Enhancing security in generic e-Commerce systems

Abstract

e-Commerce has seen a huge growth in revenue for the past decade and with the increasing advancement of today’s technology, e-Commerce system has been prone to a lot of attacks from all over the world. One of the most common security features found in today e-Commerce application is the Secure Socket Layer (SSL) connection and even with SSL alone, it may not be sufficient to withstand hackers’ attacks. It may cause great losses to the store owner if their online store is broken into. This jeopardizes the client’s privacy and caused them to lose confidence to shop online.

In this report, I will present how the online was setup from the scratch through the use of the open source e-Commerce application provided by osCommerce. After the online store has been setup, I will present in depth on how the implementation of the added-on security features to the existing e-Commerce application can be achieved. This is done via the understanding of the concept of how the PHP codes are written to implement the respectively added-on security features. The last part of the report will describe the various types of security measures that will be recommended to further enhance the security capability of the online store.