Discuss security issues in e-commerce.
Firewall can block Trojans. These can latch onto your computer files, then when you send a file they go with the file and makes more damage where it is received. They are very dangerous as they transmit what they undercover about you on a web server. A firewall blocks them from the outset, before they have a chance to infect your computer.
They are used mainly to prevent hacking. Without firewall security, a hacker could get a hold of your computer and make it a part of what’s called a botnet, which is a large group of computers used to conduct illicit activity, such as spreading viruses. A firewall prevents such peeping-tom intrusions.
Having firewall security will reduce the risk of key loggers monitoring you. A key logger is spyware software that cybercriminals try to put on your computer so they can target your keystrokes. After they can identify what you're typing in and where, they can use that information to do the same thing. This knowledge can help them log in to your private online accounts.
Firewalls are central points of attack. Firewalls are designed to prevent unauthorized network intrusions; however, if an intruder or malware slips through the system, your computer becomes vulnerable to additional system attacks. Once installed, malware can actually disable the firewall and processes used to run it, which is especially easy if you have no anti-virus software.
A firewall, especially the Windows Firewall, is designed to block activities that look suspicious. Unfortunately, a block can also extend to legitimate network-intensive processes. In some cases, even running a legitimate program such as a messaging program or social networking plug-in won't work if your firewall concludes it's a malicious process.
Firewalls, especially the Windows Firewall, don't include malware and virus removal capabilities. Although there are some premium security tools that include virus removal and a firewall to block network intrusions, the Windows Firewall doesn't remove or prevent malware. If malware such as Trojans and spyware bypass your firewall, you must run virus scans and malware removal programs to remove dangerous files.
This is a preview of the whole essay
Secure Socket Layer encrypts information so that it can only be read and understood by the intended people. Information submitted on internet forms pass through more than one computer before reaching where it needs to go and the more stops it has to make, the higher risk that a third party can obtain access. SSL inserts random characters into the original information so that nobody can read it without the correct encryption key.
It also provides authentication. You want to be certain that the information on the website, goes to the correct server without being intercepted. Customers can view these documents to validate that the SSL certificate of your site is up to date and that the page they’re about to enter information on is really yours and not an imitation.
It guards against phishing. emails contain links that lead customers to believe it’s from a trusted website. These emails are malicious and are used to gain personal information. These websites tend to not get SSL Certificates and if a customer cannot see any security, they are likely to navigate away from the site.
Overall it improves customer trust. All of the elements work to create trust between the customer and the business. Providing your customers with security for all of their information and giving them ways to verify that security improves confidence and helps to ensure a positive buying experience.
When a transaction is made on a site that has SSL, the process means it has to encrypt and decrypt the data. This can all make the connection slower.
Getting SSL for a business can be expensive because the service providers need to pay for things such as maintenance. Therefore it may not be suitable for very small businesses.
You also have to renew the SSL certificate occasionally. If it expires then a pop up will be shown to customers saying the site is no longer secure which means they are unlikely to continue.
Having a strong password is very beneficial and is sure to protect from any malicious activity. If you have a strong password nobody can access your account and gain all your personal information.
It also means no malicious software can break the password either, if it contains a mixture of letters, numbers, symbols, capital and lower case letters nothing will be able to break it and steal all your personal information.
The main and only disadvantage of having a strong password is forgetting it. If it has lots of symbols and letters it’s hard to actually remember it which means you could be locked out of accounts. It’s also unsuitable at most times to write the password down somewhere to remind you which means that it is easily forgotten.
Captcha is a way to differentiate between an automated computer program and a human. It is a box with distorted text that must be translated in order to enter email services, online polls, and to complete online purchases.
It is good because it can distinguish between a human and a machine which means that a machine that is likely there to cause damage cannot enter the site reducing the reducing the risk.
It reduces spam and viruses as it doesn’t allow those machines to enter the site and make unreal purchases to your site or cause any damage.
It makes online shopping safer because it gives a barrier to filter out real customers and fake ones meaning that the only people on the website are people who want to make legitimate purchases.
Sometimes they can be hard to read and a customer may get them wrong multiple times and then will be not be able to progress any further.
They are also not compatible for all users. Users with disabilities may find it difficult to be able to complete them meaning they also cannot progress further.
It is time consuming and a customer may not want to waste their time doing it and will not purchase anything.
Lastly, there tends to be a lot of technical difficulties with some internet browsers which doesn’t make them fully effective.
The benefit of HTTPS is that any sensitive information that needs to be transferred for the user to another location can be done securely. And seeming this link is encrypted anyone who does try to intercept the message they have to get the code to decrypt it.
Hypertext Transfer Protocol secure primarily helps to identify the information being transmitted. Using HTTPS in web-based applications can differentiate between an audio file and a photograph. The user thus enjoys ease of use when using HTTPS.
Another advantage of HTTP is that it is connectionless. In other words, constant connection is not required when using HTTP on web-based applications. This is what gives you the opportunity to browse online at greater speed, which would not have been possible if connections were made open throughout.
HTTPS based websites are secure sites since data is encrypted to uphold security for the parties concerned. This is the main difference between HTTP and HTTPS. While HTTPS is secure, HTTP is always vulnerable to eavesdropping attacks where hackers access sensitive information and website accounts.
If HTTPS is being used for a web request it is normally seemingly slower than http, also some older versions of browsers or SSL will refuse to work with HTTPS.
Pages accessed by HTTPS can never be cached in a shared cache. Since the conversation between browser and server is encrypted, intermediate caches are unable to see the content to cache it. Worse, some browsers will not even cache HTTPS documents in their local per-user caches.
The encryption/decryption represents a computation overhead for both server and browser. Most modern client systems will probably not notice this, but on a busy server handling multiple simultaneous HTTPS connections this could be a problem.
Some firewall or proxy systems may not allow access to HTTPS sites. Sometimes this is simply because the administrators have forgotten to allow for HTTPS. However sometimes it is a conscious security decision: since HTTPS connections are end-to-end encrypted, they can be used to carry any traffic at all. Allowing them through a firewall, which then has no way to look inside the data stream, could allow any sort of data transfer.
Digital certificate is an encryption technology. It does this by using public key and private key information. The digital certificate the identity of the sender to ensure safer communication and prevent fraud on the Internet.
By encrypting communications such as emails, logins or online banking transactions it means that it protects private data and prevent the information from being seen by unwanted people.
They are also user friendly, they work automatically and require minimal involvement.
It is not 100% effective. In 2011, Dutch digital certificate authority called was compromised by hackers.
Since time certificate authorities are in charge of issuing the certificates, hackers target them in order to manipulate information. As a result hackers can create websites of send emails that look real and pass certification tests but are really fraudulent.