Solving Security Issues for Online Catalogs

Automation is a byproduct of combining an online catalog with a back-end e-commerce order-processing system. By its very nature, order automation significantly magnifies the impact of security failures. Fortunately, by understanding the sources of risk, retailers can choose e-commerce solutions that help minimize or eliminate those risks.

Four major areas of risk are:

• Buyer security fears.

• Catalog content tampering.

• Credit card fraud.

• Transaction database theft.

Buyer security — Clearly the most talked-about risk, it's also the most misunderstood, the least likely to occur and the most easily solvable. Online shoppers are concerned that their financial security is at risk when they send credit card data over the Internet — they've been told that anything they send over the Net can be read by 50 million people. Not true, of course.

Yet this is still a serious problem, since security fears are responsible for more than half of all abandoned shopping carts (uncompleted order forms). Paradoxically, buyers have the least risk in an online transaction. Largely protected by the card associations, they're liable only for a maximum of $50 from fraudulent purchases when their cards are stolen. A Web catalog must take measures to reassure buyers that online shopping is safe.

First, the Web site should prominently address security concerns by displaying a security policy — a page that describes the measures undertaken to protect buyers. Second, the Web site should have a “why this is safe” link on every page — especially the order form — that dispels myths about buying online. Finally, secure Web servers using industry-standard Secure Socket Layer protocols should handle the ordering process.

Most popular Web browsers support SSL. It allows secure Web servers to establish a protected communication link with buyers so all information (such as credit card data) is encrypted as it travels over the Internet. For best performance, choose an e-commerce solution that allows you to use separate Web servers for catalog presentation and order processing. That way, catalog presentation servers (containing public information not needing encryption) can be optimized for speed — while order-processing servers (collecting sensitive buyer information) can be optimized for security.

Catalog content tampering — In a bricks-and-mortar store, shoplifters sometimes steal goods by switching tags — putting a $10 price tag from basic item on a $100 deluxe item — in the hopes that the cashier won't notice. On the Web, this is accomplished through content tampering. If hackers manage to gain access to a shopping cart's source data (where the “tags” for products are stored), they may be able to trick the automated system into processing orders for products for far less than their real value.

One solution is to have the actual product offer information (like the price, stock number, terms of sale) in a protected database offline, and allow only the shopping cart tags to contain a reference to the product offer. Then, even if hackers modify the shopping cart tags, all they can do is change one reference for another. The order form, which is protected against tampering, uses the tag references to obtain proper pricing information from the offline database.

Credit card fraud — Public perceptions notwithstanding, retailers shoulder virtually all the risk with online transactions. Card holders can force charge reversals up to 180 days after a sale. When a credit card is used fraudulently on the Web, merchants have little or no recourse, usually having to write off such transactions as a loss. Worse still, acquiring banks will increase credit card processing fees for retailers that have more than a few reversals — and they may even cancel the account altogether — effectively shutting down an online store.

Here again, the choice of e-commerce platform can play a part in minimizing this risk. A basic tool is to use the Address Verification Service. This determines if the billing information supplied by the buyer matches the mailing address on file for the cardholder. Somebody who makes up a card number won't know where the real holder lives, and the AVS can easily stop this type of simple fraud. But it's not enough. The AVS only works on U.S. addresses (a high percentage of fraud comes from buyers located outside the United States) and many domestic thieves obtain complete credit card records so they can easily get past an AVS check.

There are more sophisticated fraud-detection services available. These range from simple rule-based algorithms (e.g., “do not accept orders from the following countries …”) to powerful neural-net systems that return a risk score based on thousands of data points from historical transaction databases. The better systems allow intervention by risk-assessment managers to minimize the number of false positives (rejecting otherwise good orders because of high-risk scores).

Transaction database theft — Cyber-thieves typically try to steal thousands of credit card numbers at once. They do this by attacking online catalog sites to get at their transaction databases. This represents a major threat to online businesses, but many companies don't even realize they're at risk. When it strikes, the effects are devastating and can easily put a Web store out of business.

The problem is that, over time, automated order-processing systems accumulate a wealth of valuable credit card data sets, complete with name, billing address, expiration date and card number — everything a thief needs to go on an illicit shopping spree by phone, mail or Web. Hackers know they can easily sell this information to other thieves, so the allure is irresistible. Unfortunately, many commerce platforms do nothing to protect transaction information after the sale.

The first line of defense is a formidable firewall in the order-processing system to keep unauthorized parties from accessing the database. Firewalls consist of advanced network management software and hardware that put up a shield between a corporation's electronic resources and the raging inferno of the Internet. To be most effective, this should be a robust solution implemented and operated by professionals who know a great deal about Web security. And it should be constantly monitored and updated as the skills and knowledge bases of the hacking communities increase.

The second line of defense is to choose a solution that maintains a heavily encrypted database with severely limited access (you need to be concerned about employee theft as well). Encryption should be on the order of 1,024 bits or higher — something requiring supercomputers and years to crack. Thus, even if hackers manage to tunnel through firewalls, all they'll get for their efforts is a confusing scramble of bits.

Consider outsourcingm — Most Web retailers aren't in the business of managing Internet security risks, and they often choose an e-commerce platform without understanding all the repercussions. Too often, these manifest themselves only after the store has been brought online — when it's too late and too costly to change course. This is one of the reasons it makes sense to outsource secure order processing to an organization specializing in this field. It offloads infrastructure tasks in which you can't add any value and frees your resources to focus on areas where you can make a difference — like Web site marketing, product presentation and customer satisfaction.

Related Posts