SlideShare ist ein Scribd-Unternehmen logo

Fitsum ristu lakew transaction security on e-commerce

Als DOC, PDF herunterladen
FITSUM RISTU LAKEW
FITSUM RISTU LAKEW
1 von 18
Transaction security 1 TRANSACTION SECURITY ON E - COMMERCE FITSUM R. LAKEW ITEC-620 Prof. Elena Gortcheva University of Maryland University College AUGUST 09, 2010
Transaction security 2 Outline 1. Introduction a. Thesis Statement b. General Overview on e commerce transaction security 2. Background a. Security in online transaction b. Security management I. sensitive information ii. Software application 3. Internet security and users a. Firewalls b. Network security management 4. Authentication and verification a. Security goals 5. Internet security in Banking a. Intrusion detection system b. Insider threat c. Legal aspects 6. Improving internet security a. Consumer trust 7. Conclusion a. Recommendation 8. References
Transaction security 3 Abstract In recent years, e-commerce has considerable growth in the US and other European markets. The market is highly concentrated; this presents many values that can be utilized. As a consequence, the path towards full realization of the potential of E-commerce has experienced problems. There are many hurdles that need to be overcome. In a broad view customers have used e-commerce to pay for products and services. Customer experience is important in determining the success of e-commerce. On the other hand, it has been hard for it to be distinguished, evaluated and analyzed because there have been no contributions to estimate it in an objective way. Since this is a gap that needs to be filled, this paper will try to evaluate the experiences that come about with e-commerce transactions together with the possible security problems. This is in relation to customer experiences as far as security (transactions) in e-commerce is concerned. The whole process of executing transactions on an e-commerce website has gone through various stages. It involves landing, product identification, product presentation, cart, order completion and payment. E-commerce websites have had various strengths and weaknesses that have ended up exposing transactions to security problems. Therefore, there is need to evaluate the diverse customer experiences in an e-commerce transaction. This will be done in a quantitative way to identify various areas that need to be improved to enhance transactions. There are many challenges that face e-commerce as far as transactions are concerned. Generally, innovations and competition have been the driving factors behind the continued use of e-commerce. Because of the open nature of the internet, transaction security continues is a
Transaction security 4 concern in e-commerce. These continued transaction risk is likely to create a significant barrier (to market acceptance). There is need for proper control and management. All these are essential for the promotion of consumer confidence. 1. Introduction
Transaction security 5 Increase in online transactions people are able to transact easily and efficiently. However, online safety has to be considered. There are a variety of threats and vulnerabilities that have emerged from online businesses. This is because the online business environment has been changing consistently. In the long run, there have been occasions where online functionality has ended up undermining customer confidence. This compromises customer information and contravenes security implementations. These are real threats that need to be nullified. In doing so, online security management should be enhanced at all levels in the course of carrying out e- commerce transactions. The management is supposed to be active and review their online security approaches. Therefore this calls for proper policies and security measures that will redefine the way e- commerce transactions are carried out for efficiency. There are supposed to be good processes that will provide a proper framework to guide the application of security benchmarks. It is supposed to use proper information security standards which will be applied for online security measures. These measures are supposed to be utilized to enhance online business. Despite the fact that e-commerce has gained momentum in redefining the way business is done, most transactions have continued to face some risks. So, online security measures and policies will be instrumental in protecting the interests of those who conduct business using the internet. 2. Background
Transaction security 6 A. Security in online transactions Online transactions are supposed to protect the security of information. This includes online businesses and their customers. Businesses are supposed to maintain a competitive edge, customer confidence and build trust that will promote a good business reputation. In the process there should be a secure online business environment. It is quite clear that many organizations are now ready to protect their online business transactions (Gomez & Litchenberg, 2007, p.6). They are reinforcing this through enhanced information security policies. There is importance of placing proper management of security. Good information systems will protect companies from numerous security threats and vulnerabilities. There has been need to improve e-security and raise awareness about e-security issues for customers and businesses. This will improve security management in a wider scale. Development and application of online security measures is highly sought. Through these, any online business can be able to strengthen security measures. Online transactions face various threats from; infrastructure, organizational, network, and application security. The complexity of technology has demanded a lot of security in online transactions (e-commerce).Therefore, organizations have had to establish and implement efficient online security measures. B. Security management
Transaction security 7 Through proper security management, organizations can define their approach to online security (Pye & Warren, 2007, p.3). There are supposed to be good management practices that an online business will use for consistency. This wide approach secures the storage of information within a business. Some of the risks have been as a result of poor personnel management. In the long run there should be a response action to monitor these for future analysis. It is clear that there have been some infrastructure security concerns. Measures are supposed to be put in place to avoid damage, unauthorized access and interference in the course of doing online business. l. Sensitive information Sensitive business information has been accessed by unauthorized people and led to questionable transactions (Hole et al, 2006, p.12). All these have sent a wrong signal to customers and other businesses that use the internet to transact business. This calls for the emplacement of proper online processing. The businesses are supposed to guard themselves against the compromise of sensitive information. In the long run they will protect themselves from potential environmental business hazards. II. Software application Software applications have formed an integral part of online business which has had a bearing on e-commerce. This has affected transactions with a long term effect on security. Security controls are supposed to protect business information in wide scale. In doing business, some companies and organizations have encountered electronic mail security problems. Businesses have been compelled to control email access. It is also necessary to come up with proper user behavior education to reduce the potential risks.
