CIS2005 System Security and Control

1
CIS2005System Security and Control

• Module 11
• Electronic Commerce Security Issues

2
What is e-Commerce?

• Massive change to the way of doing business
• Interaction with product and service suppliers
• Represents digital (as opposed to paper-based)
  commercial transactions between businesses,
  between a business and its consumer, between a
  government and its citizens, between consumer and
  consumer

3
Risks in the e-Commerce World

• Direct financial loss resulting from fraud
• Goods charged to someones account fraudulently
• Transfer of funds between accounts illegally
• Destruction of financial records
• Exposure of proprietary information
• Competitive pricing information
• Damage to relations with customers or business
  partners
• Disclosure of confidential information
• Unresolved disputed transactions
• Unavailability or unreliability of services
• Public relations damage
• Attack on Web site
• Security vulnerabilities exposed

4
Secure E-Commerce

• Security is an essential ingredient in any
  e-Commerce solution
• Should leverage risk management strengths into
  competitive advantage

5
Security Challenges (Extranet)

• How will payment be handled?
• Automatic order placement by customers computer?
• Transaction volumes / Transaction value
• Non-repudiation
• How can the company provide as much information
  as possible to its partners but still protect it
  back office systems?
• Viruses
• Hackers
• Denial of service attacks etc

6
B2C e-commerce

• Benefits
• Mass customisation
• Streamlined ordering etc.
• Security challenges?

Order payment
Company Web Page
Back Office Systems
Product details
Web
7
B2C e-commerce challenges

• How does the customer pay for goods?
• How does the company keep its catalogues/price
  lists up to date?
• How does the company differentiate between valid
  and bogus orders?
• How does the company protect their back office
  systems?
• What about products that cannot be delivered
  electronically?

8
Issues in E-commerce

• Confidentiality of data
• Integrity of data
• Viruses
• Hacking
• Appropriate Software database development
  procedures
• Availability (usually 24x7)
• Contingency planning UPS,hot/cold sites, backup
  procedures etc
• Authentication
• Non-Repudiation

9
Securing Payment on the Internet

• Payments should be
• authenticated
• resistant to forging
• confidential (e.g. protection of c/card nos.)
• Secure payment data capture
• Use SSL/TLS protocols to capture and securely
  transfer payment details
• Off-line processing
• On-line payment processing
• Credit and debit cards, e-checks, ACH
  transactions
• Instant authorisation

10
(No Transcript)
11
Credit Card Payment Models

• SET Protocols
• 3D-SET and 3D Secure
• Fraud prevention mechanisms
• Primary participants
• Issuers
• Cardholder
• Merchant
• Acquirer
• Payment gateway
• Certificate authorities

12
Lack of Authentication

• Major drawback with card-not-present transactions
  is that vast majority are not authenticated
• Without effective authentication
• Increased incidence of fraud
• Erosion of consumer confidence
• Loss of revenue
• Higher transaction costs
• Higher service costs
• Chargeback costs
• Loss of staff time
• Damage to merchant and card organisation
  reputation

13
Chargebacks and Merchant Liability

• Merchant bears full cost of
• Fraudulent transactions
• Disputed transactions
• Customer denies having made the purchase
• Stolen identity
• Customer fraudulently denies having made the
  purchase
• After receiving the goods

14
New Generation Payment Models

• Visas 3D-Secure (Verified by Visa) and
  MasterCards SPA
• Increase customer confidence
• Reduce fraud
• Reduce chargebacks
• Authenticated payment environment
• Issuer and merchant must participate
• Customer must enrol with issuer
• Username and password

