Tag Archives: online security

E-commerce platforms offer unlimited opportunities for small to midsize businesses to increase sales, but they are also prime targets for cybercrime and online fraud, due to their lower probability of having robust online security in place to protect customers’ payment data. Unlike major corporations who enjoy the luxury of having their own in-house IT security providers or consultants, most small and midsize e-commerces are bootstrapping their businesses on limited budgets. To make matters worse, recent studies have shown that hackers are migrating to the new automation malware trend. By automating their threat software, cybercriminals can target large swaths of e-commerces rather than attacking them one at a time.

In this article, we will look at five steps you can take to secure your e-commerce website. Starting with a classic suggestion:

Promote Good Password Hygiene

While passwords are experiencing competition from technologies such as facial recognition and multifactor authentication (MFA), they’re still the standard access keys to most software. We need passwords for every service or website we log onto. For most users, it is common practice to use the same password for multiple services. The problem with this approach is that, once the reused usernames and passwords have been taken by hackers, they can be applied to various services, leading to widespread fraud.

If your sticking to passwords on your site for the time being, remember they should require a minimum number of characters (at least six, preferably eight to 10) and use numbers and symbols. It is also advisable to force users change their passwords regularly. And if you can afford it, look into investing in two-factor authentication (2FA) from users and customers. This can ensure that users don’t rehash potentially compromised credentials, and it goes a long way towards making sure that those requesting access are who they say they are.

Use HTTPS

HyperText Transfer Protocol Secure (HTTPS) is the online protocol for secure communications over the internet and one of the easiest ways to help secure your e-commerce website from fraud. Designated by a closed green lock icon on the browser address bar, HTTPS websites are deemed authentic and secure because they’re certified. This means the website really is what it’s claiming to be and not a counterfeit website placed online to fool users so that bad guys can grab access credentials, credit card data, and more.

To enable HTTPS, you will need to acquire a Secure Socket Layer (SSL) certificate. Receiving an SSL certificate is the first step, this now needs to be implemented carefully in your e-commerce solution. Certain web designing and hosting companies can handle this step for you.

The advantages of using HTTPS go beyond security and trustworthiness. Google gives secure HTTPS websites a higher search ranking, leading to more visitors. Conversely, Google also labels unencrypted websites as “not secure,” which makes them appear sketchy and unsafe. These days, there’s few faster ways to get a potential customer to skip your website than to not have HTTPS

Choose a Secure E-Commerce Platform

E-commerce platforms are usually picked for their storefront-building convenience, range of design, and functionality, but security features need to be top of mind, too. Look for proven e-commerce solutions that provide encrypted payment gateways, SSL certificates, and solid authentication protocols for sellers and buyers, like Linkeo Ltd.

Don’t Store Sensitive User Data

Consumer privacy is critical in e-commerce. Businesses need customer data to improve their communications and product offerings as well as make it easy to return purchases. The danger is that website hacking, phishing, and other cyberattacks target this user data.

The first rule is to only collect data that’s useful for the purposes of fulfilling the transaction. Businesses should avoid the temptation of collecting more customer data than is absolutely necessary. This applies specifically to customer credit card information. There’s no need to store them on online servers, which can be a violation of the Payment Card Industry Data Security Standard (PCI DSS), which serves to enforce consumer data protection in the payment card industry.

Cybercriminals and hackers can’t steal what isn’t there, so keeping the valuable personal and financial information of your users should be kept secure and off of online servers. If you have to store certain data, then make sure it’s protected in a safe, online storage repository that observes best practices when it comes to keeping information safe. This should include having stringent access controls, regular audits, and, most importantly, total data encryption.

Maintain a Security-Focused Mindset

E-commerce security is never a one-and-done deal. Threats and hacking methodologies evolve at an alarming rate, and maintaining an awareness and a security-focused mindset is the necessary preventive method. Once your e-commerce website’s security has been compromised, it is often too late. All a business can do at that point is costly and embarrassing damage control.

The real challenge for all businesses is effectively implementing e-commerce authentication and security measures in a frictionless manner so the customer experience is not impacted—and then staying on top of evolving threats without breaking the budget on security.

If you want to know more about these issues, feel free to drop us a comment below and let us know what topics you would like us to cover.

In our interconnected world of computers, phones, gaming consoles and other electronic devices that require a constant online presence, people have become somewhat blasé towards security and personal expression. This has given rise to such characters as internet ‘trolls’ – unpleasant individuals who harasses others in response to the other peoples’ opinions or even just their participation online, and scammers – unscrupulous individuals who try to steal protected data for monetary gain, or outright steal your money. It is therefore essential that you know how to guard yourself against these threats.

Below are some top tips to ensure you’re protected while living online:

Don’t use lazy passwords

This is quite possibly the most important tip we can give you. Make sure that your password is not easily guessed, which means avoiding a middle name, pet’s name or favorite football team or common words like password, computer or biscuit. Also, include capital letters, numbers and punctuation for extra security. Never use the same password for different accounts, to prevent people from accessing all your accounts if they manage to get into one. If you do get hacked, make sure you change your passwords immediately.

Be careful what you post online

There’s a common saying that everything is public and permanent on the internet. Being careful what you post serves multiple purposes. Make sure not to post personal details on public forums (like full name, address, bank details etc) Don’t share holiday plans openly, since that can leave you vulnerable to burglars. Also, many employers nowadays google prospective employees before hiring, so don’t post anything that could damage your chances of getting a job. Finally, avoid posting ‘private’ photos online to strangers, so you can avoid being blackmailed for money or worse.

If you are a victim of cyberbullying, do not answer back

Have you ever heard of the saying, ‘don’t feed the troll’? This is the perfect attitude to have when dealing with online abuse. No matter how nasty it gets, you’re much better off not responding directly. Simply report the abuse to people who are paid to monitor these types of behaviors and let them deal with it.

Never open email attachments or click on links from strangers

Most viruses are spread by people clicking on attachments and links from strangers. Don’t be one of them. If you don’t know who the email is from, don’t open it or anything attached to it. As a general rule, it’s better to delete the whole email without a second thought.

Watch out for email scams

Scamming emails are very common, and can range from the very poorly worded and obvious Nigerian ‘prince’ that wants to send you money, to the more subtle fake company emails looking for your personal information. This second type is called phishing. If you receive an email from an official company like Ebay, Paypal or even your bank saying that there’s a problem with your account, get on the phone to them and confirm. A very glaring warning sign is if the email asks you to enter your username and password into a portal – banks and other companies will never ask this.

If you’re doing online banking, use all the banks security recommendations

Almost every bank these days takes online security very seriously, and have robust protocols like 2-step authentication to protect your account online. Make sure you always set these up and keep the details safe.

Read the small print

When you sign up for any kind of online account, make sure you read their terms and conditions properly, especially the parts where they ask if you want to receive further information or promotional material from third parties. Only fill the mandatory boxes, marked with an asterisk (*) and make sure you’ve ticked/unticked the correct boxes before finalizing the process.

Use a firewall, anti-virus program and anti-spyware program

It doesn’t matter if you use Windows’ own firewall protection or a third-party like Norton or McAfee. Just make sure you don’t use both at the same time since they can interfere with each other.

In our next article, we’ll look at firewalls, anti-viruses and other Cybersecurity programs in greater depth. Until then, share your thoughts in the comments below and remember to stay safe.

Follow us

Partenaires