Please enable JavaScript.
Coggle requires JavaScript to display documents.
TOPIC 5 Security and Payments (Lecture 8) (Common security threats…
TOPIC 5
Security and Payments (Lecture 8)
ecommerce security environment
Problem
size and losses not known
costly
reputational
reduced trust
low-cost web attack kits
online credit card fraud
economy marketplace underground
Three elements
Technology Solutions
Organisational policies
Laws and standards
Dimensions
integrity
nonrepudiation
authenticity
confidentiality
privacy
availability
Tension between security and other values
three key points of security vulnerability
CLient
server
communication spipeline
Good ecommerce Security?
achieve highest degree of security
other factors
time value
cost vs potential loss
security breaks at weakest link
vulnerable points in an ecommerce transaction (diagram)
Common security threats
Malicious Code
PUPs
Phishing
Hacking
Cybervanderlism
Data breach
Credit card fraud
identity fraud
Spoofing/pharming/spam
Man in the middle attack
sniffer
email wire taps
Denial of Service
Insider attacks
Poorly designed software
Social network security issues
Solutions
Technology solutions
Protecting internet communications
Encryption
Limits to encryption
securing channels of communication
protecting networks
protecting servers and clients
Manage risks
Technology,
Effective management policies
Public Laws and active enforcement
Security Plan
Risk assessment
Security Policy
Implementation plan
Security Audit
ecommerce Payment Systems
Start here - work clockwise