONTO CONNECT TO OR USEA SYSTEMGAINS ENTRY IN A MANNER UN-INTENDED BYTHE SYSTEM OWNER. • THE POPULARTERM FORTHIS IS “HACKING” • INFORMATION TO SECUREYOUR SYSTEM : • CHANGE PASSWORDSOFTEN. IT IS RECOMMENDEDAT LEAST ONCE EVERYFEW MONTHS. • CREATEA BIOSPASSWORD. • WHEN CREATING A PASSWORD,ADD NUMBERS OR OTHER CHARACTERS TO THE PASSWORDTO MAKE IT MORE DIFFICULT TO GUESS;FOR EXAMPLE: 1MYPASSWORD23!.
THEFT AND FRAUD • CARD-BASED PAYMENTS FRAUD: • INTERNET PAYMENT FRAUD IS CONSTANTLY INCREASING, AND IS, APPARENTLY, UNSTOPPABLE • THE NUMBER OF FRAUD CASESHAS INCREASED BY19 PERCENTCOMPARED TO 2013 • FRAUD ISNOT EXCLUSIVETO CREDIT CARD PAYMENTS • USEOF MALWARE TO COMMAND ONLINE BANKING LOGINS VIA PHONES, TABLETS AND COMPUTERS • USING THE STOLEN BANK ACCOUNT DETAILS TO MAKE FRAUDULENT PAYMENTS • ALTERNATIVE” PAYMENT METHODS AREALSO ATTRACTING CRIMINALS • FRAUD OCCURS WHEN THE STOLEN DATA ISUSED OR MODIFIED.
DIFFERENCE • FRAUD HAS THE INTENTION OF HIDING THE CRIMINAL ACT OF STEALING, • WHILE THEFT DOES NOT. • THIEVES KNOW THEY CAN’T HIDE THE ACT SOTHEY DON’T MAKE MUCH EFFORT TO HIDE IT, • WHILE THE FRAUDSTER MAKESAN EXTRAEFFORTTO HIDE THE ACT. • BANK ROBBERYISTHEFT WHILE BANK EMBEZZLEMENT(GHAPLA) IS FRAUD.
TYPESOF SECURITIES ENCRYPTION DECRYPTION CRYPTOGRAPHY BIOMETRIC TWO STEP VERIFICATION
ENCRYPTION • THUS "ENCRYPTION" BASICALLY IS SOME PROCESSORALGORITHM (KNOWN AS A CIPHER) TO MAKE INFORMATION HIDDEN OR SECRET • THE PROCESSOF SCRAMBLING A MESSAGEIN SUCHA WAY THAT IT IS DIFFICULT, EXPECTING OR TIME CONSUMING FORAN UNAUTHORIZED PERSON TO UNSCRAMBLE (DECRYPT) IT. • METHODS OF ENCRYPTION: HASHING, SYMMETRIC METHODS ,ASYMMETRIC METHODS
DECRYPTION • THE PROCESSOF UNSCRAMBLING A MESSAGEIN SUCHA WAY THAT IT IS UNDERSTAND BYUNAUTHORIZED PERSON.
CONTINUE…
CRYPTOGRAPHY • CRYPTO" STANDS FOR "HIDDEN, SECRET", • AND "GRAPHY" DENOTES "A PROCESSORFORMOFDRAWING, WRITING, REPRESENTING,RECORDING, DESCRIBING, ETC., • CRYPTOGRAPHY ISTHE SCIENCE CONCERNED WITH THE STUDY OF SECRET COMMUNICATION • THE CONVERSION OF INFORMATION FROMA READABLE STATE TO APPARENT NONSENSE.
BIOMETRIC • IT REPLACESTHE TRADITIONAL VERIFICATION METHODS OF SHOWING IDENTITY CARDS • OR ENTERING PASSWORDS • WITH THE SCANNING OF FINGERPRINTS, • FACE • ORAPALM. • BIOMETRICS ALSO INCLUDES THE IDENTIFICATION OF BEHAVIORAL ASPECTS SUCH AS • VOICE • SIGNATURE • OR THE WAYA USERSTRIKESTHE KEYSON A KEYBOARD.
CONTINUE… • BIOMETRICS ASSISTS CUSTOMERS IN RETAINING THEIR IDENTITY RATHER THAN REMEMBERING PASSWORDS, CODES, OR SECRETQUESTIONS.
TECHNOLOGIES USED TODAY
TWO STEP VERIFICATION • TWO-STEP VERIFICATION ISA PROCESSTHAT INVOLVES TWO AUTHENTICATION METHODS • PERFORMEDONEAFTER THE OTHER TO VERIFYTHAT SOMEONE OR SOMETHING REQUESTINGTO ACCESS IS WHO OR WHAT THEYAREDECLARED TO BE. • 2-STEP VERIFICATION. • YOU ADD AN EXTRALAYER OF SECURITYTO YOUR ACCOUNT. • YOU SIGN IN WITH SOMETHING YOU KNOW (YOUR PASSWORD) • AND SOMETHING YOU HAVE (A CODE SENTTO YOUR PHONE). • EVEN IF SOMEONE ELSEFINDS YOUR PASSWORD,THEY'LL BESTOPPEDIF THEY DON'T HAVE ACCESSTO YOUR SECURITY INFO
CONTINUE… • IF YOU TURN ON TWO-STEP VERIFICATION, • YOU’LL GETA SECURITY CODE TO YOUR EMAIL, PHONE, ORAUTHENTICATOR APPEVERYTIME YOU SIGN IN ON A DEVICE THAT ISN'T TRUSTED.
Security Issues in E-Commerce.pptx

