Skip to main content

The Impact of Security on E-Commerce

E-commerce is exchange of goods and services online. Most major brands all over the world are present online through websites and digital advertising. Some of these brands do not even have physical buildings built of bricks and mortar. E-commerce is not just limited by business to consumer transactions; it also extends to business to business transactions. An example of a business to business transaction is between a manufacturer and a wholesaler or distributor. Retailers adopt different models of doing business when operating online. Many manufacturers that are involved in E-commerce have in the past restricted business to online transactions where they pay for the interesting cause and effect essay topics online and they are delivered.
            Online security is, therefore, not about the number of features software has but the measures taken by those who use it to ensure that they keep safe. A weak link in the system or a loop hole in the process jeopardizes the entire security system (Bainbridge, 2004). That is the reason why this report focuses on the possible online security attacks on e-commerce systems and how consumers and manufacturers can stay safe when transacting online. This article also seeks to address strategies that can be implemented to ensure that all online shoppers are safe. There are three major concepts in the web security and they include availability, confidentiality and integrity.
            The first concept, confidentiality, requires that the system is set in such a way that only authorized persons have access to private and confidential information. A good example is when you post a letter. The postman is not allowed to read your letter as this will be a breach of contract. The second important aspect is integrity. Integrity ensures that information reaches the receiver just like it was sent from the sender. Just like in the example of a postman, it would be lack of integrity on his part if he or she tampered with information contained in a letter. If an extra bill was added to your credit card bill by a service provider, your provider would be lacking in integrity. Finally, availability requires that you have access to the resources that you are authorized to access when you need to access it.
It is important for a business to have online presence if it intends to reach many clients. Clients who may not be able to access the physical office of a manufacturer are able to browse the products online and from the comfort of their houses. There have been modifications to e-commerce recently where consumers browse online, pick products, pay for them and then pick the products from the physical store. E-commerce is especially convenient in the service industry such as banking or stock brokerage. Clients are able to save time when they need to transfer funds, print statements and pay bills as they can do this online whenever they want and from wherever they may wish to do these. This saves them time they would have spent queuing in banking halls (Stuller, 2007).
            When transacting through e-commerce, the customer reveals sensitive financial and personal information. This is why security is very important. When system is secure, the process can be completed without the occurrence of undesired side effects. Let us use the house as an example to illustrate just how important security is when it comes to e-commerce. You may have noticed that your pets have a hard time accessing the house. So you decide to cut a small hole into your back door to let them in. The unfortunate thing is that buglers also may take advantage and use the little hole to steal from you. In this way, an unintended avenue has been created and there is now insecurity in your house.
            Tidd & Bessant (2011) confirm thatthere are two different perspectives to security when it comes to the software development industry. Good software should have in-built security system that makes it very secure. The most common software security feature is ensuring a password that is at least six characters long. To make security even tighter, sensitive and private information is provided. As far as consumers are concerned, there is the need for protection from online attacks. Consumers need to understand that even if they have the best passwords for their online accounts, if they do not log off after accessing them, they are not safe from hackers. It is just like having the latest and the best alarm system in your house to keep away thieves yet leaving your doors open.
Players in e-commerce
Typically, a shopper goes to a retailer or manufacturer’s website, browses and finds the product he or she wants and purchases it. As such, there are four main players when it comes to e-commerce. The first player is the consumer who is in need of a product or service. These sites where consumers make purchases are operated by merchants who are selling these goods and services. The merchant who administers these websites is the second player. The third players in the e-commerce industry are the software vendors who build the software. It is from these vendors that merchants purchase software to run their websites. The fourth player is the attacker. The attacker’s aim is to profit by exploiting the other three players in the industry (Stuller, 2007).
            The attacker tries to come up with all sorts of schemes to exploit the resources of the consumer, the merchant and the software developer. The vulnerability of the e-commerce is dealt with under availability, integrity and conidentiality. There are many ways to examine threats in the e-commerce industry. A system should not be vulnerable. Sometimes even when a system is vulnerable to attacks from a certain angle, the attackers may not be aware. It is like leaving your front door open without telling anyone else, then no outsiders may take advantage of this.
            Security features are important in ensuring that software is not vulnerable to attacks. These security features do not necessarily guarantee safety but they make the players less vulnerable to attackers. They are divided into four main categories. The first category is that of authentication which is used to verify that a user is really who he or she claims to be. Suppose, a client wishes to log in to his or her bank account, he/she has to provide proof that he/she really is the owner of a particular bank account. This will prevent unauthorized personnel from accessing private and confidential information belonging to clients.
            The second category is authorization which limits the extent to which a client is allowed to manipulate the system. In the event when a client accesses his or her bank account and tries to increase account balance, he or she will be informed by the system that he/she is not authorized to access that much information. Encryption is the third category and it deals with hiding of information. This ensures that hackers do not spy on clients when they are banking online. The last category is auditing which involves keeping track of activities that took place online. This will help merchants by providing proofs that a customer really has bought a product.
            There have been increased cases of attacks on e-commerce websites raising questions about whether e-commerce websites are more vulnerable to attacks than other websites. The reason why such attacks make big news is because whenever they are attacked, sensitive information is leaked out to the public. This trend is worrying considering that the same web developers that create software for other types of websites are the ones that are contracted to build these e-commerce websites. This is probably because these criminals realized that there was more to gain when they attacked e-commerce sites than when they attacked other websites.
            When compared to robbing a bank, hackers need relatively cheaper resources to hack into an e-commerce website. The criminals only require a computer and internet access. Unlike in a bank robbery where expensive tools may be required, a car for getting away and much other logistical support, online hackers require much less. The low cost of online robbery makes it a better choice for many criminals, hence the increase in the number of online theft. The returns that these criminals are able to make from attacking e-commerce websites are enormous. This considering that the risks are much less makes it quite lucrative.
