电子商务：安全性问题 (Ecommerce: The security problem)

One of the deepest issues in e-commerce security is undoubtedly the means of payment. To date, popular banks marking and pay with your credit cards certainly are more affected by this issue. Initially, the transfer of information and data between vendor and customer was not encrypted. This was a huge security problem, since the data transferred were likely to be intercepted by third parties and then used for operations outside the commercial practice. Today, this practice of data transfer has been abandoned in favor of safer practices to ensure greater confidentiality of personal information and thus ensure the goodness of transactions.

电子商务安全中最深层的问题之一无疑是支付手段。 迄今为止，受此问题影响的流行银行肯定会用您的信用卡标记和付款。 最初，未加密供应商和客户之间的信息和数据传输。 这是一个巨大的安全问题，因为传输的数据很可能会被第三方拦截，然后用于商业实践之外的操作。 如今，已经放弃了这种数据传输的做法，而是采用更安全的做法来确保对个人信息的更高机密性，从而确保交易的有效性。

In particular, most e-commerce sites today use high levels of encryption, such as:

特别是，当今大多数电子商务网站都使用高级别的加密，例如：

• Transport Layer Security (SSL / TLS). Combining this with the normal HTTP protocol allows a new protocol: HTTPS. These ensure that your personal information in the form of encrypted packets. In this way, the transmission of information takes place safely, preventing intrusion, tampering and forgery of messages from third parties. The HTTPS protocol guarantees so much the transmission of confidential data, because their integrity.传输层安全性(SSL / TLS)。 将此与常规HTTP协议结合使用，可以创建一个新协议：HTTPS。 这些确保您的个人信息采用加密数据包的形式。 这样，可以安全地进行信息传输，从而防止入侵，篡改和伪造来自第三方的消息。 HTTPS协议可以保证机密数据的传输，因为它们的完整性。
• Today is definitely the most used, because it is supported by most browsers (Mozilla Firefox, Internet Explorer, Safari, Opera ,…) and requires no special software or password. Pages protected by this protocol are easily recognizable as the writing term “https” before the address of the secure site and its pages are marked with a padlock displayed in the bottom of your browser.今天绝对是使用最多的，因为大多数浏览器(Mozilla Firefox，Internet Explorer，Safari，Opera等)都支持它，并且不需要特殊的软件或密码。 受此协议保护的页面在安全站点及其页面的地址用浏览器底部显示的挂锁标记之前，很容易被识别为写词“ https”。
• Secure Electronic Transaction (SET). This protocol is a collaboration of Visa and MasterCard in order to make transactions more secure online payment, ensuring greater privacy and authenticity of data.安全电子交易(SET)。 该协议是Visa和MasterCard的协作，目的是使交易更安全地进行在线支付，从而确保更大的数据隐私性和真实性。

To use this protocol it is necessary that the seller has some software on your server and the PC buyer is in possession of a wallet and a PIN, certificate from the company that issued your credit card.

要使用此协议，卖方必须在您的服务器上安装某些软件，并且PC买方必须拥有钱包和PIN(发行您的信用卡的公司的证明)。

The big news of the SET protocol is the authentication system of the seller and the buyer: the “contractors” have, namely, the ability to identify with certainty before any transaction begins. This is achieved through the use of digital certificates that are issued to both parties from their bank.

SET协议的重大新闻是买卖双方的身份验证系统：“承包商”具有在任何交易开始之前就能够确定身份的能力。 这是通过使用从双方银行签发给双方的数字证书来实现的。

In this way, the buyer can verify the identity of the seller, thereby acquiring greater assurance about the goods or services they receive and the seller can check in turn the identity of the buyer, acquiring more guarantees about the payment.

通过这种方式，买方可以验证卖方的身份，从而获得有关他们收到的商品或服务的更大保证，而卖方可以依次检查买方的身份，从而获得有关付款的更多担保。

In order, therefore, electronic commerce (eCommerce) can develop is necessary that the people (the first buyer, the seller on the other) to perform their transactions in peace, without fear of external interference. In this sense, takes on great importance with the “user authentication”. Generally, this procedure is done by request from the server a user name which is associated with a password. However, it was demonstrated that this system can not be considered completely safe, since the time of detection of the password by third parties are increasingly smaller.

