ECT 455 E-Commerce Web Site Engineering

1
ECT 455E-Commerce Web Site Engineering

• Electronic Payment Systems
• Internet Transaction Security

2
Agenda

• Market news
• Privacy Issues
• Digital payment
• Transaction security

3
Consumer Trust and Privacy

• Consumer WebWatch
• Only 29 trust Web sites that sell products or
  services
• Sites for commerce 95 disclosure of all fees
  93 disclosure of the sites policy on using
  personal information
• News and information sites 65 disclosure of
  privacy polices, 59 clear labeling of
  advertisement
• Search engine sites 60 dont know about ad
  sponsorship, 80 want search engines to revel
  these practices.
• 57 read policies about credit cards 35 privacy
  policies 22 About Us

Consumer WebWatch A Matter of Trust What Users
Want From Web Sites 4/16/02
4
Internet and the Right to Privacy

• Self-regulated medium The Internet industry
  governs itself
• Violation of Privacy Right or Better Service?
• FTC Study 97 collected personal information,
  only 62 informed the users about such practice
  57 contained 3rd party tracking devices
• Privacy advocates argue that these efforts
  violate individuals privacy rights
• Online marketers and advertisers suggest that
  online companies can better serve their users by
  recording the likes and dislikes of online
  consumers
• Financial Services Modernization Act of 1999
• Establishes a set of regulations concerning the
  management of consumer information

5
Network Advertising Initiative (NAI)

• Approved by the FTC in July 1999 to support self
  regulation
• NAI currently represents 90 percent of Web
  advertisers
• Determines the proper protocols for managing a
  Web users personal information on the Internet
• Prohibits the collection of consumer data from
  medical and financial sites
• Allows the combination of Web-collected data and
  personal information

6
DoubleClick Marketing with Personal Information

• Regulation of the Internet could limit a
  companys efforts to buy and sell advertising
• DoubleClick
• Advertising network of over 1,500 sites and
  11,000 clients
• Abacus Direct Corp
• Names, addresses, telephone numbers, age, gender,
  income levels and a history of purchases at
  retail, catalog and online stores
• Digital redlining
• Skewing of an individuals knowledge of available
  products by basing the advertisements the user
  sees on past behavior

7
Protecting Your Business Privacy Issues

• Privacy policy
• The stated policy regarding the collection and
  use of visitors personal information
• Privacy policy services and software
• PrivacyBot.com TRUSTe
• Core Fair Information Practices by FTC
• Consumers should
• be made aware that personal information will be
  collected
• have a say in how this information will be used
• have the ability to check the information
  collected to ensure that it is complete and
  accurate
• The information collected should be secured
• The Web site should be responsible for seeing
  that these practices are followed

8
Electronic Payment Systems

• Efficient and effective payment services accepted
  by consumers and businesses are essential to
  e-commerce.
• Requirements
• Convenient for web purchasing
• Transportable over the network
• Strong enough to thwart electronic interference
• Cost-effective for extremely low-value
  transactions

9
Electronic Payment Systems

• Banking and Financial Payments
• Bank-to-bank transfer (EFT)
• Home Banking -- CitiBank, Wells Fargo
• Payment through an Intermediary
• Open Market
• First Virtual (FirstVirtual Pin)

Both refer to their earlier business models
10
Electronic Payment Systems

• Electronic Currency Payment Systems
• Electronic Cash -- Internetcash.com
• Electronic Checks -- NetCheque
• e-Wallets
• Smart Cards
• American Express (blue smart card)
• Visa
• Micropayments
• Echarge, (echarge.com)
• paystone.com

11
More

• Retailing Payment Systems
• Credit Cards -- Visa or MasterCard
• Private Label Credit/Debit Cards
• Charge Cards -- American Express echarge
• Peer-to-peer payments (between consumers)
• PayPal (billpoint)

12
Credit-Card Transactions

• Popular form of payment for online purchases
• Resistance due to security concerns
• Many cards offer capabilities for online and
  offline purchases
• Mastercard
• American Express Blue

13
Credit-Card Transaction Enablers

• Credit-Card Transaction Enablers
• Companies that have established business
  relationships with financial institutions that
  will accept online credit-card payments for
  merchant clients
• Trintech
• Cybercash (Verisign)

14
E-Wallets

• E-wallets
• Keep track of your billing and shipping
  information so that it can be entered with one
  click at participating sites
• Store e-checks, e-cash and credit-card
  information
• Credit-card companies offer a variety of
  e-wallets
• Visa e-wallets
• MBNA e-wallet allows one-click shopping at member
  sites
• A group of e-wallet vendors have standardized
  technology with Electronic Commerce Modeling
  Language (ECML)
• Yahoo Wallet (wallet.yahoo.com)

