PUNYASHLOK AHILYADAVI HOLKAR ,

SOLAPUR UNIVERSITY
 GROUP NO :

Name Of Group Members :

 Pragati Chavan :- Introduction to Cyber Security

 Rahul Birajdar :- Types of Threats to E-Commerce
 Rahul Raut :- Data and Message Security
 Avinash Ghatanure :- Cyber Security Tools

Guided By Dr. Jayashri Mundewadikar Ma’am

 E-commerce Security

 E-commerce Security basically deals with a set of protocols specially

designed for E-commerce platforms to process electronic transactions
with security.

 E-commerce Security helps to buy and sell goods over the Internet with
full protection and security.

 The absence of E-commerce Security phishing attacks, stealing of money,

and frauds related to credit cards.

 Electronic payment system which is an essential part of E-commerce

Security helps to operate in a user-friendly manner and avoids difficult
documentation procedures and also saves some cost of transactions.
DIFFERENT TYPES OF
THREAT TO E-
COMMERCE
Types of threats to E-commerce:
 Types of threats to E-commerce:

Tax Evasion:
Organizations show the legal paper records of revenue to the IRS.
But in the case of E-commerce shopping, online transactions take place due to
which funds get transferred electronically due to which IRS is not able to count the
transactions properly and there are high chances of tax evasions by these
organizations.

Payment conflict:
arise between users and the E-commerce platforms. These
electronic funds transferring systems might process extra transactions from the
users which will lead to a payment conflict by the users due to some glitches or
errors.

Financial fraud: Money transaction

Phishing:

where the attackers send emails and messages to a large number of users
which contain a special link in it. When the users open that link in their
browser, the malware starts downloading in the background and the
attacker gets full control over the financial information about the users. They
make fake websites to make the users believe their website and fill out their
financial credentials.

SQL injections:

SQL injections are used by attackers to manipulate the database of large

organizations. Attackers enter malicious code full of malware into the
database and then they search for targeted queries in the database and
then they collect all the sensitive information in the database.
Cross-site scripting (XSS): Hackers target the website of E-commerce
companies by entering malicious code into their codebase. It is a very harmful
attack as the control of the entire website goes into the hands of the attackers.
It can enable the attackers to track the users by using their browsing activity
and their cookies.

Trojans: Attackers make software that may appear to be useful before

downloading, but after downloading the software it installs all the malicious
programs on the computer. It collects data like personal details, address,
email, financial credentials and it may cause data leaks.

Brute force attacks: Hackers draw patterns and use random methods to
crack into someone else’s account as an unauthorized user. It requires the use
of multiple algorithms and permutations and combinations to crack the
password of an account by the attacker.
DDoS attacks (Distributed Denial of Service (DDoS) attack ):

Skimming:

Skimming is a popular method to spread out the malware on the website’s

main pages which are used by a large number of people. It steals and leaks
all information entered by the users on that webpage and all this information
goes to the attacker through skimming.

Middlemen attack:

In this type of attack, the attacker can clearly get all the information in the
conversation taking place between the consumer and the E-commerce
platform itself. The attacker sees the conversation between both of them and
uses this as an opportunity to make the user face some vulnerability.
Bots:
hackers to track the competitor in the E-commerce industry rankings
and his user’s buying policies in order to scrap the sales and revenue
of the competitor.
E-wallets:
Attack on E-wallets can lead to the leak of the sensitive banking
credentials of the users which can be used by the attackers for their
own profit. Regulators tend to monitor all the activities related to the
financial security of the money of the users.
Prevent threats:

 Anti-malware
 HTTPS
 Payment Getway
Cyber Security Tools
Cybersecurity tools for e-commerce include:

 Firewalls: A basic cyberdefense that all businesses need,

especially e-commerce

 Encryption software: Scrambles data as it's passed across

the internet

 Secure Sockets Layer (SSL) certificates: Verify a

website's identity and protect credit card details

 Secure Electronic Transaction (SET): A standard for

public-key encryption
 Antivirus Software

 scans your system for malicious software

and blocks any threats. Once it detects a
threat, it will alert you and take the
necessary steps to remove it.

 It’s essential to have an antivirus installed

on all computers used in the business and
on any mobile devices that access the
network. This is because malicious
software can spread quickly, and you don’t
want to risk your customers’ data.
 Encryption Software
 protects sensitive (credit card numbers and passwords)
 understood by anyone who does not have the encryption key. This ensures that
even if someone were to gain access to your system, they would not be able to
read the data.
 useful for protecting data in transit, such as when it is sent over the Internet.
This ensures that the data remains secure even when it is being transmitted
from one computer to another.
 the latest security standards and provides strong encryption
algorithms(regularly updated with new features and security patches).
Biometrics

 uses a person’s physical

characteristics to verify their
identity and authenticity.
(include your eyes, voice, or
behavioral characteristics. )
 more popular in e-commerce.
 use this system to verify the
identity of customers and
employees and protect sensitive
data. Common biometric
authentication systems include
fingerprint scanners, iris
scanners, and facial recognition
Access Management

 handling sensitive data - controls who

has access to it.
 Access management works by
assigning roles and privileges to each
user. This allows you to control who
can view, modify, or delete data. It
also helps to ensure that only
authorized personnel have access to
sensitive information.
 consider implementing an access
management system for your e-
commerce business. This will help
you protect your data and ensure that
 Digital Certificates

 used to verify the identity of a website

 customers check the digital certificate
 Digital certificates utilize Public Key
Infrastructure (PKI),
 information about the owner, such as
their name, address, and public key. This
information is used to verify the owner’s
identity for secure communication.
Digital Signatures

 important security tool for e-commerce

businesses

 used to verify the authenticity of digital

documents, such as contracts and
invoices

 use encryption technology to ensure

that the document has not been
tampered

 use encryption technology to generate

a unique code attached to the
document or transaction

 recipient can then verify this code,

ensuring that the document or
transaction is genuine
Secure Payment Processors

 payment processor is secure. customer

payments and transferring funds to the
merchant(must be secure and reliable).

 use strong encryption algorithms and

have a good reputation in the industry.

 latest security standards, such as PCI

DSS (Payment Card Industry Data
Security Standard). Example :
cryptocurrency(Bitcoin)