The application of 3rd party certification programme in Malaysia.

Friday, June 26, 2009

Security of data in transit over the Internet becomes increasingly necessary because of steadily growing data volume and importance. Nowadays, every user of a public network sends various types of data, from email to credit card details daily, and he would therefore like them to be protected when in transit over a public network. Third party certification has been adopted for protection of data in transit that encompasses all network services that use to support typical application tasks of communication between servers and clients.

Secure sockets layer (SSL) is a protocol developed by Netscape to ensure security of data transported and routed through HTTP, LDAP or POP3 application layers. SSL is designed to make use of TCP as a communication layer to provide a reliable end-to-end secure and authenticated connection between two points over a network.

VeriSign is a leading Secure Sockets Layer (SSL) Certificate Authority and is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, their SSL, identity and authentication, and domain name services allow companies and consumers all over the world to engage in trusted communications and commerce. VeriSign offers strongest SSL encryption and makes it easy to keep track of all your SSL Certificates and maintain the security of your online services with VeriSign® Certificate Center.

MSC Trustgate.com Sdn Bhd is a licensed Certification Authority (CA) and was incorporated in 1999 to meet the growing need for secure open network communications. MSC Trustgate to provide digital certification services, including digital certificates, cryptographic products, and software development. They also provide the finest Public Key Infrastructure (PKI) to assist all types of companies and institutions conducting their business over the Internet. Public Key Infrastructure (PKI) enables encryption, digital signature and certificate authentication capabilities to be consistently and transparently applied across a broad range of applications and platforms. Public Key Infrastructure (PKI) providing key and certificate management services that enable encryption and digital signature capabilities across applications in a way that is transparent and easy to use.

The reasons that E-commerce online store would need SSL certificate is because E-commerce websites typically require buyers to sign up on the website before they can buy online. Your website gathers customer personal data and hence it should have an SSL certificate to guarantee the safety of your customers' details and information. SSL Certificates help you secure online payments. Most of your visitors now expect security as part of e-commerce website so that they can safely make a purchase and provide their personal details and credit card number, they anticipate all the details provided by them over the Internet should be confidential and secured.

How to safeguard our personal and financial data?

As Internet criminals grow smarter and sneakier, it's increasingly difficult to keep your personal and financial information safely. If you don't take basic steps to protect your information, you may find yourself a victim of fraud or identity theft. However, maintaining as much control as possible over your personal information can go a long way toward protecting your privacy.

There are some practical tips on how you can protect your personal information yourself::

1. Protect Your Personal Data
Evaluate the sites you visit, and don’t give away personal information on sites that are not secure. Read privacy policies to find out what a site will do with any personal information you divulge.



2. Managing Your Access ID/PIN/User ID, Password and Security Codes
Create passwords and PINs that provide grater security. Change your Password regularly and use combinations of letters, numbers, and "special characters". Memories your User ID and Password and do not record it anywhere.

3. Avoid Sharing Personal Computers
Avoid using shared personal computer such as those in cyber cafes to access financial or sensitive personal information. If you really need to do so, make sure that the computer is free of viruses.

4. Install computer’s security software
keeping your personal computer up-to-date with security software is the primary step in protecting your personal information and maintaining online security. The following security features are recommended for every personal computer:
• Up-to-date anti-virus software
• Up-to-date anti-spyware software
• A personal firewall
• Security updates, installed regularly



5. Clear your cache

It is strongly advice that you clear your cache after each financial and personal data transaction you made. Clearing it occasionally or regularly can protect your privacy and this is a secure ways to protect your data from stolen by others

Phishing: Examples and its prevention methods.

What is Phishing

Phishing is a con game that scammers use to collect personal or financial information such as username, password and credit cards detail from unsuspecting users. They send out e-mail or instant message that looks like they are from respectively company to request for update or confirm account information. However, even if you visit the false website and just enter your username and password, the phisher may be able to gain access to more information by just logging in to you account.

Signs of Phishing:

1.Unsolicited request for personal information
Most of the company will not further request on your personal or financial details especially like bank or credit card company because they should have this information on file. If they have some questions about your account they will call you on phone and not to get your information online.

2.Alarmist warnings
Something else to watch out for is emails that tell you that if you don't respond in a certain period of time then your account will be closed. Phishers often attempt to get people to respond without thinking and a message that conveys a sense of urgency, this is trying to got your respond quickly.

