Free Essay

Security Issues and Solutions in E-Commerce Applications

In: Computers and Technology

Submitted By maz4060
Words 2158
Pages 9
Security Issues and Solutions in Ecommerce Applications

The rise in popularity of conducting business online via ecommerce sites has not gone unnoticed by hackers and other cyber-criminals. A rise in the number of transactions and an increase in businesses that have an online presence have provided hackers with increased opportunities to exploit security vulnerabilities in ecommerce applications for personal profit, at the expense of legitimate businesses and users. A successful attack can result in downtime, the theft of user financial and personal information, loss of revenue, and loss of customers. This paper will offer an overview of some common types of security vulnerabilities and attacks on ecommerce platforms as well as some common tactics to prevent such attacks. Additional suggestions for maximizing information security on an application level as well as within an origination will be made with the goal emphasizing the prevention of attacks.

There are numerous tactics that exploiters use to gain access to user personal and financial information on ecommerce sites. One common attack is SQL injection, which is a tactic where a hacker inserts SQL query data into user input fields on a web site, with the goal of that query being executed by the database. With the strategic placement of apostrophes, dashes and semi-colons, the hacker can execute queries that bring a web site down, provide access to customer financial and other personal information, and even manipulate data on the site. There have been a number of high-profile SQL injection attacks that have resulted in the theft of user information. The web sites of both Guess and PetCo were both the victims of a successful SQL injection attack by a 20 year old programmer who was able to steal user credit card information. Other online retailers that have fallen victim to SQL injection attacks resulting in the theft of user and credit card information include OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

There are a number of things that can be done to reduce a web site’s vulnerability to SQL injection. These tactics include using stored procedures for database access, filtering and escaping input data, limit database user permissions and access, and encrypting data. By using stored procedures, SQL can be eliminated entirely and “by encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced.” By filtering and escaping user input for any malicious code input, those statements can’t be executed as separate queries by the database in an injection attempt. In limiting database user permissions and access, the developer must limit the tables each web site’s database user has access to on the web server. Additionally, the web site’s database user should also never have server administrative privileges to minimize the amount of damage that can be done in an SQL injection. Finally, encrypting all user information in the database will add an additional layer of information protection, as hackers won’t have access to raw user data if an SQL injection attack is successful.

Another common attack on ecommerce sites is the Denial of Service (DoS) attack. A DoS attack is “an attack in which a large number of requests for service or access to a site bombard a system, which causes it to crash or become unable to respond in time.” Hackers are able to bring sites down by flooding the target server with packets, overloading bandwidth and memory, thus preventing legitimate users from being able to access the site. This can affect the ecommerce site itself, but common targets also include credit card payment gateways and bank sites, which can affect the flow of ecommerce transactions. There are a number of variations of DoS attacks, with the most popular being the amplification of attacks through the use of zombie machines, dubbed the Distributed Denial of Service attack.

While DoS attacks do not usually result in the theft of user information such as in the case of SQL injection, they have the ability to bring entire sites down. Hackers have varying motives which can range from making a political statement, mischief, or even to drive traffic to a competing ecommerce site. This can result in significant loss of revenue and a tarnished reputation for sites that do a significant amount of transactions online. Many large online retailers have been the victim of DoS attacks, notably the sites of Amazon, Paypal, Visa, and Mastercard in one high-profile attack in 2010 that resulted in downtime for several hours.

There is no way to completely prevent DoS attacks, as no technique or commercial product can completely guarantee that a single user connection is legitimate rather than a bot that intends to flood the system. However, there are a number of things that can be done to mitigate vulnerability to DoS attacks. These include monitoring for attacks, restricting the bandwidth that can be used by the infringing IP addresses, maximizing the bandwidth available to the web server, limiting the rate of new traffic from one host, and limiting the rate of ICMP traffic. Additionally, using commercial Intrusion Detection Systems such as Symantec’s Intruder Alert, Tripwire Security Tripwire, and McAfee’s Entercept Desktop and Server Agents can further mitigate an ecommerce site’s vulnerability to DoS attacks.

