Abstract

E-commerce security is part of the Web security problems that arise in all business information systems that operate over the Internet. However, in e-commerce security, the dimensions of web security – secrecy, integrity, and availability-are focused on protecting the consumer’s and e-store site’s assets from unauthorized access, use, alteration, or destruction. The paper presents an overview of the recent security issues in e-commerce applications and the usual points the attacker can target, such as the client (data, session, identity); the client computer; the network connection between the client and the webserver; the web server; third party software vendors. Discussed are effective approaches and tools used to address different e-commerce security threats. Special attention is paid to Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), phishing attacks, SQL injection, Man-in-the-middle, bots, denial-of-service, encryption, firewalls, SSL digital signatures, security certificates, PCI compliance. The research outlines and suggests many security solutions and best practices.

Highlights

  • Nowadays, a significant amount of internet traffic is used for surfing e-commerce websites

  • The coronavirus pandemic situation has led to unprecedented growth of e-commerce during the lockdown of 2020

  • E-commerce is vulnerable to a wide range of security threats and, with the advance of AI and machine learning, new threats emerge every day

Read more

Summary

Introduction

A significant amount of internet traffic is used for surfing e-commerce websites. The attacker accesses the user’s session and can do everything the authorized user can do on the e-commerce website. The browser will run that script, and it will send all cookie data to the attacker. Stored XSS is another type of XSS in which the attacker injects a script directly on websites (Rodriguez, 2019).

Results
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
WEB PROGRAMMING
Chitra Ravi ... Mohan Kumar S
-
Chitra Ravi, et. al.Chitra Ravi ... Mohan Kumar S
30 Apr 2023
Penetration Testing Untuk Deteksi Vulnerability Sistem Informasi Kampus
Sahren Sahren ... Ruri Ashari Dalimuthe
Prosiding Seminar Nasional Riset Information Science (SENARIS) | VOL. 1
Sahren Sahren, et. al.Sahren Sahren ... Ruri Ashari Dalimuthe
30 Sep 2019
Web Server Hacking
-
-
--
01 Jan 2019
Membangun Keamanan Dari Serangan Cross-Site Request Forgery (CSRF)
...
-
, et. al. ...
01 Aug 2018
View more papers

More From: Proceedings of CBU in Natural Sciences and ICT

Paper Title
Journal
Date
Author
IN VITRO STUDY OF ANTIMICROBIAL ACTIVITY OF COMMERCIAL ESSENTIAL OILS OF THE LAMIACEAE FAMILY AGAINST STAPHYLOCOCCUS AUREUS ATCC 29213, ESCHERICHIA COLI ATCC 25922 AND CANDIDA ALBICANS ATCC 10231
Yordanka Mihaylova ... Kalina Georgieva
Proceedings of CBU in Natural Sciences and ICT | VOL. 3
Yordanka Mihaylova, et. al.Yordanka Mihaylova ... Kalina Georgieva
01 Dec 2022
AN INNOVATIVE TECHNOLOGY FOR PRODUCTION OF AXIAL INDUCTION MOTOR
Konstantin Kamberov ... Georgi Todorov
Proceedings of CBU in Natural Sciences and ICT | VOL. 3
Konstantin Kamberov, et. al.Konstantin Kamberov ... Georgi Todorov
01 Dec 2022
Front Matter: Volume 3
Petr Hájek ... Ondřej Vít
Proceedings of CBU in Natural Sciences and ICT | VOL. 3
Petr Hájek, et. al.Petr Hájek ... Ondřej Vít
01 Dec 2022
Front Matter: Volume 2
Petr Hájek ... Ondřej Vít
Proceedings of CBU in Natural Sciences and ICT | VOL. 2
Petr Hájek, et. al.Petr Hájek ... Ondřej Vít
16 Nov 2021
View more papers