Ecommerce Security  «Prev  Next»
Lesson 3 Security concepts
Objective Describe basic Internet security concepts

Sending data over network

When you access the Web, your keyboard strokes or other forms of interaction media (voice recognition, mouse clicks, etc.) typically go out onto the network exactly as you type them. The data is sent "as is." Sometimes, however, you want to protect the information you are transmitting to a Web site. An example is your credit card number. When the number moves over the Internet to the e-commerce site that will process your payment, you would prefer that it be unreadable while it's in transit and until it gets processed by the e-commerce site's computer.

Graphic showing credit card, credit card number, and how it is transmitted to the processing computer.
Graphic showing credit card, credit card number, and how it is transmitted to the processing computer.

Scrambling Data

The technique used to protect that credit card number as well as other sensitive items of information is called scrambling, or encryption. Even if someone were to tap into the network and steal your credit card number, they could not read it.
Cryptography refers to the technique of scrambling the information when it goes out over the network, and unscrambling it later.

SET - Secure Electronic Transactions

Credit card theft on the Internet has reached epidemic proportions, and everyone who handles credit card numbers and expiration dates clearly needs to understand that the handling is akin to toxic chemical handling and mandates the utmost of care and diligence. The risks of theft and misuse of credit card data by thieves and nefarious users who target the databases and systems that store and maintain the data are too great to ignore or treat casually. Daily reports of security breaches, extortion, identity theft, and general havoc continue to dog e-commerce and drive away large proportions of the buying public. To partially answer these concerns, the banking associations, 1) Visa and 2) Mastercard jointly issued Secure Electronic Transactions (SET) as a specification to implement the business services needed for worldwide processing of credit, debit, and charge card transactions over open channels like the Internet
In the next lesson, you will learn about authentication and certification.