If a hacker is able to access an e-commerce website for a bank and withdraw just a penny from all the accounts, the hacker can easily make billions of dollars. This is a windfall compared to a robber who decides to break into the local bank to get only a couple of millions. This is because most bank branches do not keep a lot of hard cash within the bank as most of their money is stored way in bits and bytes. Again, the robber who steals from local banks can only rob a certain number of banks. This is not the case with an e-commerce bank robber who can choose from any bank in the world in an online operation. These online bank robbers often take advantage of the lack of extradition rules between their country and a different country to steal from outside their country.
            Online robbers who take advantage of e-commerce do a lot of planning and are careful not to leave any trails behind. This is because it is easy for one to make be anonymous on the net in such a way that an act of crime cannot be traced back to them. Information for online cracking and attacking is also quite readily available online.
            Vacca (2009) confirms that e-commerce websites are vulnerable both at entry and exit points. This is because they are customized in a way that gives the customer easier access. The online robber attacks the shopper, the software vendor, the shopper’s computer, the website’s server and the network connection between the shopper and the website. Tricking the shopper remains one of the most profitable methods used by online thieves. Through their social engineering tricks, these attackers are able to monitor the activities of a shopper and are able to gather information they can then use to trick the shopper. Most of these sites require shoppers to give their mother’s maiden name as a security question. Hackers may trick a shopper into giving this information out leading to attack. This is because the shopper may have used the same log in ID for other online accounts.
Methods used by cyber attackers/ hackers
            Robbers have been known to call shoppers pretending to be representatives of particular e-commerce sites visited by a particular shopper. They are able to extract private information from the shopper which they then use to exploit him or her. With all these pieces of information, the hacker then calls the service provider seeking the password to be reset to specific values. Once the password is changed, the hacker can then manipulate the shopper’s account however he or she wishes.
            The other method online thieves use is snooping in the shopper’s computter for personal details. Most shoppers who own and use computers have absolutely no idea just how vulnerable they are to online hackers. There are also those hardware vendors that wish to sell their products really fast. They end up deactivating some security features in order to make them easy to install. This software without detailed security aspects appeals to many computer users. Unfortunately, this easy to install software is more vulnerable to attacks by hackers. Tools such as SATAN are commonly used by hackers to spy on shoppers in order to access private information. The attacker also monitors information that is exchanged between the server and the shopper.
            Another common method used by hackers is guessing a shopper’s password. Sometimes the password is guessed and sometimes it is automated. Guessing the password for a shopper’s account is tedious and almost impossible unless the attacker knows something about the shopper. An example is when a shopper uses the name of their child as a password. If the hacker knows the name of the shopper’s child then it is easier to hack his/her accounts. Tools for testing passwords exist cheaply in the internet and most of the hackers know just where to get them from.
            The attackers may also use server bugs. The attacker keeps track of all the sites accessed by the shopper. He then studies the websites to understand the patches used for the software. The attacker then exploits these sites without the necessary patches. With millions of severs online, some administrators sometimes forget to apply necessary patches. The most coveted way of hacking an E-commerce website is through an attack on the server root. When a hacker attacks a shopper, there is so much harm they can cause. But when they exploit the server root, the possibilities are unlimited. When a hacker exploits the root server, he gets hold of all the information belonging to the customers and the merchant. He can then steal as much as he wishes from all involved making him a fortune.
            Harry (2009) reckons that despite all the hacking and cracking involved, e-commerce has remained a safe industry over the years. There are enormous resources that are available to merchants that transact online. The merchants are willing to go to all lengths to ensure that their customers are protected and are not vulnerable to these online attacks. The people that use the system should make sure that they keep their passwords and personal information safe. Customers must be educated to ensure that they install firewalls in their personal computers and store private information in an encrypted form for security reasons.
Defence: how to keep safe from cyber attacks 
The software providers must install a firewall for the server to protect it from attackers. They also need to ensure that any attempt to hack into the system is detected and reported by the system. Any attempt at accessing information that is not permitted by a shopper should be detected by the system because it is possible the system could have been compromised. Users must never store passwords for their accounts in plain text as this can be accessed by wrong people. Ethical hackers who know how to protect systems should be employed to analyse the system. Cookies are another good way of keeping track of sessions by clients. This can be very useful in tracking down hackers.
            Bainbridge (2004) states that the best way to ensure security is to be prepared to counterattacks when hacking occurs. When selecting software vendors, it is important that a merchant goes for a developer that has ways of dealing with security threats and attacks. There is a security check list that shoppers can use when transacting online. The first thing that a shopper should avoid is using the same password for numerous accounts. A shopper should also ensure that the password he/she uses has at least six characters and contains some special characters.
            Shoppers are also advised not to shop from websites whose SSL certificate is not recognized by the shopper’s server. This is because such sites are used by hackers and they make them look like the genuine websites belonging to the real merchants. They sometimes create websites with names that resemble the genuine websites and shoppers use these fake websites without recognizing the difference. These hackers even send information to the innocent shoppers, which looks like it is from the genuine merchant. Caution should therefore be exercised and personal information not revealed under any circumstance to ensure one’s safety when shopping online.
            It is extremely advisable that once a person is through with online shopping or browsing, he or she must always remember to log off to prevent someone else from accessing their personal information. It is always wise for online shoppers to use credit cards as most credit card service providers often help out with damaged or non-existent goods. When shopping online, shoppers are advised to go for genuine websites. Most genuine brands have both a brick and mortar store as well as an e-commerce store. Still, all these websites can be compromised. This report has summarized security matters in the e-commerce industry by looking at the main players in the industry, their vulnerability and what can be done to defend shoppers and merchants from these attacks. Development of better technology has made it possible for developers to create websites that are impossible to hack. The vendor has to be proactive in handling security matters. The shoppers must also be cautious and vigilant when shopping online.