Transaction security 8 In some occasions online business transactions have lacked user cryptographic controls. These are necessary to safeguard integrity, confidentiality and authenticity of information that is moved around for the public to access (customers). Online businesses data exchange has been enhanced by computer networks that convey information. To some extend this communication has ended up exposing some loopholes that have been used by people for negative reasons. 3. Internet security and users Some users have compromised the security measures and policies in place (Filipek, 2006, p.7). This calls for control of internal and external communication to seal all the loopholes that can be used to interfere with e-commerce transactions. A. Firewalls A proper way that businesses can use this is through efficient installation of firewalls to define online boundaries. There have been occasions where the systems have failed and led to unavailability. It has affected transactions leading to security concerns by those affected. Businesses have been compelled to have adequate capacity and resources for the growth of online business. B. Network security management Network security management will focus on protecting information. In doing online business there should be proper information to support infrastructure. The local network is
Transaction security 9 supposed to enhance online business by defining proper physical boundaries. External and internal users have logged systems and caused security breaches. Therefore, appropriate measures are supposed to be there for system monitoring to detect unauthorized activities. 4. Authentication and Verification Online customers are supposed to be given a protective barrier which calls for proper authentication and verification. This is supposed to cover the entire life cycle of the customers. Their identity should be validated before being given access to the online service or system. This authentication process for online businesses will identify users in a unique way before allowing them to interact with the business system. There has been a strong pursuit for transactions and business activities. This has seen a lot of sensitive data being exchanged which has further exposed online business to a lot of vulnerabilities and threats. In the process the transactions have been fraud and in extreme cases led to contract disputes. E-commerce is getting a lot of challenges from modifications and disclosures of sensitive information to unwanted users. A. Security goals A starting point should be assessed to ascertain the essential elements of conducting transactions on the internet. There is a necessity of benchmarking online security goals for sustainable business. A specific area that needs to be looked at is internet banking because it touches on both the customers and businesses. Banking and money have been extended into the cyberspace. Many banking institutions have launched e-retail banking over the internet. Competition has
Transaction security 10 driven many financial institutions into embracing internet banking to remain strategic in the market. 5. Internet Security in Banking Internet banking has become popular because of an increase in online business transactions. This has also been a strategy by businesses’ to support business reengineering and expand their market share. Customers have been attracted to online banking due to its convenience (Choton, 2005, p.13). Many products that have been availed online are tailored to fulfill wants and quality expectations with technological progeny. But, on the other hand they are less concerned about the looming identity theft and email scams. Most customers’ believe that internet banking and transactions are very safe due to their own perceptions. Blame can be laid on banks and other partners because they have not been vibrant in authentication of customers. Banks need proper authentication methods while looking at the possible attacks. There is a necessity to develop more secure online business transactions. Banks have insisted that customers access their account information by giving their PINs and social security numbers (like it is the case for Norwegian banks). Some crackers have accessed this information and posed as the real customers while their main intention is to steal. The internet is supposed to be exploited as a channel that can build and develop long term client relationships. A. Intrusion detection system There should be a bank intrusion detection system that will discover these attacks because the crackers can not hide. This is due to the open nature of the internet. All these should
Transaction security 11 be aimed at facilitating open transactions that will promote efficient e-commerce. Because banks form an integral part of e-commerce transactions they are supposed to be sufficiently involved in online business. The blame cannot be squarely laid on banks for bad transactions or problems in e- commerce business but should involve all the businesses and users to ensure that online business is safe. In supporting safe e-commerce transactions some banks have enhanced security by aiming to provide two factor authentications. B. Insider threat Information officers are having problems because of cyber crimes and insider threats. Internet based crime is a challenge to many organizations and companies. There is also an emerging danger to online security from insider sources. Most countries have had problems in e- commerce transactions because of their unprotected systems. Online based crimes have been costly as they lead to loss of customers and revenue. In the long run the business has ended up having a poor brand and reputation. The nature of online crimes has been changing and this means that companies are supposed to prepare a new way to combat this crime. This should be considered by the entire organization and its partners in the e- commerce business. This is an industry problem whereby all the players are supposed to participate instead of leaving it to individual companies and their users. Some mechanisms that companies have enforced to enhance transactions include the updating of firewalls and preventive controls. The concurrence of crimes that relate to online business are continuing at a very fast pace. Some
Transaction security 12 organizations have not been willing to report these online crimes because they fear that by doing so it might affect their business and ultimately customers. There is need to determine the primary source of these security problems in transactions and online business with abroad approach. In the United States, most online crimes are reported in the financial sector which is the heart of many transactions. The internet has a global reach where immediate connection to all internet protocols is available (Wang, 2009, p.8). This means that the internet cannot respect or observe any judicial boundaries. The ability to connect globally has not enhanced security which is a challenge to many countries that wish to regulate the way online transactions are carried out. Countries are supposed to regulate commerce with their foreign counterparts to give online business a new lease of life. Law enforcement will create a good platform by which those who are found violating online business ethics will be punished. C. Legal aspects Whenever there is an intrusion the management can use regulatory, legal and ethical issues to consider if this will be handled by law enforcers, the public or stockholders. Businesses have been discouraged to report due to the potential impact on the stock price. It means that when they report that their systems are experiencing online crimes customers will question their competence in the market. Although the U.S.A has tasked the CFAA to deal with security crimes, law enforcement has been impotent because some of the crimes are never reported. This has seen some companies outsourcing their security functions. Outsourcing of security operations is not viable as security
