Abstract
In this report, the author endeavours to present the how the security issues generally presented on the B2C web sites can assured by technical controls and educating customers. The report presents levels of end-to-end security components that include: physical system security, operating system security and network security. With advent of web applications that are now being used extensively for deploying e-commerce applications, author also presented the web security threat profile of web services that is currently an active research topic. All of the discussed components are attached with advice that can be provided to customers that may not apparent to them, but can help reduce security issues.
Keywords: B2C websites Security Issues, Technical Controls, Customer Education
Table of Contents
Abstract 2
Table of Contents 3
1 Introduction 4
2 Levels of End-to-End Security Components 4
2.1 Physical System Security 4
2.1.1 Server Side Aspects 4
2.1.2 Client Side Aspects 5
2.2 Operating System Security 5
2.3 Network Security 6
2.4 Web Application/Service Security 8
3 Conclusions 10
4 References and Bibliography 11
How the security of B2C web-sites can be assured through technical controls and customer education
1 Introduction
The primary goal of Business to Consumer (B2C) websites is to attract traffic / consumers such that the virtual store front is available to the potential consumer 24 hrs a day and all year around. More traffic to B2C websites means increased revenues and a pull-type membership model for consumer whereby they “pulled” kept engaged with different type of activity on the web sites (Sarner, 2009). With advent of these virtual shop fronts and increased audience the security model used to ...
... middle of paper ...
...end by validation of client end along with validation of received message on server end.
3 Conclusions
In this report author has presented various levels of end to end security on B2C web site. Number of security threats has been informed along with recommended technical controls that can be put in place in order to provide counter measures against web security threats to B2C web sites. Further, customer side measures have also been informed, that can be easily monitored and setup by the customer in order to protect themselves while using B2C web site. Finally, author wants to add that security issues do occur and they clearly a threat but by performing security threat analysis and but educating customer regularly about changes on website and additional protection features, trust in shopping on B2C web site can be maintained that eventually generates revenues.
B2B merchants must prevent unauthorized access to customer information on their Web sites, and protect the privacy of...
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Have you ever purchased any product on the Internet, used the Internet to collect information or data, or played computer games on the Internet? You must agree that it is fast, easy, and enjoyable. The Internet has been a part of our daily life for several years now. In addition, in the business world, a new business model, E-business and E-commerce, has appeared for several years. According to Ali, there are two main types of E-commerce: B2B and B2C (2000). One is business to business (B2B). This means that enterprises use the Internet to transact or trade between business operations and their partners. Another is business to consumer (B2C). In other words, enterprises provide products, support good, and services to the customers on the Internet.
One of the aspects that make consumer not to trust website is unauthorised access to products and services that they buy online. It is true that some of online retailers can use customer information whatever they want without getting permission from customers for example sends information to another vendor. Luhmann has suggest that if we want to reduce the complexity of human conduct to build good relationship with consumers by introducing ‘trust’ (Luhmann, 1989)
In two distinct e-commerce business types, Business-to-business (B2B) and Business-to-Consumer (B2C), there are many differences in the way they operate. Specifically in marketing, differences include how the marketing is driven and the values of the strategies, the size of the target market and length of the sales cycle, and even the buying patterns of the target consumers. Each of these differences will be better defined and explained in the following paragraphs.
Kondabagil (2007) states, consumers should be informed clearly to understand the information related to the external security risks of Internet banking, such as via bank guidance, which browsing the safety instruction on the bank’s official website. For instance, according to the research of Hiltgen et al (2006), some consumers save their password lists on the computer, and when using the internet banking they click the advertisement and email that are disguised by Trojan program in error, and both could cause financial losses. This is because they do not have the related knowledge about external security risks of Internet banking. Therefore, understanding the external risks knowledge of internet banking is essential for consumers to protect their account safety. Furthermore, according to Claessens et al. (2002), users of internet banking should install a relevant internet banking security certificate, which is a system uses for confirming the security of consumers’ accounts on the website (Hiltgen,2006) and regularly update the firewall, and antivirus program to resist the infection of hackers and Trojan and to protect their account safety. This method may be considered as the most useful action to cope with the
(Vladimirov, 2015). Business to Business (B2B) Ecommerce involves conducting business transactions between companies or government entities over the Internet or World Wide Web (Yazdanifard, et al., 2012). B2B transactions replace complex written and verbal negotiations over complementary services, prices, or products between repeat customers or trading partners or associates (McElheran, 2012). For the past few years, B2B online transactions in the United States reached over $56 billion dollars and over 70% of Internet revenue (Janita et al.,
The e-commerce industry is one of most profitable segments in the US economy as well as global economy. E- Commerce Industry Report underlines that all companies which are included in the statement have remarkable revenue growth. While the global economy continues to improve, many consumers in North America and Europe continue to invest heavily in the market and in the IT technology. The data protection and security are significant factors for investors and consumers. Moreover, e- commerce is an example of an industry that grows by acquisitions which provide a greater opportunity to penetrate new geographic platforms.
To help consumers determine whether the website is secure, and decide to do online shopping, the AICPA (American Institute of Certified Public Accountants) and the CICA (Canadian Institute of Chartered Accountants) have jointly developed the Web Trust Seal to help business entities in maintaining an effective privacy program that addresses their privacy risks and business opportunities.. The seal allows consumers to make purchases online with certainty that vendors have met high standards of business practices disclosure, transaction integrity, and information protection. This paper will focus on defining what the AICPA Web Trust Seal, its development background, what the principles are for obtaining the seal, who is responsible for issuing it, its process, cost, and finally the advantages and disadvantages of obtaining the Web Trust Seal.
In today’s market, e-commerce websites are growing at very fast pace, helping online consumers to shop at ease and achieve their goals in their everyday lives. Most of these websites are designed to provide the basis of business services such as online business transactions but do not make purchasing easy for customers.
In the case of web-based applications software, it must include controls to protect the value of the business and its information from the exposure to end users in the outside world. There is this mediation between end users, the valuable data, and the outside world.
The digital era arrives. Blue Book information editorial board and Social Science Literature Publishing House (2010) pointed out that “China's e-commerce transaction volume reached 3.85 trillion yuan in 2009”. Utilisation of e-business services was also high amongst Hong Kong people. About 98.3% of all persons had used e-business services such as Octopus Card and Automatic Teller Machine (Census and Statistics Department, 2009). One of the pitfalls for the development of e-business, however, is the concerns on consumer privacy. According to Green’s (1999) survey, 54% of respondents had decided not to purchase a product because of a concern on overuse of personal information collected in the e-business transaction. This essay examines the circumstance on protection of consumer privacy in e-business. As e-business is surging by astronomical number and consumer information is a kind of property, the protection of consumer privacy in e-business becomes significant. This essay begins with the causes of the problem, and then move on to analyse the effects. Lastly, the essay concludes with the solutions to the problem.
Zhao, J. J., & Zhao, S. Y. (2012). Retail e-commerce security status among fortune 500 corporations. Journal of Education for Business, 87(3), 136-144. doi:10.1080/08832323.2011.582191
E-commerce merchants need to employ appropriate methods to deal with any threats jeopardizing their systems. It is the merchant’s responsibility to support the latest security measures and tools to ensure confidentiality of consumers’ sensitive information. Merchants should also consider making statements about their security methods and tools they are employing to ensure security to their consumers.
Consequently, e-business and especially online shopping is crucial for retail stores. They should provide necessary infrastructure for selling their products online. By taking advantage of e-business not only they can get competitive advantage of online shopping, but the...