3. Mistakes
The little things can often reveal the biggest clues. Some mistakes that is a sign of phishing such as formatting errors, typos and grammar mistakes, you can search by looking closely to the layout of the page.

4. Email Address and links
Users need to pay close attention to the addresses that are being included in the email. Mostly, the email address that is being used to send the email to you is from an unidentifiable source. Sometimes the links that you are urged to click may contain all or part of a real company's name, but the link you see is actually taking you to a phony Web site.

Phishing Prevention

There are some phishing prevention method which should hopefully help you in the future when you receive an email which you are unsure of where it has originated from.
=> It is important that you learn to recognize all types of phishing emails.
=> Never send any kind of sensitive personal information using an email.
=> Always ensure that you are using a secure website
=> Do not click on suspicious website

eBay Phishing Examples
(http://www.bustathief.com/what-is-phishing-ebay-phishing-examples/)


Re-entering account information

Message from eBay member



Update Credit Card information

The threat of online security: How safe is our data?



Nowadays, online security threats are one of the biggest challenges on the Internet. As internet users display their personal information on website and upload some sensitive data to online software programs, they are most probably at risk. Some users exploit the internet through the criminal behaviors and other harmful practices. These users are called hackers or internet intruders, they uses their stealth tactics to attack on the online computer users.
There are number of potential threats on the internet such as:

1. Viruses
A computer virus is a dangerous computer program with the characteristic feature of being able to generate copies of itself, and thereby spreading. Viruses exist on local disk drives and spread from one computer to another through sharing of "infected" files.

2. Spyware
Spyware is a form of malicious software designed to interrupt or to steal the personal and confidential without the consent of that computer’s user. Spyware can be delivered in a variety of ways including being attached with the legitimate software.

3. Trojans Horse
A trojan horse is a self-contained malicious program that does not replicate nor infect other files. Trojans are most often used to gain backdoor access remote, surreptitious access to the computer. The examples of Trojans are Remote Access Trojan (RAT), Backdoor Trojans (backdoors), IRC Trojans (IRCbots), and Keyloggers.

4. Pharming
Pharming refers to a technique of changing Domain Name System (DNS) servers that hackers get into Domain Name Servers to redirect visitors to a look alike site or change the host files inside your computer that take you to a sight that is designed to steal your identity.

5. Spam mail
Spam is flooding the Internet with many copies of the same message and most spam is commercial advertising. Spam by e-mail is a type of spam that involves sending identical or nearly identical messages to thousands of recipients without the permission of the recipients.

Security vulnerabilities and threats are file sharing applications, instant messaging, week passwords and outdated antivirus or anti spyware programs. The solutions to protect personal data, privacy and identity on internet is to install an up-to-dated antivirus program on your computer, install anti spyware program, update your operating system regularly by installing latest security program, never download a software program from the websites who has no integrity, never open an email attachment from the unauthorized source and encryption your data while transmitting over the internet.

Google is Changing Everything

Sunday, June 21, 2009


Among all the companies that associated with E-commerce, Google still is the search engine that has most impact in our work and life. With the effective and efficient IT and EC management, Google has grown and generate profit faster than any other EC company.

Google is trying to deliver technology that may organize the world’s information and make it universally accessible and useful. For example, Google is trying to reinvent the spreadsheet as a Web-based application. This application let the user input and share data easily. Furthermore, it can be shared with up to 10 users at one time. The data in the spreadsheet will be saved automatically onto Google computer servers.

By working with Google Base, Google may know the demand for Google Spreadsheet. This online database is use by the analysts to classify e-advertising, e-commerce activity. Google also supply enterprise search capabilities together with Bearing Point, which is an IT consulting firm. Bearing Point help Google enable to provide various data sources at a company. It also integrated with other applications such as Cognos Go! to access strategic enterprise information.

One of the real world examples is Kaiser Permanente which is the America’s largest non-profit health organization (HMO). Keep upgrading new knowledge is very important for Kaiser Permanente since the amount of available medical information of this HMO is doubles for about 7 years. The Permanente Knowledge Connection gives the medical staff available to access to diagnostic information, best practices, publications, educational material, and other clinical resources from anywhere in the Kaiser wide area network. As Keiser turned to Google Search Appliance, clinicians can search for leisurely research, urgent care. While the Doctors and nurses enable to search diagnoses and specify treatments, side effect of new medication and so on.

