Guidelines for E-Commerce Security


With internet fraud frequently reported in the news, maintaining e-commerce security is essential for any online business. A company needs to take precaution to safeguard the website from potential threats. An awareness of e-commerce security measures is useful for providing some guidelines a company should consider.

Transaction integrity is the first and foremost consideration. When submitting credit card details online, a SSL digital certificate should be installed to provide an encryption mechanism for the safeguarding and authentication of credit card details. These certificates can be purchased through your hosting company and should be integrated with your shopping cart.

The payment gateway must be robust and checked for integrity. The developer who is responsible for the site development will need to follow any guidelines provided by the gateway provider. This is essential for e-commerce security and developers need to be made aware of this documentation during the project build.

The server that stores the credit card details from online transactions must be subjected to stress and security checks. This is to prevent outside intrusion and the outright theft of credit card details. Adequate firewall protection, the masking of port access and procedural checks should be undertaken to ensure the database is not prone to outside penetration.

The front end of the site should be subjected to security checks. This involves taking adequate precaution to ensure that the code structure of the site is not vulnerable to code injection. Sites that use SQL databases are frequently targeted with SQL injection which can compromise site and database integrity. Developers should have guidelines as part of the development plan to check that system testing takes place.

A privacy policy statement on the website also provides an indication to potential customers that personal details are taken seriously. This should state the companies’ security policy with regard to handling online transactions, storing and using credit card and email details.

Using the ‘hacker safe’ service should also be considered. This is a proactive subscription service that scans for remediate network vulnerabilities on a daily basis. Immediate notification is provided for areas that require attention. This service provides PCI compliance and case studies indicate that the display of the hacker safe logo on the site improves transaction confidence considerably.

A business should consider all of the above points as part of their e-commerce security initiatives. An active security policy is essential for maintaining consumer confidence and protecting valuable stored and transmitted data.

Leave a Reply

Your email address will not be published. Required fields are marked *