Secure your ECommerce store with Veltrod

security

  • Security is an essential part of any transaction that takes place over the internet. Customer will loose his/her faith in e-business if its security is compromised.
  1. Information should not be accessible to unauthorized person. It should not be intercepted during transmission.
  2. Information should not be altered during its transmission over the network.
  3. Information should be available wherever and whenever requirement within time limit specified.
  4. There should be a mechanism to authenticate user before giving him/her access to required information.
  5. It is protection against denial of order or denial of payment. Once a sender sends a message, the sender should not able to deny sending the message. Similary the receipient of message should not be able to deny receipt.
  6. Information should be encrypted and decrypted only by authorized user.
  7. Data should be recorded in such a way that it can be audited for integrity requirements.
  • Measures to ensure Security

download (39)

  • It is a very effective and practical way to safeguard the data being transmitted over the network. Sender of the information encrypt the data using a secret code and specified receiver only can decrypt the data using the same or different secret code.
  • Digital signature ensures the authenticity of the information. A digital signature is a e-signature authentic authenticated through encryption and password.
  • Security certificate is unique digital id used to verify identity of an individual website or user.
  • Secure Socket Layer (SSL)
  • It meets following security requirements −
  1. Authentication
  2. Encryption
  3. Integrity
  4. Non-reputability6 dimensions of e-commerce security 
    1. Integrity: prevention against unauthorized data modification
    2. Nonrepudiation: prevention against any one party from reneging on an agreement after the fact
    3. Authenticity: authentication of data source
    4. Confidentiality: protection against unauthorized data disclosure
    5. Privacy: provision of data control and disclosure
    6. Availability: prevention against data delays or removal
  • HOW TO MINIMIZE SECURITY THREATS
  1. Perform a risk assessment à list of information assets and their value to the firm
  2. Develop a security policy àa written statement on:
  • *       what assets to protect from whom?
  • *       why these assets are being protected?
  • *       who is responsible for what protection?
  • *       which behaviors are acceptable and unacceptable?
  1. Develop an implementation plan à a set of action steps to achieve security goals
  2. Create a security organization à a unit to administer the security policy
  3. Perform a security audit à a routine review of access logs and evaluation of security procedures
  • Threats to E-Commerce
  • Threats to E-Commerce servers fall into two general categories:
  1. Threats from an actual attacker
  2. Technological failure.
  • In terms of the former, the motivation is primarily psychological.  The intent is to garner personal information from people for the sheer purposes of exploitation.  With the latter, anything related to the Internet can cause problems.  This can be anything from a network not configured properly to data packets being lost, especially in a wireless access environment.
  • Even poorly written programming code upon which your E-Commerce site was developed can be very susceptible to threats.  Most E-Commerce Servers utilize a Windows Operating System, a Web Server Software to host the E-Commerce Site (such as Internet Information Services, or IIS), and a database which contains your customer information and transaction history.

About Author

Deepika Murty

Deepika Murty

Deepika Murthy is an ECommerce Strategist and Mobile app development expert. She architected several enterprise mobile applications for veltrod clients.

For business enquiry, please contact us

TOP BLOGGER

© Copyright 2013 Veltrod Scroll Top