An example of an E-commerce success and its causes


E-commerce success story: eBay
Now, the conduct of business transaction over the Internet is becoming the dominant force in business and society. Many people decide to online shopping and trading because internet provides high speed communication, ubiquitous access to information. eBay is the world’s largest online trading community which seems to have been a success.





eBay.com is an online auction and shopping web site that allows people buy and sell products or services worldwide. This site offers users an opportunity to come together and allows buying and selling a wide range of items including fine collectibles. A gross merchandise sale is the key factor in determining success in Internet space. eBay.com doing $8 million (US$) a day in gross merchandise sales which quite lead over the other competitors such as Amazon.com auctions do about $300,000 a day in gross merchandise sales and Yahoo!’s auctions are somewhere in the neighborhood of $480,000 a day. Besides, according to a Compete.com study, the eBay.com attracted at least 902 million visitors annually by 2008.

Why eBay can be successful to be the world’s largest online trading community?
I found out that eBay continues to develop new ideas, new programs, new services which lead eBay to be attractive and safety online trading location.

From time to time, some people are coming to the site to list items that are in direct violation of user agreement such as the couple in Chicago that were going to put their baby up for auction and the person who put a human kidney up for auction. eBay were investigated the listing and able to find those individuals, suspend their accounts, suspend them from eBay and remove the items from the auction site. Well, in order to reduce those infrequent occurrences to much greater extent, eBay require all new users to eBay, who are going to sell items, to provide eBay with credit card. This not only discourage people from coming to the site to engage in fraud or listing pranks, but also allows eBay has a credit card to assist them in working with the law enforcement community. Thus, eBay was creating a trust and safety trading environment which the great majority of people who are selling on eBay are really warm, decent, trustworthy and honest people.

Besides, more and more traditional brick-and-mortar types of businesses making entryways into the Internet space. Those people feel that eBay was so enticing, fun and in many ways profitable that they created a brand new business for themselves on eBay. eBay will also help users create own web site on eBay. This let users feel that there is an investment required to participate and accountability.

In addition, eBay will continue provide new services to achieve user’s needs. For examples, eBay purchased Butterfield & Butterfield which now called eBay Great Collections that designed to bring higher valued items to the site. Besides, they also purchased a company called Cruise International Auctioneers and created an automobile site on their site which allows people to list automobiles in a separate category, and it also creates a site where collector automobiles can be auctioned off on eBay. The idea for those two purchases are came from their user community because users were sending signals to eBay that they were interested in listing additional higher priced items

An example of an E-Commerce failure and its causes

Potential causes for DotCom failures
Many newly formed DotCom companies around the world failed as the online bubble began to burst in mid-2000. It was predicted that a high percentage of e-commerce start-ups or newly formed pure DotCom companies would fail.
The causes of failure can be separated to two main categories – controllable and uncontrollable causes – as shown in chart. Controllable causes can be further divided into strategic, operational and technical causes, while uncontrollable can be divided into technical and behavioral causes.



Controllable causes
The analyses involve managerial decisions regarding strategic, operational and technical issues, which were under direct control of decision makers.

Strategic causes
Strategic causes evolved from decision making that determined the objectives, resources, and policies of the organization:
1.Lack of business experience. Most wrong decisions were made because DotCom entrepreneurs lacked a clear understanding of business fundamentals in the areas of finance, marketing, distribution and inventory.
2.Poor business model. The absence of sound business strategies can lead to poor business models and the absence of declared business benefits. Many DotCom firms were offering free services, totally depending on advertisement revenue.
3.Free-spending pattern. One of the reasons behind the failure of many DotComs was a wrongly focused free-spending pattern to support or to initiate high growth. The companies tended to overspend on marketing and IT infrastructure in an attempt to grow quickly.
4.Coders as planners. During the DotCom boom, many business ideas came from coders (programmers) who were inexperienced in devising sound business plans, proper utilization of funds, business strategies and decisions.

