This document discusses eCommerce security challenges and plans. It outlines trends impacting security like increased digital activity and networked value chains. Major security threats to eCommerce include malware, hacking, and credit card fraud. Authentication, integrity, access control and non-repudiation are key security concerns. Developing an eCommerce security plan involves performing a risk assessment, developing security policies and procedures, implementing security tools, and conducting security audits. Government regulations for eCommerce in India are also discussed. Basic security measures for eCommerce sites include using HTTPS, deleting credit card data, and blacklisting suspicious IP addresses.

1. eCommerce:
Security
and Challenges
1
Trends, pitfalls, and where
eCommerce will go in 2016
PRESENTED BY
Inderjit Singh
eCommerce
2016

2. Outline of the Presentation
• Changing Canvas of E-Commerce
• E-Commerce Challenges
• E-Commerce Security
• Technological Solutions
• Policies and Procedures

3. Internet Use3
BASED ON REPORTED ACITIVE INTERNET USER DATA AND USER CLAMED MOBLIE INTERNET
TOTAL NUMBER
OF ACTIVE
INTERNET USERS
INTERNET USERS AS A
PERCENTAGE OF THE
TOTAL POPULATION
TOTAL NUMBER OF
ACTIVE MOBILE
INTERNET USERS
MOBILE INTERNET USERS AS
A PERCENTAGE OF THE
TOTAL POPULATION
We are
social
We are
social
We are
social
We are
social
243 M 19% 200M 16%

4. E-Commerce Market in India

5. 5 E-Tailing Formats in India

6. Things People Intend to Buy Online
Some idea about what people normally intend to buy online
Rank2Rank1 Rank3 Rank4
• E books
• Designs
• Air Tickets and Train Tickets
• Apparels
• Photos
• Home Appliances
• SEO Services
• Security Services
• Electronic Equipment

7. Why Consumer Prefer Shopping Online?7
Simple, easy, quick and limited travelling
73% 54% 50% 42% 28%
Time Saving Less Prices More Variety Less Taxes No Crowd
80% of Internet users prefer to buy online for the following main reasons

8. Quick Stats: E-Commerce Sales (in Cr)
1,20,000
1,00,000
80,000
60,000
40,000
20,000
0
Rs107,600
Rs77,100
Rs55,600
Rs40,300
Rs28,500
Rs21,700
Rs16,600
2009 2011 2012 2013 2014 20152009
Sales
Year

9. 9 E-COMMERCE IN INDIA
PENETRATION OF CATEGORIES
2014 2016
34%
ELECTRONICS
30% APPARELS
& ACCESSORIES
SIZE OF ECOMMERCE

10. 10
ONLINE SHOPPERS IN INDIA AVERAGE REVENUE PER USER
Rs 6000
67%
Increase Rs 10000
2014 2015
40Mn
2014
65Mn
2015

11. Mobile eCommerce Today
Anytime Access
Gives you the flexibility of
reaching anywhere by the
user.
As you know time had
been the most important
factor in Ecommerce
Browser or App
App allows more
closer reach of the
users.
Android and iOS had
been two majorly
used platform today
Large User – Base
Mobile user base is adding
upto 9 million connections a
month .
90% of the users use mobile
phones for the day today

12. India stands 11th in the ranking for Online Crime in the World,
constituting 3% of the Global Cyber Crime.
Monday, 15 February 2016

13. eCommerce
Challenges
14
eCommerce
2016
“The economic growth of any nation and its
security whether internal or external and
competitiveness depends on how well is its
cyberspace secured and protected”.

14. 16
 Gaining and Maintaining Commitment from
Management
 Maintaining IT Resources
 Determining E-Business Applications
 Integrating Internet Technologies and
Existing Business Processes
 Security of information assets
 Legal Considerations
 Rollout of plans and fulfilment of
transactions
Challenges in E-Commerce

15. 17 Challenges in E-Commerce in India

16. E-Commerce: Challenges
Trusting Others
• Trusting the medium
• Am I connected to the correct web site?
• Is the right person using the other
computer?
• Did the appropriate party send the last
email?
• Did the last message get there in time,
correctly?

