Introduction to E-commerce Transactions

Question:

Discuss about the Project Overview of Ecommerce.

E-commerce or the electronic commerce is the technique by which the various kinds of commodities and goods are sold by retailers and those goods are bought by the customers over the Internet. The entire transaction of goods is conducted over the Internet along with the transaction of money. There are multiple alternatives to pay for the commodities over the e-commerce site and online payment is one of the alternatives (Brannen, 2017). However, security is the major concern associated with the online payment. The reason for choosing this topic is to highlight the necessity to secure the online money transaction so that the customers can enjoy a hassle-free secure service. The report will showcase the security measures by which the security of the e-commerce site can be established.

The e-commerce site is developed keeping in mind the individual customers as well as the corporate customers, this help in conducting the business operations and transaction of goods in large volumes. The e-commerce provides various kinds of facilities like non-cash payment, the customers do not have to pay in cash, and they can simply choose to pay via debit card, credit card and via online banking (Creswell, 2013). The customers can get the facility to provide 24×7 services, they can shop at their convenient times, can shop on the go. The online retail stores provide better support to the customers; the customers can keep in touch with the e-commerce industry all the time and get solutions to all their queries. Thus security and privacy are important. The e-commerce giants like Amazon, eBay invests heavy on these e-commerce websites for ensuring the privacy of the customers and the security of the website as well as the company. There is a high risk of security breaches due to the cyber-attacks from the hackers. Thus it is absolute necessity to implement security features to theses websites (Ghosh, 2012).

This report will focus on to research the security measures by which the personal sensitive information can be protected and secured. The technology that is used in the e-commerce websites is Secure socket layer (SSL), https, HTTP and Secure hypertext transfer protocol (SHTTP). Secure Socket Layer is widely used convention and is used to conduct the business operations securely and effectively. It is known to provide the security features- non-reputability, validation, encryption and trustworthiness (Davies & Hughes, 2014). The https is used for HTTP URLs along with SSL whereas HTTP is used for HTTP URLs and not along with SSL. The Secure hypertext transfer protocol caters secure transactions over the Internet. It assists in authentication of the client by implementing encryption method. SHTTP is incorporated into browsers to cater the routine security over the Internet. 

Security and Privacy Concerns in E-commerce

The security issue is the main concern for all the online retailers. The intruders can attack the system and make the system and the database of the e-commerce companies and hack the sensitive data of the company, the financial data and the personal details of the customers. If the customers’ data gets breached then the data, the privacy of the customers will get compromised. The e-commerce sites can face huge loss, they can even lose the customers’ base. The cyber attackers generally carry out the malicious activities by incorporating virus in the system of the e-commerce server, by taking control over the insecure network of the e-retailers (Aven, 2015). Trojan horse and the logic bombs are two kinds of threats and take away the sensitive information of the system and the database. Another kind of threat is Denial of Service Attacks and this attack is responsible to take control of one’ system and disallow the owner to access their own system. This attack is also responsible to shut down one’s server and one’s system. Another popular attack is a phishing attack.

The cyber attackers develop a website which is genuine e-commerce website’s lookalike. They simply copy the HTML code and carry out the attack. Besides those threats discussed, there are vulnerabilities too (Lampard & Pole, 2015). The vulnerabilities incur due to the attack from the SQL injection, cross-site scripting, customers choosing weak passwords and lots more. The security measures must be applied to mitigate these aforesaid threats and the vulnerabilities related to e-commerce.

The research is based on the three questionnaires- what are the primary security concerns of an e-commerce site, what is the necessity to secure the e-commerce site, what are the ethical issues associated with the e-commerce security (Laudon & Traver, 2013). Therefore, the privacy and security, technology related attacks and the ethical issues that will be focused and is the area of research.

Security and Privacy: The customers will have to be concerned about the security and privacy. The theft of the customers’ credentials is the area of concern (Morgan, 2013). The retail industry contains all the personal details of the customers, they also have the bank card details as well, thus the question arises if those sensitive data got breached then the privacy and security of the customers will get threatened.

Technology related attacks: The cyber-attack on the e-commerce is carried out by brute force attack, denial of service attack (DDoS), ICMP flood.

Technology Related Threats in E-commerce

Ethical issues: The ethical issues are associated with the data mining procedures. The retailers must use the customers’ data efficiently and should be attentive that it does not hurt any customers or does not make any negative impact on the customers’ personal life (Segovia, Szczepaniak & Niedzwiedzinski, 2013). Also, if those data get breached then the retailers can be in trouble, they will lose customers’ base, they will lose the reputation and ultimately they will face a huge loss.

The customers must be attentive and should limit their personal data usage. They have also the right not to share the personal information at all. In this way, they can protect the data from getting breached (Time, 2012). On the other hand, if the data are to be used, they must be used ethically and effectively keeping in mind the security and privacy of the customers.

