SlideShare a Scribd company logo

E commerce Security for end Users

Download as PPT, PDF
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

E commerce Security for end Users

Technology
1 of 13
E-Commerce Security for Users M. Faisal Naqvi Research Consultant (Technical), ECAC
Who is the User? Stakeholders/Major Players: • Customer • Merchant • Bank • Certification Authority (CA) • Government
Preventive Measures against Password Theft • Password/Pin should include: – Capital letters – Small letters – Numbers – And special characters • Password/Pin shouldn’t include: – User Name – Country / City Name etc. – Date/year of birth – Digits of Phone No. – Dictionary Words • To avoid: – Brute Force Attack – Dictionary Attack • Shouldn’t be written • Should be different for different accounts
Preventive Measures against Password Theft Password Protection from: • Shoulder Surfing • Video Recording • Spy ware/Key Loggers • Viruses/Trojan Horses Two-factor authentication: • Smart Card • Biometric Devices
Preventive Measures against Phishing Attack • Always Look for your e-mail address in “to:” / “CC:” field • If info@pepsi.com is written in From field even than its not confirmed that the mail is from Pepsi • www.SendFakeMail.com • Never disclose your Account/Credit Card Information through e-mail / Phone • Don’t open/download any file from unknown sender
Tracing the source of an Email
Tracing the source of an Email
E-Mail Security • Confidentiality, Integrity, Authenticity and non- repudiation • Obtain Digital Certificate from CA (e.g. NIFT) • Install / import your own certificate in E-mail software (e.g. Outlook). • Associate certificates of other persons with their e- mail addresses in address book • If you receive digitally signed mail from any contact the certificate will automatically be associated with that address (in advanced versions of software)
Preventive Measures against Credit Card Info. Theft • Be careful “amazon.com” and “amaz0n.com” are not same • “amazon.com/securepayment/ws” and “amazon.com.securepayment.ws” are not same • In both of above cases 2nd one is fraudulent • Provide Account/Credit Card Info only to secure web sites • Always pay attention to warnings/information given by the Browser • Always look for Yellow Lock • Never disclose secret information without Yellow Lock
Private Key Protection • Private key’s Password Protection • Two factor Authentication e.g.: – Private Key on Smart Card – Private Key on USB Device / Token – Never save the password – Because Private Key is your DIGITAL SIGNATURE – DIGITAL SIGNATURE = Hand written signature + Thumb Impression + Witnesses
General Recommendations • Don’t visit websites of illegal software / cracks etc. • Don’t use Cracked / Illegally patched software • Enable Firewall during internet • Don’t accept social engineering
?
Thank You

Recommended

Internet threats and its effect on E-commerce
Internet threats and its effect on E-commerceInternet threats and its effect on E-commerce
Internet threats and its effect on E-commerceVipin Subhash
 
E commerce
E commerceE commerce
E commerceHumayun Khalid Qureshi
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Security issues in e commerce
Security issues in e commerceSecurity issues in e commerce
Security issues in e commercesadaf tst
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
E commerce
E commerceE commerce
E commerceKavita Sharma
 

Recommended

Internet threats and its effect on E-commerce
Internet threats and its effect on E-commerceInternet threats and its effect on E-commerce
Internet threats and its effect on E-commerceVipin Subhash
 
E commerce
E commerceE commerce
E commerceHumayun Khalid Qureshi
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Security issues in e commerce
Security issues in e commerceSecurity issues in e commerce
Security issues in e commercesadaf tst
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
E commerce
E commerceE commerce
E commerceKavita Sharma
 
Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerceStudsPlanet.com
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonnORagh
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment systemGc university faisalabad
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.pptshaks9151
 
E - comerce
E - comerceE - comerce
E - comerceRakesh Kumar
 
E commerce security system 0605
E commerce security system 0605E commerce security system 0605
E commerce security system 0605SovanChanda
 