More Related Content

PPTX
Security issues in e commerce
bysadaf tst
 
PPTX
Types of Cyber Crimes and Security Threats
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
PPTX
Security for e commerce
byMohsin Ahmad
 
PPTX
Security Threats in E-Commerce
byDattatreya Reddy Peram
 
PPTX
Security Environment in Online Systems and Issues
byArnav Chowdhury
 
PPTX
Security issues in e business
byRahul Kumar
 
PPTX
Security issues in E-commerce
bynikitaTahilyani1
 
PPTX
Ecommerce_Ch4.pptx
byAYNETUTEREFE1
 
Security issues in e commerce
bysadaf tst
 
Types of Cyber Crimes and Security Threats
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Security for e commerce
byMohsin Ahmad
 
Security Threats in E-Commerce
byDattatreya Reddy Peram
 
Security Environment in Online Systems and Issues
byArnav Chowdhury
 
Security issues in e business
byRahul Kumar
 
Security issues in E-commerce
bynikitaTahilyani1
 
Ecommerce_Ch4.pptx
byAYNETUTEREFE1
 

Similar to Security Issues in E-Commerce.pptx

PPT
Eamonn O Raghallaigh The Major Security Issues In E Commerce
byEamonnORagh
 
PPTX
Data security
byHitesh Kumar
 
PPT
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
PPTX
Cyber Security
byDeepak Shrivastava
 
PDF
E Commerce security
byMayank Kashyap
 
PPT
Introduction to Computer Forensics & Cyber Security
bypivisoc989
 
PPTX
Basics of Cyber Security in the Modern Era
byAaradhyaDixit6
 
PDF
Masterclass_ Cybersecurity and Data Privacy Basics
byExcellence Foundation for South Sudan
 
PPTX
INTERNETSECURITY with the different threats
byPrabinPathak5
 
PDF
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
bymohammedSALEH189
 
PDF
50120130406020
byIAEME Publication
 
PPTX
Access Control - Week 4
byjemtallon
 
PPTX
Chp4:Data and Privacy.pptx
byAsmajaved42
 
PDF
UNIT 6. Cyber Security Awareness and Practicespptx.pdf
byjeroldpagaura3
 
PDF
Unit 3B.pdf
byTuhinUtsabPaul
 
PDF
e commerce security and fraud protection
bytumetr1
 
PPTX
IT security
byAman Jain
 
PDF
9626 chapter 5 e security
bySixth-form
 
PPTX
2016 Secure World Expo - Security Awareness
byPedro Serrano
 
PPTX
INFORMATION SECURITY SYSTEM
byANAND MURALI
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
byEamonnORagh
 
Data security
byHitesh Kumar
 
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
Cyber Security
byDeepak Shrivastava
 