A security exploit that is unique to the shopping carts and payment gateways of ecommerce sites is that of data manipulation, more specifically price manipulation in which “the total payable price of the purchased goods is stored in a hidden HTML field of a dynamically generated web page. An attacker can use a web application proxy such as Achilles to simply modify the amount that is payable when this information flows from the user’s browser to the web server.” Using this technique, an attacker can change the hidden price field value through a proxy and successfully submit the form. For example, a hacker can change the price of a $500.00 product to $50.00 and have the transaction go through successfully. If a business has a high amount on online transactions, the price change and purchase can often go unnoticed.

There are a number of things that can be done to prevent a data manipulation attack. The developer should avoid using hidden fields whenever possible, especially on values that should not change such as price. Additionally, if hidden fields are ever used, efforts should be made to encrypt the value stored in the field as well as the field name, as the hacker will have more difficulty figure out which fields to modify. Additionally, the input values submitted in a transaction should always be verified to ensure accuracy and prevent fraud such as price changing. Verification of price charged can also occur manually as orders are filled to provide another layer of authentication into the process.

Another tactic that hackers use to exploit the users of ecommerce sites is that of phishing. Phishing is the practice of using deception to manipulate users into sharing personal information including passwords, usernames, financial data, and even social security numbers. One common method of this is an attacker sending a user an email that appears to be from a legitimate ecommerce site. The email requests the user to verify account information via a fake version of the ecommerce site, duping the user into sharing personal information that the hackers can steal. Noteworthy phishing scams have affected users of Ebay, CitiBank, PayPal, and Best Buy, resulting in the theft of social security numbers, credit card information, and ATM pins.

Unfortunately there are few architectural safeguards that can be built into an ecommerce application to protect against phishing, as the theft occurs through users and a third party site rather than the legitimate ecommerce site. There are however, some things that the owners of ecommerce sites can do to reduce the threat of their users falling victim to phishing scams. If a phishing scam is detected, ecommerce site owners can file a complaint with the phishing site’s Internet Service Provider (ISPs) to take the site down. While laws regarding ISPs closing down sites due to phishing attempts vary by country, the successful removal of a phishing site can prevent users from being able to provide personal information. Ecommerce sites should also educate users to verify that the URL in the browser window is the URL of the legitimate site before giving away any personal information. One more technical approach to reduce vulnerability to a phishing attack is to use two-factor authentication on login forms, such as a picture and phrase in addition to the username and password. The absence of the extra authenticating image and phrase on an illegitimate site requesting user information can serve as a red flag to users that the version of the ecommerce site they are visiting is not authentic.

While a number of common exploitations of ecommerce sites and possible solutions to reduce vulnerability to such attacks have been discussed, there are also additional measures that can be taken to secure ecommerce applications, thus improving information security.

One important safeguard for securing payments on ecommerce sites is that of using Public Key Infrastructure (PKI) via a third party SSL certificate authority. Using a reputable SSL certificate authority such as Verisign, Thwate, or Geotrust authenticates the identities of both the merchant and seller, providing for encrypted transfer of sensitive information.

Additionally, the network that an ecommerce site runs on should be further secured by using one or multiple firewalls. One common implementation is to secure the public web server that hosts an ecommerce application between two firewalls using a DMZ architecture to provide security against external attacks as well as threats from internal business networks.

Further securing ecommerce applications relies on careful planning of the ecommerce application itself as well as a business continuity plan to assess and mitigate the effects of an external attack, especially if an ecommerce web site is a mission critical component of an organization.

When developing the ecommerce application as well as configuring web and database servers, it is important to incorporate vulnerability prevention at the design stage rather than after an attack has occurred. The various components that are designed to secure the application should be tested for vulnerability throughout the software development lifecycle to identify and fix any additional risk for exploitation.

