An Investigation into Electronic Commerce Frauds and their Security Implications

Transcription

1 An Investigation into Electronic Commerce Frauds and their Security Implications Thesis Submitted in partial fulfilment of the requirements for the Degree of Bachelor of Science (Honours) in Computer Science and Information Systems at Rhodes University. by Kevin Boardman Department of Computer Science 7 November 2004

2 Abstract Electronic commerce has the potential to offer many benefits both to the consumer and to the business, but the recent rapid rise in online fraud causes concerns over the security of e-commerce transactions. This paper identifies a number of common options for securing the e-commerce transaction and critically analyses these mechanisms. A number of weaknesses in one of the most readily implemented solutions to e-commerce security (SSL) are identified and it is found that payments protocols, if widely adopted, would offer the best solution to securing the e-commerce transaction. 1

3 Acknowledgements To my project supervisor, John Ebden, for all his guidance, patience and support. To everyone at the Rhodes University Computer Science and Information Systems Department. To Telkom SA, Business Connexion, Comverse SA, and Verso Technologies for the financial and technical support of this project through the Telkom Centre of Excellence at Rhodes University. To my parents for all their support. To all my friends for all the good times. Thank you 2

4 Table of Contents Chapter 1 - Introduction Motivation Research Goals Document overview...8 Chapter 2 - E-commerce Background Importance of e-commerce Types of E-commerce Fraud in E-commerce...12 Chapter 3 - Design Considerations Scope Merchant perspective Limitations Approach...16 Chapter 4 - Taxonomy of Threats to E-commerce Types of threats Types of attacks Methods of attack Opportunities for attack in the e-commerce transaction...21 Chapter 5 - Securing the E-commerce Transaction Data Transport Security requirements E-Commerce Security Mechanisms User IDs and passwords, tokens and biometrics Public Key Infrastructure (PKI), Digital Certificates and Digital signatures Secure channels and the Secure Socket layer (SSL) Secure Payments and SET Pseudo Card Numbers

5 Chapter 6 - Critical Analysis of the E-commerce transaction security mechanisms User IDs and passwords, tokens and biometrics Tokens Biometrics Public Key Infrastructure (PKI), Digital Certificates and Digital signatures The Secure Socket Layer (SSL) Problems with SSL The insecure merchant and Illegitimate merchant problem Secure Payments and SET Advantages of SET Disadvantages of SET Pseudo Credit Card numbers Advantages Disadvantages Summary...51 Chapter 7 - Case Study CD Universe MSNBC discovers flaw...53 Chapter 8 - Options and Recommendations Option Option Option Option Option Option Option Option Options 9, 10 and Option Conclusion

6 Chapter 9 - Conclusion Research contributions Application Future Work

7 List of Figures Figure 1: The increase in internet related frauds reported to Consumer Sentinel from 2001 to Figure 2: An example of a visual representation of a digital certificate issued by the Thawte Certificate Authority to Kalahari.net...30 Figure 3: Steps involved in the pseudocard transaction based on those identified by Clark [2001]...38 Figure 4: The insecure merchant problem...46 Figure 5: The illegitimate merchant problem...47 Figure 6: The use of payments protocols in order to prevent the illegitimate merchant and insecure merchant problems

8 List of Tables Table 1: Comparison of the advantages and disadvantages of mechanisms used to secure the e-commerce transaction...40 Table 2: Options for securing e-commerce

9 Chapter 1 Introduction This chapter introduces the project, discusses the need for it, identifies the research goals and gives a brief overview of the paper. 1.1 Motivation Recently there have been a number of cases of fraud involved in e-commerce. This raises the question of whether the security measures involved in securing the e- commerce transaction are adequate. If they are not adequate, the question of whether there are other measures available that may improve this security and prevent these frauds is raised. Because of the number of recent frauds and the questions raised by them, this project was conceived. 1.2 Research Goals This paper has two major aims: 1. To evaluate current implantations of e-commerce security in order to discover potential strengths and weaknesses 2. To identify solutions to these weaknesses. 1.3 Document overview Chapter 2 discusses the background of e-commerce in order to ascertain the degree of e-commerce frauds currently being perpetrated and its effects on the adoption of e- commerce. Chapter 3 identifies the design considerations that needed to be taken into account when writing this paper and introduces the formulated approach. Chapter 4 then discusses the types of threats, attacks, methods of attack and opportunities for attack in the e-commerce transaction. Chapter 5 identifies the requirements of a secure transaction and the mechanisms available to fulfil those requirements. In 8

