SECUTIRY in E-COMMERCE
“BEST PRACTICES”
1
SUBJECT: ELECTRONIC COMMERCE
GUIDED BY: TRAN THI QUE NGUYET
TEAM MEMBERS:
•
•
•
•
•
Dau Ngoc Vu - 1714009
Huynh Ngoc Tu - 1713835
Le Ho Vy - 1614213
Cao Ngoc Xuan Yen - 1714075
Nguyen Quang Vuong - 1714037
2
TABLE OF CONTENTS
Introduction
The importance of security in e-commerce
Attacks and vulnerabilities
Protection methods
Conclusion
3
INTRODUCTION
Huynh Ngoc Tu
4
INTRODUCTION
5
WHY?
6
WHY?
7
HOW?
Protect 6 dimensions of e-commerce security:
1. Confidentiality: protection against unauthorized data
disclosure
2. Integrity: prevention against unauthorized data
modification
3. Authenticity: authentication of data source
4. Nonrepudiation: prevention against any one party from
reneging on an agreement after the fact
5. Privacy: provision of data control and disclosure
6. Availability: prevention against data delays or removal
8
WHAT?
Measures to ensure Security:
1. Encryption: It is a very effective and practical way to
safeguard the data being transmitted over the network.
2. Digital Signature: Digital signature ensures the authenticity
of the information.
3. Security Certificates: Security certificate is a unique digital
id used to verify the identity of an individual website or
user
9
THE IMPORTANCE of
SECURITY IN ECOMMERCE
Dau Ngoc Vu
10
The importance of security in e-commerce
• Since the advent of the
Internet, people have been
looking for new ways of
improving it, doing business,
making money and
committing crimes
11
E-commerce
- From 1990 to 1994 e-commerce was started to
establish with the ability to accept credit cards
online, businesses were no longer forced to
traditional brick and mortar sales.
- It can be challenging to gain trust, maintain trust
and build relationships with partners, customers,
clients and suppliers.
- The relationships and trust that can take a long
time to acquire can quickly be destroyed with a
breach in security.
12
Challenges
- Effective security is important for the
continuity of business, trust of clients, and
compliance with industry specific laws and
regulations.
- One breach in security can cost a business a
lot of money, even shut it down.
13
Ethical Issues
- Companies using the internet to do business
should adhere to the same ethical standards
online as they do offline.
14
The consequences
- If they do not follow the same ethical standards,
they face the same consequences. A damaged
reputation and a long-term loss of trust can result
from not following ethical standards.
15
Trust
- Protecting consumer
information should be a
major concern for
businesses.
- When making purchases
online, consumers should
have a general sense of
security.
16
HOW?
- The company should take as many precautions as
possible, while still allowing for usability.
- Technology is constantly changing, criminals are
constantly finding new methods of attack.
- Businesses need to ensure their e-commerce
infrastructures are up-to-date with the latest
updates and security necessities
17
Threats to business
- Direct Financial Loss.
- Indirect Loss.
- Technical Issues.
18
Direct Financial Loss
- Fines or other legal
repercussions could
occur due to a
violation of
contracts, laws, or
other regulations.
19
Indirect Loss
- Loss of Credibility: People will lose trust in a
business that has security issues.
- Loss in Productivity: employees will not be able to
work during downtime.
- Disclosure of confidential information: Business
secrets could be stolen as well as employee and
customer information
- Blackmail: Malicious attackers could take over a
system and demand compensation to restore the
server to the control of the business.
20