THE E-COMMERCE SECURITY

ENVIRONMENT

• For most law-abiding citizens, the Internet holds the promise of a huge
and convenient global marketplace, providing access to people, goods,
services, and businesses worldwide, all at a bargain price.
• For criminals, the Internet has created entirely new—and profitable—
ways to steal from the more than 2.3 billion online consumers
worldwide in 2020. From products and services, to cash, to
information, it’s all there for the taking on the Internet.
THE E-COMMERCE SECURITY
ENVIRONMENT
 THE E-COMMERCE SECURITY
ENVIRONMENT
• To achieve the highest degree of security possible, various
technologies are available and should be used. But these technologies
by themselves do not solve the problem.
• Organizational policies and procedures are required to ensure the
technologies are not disrupted.
• Finally, industry standards and government laws are required to
enforce payment mechanisms, as well as to investigate and prosecute
violators of laws designed to protect the transfer of property in
commercial transactions.
 THE E-COMMERCE SECURITY
ENVIRONMENT

DIMENSIONS OF E-COMMERCE SECURITY

• Integrity the ability to ensure that information being displayed on a
website or transmitted or received over the internet has not been
altered in any way by an unauthorized party
‫عدم التنصل‬
• Nonrepudiation the ability to ensure that e-commerce participants do
not deny (i.e., Repudiate) their online actions
• Authenticity the ability to identify the identity of a person or entity
with whom you are dealing on the internet
 THE E-COMMERCE SECURITY
ENVIRONMENT

DIMENSIONS OF E-COMMERCE SECURITY

• Confidentiality the ability to ensure that messages and data are
available only to those who are authorized to view them
• Privacy the ability to control the use of information about oneself
• Availability the ability to ensure that an e-commerce site continues to
function as intended
THE E-COMMERCE SECURITY
ENVIRONMENT
 THE E-COMMERCE SECURITY
ENVIRONMENT
THE TENSION BETWEEN SECURITY AND OTHER VALUES
• Can there be too much security? The answer is yes. Contrary to what
some may believe, security is not a total good.
• Computer security adds overhead and expense to business operations,
and also gives criminals new opportunities to hide their intentions and
their crimes.
• Two major areas where there are tensions between security and
website operations are:
• Ease of Use
• Public Safety
 THE E-COMMERCE SECURITY
ENVIRONMENT
Ease of Use
• There are inevitable tensions between security and ease of use.
• When traditional merchants are so fearful of robbers that they do
business in shops locked behind security gates, ordinary customers are
discouraged from walking in.
• The same can be true with respect to e-commerce.
• In general, the more security measures added to an e-commerce site,
the more difficult it is to use and the slower the site becomes.
 THE E-COMMERCE SECURITY
ENVIRONMENT

Public Safety
• There is also an inevitable tension between the desires of individuals
to act anonymously (to hide their identity) and the needs of public
officials to maintain public safety that can be threatened by criminals
or terrorists.
 E-COMMERCE PAYMENT
SYSTEMS

• For the most part, existing payment mechanisms such as cash, credit
cards, debit cards, checking accounts, and stored value accounts have
been able to be adapted to the online environment, even with some
significant limitations that have led to efforts to develop alternatives.
• In addition, new types of purchasing relationships, such as between
individuals online, and new technologies, such as the development of
the mobile platform, have also created both a need and an opportunity
for the development of new payment systems.
 E-COMMERCE PAYMENT
SYSTEMS

