E-COMMERCE SECURITY The importance of e-commerce security is beyond doubt. And more and more online shops and companies are aware of their importance. Moreover, in 2019, investment in cybersecurity will continue its dynamic growth, almost at the same time as digital threats, which will not cease. E-commerce security strategies include the use of HTTPS protocols and SSL certificates, the monitoring of transactions and periodic backups, among others. In the following lines, we will delve into these and other measures of proven effectiveness. E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. 6 dimensions of e-commerce security / Security Issues in E-Commerce Transactions 1. Authentication:- Authentication ensures that the origin of an electronic message is correctly identified. This means having the capability to determine who sent the message and from where or which machine. Without proper authentication, it will be impossible to know who actually placed an order and whether the order placed is genuine or not. 2. Non-Repudiation:- Non-Repudiation is closely related to authentication and this ensures that the sender cannot deny sending a particular message and the receiver cannot deny receiving a message. 3. Access Control:- If access control is properly implemented, many other security problems like lack of privacy will either be eliminated or mitigated. Access control ensures only those that legitimately require accesses to resources are given access and those without valid access cannot have access. 4. Confidentiality or Privacy:- Privacy ensures that only authorized parties can access information in any system. The information should not be distributed to parties that should not receive it. Issues related to privacy can be considered as a subset of issues related to access control. 5. Integrity:- Integrity ensures that only authorized parties can make changes to the documents transmitted over the network. E-Commerce Threats Cyber-security represents one of the most important e-Commerce feature. Without the existence and implementation of proper protocols, online store owners put themselves and also their customers at risk for payment fraud. Even stores that cater to a small target market can find themselves at a heightened risk if they leave gaps in their online security. Actually, smaller stores face the biggest threat from cyber-criminals because of insufficient Internet safety. It has been observed that one in five small online businesses falls victim to fraud every year, and more that 60 of these stores are forced to close within six months. More than financial consequences, data breaches harm an e-Commerce website‘s reputation. Loyal customers will avoid continuing shopping at an online store that put their information at risk in the past. Therefore, using the right tools became compulsory, minimizing the risks of fraud. Threats may be from anyone with the capability, technology, opportunity, and intent to do harm. Potential threats can be foreign or domestic, internal or external, state-sponsored or a single rogue element. Terrorists, insiders, disgruntled employees, and hackers are included in this profile Some of the security concerns are Loss of Privacy/confidentiality, data misuse/abuse, Cracking, eavesdropping, spoofing, rootkits, Viruses, Trojans, worms, hostile ActiveX and Java, System unavailability, denial of service, natural disasters, power interruptions E-commerce activity takes place when there is a sender (customer), a receiver (the merchant) using a communication channel to do business. In this environment the sender has his own device or computer, uses the internet, logs in to the business portal of the merchant, the orders placed gets transmitted from one machine to another machine, often through a complex set of technology features. The threat to security is that the devices, the communication channel, the technology that is used, can all be compromised, thus causing damage or loss to both parties. The threats can be categorized into four areas depending on where or who gets effected. Intellectual property threats -- use existing materials found on the Internet without the owner's permission, e.g., music downloading, domain name (cyber squatting), software pirating 2. Client computer threats. The customer machine may be compromised due to Trojan horse, Active contents, Viruses 3. Communication channel threats can occur due to Sniffer program, Backdoor, Spoofing, Denial-of-service 4. Server threats maybe caused due to – Privilege settings, Server Side Include (SSI), Common Gateway Interface (CGI), File transfer, Spamming 5.Eavesdropping - This is the process of listening in or overhearing parts of a conversation. It also includes attackers listening in on your network traffic. It‘s generally a passive attack, for example, a co-worker may overhear your dinner plans because your speaker phone is set too loud. The opportunity to overhear a conversation is coupled with the carelessness of the parties in the conversation. 6.Snooping - This is when someone looks through your files in the hopes of finding something interesting whether it is electronic or on paper. In the case of physical snooping people might inspect your dumpster, recycling bins, or even your file cabinets; they can look under your keyboard for post-It-notes, or look for scraps of paper tracked to your bulletin board. Computer snooping on the other hand involves someone searching through your electronic files trying to find something interesting. 