Requirement of PCI DSS in India.
Requirement of PCI DSS in India.Requirement of PCI DSS in India.
Requirement of PCI DSS in India.CA Priyadarshan Behera
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce Titas Ahmed
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET Journal
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05BookStoreLib
 
E-Banking 2009
E-Banking 2009E-Banking 2009
E-Banking 2009keerthi123
 
computer and security
computer and security computer and security
computer and security Sumama Shakir
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 

More Related Content

What's hot

Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commercenikitaTahilyani1
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerceStudsPlanet.com
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonnORagh
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.pptshaks9151
 
E commerce security system 0605
E commerce security system 0605E commerce security system 0605
E commerce security system 0605SovanChanda
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce Titas Ahmed
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET Journal
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05BookStoreLib
 
E-Banking 2009
E-Banking 2009E-Banking 2009
E-Banking 2009keerthi123
 
computer and security
computer and security computer and security
computer and security Sumama Shakir
 

What's hot (20)

Security issues in E-commerce
Security issues in E-commerceSecurity issues in E-commerce
Security issues in E-commerce
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerce
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-Commerce
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E Commerce
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment system
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt10.2.2015 e commerce fraud final slide show.ppt
10.2.2015 e commerce fraud final slide show.ppt
 
E - comerce
E - comerceE - comerce
E - comerce
 
E commerce security system 0605
E commerce security system 0605E commerce security system 0605
E commerce security system 0605
 
Requirement of PCI DSS in India.
Requirement of PCI DSS in India.Requirement of PCI DSS in India.
Requirement of PCI DSS in India.
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerce
 
Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce Privacy and Security Issues in E-Commerce
Privacy and Security Issues in E-Commerce
 
E commerce security
E commerce securityE commerce security
E commerce security
 
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic CommerceIRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
IRJET - Data Privacy,Trust Issues and Solutions in Electronic Commerce
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05Laudon traver ec11-im_ch05
Laudon traver ec11-im_ch05
 
E-Banking 2009
E-Banking 2009E-Banking 2009
E-Banking 2009
 
computer and security
computer and security computer and security
computer and security
 

Viewers also liked

Grappe d'innovation des TIC
Grappe d'innovation des TICGrappe d'innovation des TIC
Grappe d'innovation des TICBoris Adam
 
Comment sécuriser les cgv de votre site e-commerce
Comment sécuriser les cgv de votre site e-commerceComment sécuriser les cgv de votre site e-commerce
Comment sécuriser les cgv de votre site e-commerceYoussef Rahoui
 
Presentation confoo2012 survivrea-agile
Presentation confoo2012 survivrea-agilePresentation confoo2012 survivrea-agile
Presentation confoo2012 survivrea-agilefblondeau
 
Web semantique et e-commerce : la vague va déferler !
Web semantique et e-commerce : la vague va déferler !Web semantique et e-commerce : la vague va déferler !
Web semantique et e-commerce : la vague va déferler !Antidot
 
Vademecom presentation full_save
Vademecom presentation full_saveVademecom presentation full_save
Vademecom presentation full_saveWoomeet
 
Sécurisation applicatives pour le e-commerce
Sécurisation applicatives pour le e-commerceSécurisation applicatives pour le e-commerce
Sécurisation applicatives pour le e-commerceWoomeet
 
Ch19 E Commerce Security
Ch19 E Commerce SecurityCh19 E Commerce Security
Ch19 E Commerce Securityphanleson
 
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...Made In Morocco
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & SecurityNetstarterSL
 
E commerce en tunisie YES DE DO
E commerce en tunisie YES DE DO E commerce en tunisie YES DE DO
E commerce en tunisie YES DE DO Wissem OUESLATI
 
E commerce - solutions techniques
E commerce - solutions techniquesE commerce - solutions techniques
E commerce - solutions techniquesJérôme Chambard
 
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...FullSIX Group
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protectiontumetr1
 
Le Commerce éLectronique
Le Commerce éLectroniqueLe Commerce éLectronique
Le Commerce éLectroniqueguest204dc60
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 