E Commerce security
byMayank Kashyap
 
Introduction to Computer Forensics & Cyber Security
bypivisoc989
 
Basics of Cyber Security in the Modern Era
byAaradhyaDixit6
 
Masterclass_ Cybersecurity and Data Privacy Basics
byExcellence Foundation for South Sudan
 
INTERNETSECURITY with the different threats
byPrabinPathak5
 
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
bymohammedSALEH189
 
50120130406020
byIAEME Publication
 
Access Control - Week 4
byjemtallon
 
Chp4:Data and Privacy.pptx
byAsmajaved42
 
UNIT 6. Cyber Security Awareness and Practicespptx.pdf
byjeroldpagaura3
 
Unit 3B.pdf
byTuhinUtsabPaul
 
e commerce security and fraud protection
bytumetr1
 
IT security
byAman Jain
 
9626 chapter 5 e security
bySixth-form
 
2016 Secure World Expo - Security Awareness
byPedro Serrano
 
INFORMATION SECURITY SYSTEM
byANAND MURALI
 

More from Anshika865276

PPTX
Advanced Data Analytics techniques .pptx
byAnshika865276
 
PPT
Advanced Data Analytics with R Programming.ppt
byAnshika865276
 
PPTX
Introduction and Concept of Concurrent Engineering.pptx
byAnshika865276
 
PPTX
Innovation Classification and Types and Phases.pptx
byAnshika865276
 
PPTX
INNOVATIONS MANAGEMENT and Process of Innovation.pptx
byAnshika865276
 
PPT
Different Sources of financing Businesses.ppt
byAnshika865276
 
PPT
Capital Structure - Concept and Theories.ppt
byAnshika865276
 
PPT
Machine Learning and Artificial Neural Networks.ppt
byAnshika865276
 
PPT
Introduction to Machine Learning and different types of Learning
byAnshika865276
 
PPTX
Overview of Business Models.pptx
byAnshika865276
 
PPTX
Impact of E-Commerce.pptx
byAnshika865276
 
PPTX
Electronic Commerce Technologies.pptx
byAnshika865276
 
PPTX
2. CONCEPT OF INFORMATION.pptx
byAnshika865276
 
PPTX
Presentation.pptx
byAnshika865276
 
PDF
Types of Products.pdf
byAnshika865276
 
PDF
bussinesscommunicationfinal-181130112044.pdf
byAnshika865276
 
PPTX
Group Discussion and Interviews.pptx
byAnshika865276
 
PPTX
The_Financial_System.pptx
byAnshika865276
 
PPTX
Personal Selling.pptx
byAnshika865276
 
PPTX
Brand and Branding Strategy.pptx
byAnshika865276
 
Advanced Data Analytics techniques .pptx
byAnshika865276
 
Advanced Data Analytics with R Programming.ppt
byAnshika865276
 
Introduction and Concept of Concurrent Engineering.pptx
byAnshika865276
 
Innovation Classification and Types and Phases.pptx
byAnshika865276
 
INNOVATIONS MANAGEMENT and Process of Innovation.pptx
byAnshika865276
 
Different Sources of financing Businesses.ppt
byAnshika865276
 
Capital Structure - Concept and Theories.ppt
byAnshika865276
 
Machine Learning and Artificial Neural Networks.ppt
byAnshika865276
 
Introduction to Machine Learning and different types of Learning
byAnshika865276
 
Overview of Business Models.pptx
byAnshika865276
 
Impact of E-Commerce.pptx
byAnshika865276
 
Electronic Commerce Technologies.pptx
byAnshika865276
 
2. CONCEPT OF INFORMATION.pptx
byAnshika865276
 
Presentation.pptx
byAnshika865276
 
Types of Products.pdf
byAnshika865276
 
bussinesscommunicationfinal-181130112044.pdf
byAnshika865276
 
Group Discussion and Interviews.pptx
byAnshika865276
 
The_Financial_System.pptx
byAnshika865276
 
Personal Selling.pptx
byAnshika865276
 
Brand and Branding Strategy.pptx
byAnshika865276
 

Recently uploaded

PDF
How to Buy Verified Bybit Accounts in 2026.pdf
bymarketing
 
DOCX
Best Place to Learn Old or Aged Verified Square Accounts in WWW.docx
byTopSelleriT
 
