Online security has been a key issue ever since the beginning of digital economy and while huge improvements in authentication, encryption and anti-virus technology have allowed e-commerce to flourish, this is still a high area of concern for both online and mobile merchants and consumers.
Common forms of attack can include:
· Phishing schemes – a problem, particularly for online banks. A duplicate bank website may be set up causing unaware consumers to type in their account information. Fraudulent emails can also be sent to consumers asking for confidential account information.
· Viruses, spyware or ‘Trojan horses’ can be embedded into programs that allow hackers unauthorised access to a computer where they can record a user’s keystrokes.
In 2006 the PCI (Payment Card Industry) Data Security Standard was launched which represents a common set of industry requirements for the safe handling of sensitive information through policies, procedures, network architecture and software design. The large banks such as Visa and MasterCard are supporters of the PCI standard and the PCI Security Standards Council [www.pcisecuritystandards.org] encourages all online merchants to adopt the standard.
A report released by McAfee in mid-2009 estimated that up to $1 trillion was spent on data theft and cybercrime by businesses worldwide in 2008. On behalf of McAfee, the Purdue University’s Center for Education and Research in Information Assurance and Security conducted a survey of around 800 CIOs across the US, UK, Germany, Japan, China, India, Brazil and Dubai, and discovered that participants lost data and intellectual property worth around $4.6 billion and also spent $600 million repairing the damage after security breaches. McAfee used this data for its projection that up to $1 trillion is spent worldwide by businesses.
According to a 2009 report from National Research Center ‘State of the Net’ survey, in the US alone one in five online consumers have been targeted by cybercrime, costing a combined $8 billion over the previous two years.
Around the world, companies involved in e-commerce continue in their attempts to combat the security risks and re-assure customers they are doing all they can to provide a safe online environment. One example included Visa’s acquisition of CyberSource in 2010. CyberSource is a provider of electronic payment and e-commerce security software and Visa intends to use it to improve its fraud detection processes. The deal was reportedly worth $2 billion.