Thursday, August 8, 2019

Security Technologies for Online Payments Literature review

Security Technologies for Online Payments - Literature review Example There are several security technologies that are adopted by organizations to ensure smooth execution of online payments without any exposure or leakage of data to unreliable third parties. 2. Security Technologies in E-commerce According to figures from Ali (2011), cyber crimes cost Britain around 27 billion pounds every year. Such instances proved to expose the weaknesses of the credit card payment systems. Due to the appalling increase in the instances of data and identity thefts, organizations have started investing significant fractions of their resources to deploy effective security measures for online payments. Several researchers have also exerted their efforts in devising reliable security technologies. Some of the common ones have been discussed below: 2.1 Payment Gateway Get Started with an Ecommerce Payment Gateway (n.d.) defined the payment gateway as the intermediate pathway that encrypts information between the participants and ensures the completion of a transaction in the most secure environment. A payment gateway workflow is considered to be amongst the numerous pathways that are deployed in the whole cycle of an E-commerce transaction; this workflow is responsible for the authorization of the information. The following figure explains the placement and functions of the payment gateway: Figure 1: Workflow of Payment Gateway (Graham, 2006) The payment gateway works on the basis of the following steps: 1. The customer chooses the products and fills in the credit card details. 2. The credit card information is encrypted and verified for its authenticity with the card companies. The encryption function protects the data from being read by intruders and eavesdroppers. 3. Upon the validation of the information, the customer is displayed the summary of his transaction details; otherwise he is checked out of the whole process. 2.2 Geolocation Bratby (2011) stated that geolocation is a technology that identifies the geographic location of the user to en sure that there are no anomalies between his provided information and his location. Such identification is aimed to reduce instances of identity thefts and credit cards frauds. If a credit card issued from UK is being used to initiate an online payment from South Asia then flags will be raised at the respective online shopping website for possible anomalies or attempts for malicious activity. A general approach is to inquire security questions, PINs etc to ensure that the individual issuing the request is the owner of the card or account. The IP address of the user is translated into geographical locations by the geolocation administrators; these service providers maintain extensive database of IP addresses in relation to locations on the planet. Glover et. al (n.d) stated that the technology is so effective that most of the service providers claim to identify the user within 50 miles. The following figure shows a graphical representation of the geolocation technology: Figure 2: Pro cess of identifying the geographic location of the user (Svantesson, 2004) 2.3 Blacklisting and Whitelisting Approach Application Whitelisting: A New Security Paradigm (2008) stated that blacklisting approach follows a reactive strategy by protecting the system against malware. Extensive records are

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.