PDF
Prasenjit Bhaumik Plano - Proficient In JavaScript, Python, And Database Mana...
byPrasenjit Bhaumik Plano
 
PDF
How To B,u,y Verified Cash App Accounts – Understanding Safe Usage, BTC Featu...
byapasanilion108
 
DOCX
Buy Instagram Account Purchase_ A Safe and Secure Approach.docx
bybarbeymcdanielokczz
 
PDF
Comments on Ultra Map Section II Multifaceted Second Edition.pdf
byBrij Consulting, LLC
 
PPTX
Levels of Management: Top, Middle and Lower Management Explained
bychrispshajugig
 
PDF
AnyDesk, The Leading Remote Desktop Software | AnyDesk, o software líder em a...
byTechMeetups
 
PDF
John Michael Philbin - An Avid Hiking Enthusiast
byJohn Michael Philbin
 
PDF
Andria Sergio - Known For Her Accuracy And Professionalism
byAndria Sergio
 
PDF
AI,Analytics, Digital HR, Agentic AI.pdf
bypgp25chinica
 
DOCX
8 Best Places to Buy Facebook Accounts at Wholesale Prices.docx
byFacebook Accounts
 
PDF
Stablecoins beyond narrow banking - Lombard Notes
byGiorgio Giuliani
 
PDF
Safe Ways to Purchase Gmail Accounts (PVA & Aged) for Your Team.pdf
bypvaisback
 
PDF
Kirill Klip GEM Royalty TNR Gold Presentation
byKirill Klip
 
DOCX
SEO's & Digital Marketing Case Study 2026
bypalwasha57
 
PDF
How Oversize Embroidery Design Size Is Measured
byInkdnylon
 
DOCX
Buy Old Gmail Accounts_ Top Benefits and Legal Considerations.docx
bypvasmmpath
 
DOCX
Buy Verified Paypal Accounts_ A Safely Complete Guide Usa.docx
bynicakala
 
DOCX
How to Buy Verified Bybit Accounts in 2026 not risk .docx
bymarketing
 
How to Buy Verified Bybit Accounts in 2026.pdf
bymarketing
 
Best Place to Learn Old or Aged Verified Square Accounts in WWW.docx
byTopSelleriT
 
Prasenjit Bhaumik Plano - Proficient In JavaScript, Python, And Database Mana...
byPrasenjit Bhaumik Plano
 
How To B,u,y Verified Cash App Accounts – Understanding Safe Usage, BTC Featu...
byapasanilion108
 
Buy Instagram Account Purchase_ A Safe and Secure Approach.docx
bybarbeymcdanielokczz
 
Comments on Ultra Map Section II Multifaceted Second Edition.pdf
byBrij Consulting, LLC
 
Levels of Management: Top, Middle and Lower Management Explained
bychrispshajugig
 
AnyDesk, The Leading Remote Desktop Software | AnyDesk, o software líder em a...
byTechMeetups
 
