Basic Security Concerns
For all the advantages of e-commerce, the major stumbling block is security threats.
What is e-commerce security? People using the internet for commercial transactions always remain at risk of their confidential information such as passwords, and credit card details stolen and their cash siphoned off, or their identity hijacked to undertake criminal activities. Hackers use various techniques such as spear phishing attacks, click jacking, brute force attacks and more to extract personal user information for their nefarious ends.
There is no denying security threats to e-Commerce Web sites are on the increase. The question arises as to why e-commerce sites are prone to security risks. Is it because the e-Commerce software is designed without adequate care for security factors or is the number of cyber criminals on the rise? Analysts claim that the tools necessary to perform an assault on the Internet is fairly easy. All that the cyber criminal or hacker needs is access to a computer and an Internet connection. The shopper’s computer, the network connection between the shopper and website server, website server and software vendor, are all easily identifiable, making the cyber criminal's task easy. If an attacker performs theft on the Internet the attacker can easily make escape without leaving any identity, and if the attackers are experts, even the source of the attack will remain untraceable.
The underlying reason for such attacks is vulnerabilities in software and hardware. Software and hardware vendors, in their quest to ensure that their products are easy to install, ship products with security features disabled. Enabling security features requires some technical skills and the average user seldom attempt to enable the security features. Moreover, very often enabling the security features may impose restrictions that restrict functionality or slow down the system. Users remain reluctant to make such sacrifices, and this opens the gateway for attackers.
At time the vulnerability may be outside the user's control. The software code itself may contain vulnerabilities that hackers exploit, as software developers, in a bid to complete the project fast fail to undertake proper testing. Outdated software, weak firewalls and anti-virus, and other vulnerabilities in the system may also allow cyber criminals to make an entry and do the damage.