Additionally, developing a business continuity plan that includes risk and crisis management if the ecommerce platform or the company’s customers are victims of cybercrimes can be a critical component of not only securing information, but of maintaining reputation and customers in the event of an attack. By assessing possible security threats and as well as their likelihood and possible impact on the organization, the appropriate risks can be mitigated at the design level, during the development process, at the infrastructure level, and at the client level before attacks occur. A crisis management plan that dictates the plan of action and provides for the necessary infrastructure to recover from an attack will help minimize the damage caused, to both revenue and customer trust in the organization. For example, to prepare for a potential SQL injection attack that would result in theft of user data, in addition to designing the application from the onset so that it uses stored procedures for database access, ensuring that input data is filtered and escaped, limiting database access, and encrypting data as discussed earlier in this paper, there must also be a crisis management plan that prepares for the loss and theft of data in the event of a successful SQL injection attack. Setting up a failover server well in advance as well as automating backups can prevent downtime in the event of an attack, as the affected server can be taken offline to assess the damage and undergo troubleshooting. A response system to notify users that their information has been compromised as informing them of the plan of action could be set up far in advance, allowing for a quick and reassuring response to customers rather than an ill-prepared reaction that further tarnishes the company’s reputation and revenue.

As more users and businesses conduct business online via ecommerce web sites, hackers will inevitably attempt to exploit that trend by attacking vulnerable web sites and users for personal gain, at the expense of a business’s profits, customers, and reputation. There are several common attacks on ecommerce sites including SQL injection, Denial of Service attacks, phishing, and data manipulation- all of which can be mitigated using specific solutions as discussed in this paper. Information and ecommerce applications can be further secured through utilizing an SSL certificate and firewalls. Further, information security initiatives should start at the design level to prevent attacks on various vulnerabilities. Additional protection can occur through a business continuity plan that incorporates risk assessment and mitigation as well as crisis management in the event of an attack to minimize financial loss and restore customer trust.

References:…...

Similar Documents

Premium Essay

E-Commerce in Security Market

... E-COMMERCE IN SECURITY MARKET (Source: Most of the Data & charts from NSE website) A) ABOUT E-COMMERCE World Trade Organisation (WTO) defines E-Commerce as “the production, distribution, marketing, sale or delivery of goods and services by electronic means”. The strategic benefit of making a business ‘e-commerce enabled’, is that it helps reduce the delivery time, labour cost and the cost incurred in the following areas: ➢ Document preparation ➢ Error detection and correction ➢ Reconciliation ➢ Mail preparation ➢ Telephone calling ➢ Data entry ➢ Overtime ➢ Supervision expenses Further, it enables - ➢ Easy reach to a fast growing online community ➢ Unlimited shelf place for products and services ➢ Fuse the global geographical and time zone boundaries ➢ Reach national and global markets at low operating costs The sudden spurt in growth of e-commerce in India is felt due to the following favourable factors: ➢ Rapidly increasing Internet user base ➢ Technology advancements such as VOIP (Voice-over-IP) have bridged the gap between buyers and sellers online ➢ The emergence of blogs as an avenue for information dissemination and two-way communication for online retailers and E-Commerce vendors ➢ Improved fraud prevention technologies that offer a safe and secure business environment and help prevent credit card frauds, identity thefts and phishing ➢ Longer reach - Consumers in the Tier II & Tier III......

Words: 4102 - Pages: 17

Premium Essay

Directions for Web and E-Commerce Application Security

...Engineering Term Paper on Directions for Web and E-Commerce Applications Security SupervisorProf.P.M. Khilar Submitted byDinesh Shende Roll No-212CS2102 M.Tech(1st year) Directions for Web and E-Commerce Applications Security Abstract: This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and e-commerce applications are discussed. These security measures must be implemented so that they do not inhibit or dissuade the intended e-commerce operation. This paper will discuss pertinent network and computer security issues and will present some of the threats to e-commerce and customer privacy. These threats originate from both hackers as well as the e-commerce site itself. Another threat may originate at ostensibly friendly companies such as DoubleClick, MemberWorks and similar firms that collect customer information and route it to other firms. Much of this transaction information is able to be associated with a specific person making these seemingly friendly actions potential threats to consumer privacy. Many of the issues and countermeasure discussed here come from experiences derived with consulting with clients on how to maintain secure e-commerce facilities. These methods and techniques can be useful in a variety of client and server environments, also serving to alert e-commerce users of potential......

