Content

Safe E-commerce?

E-commerce has always striven to be one of the driving forces behind internet use.

The internet, created initially as a means of communication for the military and universities, needed an incentive to get businesses and ordinary users involved in the benefits that this global network could offer.

However, numerous companies based on the internet have suffered many losses as a result of the dot-com bubble, while many others have even had to close down. Can this be blamed on the limited public take up of e-commerce?

It's clear that users have not reacted to e-commerce on the internet as was initially anticipated. Even if some transactions do take place, they are still well short of what suppliers and advertisers were hoping for. One thing is for sure; there is a fundamental reason behind why people don't use the internet to buy online.

Everything is available on the internet, from consumer products and software, to charity donations via the web. There are also dangers that exist, in the form of hackers, viruses, stolen information, etc. But take a closer look. You face the same risk whether you purchase online or if you go to your local shopping center.

When you leave your house (connect to the internet) and go to the shopping center (search through various web pages looking for what you want), you can be robbed at any time (your computer is facing constant threats). Once at the shopping center, you go to the stores that you trust and are familiar with (or the specific web site that you want to buy from) and choose a product. Purchasing is the most important aspect; it means that we have to confide in the store, in its employees ... likewise if the web page is not trustworthy, you simply shouldn't buy from it.

This is the single most important obstacle the public must overcome when making transactions over the internet. If the method of payment is a credit card, its use can be just as fraudulent on the internet as in a regular store. Paradoxically, many people have a fear of entering their credit card number on the internet, but happily give their card to a waiter in a restaurant without a second thought. It is just as likely that this same credit card can be used illegally in a restaurant as it can on the internet.

Fortunately, there are ways to prevent users from being exposed to internet fraud, such as the security code found on Visa cards, which is printed on the signature panel and is composed of a series of italic numbers. When using the card, this code is requested by the operator to validate the purchase. Along similar lines, American Express users are not responsible for any fraudulent purchases made with some of their credit cards.

Apart from security codes, you can find out just how secure the web site you are buying from is. In order to ensure confidential communications between two computers, various encryption systems have been developed for sending confidential information. The most common, used by all types of communication when making purchases on the internet is called secure sockets layer (SSL).

Generally speaking, SSL consists of establishing encryption keys between the connected computer and the server, which are used to send the information encrypted from one computer to another. In this way, if at any point in the communication there is a breach in security, the information will be unintelligible. Only the computers that initiated the transaction, known as an 'electronic handshake,' can decrypt the information.

Even though the server you are connected to may be completely secure, keep in mind that your computers need to be secure as well. It is useless to insist that purchases are secure in the traditional shopping scenario, if your wallet is stolen on your way home. Many viruses and Trojans have the ability to 'steal' user data by saving the data entered into your computer or stealing files from your disk. To avoid this problem there is a simple, effective solution: install an anti-virus. These programs monitor system activity and make sure that viruses and malicious code are neutralized before causing any significant damage or stealing information.

In addition to the ability of malicious code to steal information from your system, keep in mind that being connected to the internet means you can also fall victim to a hacker attack; malicious programmers who, using different methods, can gain access to your computer. For this reason, it is essential to have a personal firewall installed, which controls any attempts to access computer and avoids damaging intrusions.

It is important to remember that the combined protection of these two systems - the anti-virus and firewall - should be well coordinated, as incompatibilities can seriously affect their effectiveness in protecting your system. The anti-virus and personal firewall must be completely integrated and functioning properly to ensure safe transactions.

Once these security measures have been met and only trusted sites are used, more people can begin to feel secure about making purchases on the internet, just like in a regular store.

Fernando de la Cuadra is international technical editor for Panda Software (www.pandasoftware.com).
 

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.