Chapter 4: E-commerce Security and payment systems

Similar documents
Alexander Nikov. 7. ecommerce Marketing Concepts. Consumers Online: The Internet Audience and Consumer Behavior. Outline

6. ecommerce Security and Payment Systems. Alexander Nikov. Teaching Objectives. Video: Online Banking, Is It Secure?

E-COMMERCE and SECURITY - 1DL018

Chapter 6. E-commerce Marketing Concepts. Copyright 2009 Pearson Education, Inc. Slide 6-1

Midterm Chapter 1,2,3,5

E-commerce Kenneth C. Laudon Carol Guercio Traver. business. technology. society. tenth edition

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

ECM 210 Chapter 6 - E-commerce Marketing Concepts: Social, Mobile, Local

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

7 Cs of WEB design - Customer Interface

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Alexander Nikov. 9. Information Assurance and Security, Protecting Information Resources. Learning Objectives. You re on Facebook? Watch Out!

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers Your Interactive Guide to the Digital World

Malware & Botnets. Botnets

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

INFOCOMM SEC RITY. is INCOMPLETE WITHOUT. Be aware, responsible. secure!

Introduction: 1. Daily 360 Website Scanning for Malware

Module 6. e-business and e- Commerce

Network Security and the Small Business

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

Learn to protect yourself from Identity Theft. First National Bank can help.

E-Business, E-Commerce

Promoting Network Security (A Service Provider Perspective)

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

BE SAFE ONLINE: Lesson Plan

Computer Security Maintenance Information and Self-Check Activities

Chapter 11 E-Commerce

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

WEB ATTACKS AND COUNTERMEASURES

Certified E-commerce Consultant (CEC)

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

The Hidden Dangers of Public WiFi

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

Content Teaching Academy at James Madison University

Innovations in Network Security

Chapter 12 Objectives. Chapter 12 Computers and Society: Security and Privacy

Chapter 11: E-Commerce

WHITE PAPER. Understanding How File Size Affects Malware Detection

Chapter 11 Computers and Society, Security, Privacy, and Ethics

Security aspects of e-tailing. Chapter 7

The Information Security Problem

Remote Deposit Quick Start Guide

OIG Fraud Alert Phishing

Stopping zombies, botnets and other - and web-borne threats

Visa CREDIT Card General Guidelines

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

GlobalSign Malware Monitoring

Threat Events: Software Attacks (cont.)

Countermeasures against Bots

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Monitoring mobile communication network, how does it work? How to prevent such thing about that?

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

COB 302 Management Information System (Lesson 8)

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft

Internet threats: steps to security for your small business

Information Security

Recognizing Spam. IT Computer Technical Support Newsletter

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

The Key to Secure Online Financial Transactions

SHORT MESSAGE SERVICE SECURITY

High Speed Internet - User Guide. Welcome to. your world.

Overview of computer and communications security

Different Types of Adware and Services

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

How to Identify Phishing s

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Top tips for improved network security

NATIONAL CYBER SECURITY AWARENESS MONTH

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

4. Identify the security measures provided by Microsoft Office Access. 5. Identify the methods for securing a DBMS on the Web.

Securing Information Systems

Customer Awareness for Security and Fraud Prevention

Tutorial on Smartphone Security

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS


Security Goals Services

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Best Practices Guide to Electronic Banking

Infocomm Sec rity is incomplete without U Be aware,

Security in DSL Networks. Issues and Solutions for Small-to-Medium Sized Enterprises

$920+ GST Paid Annually. e-commerce Website Hosting Service HOSTING:: WHAT YOU GET WORDPRESS:: THEME + PLUG-IN UPDATES

How To Use A College Computer System Safely

Chapter 5. Online Payment System. Types of Payment Systems. Cash Checking Transfer Credit Card Stored Value Accumulating Balance

Transcription:

