Because e-commerce is a trade on the open Internet, a large amount of commercial information is stored and transmitted on the computer, thus forming various risks such as information transmission risk, transaction credit risk, management risk and legal risk. In order to cope with this risk, the e-commerce security system has been formed.

The security requirements of e-commerce include four aspects:

(1) data transmission security. The security requirement of data transmission is to ensure that the data transmitted on the public network will not be stolen by the third party. The security protection of data is realized by using data encryption (including secret key encryption and public key encryption). Digital envelope technology is a technology that combines secret key encryption and public key encryption to ensure data security.

(2) data integrity. The requirement of data integrity means that data will not be tampered with during transmission. The data integrity is realized by using secure hash function and digital signature technology. Double digital signature can be used to ensure the integrity of data in multi-party communication.

(3) authentication. Because the two sides of online communication do not meet each other, the real identity of the other side must be confirmed when trading (when exchanging sensitive information); When it comes to payment, it is also necessary to confirm whether the other party's account information is true and valid. Identity authentication is realized by password technology, public key technology or digital signature technology and digital certificate technology.

(4) Non-repudiation of transactions. When transmitting data, all parties in online transactions must bring their own unique information that cannot be copied by others, so as to ensure that there are well-documented disputes in transactions. This is achieved by digital signature technology and digital certificate technology.