7. Interception - This can be either an active or passive process. In a networked environment, apassive interception might involve someone who routinely monitors network traffic. Active interception might include putting a computer system between sender and receiver to capture information as it is sent. From the perspective of interception, this process is covert. The last thing a person on an intercept mission wants is to be discovered. Intercept missions can occur for years without the knowledge of the intercept parties. 8.Modification Attacks - This involves the deletion, insertion, or alteration of information in an unauthorized manner that is intended to appear genuine to the user. These attacks can be very hard to detect. The motivation of this type of attack may be to plant information, change grades in a class, alter credit card records, or something similar. Website defacements are a common form of modification attacks. 9.Repudiation Attacks - This makes data or information to appear to be invalid or misleading (Which can even be worse). For example, someone might access your email server and inflammatory information to others under the guise of one of your top managers. This information might prove embarrassing to your company and possibly do irreparable harm. This type of attack is fairly easy to accomplish because most email systems don't check outbound email for validity. Repudiation attacks like modification attacks usually begin as access attacks. 10.Denial-of-service Attacks - They prevent access to resources by users by users authorized to use those resources. An attacker may try to bring down an Ecommerce website to prevent or deny usage by legitimate customers. DoS attacks are common on the internet, where they have hit large companies such as Amazon, Microsoft, and AT&T. These attacks are often widely publicized in the media. Several types of attacks can occur in this category. These attacks can deny access to information, applications, systems, or communications. A DoS attack on a system crashes the operation system (a simple reboot may restore the server to normal operation). A common DoS attack is to open as many TCP sessions as possible; this type of attack is called TCP SYN flood DoS attack. Two of the most common are the ping of death and the buffer overflow attack. The ping of death operates by sending Internet control message protocol (ICMP) packets that are larger than the system can handle. Buffer overflow attacks attempt to put more data into the buffer than it can handle. Code red, slapper and slammer are attacks that took advantage of buffer overflows, sPing is an example of ping of death. 11.Distributed Denial-of-service Attacks - This is similar to a DoS attack. This type of attack amplifies the concepts of DoS attacks by using multiple computer systems to conduct the attack against a single organization. These attacks exploit the inherent weaknesses of dedicated networks such as DSL and Cable. These permanently attached systems have little, if any, protection. The attacker can load an attack program onto dozens or even hundreds of computer systems that use DSL or Cable modems. The attack program lies dormant on these computers until they get attack signal from the master computer. This signal triggers these systems which launch an attack simultaneously on the target network or system. 12.Back door Attacks - This can have two different meanings, the original term back door referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add back doors or maintenance hooks. These back doors allow them to examine operations inside the code while the program is running. The second type of back door refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user to log in without a password or gain administrative privileges. A number of tools exist to create a back door attack such as, Back Orifice (Which has been updated to work with windows server 2003 as well as earlier versions), Subseven, NetBus, and NetDevil. There are many more. Fortunately, most antivirus software will recognize these attacks. 13.Spoofing Attacks - This is an attempt by someone or something to masquerade as someone else. This type of attack is usually considered as an access attack. The most popular spoofing attacks today are IP spoofing and DNS spoofing. The goal of IP spoofing is to make the data look like it came from a trusted host when it really didn't. With DNS spoofing, The DNS server is given information about a name server that it thinks is legitimate when it isn't. This can send users to a website other than the one they wanted to go to. 14.Man-in-the-Middle Attacks - This can be fairly sophisticated, this type of attack is also an access attack, but it can be used as the starting point of a modification attack. This involves placing a piece of software between a server and the user that neither the server administrators nor the user are aware of. This software intercepts data and then sends the information to the server as if nothing is wrong. The server responds back to the software, thinking it's communicating with the legitimate client. The attacking software continues sending information to the server and so forth. 