Transaction security 13 forms an integral part of the organization. The public is supposed to change its perception as far as online security problems are concerned to deal with this business menace. E-business is positively or negatively influenced by the knowledge and trusts that e- consumers have. When consumers lack trust, it becomes a big obstacle to the success of online business (e-commerce). This also hinders the success of online transactions. Good online practices are supposed to make the public more knowledgeable about online transaction security issues (Mangiaracina et al, 2009, p.14). This is because trust plays an important role whenever cases of risks and uncertainties arise in online business. One party is not supposed to take advantage of the other during and after transactions. Trust has been hard to build because online customers can not see each other physically when executing transactions. Initial trust and familiarity play a critical role in giving a positive impact on online transactions. In conducting online transactions, consumers can not see the products they are purchasing physically to check on their quality. They can not monitor the security and safety of personal information. This therefore implies that the success of e-commerce can only be guaranteed when customers trust the products and the sellers (that they can not be able to see). When there is no trust, secure transactions will not be maintained and developed. Considering increase in usage of e-commerce as a distribution channels, businesses ought to consider the impact of trust on transactions. When customers know more about the internet they will be able to understand that non secure transactions are real and can happen to anybody. Customers’ are supposed to be concerned about the trustworthiness of online transactions. Those with more knowledge know how to avoid online security issues.
Transaction security 14 Because of the potential pitfalls that may arise out of online e-commerce transactions, customers are supposed to be more knowledgeable on how they can make wise business decisions. Ability to make wise business decision increases inclination of customers to trust online transactions. This therefore calls on all businesses to increase their customers trust in online transactions. 6. Improving internet security E-commerce transactions can be more secure if the customers are knowledgeable with high levels of trust. Although there might be some security concerns more information will make the customers and consumers to know how to avoid online security issues. Therefore consumer education is important for the success of electronic commerce. This is because consumers will not be afraid of online transactions when they become knowledgeable about internet security. After all these developments, businesses are supposed to enhance e-commerce security (Liao & Cheung, 2003, p.19). This can be done through the continued use of an intrusion detection management system. This will ultimately protect the users and organizations by detecting threats and analyzing them to avoid any compromising situations. It will be able to use an attack analyzer that will gather information within the system and come up with a treatment plan. Organizations will be able to identify measures and rank them for efficient security controls. This is because e-commerce is still regarded as a distributed real time system. It is supposed to enhance customer interaction thereby managing different resources to provide the best quality. A. Consumer trust
Transaction security 15 In a large perspective online business is continuing to be popular with increased transactions. As far as this is concerned the environment that these businesses operate in should be regulated to avoid many problems that have manifested themselves in recent years. The internet continues to give many opportunities for businesses to expand but on the other hand this also posses’ risks that can not be ignored. Consumers who have seen the importance of doing their transactions on the internet should desist from any temptations that will make e-commerce unattractive to the larger population. Some companies have not accepted the reality that e-commerce is facing security threats and therefore should approach these issue with a sober mind to avoid any interruptions in their business. There is a gap that needs to be filled and therefore organizations are supposed to try and evaluate the experiences that come about with e-commerce transactions with the possible security problems. This will go in a long way to redefine the way e-commerce is executed for the benefit of businesses and consumers. 7. Conclusion In a broad view, customers have used e-commerce to pay for the products and services. Customer experience is important in determining the success of e-commerce. On the other hand, it has been hard for it to be distinguished, evaluated and analyzed because there have been no contributions to estimate it in an objective way.
Transaction security 16 E-commerce websites have had various strengths and weaknesses. This has exposed transactions to security problems. Therefore, there is need to evaluate the diverse customer experiences on an e-commerce transaction. This will be done in a quantitative way to identify various areas that need to be improved to enhance transactions. There are many challenges in e-commerce as a whole. Generally, innovations and competition have been the driving factors behind the continued use of e-commerce. Because of the open nature of the internet, transaction security continues to be a big concern in e-commerce. Therefore, it calls for proper policies and security measures that will redefine the way e- commerce transactions are carried out for efficiency. Recommendation There should be good processes to provide proper framework to guide the application of security benchmarks. The internet has a global reach where immediate connection to all internet protocols is available. This means that the internet cannot respect or observe any judicial boundaries. The ability to connect globally has not enhanced security which is a challenge to many countries that wish to regulate the way online transactions are carried out. Countries are supposed to regulate commerce with their foreign counterparts to give online business a new lease of life. Because of the potential pitfalls that may arise out of online, e-commerce transactions, customers are supposed to be more knowledgeable on how they can make wise business decisions. The trust propensity will influence the level of trust by the customers in online transactions.
Transaction security 17 References Basu, S.C. (2005). On Issues of Computer Crimes, Online Security and Legal Resources. Journal of information privacy and security, 1(4), 1-2. Filipek, R. (2006). Online security nightmares for CIOs. Internal auditor, 63(3), 19-20, Retrieved from http://www.ibm.com/us/en/.
Transaction security 18 Gomez, M, J., & Litchenberg, J. (2007). Intrusion Detection Management System for E- commerce Security. Journal of information privacy& security, 3(4), 19-31. Hole, K., Moen, V., & Tjostheim, T. (2006). Online banking security. IEEE security & privacy, Sweden University of Bergen, 3(3), 06. Liao, Z., & Cheung, T, M. (2003). Challenges to internet E-banking. Communications of the ACM, 46(12), 248-250. Mangiaracina, R., Brugnoli, G., & Parego, A. (2009). The e-commerce Customer Journey: A Model to assess and Compare the User Experience of the e-commerce Websites. Journal of internet banking& commerce, 14(3), 1-11. Pye, G., & Warren, M, J. (2007). A Model and Framework for Online Security Benchmarking. Journal of informatics, 31(2) 209-215. Wang, C., Chen, C., & Jiang, J. (2009). The Impact of Knowledge and Trust on E- Consumers' Online shopping activities: an empirical study. Journal of computers, 4(1) 11-18.