Words: 3283 - Pages: 14

Free Essay

E-Commerce and Csr Issues

...E-commerce and CSR issues In the words of Alejo and Joan (2005), regarding E-commerce and its Corporate social responsibility issues, “Reality is virtual, virtual reality-the reality that exist in the form of bits and bytes activated by electromagnetic energy and made powerful by IT and the internet-has changed the way we relate to one another. It has also revolutionized economics and business”. The authors state that while e-commerce, the sale of goods over the internet, has boosted online sales, especially products like books, CDs and computer products; it has also raised important new ethical challenges. These challenges revolve around four main issues: security, privacy, identity and transaction non-refutability. There is no doubt that a new ethical dilemma has arisen and these authors propose two universal principles that must be upheld by internet commerce. The first ethical challenge of internet commerce is security, commonly referred to as “hacking”, ‘cracking”, or “page jacking”. Internet security breaches involve trespassing or breaking into computer networks, websites, and mailboxes. Hackers will steal information from confidential files, steal services or damage a system by swamping a PC, a server or a network. The second ethical challenge relates to privacy, which involves protecting the collection, storage, processing, disseminating and destruction of personal information. They continue that no one is anonymous on-line and what is nirvana for......

Words: 730 - Pages: 3

Free Essay

E-Commerce

...Introduction Mobile commerce has gained a remarkable status among other electronic trading means over the last ten years. People have been relying on their mobile devices for everything that touch their basic needs of life; from paying bills to purchasing convenient products and services. According to the Juniper research, the estimated number of all buying and selling m-commerce transactions boosted from 498 million in 2006 to 4.6 billion in 2010. (VeriSign, 2007, P.3) Apparently, after Apple released its 3G iphone and Google released Nexus 1.0,beside the wide internet wireless coverage, mobile users have found out that they can buy and sell through their mobile devices in short period of time with less cost. Therefore, we can define m-commerce as the “e-commerce activities which are carried out via a mobile terminal such as a phone or PDA.” (Mennecke,B ,Strader,J , 2003, P.30) Therefore, it has become necessary to understand the basic mobile commerce requirements, services, security, and its future in order to gain the highest available profits and gains. Many mobile manufacturers and carrier providers assure that the future potential benefits of m-commerce are going to improve our lifestyle in the near future However, there is a debate whether m-commerce services will take over the position of traditional trading services or not because there are many problems and issues are still make the people away from mobile trading such ass security. What do we need for......

Words: 1489 - Pages: 6

Premium Essay

What Is E-Commerce? the Key Components to Establishing and Providing a Successful E-Commerce Solution Within an E-Business Environment.

...What is e-commerce? The key components to establishing and providing a successful e-commerce solution within an e-business environment. CONTENTS CHAPTER | PAGE | Introduction & Aims/Objectives of assignment. | 3 | 1. What is e-commerce? | 5 | 2. E-environment | 6 | 3. Establishing an e-business. How to support an e-business? | 9 | 4. E-business systems: infrastructure of hardware and software | 14 | 5. E-Logistics: Supply Chain & Procurement | 17 | 6. E-Security: Protecting and e-business & its infrastructure | 19 | 7. E-Marketing: How to push your e-commerce business using marketing tools online. | 21 | 8. E-CRM: Managing customer relations online | 24 | 9. The future of e-business | 29 | Conclusion | 31 | Bibliography | 34 | Introduction: Through this assignment I will be discussing the use of e-commerce in modern retailing. This essay aims to explore: What e-commerce is, the infrastructure needed to establish an e-business and the wider impact of e-commerce on the traditional business and retail environment. These aims will outline the main effects of e-commerce on a business. These will be achieved through: * Outlining the origins of e-business * Assessing the external impact of e-commerce on the environment & traditional retailing. * Examining the implementation and sustainability of an e-commerce business: Systems, Structures & Costs. * The impact of e-commerce on the......