10 chapter 6 a critical analysis of the mechanisms identified in chapter 4 is conducted. A case study is then discussed in chapter 7 and chapter 8 identifies a number of options and recommendations for securing the e-commerce transaction. 9

11 Chapter 2 E-Commerce background Ghosh [1998] describes electronic commerce as a new way of interacting, bartering and transacting with people and businesses. Hutchinson and Warren [2003] state that e-commerce focuses on the electronic exchange of information using information and telecommunications infrastructures to perform a wide range of commercial activities that can be divided into business-to-consumer and business-to-business sectors. Some of these commercial activities include online auctions and internet banking. E- commerce can therefore be seen as a new way of trading of goods and services over an electronic infrastructure such as the internet. 2.1 Importance of e-commerce According to Verisign [2004] electronic commerce is a strategic imperative for most competitive organisations today as it is a key to finding new sources of revenue, expanding into new markets, reducing costs, and creating breakaway business strategies. It can therefore be seen that e-commerce has the potential to offer many rewards to businesses that involve themselves in this new form of business. E- commerce also offers benefits to the consumer. These benefits may include savings in time, convenient access to a broad variety of shops and merchandise, and instant ability to compare price and quality of products [Ahuja, 1997]. Electronic commerce has the potential to offer many benefits both to the consumer and to the business but because of concerns over the security of e-commerce transactions many consumers and businesses are still wary of it. According to Ghosh [1998] the first concern for both business and consumer of entering the e-commerce market is the potential for loss of assets and privacy due to breaches in the commercial transactions and corporate computer systems. However, this is not to say that e-commerce potential is being totally ignored by consumers, in fact Burrows [2004] states that according to internet analyst World Wide Worx, the number of online banking accounts in South Africa grew by 28% to 1.04 million in 2003, and that these figures are expected to 10

12 increase by 30% in Electronic banking in America is also on the increase as according to the Gartner Group [2003] 17 percent of Americans used online banking services by the end of 2002 and this figure will continue to grow by 14 percent up to the end of These figures show that despite some security concerns electronic commerce related activities such as e-banking continue to grow. 2.2 Types of E-commerce There are many types of e-commerce, that can be categorised into groups depending on the involved parties and types of transaction. The Queensland government s department of state development and innovation [2001] identify the following types of e-commerce: Business to Business (B2B) Interaction between two businesses in order to support one business trading with another. According to the Queensland governments department of state development and innovation [2001] B2B e- commerce made up 94% of all e-commerce transactions. Business to Consumer (B2C) Direct interaction by the consumer with the supplier s system through the clients own computers. In this case the web is usually used as a medium to order goods. Consumer to Business (C2B) In this case the consumer requests a specific service from a consumer to business e-commerce site. A specific business will then access the web site and reply to services that they are able to fulfil. Business to Employee (B2E) This type of e-commerce facilitates the interaction between the company and its employees. This is usually done through private networks such as intranets and extranets. Consumer to Consumer (C2C) In this case a central consumer to consumer e-commerce site allows one consumer to list a product or service and another consumer to purchase that product or service through the specific site. Online 11

13 auction sites are a prime example of this type of e-commerce, where an e- commerce site facilitates the interaction between two consumers. This paper concentrates on the Business to Consumer type of e-commerce transactions that are conducted over the internet in which payment is performed by credit card, but in many cases can be generalised to suit any type of e-commerce mentioned above. 2.3 Fraud in E-commerce Some security concerns in e-commerce may be well founded when some of the statistics relating to electronic commerce security are considered. Fraud is increasing at a rapid rate. Figure 1 represents the increase in internet related frauds based on information published by Consumer Sentinel [2004] from 2001 to Internet Related Frauds reported to Consumer Sentinal from 2001 to , , , , ,000 80,000 60,000 40,000 20, Number of reported frauds Figure 1: The increase in internet related frauds reported to Consumer Sentinel from 2001 to 2003 According to the Journal of Computer Security and Fraud [2003] the cost of fraud in 2002 more than doubled that in The above information indicates that there is a gradual increase in internet related frauds and therefore questions the security of many commercial activities that occur over the internet. 12

