Link-uri de la prezentarea invitatul Liviu Taloi, din data de 10.03.2016 (joi)
· toate prezentarile sale la un loc: http://www.slideshare.net/ltaloi
· ECOMpedia - loc de pus intrebari - http://ecompedia.ro/?tip_content=intrebari
World Trade Organization
Care sunt cele mai utilizate platforme de e-commerce? http://trends.builtwith.com/shop
Care sunt cele mai utilizate platforme de e-commerce in Romania? http://trends.builtwith.com/shop/country/Romania
Care sunt cele mai utilizate platforme limbaje? http://trends.builtwith.com/framework
Care sunt cele mai utilizate platforme de e-commerce enterprise? http://trends.builtwith.com/shop/enterprise
5. Creare de site-uri
6. Sisteme de plata electronice
Harta sistemelor/metodelor de plata
Aspecte privind securitatea
7. Best payment gateway
Cum prefer sa plateasca on-line? https://www.internetretailer.com/trends/consumers/
http://checktls.com/ - verificare email TLS
http://research.ijcaonline.org/rtmc/number12/rtmc1111.pdf ==>> compartie SSL/SET
SSL Secured Connection Steps:
SSL steps to establish a secured connection between the customer client and server.
The figure shows the typical SSL connection establishment in order to transfer sensitive data over the internet (e.g. online shopping).
During SSL connection establishment only the server is authenticated using a digital certificate (authentication of the user usually occurs through user name and password after the SSL connection has been established).
SSL also offers the option for client authentication based on digital certificates.
Fig 1: SSL Secured Connection Steps
Advantages of SSL
· Transparency - since SSL provides security at the session layer, its presence is completely invisible either to the merchants’ Web shop software or the customer. This is especially important for merchants because there’s no cost for integrating SSL with their existing systems, other than the cost of installing the certificate.
· Ease of use for customers - SSL is already built into commonly used Web browsers and there is no need to install any additional software.
· Low complexity - the system is not complex, resulting in minimal impact on transaction speed.
Disadvantage of SSL
SSL has some serious problems when it comes to meet the security challenges of today financial sector.
· The merchant cannot reliably identify the cardholder. SSL does provide the possibility of client authentication with the use of client certificates; such certificates are not obligatory and are rarely used. Furthermore, even if the client possesses a certificate, it is not necessarily linked with his credit card.
· SSL only protects the communication link between the customer and the merchant. The merchant is allowed to see the payment information. SSL can neither guarantee that the merchant will not misuse this information, nor can it protect it against intrusions whilst it is stored at the merchant’s server.
· Without a third-party server, SSL cannot provide assurance of non-repudiation.
· SSL indiscriminately encrypts all communication data using the same key strength, which is unnecessary because not all data need the same level of protection. For example, a credit card number needs stronger encryption than an order item list. Using the same key strength for both creates unnecessary computational overhead.
Advantages of SET Protocol
· Confidentiality, authentication and data integrity was verified by a large collection of security proofs based on formal methods.
· In the standard variant of the protocol, SET prevents merchants from seeing the customer payment information, since this information is encrypted using the payment gateway’s public key.
· To ensure merchant privacy, SET prevents the payment gateway from seeing the order information.
Disadvantages of SET
· The customer must install additional software, which can handle SET transactions.
· The customer must have a valid digital certificate.
· Implementing SET is more costly than SSL for merchants as well.
· Adapting their systems to work with SET is more complicated than adapting them to work with SSL
· Business banks must hire companies to manage their payment gateways, or install payment gateways by themselves.
· Despite being designed with security in mind, SET also has some security issues. In a variant of the SET protocol, the merchant is allowed to see the customer payment information, just as with SSL.
· SET employs complex cryptographic mechanisms that may have an impact on the transaction speed.