Words: 9784 - Pages: 40

Premium Essay

E-Commerce

...Introduction of e-commerce Electronic commerce can be defined as sales or purchase of goods and services or any commercial transaction through electronic systems such as internet, telephone and e-mail. There are several forms of e-commerce, including: Business-to-Business (B2B) is the electronic transactions between enterprises for conducting business. Business-to-Consumer (B2C) is the business sell of products or services directly to customers, such as Gmarket, Alibaba etc. Consumer-to-consumer (C2C) is the business conduct between consumers. This usually is a form of auction or forum site, such as E-bay. Consumers post what they intend to sell on the webpage, other consumers can access and bid for the item. Customer-to-business (C2B) is a form of business offered by consumer to business to exchange for money. For example, designers sell a design to a multimedia manufacturing company online. One of the major subset of E-commerce is mobile commerce. It is the sale and purchase of goods or services or conducts any business activities through internet connection using handy devices such as mobile phones and tablets. Mobile commerce is getting popular and can be defined as the next generation of e-commerce. Businesses conduct e-commerce to stay competitive. Some of the businesses are successful with the use of e-commerce, such as online shop Amazon and DBS Bank. Amazon provides a massive range of products. They are focus on their selection, price and convenience. Customers......

Words: 3739 - Pages: 15

Premium Essay

E-Commerce

... | |Electronic Commerce |Electronic commerce is the buying and selling of goods and services on the Internet, especially the World Wide | | |Web. | |Etsy/Pinterest |Online websites for buying and selling products and ideas. | Executive summary The main objective of this report is to identify and analyse the benefits and problems associated using the E-commerce. The case study evolves the client, Miss Amanda Jane Walter in which her horse riding apparel business is threaten as many customers search and buy the products online compared to Amanda Jane who only sells the items directly to their customer. This report explains how E-commerce can be incorporated to help the company, Amanda Jane Horse Wear, to improve its business operations and improve on its advertising to outreach to a greater target audience within the horse-riding community. Some benefits identified include increased business efficiency, reduced operations cost, providing additional convenience to customers and expanding the company’s current customer base. On the other hand, the report will highlight the challenges that the business might face in the technological and managerial aspects; such as security issues, the cost involved in installing accompanying......

Words: 2826 - Pages: 12

Premium Essay

E-Commerce

...intense rivalry in the acquisition and retention of consumers. The internet market and e-commerce related trading has become a major issue for modern retailers. With the emergence of new technologies for information transfer, the Internet has positioned itself as a new end frontier towards customer acquisition and retention through the management of the relationships that exist between the customers and the retailers. Little known empirical research has been carried out on the management of this e-commerce facility in the acquisition and retention of customers within the clothing industry, or at a particular store. The clothing channel being the highest channel within e-commerce, it shouldn’t come as a surprise that there is an increase in the use of the Internet to market and sell clothes online. This paper will explore the implementation of taking a jean clothing line through a website; where customers have the capability of shopping for denim that best suits their fancy, stocking them up in virtual shopping cart, paying for them through available online payment systems and having them delivered to their locations using their preferred delivery systems.    Introduction As the demands within the retail industry continue to become more diversified, it has become increasingly challenging for marketers to acquire and retain new clientele.  Today, the primary business marketing management issue is that the retail industry faces the need to focus their attention on......

Words: 1733 - Pages: 7

Premium Essay

E-Commerce

...501: MANAGEMENT INFORMATION SYSTEMS ELECTRONIC-COMMERCE AND MOBILE-COMMERCE PRESENTED BY: LEONIDA CHEPKORIR SOI D53/MSA/PT/25210/2012 PRESENTED TO: Athman Fadhili Lecturer, Management Science Department Kenyatta University, Mombasa Campus. 9th OCTOBER 2013 1 TABLE OF CONTENTS CHAPTER ONE INTRODUCTION……………………………………………………….……………….3 CHAPTER TWO 2.1 DEFINITION OF COMMERCE……………………………………….……………5 2.2 DEFINITION OF E-COMMERCE……………………………………….…………5 2.3 E-COMMERCE PROCESS…………………………………………….……………5 2.4 ORIGIN OF E-COMMERCE …………………………………………….…………5 2.5 DIFFERENCES BETWEEN E-BUSINESS AND E-COMMERCE….……………7 2.6 CLASSIFICATION OF ELECTRONIC-COMMERCE ……………….…………….8 2.7 FACILITIES THAT SUPPORT E-COMMERCE……………………….……………9 2.8 BENEFITS OF E-COMMERCE…………………………………………….………..10 2.9 LIMITATION OF E-COMMERCE……………………………………………….…..12 CHAPTER THREE 3.1 DEFINITION OF M-COMMERCE…………………………………………………..15 3.2 CHARACTERISTICS OF M-COMMERCE………………………………………….18 3.3 PARTICIPANTING ENTITIES IN M-COMMERCE VALUE CHAIN…………….18 3.4 FUNCTION OF THE MOBILE NETWORK OPERATOR IN M-COMMERCE …..18 3.5 BILLING……………………………………………………………………………….19 3.6 AREAS OF APPLICATION OF M-COMMERCE………………………………...…20 3.7 REASONS FOR HIGH ADOPTION RATE OF M-COMMERCE…………………..21 CHAPTER FOUR CONCLUSION…………………………………………………………………………….22 REFERENCES …………………………………………………………………………...23 2 CHAPTER ONE INTRODUCTION Internet revolution has made available variety of applications and services through the World Wide Web at......