MAJOR TRENDS IN E-COMMERCE PAYMENTS 2020–2021

• Payment by credit and/or debit card remains the dominant form of
online payment.
• Online payment volume surges in early 2020 due to the Covid-19
pandemic.
• Mobile retail adoption and payment volume skyrockets.
• PayPal remains the most popular alternative payment method online.
 E-COMMERCE PAYMENT
SYSTEMS
MAJOR TRENDS IN E-COMMERCE PAYMENTS 2020–2021
• Apple, Google, and Samsung extend their reach in mobile payment
apps.
• Growing convergence in the online payments marketplace: large banks
enter the mobile wallet and P2P payments market with apps such as
Zelle, while Apple introduces a credit card and Google announces a
plan to offer checking accounts.
• Mobile P2P payment systems such as Venmo, Zelle, and Square Cash
take off. Most mobile wallets also offer P2P payments.
 E-COMMERCE PAYMENT
SYSTEMS
ONLINE CREDIT CARD TRANSACTIONS
• There are five parties involved in an online credit card purchase:
consumer, merchant, clearinghouse, merchant bank (sometimes
called the “acquiring bank”), and the consumer’s card issuing
bank.
• In order to accept payments by credit card, online merchants must
have a merchant account established with a bank or financial
institution.
• A merchant account is simply a bank account that allows companies
to process credit card payments and receive funds from those
transactions.
E-COMMERCE PAYMENT
SYSTEMS
 E-COMMERCE PAYMENT
SYSTEMS
ONLINE CREDIT CARD TRANSACTIONS
• An online credit card transaction begins with a purchase (1).
• When a consumer wants to make a purchase, he or she adds the item to the
merchant’s shopping cart. When the consumer wants to pay for the items in
the shopping cart, a secure tunnel through the Internet is created using TLS.
Using encryption, TLS secures the session during which credit card
information will be sent to the merchant and protects the information from
interlopers on the Internet (2).
• TSL does not authenticate either the merchant or the consumer. The
transacting parties have to trust one another. Once the consumer credit card
information is received by the merchant, the merchant software contacts a
clearinghouse (3).
 E-COMMERCE PAYMENT
SYSTEMS

ONLINE CREDIT CARD TRANSACTIONS

• A clearinghouse is a financial intermediary that authenticates credit cards
and verifies account balances. The clearinghouse contacts the issuing bank
to verify the account information (4).
• Once verified, the issuing bank credits the account of the merchant at the
merchant’s bank (usually this occurs at night in a batch process) (5).
• The debit to the consumer account is transmitted to the consumer in a
monthly statement (6).
 ALTERNATIVE ONLINE
PAYMENT SYSTEMS
ONLINE STORED VALUE
• Payment system permits consumers to make instant, online payments
to merchants and other individuals based on value stored in an online
account (PayPal).
 ALTERNATIVE ONLINE
PAYMENT SYSTEMS
MOBILE PAYMENT SYSTEMS: YOUR SMARTPHONE
WALLET
• P2P mobile payment apps used for payments between individuals.
who have the same app.
• Branded store proximity mobile wallets can be used only at a single
merchant. such as Walmart, Tesco, and Starbucks.
• Universal proximity mobile wallets can be used at a variety of
merchants for point of sale transactions. such as Apple Pay, Google
Pay, and Samsung Pay.
 ALTERNATIVE ONLINE
PAYMENT SYSTEMS
MOBILE PAYMENT SYSTEMS: YOUR SMARTPHONE
WALLET
• Near Field Communication (NFC) a set of short-range wireless
technologies used to share information among devices.
• Quick Response (QR) code technology uses a mobile app to generate
a two dimensional code that merchant scans and enables payment
amount to be deducted from customer’s mobile wallet.
 ALTERNATIVE ONLINE
PAYMENT SYSTEMS
BLOCKCHAIN AND CRYPTOCURRENCIES
• Blockchain is a technology that enables organizations to create and
verify transactions on a network nearly directly without a central
authority.
• Blockchain system transaction processing system that operates on a
distributed and shared database (a peer to peer (P2P) network) rather
than a single organization’s database.
 ALTERNATIVE ONLINE
PAYMENT SYSTEMS

BLOCKCHAIN AND CRYPTOCURRENCIES

• Cryptocurrency are purely digital assets that work as a medium of
exchange using blockchain technology and cryptography.
• Bitcoin most prominent example of cryptocurrency in use today.