Empfohlen

Analysis the attack and E-commerce security
Analysis the attack and E-commerce securityAnalysis the attack and E-commerce security
Analysis the attack and E-commerce securityArmy Institute Of Business Administration,Savar
 
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET Journal
 
A security requirement quality
A security requirement qualityA security requirement quality
A security requirement qualityijseajournal
 
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKSTWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKSijcsit
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
E commerce
E commerceE commerce
E commerceKavita Sharma
 

Empfohlen

Analysis the attack and E-commerce security
Analysis the attack and E-commerce securityAnalysis the attack and E-commerce security
Analysis the attack and E-commerce securityArmy Institute Of Business Administration,Savar
 
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET Journal
 
A security requirement quality
A security requirement qualityA security requirement quality
A security requirement qualityijseajournal
 
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKSTWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS
TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKSijcsit
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
E commerce
E commerceE commerce
E commerceKavita Sharma
 
Our Previous Edition Post event synopsis
Our Previous Edition Post event synopsisOur Previous Edition Post event synopsis
Our Previous Edition Post event synopsisVasuki Kashyap
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprisesTaranggg11
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanianeletseditorial
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security ProgramRaymond Cunningham
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-mainCaio Sanchez Christino
 
Managing Mobile Menaces
Managing Mobile MenacesManaging Mobile Menaces
Managing Mobile MenacesNalneesh Gaur
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
Sms compliance white paper for mobile communications
Sms compliance white paper for mobile communicationsSms compliance white paper for mobile communications
Sms compliance white paper for mobile communicationsTextGuard
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliancePeter Goldbrunner
 
Information Security
Information SecurityInformation Security
Information Securitysteffiann88
 
Maloney Slides
Maloney SlidesMaloney Slides
Maloney Slidesecommerce
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor PrivacyRaymond Cunningham
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorCONFENIS 2012
 
Proactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsProactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsClear Technologies
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail SecurityIBM Software India
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce SecurityRebecca Jones
 
Fitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internetFitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internetFITSUM RISTU LAKEW
 
Fitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFITSUM RISTU LAKEW
 

Weitere ähnliche Inhalte

Was ist angesagt?

Our Previous Edition Post event synopsis
Our Previous Edition Post event synopsisOur Previous Edition Post event synopsis
Our Previous Edition Post event synopsisVasuki Kashyap
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprisesTaranggg11
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security ProgramRaymond Cunningham
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Managing Mobile Menaces
Managing Mobile MenacesManaging Mobile Menaces
Managing Mobile MenacesNalneesh Gaur
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
Sms compliance white paper for mobile communications
Sms compliance white paper for mobile communicationsSms compliance white paper for mobile communications
Sms compliance white paper for mobile communicationsTextGuard
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliancePeter Goldbrunner
 
Information Security
Information SecurityInformation Security
Information Securitysteffiann88
 
Maloney Slides
Maloney SlidesMaloney Slides
Maloney Slidesecommerce
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorCONFENIS 2012
 
Proactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsProactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsClear Technologies
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail SecurityIBM Software India
 

Was ist angesagt? (20)

Our Previous Edition Post event synopsis
Our Previous Edition Post event synopsisOur Previous Edition Post event synopsis
Our Previous Edition Post event synopsis
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprises
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security Program
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber Insurance
 
1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main1 s2.0-s0167404801002097-main
1 s2.0-s0167404801002097-main
 
Managing Mobile Menaces
Managing Mobile MenacesManaging Mobile Menaces
Managing Mobile Menaces
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and Threats
 
Sms compliance white paper for mobile communications
Sms compliance white paper for mobile communicationsSms compliance white paper for mobile communications
Sms compliance white paper for mobile communications
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliance
 
Information Security
Information SecurityInformation Security
Information Security
 
Maloney Slides
Maloney SlidesMaloney Slides
Maloney Slides
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
 
Proactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsProactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van Symons
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail Security
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 

Andere mochten auch

Fitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internetFitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internetFITSUM RISTU LAKEW
 
Fitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFITSUM RISTU LAKEW
 
Shared aircraft spares holdings or pooling: To increase air carrier operation...
Shared aircraft spares holdings or pooling: To increase air carrier operation...Shared aircraft spares holdings or pooling: To increase air carrier operation...
Shared aircraft spares holdings or pooling: To increase air carrier operation...Mersie Amha Melke
 
CRM TRAINING AND BOOMERANG EFFECT
CRM TRAINING AND BOOMERANG EFFECTCRM TRAINING AND BOOMERANG EFFECT
CRM TRAINING AND BOOMERANG EFFECTMersie Amha Melke
 

Andere mochten auch (7)

Fitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internetFitsum ristu lakew strategy and the internet
Fitsum ristu lakew strategy and the internet
 
Fitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detectionFitsum ristu lakew tripwire for intrusion detection
Fitsum ristu lakew tripwire for intrusion detection
 
Choose your major_presentation
Choose your major_presentationChoose your major_presentation
Choose your major_presentation
 
Shared aircraft spares holdings or pooling: To increase air carrier operation...
Shared aircraft spares holdings or pooling: To increase air carrier operation...Shared aircraft spares holdings or pooling: To increase air carrier operation...
Shared aircraft spares holdings or pooling: To increase air carrier operation...
 
