A Critical Analysis of Electronic Commerce Security Measures

pyknicassortedΑσφάλεια

3 Νοε 2013 (πριν από 4 χρόνια και 7 μέρες)

77 εμφανίσεις

A Critical Analysis of Electronic Commerce Security Measures


Short Paper

Submitted in partial fulfilment of the

requirements for the Degree of

Bachelor of Science (Honours)

in Computer Science and Information Systems

at Rhodes University.

b
y


Kevin Boardm
an

g01b0633@campus.ru.ac.za

Supervisor

John Ebden


Department of Computer Science


4 October

2004




Abstract


Electronic commerce has the potential to offer many benefits both to the consumer
and to the bu
siness
,

but the recent rapid rise in online fraud causes concerns over the
security of e
-
commerce transactions. This paper

identifies

a number of common
options for securing the e
-
commerce transaction

and critically analyses

the
se

mechanisms
.
A number of w
eaknesses in one of the most readily implemented
solutions to e
-
commerce security (SSL) are identified and it is found that payments
protocols
,

if wid
ely adopted
, would offer the best
solution to securing the e
-
commerce
transaction.






1

1.

Introduction and
B
a
ckground

E
-
Commerce is a strategic imperative for organisations today and offers benefits both
to the consumer and the
organisation
,

but because of concerns over

the security of e
-
commerce transactions many consumers and businesses are still weary of it. H
owever,
this is not to say that e
-
commerce potential is being totally ignored by consumers,
research show that the
use of e
-
commerce

around the world is increasing. Therefore

despite some security concerns electronic commerce related activities such as e
-
b
anking continue to grow.

However some security concerns may be well founded
when some of the statistics relating to electronic commerce security are considered.
Fraud is increasing at a rapid rate.
According to the Journal of Computer Security and
Fraud [2
003]
the cost of fraud in 2002 more than doubled that in 2001. The above
information indicates that there is a gradual increase in internet related frauds and
therefore questions the security of many commercial activities that occur over the
internet.

2.

Secu
ring E
-
Commerce

In order to understand e
-
commerce security
s
ome common safeguards
must

be

identified and
discussed.

For the purpose of this study three main areas on which the
e
-
commerce system must be secured will be considered: merchant security, transpo
rt
security and client security, where merchant security includes the merchant’s and
bank’s web server and operating systems.

Merchant security involves the security of
the systems of the provider of the service
.

Client side security is

involved with the
s
ecurity of the systems of the users of the service
.

Secure transport involves the
securing of information when it is in transit between the client and the merchant.


2
.1

E
-
Commerce transaction s
ecurity

requirements

F
our basic security requirements of e
-
co
mmerce transactions

can be identified
:
authentication, confidentiality, data integrity and non
-
repudiation. Authentication can
be defined as “the ability
to uniquely identify a person or en
tity and to prove such
identity” [Hutchinson and Warren, 2003
].
Conf
identiality makes sure that only
authorized users have access to the content of the exchanged information [Claessens
at al, 2002
].

According to Hutchinson and Warren [2003] data integrity is the ability
to assure that data has not been modified accidentall
y

or by any unauthorised entity.
Non
-
repudiation can be defined as “the ability to prevent a denial of actions by a
person or entity” [Hutchinson and Warren, 2003].


2.2

E
-
Commerce Transaction
Security Mechanisms

In order to enforce the requirement mentioned
above, mechanisms need to be put in
place. These mechanisms include: user IDs and passwords, Public key infrastructure
and Digital certificates, Digital Signatures, Se
cure Socket layer (SSL),

and
various
Payment Protocols
.


2.2.1

User IDs and passwords, tokens a
nd biometrics

User IDs and passwords, tokens and biometrics are fundamentally concerned with
authentication of an individual. According to
The Federal Financial Institutions
Examination Council [2001] authentication methodologies involve three factors:
som
ething a user knows (a password or pass phrase), something the user possesses (a
token) or something the user is (a biometric characteristic, such as a fingerprint).