Comments

Post a Comment

Popular posts from this blog

7 Overlooked Black Americans Who Quietly Changed History

Martin Luther King, Jr. is often the first name that comes to mind when referring to the civil rights movement of the 60s, and for good reason, as he was the eloquent spokesman and effective leader during this crucial time in history. But there were hundreds of black Americans who risked their lives and welfare to fight against injustice and demand equal rights for their neighbors, their children, and future generations. And though their efforts were powerfully effective, students today may be unaware of their names or their contributions. Many of these unsung heroes were young when they took action to reform the country, and their stories in the custom paper can inspire today’s students who want to change injustices in their world. The Greensboro Four—Standing Up by Sitting Down If your kids ever complain that they lack the power to change the world, you can tell them the story of the Greensboro Four. Inspired by the non-violent protests of Mohandas Gandhi, Ezell Blair Jr. , D
Post a Comment
Read more

MBA Essay Service

Students from all over the world become victims of constantly raising tutors’ demands. The high standards of university level often make them seek essay help from custom writing services. Students need to develop a great number of papers during an academic year. Each of them has its specific requirements, topic, level of complexity, and research to be conducted, not to speak of the quality and uniqueness of the paper. Each essay should shed light on a concrete topic, contain supporting arguments and ideas and provide evidence for the mentioned facts. Before writing an essay on the topic, a student is supposed to analyze a number of sources (articles, magazines, books, etc.) to learn some information about it and be competent in it. Only an accurately and logically organized essay can give them a chance to receive high grades. Taking into consideration the above-mentioned facts, it is natural that students use the services of a custom writing company. Custom-Paper-W
Post a Comment
Read more

A Day in the Life of an Online Student

So what is school really like for an online student? Do students in online schools spend the entire day on the computer? How do they communicate with the other students? Are they getting a comparable education? For those unfamiliar with online learning, the details of an online student’s school day may seem like a mystery. The fact is that a typical day in an online school varies with each student. Families in online schools customize their daily schedules to fit their lifestyles and their children’s custom paper writing needs. Seventh-grader and online learner Elayna, for example, prefers starting her interactive classes early in the morning so she can then move on to her other lessons and homework. This schedule frees up her afternoons for theater class, sports, and other activities, while still allowing for quality family time in the evening. Fifth-grader Zachary, on the other hand, likes a quieter start to his day. So he begins with offline course work before he signs i
Post a Comment
Read more