Air Midas
Air MidasAir Midas
Air Midas
 
Automation
AutomationAutomation
Automation
 
CRM TRAINING AND BOOMERANG EFFECT
CRM TRAINING AND BOOMERANG EFFECTCRM TRAINING AND BOOMERANG EFFECT
CRM TRAINING AND BOOMERANG EFFECT
 

Ähnlich wie Fitsum ristu lakew transaction security on e-commerce

ENMG 602 Homework Assignment 1 Problem 1 Observation.docx
ENMG 602 Homework Assignment 1 Problem 1 Observation.docxENMG 602 Homework Assignment 1 Problem 1 Observation.docx
ENMG 602 Homework Assignment 1 Problem 1 Observation.docxkhanpaulita
 
E-Commerce Integration and Implementation Issues
E-Commerce Integration and Implementation IssuesE-Commerce Integration and Implementation Issues
E-Commerce Integration and Implementation IssuesNurul Izzah
 
IRJET- Ecommerce Transactions: Secure Gateway in Payment System
IRJET- Ecommerce Transactions: Secure Gateway in Payment SystemIRJET- Ecommerce Transactions: Secure Gateway in Payment System
IRJET- Ecommerce Transactions: Secure Gateway in Payment SystemIRJET Journal
 
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?Lucy Zeniffer
 
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docxvickeryr87
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech applicationnimbleappgenie
 
Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05BookStoreLib
 
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...IJMIT JOURNAL
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonnORagh
 
IRJET- E-Commerce for Economic Development in Nigeria
IRJET- E-Commerce for Economic Development in NigeriaIRJET- E-Commerce for Economic Development in Nigeria
IRJET- E-Commerce for Economic Development in NigeriaIRJET Journal
 
Factors affecting growth of E Business in India
Factors affecting growth of E Business in IndiaFactors affecting growth of E Business in India
Factors affecting growth of E Business in IndiaAyaz Shariff
 
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...Syeful Islam
 
IRJET- Enhancement in Netbanking Security
IRJET- Enhancement in Netbanking SecurityIRJET- Enhancement in Netbanking Security
IRJET- Enhancement in Netbanking SecurityIRJET Journal
 
Information and Cyber Warfare
Information and Cyber WarfareInformation and Cyber Warfare
Information and Cyber WarfareSwapnil Jagtap
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011subramanian K
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guideMark Bennett
 
Va\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsVa\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsiansadler
 
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCE
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCEBANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCE
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCEPARAMASIVANCHELLIAH
 

Ähnlich wie Fitsum ristu lakew transaction security on e-commerce (20)

Ecommerce
EcommerceEcommerce
Ecommerce
 
ENMG 602 Homework Assignment 1 Problem 1 Observation.docx
ENMG 602 Homework Assignment 1 Problem 1 Observation.docxENMG 602 Homework Assignment 1 Problem 1 Observation.docx
ENMG 602 Homework Assignment 1 Problem 1 Observation.docx
 
E-Commerce Integration and Implementation Issues
E-Commerce Integration and Implementation IssuesE-Commerce Integration and Implementation Issues
E-Commerce Integration and Implementation Issues
 
IRJET- Ecommerce Transactions: Secure Gateway in Payment System
IRJET- Ecommerce Transactions: Secure Gateway in Payment SystemIRJET- Ecommerce Transactions: Secure Gateway in Payment System
IRJET- Ecommerce Transactions: Secure Gateway in Payment System
 
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?
What Strategies Are Crucial for Ensuring eCommerce Security in the Digital Era?
 
Building online truste commerce
Building online truste commerceBuilding online truste commerce
Building online truste commerce
 
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
 
Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05
 
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...
A Legal Perspective of E-Businesses and E-Marketing for Small and Medium Ente...
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
 
IRJET- E-Commerce for Economic Development in Nigeria
IRJET- E-Commerce for Economic Development in NigeriaIRJET- E-Commerce for Economic Development in Nigeria
IRJET- E-Commerce for Economic Development in Nigeria
 
Factors affecting growth of E Business in India
Factors affecting growth of E Business in IndiaFactors affecting growth of E Business in India
Factors affecting growth of E Business in India
 
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
 
IRJET- Enhancement in Netbanking Security
IRJET- Enhancement in Netbanking SecurityIRJET- Enhancement in Netbanking Security
IRJET- Enhancement in Netbanking Security
 
Information and Cyber Warfare
Information and Cyber WarfareInformation and Cyber Warfare
Information and Cyber Warfare
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
 
Va\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsVa\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutions
 
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCE
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCEBANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCE
BANKING INTELLIGENCE THROUGH ARTIFICIAL INTELLIGENCE
 