2


2.2.1.1


User IDs and passwords

The user ID/password technique provides for authorisation by ver
ifying the user ID
against the password provided. Both Ford [1998] and Verisign [2004] agree that
although passwords and user IDs (usernames) have become the most widely used
authentication technique, it is unfortunately one of the least secure methods of
authentication available
.

Ford [1998] and Verisign [2004] both identify five major
threats to password use in e
-
commerce:



External disclosure



Guessing



Eavesdropping



Replay attacks


capturing the password and resubmitting it at a later stage,
without know
ing what it is.



Host compromise
-

attacker gaining access to the system that stores the
password.


2.2.1.2

Tokens

Due to password

vulnerabilities and threats, passwords are often combined with
physical tokens to create multi
-
factor authentication in orde
r to improve the reliability
of th
e authentication [Ford, 1998].
According to The Federal Financial Institutions
Examination Council [2001] multifactor authentication methods are more reliable
indicators of authentication and are therefore stronger fraud d
eterrents.
This
multifactor authentication along with a tokens ability to prevent
transmission of
shared secrets over an open network

through local authentication

makes it a better
alternative than the username


password technique
. Tokens that generate on
e time
passwords provide protection against guessing of passwords while tokens that store
private keys prevent unauthorised parties accessing the user’s computer and copying
the keys for their own use.


2.2.1
.3

Biometrics

Biometric techniques such as reti
nal scanning, fingerprint analysis and handwriting or
voice recognition
;

it is generally agreed is one of the securest methods of
authentication. Despite this Ford [1998] points out that these techniques are very
expensive to implement correctly
,
compared
to other authentication techniques

and
are therefore usually only considered for high security applications.

Some biometric
techni
ques such as retinal scanning are

considered invasive and therefore not easily
adopted by the general public.


2
.2.2

Public Ke
y Infrastructure (PKI), Digital Certificates and Digital signatures

The user ID/password, token and biometric techniques for securing e
-
commerce all
concentrated only on authentication. The following section deals with techniques used
to fulfil the other r
equirements of e
-
commerce transactions security such as data
integrity, non
-
repudiation and confidentiality. Confidentiality in electronic
transactions relies heavily on encryption techniques but an in depth discussion of
encryption is beyond the scope of
this paper. Therefore a technique for providing
confidentiality, data integrity, non
-
repudiation and authentication, the public key
infrastructure (PKI), will be examined briefly.


2
.
2.2.1

Public Key Infrastructure (PKI)


3

According to Verisign [2004] one of

the most popular methods of protecting
information is through the use of a virtual key system, in which information is
encoded according to an encryption algorithm so that it can only be decrypted by a
user who holds the correct key.
PKI is a system that
uses asymmetrical keys that
perform the inverse operation of one another (
i.e.
: one key will encrypt the message
and the other decrypt). This system prevents the sharing of secrets over the network
but is however

somewhat inefficient in speed and involves
the trusted third party, a
Certification Authority (CA) [Radha, 2004].


2
.2.2.2


Digital Signatures

Digital signatures combine hashing techniques with public key cryptography
to ensure

data integrity, authentication and non
-
repudiation. Hashing, which i
nvolves
performing an algorithm

(hash)

on the original contents of the message and
comparing it with a hash of the received message, ensures that if a message is altered
while in transit the original and new hashes will not match
,

thus providing data
integ
rity
.

PKI is then used to verify that the sender is in possession of a unique private
key
,

thus ensuring authentication and non
-
repudiation.


2.2.2.3


Digital Certificates

The techniques above all have the potential to make the transactions in e
-
commerce
more secu
re, however a problem still exists:
the receiver must be assured that an
owner of a public key is not claiming to be someone he is not.
This assurance is
created by the use of digital certificates which are data structures that associate public
keys with s
ubjects [Radha, 2004]

and are controlled by trusted parties called
certificate authorities (CA)
.