Chapter 4: E-commerce Security and payment systems The e-commerce security environment Reporting issues: the most is Malware infection 2011 CSI survey: 46 percent of respondents firms detected breach in last year Underground (black market) economy marketplace: stolen credit card information and creation a new account. (illegal operation) Good E-commerce security Multi-layered To achieve highest degree of security needs 3 things 1. New technology (to prevent any attack) 2. Organizational policies and procedures 3. Industry standards and government laws Security is NOT absolute! Other factors 1. Time value of money: protect a message of a few hours/days/years 2. Cost of security vs. potential loss: trade-off 3. Security often breaks at weakest link: prevent by providing very hard to predict the password The tension between security and other values Ease of use: (more security, harder to use, slower outcome) Public safety and criminal uses of the internet: use of technology by criminals to plan crimes or threaten nation-state Security Threats in the E-commerce Environment (3 key points of vulnerability in e-commerce environment) Clients = customers Server Communication pipeline (internet communication channel) ***Most common security threats in the e-commerce environment*** 1. Malicious code (Malware) = comes with a downloaded file that user requests. Viruses: spread from a file to another file Worms: spread from a computer to another computer Trojan horses: act like a helpful program but actually granting hacker to access the computer Bots: Malware that can be installed on your computer when attached to the internet Botnets: collection of captures computers used for Spam and DDOS 2. Unwanted programs Browser parasites: can monitor and change the setting of browser

Adware: Free software program. When installed, it will sent advertising to your computer such as advertising of game on mobile phone. Spyware: a program used to obtain information secretly (keep information of downloader, benefits for marketer because we can observe customers behaviors) 3. Social engineering: exploitation of human fallibility and gullibility to distribute malware ( human greed to trick to take actions) 4. Phishing = fake e-mail or websites E-mail scams Spoofing legitimate websites Uses information to commit fraudulent acts (access checking accounts), steal identity 5. Hacking Hackers vs. Crackers (crackers = a hacker with criminal intent) Types of hacker o White hats = good hackers o Black hats = intention of causing harm o Gray hats = pursuing some greater good by breaking in and reveal system laws 6. Cybervandalism : intentionally disrupting, defacing, destroying website such as some employees feel angry to the boss. They will delete the company webpage. 7. Data breach: When organization loss control over corporate information to outsiders. Ex. Outsider wants to control your website. They change password as a result you cannot log in to the website. 8. Credit card fraud/theft Hackers target merchant servers; use data to establish credit under false identity 9. Spoofing = fake email/website 10. Pharming = spoofing website by redirecting website to the fake website 11. Spam/junk website 12. Denial of service (DoS) attack = hacker make website goes down with useless traffic 13. Distributed denial of service (DDoS) attack = control the website such as stop the webpage 14. Sniffing = can see the user briefly (monitor information travelling over a network) (benefit for marketer: can track e-mail flow) 15. Insider jobs = single largest financial threat (people inside company do something mistake) 16. Poorly designed server and client software: six of top ten attacks are from internet browser 17. Social network security: provide rich environment for hackers as it is opened for everyone 18. Mobile platform threats: same risk as any internet devices (malware, botnets, vishing/smishing =via SMS to download) Technology Solution 1. Protecting internet communications (Encryption) 2. Securing channels of communication (SSL, VPNs) 3. Protecting networks (Firewalls) 4. Protecting servers and clients (Anti-virus in your computer)

1. Encryption Transforms data into cipher text readable only by sender and receiver Secures stored information and information transmission Provides 4 of 6 key dimensions of e-commerce security (Message integrity, no repudiation, authentication, confidentiality) Symmetric key encryption = use same digital key (same password) to encrypt and decrypt message Requires different set of key for each transaction (different message, different key) Strength of encryption = length of binary key (0 or 1.A = 01000001) Advanced encryption standard (AES) = most widely used (128-,192- and 256-bit) Other standard use keys with up to 2,048 bits Public key encryption = uses 2 mathematically related digital keys (password) Public key (widely disseminated) Private key ( kept secret by owner) Both keys used to encrypt and decrypt message Once key used to encrypt message, same key cannot be used to decrypt message Sender use recipient s public key to encrypt message; recipient uses private key to decrypt it Public key encryption using digital signature and hash digests Hash function: Fixed-length number (same form digit), verify integrity ( cannot be changed) Digital Envelopes To solve below problems Public key encryption : computation slowly, decreased transmission speed, increased processing time Symmetric key encryption : insecure transmission lines Protecting Network 1. Firewalls (ex. Company block facebook website to prevent employees to access it during work time) Hardware or software Uses security policy to filter packets 2 main methods: packet filters and application gateways 2. Proxy servers (proxies)