14 E-commerce is a new way of performing business transactions that can be beneficial to both consumer and business. Unfortunately statistics show that although there is a general increase in the use of e-commerce applications, such as electronic banking, many of the commercial activities are still insecure. 13

15 Chapter 3 Design Considerations When analysing security within e-commerce a number of design considerations need to be identified. Design considerations include the scope and limitations of the project which lead to the type of approach taken in order to investigate the problem identified by this project. 3.1 Scope The area of e-commerce security is extremely broad and all areas of e-commerce and its security cannot be dealt with in this paper. A number of types of e-commerce have been identified in the background (Business to Business, Consumer to Business, Consumer to Consumer and Business to Consumer). While all of these types of e- commerce should be kept in mind when considering e-commerce security, as much of what is mentioned in this report can be generalised to all types of e-commerce, this paper will concentrate on Business to Consumer e-commerce. This was decided on as security breaches in this area occur relatively often and receive a great deal of publicity. After narrowing the type of e-commerce for this project down to Businessto-Consumer a number of types of payment can be identified, these include stored value payments such as E-Bucks and standard credit card payments. It was decided that credit card payments should be an area of focus in this paper, as a number of credit card thefts and fraud keep taking place. Security itself is a broad category and the scope of this paper needs to be refined in this regard. This paper will therefore not be concerned with general security factors such as firewalls and will only focus on e-commerce specific mechanisms for securing the credit card transaction. 14

16 3.2 Merchant perspective Another important design consideration when analysing e-commerce security, is deciding from which perspective to consider e-commerce security. Two different perspectives can be identified: Client and Merchant. The client s perspective on security involves the client wanting to purchase goods online knowing that his details are kept confidential and that no illegitimate charge will be charged to his/her credit card. The client may also be concerned with ease of use of the system and factors such as this could affect his adoption of the security mechanism. The merchant on the other hand is concerned with security firstly. This is because of the loss in credibility the merchant suffers if there is a breach, and because customers are obviously more comfortable buying from a site that is recognized as being secure. The merchant is also concerned with the ease of implementation and maintenance of the e-commerce system as well as consumer adoptability and cost. Because of these factors a merchant should also be concerned with the client perspective mentioned above. This paper will therefore take the perspective of a new or existing merchant looking to implement a secure e-commerce system. 3.3 Limitations A number of limitations have been considered when writing this paper. The main limitation is the difficulty in gaining real information from e-commerce security breaches in the form of case studies. This is due to the secretive nature of many of these breaches. Companies obviously do not like to publicly declare details on systems breaches because of the effect it might have on their reputation and for fear of further attacks. Detailed technical information on real world e-commerce frauds is therefore difficult to find and has had a limiting effect on this project. This limitation means that this project was only able to consider one case study which was based on investigative journalism rather than formal technical reports. 15

17 3.4 Approach After considering the factors mentioned above, an approach for the paper can be generated. Firstly it was decided that in order to understand e-commerce frauds, the threats to e-commerce need to be identified, therefore a taxonomy of threats should be created. After the threats are identified, the requirements of a secure e-commerce transaction as well as the mechanisms used to secure e-commerce need to be identified. A critical analysis of the mechanisms will then be conducted in order to discuss the advantages and disadvantages of each technique. It was then decided that in order to identify real world problems, a case study of a breach in e-commerce security should be discussed. Once the case study has been discussed a number of options for securing e-commerce are identified and recommendations are made. 16

18 Chapter 4 Taxonomy of Threats to E-commerce In order to successfully analyse the security of e-commerce the threats to electronic commerce security must be examined. A threat can be defined as the potential to exploit a weakness that may result in unauthorised access, disclosure of information or consumption, theft or destruction of a resource [Ahuja, 1997]. These threats emerge as the infrastructure that supports e-commerce can be susceptible to abuse, misuse and failure causing financial loss due to fraud and lost business opportunities due to loss of service [Verisign, 2004]. Ford [1998] argues that these weaknesses in the infrastructure emerge as the internet was never designed with security in mind and is therefore an open network. This openness of the network combined with an absence of a prior real world relationship creates problems of confidentiality, identification and trust. 4.1 Types of threats Computer security experts consulted in Freedman [2000] stated that hacking into a bank s system was possible but usually only if information from the inside was provided. This introduces two types of threats, identified by Ghosh [1998] as internal and external threats. Internal threats are perpetrated by individuals who have authorised access to at least some of the organisation s internal systems while external threats are perpetrated by those who do not have this access. Ghosh [1998] states that internal threats are the threats that are most likely to be overlooked yet the most likely to occur. Internal threats include: 1. Current employees: Anyone with knowledge of the workings of the company e-commerce system has a significant advantage over external attackers and may use this inside information to compromise the system. This may be motivated by curiosity, financial gain or dissatisfaction at the company. 17

