Online Security Breaches In E-Commerce Marketing And Strategies To Resolve It

Executive Summary

Discuss the issues of online security breaches that take place while e-commerce marketing and the strategies to resolve it?

This assignment throws a light in the online security breaches that take place while e-commerce marketing and the strategies to resolve it. There are many issues which are faced by the business entities as well as the customers during online transactions and so data protection in very much necessary (Dong, Li and Guo, 2011).   A customer relies on the online business portals and provide many informations which should not been done without knowledge. They should always get a firsthand knowledge about the sites and the authenticity of the same.  There are many threats which affect a business and hamper its image thus ruining it among the consumers. Thus a business entity should know the strategies well enough to protect their network systems as well as protect the customer information (FASLI, 2007).

Before getting into the detailed study of E-commerce and the security system in the online business, we will first see the meaning of e-commerce means (Javaid, n.d.). It refers to the trading of goods and services via internet (Javaid, n.d.). Major retail stores and many other brands do not have big presence in the market. This also applies to the B2B transactions which means between two distributors, suppliers or manufacturers. Usually the presence of web has kept separate from the presence of bricks and mortar, so the transactions are restricted to buying online and supply goods and services (Kannan, Rees and Sridhar, 2007). Online presence is very vital for searching a product which a customer may purchase later in stores. The system of e-commerce is also pertinent to the services industry. But the main issue with e-commerce marketing is security (Kshetri, 2013). Weakest link in the sequence describes the system’s security. The assignment throws a light on the probable security attacks in the e-commerce marketing and the preventive methods to resolve it including the features that one may implement.  There are three main components of security such as confidentiality, availability and integrity. Confidentiality is the main factor in the online business which allows only the parties authorized to read the information (Kwangmyung Woo and HYUN SOOK CHO, 2011).

In this technology oriented world, input and output both are very critical and so the management of information security is of prominent priority. On the contrary, internet which has now become the hub of carrying out e-business is by nature an open and non-secure forum. In view of the fact that internet was not meant for commercial reasons, it is by way not designed to tackle transactions. There are innumerable ways that can attack an e-business setup. The common attacks include cracking, hacking, spoofing, eavesdropping, masquerading, Trojan horses, viruses, bombs, etc (Mayayise and Olusegun Osunmakinde, 2014). Thus a business entity and as well as the customers should identify positively and confirm the parties identity with whom they are dealing with. Internet is the medium which is affordable and an effective zone to conduct business, to promote and sell the goods and services. But with this it also provides fraudulent opportunities and unauthorized access to the client data as well as the business. Both privacy and security are the major issues that both e-commerce consumers and shopping sites want (Röhrig and Knorr, 2004). Consumers will not visit or purchase from the sites if these two factors are not present. Similarly the shopping sites will not effectively function without these. The common problem of the recent e-business security execution is that the components of the infrastructure of e-business are likely looked at separately and individually for the security reasons (Palmer, 2010). Currently, the common one is “security policy” which is executed by most of the e-business entity.

Findings and Analysis

Threats to the e-business which is explained in the following:

• Lost device: Customers data should be protected when transmitting anywhere in a movable device by encryption of data that is in it. This encodes the data making it unreadable for the outsiders until any encryption key or a password (Study on LBS Driven Mobile E-commerce: Key Issues and Technological Architecture, 2012).
• Malicious code: Businesses lose millions of data due to software bombs which destroys codes and programs. Eventually due to these problems companies are compelled to lay off workers. So anti-virus programs, firewalls, anti-spyware on every computer in business. It should also be ensured that the software is up to date.
• Unsecured wireless internet network: It has been seen that hackers hack several retail chains to manipulate the financial information of the customers. They do this by cracking the wireless network which is secured to the lowest encryption which is available with the company (Warkentin and Vaughn, 2006). A security breach like this costs the company so much that their market share comes down. The businesses should set up a wireless network in which the password is changed and the wireless network is encrypted with WPA.
• Carrying out DoS: These attacks discontinue the access to the authorized users of the company website which in return forces the site to give a decreased level of service and may also stop the operation totally. The access should only be limited to the users who are authorized to the website.
• Access to data: Sometimes data like, catalogues, price lists and intellectual property is accessed by the hackers and they copy it or destroy it.
• Website alteration: The hackers many a time direct the customers of a particular website to another shopping website to ruin the image. The customers are unaware that they are being routed to a different website when they try to open the website they want to log in.

This ruins the image and has a significant impact on the business. There are financial losses due to litigation or fraud, consequent losses due to undesirable publicity, criminal charges are also faced by the business if it is found that breach of data has been made and finally market share is lost with reduced level of customer base because the confidence of the customers is changed by the attack of DoS.

Strategies to solve the problem:

• Protecting business, protecting customers: The confidence of the customers are affected with these kinds of frauds and attacks in online transactions so to maintain and regain the customer’s trust the business must exceed their plans for security and privacy. They can be ahead of threat with the help of ISS (Internet Security System) a business can avoid negative effects on their brand too thus protecting the customers along with its business.
• Data Security: The company must ensure that the security of the customers data because it is critically important. Undesirable publicity results in revenue lost thereby lost in the trust of the customers. There should be development in information, security, and employee training so that they are trained to protect the interests of the customers as well as the business (Kwangmyung Woo and HYUN SOOK CHO, 2011).
• PCI Standard: Payment Card Industry standard is required by the organizations so that they follow particular rules to protect the consumer data. There may be severe consequences if these guidelines are not followed exactly.
• Cost-effective Security: The companies should avail cost-effective security to give priority to risks and analyzing which in turn reduces the operational cost by optimally utilizing security investments and IT (Röhrig and Knorr, 2004).