因此，为了使电子商务(电子商务)得以发展，人们(第一买家，另一卖家)在不担心外部干扰的情况下和平进行交易是必要的。 从这个意义上讲，“用户身份验证”非常重要。 通常，此过程是通过从服务器请求与密码关联的用户名来完成的。 但是，事实证明，由于第三方检测密码的时间越来越短，因此不能认为该系统是完全安全的。

For this reason, today, it is increasingly recommended you change your password periodically. This is especially true for home banking systems that require their users must change password with a frequency fixed or that make use of a password “disposable (one-time password) which is replaced every time you log in service.

因此，今天越来越建议您定期更改密码。 对于要求其用户必须固定频率更改密码或使用“一次性”密码(一次性密码)的家庭银行系统，尤其如此，每次登录服务时都会替换该密码。

Although the guidelines on e-commerce are mainly to protect the consumer, do not forget the equivalent vendor’s right to operate in the online market calmly. One of the main problems affecting the person who decides to offer a product or service online is definitely non-repudiation by the buyer. In this direction by using a digital signature that makes a digitally signed contract can not be disregarded by those who have signed.

尽管有关电子商务的指导原则主要是为了保护消费者，但请不要忘记等效的供应商应从容地在在线市场上开展业务。 影响决定在线提供产品或服务的人的主要问题之一，绝对是买方不可否认的。 在这个方向上，使用数字签名可以使签订数字签名的合同的人不容忽视。

Initially, the transfer of data between e-commerce site and the client took place in the clear. This was a possible safety issue, especially when there was a payment by credit card. With the advent of Secure Socket Layer this risk has been reduced, but then other problems emerged as the emergence of phishing and Trojan viruses that try to steal information used for sinister purposes. With the spread of e-commerce, more insidious scams primarily affect buyers. The main cases are:

最初，电子商务站点和客户之间的数据传输是明文进行的。 这是一个可能的安全问题，尤其是在使用信用卡付款时。 随着安全套接字层的出现，这种风险已经降低，但是随后出现了其他问题，如网络钓鱼和特洛伊木马病毒的出现，它们试图窃取用于危险目的的信息。 随着电子商务的普及，更多的阴险骗局主要影响买家。 主要情况是：

• Sales of products from sites owl on receipt of payment is not sent the goods, or is only simulated shipping. This problem also is evident with listings on eBay scam.收款时从站点销售的商品不会发送货物，或仅是模拟运输。 这个问题在eBay骗局上的列表中也很明显。
• Production of cloned sites with the purpose of stealing information such as credit card details.生产克隆站点，目的是窃取信用卡详细信息等信息。
• Companies that accumulate bankruptcy orders, and income, with no possibility of escape.积累破产令和收入的公司，没有逃脱的可能。

In many countries, the law requires that all e-commerce sites on the home page bring back the VAT and the name of the company. The most important sites of e-commerce have a digital certificate that verifies the authenticity of the site visited.

在许多国家/地区，法律要求首页上的所有电子商务网站都必须带回增值税和公司名称。 电子商务中最重要的站点都有数字证书，用于验证所访问站点的真实性。

The main problem in terms of companies is the order management simulation, where they are false or incorrect specification of the dispatch. To reduce the problem many companies only accept advance payments.

就公司而言，主要问题是订单管理模拟，其中它们是错误的或错误的发货说明。 为了减少问题，许多公司只接受预付款。

The security problem also relates to technology used to access e-commerce. The phone is half unsafe to navigate the e-commerce sites, and to make payments in kind.

安全问题还涉及用于访问电子商务的技术。 电话在浏览电子商务网站和进行实物付款方面是不安全的。

电子商务产品类型 (Type of E-Commerce Product)

Some types of products or services are best suited to online sales, while others are more suitable for the traditional trade. E-commerce companies that have achieved the best performance without however totally virtual entity (without physically opening of shops) usually sell goods such as computer storage media, data recovery and treatment, the sale of music , films, courses and teaching materials, communication systems, software, photography, and financial intermediation. Among these companies is reported as an example: Schwab, Google, eBay, PayPal, Egghead, and Morpheus.

某些类型的产品或服务最适合在线销售，而其他类型的产品或服务更适合传统贸易。 在没有完全虚拟实体的情况下(没有实体店开张)获得最佳性能的电子商务公司通常会销售诸如计算机存储介质，数据恢复和处理，音乐，电影，课程和教材，通讯系统之类的商品，软件，摄影和金融中介。 以这些公司为例：Schwab，Google，eBay，PayPal，Egghead和Morpheus。

The online retailers are able to collect some success even in the event that also sell products and real services, not as software or digital images online. The digital products that lend themselves to being sold online may be those that create embarrassment (e.g., underwear) and / or those products that have “standard” and that need not be tested or evaluated “live”(e.g., books).