19 Systems administrators have significant power and expertise in order to perpetrate internal attacks. 2. Disgruntled ex-employees: Employees that have had technical experience within the company and have been fired are potentially very dangerous as they have the motivation and expertise to perpetrate attacks. This paper however, will concentrate on external threats faced by e-commerce. External threats include: 1. Script Kiddies: These types of attackers are usually not very skilled and use scripts or programs created by others to compromise systems. Script kiddies are usually vandals defacing web sites or performing denial of service attacks for example, rather than intentionally stealing money directly through credit card transactions. 2. Cracker: These attackers are usually very technically astute and have the ability to understand systems and write programs in order to exploit them. Some crackers penetrate systems in order to test their technical ability and skills and may therefore focus on breaking the system instead of trying to gain financial advantage. These individuals may however seek recognition for their achievements by publishing their exploits of systems on the internet; these published exploits may then be used for ill purpose by script kiddies or by criminals or fraudsters. 3. Criminals and fraudsters: Attackers of this nature range from individuals wanting to avoid small payments to organised criminals looking to steal large amounts of money. Their sole intention however is financial gain which could be perpetrated through credit card fraud or extortion for example. 18

20 4.2 Types of attacks In order to protect against e-commerce fraud not only the types of attackers must be identified but types of attacks that can be perpetrate and protected against must be considered as well. Types of attacks include: 1. Vandalism and Sabotage: involves intentionally defacing of digital property for example adding graffiti to a web site. The illicit modification of e-goods and denial of service would also fall under this category. 2. Breach of privacy/confidentiality: involves secret data such as a clients personal details being disclosed to unauthorised parties. A compromise of a client s credit card number would be another example which could result in either unauthorised funds or political embarrassment. 3. Theft and Fraud: involves an attacker gaining unauthorised access to a system to steal resources by impersonating an authorised user in the case of fraud. 4. Breach of Data Integrity: involves the altering of data by an unauthorised entity even though the information itself might not have been disclosed. An example of this would be the spoofing of a packet s source IP address. 5. Repudiation: involves a party falsely denying a transaction occurred such as a merchant denying an order was placed after the fact. Many of these types of exploits may be used to perpetrate theft and fraud and therefore this paper concentrates on exploitations of theft and fraud. 4.3 Methods of attack In order to perpetrate the above mentioned exploits specific methods of attacks may be employed by the attacker. Some of these exploits include: 19

21 1. Denial of service attacks: involves an attack on a network or a service which floods the network with traffic so that the network is slowed or interrupted. An example would be the continuous request for information from a web server by an attacker resulting in the server being unable to cope with these requests, crashing or not being able perform its function. 2. Spoofing (web, or IP): involves the forging of a piece of information so that someone authenticating the information believes you are someone you are not. A simple example is a web page that has the official logo and a similar address of the spoofed company displayed but however is run by a fraud thereby assuming the companies identity for personal gain. More complex spoofing, of IP addresses and authentication information for example can be achieved by transmission interception and replay attacks. These attacks involve recording and altering of confidential transactions such as authentication packets and replaying these packets so that the intended recipient believes you are someone you are not. 3. Man in the middle attacks: These attacks involve the interception of information while in transit between the sender and receiver. This information can then either be read and/or altered and then forwarded to the intended receiver to achieve fraudulent activity for example. 4. Buffer overflows: allow attackers to execute their own code through a flaw in legitimate software that results from the user being able to overwrite the space allocated for a specific input. A fraudster could use a buffer overflow flaw in an e- commerce system to execute a program that steals credit cards for example. 5. Backdoors: A program that allows security measures to be circumvented, allowing easy access to unauthorised persons. 6. Spyware: A program that monitors a user s actions without the user s knowledge. An example would be a key stroke logging application that records a user s password and then forwards it to a fraudster. 20