John Michael Philbin - An Avid Hiking Enthusiast
byJohn Michael Philbin
 
Andria Sergio - Known For Her Accuracy And Professionalism
byAndria Sergio
 
AI,Analytics, Digital HR, Agentic AI.pdf
bypgp25chinica
 
8 Best Places to Buy Facebook Accounts at Wholesale Prices.docx
byFacebook Accounts
 
Stablecoins beyond narrow banking - Lombard Notes
byGiorgio Giuliani
 
Safe Ways to Purchase Gmail Accounts (PVA & Aged) for Your Team.pdf
bypvaisback
 
Kirill Klip GEM Royalty TNR Gold Presentation
byKirill Klip
 
SEO's & Digital Marketing Case Study 2026
bypalwasha57
 
How Oversize Embroidery Design Size Is Measured
byInkdnylon
 
Buy Old Gmail Accounts_ Top Benefits and Legal Considerations.docx
bypvasmmpath
 
Buy Verified Paypal Accounts_ A Safely Complete Guide Usa.docx
bynicakala
 
How to Buy Verified Bybit Accounts in 2026 not risk .docx
bymarketing
 

Security Issues in E-Commerce.pptx

  • 1.
  • 2.
    CONTENTS • INTRODUCTION TOSECURITY ISSUES • TYPESOFISSUES • PRIVACY • AUTHENTICATION • NON-REPUDIATION • PHISHING • CONFIDENTIALITY
  • 3.
    CONTINUE… • SECURITY THREATS •DENIAL OF SERVICES • UNAUTHORIZED ACCESS • THEFTAND FRAUD
  • 4.
    CONTINUE… • TYPESOFSECURITIES • ENCRYPTION •DECRYPTION • CRYPTOGRAPHY • BIOMETRIC
  • 5.
    INTRODUCTION • E-COMMERCE CANBECLEARLY DEFINED ASTHE BUYINGAND SELLING OF SER- VICES OVERINTERNET. • IT CAN ALSO BEREFERREDTO AS E-BUSINESS. • WIKIPEDIA DESCRIBES MOBILE COMMERCEAS THE DELIVERY OF ELECTRONIC COMMERCE CAPABILITIES DIRECTLY INTO THE CONSUMER’S HAND. • THERE’SAN INCREASES IN E-COMMERCE AND ASA RESULTTHIS HAS LED TO A LOT OF SECURITY ISSUES PARTICULARLY IN THE MOBILE COMMERCE ARENA. • PEOPLEUSING THE INTERNET FOR COMMERCIAL TRANSACTIONS ALWAYS REMAIN AT RISK OF THEIR CONFIDENTIAL INFORMATION (PASS, CREDIT CARD)
  • 6.
    BASIC SECURITY • AUTHENTICATION •AUTHORIZATION • CONFIDENTIALITY • INTEGRITY • NON-REPUDIATION
  • 7.
    AUTHENTICATION • AUTHENTICATION ISDEFINED AS ESTABLISHING THE IDENTITY OF ONE PARTY TO ANOTHER. • AUTHENTICATION MECHANISMS ALWAYS WORK IN TWO DIRECTIONS • USERTHAT HAS TO PROVEHIS IDENTIFY TO AN INFORMATION SYSTEM • THE INFORMATION SYSTEMHAS TO CONFIRM THIS IDENTITY • ONCE THE AUTHENTICATION TO A SYSTEMIS PERFORMEDCORRECTLY,THE USERISAUTHORIZED FOR FURTHERACTIONS • E.G. EDITING PERSONAL SETTINGS OR CLOSING CONTRACTS.
  • 8.
  • 9.
