E-commerce security and fraud protection Term Paper

E-commerce security and fraud protection - Term Paper simulationE-commerce refers to the buying and selling of goods and services by via electronic platforms such as the Internet and other computer-based networks (Schneider, 2011). It has big(p) to be a necessary tool for efficiency in business. However, this platform has been faced with a non-finite of challenges with Moftah, Abdullah and Hawedi (2012) indicating that the problems relate to consumers protection in their transactions which call for trust and privacy across the different geographic locations. Mohapatra (2013) argues that e-commerce transactions claim been constrained by security, with consumers wary of the privacy of their personal information and the use of assent cards to make online purchases. The enlarged use of mobile devices has even further complicated security supply in e-commerce. Thus, a secured system would be needed to enhance e-commerce growth.E-commerce is online, thus annoyionible to the genera l public. The increase in cyber crime has also seen an increase in security threats in e-commerce. According to Mohapatra (2013), amounts reported globally, mostly from frauds and hacking in e-commerce, stand at over $ 388 billion per year. As such, e-commerce has suffered the resultant liabilities, loss of trust and redundant cost for clean-up. This calls for an effective security systems that would protect consumers and merchants from such losses. According to Schneider (2011), such a system would be pegged on a complex interaction of several database management systems, applications development platforms, network infrastructure and systems software. This encompasses saving of integrity, confidentiality and availability of computer and data resources, referred to as the security triad. Further to this, there would be need for non-repudiation, access control and privacy. Access Control Approaches The first way in which e-commerce has been secured and protected against fraud is t hrough access control. Physically, access control would involve the restriction of an unauthorized person into a building, property or room. In a similar manner, e-commerce has applied several technologies that control access to Internet resources, including authorization, enfranchisement and audit (Farshchi, Gharib and Ziyaee, 2011). The puzzle in this case entails the subjects, these being entities that could perform an action on the system, and objects, these being entities to which access needs to be controlled. Both of these should be taken as software entities as opposed to forgiving substance abusers since a human user would only have an impact on the system through software entities on which they have control. First, user IDs, passwords, biometrics and tokens have been used to authenticate an individual. As observed by Mohapatra (2013), authentication involves what the user knows such as a password, what a user possesses such as a token or what the user is, such as biomet ric characteristic. The user ID/password approach verifies a user against a stripe of ID and password. This has however been noted to be the least secure technique in e-commerce because of the threat of guessing, eavesdropping, external disclosure, horde compromise and replay attacks (Schneider, 2011). Thus, user IDs and passwords could be combined with physical tokens, creating a multiple factor authentication so as to