2.2.3


Secure channels and the Secure Socket layer (SSL)

The Secure Socket Layer (SSL) is a method of providing a secure channel between
clients and merchants. In
fact according to Ghosh [1998] SSL is the “de facto”
protocol for securing communication channels in e
-
commerce although it does not
provide mechanism for handling payment. SSL provides security through some of the
methods mentioned in the public key infra
structure: confidentiality is provided by end
to end encryption, while auth
entication and data integrity are

provided through digital
certificates, digital signatures and hashing.


SSL only usually enforces server authentication through digital certificate
s and
therefore client authentication is usually performed by username and password over
SSL. According to Radha [2004] the protocol does not provide any non
-
repudiation
and once the communicated information is transferred to the server it may become
insec
ure as SSL only protects the channel

of

communication. A server could therefore
for example deny that they received a client

s order and use his credit card details for
unauthorised transactions. These weaknesses and SSL’s inability to handle
transferring
of payments may make it less secure for e
-
commerce than stored value
payment protocols for example.





4

2.2.4

Secure Payment
s

There exis
t many payment schemes that

use a variety of payment protocols and
implementations to provide secure payment services. Ghosh [
1998] indicates that the
key difference between secure payment protocols and secure web sessions

such as
SSL

is that secure payment protocols provide a method for guaranteeing that
merchants receive payments while keeping payment details such as credit car
d
number
s

confidential. Secure web sessions however
,

leave payment details up to the
merchant

allowing the merchant direct access to these payment details
. An advantage
of secure payment protocols is that credit card details are not available to the
mercha
nt and are therefore safeguarded from a potential unsafe merchant
, this also
prevents unauthorised access to a clients payment details if the merchant’s system is
insecure
.
Payment protocols include SET, 3D Secure and Secure Payment Application
(SPA).

3

Opti
ons and Recommendation

A number of different technologies that can be used to secure e
-
commerce have been
identified in the discussion above.

Combinations of these technologies can be used to
enforce the

needs of e
-
commerce security and a number of approa
ches to securing e
-
commerce are identified

in table 1
.


Table
1
:

Options for securing e
-
commerce


Passwords
and User ID

Tokens

Biometrics

PKI

SSL

Payment
Protocols

Option

1




*



Option 2





*


Option 3






*

Option 4


*


*



Option 5

*




*


Opt
ion 6


*



*


Option 7

*

*



*


Option 8



*


*


Option 9

*





*

Option 10


*




*

Option 11

*

*




*

Passwords and user IDs, tokens and b
iometrics

can all be used

to provide
authorisation and authentication in e
-
commerce. Passwords and user IDs pro
vide the
simplest and most readily adopted method

of authentication but however is known as
one of the least secure methods of authentication available. Tokens such as smartcards
and digitags provide a much higher level of authentication

due to
the fact

th
at they
prevent transmission of shared secrets over an open network through local
authentication
. Tokens in combination with user IDs and passwords provide multi
-
factor authentication which provide an even higher level of authentication security
and could
have viable

implementations in
high security e
-
commerce areas such as
electronic banking.

Biometric techniques provide the highest level of authentication
security
, h
owever due to the high cost and inconvenience of implementation

biometric

5

techniques are
n
ot currently a viable

option for authentication

in the e
-
commerce
environment
. It must be remembered that all of the techniques mentioned above only
provide authentication and do not provide solutions to confidentiality, dat
a integrity
and non
-
repudiation;

they

therefore are not viable options for securing e
-
commerce in
isolation.
These techniques should therefore be used in combination with some of the

techniques discussed below in order to provide greater security through
authentication.

3.1

Option 1


PKI

in
isolation

(option 1)

is a viable solution to providing security to e
-
commerce as
it

offers protection of confidentiality and authentication throug
h encryption and key
management;

and data integrity and non
-
repudiation through digital signatures and
digital

certificates.