15
Digital Currency

• Digital cash
• Stored electronically, used to make online
  electronic payments
• Similar to traditional bank accounts
• Used with other payment technologies (digital
  wallets)
• Alleviates some security fears online credit-card
  transactions
• Allows those with no credit cards to shop online
• Merchants accepting digital-cash payments avoid
  credit-card transaction fees

16
Smart Cards

• Smart card
• Card with computer chip embedded on its face,
  holds more information than ordinary credit card
  with magnetic strip
• Contact smart cards
• To read information on smart cards and update
  information, contact smart cards need to be
  placed in a smart card reader
• Contactless smart cards
• Have both a coiled antenna and a computer chip
  inside, enabling the cards to transmit
  information
• Can require the user to have a password, giving
  the smart card a security advantage over credit
  cards
• Information can be designated as "read only" or
  as "no access"
• Possibility of personal identity theft

17
Security ConsiderationsE-commerce v.s.
Paper-based Commerce

• Security attributes of signed paper document
• Semi-permanence of ink embedded in paper fibers
• Particular printing process
• such as letterhead
• Watermarks
• Biometrics of signature
• Time stamp
• Obviousness of modifications, interlineations,
  and deletions

18
Security ConsiderationsE-commerce v.s.
Paper-based Commerce

• Computer-based document do not have such security
  attributes
• Computer-based records can be modified freely and
  without detection
• Certain supplemental control mechanisms must be
  applied to achieve a level of trustworthiness
  comparable to that on paper
• Paper-based and computer-based documents may not
  perform equal or exactly analogous function in
  business and law
• Ex. negotiable document of title

19
Security Issues in E-Commerce

• User Authentication, User Authorization and
  Network Security
• Password protection, encrypted data transmission
• Firewalls
• Data Transaction Security
• Encryption Private Key vs. Public Key
• Privacy
• Payment Systems

20
Introduction to Secure Ecommerce

• What is Security?
• What are we securing in ecommerce?
• Security is heterogeneous concept in general.
• All security, including e-commerce, deals with
  these 2 KEY concepts
• Risk
• Trust
• Business risk management
• Risk analysis
• Risk mitigation
• Risk transfer

21
Security Risks to E-commerce

• 2004 CSI/FBI Computer Crime and Security Survey
• Direct financial loss resulting from fraud
• Payment account abuse
• Transfer funds without authorization
• Destroy or hide financial records
• Customer impersonation
• Exposure of confidential information
• False or malicious websites
• Customer Data Exposures
• Ex. HR block erroneously import customers' data
  into others' tax returns (February 2000)
• Data theft

22
Security Risks to E-commerce

• Damage to relations with customer or business
  partners
• An organization that suffers a security-related
  attack or failure may not publicize it
• Unforeseen cost
• Legal, public relations, or business resumption
  cost
• Recovering from a security compromise
• Public relations damage
• Masquerading
• Manipulation of web content
• Malicious rumor
• Uptake failure due to lack of confidence

Security is an essential ingredient of any
e-commerce solution
23
Internet security

• Consumers entering highly confidential
  information
• Number of security attacks increasing
• Four requirements of a secure transaction
• Privacy information not read by third party
• Integrity information not compromised or
  altered
• Authentication sender and receiver prove
  identities
• Non-repudiation legally prove message was sent
  and received
• Availability
• Computer systems continually accessible

24
Security Attacks

• Any actions that compromises the security of
  information systems
• Normal flow
• Interruption attack on availability

Info source
Info destination
25
Security Attacks (continued)
Info source
Info destination
Interception Attack on confidentiality
Modification Attack on Integrity
Info source
Info destination
Fabrication Attack on authenticity
Info source
Info destination
26
Passive and Active Attacks

• Passive attacks eavesdropping on, or monitoring
  of, information transmission
• Release of message contents
• Traffic analysis
• Active Attacks modification or creation of false
  information
• Masquerade one entity pretends to be a different
  entity
• Ex. Session Hijacking taking over an existing
  active session. It can bypass the authentication
  process and gain access to a machine

27
Passive and Active Attacks (continued)

• Replay passive capture of a data, retransmission
  to produce an unauthorized effect
• Modification of message some portion of a
  legitimate message is altered, or that message
  are delayed or reordered, to produce an
  unauthorized effect
• Denial of service (DoS) prevents or inhibits the
  normal use or management of communication
  facilities
• SYN flooding
• Winnuke (Perl code of Winnuke)
• Unfortunately, there are NO security mechanisms
  to counter DoS

28
Key Solutions to Secure Ecommerce Issues

• Firewalls
• Encryption
• Digital signatures and certificates
• Payment Systems

29
Model for Ecommerce Network Security
30
Firewalls

• A filter between a corporate network and the
  Internet that keeps the corporate network secure
  from intruders, but allows authenticated
  corporate users uninhibited access to the
  Internet
• An access policy, more than hardware and software