Viewers also liked (20)

Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security Standards
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & Control
 
Grappe d'innovation des TIC
Grappe d'innovation des TICGrappe d'innovation des TIC
Grappe d'innovation des TIC
 
Comment sécuriser les cgv de votre site e-commerce
Comment sécuriser les cgv de votre site e-commerceComment sécuriser les cgv de votre site e-commerce
Comment sécuriser les cgv de votre site e-commerce
 
Presentation confoo2012 survivrea-agile
Presentation confoo2012 survivrea-agilePresentation confoo2012 survivrea-agile
Presentation confoo2012 survivrea-agile
 
Web semantique et e-commerce : la vague va déferler !
Web semantique et e-commerce : la vague va déferler !Web semantique et e-commerce : la vague va déferler !
Web semantique et e-commerce : la vague va déferler !
 
Vademecom presentation full_save
Vademecom presentation full_saveVademecom presentation full_save
Vademecom presentation full_save
 
Sécurisation applicatives pour le e-commerce
Sécurisation applicatives pour le e-commerceSécurisation applicatives pour le e-commerce
Sécurisation applicatives pour le e-commerce
 
Ch19 E Commerce Security
Ch19 E Commerce SecurityCh19 E Commerce Security
Ch19 E Commerce Security
 
Amazon & E Bay
Amazon & E BayAmazon & E Bay
Amazon & E Bay
 
E commerce Security
E commerce Security E commerce Security
E commerce Security
 
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...
Diagnostic des sites web e-commerce affiliés au seul prestataire de payement ...
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
 
E commerce en tunisie YES DE DO
E commerce en tunisie YES DE DO E commerce en tunisie YES DE DO
E commerce en tunisie YES DE DO
 
E commerce - solutions techniques
E commerce - solutions techniquesE commerce - solutions techniques
E commerce - solutions techniques
 
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...
Luxe & e-Commerce quelle Expérience Utilisateur? par Frederic Veidig (UX Full...
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
 
Le Commerce éLectronique
Le Commerce éLectroniqueLe Commerce éLectronique
Le Commerce éLectronique
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-Commerce
 

Similar to E commerce Security for end Users

Cyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalCyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalSiphiwe Msibi
 
Cyber Security for Everybody
Cyber Security for EverybodyCyber Security for Everybody
Cyber Security for Everybodyavahe
 
ISSA - Security Awareness 2016-1
ISSA - Security Awareness 2016-1ISSA - Security Awareness 2016-1
ISSA - Security Awareness 2016-1Pedro Serrano
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
2016 Secure World Expo - Security Awareness
2016 Secure World Expo - Security Awareness2016 Secure World Expo - Security Awareness
2016 Secure World Expo - Security AwarenessPedro Serrano
 
Identity Theft Scams
Identity Theft ScamsIdentity Theft Scams
Identity Theft Scamsncpd
 
Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14Barbara O'Neill
 
Id Theft
Id TheftId Theft
Id Theftmojo_5
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxKevinRiley83
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theftguest3151b0
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protectionsajeena81
 

Similar to E commerce Security for end Users (20)

Cyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalCyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_Final
 
Cyber Security for Everybody
Cyber Security for EverybodyCyber Security for Everybody
Cyber Security for Everybody
 
ISSA - Security Awareness 2016-1
ISSA - Security Awareness 2016-1ISSA - Security Awareness 2016-1
ISSA - Security Awareness 2016-1
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Identity theft
Identity theftIdentity theft
Identity theft
 
2016 Secure World Expo - Security Awareness
2016 Secure World Expo - Security Awareness2016 Secure World Expo - Security Awareness
2016 Secure World Expo - Security Awareness
 
Identity Theft Scams
Identity Theft ScamsIdentity Theft Scams
Identity Theft Scams
 
