Securing E-Commerce: A Systematic Approach

The vast growth potential for e-commerce in the banking and financial services industry is tempered by legitimate concerns over the security of such a system. Most diners are not too concerned about the possibility of a waiter keeping an imprint of their credit card number. Similarly, most of us feel comfortable about giving our credit card numbers over the phone to an operator. Why should e-commerce be any different? The answer lies in the scale by which fraud or theft can be perpetrated by flaws in the software systems that facilitate e-commerce transactions. The very nature of computing has the ability to amplify many-fold the effect of a simple error in e-commerce software into large-scale fraud, theft, or security intrusions. A simple error in configuring a commerce site's Web server can lead to the compromise of thousands of credit card numbers which can be quickly and widely distributed.