31
Types and Functions of Firewalls

• Proxy Application Gateways
• An application gateway (proxy service), caching
  documents (Dual-homed vs. Screened-host gateway)
• Simple Traffic Logging Systems
• Predominant methods record traffic flows
• IP Packet Screening Routers
• Filtering or blocking info packets based on
  screening rules

32
Dual Home Gateway Bastion Host Gateway
Bastion Gateway
Internet
Local Network
Proxies Ftp, Http,
33
Screen-host Gateway Screened subnet gateway
Bastion Gateway
Web server
Internet
Local Network
Router
Router
Ftp server
Proxies Ftp, Http,
34
Private Key Cryptography

• Secret-key cryptography
• Same key to encrypt and decrypt message
• Sender sends message and key to receiver
• Problems with secret-key cryptography
• Key must be transmitted to receiver
• Different key for every receiver
• Key distribution centers used to reduce these
  problems
• Generates session key and sends it to sender and
  receiver encrypted with the unique key
• Encryption algorithms
• Dunn Encryption Standard (DES), Triple DES,
  Advanced Encryption Standard (AES)

35
Private (Secret)-key Cryptography

• Encrypting and decrypting a message using a
  symmetric key

                                               
36
Public Key Cryptography

• Public key cryptography
• Asymmetric two inversely related keys
• Private key
• Public key
• If public key encrypts only private can decrypt
  and vice versa
• Each party has both a public and a private key
• Either the public key or the private key can be
  used to encrypt a message
• Encrypted with public key and private key
• Proves identity while maintaining security
• RSA public key algorithm www.rsasecurity.com

37
Public Key Encryption and Decryption
38
Encryption Transaction SecuritySecret vs.
Public Key Encryption

• Secret-Key Encryption (single key)
• Symmetric encryption, DES
• Use a shared secret key for encryption and
  decryption
• Key distribution disclosure
• fast, for bulk data encryption

• Public-Key Encryption (Pair of keys)
• Asymmetric encryption, RSA (Rivest, Shamin,
  Adlemann)
• Private/Public keys
• Need digital certificates and trusted 3rd parties
• Slower
• For less demanding applications

39
The Digital Envelope The Best of Both Worlds
Public Key Encryption
Public Key of Recipient
Private Key of Recipient
Session Key
Session Key
Digital Envelope
Session Key
Session Key
Private Key Encryption
Original Text
Original Text
Cipher Text
Recipient
Sender
40
Digital Signatures

• Digital signature
• Authenticates senders identity
• Run plaintext through hash function
• Gives message a mathematical value called hash
  value
• Hash value also known as message digest
• Collision
• Occurs when multiple messages have same hash
  value
• Encrypt message digest with private-key
• Send signature, encrypted message (with
  public-key) and hash function
• Timestamping
• Binds a time and date to message, solves
  non-repudiation
• Third party, time-stamping agency, timestamps
  messages

41
Using a digital signature to validate data
integrity
42
(No Transcript)
43
Digital Certificate

• A certificate is an electronic document used to
  identify an individual, a server, a company, or
  some other entity and to associate that identity
  with a public key.
• Public-key cryptography uses certificates to
  address the problem of impersonation
• Certificate authorities (CAs) are entities that
  validate identities and issue certificates. They
  can be either independent third parties or
  organizations running their own
  certificate-issuing server software

44
What is a Certificate Authority?

• Trusted third party
• Issues and manages certificates
• Specific trust domains
• Describes relationships between parties
• Predefines policies and expectations
• Certificates validate memberships in domain
• Subscribers agree/depend on practices
• Acts as a arbiter of trust in a digital
  relationship

45
Digital Certificate

• A digital certificate includes
• the public key
• the name of the entity it identifies
• an expiration date
• the name of the CA that issued the certificate
• a serial number, and other information. Most
  importantly, a certificate always includes the
  digital signature of the issuing CA.
• The CA's digital signature allows the certificate
  to function as a "letter of introduction" for
  users who know and trust the CA but don't know
  the entity identified by the certificate.

