 E-Commerce Security Issues
Merchants can have the results of on-line orders processed in
several ways:
- Sent to them via email
- Stored on the server
- Sent to an on-line credit card processing company
Security Issues --- Orders sent via email
- FrontPage offers no encryption or other technology for sending
encrypted email.
- Not all store front and shopping cart software offer the option to
send encrypted email.
Unless the email is encrypted (on the server) prior to being sent,
the email will travel through potentially hundreds of servers and be accessible on all of
them.
So it is crucial, if the merchant chooses to have the order results
handled via email, the email be encrypted using a standard encryption technology
Security Issues --- Orders stored on the server
- Make sure the directory where the file(s) are stored is password
protected.
- Make sure the password for this directory is changed often.
- Make sure the order information is not kept on the server for long
periods of time.
- If the order information is stored on a database on the server, make
sure the billing information has been encrypted.
It is crucial that all information be kept on the server only as
long as necessary and in a password protected area. If the information will be kept
on the server for a long time, then the information should be encrypted.
Security Issues --- Orders sent to an on-line
credit card processing company
This is often the most secure way to handle on-line orders as you,
the merchant, never receive the actual credit card number and the monies are automatically
deposited to the merchant account. However, it is the most expensive method.
Note: Just as care and planning
should be taken when establishing a merchant account, care and planning should be taken
when picking an on-line credit card processing company.
|