Software servers that handle all communications originating from or being sent to the internet Protecting servers and clients 1. Operating system security enhancements (upgrades, patches) ex. Windows updates version itself 2. Anti-virus software Easiest and least expensive way to prevent threats to system integrity Requires daily updates E-commerce payment systems 1. Credit card : 45 percent of online payment in 2011 (USA) 2. Debit card : 28 percent of online payment in 2011 (USA) Limitations of online credit card payment Security, merchant risk (the existing system offers poor security) Cost (about 3.5 percent up, one solution aggregate ) Social equity (Thailand: salary about 15,000 up baht) Security 3. Digital wallet Emulates functionality of wallet by authenticating consumer, storing and transferring value and securing payment process from consumer to merchant Early efforts to popularize failed Latest effort : Google checkout 4. Digital cash Value storage and exchange using tokens Most early examples have disappeared; protocols and practices too complex 5. Online store value systems Based on value stored in a consumers bank, checking or credit card account PayPal Smart cards 2 types o Contact : credit card = physical place on card reader o Contactless : transmitting through antenna such as RFID, easypass 6. Digital accumulated balance payment Users accumulate a debit card balance for which they are billed at the end of the month PaymentsPuls, BillMeLater 7. Digital checking Extends functionality of existing checking accounts for use online Mobile Payment systems PayByCheck, EBillMe 1. Use of mobile handsets as payment devices (well established in Europe, Japan, South Korea)

2. Japanese mobile payment systems E-money (stored value) Mobile debit card Mobile credit card 3. Not as well established yet in USA Infrastructures still developing Apple, Google, RIM developing separate NFC systems Electronic billing presentment and payment (EBPP) Online payment systems for monthly bills 30 percent of households in 2010 used more EBPP; expected to continue to grow Two competing EBPP business models: Biller-direct(dominant model) and Consolidator Both models are supported by EBPP infrastructure providers

Chapter 6: E-commerce marketing concepts: social, mobile and local Consumers online: The internet Audience and Consumer Behavior The first principle of marketing Know thy customer Understand customers! Around 73 percent USA households have internet access in 2011 Growth rate has slowed to about 2-3 percent a year Intensity and scope of use both increasing Some demographic groups have much higher percentages of online usage than others Gender, age, ethnicity, community type, income, education Digital divide: Inequality in access and usage of IT devices Broadband (ADSL, cable modem, 3G,4G, Wi-Fi, etc) vs. dial-up audiences, new mobile audience Internet purchasing affected by neighborhood Lifestyle and sociological impacts (use of internet by children and teens, use of internet as substitute for other social activities) Media choices (traditional media competes with internet for attention, TV viewing has increased with internet usage) Consumer behavior models Study of consumer behavior : Attempts to explain what consumers purchase and where, when, how much and why they buy Consumer behavior models : Predict wide range of consumer decisions based on background demographic factors and other intervening, more immediate variables Background demographic factors Culture: Affects entire nations (different country, different culture) Subculture: Subsets formed around major social differences (ethnicity, age, lifestyle, geography) Social networks and communities: o Direct reference groups (family members) o Indirect reference groups (feedback/comments) o Opinion leaders (influencers: singers/actors/actresses/ those inspired you) o Lifestyle groups (ABAC students lifestyle and other university lifestyle are different) Psychological profile (set of needs, drives, motivations, perceptions, and learned behaviors) ex. Free seminar teach how to use product

The online purchasing decision Psychographic research: combines demographic and psychological data o Divides market into various groups based on social class, lifestyle, and/or personality characteristics 5 stages in consumer decision process: 1. Awareness of need 2. Search for more information 3. Evaluation of alternatives 4. Actual purchase decision 5. Post-purchase contact with firm A model of online consumer behavior Decision process similar for online and offline behavior General online behavior model 1. Consumer skills (knowledge to conduct online transaction) 2. Product characteristics (easily described, packaged, shipped, Eg. Book,CD) 3. Attitudes toward online purchasing (guarantee satisfaction: turn money back guarantee) 4. Perceptions about control over Web environment (trust in the website) Ex. Thai airway website provides good service and good security (depends on each person s perception) 5. Website features: latency, usability, security (easy to navigate, secured to shop) Clickstream behavior (transaction log that consumers establish as they move about the web) ex. Statcounter: track that who access to website, how many people turn to website again, the access flow of each people (know behavior of customers) Shoppers: Browsers and buyers Shoppers : 87 percent of internet users-to check information only (73 percent is buyers, 15 percent is web browsers) 1/3 of offline retail purchase influenced by online activities Online traffic also influenced by offline brands and shopping E-commerce and traditional commerce are coupled: part of a continuum of consuming behavior What consumers shop for and buy online 1. Big ticket items = value more than $100 Travel, computer hardware, electronics Consumers now more confident in purchasing costlier items 2. Small ticket items = value $100 or less Apparel, books, office supplies, software, etc. How consumer shops Sold by first mover on web (physical small items, high margin items)