Identity theft
Identity theftIdentity theft
Identity theft
 
Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14
 
Day 2
Day 2Day 2
Day 2
 
Phishing
PhishingPhishing
Phishing
 
Id Theft
Id TheftId Theft
Id Theft
 
Per.fin.7.03 p ptb
Per.fin.7.03 p ptbPer.fin.7.03 p ptb
Per.fin.7.03 p ptb
 
How To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber MondayHow To Keep the Grinch From Ruining Your Cyber Monday
How To Keep the Grinch From Ruining Your Cyber Monday
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
 
Phishing Technology
Phishing TechnologyPhishing Technology
Phishing Technology
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
 
Internet scams
Internet scamsInternet scams
Internet scams
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
 

More from Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

More from Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master (9)

Cyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in DepthCyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in Depth
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies Army
 
Role of Certification Authority in E-Commerce
Role of Certification Authority in E-CommerceRole of Certification Authority in E-Commerce
Role of Certification Authority in E-Commerce
 
Online Security
Online SecurityOnline Security
Online Security
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
Application Security
Application SecurityApplication Security
Application Security
 
Information Security Challenges & Opportunities
Information Security Challenges & OpportunitiesInformation Security Challenges & Opportunities
Information Security Challenges & Opportunities
 
Recent PCI Hacks
Recent PCI HacksRecent PCI Hacks
Recent PCI Hacks
 
Response To Criticism On E Crime Law
Response To Criticism On E Crime LawResponse To Criticism On E Crime Law
Response To Criticism On E Crime Law
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

E commerce Security for end Users

  • 1. E-Commerce Security for Users M. Faisal Naqvi Research Consultant (Technical), ECAC
  • 2. Who is the User? Stakeholders/Major Players: • Customer • Merchant • Bank • Certification Authority (CA) • Government
  • 3. Preventive Measures against Password Theft • Password/Pin should include: – Capital letters – Small letters – Numbers – And special characters • Password/Pin shouldn’t include: – User Name – Country / City Name etc. – Date/year of birth – Digits of Phone No. – Dictionary Words • To avoid: – Brute Force Attack – Dictionary Attack • Shouldn’t be written • Should be different for different accounts
  • 4. Preventive Measures against Password Theft Password Protection from: • Shoulder Surfing • Video Recording • Spy ware/Key Loggers • Viruses/Trojan Horses Two-factor authentication: • Smart Card • Biometric Devices
  • 5. Preventive Measures against Phishing Attack • Always Look for your e-mail address in “to:” / “CC:” field • If info@pepsi.com is written in From field even than its not confirmed that the mail is from Pepsi • www.SendFakeMail.com • Never disclose your Account/Credit Card Information through e-mail / Phone • Don’t open/download any file from unknown sender
  • 6. Tracing the source of an Email
  • 7. Tracing the source of an Email
  • 8. E-Mail Security • Confidentiality, Integrity, Authenticity and non- repudiation • Obtain Digital Certificate from CA (e.g. NIFT) • Install / import your own certificate in E-mail software (e.g. Outlook). • Associate certificates of other persons with their e- mail addresses in address book • If you receive digitally signed mail from any contact the certificate will automatically be associated with that address (in advanced versions of software)
  • 9. Preventive Measures against Credit Card Info. Theft • Be careful “amazon.com” and “amaz0n.com” are not same • “amazon.com/securepayment/ws” and “amazon.com.securepayment.ws” are not same • In both of above cases 2nd one is fraudulent • Provide Account/Credit Card Info only to secure web sites • Always pay attention to warnings/information given by the Browser • Always look for Yellow Lock • Never disclose secret information without Yellow Lock
  • 10. Private Key Protection • Private key’s Password Protection • Two factor Authentication e.g.: – Private Key on Smart Card – Private Key on USB Device / Token – Never save the password – Because Private Key is your DIGITAL SIGNATURE – DIGITAL SIGNATURE = Hand written signature + Thumb Impression + Witnesses
  • 11. General Recommendations • Don’t visit websites of illegal software / cracks etc. • Don’t use Cracked / Illegally patched software • Enable Firewall during internet • Don’t accept social engineering
  • 12. ?