~welcome to e-commerce world~

Post by Jaeme, 26 June 09 @ 9:26pm

In order to ensure that our personal and financial data are being safeguarded appropriately, we need to take certain precautions while conducting online transactions. There are certain safety measures that one can choose from depending on the confidentiality of information exchanged and the level of security required by each individual or organization. Below are 7 types of precautions to ensure protection while conducting business online.

1. Antivirus and anti-spyware software.

• Antivirus is software designed to protect your computer against malicious software. Malicious software includes viruses, Trojan Horse, worm and other codes which can steal any unsecured information from your computer. In order to make an antivirus software an effective defense, users are required to scan through their computer regularly and keep the antivirus software up-to-date to recognize the version of malicious software. Therefore, with the right antivirus software, it can provide protection for computers to fight against viruses that can cause damage to computers and more importantly, to ensure that any personal and financial data will not be stolen.
  
• Anti-spyware is a program designed to detect and prevent unwanted spyware installation and remove those program that have been installed. Adware and Spyware are dangerous programs that will enable website developers to access users personal and financial data from their computers. Spyware can be activated while downloading certain files from the internet. This software should be included on the internet as a security measure and should be able to update automatically.

2. Firewall software.

• A firewall is simple program or hardware device that filters the information coming through the Internet into ones private network or system. Firewalls are used to prevent unauthorized internet users from accessing to a private network, especially an intranet. All messages entering or leaving the intranet will pass through the firewall which will examine each message and lock those messages that do not fulfill specified security criteria.
  
  
  

3. Message encryption.

• A popular technique for protecting messages in transit is called public-key infrastructure (PKI) cryptography. PKI is a scheme for securing e-payments by using public key encryption and various technical components. PKI confers integrity (the data haven't been manipulated), authenticity (the identity of the sender is known), nonrepudiation (the data can't be disowned) and privacy on the data. Any one attempting to corrupt or damage the contents will cause the initial binary digits sent by the computer to be messed up and when the receiver receives the message in normal text, it will also be a clutter when the recipient views it. Therefore, the recipient will know the message will have already been corrupted.

4. Browsers encryption.

• The actual way for encrypting the Web-based information interchange is by using the Secure Sockets Layer (SSL). It can be used to encrypt email messages using a symmetrical one-time electronic key. This key functions when the server and browser connection is opened. When the connection ends, the encryption expires with it.

5. Digital signature.

• An identifying code that can be used to authenticate the identity of the sender of a document. It is equal to a personal signature and cannot be easily repudiated or imitated. There is a simpler PKI process using the same algorithms referred to above as `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'.

6. Password.

• You should choose a password that is difficult for someone to crack. A strong password should consist of a combination of letters, symbols, and numbers in order to secure your personal and financial data. Furthermore, you should not use passwords such as license number plate, IC number, birthdates or phone numbers as passwords and always make sure you change your password occasionally.

References:

http://www.howstuffworks.com/firewall.htm

http://www.jmir.org/2002/2/e12/HTML