Professional Documents
Culture Documents
5) Multichannel:
Expand the reach of your brand by selling on multiple
channels, like Amazon, eBay, or even niche venues like
Etsy
6) Create a Blog:
You don’t need to be a crafter or foodie to engage in
content marketing.
Ans:
1. Financial frauds
Ever since the first online businesses entered the world of the internet,
financial fraudsters have been giving businesses a headache. There are
various kinds of financial frauds prevalent in the e-commerce industry
The bad players perform unauthorized transactions and clear the trail,
causing businesses great losses. Some hackers also engage in refund
frauds, where they file fake requests for returns.
2. Phishing
3. Spamming
Some bad players can send infected links via email or social media inboxes.
They can also leave these links in their comments or messages on blog
posts and contact forms. Once you click on such links, they will direct you to
their spam websites, where you may end up being a victim.
5. Malware
Attackers are on the lookout for certain vulnerabilities that might be existing
in your e-commerce store.
Often an e-commerce store is vulnerable to SQL injection (SQLi) and Cross-
site Scripting (XSS).
a. SQL Injection
7. Bots
Some attackers develop special bots that can scrape your website to get
information about inventory and prices. Such hackers, usually your
competitors, can then use the data to lower or modify the prices in their
websites in an attempt to lower your sales and revenue.
8. e-Skimming
• IMPS Method:
The first step is to download the mobile application of your banking
institution. For instance, you have to download the mobile application of HDFC
Bank if you hold a bank account with this banking entity.
Once you download the mobile application, you have to login to mobile
banking using credentials.
Click the ‘Bank Account’ button. You shall be provided with a link for the
IMPS payment option.
Click the ‘IMPS’ button and choose the ‘Merchant Payment’ button.
• Through BillDesk:
BillDesk is an online payment platform which allows you make credit card
bill payments without having any online account.
Many banks and credit card issuers use the platform to offer easy and
convenient bill payment services for their customers not using the net banking
facility.
Through BillDesk, you can pay credit card bills of any bank using a debit
card or net banking account of partner banks.
Ans:
1. Create optimized landing pages:
Having optimized (ideally locally optimized) landing pages for
products that searchers are landing on your site for is ideal.
Landing pages are great for shoppers who are looking for
general items within a specific category but like to have some
additional information before they purchase.
2.Always show reviews on your products:
From personal experience, buying an item that has great reviews or
between and stars out of stars makes the product more appealing
and trustworthy as it has been used and enjoyed by fellow
shoppers.
Having features like PayPal makes checking out easier for millions
of potential customers, and having an easy to use checkout system
where you can enter your billing and shipping information (on the
same page is ideal) to purchase the product will also give customers
less time to change their mind.
4.Invest in a redesign.
If your site structure is intact but your front-end could use a facelift,
invest the money into a properly redesigned site.
Workflow:
1. Management Function.
2. Business Function.
3. IT functions.
4. Mobile Functions.
5. Outsource vendor’s functions
Q6) In what way public key encryption is different from
Private Key Encryption. Why is it Important in E-
Commerce?
Ans:
Public key
It is an encryption technique that uses a pair of keys (public and private key) for secure
data communication. In the pair of keys, the public key is for encrypting the plain text
to convert it into ciphertext, and the private key is used for decrypting the ciphertext
to read the message.
The private key is given to the receiver while the public key is provided to the public.
Public Key Cryptography is also known as asymmetric cryptography.
The public key can be shared without compromising the security of the private one.
All asymmetric key pairs are unique, so a message encrypted with a public key can only
be read by the person who has the corresponding private key. The keys in the pair
have much longer than those used in symmetric cryptography. So, it is hard to decipher
the private key from its public counterpart. Many of us, heard about RSA, which is the
most common algorithm for asymmetric encryption in use today.
In symmetric (shared key) cryptography, both communicating parties share the same
key, which they use for both encryption and decryption.
In this kind of cryptography, a pair of keys is used instead: a public key, which is
widely available and a different, private key, which is only known to the entity that owns the
pair.
Using public key cryptography, an entity (person, service or application) may encrypt
information, prior to transmitting it to another entity, with the receiving entity’s public key.
The message can then be decrypted only by the receiving entity owning the corresponding
private key, thus ensuring confidentiality of the transmitted information.
Q7) What is DES? Explain what DES does when the following hexadecimal
plain text is input to a DES hardware. A1907FBCD986543201
FED14E890ABCA5
Ans:
Data Encryption Standard (DES) is a block cipher and encrypts data in
blocks of size of 64 bits each, which means 64 bits of plain text goes as
the input to DES, which produces 64 bits of ciphertext.
The same algorithm and key are used for encryption and decryption, with
minor differences. The key length is 56 bits. The basic idea is shown in
the figure.
We have mentioned that DES uses a 56-bit key. Actually, the initial key
consists of 64 bits. However, before the DES process even starts, every 8th
bit of the key is discarded to produce a 56-bit key. That is bit positions 8, 16,
24, 32, 40, 48, 56, and 64 are discarded.
Thus, the discarding of every 8th bit of the key produces a 56-bit key from
the original 64-bit key.
DES is based on the two fundamental attributes of cryptography: substitution
(also called confusion) and transposition (also called diffusion). DES consists
of 16 steps, each of which is called a round. Each round performs the steps
of substitution and transposition. Let us now discuss the broad-level steps in
DES.
1. In the first step, the 64-bit plain text block is handed over to an
initial Permutation (IP) function.
2. The initial permutation is performed on plain text.
3. Next, the initial permutation (IP) produces two halves of the
permuted block; says Left Plain Text (LPT) and Right Plain Text
(RPT).
4. Now each LPT and RPT go through 16 rounds of the encryption
process.
5. In the end, LPT and RPT are rejoined and a Final Permutation (FP)
is performed on the combined block
6. The result of this process produces 64-bit ciphertext.
Apply the permutation (231564) and the substitution: (letter = letter + 6 ) and obtain the cipher
text.
Q9) In what way hardened firewall host different from proxy application
gateway?
Ans:
Host Hardening:
limiting network access to a system by the traditional method of
turning off unnecessary network services, by firewalling, or by enforcing
authentication to use a service.
Almost everyone who has installed recent versions of Microsoft
Windows has been exposed to a rudimentary firewall system. An easy-
to-use firewall is also built into Mac OS X
Ans:
eCommerce security refers to the cybersecurity concepts that allow
for secure electronic transactions online. eCommerce security allows
people to buy and sell products and services on the Internet with a
framework in place that provides security for all the parties involved.
When the right security measures are put in place in your website,
it also ensures customers’ privacy and integrity, being that none of the
information they share online will be used in any way without their
knowledge or approval.