E-commerce Security & E-policy

This essay sample was donated by a student to help the academic community. Papers provided by EduBirdie writers usually outdo students' samples.

Cite this essay cite-image


E-commerce security refers to the principles which guide safe electronic transactions, allowing the buying and selling of goods and services through the Internet, but with protocols in place to provide safety for those involved.

Security is an essential part of any transaction that takes place over the internet. Customers will lose faith in a e-business if its security is compromised.

Save your time!
We can take care of your essay
  • Proper editing and formatting
  • Free revision, title page, and bibliography
  • Flexible prices and money-back guarantee
Place an order


Generally a good E-Commerce website needs a good E-Policy in place. A good website e-policy will explain what users can expect for example if: Any personal information is collected. How the business uses any information collected. What the website’s users can and cannot do. How to handle issues or returns if items are bought. If you’re missing these policies, potential customers might not find you trustworthy enough and find what they’re looking for somewhere else. Basically, these policies are the contract with your website’s users, establishing trust and accountability.


Terms of Service or Terms and Conditions basically sets some rules for the users. They provide a guideline of what they can and cannot do whilst using the website as well as what they can expect from the business.

The Terms and Conditions depend on the type of website, it could be a simple disclaimer or a full user agreement if the website has a lot of information. Every aspect has to be taken into account so the terms will get more complex if the website has more information.

Terms of service typically cover topics including:

  • User acceptance
  • User rights and responsibilities
  • Ownership of user content
  • Acceptable and unacceptable use of the website
  • Opt-out information
  • Account termination procedures
  • Disclaimers
  • Limitation of liability


Almost every website will collect some sort of personal information from its users. The privacy policy will explain, what information a website collects and how it uses, stores, and protects that user information. Technically, the privacy policy is a subsection of terms of service, but because it is very important and lengthy, most of the time it is a separate agreement and incorporated into the full terms of service by reference.

Website privacy policies usually cover topics like:

  • What information is collected
  • How collected information is used
  • How information is protected and stored
  • If cookies or other tracking software is used
  • Disclaimers.


A good returns policy can be a key aspect in gaining your customers trust, a clear, simple returns policy can be vital to help close the sale as this will give customers confidence in your business and products. Good returns policies should include the time the customer has to return or exchange the product, if there is any limitations on return or exchange, the process the user has to go through to return or exchange products and how to contact the business about any returns or exchanges.


The most obvious e-commerce security is confidentiality, when you shop online the information you share with the seller has to stay with the seller and it should not be shared with unauthorised parties.

The business is responsible to have encryption, virus protection and a firewall preventing anyone from accessing your information like bank details and credit card information.


Another essential requirement is integrity, this means that any information that is shared online should not be altered in any way, so the business can only use what the buyer have shared. If any of the information is tampered with, that means the business is breaking the confidence of the buyer in the security of the transaction and the integrity of the company.


For a sale to go through in e-commerce, both seller and buyer have to be who they say they are. A business cant sell anything unless its real and its products are real. The buyer also needs to provide a form of identification when shopping online, for example when you sign up to a mobile phone contract, you have to submit your id as part of the process of authentication. There are other types of authentications such as login and passwords credentials or credit card pin codes.


Repudiation is denial and a good business depends on the people involve to follow through on their part of transactions and not denying those actions. Non-repudiation legal principle adds a level of security by confirming that the information which was sent between parties was received, meaning that the person who purchased a product cannot deny this as there is evidence to show it was in fact them such as signature or email.

If these requirement's are not in place, customers will hesitate to buy and that could destroy an e-commerce business. Any breach will cost a business in customers trust and losing revenue.


It is a very effective and practical way to safeguard the data being transmitted over the network. Sender of the information encrypts the data using a secret code and only the specified receiver can decrypt the data using the same or a different secret code.

  • Auditability − Data should be recorded in such a way that it can be audited for integrity requirements.
  • Availability − Information should be available wherever and whenever required at anytime.
  • Authenticity −Authenticate a user before giving them access to the required information.