17. eCommerce
Security Threats
19
eCommerce
2016
Growing internet penetration and rising popularity
of online banking have made India a favorite
among the cybercriminals, who target online
financial transactions using malware,”.

18. Several Major Trends are having Significant Impact on Security20
 End point diversity
 Perimeter virtualization
 Digital activity increase
 Networked users and partners
 Disruptive Attacks
 Malicious Software
 Cross – Channel
Mobile Cloud
Big Data
Social Media
Networked
Value Chains Disruption
Sophisticated Fraud
Infrastructure
Transformation
Threat Landscape
Transformation
Business
Transformation

19. Authentication
making sure that the message
senders or principles are who
they say they are.
Integrity
making sure that information is not
accidentally or maliciously altered or
corrupted in transit.
Access Control
restricting the use of a
resource to authorized
principles
Non repudiation
ensuring that principals cannot
deny that they sent the
message
Security
Concerns
Security Concerns

20. Security Threats in the E-commerce Environment
• Three key points of vulnerability:
 Client
 Server
 Communications channel
• Most common threats:
 Malicious code
 Hacking and cyber vandalism
 Credit card fraud/theft
 Spoofing
 Denial of service attacks
 Sniffing
 Insider jobs

21. Types of Frauds in E-Commerce Marketplace24
• Buyer fraud
○ Credit Card Fraud
○ Reseller Fraud
○ COD/RTO Fraud
○ Product Exchange Fraud
● Seller fraud
○ Reviews/Ratings Fraud
○ Fake Listing
○ Price Abuse (MRP abuse)
○ Brand Infringement
○ Seller Protection Fund Fraud

22. Risk vs Convenience?

23. Risk vs Convenience?

24. Passwords – How many do you have?
University Bank Work login
Email Google Microsoft
Facebook Twitter Instagram
Skype TradeMe Pinterest
Online shops Blogs Online communities
Phone login Utility companies YouTube
http://www.youtube.com/watch?v=Srh_TV_J144

25. E-commerce Security Tools

26. eCommerce
Plans and Policies
29
eCommerce
2016

27. Developing an E-commerce Security Plan32
5
Audit
4
Launch
3
Implement2
Security
Policy1
Risk Assessment
Perform a Risk Assessment
Develop a
Implementation Plan
Perform a
Security Audit
Develop a
Security Policy
Create a
Security Organization

28. 
 No specific e-commerce laws and regulations in India
and they are still evolving.
 Info Tech Act 2000 (IT Act 2000) governs the online
issues of e-commerce in India.
 Legal requirements for undertaking e-commerce in
India also involve compliance with other laws like
contract law, Indian penal code, etc.
 Online shopping in India also involves compliance with
the banking and financial norms.
 E-commerce websites in India must ensure privacy
protection, data protection, data security, cyber
security, confidentiality maintenance, etc as well.
Govt. Rules and Regulation & Legal Aspect(IT LAWS)

29. • Change the password from time to time.
• Don’t keep the protected and sensitive files in folders
that have revealing name.
• Choose passwords with numbers, lower and upper case
letters, 8 digitals long and have special characters.
• Get regular audits (www.comodo.com) – these services
usually come with an icon that you can put in your store and
they have been known to boost sales.
• Apply updates to your shopping carts whenever available.
Basic Ways To Protect Yourself

30. • Always use https while navigating through your admin area (if
you have SSL installed on your server.
• If you want (and have the option), consider deleting all the
customer credit card details after purchases.
• Sign up with a managed firewall service (www.able-commerce.com)
these services usually come with an icon that you can put in your
store and they have been known to boost sales.
• Choose a shopping cart that can blacklist (block) IP addresses and
users.
Basic Ways To Protect Yourself

31. Conclusion
• E-commerce has changed the relative importance of time, but as the
pillars of indicator of the country’s economic state that the
importance of time should not be ignored.
• E-commerce is not a kind of new industry, but it is creating a new
economic model.

32. THANK YOU
Questions?
Email: inderjit.barara@gmail.com