Words: 4756 - Pages: 20

Premium Essay

E-Commerce

...E-Commerce industry Study Objective * To learn about the existing trends in e-commerce industry today * To analyse in depth the benefits and limitations of online transactions of products * To examine the online shopping sites prevalent in Coimbatore such as the mall.coimbatore which is an online shopping store and personal buying assistant in Coimbatore * To observe the future of the industry and recommend improvement ideas Need for selecting the ecommerce Industry India, one of the fastest growing economies presents a world of opportunities to entrepreneurs, investors, and researchers with an interest in the global economy. India’s e-Commerce industry is on the growth curve and experiencing a spurt in growth. With this increased interest comes a surge in demand for facts, trends and indicators. Highly concentrated urban areas with very high literacy rates, a vast rural population with fast increasing literacy rate, a rapidly growing internet user base, technology advancement and adoption and such other factors make India a dream destination for ecommerce players. E-commerce combines web technology with business economics. As of the last 10 years, online visibility for such online enterprises now heavily rely on the relationship between the own online sales platform and Search Engines for improved traffic consisting of presumable customers with the intent of acquiring products or services related to the customers’ needs. In 2008 an Internet behavioural......

Words: 6470 - Pages: 26

Premium Essay

E Commerce

...IMPLEMENTING STRATEGIC E COMMERCE IN CONWAY STORES INC, E commerce is the online business buying and selling products and services, or even transferring funds through the web. It requires high internet connection. According to Education Center “Electronic commerce or ecommerce is a term for any type of business, or commercial transaction, which involves the transfer of information across the Internet. It covers a range of different types of businesses, from consumer based retail sites, through auction or music sites, to business exchanges trading goods and services between corporations. It is currently one of the most important aspects of the Internet to emerge. Ecommerce allows consumers to electronically exchange goods and services with no barriers of time or distance. Electronic commerce has expanded rapidly over the past five years and is predicted to continue at this rate, or even accelerate. In the near future the boundaries between "conventional" and "electronic" commerce will become increasingly blurred as more and more businesses move sections of their operations onto the Internet” There are different types of ecommerce, business to business B2B, consumer to business C2B, consumer to consumer C2C, business to consumer B2Cand so one.. Nowadays it is very necessary for a company or even a small business to have online store because it could attract more customers (far away or foreigners) which means more money and profits. And also with the e commerce......

Words: 2119 - Pages: 9

Premium Essay

E-Commerce

...final outcome of the buyer-seller interaction (Kotler and Armstrong, 2001; Kotler, 2003; Brassington and Pettitt, 2003). Abstract Addresses one of the fundamental issues of e-marketing: how to attract and win over the consumer in the highly competitive Internet marketplace. Analyses the factors affecting the online consumer’s behavior and examines how e-marketers can influence the outcome of the virtual interaction and buying process by focusing their marketing efforts on elements shaping the customer’s virtual experience, the Web experience. Identifying the Web experience components and understanding their role as inputs in the online customer’s decision-making process are the first step in developing and delivering an attractive online presence likely to have the maximum impact on Internet users. Click-and-mortar firms delivering superior Web experience influence their physical clients’ perceptions and attitudes, driving additional traffic to traditional sales outlets. Provides a contribution to the theoretical debate around the factors influencing the online consumer’s behavior and outlines some noticeable similarities and differences between the traditional and virtual consumers. Electronic access The Emerald Research Register for this journal is available at www.emeraldinsight.com/researchregister The current issue and full text archive of this journal is available at www.emeraldinsight.com/1066-2243.htm Internet Research Volume 14 · Number 2 · 2004 · pp. 111-126 q......