    AUTHORIZATION • AUTHORIZATION ISTHE PROCESSOF GIVING SOMEONE PERMISSION TO DO OR HAVE SOMETHING. • THE PROCESSOF GRANTING OR DENYING ACCESSTO A NETWORK RESOURCE. • MOST COMPUTER SECURITYSYSTEMSAREBASEDON A TWO-STEP PROCESS. • THE FIRSTSTAGE ISAUTHENTICATION • WHICH ENSURESTHAT A USERISWHO HE OR SHECLAIMS TO BE • THE SECOND STAGEISAUTHORIZATION, WHICH ALLOWS THE USERACCESSTO VARIOUS RESOURCESBASED ON THE USER'SIDENTITY. • IN MULTI-USER COMPUTER SYSTEMS,A SYSTEMADMINISTRATOR DEFINESFOR THE SYSTEM WHICH USERSAREALLOWED ACCESSTO THE SYSTEMAND WHAT PRIVILEGES OFUSE • E.G.: ACCESSTO WHICH FILE DIRECTORIES, HOURS OFACCESS,AMOUNT OFALLOCATED STORAGE SPACE,AND SO FORTH.
  • 10.
  • 11.
  • 12.
  • 13.
    CONFIDENTIALITY • CONFIDENTIALITY ISTHEPROTECTION OF PERSONAL INFORMATION. • MEANS KEEPINGA CLIENT’S INFORMATION BETWEENYOU AND THE CLIENT, AND NOT TELLING OTHERS INCLUDING CO-WORKERS, FRIENDS, FAMILY, ETC. • INDIVIDUAL FILESARELOCKED AND SECURED • SUPPORTWORKERSDO NOT TELLOTHER PEOPLEWHAT IS IN A CLIENT’S FILE UNLESS THEY HAVE PERMISSION FROM THE CLIENT • INFORMATION ABOUT CLIENTS IS NOT TOLD TO PEOPLEWHO DO NOT NEEDTO KNOW
  • 14.
    CONTINUE… • THE TYPESOFINFORMATION THAT IS CONSIDERED CONFIDENTIAL CAN INCLUDE: • NAME, DATE OF BIRTH, AGE, SEXAND ADDRESS • CURRENT CONTACT DETAILS OF FAMILY, GUARDIAN ETC • BANK DETAILS • SERVICE RECORDSAND FILE PROGRESSNOTES • INDIVIDUAL PERSONAL PLANS • INCOMING OR OUTGOING PERSONALCORRESPONDENCE. • PRIVACY ISABOUT PEOPLE.CONFIDENTIALITY ISABOUT DATA.
  • 15.
    INTEGRITY • IT REFERSTO THE CORRECTNESS AND COMPLETENESS OFDATA. • RELIABLEAND TRUSTABLE (ERRORFREEDATA). • BYLOGICAL MEANS (IN THE DATA BASEDATA MUST BE CONSISTENT) • ENSURING THAT INFORMATION WILL NOT BEACCIDENTLY OR MALICIOUSLY ALTERED OR DESTROYED.
  • 16.
    NON REPUDIATION • NONREPUDIATIONISTHE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING. • TO REPUDIATE MEANS TO DENY. • FOR MANY YEARS,AUTHORITIES HAVE SOUGHT TO MAKE REPUDIATION IMPOSSIBLE IN SOMESITUATIONS. • YOU MIGHT SEND REGISTEREDMAIL, FOR EXAMPLE, SOTHE RECIPIENT CANNOT DENY THAT A LETTER WAS DELIVERED. • SIMILARLY, A LEGAL DOCUMENT TYPICALLY REQUIRESWITNESSESTO SIGNING SOTHAT THE PERSONWHO SIGNS CANNOT DENY HAVING DONE SO.
  • 17.
    CONTINUE… • A DIGITALSIGNATURE IS USEDNOT ONLY TO ENSURETHAT A MESSAGEOR DOCUMENT HAS BEENELECTRONICALLY SIGNED BYTHE PERSONBUT ALSO, • SINCEA DIGITAL SIGNATURE CAN ONLY BECREATED BYONE PERSON • TO ENSURETHAT A PERSONCANNOT LATER DENY THAT THEY FURNISHED THE SIGNATURE. • SINCE NO SECURITYTECHNOLOGY ISABSOLUTELYFOOL-PROOF, • IT IS SUGGESTEDTHAT MULTIPLEAPPROACHES BEUSED, SUCH AS • CAPTURING UNIQUE BIOMETRIC INFORMATION • AND OTHER DATA ABOUT THE SENDEROR SIGNERTHAT COLLECTIVELY WOULD BE DIFFICULT TO REPUDIATE.
  • 18.
    THE BIGGESTE-COMMERCE SECURITYISSUES • PRIVACY ISSUES • PHISHING
  • 19.