即使在还销售产品和真实服务的情况下，在线零售商也能够获得一定的成功，而不是在线销售软件或数字图像。 倾向于在线销售的数字产品可能是造成尴尬的产品(例如内衣)和/或具有“标准”并且无需经过测试或评估的“实时”产品(例如书籍)。

Also spare parts for both end users (e.g., dishwashers, washing machines) and for the needs of industrial activity (e.g., centrifugal pumps) may be considered good examples of products sold via the Internet. Since retailers do not accumulate spare parts at the point-retail, often have to order them later, in which case the competition is not between electronic commerce (eCommerce) and traditional commerce but with the order system provider and / or wholesaler. A key to success in this niche is the ability to offer customers accurate and reliable on the product you need, for example listing the available spare parts together with their identification code.

最终用户(例如，洗碗机，洗衣机)和工业活动需求(例如，离心泵)的备件也可以被视为通过互联网销售的产品的好例子。 由于零售商不会在零售点积累备件，因此通常必须稍后订购，在这种情况下，竞争不是在电子商务(eCommerce)和传统贸易之间，而是与订购系统提供商和/或批发商之间的竞争。 在这一细分市场中成功的关键在于能够为客户提供所需产品的准确和可靠的能力，例如列出可用的备件及其识别代码。

Therefore it is not surprising to note that, for the characteristics of virtuality (or if tangible, high value-added) and possible embarrassment, the purchase of pornography and sexual activities related to it are the sector with the highest profit margin of Electronic commerce (eCommerce).

因此，不足为奇的是，就虚拟性(或有形的，高附加值的)特征和可能的尴尬而言，购买色情制品和与其相关的性活动是电子商务利润率最高的行业(电子商务)。

Conversely, products that are not fit for the E-commerce are those with a low ratio value / weight of items that have a significant element in regard to their smell, taste or touch, the assets that need to be tested (e.g., shirts) and even if it is relevant to see it to understand all the nuances of color.

相反，不适合电子商务的产品是指商品的价值/重量比低，在气味，味道或触感，需要测试的资产(例如衬衫)方面具有重要因素的产品并且即使了解它对于了解颜色的所有细微差别都是有意义的。

接受电子商务(eCommerce) (Acceptance of electronic commerce (eCommerce))

Consumers have embraced the e-commerce business model less readily than its proponents had expected. Also in classes of products suitable for e-commerce, electronic shopping has developed only slowly. Several reasons may explain the slow diffusion, including:

消费者对电子商务业务模型的接受程度低于其支持者的预期。 同样，在适用于电子商务的产品类别中，电子购物发展缓慢。 造成这种缓慢扩散的原因有很多，其中包括：

• Concerns about security. Many people do not use credit card on the Internet for fear of theft and fraud.对安全性的担忧。 许多人由于担心被盗和欺诈而不会在互联网上使用信用卡。
• Lack of instant gratification with most Internet purchases. Much of the attractiveness of purchasing a product lies in the immediate gratification of using and buying show. This attraction is not there when the ordered item does not arrive for days or weeks.大多数互联网购买都缺乏即时满足感。 购买产品的吸引力在很大程度上取决于对使用和购买表演的立即满足。 当订购的商品几天或几周之内没有到达时，就不会出现这种吸引力。
• The issue of access to commerce, especially for poor families and nations in the developing world. The limited availability of Internet access in these areas greatly reduces the potential for electronic commerce (eCommerce).贸易准入问题，特别是对发展中国家的贫困家庭和国家而言。 这些区域中互联网访问的有限性极大地降低了电子商务(eCommerce)的潜力。
• The social aspect of shopping. Many people like to talk to sales staff, other customers, or their friends: this social side of the attractiveness of retail therapy there with the same size in shopping on the Internet.购物的社会方面。 许多人喜欢与销售人员，其他客户或他们的朋友交谈：零售疗法吸引力的这种社会方面，与在互联网上购物的规模相同。

Providers of professional services for electronic commerce (eCommerce)

电子商务专业服务提供商(eCommerce)

• CC
• Yahoo!雅虎！
• MoneybookersMoneybookers
• TerashopTerashop

Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.

研究：来自维基百科，免费的百科全书。 该文本可在“ 知识共享”下找到 。

翻译自: https://www.eukhost.com/blog/webhosting/electronic-commerce-ecommerce-part-2/