PKI
however
,

has not been adopted widely as a solution in
industry
,

although aspects of it have been used extensively in other implementations
such as SSL.

The
difficulties with key management in business to consumer e
-
commerce

in particular
, are

one of the main reasons as to why PKI has not been
widely adopted. For business to business e
-
com
merce the use of PKI could be an
excellent
simple
solution.


3.2

Option 2

SSL
is one of the most readily implemented solutions to
e
-
commerce security. It use
s
public key cryptography to

create

a secure channel of communication

thus providing
confidentiality of data over the netw
ork. SSL in isolation
is

a viable option for
securing small to medium businesses’ e
-
commerce systems. This option does
however have it
s weaknesses

as it does not provide client authentication and non
-
repudiation which could allow the use of fraudulent credit card numbers.

It also does
not take care of payment leaving those details to the merchant which can be
burdensome. Because SSL does
n’t provide for payment it allows potentially insecure
or illegitimate merchants access to credit card details potentially allowing fraudulent
activity.


3.3

Option 3

Payment protocols such as 3D Secure and Secure Payments Application (SPA) in
isolation (opti
on 3) could be used as a very effec
tive way of securing e
-
commerce.
The advantages of using payment

protocols is that it
provides for payment
,

thus
eliminating the need for merchant to have access to credit card details
,

eliminating
potential fraud

by ill
egitimate merchants or by fraudsters gaining access to insecure
merchants
.

T
he problem here lies not as much in the security it provides
,

but in the
adoption of payments protocols by banks, merchants and clients. If payments
protocols are widely adopted th
en they would be
one of
the best
mechanisms

for
providing e
-
commerce.


3.4

Option 4

S
ecurity in PKI could be improved

dramatically by

using PKI in combination with

tokens. Each user could own a token that contains his public private key combination
thus preven
ting fraudsters from stealing private keys that are stored on the computer
itself. Tokens could also provide multiple authentication of users, requiring them to
e
nter a password in order to use

their private key stored on their token. A
disadvantage of thi
s method is the inconvenience of having to have a separate token to
perform transactions. The availability of token readers (eg: smart card readers)

is also

6

limited at the moment. This option may be used widely in the future and could be
used with more spe
cialized e
-
commerce activities which don’t require the large
distribution of specialized token readers.




3.5


Option 5


SSL in combination with usernames and passwords for client authentication is a
viable option for securing e
-
commerce. An advantage of this

approach is that an easy
to use and familiar method of client authentication helps to prevents credit card
number theft and fraud. This method provides for greater security through client
authentication but still has

inherent

weakness
es that are associate
d with passwords use
(ie: external disclosure, guessing, eavesdropping, replay attacks and host
comprom
ise). This approach only

takes into account one of the weaknesses of SSL in
isolation (option 2) and still has weaknesses with insecure or illegitimate m
erchants.


3.6


Option 6

Using SSL in combination with tokens is a more secure method of
securing e
-
commerce
than

SSL with

passwords and user IDs
. Both methods provide user
authentication but tokens provide a physical “real world” method of verifying a
cardhol
der’s identity. This eliminates the weaknesses associated with password use,
but introduces other difficulties. These disadvantages include
difficulties involved in
token distribution (ie: a

client cannot perform a transaction

until they have received a
va
lid physical token), and difficulties involved with the distribution and availability of
physical token readers (
very few clients have smart cards readers for example at this
stage).

This option still does not take care of problems with insecure or illegit
imate
merchants. O
ption

6

could be viable for use for companies with medium to high
security needs

where the potential costs of breach of security outweigh the costs of
distribution of tokens and/or token readers.


3.7


Option 7

SSL in combination with tokens

and usernames and passwords provide multiple
levels of client authentication and is more secure than option 6
.

It however does have
the same disadvantages

associated with tokens and also does not handle the problems
of the insecure or illegitimate merchan
ts (both discussed above). If a company is
considering using
option 6, option 7 would be a more secure method

of securing e
-
commerce

with very little extra cost.