15.Replay Attacks - These are becoming quite common, this occur when information is captured over a network. Replay attacks are used for access or modification attacks. In a distributed environment, logon and password information is sent over the network between the client and the authentication system. The attacker can capture this information and replay it later. This can also occur security certificates from systems such as Kerberos: The attacker resubmits the certificate, hoping to be validated by the authentication system, and circumvent any time sensitivity. 16.Password Guessing Attacks - This occur when an account is attacked repeatedly. This is accomplished by sending possible passwords to an account in a systematic manner. These attacks are initially carried out to gain passwords for an access or modification attack. There are two types of password guessing attacks: - Brute-force attack: Attempt to guess a password until a successful guess occurs. This occurs over a long period. To make passwords more difficult to guess, they should be longer than two or three characters (Six should be the bare minimum), be complex and have password lockout policies. 17. Dictionary attack: This uses a dictionary of common words to attempt to find the users password. Dictionary attacks can be automated, and several tools exist in the public domain to execute them. Well, there you have it, the only way basically to prevent these types of attacks is to get a good firewall, anti-virus software, and a good Intrusion Detection System (IDS). Tell your firewall to drop ICMP packets that will prevent ICMP flooding. The following counter measures are taken to overcome the above security threats. 1. Secure Electronic Transaction (SET): Secure Electronic Transaction (SET) is an open protocol which has the potential to emerge as a dominant force in the security of electronic transactions. Jointly developed by Visa and MasterCard, in conjunction with leading computer vendors such as IBM, Microsoft, Netscape RSA, and GTE. SET is an open standard protocol for protecting the privacy and ensuring the authenticity of electronic transactions. Functions of SET - Provide confidentiality of payment and ordering information. -Ensure the integrity of all transmitted data. - Provide authentication that a card holder is a legitimate user of a credit card account. -Provide authentication that a merchant can accept credit card transactions through its relationship with a financial institution. -Ensure the use of best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction. -Create a protocol that neither depends on transport security mechanisms nor prevents their use. - Facilitate and encourage interoperability among software & network providers. Participants in the SET system Scope of SET 1. Motivated by the large amount of unsecured credit-card based transactions on the Internet. 2. Network payments treated in a similar way to Mail Order/Telephone Order (MOTO) transactions. 3. SET applies only to the ‘front end’ of payment no need to change the ‘back end’. 4. SET only addresses Payment - other protocols for shopping, payment method selection etc. will be developed by others. Secure Socket Layer (SSL) -SSL is a protocol developed by Netscape for transmitting private documents via the Internet. -SSL uses cryptographic system that uses two keys to encrypt data a public key known to everyone and a private or secret key known only to the recipient of the message. -The SSL provides end-to-end secure data transmission between the web server and the web client. -It is sandwiched between the TCP/IP and the application layer. - Unlike TCP/IP that offers only reliable packet transfer, SSL ensures secure packet transfer. How SSL works? The SSL performs two functions-it authenticates the websites and ensures secure data transmission between the web server and the client. It achieves this either by using symmetric encryption or asymmetric encryption. In symmetric encryption, a key called the private key is used both for encrypting and decrypting the data. For symmetric encryption to work, the sender & receiver should share the private key. This is possible only when the sender & receiver know each other. In asymmetric encryption, two separate keys are used to encrypt & decrypt data. The public key is shared with the other person and the private key is known only to the person who decrypts the data. So, the private key will remain a secret while the public key will be known to both the parties. Cryptography Cryptography is the process through which the messages are altered so that their meaning is hidden from adversaries who might intercept them. Plain text is a message readable by anyone. Cipher text is plain text that has been modified to protect its secrecy. Encryption converts plain text to cipher text; Decryption converts cipher text to plain text. “Cryptography addresses the principles, means and methods used to disguise information in order to ensure its authenticity”. Cryptography is used to achieve:· Confidentiality: only authorized persons can access information. · Integrity: information that was sent is what was received. · Authentication: guarantee of originator of electronic transmission. · Non-repudiation: originator of information cannot deny content or transmission. Types of Cryptography:Ø Private Key Cryptography Ø Public Key Cryptography Private Key Cryptography In private-key cryptography, the sender and receiver agree beforehand on a secret private key. The plain text is somewhat combined with the key to create the cipher text. The method of combination is such that, it is hoped, an adversary