Fitsum ristu lakew transaction security on e-commerce

  • 1. Transaction security 1 TRANSACTION SECURITY ON E - COMMERCE FITSUM R. LAKEW ITEC-620 Prof. Elena Gortcheva University of Maryland University College AUGUST 09, 2010
  • 2. Transaction security 2 Outline 1. Introduction a. Thesis Statement b. General Overview on e commerce transaction security 2. Background a. Security in online transaction b. Security management I. sensitive information ii. Software application 3. Internet security and users a. Firewalls b. Network security management 4. Authentication and verification a. Security goals 5. Internet security in Banking a. Intrusion detection system b. Insider threat c. Legal aspects 6. Improving internet security a. Consumer trust 7. Conclusion a. Recommendation 8. References
  • 3. Transaction security 3 Abstract In recent years, e-commerce has considerable growth in the US and other European markets. The market is highly concentrated; this presents many values that can be utilized. As a consequence, the path towards full realization of the potential of E-commerce has experienced problems. There are many hurdles that need to be overcome. In a broad view customers have used e-commerce to pay for products and services. Customer experience is important in determining the success of e-commerce. On the other hand, it has been hard for it to be distinguished, evaluated and analyzed because there have been no contributions to estimate it in an objective way. Since this is a gap that needs to be filled, this paper will try to evaluate the experiences that come about with e-commerce transactions together with the possible security problems. This is in relation to customer experiences as far as security (transactions) in e-commerce is concerned. The whole process of executing transactions on an e-commerce website has gone through various stages. It involves landing, product identification, product presentation, cart, order completion and payment. E-commerce websites have had various strengths and weaknesses that have ended up exposing transactions to security problems. Therefore, there is need to evaluate the diverse customer experiences in an e-commerce transaction. This will be done in a quantitative way to identify various areas that need to be improved to enhance transactions. There are many challenges that face e-commerce as far as transactions are concerned. Generally, innovations and competition have been the driving factors behind the continued use of e-commerce. Because of the open nature of the internet, transaction security continues is a
  • 4. Transaction security 4 concern in e-commerce. These continued transaction risk is likely to create a significant barrier (to market acceptance). There is need for proper control and management. All these are essential for the promotion of consumer confidence. 1. Introduction
  • 5. Transaction security 5 Increase in online transactions people are able to transact easily and efficiently. However, online safety has to be considered. There are a variety of threats and vulnerabilities that have emerged from online businesses. This is because the online business environment has been changing consistently. In the long run, there have been occasions where online functionality has ended up undermining customer confidence. This compromises customer information and contravenes security implementations. These are real threats that need to be nullified. In doing so, online security management should be enhanced at all levels in the course of carrying out e- commerce transactions. The management is supposed to be active and review their online security approaches. Therefore this calls for proper policies and security measures that will redefine the way e- commerce transactions are carried out for efficiency. There are supposed to be good processes that will provide a proper framework to guide the application of security benchmarks. It is supposed to use proper information security standards which will be applied for online security measures. These measures are supposed to be utilized to enhance online business. Despite the fact that e-commerce has gained momentum in redefining the way business is done, most transactions have continued to face some risks. So, online security measures and policies will be instrumental in protecting the interests of those who conduct business using the internet. 2. Background
  • 6. Transaction security 6 A. Security in online transactions Online transactions are supposed to protect the security of information. This includes online businesses and their customers. Businesses are supposed to maintain a competitive edge, customer confidence and build trust that will promote a good business reputation. In the process there should be a secure online business environment. It is quite clear that many organizations are now ready to protect their online business transactions (Gomez & Litchenberg, 2007, p.6). They are reinforcing this through enhanced information security policies. There is importance of placing proper management of security. Good information systems will protect companies from numerous security threats and vulnerabilities. There has been need to improve e-security and raise awareness about e-security issues for customers and businesses. This will improve security management in a wider scale. Development and application of online security measures is highly sought. Through these, any online business can be able to strengthen security measures. Online transactions face various threats from; infrastructure, organizational, network, and application security. The complexity of technology has demanded a lot of security in online transactions (e-commerce).Therefore, organizations have had to establish and implement efficient online security measures. B. Security management
  • 7. Transaction security 7 Through proper security management, organizations can define their approach to online security (Pye & Warren, 2007, p.3). There are supposed to be good management practices that an online business will use for consistency. This wide approach secures the storage of information within a business. Some of the risks have been as a result of poor personnel management. In the long run there should be a response action to monitor these for future analysis. It is clear that there have been some infrastructure security concerns. Measures are supposed to be put in place to avoid damage, unauthorized access and interference in the course of doing online business. l. Sensitive information Sensitive business information has been accessed by unauthorized people and led to questionable transactions (Hole et al, 2006, p.12). All these have sent a wrong signal to customers and other businesses that use the internet to transact business. This calls for the emplacement of proper online processing. The businesses are supposed to guard themselves against the compromise of sensitive information. In the long run they will protect themselves from potential environmental business hazards. II. Software application Software applications have formed an integral part of online business which has had a bearing on e-commerce. This has affected transactions with a long term effect on security. Security controls are supposed to protect business information in wide scale. In doing business, some companies and organizations have encountered electronic mail security problems. Businesses have been compelled to control email access. It is also necessary to come up with proper user behavior education to reduce the potential risks.
