This document discusses eCommerce security challenges and plans. It outlines trends impacting security like increased digital activity and networked value chains. Major security threats to eCommerce include malware, hacking, and credit card fraud. Authentication, integrity, access control and non-repudiation are key security concerns. Developing an eCommerce security plan involves performing a risk assessment, developing security policies and procedures, implementing security tools, and conducting security audits. Government regulations for eCommerce in India are also discussed. Basic security measures for eCommerce sites include using HTTPS, deleting credit card data, and blacklisting suspicious IP addresses.
2. Outline of the Presentation
• Changing Canvas of E-Commerce
• E-Commerce Challenges
• E-Commerce Security
• Technological Solutions
• Policies and Procedures
3. Internet Use3
BASED ON REPORTED ACITIVE INTERNET USER DATA AND USER CLAMED MOBLIE INTERNET
TOTAL NUMBER
OF ACTIVE
INTERNET USERS
INTERNET USERS AS A
PERCENTAGE OF THE
TOTAL POPULATION
TOTAL NUMBER OF
ACTIVE MOBILE
INTERNET USERS
MOBILE INTERNET USERS AS
A PERCENTAGE OF THE
TOTAL POPULATION
We are
social
We are
social
We are
social
We are
social
243 M 19% 200M 16%
6. Things People Intend to Buy Online
Some idea about what people normally intend to buy online
Rank2Rank1 Rank3 Rank4
• E books
• Designs
• Air Tickets and Train Tickets
• Apparels
• Photos
• Home Appliances
• SEO Services
• Security Services
• Electronic Equipment
7. Why Consumer Prefer Shopping Online?7
Simple, easy, quick and limited travelling
73% 54% 50% 42% 28%
Time Saving Less Prices More Variety Less Taxes No Crowd
80% of Internet users prefer to buy online for the following main reasons
9. 9 E-COMMERCE IN INDIA
PENETRATION OF CATEGORIES
2014 2016
34%
ELECTRONICS
30% APPARELS
& ACCESSORIES
SIZE OF ECOMMERCE
10. 10
ONLINE SHOPPERS IN INDIA AVERAGE REVENUE PER USER
Rs 6000
67%
Increase Rs 10000
2014 2015
40Mn
2014
65Mn
2015
11. Mobile eCommerce Today
Anytime Access
Gives you the flexibility of
reaching anywhere by the
user.
As you know time had
been the most important
factor in Ecommerce
Browser or App
App allows more
closer reach of the
users.
Android and iOS had
been two majorly
used platform today
Large User – Base
Mobile user base is adding
upto 9 million connections a
month .
90% of the users use mobile
phones for the day today
12. India stands 11th in the ranking for Online Crime in the World,
constituting 3% of the Global Cyber Crime.
Monday, 15 February 2016
14. 16
Gaining and Maintaining Commitment from
Management
Maintaining IT Resources
Determining E-Business Applications
Integrating Internet Technologies and
Existing Business Processes
Security of information assets
Legal Considerations
Rollout of plans and fulfilment of
transactions
Challenges in E-Commerce
16. E-Commerce: Challenges
Trusting Others
• Trusting the medium
• Am I connected to the correct web site?
• Is the right person using the other
computer?
• Did the appropriate party send the last
email?
• Did the last message get there in time,
correctly?
18. Several Major Trends are having Significant Impact on Security20
End point diversity
Perimeter virtualization
Digital activity increase
Networked users and partners
Disruptive Attacks
Malicious Software
Cross – Channel
Mobile Cloud
Big Data
Social Media
Networked
Value Chains Disruption
Sophisticated Fraud
Infrastructure
Transformation
Threat Landscape
Transformation
Business
Transformation
19. Authentication
making sure that the message
senders or principles are who
they say they are.
Integrity
making sure that information is not
accidentally or maliciously altered or
corrupted in transit.
Access Control
restricting the use of a
resource to authorized
principles
Non repudiation
ensuring that principals cannot
deny that they sent the
message
Security
Concerns
Security Concerns
20. Security Threats in the E-commerce Environment
• Three key points of vulnerability:
Client
Server
Communications channel
• Most common threats:
Malicious code
Hacking and cyber vandalism
Credit card fraud/theft
Spoofing
Denial of service attacks
Sniffing
Insider jobs
24. Passwords – How many do you have?
University Bank Work login
Email Google Microsoft
Facebook Twitter Instagram
Skype TradeMe Pinterest
Online shops Blogs Online communities
Phone login Utility companies YouTube
http://www.youtube.com/watch?v=Srh_TV_J144
27. Developing an E-commerce Security Plan32
5
Audit
4
Launch
3
Implement2
Security
Policy1
Risk Assessment
Perform a Risk Assessment
Develop a
Implementation Plan
Perform a
Security Audit
Develop a
Security Policy
Create a
Security Organization
28.
No specific e-commerce laws and regulations in India
and they are still evolving.
Info Tech Act 2000 (IT Act 2000) governs the online
issues of e-commerce in India.
Legal requirements for undertaking e-commerce in
India also involve compliance with other laws like
contract law, Indian penal code, etc.
Online shopping in India also involves compliance with
the banking and financial norms.
E-commerce websites in India must ensure privacy
protection, data protection, data security, cyber
security, confidentiality maintenance, etc as well.
Govt. Rules and Regulation & Legal Aspect(IT LAWS)
29. • Change the password from time to time.
• Don’t keep the protected and sensitive files in folders
that have revealing name.
• Choose passwords with numbers, lower and upper case
letters, 8 digitals long and have special characters.
• Get regular audits (www.comodo.com) – these services
usually come with an icon that you can put in your store and
they have been known to boost sales.
• Apply updates to your shopping carts whenever available.
Basic Ways To Protect Yourself
30. • Always use https while navigating through your admin area (if
you have SSL installed on your server.
• If you want (and have the option), consider deleting all the
customer credit card details after purchases.
• Sign up with a managed firewall service (www.able-commerce.com)
these services usually come with an icon that you can put in your
store and they have been known to boost sales.
• Choose a shopping cart that can blacklist (block) IP addresses and
users.
Basic Ways To Protect Yourself
31. Conclusion
• E-commerce has changed the relative importance of time, but as the
pillars of indicator of the country’s economic state that the
importance of time should not be ignored.
• E-commerce is not a kind of new industry, but it is creating a new
economic model.