    PRIVACY • COMPROMISED PRIVACYIS ONE OF THE MOST COMPLICATED PROBLEM. • THEY GATHER, AND THEYARERESPONSIBLEFOR, PERSONALDATA THAT AREIDENTIFIABLE, AND MAY TRIGGER IDENTITY THEFT AND IMPERSONATION. • CURRENTLY, ANY RISKTAKEN IN THE FORM OFAN E-COMMERCE TRANSACTION LIESIN THE HANDS OF THE PROVIDER. FOR EXAMPLE, PAYPAL, AMAZON ETC… • FORTY-ONE PERCENTOF WEBBUYERSSURVEYEDLAST YEARTHEY SAID THEY HAVE CONTACTED A SITETO BETAKEN OFF THEIR DATABASES BECAUSETHEY FELTTHAT THE ORGANIZATION USEDTHEIR
  • 20.
    CONTINUE… • MOST ONLINECONSUMERSAREAWARE THAT VARIOUS WEBSITESARECOLLECT- ING AND STORING THEIR PRIVATE INFORMATION. • THEY FEAR, SOMETIMES RIGHTLY, THAT IF THIS DATA WERETO FALL INTO THE WRONG HANDS, THEY COULD BEIMPERSONATED AND PERHAPSLEFT OUT OF POCKET
  • 21.
    PHISHING • IT ISTHECRIMINALLY FRAUDULENT PROCESSTO ACQUIRE SENSITIVE INFORMATION SUCH AS • USERNAMES, PASSWORDSAND CREDIT CARD DETAILS, BYPRETENDING ASA TRUSTWORTHY ENTITY. • PHISHING SCAMS GENERALLYARECARRIED OUT BYEMAILING THE VICTIM WITH A ‘FRAUDULENT’ EMAILS. • WHEN THE VICTIM FOLLOWSTHE LINK EMBEDDED WITHIN THE EMAIL THEYARE BROUGHT TO AN ELABORATEAND SOPHISTICATED DUPLICATE OF THE LEGITIMATE ORGANIZATIONS WEBSITE. • PHISHING ATTACKS GENERALLY TARGET • BANK CUSTOMERS, ONLINE AUCTION SITES(SUCH AS EBAY), • ONLINE RETAILERS(SUCH ASAMAZON)
  • 22.
  • 23.
    SECURITY THREATS DENIAL OFSERVICES UNAUTHORIZED ACCESS THEFTAND FRAUD
  • 24.
    DENIAL OF SERVICESATTACK • DENIAL OF SERVICE(DOS) ATTACKS CONSIST OF OVERWHELMINGA SERVER,A NETWORK ORA WEBSITEIN ORDER TO PARALYZE ITS NORMAL ACTIVITY . • DEFENDING AGAINST DOSATTACKS IS ONE OF THE MOST CHALLENGING SECURITY PROBLEMSON THE INTERNET TODAY. • SYMPTOMS OF DENIAL-OF-SERVICE ATTACKS TO INCLUDE • UNUSUALLY SLOW NETWORK PERFORMANCE • UNAVAILABILITY OF A PARTICULAR WEBSITE
  • 25.
    CONTINUE… • INABILITY TOACCESSANY WEBSITE • DRAMATIC INCREASE IN THE NUMBER OF SPAM EMAILSRECEIVED • PHLASHING – ALSO KNOWN AS A PERMANENT DENIAL-OF-SERVICE (PDOS) IS AN ATTACK THAT DAMAGES A SYSTEMSOBADLY THAT IT REQUIRESREPLACEMENT OR REINSTALLATION OF HARDWARE • RECENTLY TWITTER WASTHE SUBJECTOF A DOS ATTACK.
  • 27.
    UNAUTHORIZED ACCESS • WHENAPERSONWHO DOES NOT HAVE PERMISSIONTO CONNECT TO OR USEA SYSTEMGAINS ENTRY IN A MANNER UN-INTENDED BYTHE SYSTEM OWNER. • THE POPULARTERM FORTHIS IS “HACKING” • INFORMATION TO SECUREYOUR SYSTEM : • CHANGE PASSWORDSOFTEN. IT IS RECOMMENDEDAT LEAST ONCE EVERYFEW MONTHS. • CREATEA BIOSPASSWORD. • WHEN CREATING A PASSWORD,ADD NUMBERS OR OTHER CHARACTERS TO THE PASSWORDTO MAKE IT MORE DIFFICULT TO GUESS;FOR EXAMPLE: 1MYPASSWORD23!.
  • 28.