  • 8. Transaction security 8 In some occasions online business transactions have lacked user cryptographic controls. These are necessary to safeguard integrity, confidentiality and authenticity of information that is moved around for the public to access (customers). Online businesses data exchange has been enhanced by computer networks that convey information. To some extend this communication has ended up exposing some loopholes that have been used by people for negative reasons. 3. Internet security and users Some users have compromised the security measures and policies in place (Filipek, 2006, p.7). This calls for control of internal and external communication to seal all the loopholes that can be used to interfere with e-commerce transactions. A. Firewalls A proper way that businesses can use this is through efficient installation of firewalls to define online boundaries. There have been occasions where the systems have failed and led to unavailability. It has affected transactions leading to security concerns by those affected. Businesses have been compelled to have adequate capacity and resources for the growth of online business. B. Network security management Network security management will focus on protecting information. In doing online business there should be proper information to support infrastructure. The local network is
  • 9. Transaction security 9 supposed to enhance online business by defining proper physical boundaries. External and internal users have logged systems and caused security breaches. Therefore, appropriate measures are supposed to be there for system monitoring to detect unauthorized activities. 4. Authentication and Verification Online customers are supposed to be given a protective barrier which calls for proper authentication and verification. This is supposed to cover the entire life cycle of the customers. Their identity should be validated before being given access to the online service or system. This authentication process for online businesses will identify users in a unique way before allowing them to interact with the business system. There has been a strong pursuit for transactions and business activities. This has seen a lot of sensitive data being exchanged which has further exposed online business to a lot of vulnerabilities and threats. In the process the transactions have been fraud and in extreme cases led to contract disputes. E-commerce is getting a lot of challenges from modifications and disclosures of sensitive information to unwanted users. A. Security goals A starting point should be assessed to ascertain the essential elements of conducting transactions on the internet. There is a necessity of benchmarking online security goals for sustainable business. A specific area that needs to be looked at is internet banking because it touches on both the customers and businesses. Banking and money have been extended into the cyberspace. Many banking institutions have launched e-retail banking over the internet. Competition has
  • 10. Transaction security 10 driven many financial institutions into embracing internet banking to remain strategic in the market. 5. Internet Security in Banking Internet banking has become popular because of an increase in online business transactions. This has also been a strategy by businesses’ to support business reengineering and expand their market share. Customers have been attracted to online banking due to its convenience (Choton, 2005, p.13). Many products that have been availed online are tailored to fulfill wants and quality expectations with technological progeny. But, on the other hand they are less concerned about the looming identity theft and email scams. Most customers’ believe that internet banking and transactions are very safe due to their own perceptions. Blame can be laid on banks and other partners because they have not been vibrant in authentication of customers. Banks need proper authentication methods while looking at the possible attacks. There is a necessity to develop more secure online business transactions. Banks have insisted that customers access their account information by giving their PINs and social security numbers (like it is the case for Norwegian banks). Some crackers have accessed this information and posed as the real customers while their main intention is to steal. The internet is supposed to be exploited as a channel that can build and develop long term client relationships. A. Intrusion detection system There should be a bank intrusion detection system that will discover these attacks because the crackers can not hide. This is due to the open nature of the internet. All these should
  • 11. Transaction security 11 be aimed at facilitating open transactions that will promote efficient e-commerce. Because banks form an integral part of e-commerce transactions they are supposed to be sufficiently involved in online business. The blame cannot be squarely laid on banks for bad transactions or problems in e- commerce business but should involve all the businesses and users to ensure that online business is safe. In supporting safe e-commerce transactions some banks have enhanced security by aiming to provide two factor authentications. B. Insider threat Information officers are having problems because of cyber crimes and insider threats. Internet based crime is a challenge to many organizations and companies. There is also an emerging danger to online security from insider sources. Most countries have had problems in e- commerce transactions because of their unprotected systems. Online based crimes have been costly as they lead to loss of customers and revenue. In the long run the business has ended up having a poor brand and reputation. The nature of online crimes has been changing and this means that companies are supposed to prepare a new way to combat this crime. This should be considered by the entire organization and its partners in the e- commerce business. This is an industry problem whereby all the players are supposed to participate instead of leaving it to individual companies and their users. Some mechanisms that companies have enforced to enhance transactions include the updating of firewalls and preventive controls. The concurrence of crimes that relate to online business are continuing at a very fast pace. Some
  • 12. Transaction security 12 organizations have not been willing to report these online crimes because they fear that by doing so it might affect their business and ultimately customers. There is need to determine the primary source of these security problems in transactions and online business with abroad approach. In the United States, most online crimes are reported in the financial sector which is the heart of many transactions. The internet has a global reach where immediate connection to all internet protocols is available (Wang, 2009, p.8). This means that the internet cannot respect or observe any judicial boundaries. The ability to connect globally has not enhanced security which is a challenge to many countries that wish to regulate the way online transactions are carried out. Countries are supposed to regulate commerce with their foreign counterparts to give online business a new lease of life. Law enforcement will create a good platform by which those who are found violating online business ethics will be punished. C. Legal aspects Whenever there is an intrusion the management can use regulatory, legal and ethical issues to consider if this will be handled by law enforcers, the public or stockholders. Businesses have been discouraged to report due to the potential impact on the stock price. It means that when they report that their systems are experiencing online crimes customers will question their competence in the market. Although the U.S.A has tasked the CFAA to deal with security crimes, law enforcement has been impotent because some of the crimes are never reported. This has seen some companies outsourcing their security functions. Outsourcing of security operations is not viable as security