Words: 10668 - Pages: 43

Premium Essay

E Commerce

...LIMITATIONS OF E-COMMERCE Technical Limitations  Lack of sufficient system's security, reliability, standards, and communication protocols.  Insufficient telecommunication bandwidth.  The software development tools are still evolving and changing rapidly.  Difficulties in integrating the Internet and electronic commerce software with some existing applications and databases.  The need for special Web servers and other infrastructures, in addition to the network servers (additional cost).  Possible problems of interoperability, meaning that some E-commerce software does not fit with some hardware, or is incompatible with some operating systems or other components. Non-Technical Limitations  Cost and justification (35% of the respondents) The cost of developing an EC in house can be very high, and mistakes due to lack of experience, may result in delays. There are many opportunities for outsourcing, but where and how to do it is not a simple issue. Furthermore, to justify the system one needs to deal with some intangible benefits which are difficult to quantify.  Security and Privacy (17% of the respondents) These issues are especially important in the B2C area, and security concerns are not truly so serious from a technical standpoint. Privacy measures are constantly improving too. Yet, the customers perceive these issues as very important and therefore the E-commerce industry has a very long and difficult task of convincing customers that online......

Words: 389 - Pages: 2

Premium Essay

E Commerce

...E COMMERCE * Define e-commerce? What are the benefits of using e-commerce? The term ‘electronic commerce’ has evolved from electronic shopping, to imply all aspects of business and market processes enabled by the Internet and World Wide Web technologies. DEFINITION- Sharing business information, maintaining business relationships and conducting business transactions using computers connected to a telecommunication network is called E-Commerce. OR The exchange or buying and selling of commodities on a large scale involving transportation from place to place is known as commerce. When all this is done electronically, it is known as “e-commerce”. According to Philip Kotler: E-commerce can be defined as a general term for buying and selling process that is supported by electronic means. Electronic commerce, also known as e-business, a term for all kinds of business that are established electronically especially over the Internet. This includes both electronic sale (internet shops) and B2B transactions, i.e. business between two companies. It is any online transaction of buying and selling where business is done via Electronic Data Interchange (EDI). E-Commerce can be defined from different perspectives – 1. Communications perspective, 2. Business process perspective, 3. Service perspective and 4. Online perspective. E-commerce from communication perspective is the delivery of information, products or services, or payments via telephone lines, computer......

Words: 9434 - Pages: 38

Premium Essay

E-Commerce

...geographic boundaries almost always coincide with legal and cultural boundaries. ____ 13. Creations that can be copyrighted include virtually all forms of artistic or intellectual expression. ____ 14. The type of electronic commerce software an organization needs depends on several factors, with size and budget being the primary drivers. ____ 15. The element of necessity in computer security refers to preventing data delays or denials (removal). ____ 16. The most complete way for Web site visitors to protect themselves from revealing private information or being tracked by cookies is to disable cookies entirely. ____ 17. Sending bills and receiving payments over the Internet can drop the transaction cost to an average of 50 cents per bill. ____ 18. Electronic cash containing serial numbers raises a number of privacy issues. ____ 19. The most important step that companies can take today to prevent phishing attacks is to update their prevention technology. ____ 20. Sometimes a content manager offers seed money, management advice, and marketing assistance. Multiple Choice Identify the choice that best completes the statement or answers the question. (20 points, 1 point each) ____ 21. Some researchers define a fourth category of electronic commerce called ____, which includes individuals who buy and sell items among themselves. |a. |C2C |c. |C2B | |b. |B2B ......

Words: 1733 - Pages: 7