could not determine the meaning of the message without decrypting the message, for which he needs the key. Private-key methods are efficient and difficult to break. However, one major drawback is that the key must be exchanged between the sender and recipient beforehand, raising the issue of how to protect the secrecy of the key. Public Key Cryptography In public-key cryptography, two separate keys are used to encrypt & decrypt data. The public key is shared with the other person and the private key is known only to the person who decrypts the data. So, the private key will remain a secret while the public key will be known to both the parties. Public-key cryptography depends upon the notion of one-way functions: a one way function is a function that is easy to apply, but extremely difficult to invert. Digital Signature A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. “Digital signature is a computer data compilation of any symbol or series of symbols, executed, adopted or authorized by an individual to be legally binded equivalent to the individual’s handwritten signature” A digital signature authenticates electronic documents in a similar manner a handwritten signature authenticates printed documents. A digital signature is issued by a Certification Authority (CA) and is signed with the CA’s private key. The recipient of a digitally signed message can verify that the message originated from the person whose signature is attached to the document and that the message has not been altered either intentionally or accidentally since it was signed. Also the signer of a document cannot later disown it by claiming that the signature was forged. When a message with a digital signature is transmitted & received, the following parties are involved:Ø The signer who signs the document. Ø The verifier who receives the signed document & verifies the signature. Ø The arbitrator who arbitrates any disputes between the signer & the verifier if there is a disagreement on the validity of the digital signature. A digital signature typically contains the Owner’s public key, the Owner’s name, Expiration date of the public key, the name of the issuer (the CA that issued the Digital ID), Serial no. of the digital signature and the digital signature of the issuer. Digital signatures are based on a combination of public key encryption and one way hash function that converts a message of any length into a fixed length message digest known as hash function. The value of hash function is unique for the hashed data. Any change in the data, even deleting or altering a single character, results in a different value. The content of the hash data cannot be deduced from hash which is why it is called ‘one way’. The encrypted hash, along with other information, such as hashing algorithm is known as digital signature Virtual Private Network Ø A Virtual private network (VPN) extends a private network across a public network, such as the internet. Ø It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network. Ø This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption or a combination of the two. Ø VPN allows employees to securely access their company’s intranet while travelling outside the office. Ø Similarly, VPNs securely and cost effectively connect geographically disparate offices of an organization, creating one cohesive virtual network. Ø VPN technology is also used by ordinary Internet users to connect to proxy servers for the purpose of protecting one’s identity. VPN Security v To prevent disclosure of private information, VPNs typically allow only authenticated remote access and make use of encryption techniques. VPN provides security by the use of tunneling products and through security procedures such as encryption. v The VPN security provides: · Confidentiality · Authentication · Integrity VPNs ensure privacy by providing a private tunnel through the internet for remote access to the network. For full VPN security, your VPN must be enhanced with a reliable user authentication mechanism, protecting end points of the VPN. Username and password authentication is not enough-this method is weak and highly susceptible to hacking, cracking, key loggers and other attacks. It only takes one compromised password for your organization to lose control over gains network access. Strong user authentication with a VPN provides true secure remote access for today’s mobile workforce. Extranet · Extranet is an extended intranet that connects multiple intranets through a secured tunneling internet. · Extranets act as a link to select individuals outside the company by allowing them access to the information stored inside the intranet. · Internet protocols are typically utilized by extranets so as to provide browser navigation even though the network is situated on a private server. A username and password system can be configured to sectors of the content so as to prevent users from accessing information they have no authorization for. Firewall Firewall is software or hardware based network security system that controls the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on a rule set. A firewall establishes a human barrier between a trusted, secure internal network & another network that is not assumed to be secure and trusted. Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and conversely many firewalls can perform basic routing functions. Difference between Computer Virus and Computer Worm