The twelve articles or twelve related works will be highlighted and along with that, the proposals of various authors in regards to security measures of the e-commerce website will be discussed via these twelve articles.

The first article details the techniques and the procedures via which the e-commerce websites can be protected and secured. The two models have been discussed the first one is the oriented authorization model and the second one is the oriented authentication model. The oriented authentication model is responsible to protect the e-commerce system from the brute force attack, replay attack and the data sniffing attack (Rane et al., 2012). The authorization model deals with the session hijacking and the bypassing authorization attacks, replay attacks, ID spoofing. The oriented authorization model is also on the basis of providing the customer’s permission about accessing the data. Thus it can be concluded that the authentication and authorization are important for the enhancement of the e-commerce activities.

The second article focuses on the cryptography technique by which the websites can be protected. This article showcases an algorithm which is fast as well as strong via which the security of the website can be ensured (Maqableh, 2012). The article has proposed about the cryptography that involves the hash functions, that also involves the pseudorandom number generation. HTTPs, SSL and SET protocols have been showcased in the article as well. The e-commerce website if properly encrypted significant benefits can be achieved.

The third article demonstrates about the malware and the virus threat that can make any company’s system and database vulnerable. The dangerous among them is the Trojan Horse. The Trojan Horse is responsible to block and is responsible to bypass any type of authentication and authorization techniques (Niranjanamurthy & Chahar, 2013). The online retail industry has numerous phases and they mainly deal with the delivery phase, the information, the payment phase and the negotiation phase. The phases defined above have various kinds of security measures, various kinds of encryption procedures and various kinds of integrity checks. The article has highlighted the DDoS attacks, unauthorized attacks and the data fraud and the data theft. The article has grandstand on how individuals can protect themselves from all kinds of security breaches.

Ethical Issues Associated with E-commerce Security

The fourth article highlights the pros and cons of the M-commerce and the e-commerce respectively. The pros are related to the security aspects of the e-commerce sites. The article discusses the credit card related frauds and how one should stay safe from the hackers and data fraud, data theft and the phishing attacks. The security measures which probably can protect them from all kinds of security breaches have been discussed in the article and the security measures are authentication, encryption, non-repudiation and unauthorized access (Niranjanamurthy et al., 2013). The attackers can gain entry to one’s system unethically and can modify and delete the data thus the e-commerce sites must be made secure.

The fifth article showcases that the online shopping must be conducted in a safe and secure manner, the digital certificate, strong passwords and the secured public key infrastructure. The e-commerce life cycle has been elaborated in the article as well. According to the author, there should be a mutual trust in running the business operations. DDoS has been highlighted as the most disastrous threat. A security framework must be built to ensure security and safety of the e-commerce website. Nowadays all the customers are very much inclined towards the online shopping and the demand is rising (Revathi, Shanthi & Saranya, 2015). This protecting the website from all kinds of breaches is the need of the hour. Along with that the confidentiality, privacy and the availability must be maintained.

The sixth article showcases that the e-commerce applications can be downloaded to the smartphone and the same kind of effective service can be enjoyed over the phone. The utility of e-commerce apps has been showcased. The flaws have been highlighted as well. The flaws are basically associated with encryption and GPRS authentication. The protocols related with authentication have been discussed along with the encryption mechanisms (Prakash, 2015). The m-commerce activities are increasing and becoming more demanding day by day thus the security measures must be taken into consideration.

The seventh article also focuses on the network security issues. According to the article, a well-secured framework model must have the data confidentiality, data integrity and the authentication. The threats which can prove disastrous to the e-commerce websites are unauthorised access, data theft, data fraud, spamming and the DDoS attack (Gautam & Singh, 2014). There are also vulnerabilities that have been discussed and along with that risks occurring due to the casualties of the customers have been highlighted.

Security Measures for E-commerce Transactions

The eighth article has elaborated the various kinds of business operations that the e-commerce industry works on. The author of this article has proposed the server side security model, the client-side security model and also proposed that the data must be transacted in a secured manner (Rane & Meshram, 2012). The database module is associated with the watermarking, encryption of data and the digital signature.

The ninth article highlights that the e-commerce websites can be secured only by cryptography techniques. The monetary transaction must be made secure by applying security models and the cryptographic techniques. The transactions related to e-commerce contains various kinds of phases like delivery phase, payment phase, information phase and the negotiation phase (Yasin, Haseeb & Qureshi, 2012). The article has proposed about the cryptography that involves the hash functions, that also involves the pseudorandom number generation. HTTPs, SSL and SET protocols have been showcased in the article.

The tenth article focuses on the various aspects of the e-commerce website like merchant account, payment gateway and the shopping cart (Yusuf & Zeki, 2015). A secured e-commerce must have all the required security features and measures like the availability, non-repudiation and the privacy. The major threats which are the area of concern for the e-commerce websites are DDoS attacks, Trojan Horse and various kinds of notable malware and virus attacks. SSL can be an effective tool to cater the security to the e-commerce website. The site must be designed incorporating the security and the privacy parameters.