Price Manipulation: These systems automatic, starting from the first step to the final payment gateway. Price manipulation is commonly used for stealing. It allows an intruder to install a lower price into the URL and get away with sensitive data. Wi-Fi Eavesdropping - This is know to be one of the easiest ways to steal personal data. This is like “virtual listening” of information which is shared over Wi-Fi networks that are not encrypted such as public networks that have no security.


Encryption – Make sure any personal data is encrypted. Having digital certificates: This is a reliable digital certificate. The most important digital certificate is the serial number, expiry date and date of issue. Perform a security audit – A routine audit of the security procedures.


  • Encryption − Information should be encrypted and decrypted only by an authorized user.
  • Digital Signature −A digital signature is an e-signature authenticated through encryption and password.
  • Security Certificates −A unique digital id used to verify the identity of an individual website or user.


This is the most commonly used protocol as it meets following security requirements:

  • Authentication
  • Encryption
  • Integrity
  • Non-reputability
  • 'https://' is to be used for HTTP urls with SSL.

SHTTP extends the HTTP internet protocol with public key encryption, authentication, and digital signature over the internet. Secure HTTP supports a lot of security tools, providing security to the end-users. SHTTP works by arranging encryption scheme types used between the client and the server.


Secure electronic protocol is developed by MasterCard and Visa. Theoretically, it is the best security protocol as it has the following components: Card Holder's Digital Wallet Software −This allows the card holder to make secure purchases online with point and click interface. Merchant Software −This helps merchants to communicate with customers and financial institutions in a secure way.

Payment Gateway Server Software −This provides automatic and standard payment process. It also supports the process for merchant's certificate request.

Certificate Authority Software −This is used by financial institutions to issue digital certificates to card holders and merchants, and to enable them to register their account agreements for secure electronic commerce.


  1. https://www.liquidweb.com/blog/top-5-e-commerce-security-needs/
  2. https://www.techgenyz.com/2017/04/05/e-commerce-major-threats-e-commerce-security/
  3. https://www.tutorialspoint.com/e_commerce/e_commerce_quick_guide.htm
  4. https://www.cio.com/article/2384809/15-ways-to-protect-your-ecommerce-site-from-hacking-and-fraud.html
  5. https://ecommerce-platforms.com/ecommerce-selling-advice/essentials-ecommerce-security
  6. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/newbie-retailers-guide-to-ecommerce-security/
  7. https://www.liquidweb.com/blog/top-5-e-commerce-security-needs/
  8. https://www.techgenyz.com/2017/04/05/e-commerce-major-threats-e-commerce-security/
  9. https://www.tutorialspoint.com/e_commerce/e_commerce_quick_guide.htm
  10. https://www.cio.com/article/2384809/15-ways-to-protect-your-ecommerce-site-from-hacking-and-fraud.html
  11. https://ecommerce-platforms.com/ecommerce-selling-advice/essentials-ecommerce-security
  12. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/newbie-retailers-guide-to-ecommerce-security/
Make sure you submit a unique essay

Our writers will provide you with an essay sample written from scratch: any topic, any deadline, any instructions.

Cite this paper

E-commerce Security & E-policy. (2021, September 28). Edubirdie. Retrieved June 21, 2024, from https://edubirdie.com/examples/e-commerce-security-e-policy/
“E-commerce Security & E-policy.” Edubirdie, 28 Sept. 2021, edubirdie.com/examples/e-commerce-security-e-policy/
E-commerce Security & E-policy. [online]. Available at: <https://edubirdie.com/examples/e-commerce-security-e-policy/> [Accessed 21 Jun. 2024].
E-commerce Security & E-policy [Internet]. Edubirdie. 2021 Sept 28 [cited 2024 Jun 21]. Available from: https://edubirdie.com/examples/e-commerce-security-e-policy/

Join our 150k of happy users

  • Get original paper written according to your instructions
  • Save time for what matters most
Place an order

Fair Use Policy

EduBirdie considers academic integrity to be the essential part of the learning process and does not support any violation of the academic standards. Should you have any questions regarding our Fair Use Policy or become aware of any violations, please do not hesitate to contact us via support@edubirdie.com.

Check it out!
search Stuck on your essay?

We are here 24/7 to write your paper in as fast as 3 hours.