E-tailers 'Need Security To Protect Reputations'
E-tailers ôhave much to lose without adequate securityö, says Paul Tickle, of data integrity firm, Tripwire, as ôsystem downtime to any kind of security breach affects ability to make money at the tillsö. Business sites need to be available at all times, Tickle says, and taking a site offline after a breach ôtarnishes reputations and puts off potential customersö. The breach suffered by the UK governmentÆs Inland Revenue website shows how reputations can be damaged by vulnerabilities, ôwhich leads to a fall in revenueö, according to Iain Franklin, of Entercept Security Technologies.Tickle is aware of the benefits in ôkeeping credit card numbers [and] billing addresses on file with a frequently-visited merchantö, but secure databases must be used to hold this data. ôMerchants have higher costs and less protection in accepting credit cards as paymentö, says Steve Atherton, of ClearCommerce, ôas fraudsters are becoming more sophisticatedö. Encrypted data both provides an audit trail and reduces ôproblems that can occur with eCommerceö, such as ôorder details not being encrypted properly while stored on web sitesö, says Chris Barling, of Actinic.
While SSL remains popular as a transaction security mechanism, Barling notes that ôanother problemö with eCommerce ôis where call-backs from payment service providers are not protected against spoofingö. Digital certification can similarly be used in a ælayeredÆ security architecture for online payment security, but is not a panacea in that certificates need to be kept up to date and to be valid for a particular application. In light of these risks, the best way to ensure the continued growth of eCommerce is to install a secure, scalable end-to-end system for online payments. Related Links:
Credit Cards Entrenched In Europe's eCommerce
EU Banks Can Use A2A Payments To Trim Costs
MasterCard Gearing Maestro For Online Use