22 4.4 Opportunities for attack in the e-commerce transaction There are certain procedures and processes in an e-commerce transaction and payment process that provide opportunities for attack. The following opportunities for attack are loosely based on guidelines identified by The Australian Government s Department of defence [1999]. 1. Opportunities for attackers to obtain goods or services without making payment. a) A merchant selling electronic goods or services can be vulnerable to unauthorised access to the merchant server on which these goods are stored. b) If an attacker can compromise the payment server the attacker can falsely advise the merchant that a payment has been made. 2. Opportunity for attackers to compromise client s details. a) Client s payment details (e.g. credit card numbers) that are stored on merchant systems are vulnerable to attack from an attacker who can access this system. b) Client s payment details could be intercepted while in transit between the client, merchant or payment provider. 3. Opportunities for attackers to modify merchant s online goods and services. a) Compromise of the merchant server on which these goods and services are stored could result in the unauthorised modification of these assets. 4. Opportunities for other types of attacks. a) Potential for an attacker to generate false refunds if he/she is able to access the payment system. b) The potential for an attacker having gained access to the payment system to redirect funds to his/her account. Claessens et al [2002] point out that one of the biggest threats to security is not a technical threat but the threat of the human factor which can be caused by human error or carelessness such as the sharing of a password. According to Claessens et al 21

23 [2002] these human factor risks can be prevented by education and the enforcement of policies. It is thus important to note that although the focus of this paper is the technical risk to e-commerce, risks such as the human factor should be considered when securing an e-commerce system. Threats in e-commerce emerge from the fact the internet was not created with commercial transactions security in mind. The underlying infrastructure on which these transactions are based is therefore insecure. External threats to secure transactions such as fraud and breach of confidentiality and opportunities for attackers to compromise client details will be specifically addressed. Next the methods of preventing these threats will be considered. 22

24 Chapter 5 Securing the E-Commerce Transaction Now that the threats to e-commerce security have been identified some common safeguards can be identified and discussed. Ghosh [1998] identifies four fronts on which the e-commerce system must be secured: web client security, operating system security, web server security and transport security. Hutchinson and Warren [2003] identifies three similar areas of security within an electronic commerce banking environment, these include the bank (merchant), the internet and the client. For the purpose of this study three main areas of concern will be considered: merchant security, transport security and client security, where merchant security includes the merchant s and bank s web server and operating systems. Merchant security involves the security of the systems of the provider of the service for example an online book store. This includes the merchant s web server security and the merchant s operating system s security upon which the web server security is based. Most sources cited the merchant side as being vulnerable as information is stored unencrypted by merchants after transmission. Techniques to secure the merchant side of transactions rely heavily on the use of firewalls to prevent the operating system from being exploited by hackers [Ghosh, 1998]. According to Hutchinson and Warren [2003] the responsibility of the merchant side of security, the bank in an electronic banking environment, is to validate customers by authentication, to authorise and honour transactions and to ensure non-repudiation. Client side security is generally agreed to be the most difficult area to enforce. This is due to the fact that it is up to the user to make sure security procedures and protocols are in place. Most users however do not understand computer security and therefore client machines are usually left unprotected. Ghosh [1998] identifies two main risks on the client side as being vulnerabilities in the browser software and risk associated with active content on the web. 23

25 Secure transport involves the securing of information when it is in transit between the client and the merchant. The following section deals with the requirements of securing the e-commerce transaction at the transport stage. 5.1 Data Transport Security requirements Claessens et al [2002], Hutchinson and Warren [2003], Radha [2004], Sahut and Galuszewska [2004] and Versign [2004] all agree on four basic security requirements of e-commerce transactions: authentication, confidentiality, data integrity and nonrepudiation. Authentication can be defined as the ability to uniquely identify a person or entity and to prove such identity [Hutchinson and Warren, 2003]. An example of this would be a merchant verifying that it is the company it professes to be through the presentation of a digital certificate. Entity authentication in the context of e-commerce is the process in which a consumer verifies that a merchant s presented identity corresponds with their real identity. This is an extremely important requirement in securing e-commerce transactions and according to most literature reviewed is the cornerstone of electronic commerce security. The Federal Financial Institutions Examination Council [2001] states that reliable customer authentication is imperative for financial institutions involved in any form of electronic commerce as effective authentication systems can help prevent fraud. The council argues that the risks of conducting business with incorrectly authenticated individuals could cause irreversible damage to a company through financial loss and reputation damage due to fraud, corrupted data or disclosure of confidential information. It is thus of paramount importance that secure authentication techniques are set up when performing business transactions over an open electronic network such as the Internet. Confidentiality makes sure that only authorized users have access to the content of the exchanged information [Claessens at al, 2002]. It also can be described as the ability to prevent unauthorised parties from understanding transmitted data [Hutchinson and Warren, 2003]. Confidentiality can therefore be seen as the process of keeping data secret when it is transmitted over an open network. This can be achieved by cryptographic techniques and infrastructures such as the Public Key Infrastructure 24

