Security in electronic business transactions

As in all transactions, whether using traditional postal mail, the telephone system, and even if they are carried out face to face, in Internet transactions, precautions must be taken to reduce risks to an acceptable level.

From the buyer's point of view, whether this is an individual, or a company acquiring goods from an Internet provider, it is necessary to have certainty about who is really behind the web pages  that they see, if they are really who they say they are and are not an identity theft. As the Internet is a public network, not a private one, shoppers are still fearful and reluctant to send their credit card number through it.

Threats to the security of payments.

In face-to-face transactions , in person, the seller and the buyer use physical signs to ensure that they are negotiating with a reliable counterpart: The seller can verify the signature, photo and identity documents of the client, and for his part the client You can verify the use of rosettes on employees, test merchandise and keep receipts for your purchase, etc.

On the Internet these methods are not applicable. Risks appear due to the very nature of La Red:

1.            Impersonation : The low cost of entry, and the ease of copying documents in electronic form, makes it possible for someone to, in principle, create a website that appears to represent a real and established or recognized organization, and through that electronic facade obtain illegally , for example, credit card numbers.

2.            Unauthorized Deployment and Action : Even during transactions between authentic sites and legitimate customers, a vandal (known as a hacker) could intercept the transmissions to capture a credit card number. Theoretically, there is also the possibility that a competitor or an annoying customer creates problems for the website so that it refuses to serve other customers or takes unauthorized actions.

3.            Data Alteration : Sometimes a malicious or accidental action can alter the content of a communication in transit, having an effect on customer names, credit card numbers, or amounts that represent money.

4.            Repudiation : If there is no physical proof of a sale, one of the parties involved could deny that a transaction actually took place. The customer could refuse to pay if their purchase cannot be tracked or has physical proof. Given the security risks involved in doing business on the web, consumers tend to remain fearful to shop online.

There are several approaches to implementing secure payments over the Internet:

1.            Creation of an account : in this case the client makes an agreement outside the Network (by phone, mail, fax, etc.) to pay later with a credit card, or to establish a line of credit. Then the orders can be made through the web.

2.            The purchase of virtual money . In this system, you buy encrypted tickets that are transmitted over the network and are accepted by various providers (eg Paypal).

3.            Form data or encrypted mail : The buyer fills in data in a form on a web page, these are encrypted and sent to the seller through the network, using the protocol called Secure HTTP (S-HTTP), or the email protocol (SMTP) . The S-HTTP (Secure HTTP), makes that when the buyer sends the data for the payment, the client program (browser, navigator or explorer) generates a security key. There are variants of security schemes that are under development. The fundamental schemes are:

1.            SSL: Security Layer at the socket level (Secure Sockets Layer)

2.            S-HTTP: Secure HTTP (Secure HTTP)

3.            Certificates

To get an idea of the place that these security systems occupy , we must know that communication between two systems , in this case computers, is carried out at several levels: from the physical level (electrical signals), to the application level (service or application used). At each level a certain protocol must be agreed upon  so that one end understands the other.

The SSL security scheme executes a negotiation protocol to establish a secure connection at the socket level  (machine address plus port).

The security services SSL are transparent to the user and the application, as they are below the application level, or that can be used by any application.

At the application level, HTTP is the protocol used in web application communications. S-HTTP protocols are integrated with HTTP. Here, security services are negotiated via page headers and attributes. Therefore, S-HTTP services are available only for web connections. Since SSL is integrated into the socket layer, it can also be used by other protocols besides HTTP, while S-HTTP is designed to be used exclusively in HTTP communications.

Secure Socket Layer (SSL).

The SSL is a system designed and proposed by Netscape Communications Corporation . It falls between the levels of TCP / IP and application protocols such as HTTP, FTP, and SMTP. It provides its security services by encrypting or encrypting the data exchanged between the server and the client, and encrypting the key for that session using a public key algorithm. The session key is the one used to encrypt the data that comes from and goes to the secure server . A different session key is generated for each transaction, ensuring that even if it is discovered by a spy in a given transaction, it is not used to decrypt future transactions.

 

Popular posts from this blog

Hundreds of T-Mobile stores will be able to fix phones soon

 T-Mobile introduced that 500 of its retail stores may want to start supplying repair offerings beginning on November 1st. The company says technicians will provide equal-day fixes using producer-authorised elements to clients who join its Protection<360> issuer, which moreover consists of tool replacement in case of loss or robbery. T-Mobile is also improving that tool safety plan by means of letting customers make five claims in a 12-month length, up from the previous limit of three. The claims are dealt with through Assurant and come with a deductible based on what kind of cellphone you've got and what form of claim you’re making. Still, it’s likely to be inexpensive than buying five new phones in case you land up having an 18-karat run of awful achievement. ASSURANT TECHNICIANS WILL BE HANDLING THE IN-STORE REPAIRS Interestingly, this variation has echoes of the contentious T-Mobile / Sprint merger. In    fashionbeautypalace      a brochure f...
Read more

7 TIPS TO IMPROVE YOUR WEBSITE AND ACHIEVE BETTER RESULTS

Image
 Maybe you have a web page, but there are many details that could be improved and corrected. In this post we want you to know some things and tips to improve your website .  construction bolts  What aspects should you influence so that it has more traffic? And to make it more attractive to the user? Having a website that convinces and attracts your potential clients is essential for your project to succeed. Discover the 7 tips to improve your website. Proposals and tips to improve a web page, what to do? There are several elements that you can take into account if you are wondering how to improve the design of your website . 1. Facilitate the user experience The first thing when we have a website is to make sure that the user is comfortable when browsing it. If the web does not offer the information that the user needs, in a clear and well-organized way, it is probably not easy to navigate through it. Consider applying techniques to improve the user experien...
Read more

approximately crypto

Image
  Stack banks $2.7M to teach young adults, and parents approximately crypto Today, Stack released what CEO Will Rush says is "the primary crypto training and trading app for young adults and their dad and mom." The subscription-primarily based app expenses $3 consistent with the month in step with the user and is to be had for Android. It became designed with Gen Z in thoughts, a technology that will develop up with the blockchain and maximum probably own a few sorts of virtual assets, Rush informed CTR   . He co-based the company with CTO Natalie Young and CCO Angela Mascarenas in 2021. The founding crew has an eclectic history that consists of teen fintech app Copper and securities for Rush; at the same time as Mascarenas helped digitize the cookie ordering gadget for the Girl Scouts, & Young was a T-Mobile engineer. While at Copper, Rush led efforts to train kids approximately investing; however, they determined that replacing the phrase "inventory" ...
Read more