46
What is a Digital Certificate?

• Cryptographically encoded binary file
• Binds public key to individual
• Notarized by trusted third party
• Used to verify digital signature of owner
• Used to safely encrypt messages for owner

Digital ID
47
An Illustrative Certificate
Name Richard Key-Exchange Key Signature
Key Serial 34569044 Other Data
469222-002 Expires 6/19/02 Signed CAs signature
48
Role of Digital Certificates
49
Digital Certificate Process Description

• CA (Certificate Authority)
• Creates certificate with applicants public key
• Uses its private key to encrypt the certificate
• Sends signed certificate to applicant

Wants to send message and asks for signed
certificate.
Sends certificate to sender.
Recipient (applicant)
Sender

• Sender
• Uses public key of CA to decrypt certificate
  (this ensures the sender
• the true identity of the recipient)
• After decrypting the CA certificate, the sender
  uses the embedded
• public key of recipient to encrypt message

50
Public Key Infrastructure, Certificates and
Certification Authorities

• Public Key Infrastructure (PKI)
• Integrates public key cryptography with digital
  certificates and certification authorities
• Digital certificate
• Digital document issued by certification
  authority
• Includes name of subject, subjects public key,
  serial number, expiration date and signature of
  trusted third party
• Verisign (www.verisign.com)
• Leading certificate authority
• Periodically changing key pairs helps security

51
Digital Signatures Certificates

• Digital Signatures
• Public key encryption
• Used for sender authentication

• Digital Certificates
• Use 3rd party certificate authority (CA) to
  authenticate the ownership of key
• Increased trust

52
Client Authentication

• Password-Based Authentication.
• A server might require a user to type a name and
  password before granting access to the server.
• The server maintains a list of names and
  passwords if a particular name is on the list,
  and if the user types the correct password, the
  server grants access.
• Certificate-Based Authentication.
• Client authentication based on certificates is
  part of the SSL protocol.
• The client digitally signs a randomly generated
  piece of data and sends both the certificate and
  the signed data across the network.
• The server uses techniques of public-key
  cryptography to validate the signature and
  confirm the validity of the certificate

53
Client Authentication

• Password-Based Authentication.
• A server might require a user to type a name and
  password before granting access to the server.
• The server maintains a list of names and
  passwords if a particular name is on the list,
  and if the user types the correct password, the
  server grants access.
• Certificate-Based Authentication.
• Client authentication based on certificates is
  part of the SSL protocol.
• The client digitally signs a randomly generated
  piece of data and sends both the certificate and
  the signed data across the network.
• The server uses techniques of public-key
  cryptography to validate the signature and
  confirm the validity of the certificate

54
Using a password to authenticate a client to a
server
55
Using a certificate to authenticate a client to
a server
56
SET Secure Electronic Transaction

• A collection of encryption and security
  specification used as an industry-wide, open
  standard for ensuring secure payment transaction
  over the Internet
• A method for interoperability of secure
  transactions software over multiple, popular
  hardware platforms and operating systems
• Developed by Visa and MasterCard, with GTE, IBM,
  Microsoft, Netscape, SAIC, Terisa Systems and
  Verisign.
• Based on encryption technology from RSA Data
  Security.

57
SET Secure Electronic Transaction

• Use digital certificates to authenticate all the
  parties involved in a transaction
• SET-compliant software validates both merchant
  and cardholder before exchange of information
• Employs public-key encryption and digital
  signature
• Complete documentation in visa.com

58
SET Transaction Flow

• The customer interacts with the merchant Web site
  to select goods for purchase.
• The merchant sends an order description that
  wakes up the customer SET wallet.
• The customer checks the order and transmit a
  payment request back to the merchants SET
  module.
• The merchant sends the payment request to the
  payment gateway.
• The payment gateway validates the merchant and
  the customer and obtains an authorization from
  the customers issuing bank through an
  interchange network.
• The payment gateway sends an order capture token
  back to the merchant.
• The merchant sends a receipt to the customer
  wallet.
• The merchant uses the order capture token to
  settle the transaction.

59
Advantages of SET Over Channel Encryption

• Participants are authenticated via certificates
• Financial institutions provide assurance, not
  software
• SET allows a wallet to clearly distinguish a
  payment from other uses of web forms
• SET prevents terminated merchants from obtaining
  account information (three party transaction)

60
3D Secure

• Developed by card associations to replace SET.
• Does not require client software.
• Reduce the requirement s placed on the merchant.

61
Secure Sockets Layer (SSL)

• A transport-level technology for authentication
  and data encryption between a Web server and a
  Web browser.
• SSL negotiates point-to-point security between a
  client and a server.
• SSL secures the routes of Internet communication,
  but it does not protect you from unscrupulous or
  careless people.
• Source www.Netscape.com
• Use Public Key
• Do not protect private information.

62
Secure Sockets layer (SSL)

• SSL
• Uses public-key technology and digital
  certificates to authenticate the server in a
  transaction
• Protects information as it travels over Internet
• Does not protect once stored on receivers server
• Peripheral component interconnect (PCI) cards
• Installed on servers to secure data for an SSL
  transaction

63
SET versus SSL

• SET
• Three party protocol
• Application protocol
• Trust requirement All participants have been
  authenticated for a specific role in payment card
  transaction processing

• SSL
• Two party protocol
• TCP/IP Communication protocol
• Trust requirement communicating with a trustable
  server