26 (PKI) which will be discussed in more detail a little later. The importance of confidentiality in an e-commerce context can be seen when a consumer sends a merchant payment details. The consumer would obviously not like these details, which may include credit card numbers for example, to be intercepted and used by a third unauthorised party and therefore confidentiality is required. Data integrity is another security factor required when dealing with e-commerce transactions. Sahut and Galuszewska [2004] indicate that for a transaction to be secure data cannot be intentionally or unintentionally changed during the session. According to Hutchinson and Warren [2003] data integrity is the ability to assure that data has not been modified accidentally or by any unauthorised entity. Data integrity is important in electronic commerce as it prevents unauthorised users from changing critical data such as credit card numbers while in transit. Techniques used to ensure data integrity include the use of digital signature which will be discussed further on in this paper. Non-repudiation can be defined as the ability to prevent a denial of actions by a person or entity [Hutchinson and Warren, 2003]. This means that a recipient of a message should be in a position to prove that he (the recipient) received a message that could only have originated from the sender [Radha, 2004]. In an e-commerce context a person placing an order can therefore not refute that fact that he and no one else could have placed the order. 5.2 E-Commerce Security Mechanisms In order to enforce the requirement mentioned above, mechanisms need to be put in place. These mechanisms vary in effectiveness of enforcing the above requirement and each has advantages, disadvantages and different applications within varied environments. Some mechanisms are best suited to creating secure channels and others to securing payments or simply enforcing authentication. These mechanisms include: user IDs and passwords, Public key infrastructure and Digital certificates, Digital Signatures, Secure Socket layer (SSL), and SET (Secure Electronic transactions). 25

27 5.2.1 User IDs and passwords, tokens and biometrics User IDs and passwords, tokens and biometrics are fundamentally concerned with authentication of an individual. According to The Federal Financial Institutions Examination Council [2001] authentication methodologies involve three factors: something a user knows (a password or pass phrase), something the user possesses (a token) or something the user is (a biometric characteristic, such as a fingerprint). The user ID/password technique provides for authorisation by verifying the user ID against the password provided. This technique relies on the fact that the password is kept secret. User IDs in combination with passwords are considered a single factor authentication technique which has gained popularity because of its ease of use and its adaptability [The Federal Financial Institutions Examination Council, 2001]. The popularity of this mechanism can be seen in its wide spread adoption in operating systems login authentication. Both Ford [1998] and Verisign [2004] agree that although passwords and user IDs (usernames) have become the most widely used authentication technique, it is unfortunately one of the least secure methods of authentication available. Authentication involving something that a user owns involves the use of tokens. These tokens can come in the form of devices that interact directly with the computer e.g.: smartcards or devices that don t interact with the computer at all e.g. Digitags that generate one time passwords. Tokens can be used in isolation or in combination with passwords, PKI, SSL and payment protocols. Due to these vulnerabilities and threats, passwords are often combined with physical tokens to create multi-factor authentication in order to improve the reliability of the authentication [Ford, 1998]. According to The Federal Financial Institutions Examination Council [2001] multifactor authentication methods are more reliable indicators of authentication and are therefore stronger fraud deterrents. Thus passwords can be used in combination with tokens such a smartcards which provide a higher level of authentication security. Because the authentication process cannot be completed without the device being present, or in some cases the device itself being locally authenticated, the transmission of shared secrets over an open network such as the internet can be avoided [The Federal Financial Institutions Examination Council, 2001]. Tokens that generate one 26

