Keywords: e-commerce security technology security issues
1. Introduction
With the comprehensive popularization of Internet in China and even the whole world, Internet-based e-commerce came into being, and has made great progress in recent years, becoming a brand-new business model, adopted by many businesses and enterprises, and considered as a new economic growth point. But as we all know, to build an e-commerce system, the first condition is security, so the construction of security system is very important. How to establish a safe and convenient e-commerce application environment and what kind of security technology can provide sufficient protection for information are topics of great concern to enterprises and users, and also the core issue of e-commerce.
2. The establishment of e-commerce security system
2. 1 secure payment and settlement system
With the electronization of banking business, electronic money is gradually replacing traditional paper money and playing an increasingly important role. With the increase of online transactions, new concepts such as online banking and digital currency have emerged. The Internet does pose a challenge to the traditional financial business. Whether it is a bank that relies entirely on the network or a traditional bank that uses the network to carry out banking business, security issues are very important. Set up a payment gateway between the financial private network and the Internet as a security barrier for payment and settlement. The efficient and safe operation of the payment and settlement system is of great significance for maintaining the stability of the financial system. China's payment and settlement system can be subdivided into five parts, namely, payment and settlement laws and regulations system, payment service organization system, payment tool system, payment and settlement network system and payment and settlement management system, which are inseparable organic whole.
2.2 secure network platform
A safe and reliable network is the foundation of e-commerce. Firewall technology, virtual private network (VPN) technology and anti-virus protection are commonly used in the network. Firewall technology is a system that protects intranet data through IP filtering and proxy server software. Only authorized users can be allowed to enter the intranet. Virtual Private Network (VPN) technology ensures the safe transmission of data between enterprises in the external network and the remote access of remote branches and employees in the internal network to the central system through IP tunnels. This is a virtual internal private line. It can establish a dedicated communication line between two or more enterprise intranets connected to the Internet and located in different places through a special encrypted communication protocol. The core of VPN is to establish a virtual private network by using public network.
2.3 online payment security technology
Another key issue of e-commerce is to ensure the security of online payment, which is an important guarantee for online shopping. At present, there are two online payment protocols: Secure Sockets Layer and Secure Electronic Transaction Set.
2.3. 1 SSL protocol is a secure connection technology between network transport layer and application layer, and between browser and Web server based on RSA and key provided by Netscape. SSL is authenticated by digital signature and digital certificate, which is obtained from certificate authority, and usually includes the name that uniquely identifies the certificate owner, the name that uniquely identifies the certificate publisher, the public key of the certificate owner, the digital signature of the certificate publisher, the validity period of the certificate and the serial number of the certificate.
2.3.2 SET SET protocol (set: secure electronic transaction): it is mainly used to solve the transaction of payment by credit card between users, merchants and banks, so as to ensure the confidentiality of payment information, the integrity of payment process, the legal identity of merchants and cardholders and operability. The core technologies in SET mainly include public key encryption, electronic digital signature, electronic envelope, electronic security certificate and so on. SET provides authentication for buyers, merchants and acquiring institutions to ensure the security and integrity of transaction data and the non-repudiation of transactions, especially to ensure that the cardholder's credit card number will not be disclosed to merchants.
2.4 Other safety technologies
For the security of e-commerce, only firewalls, security protocols and digital signatures are not enough. On the one hand, physical errors are inevitable; On the other hand, the reliability, quality and speed of dial-up connection between Internet backbone and DNS server can't meet people's needs. In addition, the threat of malicious code to the network system is difficult to solve by relying solely on technology. In a sense, relying on management to strengthen the safety awareness of internal personnel is more important than safety technology.
3. Problems in e-commerce
3. 1 security issues
Because e-commerce is based on computer network, it inevitably faces a series of security problems.
3. 1. 1 information leakage
In e-commerce, the disclosure of business secrets mainly includes two aspects: the transaction content of both parties is stolen by a third party; Documents provided by one party to the other party are illegally used by a third party.
3. 1.2 tampering
In e-commerce, it shows the authenticity and integrity of business information. Electronic transaction information may be illegally modified, deleted or tampered with by others during network transmission, which makes the information lose its authenticity and integrity.
3. 1.3 logo
Without identification, the third party may impersonate the identity of one party to the transaction, thus destroying the transaction, damaging the reputation of the counterfeited party or stealing the transaction results of the counterfeited party. After identification, both parties can prevent the problem of mutual distrust.
3. 1.4 computer virus problem
Since the advent of computer viruses for more than ten years, various new viruses and their variants have increased rapidly, and the emergence of the Internet has provided the best medium for the spread of viruses.
3. 1.5 hacker problem
With the popularity of various application tools, hackers have become popular. Unlike in the past, non-computer experts could not become hackers.
3.2 Credit problems
Mutual trust is the fundamental guarantee for online transactions between supply and demand sides. For B2C business, most consumers need to judge the goods carefully before buying. However, due to the low commercial credit in the current business environment in China, many consumers are discouraged from e-commerce. For B2B business, the situation of triangular debts between enterprises is serious, and the transparency of online transactions is not high, which also makes some enterprises worry that online transactions are too risky. To solve these problems, it is necessary to establish a reasonable operating mechanism and operating standards of e-commerce to ensure that both supply and demand sides establish commercial credit.
At present, this credit model of e-commerce mainly means that e-commerce enterprises (websites) establish a fair and just platform for the parties to e-commerce transactions by formulating and implementing certain trading rules, so as to ensure the safety and reliability of e-commerce transactions, and its infrastructure is qualification certification and credit certification.
3.3 Payment problem
From the perspective of the development of e-commerce, if you want to conduct transactions directly on the Internet in the future, you need to complete the transactions through various means such as bank credit cards, and pay and charge through the connection with financial networks in international trade. However, the communication platforms selected by professional banks in various countries in China are not uniform, which is not conducive to the interconnection of inter-bank business, the financial supervision of the central bank and the implementation of macro-control policies. In addition, the credit card standards of different banks are not the same, so they can't be used universally, and online payment can't be realized by credit cards.
3.4 Other issues
3.4. 1 Regulatory issues
Without a mature and unified arbitration legal system, it is impossible to solve disputes. China's current Bill Law does not recognize the payment and settlement method of non-paper electronic bills with digital signatures. The implementation of e-commerce involves the relationship and disputes between the parties to the transaction and various security issues in the transaction. The original laws and regulations are not involved or involved but are not fully applicable.
3.4.2 Logistics Distribution Problems
Online can solve most problems of commodity circulation such as information flow, business flow and capital flow, but it can't solve logistics problems. Therefore, in the development of e-commerce, logistics bottleneck can not be ignored and avoided. China's logistics development started late and its level is low. The current logistics system has greatly restricted the development of e-commerce.
4. Concluding remarks
E-commerce is not a strange term in today's society. It brings not only opportunities, but also a new attempt and exploration. To take this road well, we need to do more than just its safety. After all, there are many security problems, credit problems and even legal problems. Not only enterprises need to update their own technology at any time, but also social countries need to make such an e-commerce system more perfect and harmonious and win more people.
References:
[1] Liang Yongsheng. E-commerce security technology [M]. Dalian University of Technology, 20 10.
[2] Cai. Online payment and settlement [M]. Dongbei University of Finance and Economics Press, 20 10.