Payment System and Issues in E-Commerce

...

1. ter kah leug comes with conclusion, “ No doubt in a fast evolving electronic environment, no legislation can ever keep pace with technology” nevertheless, we are able to categorize information system, known bugs and inefficient legislation, then with all in all consideration of antecedent vulnerabilities , we will find suitable updates to enact and this can be done by cyberspace law specialist.

2. Giampaolo bella and et al, have depicted a great balance between trust and which is one of the most efficient paradigm with regard to customer’s privacy and anonymity. They also have analyzed the self enforcing privacy protocol that lead to make the protocol weakness out to upgrade it as SEP+ for new design and innovation privacy in e-commerce

33. Eliza mik has considered mistaken identity as a different scale in e-commerce transaction infect to address identity .fraud through remote channels in sensible circumstances we are able to put forward some technologies such as figure prints, eye print, facial detection. Therefore this methods help to preclude mistaken identity in e-commerce remote authentication

CYBER PLAN ACTION ITEMS :

- Train employees to recognize social engineering

Social engineering, also known as "pretexting," is used by many criminals, both online and off, to trick unsuspecting people into giving away their personal information and/or installing malicious software onto their computers, devices or networks. Social engineering is successful because the bad guys are doing their best to make their work look and sound legitimate, sometimes even helpful, which makes it easier to deceive users. Most offline social engineering occurs over the telephone, but it frequently occurs online, as well. Information gathered from social networks or posted on websites can be enough to create a convincing ruse to trick your employees. For example, LinkedIn profiles, Facebook posts and Twitter messages can allow a criminal to assemble detailed dossiers on employees. Teaching people the risks involved in sharing personal or business details on the Internet can help you partner with your staff to prevent both personal and organizational losses. Many criminals use social engineering tactics to get individuals to voluntarily install malicious computer software such as fake antivirus, thinking they are doing something that will help make them more secure. Fake antivirus is designed to steal information by mimicking legitimate security software. Users who are tricked into loading malicious programs on their computers may be providing remote control capabilities to an attacker, unwittingly installing software that can steal financial information or simply try to sell them fake security software. The malware can also make system modifications which make it difficult to terminate the program. The presence of pop-ups displaying unusual security warnings and asking for credit card or personal information is the most obvious method of identifying a fake antivirus infection.

- Protect against online fraud

Online fraud takes on many guises that can impact everyone, including small businesses and their employees. It is helpful to maintain consistent and predictable online messaging when communicating with your customers to prevent others from impersonating your company. Be sure to never request personal information or account details through email, social networking or other online messages. Let your customers know you will never request this kind of information through such channels and instruct them to contact you directly should they have any concerns.

- Protect against phishing

Phishing is the technique used by online criminals to trick people into thinking they are dealing with a trusted website or other entity. Small businesses face this threat from two directions -- phishers may be impersonating them to take advantage of unsuspecting customers, and phishers may be trying to steal their employees’ online credentials. Attackers often take advantage of current events and certain types of the year, such as:

• Natural disasters (Hurricane Katrina, Indonesian tsunami)

• Epidemics and health scares (H1N1)

• Economic concerns

• Major political elections

• Holidays

Businesses should ensure that their online communications never ask their customers to submit sensitive information via email, personal visits, or phone. Make a clear statement in your communications reinforcing that you will never ask for personal information via email so that if someone targets your customers, they may realize the request is a scam. Employee awareness is your best defense against your users being tricked into handing over their usernames and passwords to cyber criminals. Explain to everyone that they should never respond to incoming messages requesting private information. If a stranger claims to be from a legitimate organization, verify his or her identity with his or her stated company before sharing any personal or classified information. Also, to avoid being led to a fake site, employees should know to never click on a link sent by email from an untrustworthy source. Employees needing to access a website link sent from a questionable source should open an Internet browser window and manually type in the site’s web address to make sure the emailed link is not maliciously redirecting to a dangerous site. This advice is especially critical for protecting online banking accounts belonging to your organization. Criminals are targeting small business banking accounts more than any other sector. If you believe you have revealed sensitive information about your organization, make sure to: • Report it to appropriate people within your organization • Contact your financial institution and close any accounts that may have been compromised (if you believe financial data is at risk) • Change any passwords you may have revealed, and if you used the same password for multiple resources, make sure to change it for each account

4. Don’t fall for fake antivirus offers

Fake antivirus, "scareware" and other rogue online security scams have been behind some of the most successful online frauds in recent times. Make sure your organization has a policy in place explaining what the procedure is if an employee's computer becomes infected by a virus. Train your employees to recognize a legitimate warning message