E-CommerceSecurity in Our Personal Information
E-commercehas become most preferred and most convenient way of doing businessin the 21stcentury. The popularity of e-commerce has gone viral in the lastcouple of decades and everyone thinks of nothing else besidese-commerce. Buying and selling goods and services online have,indeed, revolutionized commerce and the way of doing business. Thegreat benefits of e-commerce have come with lots of securitychallenges, especially security that pertains personal information.E-commerce exhibits one of the major security concerns to thecustomers through their daily transactions of purchases and paymentsto the same. Currently, security and privacy and security are a keyconcern for most electronic technologies. Essentially, applicationsof web e-commerce that handle payments as electronic transactions andonline banking or using credit cards, debit cards and PayPal amongothers are more susceptible to high risks of security concerns.Further, customers are exposed to Trojan horse programs, which cansubvert or bypass the basic authorization and authenticationmechanisms that are employed in the transactions of e-commerce. Impersonation and identity theft are other security issues withe-commerce that should concern both e-commerce providers and clients.The increased popularity of e-commerce and online business, andpayment transaction has led to the emergence of security concerns,especially those that are concerned with personal information, andwhich require well designed intervention and regulation for clients’safety.
Itis hardly possible to appreciate the importance of e-commercesecurity, as well as security for personal information used in thesame, without a thorough understanding of the purpose of security inthe online business (Niranjanamurthy and Chahar 2886). The purposesof security in e-commerce precedes what happens when security lapsesoccur, and cause problems and losses to clients. To begin with, thepurpose of e-commerce security is to ensure data confidentiality forboth the e-commerce providers and clients. Data confidentiality foronline transactions is provided and guaranteed through encryption offiles and information regarding clients, which would call fordecryption codes to access (Niranjanamurthy and Chahar 2886).
Thesecond purpose of e-commerce security is identification andauthentication, which ensure that an individual is exactly who heclaims to be. Such identification and authentication are achievedthrough digital signatures that are not easy to forge(Niranjanamurthy and Chahar 2887). Without proper identification,access to e-commerce services using another person’s identity ispretty difficult.
Thirdly,e-commerce security serves the purpose of controlling access togovern the resources that are accessible by a user on the system.Access control utilizes passwords and valid IDs of recognized orregistered clients to restrict access to the system using theircredentials by unauthorized persons (Niranjanamurthy and Chahar2887). In the event that access to the system is not controlled,things could easily get out hand with grave repercussions.
Further,e-commerce security serves the purpose of protecting the integrity ofdata to ensure that such data contained either in clients’ creditcards, or business database has not been compromised (Niranjanamurthyand Chahar 2887). Any data that demonstrate the expected integrity iseasy to trust and work with minimum problems, if any.
Finally,e-commerce security serves the non-repudiation purpose, whichguarantees that clients are not denied a chance to purchase a good orservice of choice. Similarly, e-business are assured of a chance tosell their products online to any willing and prospective customers,without any hindrances (Niranjanamurthy and Chahar 2887). E-commercemakes sense only if items can be sold and bought online, as well asthe relevant payment for the goods made through the same medium.
Havingidentified the purposes served by e-commerce to personal informationof the users, the focus of the paper will shift to exploring securitythreats, which clients are exposed to as they do online transactions.Primarily, the security threats are categorized into three broadtypes, which encompass all the security concerns with regard topersonal information in this business. Denial of service is the firsttype of security threat that will be examined (Niranjanamurthy andChahar 2888). Under this category, denial of service can either caneither result from viruses or spamming. Regarding the former, thereare cases of unsolicited commercial emails that are sent to clients,without proper authorization. In some cases, clients confuse suchemails as genuine and there have been cases of theft following suchemails. Further, clients are also exposed to E-mail bombing, whichresults from sending of numerous emails from a targeted computer by ahacker (Niranjanamurthy and Chahar 2888). Such emails and messagescause excessive traffic in a website making it difficult for clientsto perform online transactions easily.
Further,hackers can also surf the e-commerce website and install softwareagents onto a system (third-party). Such a software is employed tosend inappropriate requests to targets that were not intended. Insuch circumstances, clients can be debited with requests andpurchases that they never made (Niranjanamurthy and Chahar 2888).Having to deal with such a security lapse is hectic and resourcewasting.
Similarly,viruses cause security concerns for client’s personal informationduring online transactions. The viruses describe computer programsthat are self-replicating and, which, perform events that areunwanted. Such unwanted events might involve deleting personalinformation from e-commerce database, thus, making it difficult tomake purchases or settle payments (Niranjanamurthy and Chahar 2888).There is a category of viruses called worms, which spread from onecomputer to the next through internet connection. Such virusescorrupt personal information of a client, and can make it literaryimpossible to engage in e-commerce transactions. Finally, Trojanhorses trick clients into running non-genuine softwares, which aredisguised as genuine ones. Once run, Trojan horses can easilyoverride the authentication stages and help thieves steal fromclients who trade online.