The eleventh article talks about the cards- Master Card and Visa Card. Various kinds of security protocols incorporated within to facilitate secure money transaction. Asymmetric and symmetric cryptographic technique along with the hashing technique has been depicted in the article (Khandare & Meshram, 2013). The article also depicts about the SDTS algorithm via which transaction of data can be made with ease and security. Again, this article has highlighted the concept of biometric authentication.

The twelfth article has elaborated the security risks and threats like DDoS attacks, network sniffing, IP spoofing, consumers can be deceived by the hackers in numerous ways and can fall into their trap (Aggarwal, 2014). The article also talks about the SSL and various other security solutions by which the attackers can be restricted conducting the malicious activities.

Conclusion

It can be concluded from the above discourse that the financial transactions are conducted via these online retailing websites and security is the major issues. The details of the e-commerce applications have been highlighted in the report. Along with that the security risks, threats and the privacy features have been highlighted in details. The report is based on the research of three questions-the security concerns of the e-commerce website, the necessity for securing the e-commerce website and the ethical issues related to the e-commerce security. The security solutions have been discussed. The twelve articles have been showcased in the report where various authors have given various approaches in related to the security aspects of the e-commerce website. Certain security strategies and security model must be adopted and the employees working in the e-commerce enterprise must be knowledgeable about the security solutions so that they cater the best security solutions to the customers and the enterprise. The security aspects like authentication, authorization has been discussed in the report via which the customers can stay safe and secure.

References

Aggarwal, V. (2014). E-Commerce Security Issues And Solutions: A Survey. International Interdisciplinary Research Journal, 2(1).

Aven, T. (2015). Risk analysis. John Wiley & Sons.

Brannen, J. (Ed.). (2017). Mixing methods: Qualitative and quantitative research. Routledge.

Creswell, J. W. (2013). Research design: Qualitative, quantitative, and mixed methods approaches. Sage publications.

Davies, M. B., & Hughes, N. (2014). Doing a successful research project: Using qualitative or quantitative methods. Palgrave Macmillan.

Gautam, R., & Singh, S. (2014). Network Security Issues in e-Commerce. International Journal Of Advanced Research In Computer Science And Software Engineering, 4(3).

Ghosh, A. K. (Ed.). (2012). E-commerce Security and Privacy (Vol. 2). Springer Science & Business Media.

Khandare, N., & Meshram, D. (2013). Security Of Online Electronic Transactions. International Journal Of Technical Research And Applications, 1(5).

Lampard, R., & Pole, C. (2015). Practical social investigation: Qualitative and quantitative methods in social research. Routledge.

Laudon, K. C., & Traver, C. G. (2013). E-commerce. Pearson.

Maqableh, M. (2012). Analysis and design security primitives based on chaotic systems for ecommerce (Doctoral dissertation, Durham University).

Morgan, D. L. (2013). Integrating qualitative and quantitative methods: A pragmatic approach. Sage publications.

Niranjanamurthy, M., & Chahar, D. D. (2013). The study of e-commerce security issues and solutions. International Journal of Advanced Research in Computer and Communication Engineering, 2(7).

Niranjanamurthy, M., Kavyashree, N., Jagannath, S.,& Chahar, D. (2013). Analysis of e-commerce and m-commerce: advantages, limitations and security issues. International Journal of Advanced Research in Computer and Communication Engineering,2(6).

Prakash, K. (2015). Security Issues And Challenges In Mobile Computing And M-Commerce. International Journal of Computer Science and Engineering Survey, 6(2), 29.

Rane, P. B., & Meshram, B. B. (2012). Application-level and database security for e-commerce application. International Journal of Computer Applications, 41(18).

Rane, P. B., Kulkarni, P., Patil, S., & Meshram, B. B. (2012). Authentication and authorization: tool for ecommerce security. IRACST–Engineering Science and Technology: An International Journal (ESTIJ), 2(1), 150-157.

Revathi., C., Shanthi., K.,& Saranya., A.R.(2015). A Study on E-Commerce Security Issues International Journal of Innovative Research in Computer and Communication Engineering, 3(12) 

Segovia, J., Szczepaniak, P. S., & Niedzwiedzinski, M. (Eds.). (2013). E-commerce and Intelligent Methods (Vol. 105). Physica.

Time, C. (2012). Data Collection Methods. Review of Sociology, 17, 225-249.

Yasin, S., Haseeb, K., & Qureshi, R. J. (2012). Cryptography based e-commerce security: a review. International Journal of Computer Science Issues, 9(2), 132-137.

Yusuf Mohamed, A., & M Zeki, A. (2015). The most principle Security Issues In E-commerce. International Journal Of Scientific And Research Publications, 5(12).