Electronic Commerce Threats:- E-commerce involves the transaction of any kind of business done over an electronic system. This kind of business involves transactions that take place over the internet. E-commerce utilizes internal network that interface with the World Wide Web.
The nature of this kind of business introduces internal and external risks to both the website and the business systems to which it is connected to. An e-commerce website can face some security threats that have to be addressed, to avoid any losses. These are:
“Client threats refer to the threats that a client\user is exposed to when it comes in contact with any activity given the nature of the web.”
Electronic Commerce Threats
Client programs interpret data that are downloaded from arbitrary servers on the Internet, if there are no checks on the contents of these imported data, there exists the potential for these data to subvert programs running on the client system.
Most client threats come from Active content, which are programs that are embedded transparently in Web pages and that are embedded transparently in Web pages and that cause actions to occur.
This delivery technique called Trojan Horse immediately begins executing and taking actions that cause harm. A Trojan Horse is a program hidden inside another program or Web page that masks its true purpose. It could snoop around your computer and sends back to cooperating Web server information.
Adding Active content to Web page involved in e-commerce introduces several security risks. Malicious programs delivered quietly via Web pages could reveal credit card numbers, usernames, and passwords that are frequently stored in special files called cookies.
Security experts periodically find electronic holes called backdoors, in e-commerce software. This can be left open accidentally by the software developers, or they can be left intentionally. A backdoor allows anyone with knowledge of the existence of a backdoor or a system password of the cause damage by observing transaction, deleting data or stealing data.