15
Payment Protocols

• SSL
• Protection from hackers during transmission
• Problems
• Merchant has no way of knowing that the customer
  is the true owner of the credit card
• No protection outside the tunnel
• SET
• Certificate-based system that uses digital
  signatures
• Authenticates customer and merchant
• Problems
• Too complex required cardholder software and
  digital certificate being installed on customers
  PC
• Portability customers restricted to purchasing
  from computer holding digital certificate
• Complexity and costs of the overall
  implementation for the different parties
• Technical interoperability among different vendor
  solutions and lack of software tools
• Insufficient additional value to consumers,
  merchants, and institutions to induce adoption
• 3D-SET (Server-based SET)
• Reduced technology required at merchant and
  customer ends (thin modules and slim digital
  wallets)
• Increased portability
• Problems
• Only catered for certificates issued by one CA

16
Other Payment Instruments

• eChecks
• Electronic cash
• Must have these features
• Monetary value (backed by real money)
• Interoperability
• Storable Retrievable
• Secure
• Economical to use
• Utilise digital signatures
• Micro-payments
• Problems of re-use

17
Encryption systems are a very important component
of e-commerce systems
18
Non-repudiation
19
What is Non-repudiation?

• Offers a party to a transaction protection
  against a false claim by another party that the
  transaction never took place
• Guards against a successful false denial by
  exposing a wrongful repudiation with strong
  evidence to support speedy and effective dispute
  resolution before a neutral third party
• Can deter other parties from attempting acts of
  repudiation

20
Examples of Repudiation

• Recipient (sender) claims to have received (sent)
  a transaction, but sender (receiver) claims not
  to have originated (received) the transaction
• Recipient (sender) claims to have received (sent)
  a transaction different from which sender
  (receiver) claims to have sent (received)

21
How to achieve non-repudiation

• Identities of the parties
• Message content
• Identities of any trusted third parties

22
Digital Signature

• One mechanism for providing non-repudiation is
  for the sender to digitally sign the transaction
• The digital signature constitutes the
  non-repudiation evidence
• Provides authentication
• Enforces
• Non-repudiation (the message is from you)
• Integrity (the message was not altered)

23
Senders Digital Certificate
Verify
Sign
Sender
Data
Store
Signature
Receiver
Trusted Third Party
Certificate
24
Digital Signature Step 1
Note It is not possible to change a message
digest back into the original data from which it
was created
25
Digital Signature Step 2
26
Digital Signature Step 3
27
Digital Signature Decryption
28
The Plot Thickens..

• What if a disgruntled employer (Doug) wants to
  deceive the receiver (Robert) into thinking that
  the message he is sending comes from Mary by
  creating a key pair in Marys name?

29
Simplistic Solution

• Get some trusted person (say Trish) to issue a
  certificate with Marys public key and other
  details about her
• Trish signs the certificate
• Roberts decrypts the certificate with Trishs
  public key to obtain Marys public key
• Note No one accepts a signature for which there
  is no certificate issued by Trish
• Trish can revoke certificates if private keys are
  compromised, or not needed

30
Digital Certificates

• Method of authenticating that the public key
  actually belongs to the sender
• Trusted 3rd party (Certifying Authority)
• Digital signatures can also be used to testify
  (or certify) that a public key belongs to a
  particular person
• This is done by signing the combination of the
  key and the information about its owner by a
  trusted key
• The digital signature by a third party (owner of
  the trusted key), the public key and information
  about the owner of the public key are called
  certificates
• Users name
• Public key
• Timestamps
• Digitally signed

31
Key Distribution using PKI
1
User Identity Public Key
CA- Private Key
CA
2
CA- Public Key
user
3
Certificate
4
Certificate
Users
32
E-Commerce Security issues

• Server-side risks
• Eg. Bugs / misconfiguration of the server that
  allow attacks to occur
• Browser-side risks
• eg. Crashes / privacy breaches
• Interception / modification of network data
• Viruses

33
Tools applications

• Encryption
• Digital signatures
• Digital certificates
• Firewalls / proxies
• Secure e-payment systems
• Trusted operating systems (financial
  institutions)
• Virus protection systems etc

34
A good e-Commerce site should incorporate all of
the security aspects that we discussed so far in
the course in addition to having an appropriate
electronic payment system