3.8


Option 8

The use of SSL along with biometrics would not be a very viable solution to securin
g
e
-
commerce at present. Firstly these technologies are still considered to be costly, and
are still emerging and therefore not always accurate. Client adoption of this method of
authentication

would also be difficult due to the perceived invasiveness of s
ome of the
methods and the cost of the equipment. This could be a viable option in the future of
e
-
commerce but at the moment the cost of using this method would in most cases
outweigh the advantages offered by it.


3.9


Option 9
, 10 and 11

Payment protocols a
s mentioned in the discussion of option 3 take care of the insecure
and illegitimate merchant problem

by providing for payment directly from the bank
thus

hiding the client’s credit card details from the merchant
. Payment protocols
,
however,

sometimes do n
ot provide for client authentication. This can be added

7

through the use of password and user IDs, tokens or both. The advantages and
disadvantages of each authentication technique

are the same when used in
combination with
payments protocols

and have been
discussed above
.

Payments
protocols in combination with client authentication

techniques can be considered the
most secure methods of securing the e
-
commerce transaction. This is due to the fact
that they provide for client authentication, thus preventing
unauthorised use of credit
card numbers, and that they prevent the insecure and illegitimate merchant problem
by automatically providing for payment.

It is thus suggested that the use of payment
protocols in combination with usernames and passwords for cli
ent authentication is
one of the most secure and most viable options to securing the e
-
commerce
transaction. A merchant could implement tokens for client authentication when a
higher level of security is needed, but the cost of a potential breach of securi
ty should
outweigh the cost of implementing the token authentication system.




4

Conclusion

The Secure Socket Layer (SSL) is one of the most commonly used mechanisms to
secure the e
-
commerce transaction. SSL is a viable option when considering secure e
-
co
mmerce but it has

a number of weaknesses which could be

rectified by the use of
payments protocols.

The inability of SSL to handle payments means that an
illegitimate client could have direct access

to a clients payment details

or that an
insecure merchant

could allow unauthorised users

access to these details.

SSL also
does not provide non
-
repudiation.

Payment protocols in combination with client
authentication techniques

do not have these weaknesses and

therefore provide the
safest method of securing the
e
-
commerce transaction.





5

References


Ahuja, V
.
Secure Commerce on the Internet
, AP Professional, London, 1997.

Claessens, J; Dem ,V; De Cock, D; Preneel, B; Vandewalle, J. “
On the Security of
Today’s Online Electronic Banking Systems” in
Computers and
Security,
2002,

Vol 21,
No 3, pp 257
-
269.

Consumer Sentinel
.
Three year trend for sentinel complaints
. Published: 22 January
2004. Accessed: 21 March 2004. URL:
<
http://www.cons
umer.gov/sentinel/states03/3year_trends.pdf

>

Ford M
,
Identity Authentication and 'E
-
Commerce’

in
The Journal of Information, Law
and Technology (JILT)
, Issue 3, 1998.

Ghosh, A
.
E
-
Commerce Security: weak links, best defence
s, Wiley Computer
Publishing,

Canada, 1998.

Hutchinson, D and Warren, M. “
Security for internet banking: a framework” in
Logistics Information Management, Number 1, 2003, pp. 64


73.

Radha, V
. “
Preventing Technology Based Bank Frauds
” in
Journal of Internet Banking
and Commerce,

vol. 9, no. 1, 2004.

The Federal Financial Institutions Examination Council.
Authentication in an
electronic banking environment
. Published: 8 August

2001. Accessed: 3 June 2004.
URL:<
htt
p://www.occ.treas.gov/ftp/advisory/2001
-
8a.pdf

>

Verisign.
Building the Infrastructure for secure Electronic Commerce
. Published:
2004, Accessed: 10 May 2004. URL:

<
http://www.verisign.com.au/whitepapers/enterprise/ecommerce/infra5.shtml
>


8