Unauthorizedaccess is the next security concern that, specifically, clientpersonal information regarding credit cards, among others.Unauthorized persons can find their way to access applications, dataand systems that make e-commerce transactions successful. In somecases, people use passive unauthorized access to listen to channelsof communication to discover secret information regarding clients(Niranjanamurthy and Chahar 2888). Imperatively, secret informationmight include, but not limited to passcodes, passwords or pinnumbers. Such secrets can be used to damage the reputation or creditworthy of a client. Under the same security threat of unauthorizedaccess, people can modify e-commerce data to mislead customers orsteal from them, without raising suspicion.
Impersonationis another security threat under unauthorized access, which involvechanging names, IP addresses and IP levels (Niranjanamurthy andChahar 2889). Such changes can alter the origin and destinations oforders, and, thus confusing customers in their daily transactions.
Finally,thefts and frauds are common security issues with e-commercetransactions. Clients can either lose money, data or any other vitalinformation to conmen who deceive them. Stolen data can be modifiedand used to steal from other clients under false pretense(Niranjanamurthy and Chahar 2888). It is possible for customers tomake payments to frauds who steal company servers and pose as thegenuine companies. Under such circumstances, clients might be forcedto pay twice for a single purchase.
Withsuch high levels of security threats in e-commerce, clients must beinformed of the various ways of protecting their personalinformation. Although the e-commerce business do their best toprotect their clients, mistakes do happen, and the consequences forsuch mistakes can have serious impacts to the lives of the clients(Niranjanamurthy and Chahar 2889). The named security threats can beaddressed through a number of ways, which strive to secure thepersonal information of clients by securing online shopping.
Thefirst step that clients can take in securing their personalinformation is shopping at secure websites. Primarily, secure sitesemploy technology of encryption to transfer information and data fromthe computer of the client to the computer of a merchant, which isonline. The essence of encryption is that it scrambles personalinformation as credit card number, which is sent by a client toprevent hackers from obtaining such information while en route(Niranjanamurthy and Chahar 2889). The privilege of unscrambling thecodes is reserved to the few authorized persons, and thissufficiently secures a client’s personal information.
Thesecond recommendation in securing the personal information is doingample research of a website before committing to transact e-commerceorders through the website. It is advisable to transact business withcompanies that are well known and reputable. In the event of the needto purchase from unfamiliar company, an informed decision shouldalways be sought through relevant research concerning the new company(Niranjanamurthy and Chahar 2889). Further, a client should considerstarting the transactions with cheap products, which do not requirelots of money to obtain. A couple of cheap purchases should be enoughto determine the trustworthy of a company. Further, any chosencompany should have valid contact information clearly displayed inits website for easier follow up. The final criterion for determiningthe trustworthy of a company is to check the rating of a company inthe Better Business Bureau. Top listed companies in the bureau shouldbe the ones to go for.
Thirdly,a client should familiarize himself with the security and privacypolicies of a company to determine whether the policies measure up tothe required safety standards. A client should, accordingly, followthe step that a company uses to process his order to establishwhether there are any security lapses in the entire transaction(Niranjanamurthy and Chahar 2890). The security and privacy policiescan be used to determine the type of information that a companyrequires from a client, as well as whether the company intends toshare sensitive personal information of clients with a third party.Information on data security should also be obtained from the samesecurity policies, and a client should go for the company that worksfor him.
Finally,a client should always use credit cards for settling bills forpurchases. Notably, credit cards are the safest way of conductingonline business. Any payment to e-commerce transactions should beeffected using a credit card whenever possible. Private informationsuch as credit card number, passcodes and social security numbershould remain privileged to the own and never shared with anotherperson (Niranjanamurthy and Chahar 2889). The best thing with creditcards is that they are protected by the Federal Fair Credit BillingAct, and incase unauthorized use a client can get almost his entiremoney back.
Inconclusion, the increased popularity of e-commerce and onlinebusiness, and payment transaction has led to the emergence ofsecurity concerns, especially those that are concerned with personalinformation, and which require well designed intervention andregulation for clients’ safety. E-commerce security serves variouspurposes, which emphasize on securing the personal information ofclients, as well as other data that might be of interest e-commercebusiness. Further, it is apparent that the various security threatsthat inherent in e-commerce involve unauthorized access ofinformation, denial of access and frauds, which can cost clients lotsof money and resource. The security concerns in ecommerce can beaddressed by trading with reputable companies, keeping privateinformation privileged and using trusted websites among others. Takenseriously, the security measures can successfully protect clients’private information against any form of damage.
Niranjanamurthy,M and Chahar, Dharmendra. The study of E-Commerce Security Issues andSolutions. International Journal of Advanced Research in Computer andCommunication Engineering, 2 (7). 2013. Print.