Operational causes
1.Vulnerable financial structure (back-up funds). Although most DotCom start-ups raised funds through venture capital for initial operations, they struggled to bring additional capital from an increasing number of reluctant investors.
2.Managerial incompetence and misuse of funds. Many spent money on fancy offices, expensive travel, free food, wrong projects and even hired unqualified staff.
3.Poor customer support. Most DotComs, however, was mainly interested in getting customer orders, but overlooked the importance of after-sales interaction with the customers.
4.Inefficient promotion. Most online companies invested massively on promotion without the backing of sound market research and, thus, failed to use the most effective media to penetrate the target market for the company's products or services.
5.Slow delivery. Resulting dynamic changes posed by e-commerce, many DotCom companies were caught off guard and were too slow to respond to the changes.

Technical causes
1.Web design: slow loading. Having a Web page with JavaScripts, Flash or frames, pop-up advertisements and lots of graphics does not guarantee success. On the other hand, too many graphics and other bells and whistles may slow down the loading time of the page on a user's computer, and the user may become too impatient to stay with the Web site.
2.Down server. Web servers need to be up and running with minimal interruption. Long server down time is also responsible for many DotComs' failures because customers quickly lose their interest if the site is down quite frequently due to repair or improvement, and may not want to visit the site again.

Uncontrollable causes
Like conventional businesses, companies offering products on the Internet are also negatively affected by factors that are uncontrollable. Uncontrollable causes can be classified into two categories: behavioral and technical.

Behavioral causes
1.Over-expectation. Over-expectation is seen as one of the many factors behind many failed DotComs. Many firms did not have adequate planning when they entered into the market with a dream that the products they were offering were good enough to attract consumers. They expected too much too soon.
2.Weak reliability. Reliability and trust in commercial transactions on the Internet are required for the involved parties so much, which may make or break an e-commerce project. Customers need guarantees that the product quality, delivery time, and customer service will be reasonable, and the confidential information will not be misused.
3.Weak customer loyalty. A common belief associated with e-commerce is that a weak customer loyalty to brand names or particular sites will lead to few loyal customers. Online brands that have a very short history fell into the trap of improper advertisement and low quality. It takes some time to build customer loyalty, but very little to destroy it.
4.Mushroom growth. Many DotComs flooded the market with similar products or services and created intense competition among them. Since the online industry was in its infancy, the acute competition seriously reduced the survival chances for some companies.

Technical causes
Some technical issues, categorized as uncontrollable, negatively affected Internet start-ups. In the technical issues are including Internet security and lost transactions are discussed:


1.Internet security problems. “Most of us who have purchased items via the Internet have felt reluctant about the transaction at some point – usually when entering our credit card number”. Hackers are unauthorized people who access in any firm's database as valid users and perform actions intentionally to adversely affect the company's business.
2.Missed transactions. Another hurdle that DotComs faced was missed transactions, where customers created purchase orders. For example, due to problems such as connection drops, busy signals and other technical glitches, the transactions were not processed.

The history and evolution of E-commerce


Nowadays, E-commerce plays a great role in our lives. E-commerce is the process of buying, selling or trading products, goods, services and information through computer network.

Back in 1970s, E-commerce is defined as the process of facilitation of commercial transactions electronically by using Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT). Company trades and transacts products and information with other companies with the assist of these technologies. However, the use of EDI was not widely accepted because there are variety format of EDI which had caused companies difficult to interact with each another. In 1984, ASC X12 Standard was introduced. It is more stable and companies had used it to perform business transactions and transferred large amount of information.




E-shopping concept was introduced by Michael Aldrich in United Kingdom on 1979. Following the years in 1980s, credit cards, automated teller machines (ATM) and telephonic banking were also introduced.

The first web browser, World Wide Web (www) was written by Time Berners-Lee. The first "point and click" browser, Mosaic web-browser was also created in 1993 which quickly adapted into a downloadable browser and Netscape in 1994 under the code name Mozilla which allowed easier access to E-commerce. In 1990 onwards, E-commerce also includes the ERP, data mining and data warehousing.

Although the use of internet was popular around the globe in 1994, but the world took about 4 years to develop security protocols which allowed rapid and persistent access or connection to the internet. The succession founded of Amazon and E-bay in 1994 and 1995 have caused E-commerce become more popular. People started to online and thus E-commerce evolves to be what we have known now, which is buying and selling goods over the internet.