    THEFT AND FRAUD •CARD-BASED PAYMENTS FRAUD: • INTERNET PAYMENT FRAUD IS CONSTANTLY INCREASING, AND IS, APPARENTLY, UNSTOPPABLE • THE NUMBER OF FRAUD CASESHAS INCREASED BY19 PERCENTCOMPARED TO 2013 • FRAUD ISNOT EXCLUSIVETO CREDIT CARD PAYMENTS • USEOF MALWARE TO COMMAND ONLINE BANKING LOGINS VIA PHONES, TABLETS AND COMPUTERS • USING THE STOLEN BANK ACCOUNT DETAILS TO MAKE FRAUDULENT PAYMENTS • ALTERNATIVE” PAYMENT METHODS AREALSO ATTRACTING CRIMINALS • FRAUD OCCURS WHEN THE STOLEN DATA ISUSED OR MODIFIED.
  • 29.
    DIFFERENCE • FRAUD HASTHE INTENTION OF HIDING THE CRIMINAL ACT OF STEALING, • WHILE THEFT DOES NOT. • THIEVES KNOW THEY CAN’T HIDE THE ACT SOTHEY DON’T MAKE MUCH EFFORT TO HIDE IT, • WHILE THE FRAUDSTER MAKESAN EXTRAEFFORTTO HIDE THE ACT. • BANK ROBBERYISTHEFT WHILE BANK EMBEZZLEMENT(GHAPLA) IS FRAUD.
  • 30.
  • 31.
    ENCRYPTION • THUS "ENCRYPTION"BASICALLY IS SOME PROCESSORALGORITHM (KNOWN AS A CIPHER) TO MAKE INFORMATION HIDDEN OR SECRET • THE PROCESSOF SCRAMBLING A MESSAGEIN SUCHA WAY THAT IT IS DIFFICULT, EXPECTING OR TIME CONSUMING FORAN UNAUTHORIZED PERSON TO UNSCRAMBLE (DECRYPT) IT. • METHODS OF ENCRYPTION: HASHING, SYMMETRIC METHODS ,ASYMMETRIC METHODS
  • 33.
    DECRYPTION • THE PROCESSOFUNSCRAMBLING A MESSAGEIN SUCHA WAY THAT IT IS UNDERSTAND BYUNAUTHORIZED PERSON.
  • 34.
  • 35.
    CRYPTOGRAPHY • CRYPTO" STANDSFOR "HIDDEN, SECRET", • AND "GRAPHY" DENOTES "A PROCESSORFORMOFDRAWING, WRITING, REPRESENTING,RECORDING, DESCRIBING, ETC., • CRYPTOGRAPHY ISTHE SCIENCE CONCERNED WITH THE STUDY OF SECRET COMMUNICATION • THE CONVERSION OF INFORMATION FROMA READABLE STATE TO APPARENT NONSENSE.
  • 36.
    BIOMETRIC • IT REPLACESTHETRADITIONAL VERIFICATION METHODS OF SHOWING IDENTITY CARDS • OR ENTERING PASSWORDS • WITH THE SCANNING OF FINGERPRINTS, • FACE • ORAPALM. • BIOMETRICS ALSO INCLUDES THE IDENTIFICATION OF BEHAVIORAL ASPECTS SUCH AS • VOICE • SIGNATURE • OR THE WAYA USERSTRIKESTHE KEYSON A KEYBOARD.
  • 37.
    CONTINUE… • BIOMETRICS ASSISTSCUSTOMERS IN RETAINING THEIR IDENTITY RATHER THAN REMEMBERING PASSWORDS, CODES, OR SECRETQUESTIONS.
  • 38.
  • 39.
    TWO STEP VERIFICATION •TWO-STEP VERIFICATION ISA PROCESSTHAT INVOLVES TWO AUTHENTICATION METHODS • PERFORMEDONEAFTER THE OTHER TO VERIFYTHAT SOMEONE OR SOMETHING REQUESTINGTO ACCESS IS WHO OR WHAT THEYAREDECLARED TO BE. • 2-STEP VERIFICATION. • YOU ADD AN EXTRALAYER OF SECURITYTO YOUR ACCOUNT. • YOU SIGN IN WITH SOMETHING YOU KNOW (YOUR PASSWORD) • AND SOMETHING YOU HAVE (A CODE SENTTO YOUR PHONE). • EVEN IF SOMEONE ELSEFINDS YOUR PASSWORD,THEY'LL BESTOPPEDIF THEY DON'T HAVE ACCESSTO YOUR SECURITY INFO
  • 40.
    CONTINUE… • IF YOUTURN ON TWO-STEP VERIFICATION, • YOU’LL GETA SECURITY CODE TO YOUR EMAIL, PHONE, ORAUTHENTICATOR APPEVERYTIME YOU SIGN IN ON A DEVICE THAT ISN'T TRUSTED.