Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Commerce Infrastructure. Learning Objectives 1. Understand the major components of EC infrastructure. 2. Understand the importance and scope of security.

Published byRoss Daniels Modified over 8 years ago

Similar presentations

Presentation on theme: "E-Commerce Infrastructure. Learning Objectives 1. Understand the major components of EC infrastructure. 2. Understand the importance and scope of security."— Presentation transcript:

1 E-Commerce Infrastructure

2 Learning Objectives 1. Understand the major components of EC infrastructure. 2. Understand the importance and scope of security of information systems for EC. 3. Learn about the major EC security 4. Identify and assess major technologies and methods for securing EC access and communications. 5. Describe various types of online payment. 4-1 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

3 4-2

4 1. Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-3

5 The Information Security Problem Information Security Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction Security is needed for: Personal information Financial information Business information National information 4-4 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

6 EC Security threats and attacks There are many threats for EC security: Virus: A piece of software code that inserts itself into a program (host) and change the action of that program. Worm: A software program that runs independently, consuming the resources of its host. Trojan horse: A program that appears to have a useful function but that contains a hidden function that presents a security risk 4-5 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

7 EC Security threats and attacks Banking Trojan: A Trojan that comes to life when computer owners visit an e-banking or e-commerce sites. Denial-of-service (DoS) attack Using specialized software to send a flood of data packets to the target computer with the aim of overloading its resources Spam: The electronic equivalent of junk mail. 4-6 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

8 EC Security threats and attacks Hacker: Someone who gains unauthorized access to a computer system. Cracker: A malicious hacker that may change codes and steal information from the hacked systems. Zombies: Computers infected with malware Page hijacking: Creating a rogue copy of a popular website that shows contents similar to the original to a Web crawler; once there, an unsuspecting user is redirected to malicious websites 4-7 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

9 EC Security threats and attacks Botnet: A huge number (e.g., hundreds of thousands) of hijacked Internet computers that have been set up to forward traffic, including spam and viruses, to other computers on the Internet ‘Phishing’ : the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online. 4-8 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

10 EC Security - Assurance Model Internet Security Assurance Model: Three security concepts important to information on the Internet: confidentiality, integrity, and availability Confidentiality: Assurance of data privacy and accuracy. Integrity: Assurance that stored data has not been modified without authorization; a message that was sent is the same message as that which was received Availability: Assurance that access to data, the website, or other EC data service is timely, available, reliable, and restricted to authorized users 4-9 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

11 EC Security - Defense Strategy EC Security Requirements Authentication: Process to verify (assure) the real identity of an individual, computer, computer program, or EC website Authorization: Process of determining what the authenticated entity is allowed to access and what operations it is allowed to perform Nonrepudiation: Assurance that online customers or trading partners cannot falsely deny (repudiate) their purchase or transaction Encryption: The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it 4-10 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

12 EC Security - Defense Strategy Some of the technologies used to provide EC Security: Anti-virus: to protect a computer from viruses Anti-spy: to protect a computer from spywares Firewall: to protect a network from unauthorized access Secured Socket Layer (SSL): used to encrypt data transferred between the server and the client. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-11

13 2. Payment Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-12

14 The Payment Revolution There are different methods for online payment: 1. Using Payment Cards 2. Smart Cards 3. Stored-Value Cards 4. Micropayment 5. E-Checks 6. Mobile Payment Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-13

15 The Payment Revolution Choosing the E-Payment Method: Critical factors that affect choosing a particular method of e-payment can be: Independence Portability Security. Ease of Use Transaction Fees International Support Regulations Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-14

16 Using Payment Cards Online Payment Card Electronic card that contains information that can be used for payment purposes Credit cards Charge cards Debit cards PROCESSING CARDS ONLINE Authorization: Determines whether a buyer’s card is active and whether the customer has sufficient funds Settlement: Transferring money from the buyer’s to the merchant’s account Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-15

17 Using Payment Cards Online FRAUDULENT CARD TRANSACTIONS Key tools used in combating fraud: Address Verification System (AVS) Detects fraud by comparing the address entered on a Web page with the address information on file with the cardholder’s issuing bank card verification number (CVN) Detects fraud by comparing the verification number printed on the signature strip on the back of the card with the information on file with the cardholder’s issuing bank Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-16