Along with the retail chain in e-commerce the consumers are the first to get attacked by the online security threats because they are required to provide great amount of information to the shopping websites, thus putting themselves in greater risks. The business organizations should understand the consumer’s privacy so that it can develop in the e-commerce business. The online transactions are easy, convenient and fast so it is important to ensure the privacy of the parties involved in the transactions.

Below mentioned are some of the guiding principle on the security threats that a consumer should keep in mind:

• Research of the website: A consumer should be well aware of the website from which they are shopping or transacting. They should be aware and familiar with the company and its brands so that don’t get tricked by just seeing the website which sometimes portrays a rosy picture.
• Privacy rules and security policy: The consumers should always read the company rules on privacy along with the security policies given on the company’s website. A company may sell its customer data to other company in case of bankruptcy, in this case the customer has to be aware of the information they are providing in the website. It depends on the customers to decide which information is sensible and which is not.
• Aware on behavioral marketing and cookies: It often happens that the online business merchants keep a track on the customers shopping priorities through cookies as their way of tracking the customers to see that which sites they visit the more. Online traders use these cookies to determine the customers and speed up their shopping process. The customers are unaware that what data is being compiled about them and advertise goods and services and channelize it to sale of the same to the them which is known as “behavioral marketing” (Kshetri, 2013).
• Payment procedure: Many consumers have no idea that the credit card is the safest way to shop. If anything goes wrong than it is protected under some transaction act. The consumers have the right to dispute the charge and the payments can be withheld while the investigation is proceeding. The online sites make the customers weak and prone to bank frauds.
• Social Security Number: The consumers should not give the social security numbers to the online sites because firstly there is no use of the number online and secondly the business merchants does not need while the customers transact. Providing the SSN may result to theft in the customer’s identity.
• Phishing messages: The customers should not fall into the prey of phishing messages which comes in their mails. The hackers send bulk mail to multiple people telling them to update their profile and information about their bank accounts, passwords, payment services, etc. Legitimate businesses don’t ask this kind of information so the consumers should make themselves aware of this (Mayayise and Olusegun Osunmakinde, 2014).

eBay is recently been the victim of the cyber attack which has led to many inactive accounts which was the affected by this breach. The company has told its users to update their passwords so that they can make it safe. This happened around the month of February where it was seen that the hackers have used the internal corporate account of the company so as to spy on the mail addresses, usernames, phone numbers, physical addresses and active passwords but all these were in an encrypted form and so it was able to compromise. It was investigated that the core issue was the users use the same passwords in many other portals which makes the passwords inactive. The bug has revealed much sensitive information of the accounts such as credit card number which was undetected. The company suggested good password management so that these kinds of losses are not repeated.

More recently it was seen that computer hackers have targeted the systems which was made by General Electric for the energy and water companies. The disclosure of information has inherited risks of the public utilities to Internet so as to ensure it is moiré efficient. The hackers want to target control systems of the industry because they can steal more money from the data stolen. This security breach has hit the software system of GE which gives a user interface and controls the systems of the industry in the power and manufacturing plants. This lapse in security which protected the Software of GE has prevented some of its customers from using the products of the company and manages their transactions.

Conclusion

Online shopping sites are being accessed on a daily basis by multiple people. As technology has advanced people have become lethargic to go to the shop and purchase. E-commerce marketing has come as a boon to the masses but with it came the security issues and threats to the customers. Anybody can fall prey of these security issues. A consumer must be aware of the sites and the extent of information they are providing on this sites. Same goes for the business entity, they should protect the information of the customer and keep it private because the consumers rely on these sites while shopping and put their utmost faith on these online traders. The above mentioned threats are to be looked into and the given solutions should be kept in mind (Warkentin and Vaughn, 2006).

References

Dong, Y., Li, W. and Guo, X. (2011). A Study on the Security Issues and Solution of Electronic Commerce. AMR, 219-220, pp.1301-1304.

FASLI, M. (2007). On agent technology for e-commerce: trust, security and legal issues. Knowl. Eng. Rev., 22(01), p.3.

Javaid, M. (n.d.). Cyber Security: Issues and Solutions. SSRN Journal.

Kannan, K., Rees, J. and Sridhar, S. (2007). Market Reactions to Information Security Breach Announcements: An Empirical Analysis. International Journal of Electronic Commerce, 12(1), pp.69-91.

Kshetri, N. (2013). Cybercrime and cyber-security issues associated with China: some economic and institutional considerations. Electron Commer Res, 13(1), pp.41-69.

Kwangmyung Woo, and HYUN SOOK CHO, (2011). Legal Issues and Proposed Solutions of Electronic Agents in Electronic Commerce. International Commerce and Information Review, 13(1), pp.197-216.

Mayayise, T. and Olusegun Osunmakinde, I. (2014). E-commerce assurance models and trustworthiness issues: an empirical study. Information Management & Computer Security, 22(1), pp.76-96.

Palmer, D. (2010). Ethical issues in e-business. Hershey, Pa.: IGI Global (701 E. Chocolate Avenue, Hershey, Pennsylvania, 17033, USA).

Röhrig, S. and Knorr, K. (2004). Security Analysis of Electronic Business Processes. Electronic Commerce Research, 4(1/2), pp.59-81.

Study on LBS Driven Mobile E-commerce: Key Issues and Technological Architecture. (2012). JDCTA, 6(13), pp.460-469.

Warkentin, M. and Vaughn, R. (2006). Enterprise information systems assurance and system security. Hershey: Idea Group Pub.

진ë™수, and Jaewook Lim, (2012). Impacts of Social Commerce in E-commerce : In perspective of Social Commerce Analysis Model. International Commerce and Information Review, 14(1), pp.389-410.