Identity theft is a fraudulent practice of using somebody else’s name and personal information in order to obtain credit. Hypertext Transfer protocol is the data transfer protocol used on the World Wide Web which can help prevent identity theft. Identity theft can happen with all websites without knowing. People can use malicious software to gain information on online shopping payment pages even if the website have good protocols in place to stop it from happening.
There are many methods that can protect websites. One way is to use Firewalls. A firewall is a network security system that acts as a barrier to protect the system from unauthorised access. Its purpose is to prevent hacking from occurring. Internet data is transferred between the internet and to the computer through different ports. A firewall manages these ports and controls which programs have access to them. Another way to protect websites is Secure Socket Layers (SSL). Secure Sockets Layer is a computing protocol that ensures the security of data sent via the internet by using encryption. This is done by public key encryption and certificate-based authentication. Key encryption is a random string of numbers created for scrambling and unscrambling data. Encryption keys are designed with algorithms intended to ensure that every key is unpredictable and unique. The longer the key, the harder it is to crack the encryption code. They are used to make sure that hackers cannot understand the data if they are trying to steal personal information. Certificate-based authentication is a certificate which is to a for . It is an that contains on the it belongs to, the entity it was issued by, unique serial number or some other unique identification, and, a .
Data Protection Act 1998
This act is to protect sensitive data in databases that are kept by companies. It is maintained by the information commissioner and all businesses that hold customer information must register and state what information they plan to keep. The person whose information it is has several rights. The Act regulates the use of “personal data”. To understand what personal data means, we need to first look at how the Act defines the word “data”.
Data Protection Acts follows:
- Personal data shall be processed fairly and lawfully.
- Personal data shall be obtained only for one or more specified purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive.
- Personal data shall be accurate and where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary.
- Personal data shall be processed in accordance with the rights of data subjects under the Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
8. Personal data shall not be transferred to a country outside the European Economic Area unless that country ensures an adequate level of protection.
Amazon must abide by the Data Protection Act when dealing with their customer’s information. They explain a lot of their policies regarding data protection on their website. They follow the act by allowing information to be updated or removed, allowing customers to provide some but not all information, data will be processed according to different data acts and to not give information to third parties without purpose.