Presentation is loading. Please wait.

Presentation is loading. Please wait.

Awicaksi E-Commerce Security & Payment System E-Commerce.

Published byEllen Fox Modified over 8 years ago

Similar presentations

Presentation on theme: "Awicaksi E-Commerce Security & Payment System E-Commerce."— Presentation transcript:

1 awicaksi E-Commerce Security & Payment System E-Commerce

2 Learning Objectives Basic Security Issues Threats and Attacks Managing E-Commerce Security Payment Revolution Online Payment

3 Case: eBay

4 Basic Security Issues Today’s web security problem has three primary facets: Securing web server and data on it Securing information that travels between web server and user Securing end user’s computer and other devices that people use to access the Internet

5 Basic Security Issues (cont’d)

6 Threats and Attacks 1. NONTECHNICAL ATTACK (SOCIAL ENGINEERING) 2. TECHNICAL ATTACK Technical Attack An attack perpetrated using software and systems knowledge or expertise Social Engineering An attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access

7 Social Engineering Dear user of stmp.ciputra.ac.id, We have detected that your email account was used to send a large amount of spam during the recent week. Obviously, your computer had been compromised and now runs a trojan proxy server. We recommend you to follow the instruction in the attachment (stmp-ciputra.zip) in order to keep your computer safe. Regards, ICT Support Ciputra University Dear user of stmp.ciputra.ac.id, We have detected that your email account was used to send a large amount of spam during the recent week. Obviously, your computer had been compromised and now runs a trojan proxy server. We recommend you to follow the instruction in the attachment (stmp-ciputra.zip) in order to keep your computer safe. Regards, ICT Support Ciputra University

8 Phishing examples

9 Social Engineering (cont’d) Social Engineering, the USB Way Steve Stasiukonis VP & founder of Secure Network Technologies, Inc.

10 Social Engineering (cont’d) COUNTERMEASURES Education and training Policies and procedures Penetration testing

11 Social Engineering (cont’d)

12 Technical Attack DDoS

13 Managing EC Security Security Policy Risk Assessment Authentication methods: ‣ Something you know: password ‣ Something you have: smart cards ‣ Something you are: biometrics

14 Managing EC Security (cont’d)

15

16

17 Managerial Issues Have we budgeted enough for security? What are the business consequences of poor security? Should organizations be concerned with internal security threats?

Download ppt "Awicaksi E-Commerce Security & Payment System E-Commerce."

Similar presentations

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer
A Software Keylogger Attack By Daniel Shapiro. Social Engineering Users follow “spoofed” emails to counterfeit sites Users “give up” personal financial.

A Software Keylogger Attack By Daniel Shapiro. Social Engineering Users follow “spoofed” s to counterfeit sites Users “give up” personal financial.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.

Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Information Security Phishing Update CTC

Information Security Phishing Update CTC
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
© 2005-07 NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
Security and Control Brian Mennecke. Planning for Security and Control In today’s net-enabled environment, an increasingly important part of IT planning.

Security and Control Brian Mennecke. Planning for Security and Control In today’s net-enabled environment, an increasingly important part of IT planning.
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”

A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.

1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

Similar presentations

Ads by Google