How shoppers find online venders o Search engines 59 percent o Marketplaces (Amazon, ebay) 28 percent o Direct to retail sites 10 percent o Other methods 3 percent Online shoppers are highly intentional look for specific products, companies and services StumbleUpon.com: Unintentional searchers Recommender systems (introduce interesting products to consumers) : ebay recommend the top 10 best seller items in the first page of the website 2 most important factors shaping decision to purchase online 1. Utility : better prices, convenience, speed ( you can order fast, the webpage is easy to use and understand) 2. Trust : Internet Marketing Technologies Asymmetry of information can lead to opportunistic behavior by sellers ( the seller knows a lot more about the quality of goods) Sellers can develop trust by building strong reputations for honesty, fairness, delivery ex. Amazon book review/feedback from customers 3 broad impacts 1. Scope of marketing communications broadened 2. Richness of marketing communications increased 3. Information intensity of marketplace expanded Internet marketing technologies 1. Web transaction logs how customers click off o Build into web server software o Record user activities at website o Webtrends : leading log analysis tool 2. Tracking files 4 types of tracking files 1. Cookies (small text file placed by website, allow web marketer to collect data) 2. Flash cookies ( a website can only receive the data it has stores on a clients computer and cannot look at any other cookie) 3. (web) Beacons/bugs : create cross-site profiles (small graphic file) 4. Apps 3. Databases, data warehouses, data mining o Database: store record and attributes o Database management system (DBMS) : software used to create, maintain, and access databases o SQL (structured query language) : industry-standard database query and manipulation language used in a relational database o Relational database: two dimensional tables

o Data warehouse : collects firm s transactional and customer data in single location for offline analysis by marketers and site managers o Data mining : example : beer and diaper o Analytical techniques to find patterns in data, model behavior of customers, develop customer profiles o Query-driven data mining o Model-driven data mining o Rule-based data mining o Collaborative filtering 4. Advertising networks 5. Customer relationship management systems (CRM) : To keep on a loyal/ repeat customer is worthier than finding 100 new customers Establishing the customer relationship 1. Advertising networks : most sophisticated application of internet database (Ad server selects appropriate ad based on cookies, web bugs, backend user profile databases 2. Advertising exchanges : Auction and slot over many advertising networks 3. Permission marketing : obtain permission from consumers (opting in ; opt out) 4. Affiliate marketing : commission for new business ex. Amazon has a strong affiliate program consists of more than 1 million participant sites 5. Viral marketing in the web 2.0 o Ex. Blog, social networking (share ideas with your friends) 6. Blog marketing: using blog to market goods through commentary and advertising o Ex. Twitter (microblog : maximum 40 characters) 7. Social network marketing : driven by social e-commerce o Social sign on (log in account) o Collaborative shopping (lots of people to shop in this webpage ex. Facebook o Network notification (people will be like your comment and click it to notify you) o Social search (recommendation) 8. Mobile marketing: fastest growing marketing platform 9. Local marketing : location-based, daily deal coupon sites 10. Brand leveraging : using the power of an existing brand to acquire new customers for a new product or service Customer Retention 1. Mass marketing: national media message (global) ex. TVC 2. Direct marketing : direct mail, phone message 3. Micromarketing : Aim at geographical units (neighborhoods,cities) 4. Personalized, one-to-one marketing (ex. Amazon STP-segmentation, targeting, positioning) 5. Personalization (increase consumer sense of control and freedom)

Other customer retention marketing techniques 1. Customization :customize product to user preferences 2. Customer co-production : customer interactively involved in product creation 3. Customer service (FAQs, real time customer service chat systems, automated response systems) Net pricing strategies 1. Pricing : traditionally based on o Fixed cost o Variable cost o Demand curve 2. Price discrimination : selling products to different people and groups based on willingness to pay 3. Free and freemium : can be used to build market awareness (Skype for free but pay for premium) 4. Versioning : creating multiple versions of product and selling essentially same product to different market segments at different prices 5. Bundling : offers consumers two or more goods for one price ( buy one get two) 6. Dynamic pricing o Auction: ebay o Yield management: perishable product : food (empty seat in airline try to sell at low price in the last hour) o Flash marketing: very limited time, compulsive shopper

Chapter 7: E-commerce marketing communications

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information