  • 13. Transaction security 13 forms an integral part of the organization. The public is supposed to change its perception as far as online security problems are concerned to deal with this business menace. E-business is positively or negatively influenced by the knowledge and trusts that e- consumers have. When consumers lack trust, it becomes a big obstacle to the success of online business (e-commerce). This also hinders the success of online transactions. Good online practices are supposed to make the public more knowledgeable about online transaction security issues (Mangiaracina et al, 2009, p.14). This is because trust plays an important role whenever cases of risks and uncertainties arise in online business. One party is not supposed to take advantage of the other during and after transactions. Trust has been hard to build because online customers can not see each other physically when executing transactions. Initial trust and familiarity play a critical role in giving a positive impact on online transactions. In conducting online transactions, consumers can not see the products they are purchasing physically to check on their quality. They can not monitor the security and safety of personal information. This therefore implies that the success of e-commerce can only be guaranteed when customers trust the products and the sellers (that they can not be able to see). When there is no trust, secure transactions will not be maintained and developed. Considering increase in usage of e-commerce as a distribution channels, businesses ought to consider the impact of trust on transactions. When customers know more about the internet they will be able to understand that non secure transactions are real and can happen to anybody. Customers’ are supposed to be concerned about the trustworthiness of online transactions. Those with more knowledge know how to avoid online security issues.
  • 14. Transaction security 14 Because of the potential pitfalls that may arise out of online e-commerce transactions, customers are supposed to be more knowledgeable on how they can make wise business decisions. Ability to make wise business decision increases inclination of customers to trust online transactions. This therefore calls on all businesses to increase their customers trust in online transactions. 6. Improving internet security E-commerce transactions can be more secure if the customers are knowledgeable with high levels of trust. Although there might be some security concerns more information will make the customers and consumers to know how to avoid online security issues. Therefore consumer education is important for the success of electronic commerce. This is because consumers will not be afraid of online transactions when they become knowledgeable about internet security. After all these developments, businesses are supposed to enhance e-commerce security (Liao & Cheung, 2003, p.19). This can be done through the continued use of an intrusion detection management system. This will ultimately protect the users and organizations by detecting threats and analyzing them to avoid any compromising situations. It will be able to use an attack analyzer that will gather information within the system and come up with a treatment plan. Organizations will be able to identify measures and rank them for efficient security controls. This is because e-commerce is still regarded as a distributed real time system. It is supposed to enhance customer interaction thereby managing different resources to provide the best quality. A. Consumer trust
  • 15. Transaction security 15 In a large perspective online business is continuing to be popular with increased transactions. As far as this is concerned the environment that these businesses operate in should be regulated to avoid many problems that have manifested themselves in recent years. The internet continues to give many opportunities for businesses to expand but on the other hand this also posses’ risks that can not be ignored. Consumers who have seen the importance of doing their transactions on the internet should desist from any temptations that will make e-commerce unattractive to the larger population. Some companies have not accepted the reality that e-commerce is facing security threats and therefore should approach these issue with a sober mind to avoid any interruptions in their business. There is a gap that needs to be filled and therefore organizations are supposed to try and evaluate the experiences that come about with e-commerce transactions with the possible security problems. This will go in a long way to redefine the way e-commerce is executed for the benefit of businesses and consumers. 7. Conclusion In a broad view, customers have used e-commerce to pay for the products and services. Customer experience is important in determining the success of e-commerce. On the other hand, it has been hard for it to be distinguished, evaluated and analyzed because there have been no contributions to estimate it in an objective way.
  • 16. Transaction security 16 E-commerce websites have had various strengths and weaknesses. This has exposed transactions to security problems. Therefore, there is need to evaluate the diverse customer experiences on an e-commerce transaction. This will be done in a quantitative way to identify various areas that need to be improved to enhance transactions. There are many challenges in e-commerce as a whole. Generally, innovations and competition have been the driving factors behind the continued use of e-commerce. Because of the open nature of the internet, transaction security continues to be a big concern in e-commerce. Therefore, it calls for proper policies and security measures that will redefine the way e- commerce transactions are carried out for efficiency. Recommendation There should be good processes to provide proper framework to guide the application of security benchmarks. The internet has a global reach where immediate connection to all internet protocols is available. This means that the internet cannot respect or observe any judicial boundaries. The ability to connect globally has not enhanced security which is a challenge to many countries that wish to regulate the way online transactions are carried out. Countries are supposed to regulate commerce with their foreign counterparts to give online business a new lease of life. Because of the potential pitfalls that may arise out of online, e-commerce transactions, customers are supposed to be more knowledgeable on how they can make wise business decisions. The trust propensity will influence the level of trust by the customers in online transactions.
  • 17. Transaction security 17 References Basu, S.C. (2005). On Issues of Computer Crimes, Online Security and Legal Resources. Journal of information privacy and security, 1(4), 1-2. Filipek, R. (2006). Online security nightmares for CIOs. Internal auditor, 63(3), 19-20, Retrieved from http://www.ibm.com/us/en/.
  • 18. Transaction security 18 Gomez, M, J., & Litchenberg, J. (2007). Intrusion Detection Management System for E- commerce Security. Journal of information privacy& security, 3(4), 19-31. Hole, K., Moen, V., & Tjostheim, T. (2006). Online banking security. IEEE security & privacy, Sweden University of Bergen, 3(3), 06. Liao, Z., & Cheung, T, M. (2003). Challenges to internet E-banking. Communications of the ACM, 46(12), 248-250. Mangiaracina, R., Brugnoli, G., & Parego, A. (2009). The e-commerce Customer Journey: A Model to assess and Compare the User Experience of the e-commerce Websites. Journal of internet banking& commerce, 14(3), 1-11. Pye, G., & Warren, M, J. (2007). A Model and Framework for Online Security Benchmarking. Journal of informatics, 31(2) 209-215. Wang, C., Chen, C., & Jiang, J. (2009). The Impact of Knowledge and Trust on E- Consumers' Online shopping activities: an empirical study. Journal of computers, 4(1) 11-18.