18 Smart Cards smart card An electronic card containing an embedded microchip that enables predefined operations or the addition, deletion, or manipulation of information on the card contact card A smart card containing a small gold plate on the face that when inserted in a smart card reader makes contact and passes data to and from the embedded microchip contactless (proximity) card A smart card with an embedded antenna, by means of which data and applications are passed to and from a card reader unit or other device without contact between the card and the card reader Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-17

19 Smart Cards smart card reader Activates and reads the contents of the chip on a smart card, usually passing the information on to a host system smart card operating system Special system that handles file management, security, input/output (I/O), and command execution and provides an application programming interface (API) for a smart card Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-18

20 Stored-Value Cards stored-value card A card that has monetary value loaded onto it and that is usually rechargeable Stored-value cards come in two varieties: Closed loop are single-purpose cards issued by a specific merchant or merchant group Open loop are multipurpose cards that can be used to make debit transactions at a variety of retailers Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-19

21 E-Micropayments e-micropayments: Small online payments, typically under $10 can be done using : 1. Aggregation 2. Direct payment 3. Stored value 4. Subscriptions Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-20

22 E-Checking e-check A legally valid electronic version or representation of a paper check Automated Clearing House (ACH) Network A nationwide batch-oriented electronic funds transfer system that provides for the interbank clearing of electronic payments for participating financial institutions Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-21

23 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-22

24 Mobile Payments Mobile payment: payment transactions initiated or confirmed using a person’s cell phone or smartphone. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall4-23

Download ppt "E-Commerce Infrastructure. Learning Objectives 1. Understand the major components of EC infrastructure. 2. Understand the importance and scope of security."

Similar presentations

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Learning Objectives Understand the shifts that are occurring with regard to online payments. Discuss the players and processes involved in using credit.

Learning Objectives Understand the shifts that are occurring with regard to online payments. Discuss the players and processes involved in using credit.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Electronic Commerce Payment Systems CIS 579 – Technology of E-Business Joseph H. Schuessler, PhD Joseph.schuesslersounds.com Tarleton State University.

Electronic Commerce Payment Systems CIS 579 – Technology of E-Business Joseph H. Schuessler, PhD Joseph.schuesslersounds.com Tarleton State University.
Electronic Commerce Payment Systems. Learning Objectives 1. Understand the shifts that are occurring with regard to online payments. 2. Discuss the players.

Electronic Commerce Payment Systems. Learning Objectives 1. Understand the shifts that are occurring with regard to online payments. 2. Discuss the players.
Electronic Commerce Payment Systems. Learning Objectives 1. Understand the shifts that are occurring with regard to online payments. 2. Discuss the players.

Electronic Commerce Payment Systems. Learning Objectives 1. Understand the shifts that are occurring with regard to online payments. 2. Discuss the players.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Lecture 4 ref: Chapter 10 E-Commerce Fraud and Security Copyright © 2010 Pearson Education, Inc. 1.

Lecture 4 ref: Chapter 10 E-Commerce Fraud and Security Copyright © 2010 Pearson Education, Inc. 1.
LECTURE 7 REF: CHAPTER 11 ELECTRONIC COMMERCE PAYMENT SYSTEMS PREPARED BY : L. Nouf Almujally Copyright © 2010 Pearson Education, Inc. 1.

LECTURE 7 REF: CHAPTER 11 ELECTRONIC COMMERCE PAYMENT SYSTEMS PREPARED BY : L. Nouf Almujally Copyright © 2010 Pearson Education, Inc. 1.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
© 2008 Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al. Chapter 12 Electronic Payment Systems.

© 2008 Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al. Chapter 12 Electronic Payment Systems.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 12 Electronic Payment Systems. Electronic CommercePrentice Hall © 2006 2 The Payment Revolution A number of factors impact whether a particular.

Chapter 12 Electronic Payment Systems. Electronic CommercePrentice Hall © The Payment Revolution A number of factors impact whether a particular.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Pearson Education – Prentice Hall

Pearson Education – Prentice Hall
Chapter 11 Electronic Commerce Payment Systems. Learning Objectives 1.Describe the situations where micropayments are used and alternative ways to handle.

Chapter 11 Electronic Commerce Payment Systems. Learning Objectives 1.Describe the situations where micropayments are used and alternative ways to handle.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Similar presentations

Ads by Google