28 time passwords provide protection against guessing of passwords, while tokens that store private keys prevent unauthorised parties accessing the user s computer and copying the keys for their own use. The authentication process can be greatly improved through the use of tokens in combinations with passwords to create a multifactor authentication process but authentication also relies on the correct implementation of policies, procedure and controls. Biometric techniques such as retinal scanning, fingerprint analysis and handwriting or voice recognition it is generally agreed is one of the securest methods of authentication. Despite this Ford [1998] points out that these techniques are very expensive to implement correctly and are therefore usually only considered for high security applications with a big budget Public Key Infrastructure (PKI), Digital Certificates and Digital signatures The user ID/password, token and biometric techniques for securing e-commerce all concentrated only on authentication that required the password or key to be kept secret. The following section deals with techniques used to fulfil the other requirement s of e-commerce transactions security such as data integrity, nonrepudiation and confidentiality. Confidentiality in electronic transactions relies heavily on encryption techniques but an in depth discussion of encryption is beyond the scope of this paper. Therefore a technique for providing confidentiality, data integrity, non-repudiation and authentication, the public key infrastructure (PKI), will be examined briefly. According to Verisign [2004] one of the most popular methods of protecting information is through the use of a virtual key system, in which information is encoded according to an encryption algorithm so that it can only be decrypted by a user who holds the correct key. In a private key system one key that has the ability to encrypt and decrypt a message is shared between users needing to communicate. The sharing of this secret key therefore makes this system vulnerable when keys are transmitted over an open network such as the internet. Public Key Infrastructure (PKI) 27

29 uses public key cryptography which is asymmetric. This means that two separate but related keys are involved: a public key which is shared with entities with which a user wishes to communicate and a private key which is not shared and kept secret [Radha, 2004]. The public key and private key perform inverse operations Verisign [2004] and therefore when the one is used to encrypt a message the other is used to decrypt it. Therefore when a sender A wishes to communicate with a receiver B, A will encrypt a message with B s public key. B on receiving this encrypted message will decrypt it with his private key. This method ensures that only the holder of B s private key will be able to decrypt the message. According to Radha [2004] the advantage of using PKI over private keys is that key management becomes much easier, for example if A needs to communicate with 10 people he does not have to share 10 different secret keys but only has to share his public key in each case. However this method is somewhat inefficient in speed and involves the trusted third party, a Certification Authority (CA) [Radha, 2004]. The method described above deals with confidentiality of a transaction but does not ensure data integrity, authentication and non-repudiation. Radha [2004] indicates that hashing, which generates a unique hash code called a message digest for any message, is used to ensure the integrity of a messages. This hashing technique will ensure that a change in the message when transmitted will cause a change in the message digest which is generated from the received message at the receiving end. Therefore at the receiving end the newly generated message digest is compared against the original message digest which is sent by the receiver along with the message. If both message digests compute to be the same then the message has not been altered. In order to provide authentication and non-repudiation this hashing function is combined with public key cryptography to form a digital signature. According to Radha [2004] digital signatures verify that the sender is in possession of a unique private key and that the message has not been altered in transit. The process of sending messages and receiving messages that provide authentication, confidentiality, non-repudiation and data integrity using the techniques described above is outlined by Radha [2004] in the algorithm below: 28

30 For sender A to send a message to B, he 1. Encrypts the message with B s Public Key 2. Computes the hash of the message 3. Encrypts this hash with his own private key (Digital signature) 4. Sends the encrypted message, his public key and the digital signature to B At the receiving end, B 1. Decrypts the digital signature with the Public Key of B and receives the hash sent by A 2. Decrypts the message with his own Private Key 3. Computes the hash of this message 4. Compares the hash sent by A and the one he computed 5. If they match, the message has met all security criteria including integrity, if not the message should be discarded It must be remembered that it is usually the software that performs these action in the background without the client being aware. The techniques above all have the potential to make the transactions in e-commerce more secure, however a problem still exists: an owner of a public key could claim to be someone he is not. The sender must therefore be capable of assuring the receiver that a given public key is indeed from the sender [Ahuja, 1997]. This assurance is created by the use of digital certificates which are data structures that associate public keys with specific people [Radha, 2004]. An example of a visual representation of a digital certificate can be seen in Figure 2. According to Ford [1998] the function of distributing digital certificates, thereby attesting to the relationship between the public key and a specific person, is performed by certification authority (CA). In Figure 2 the certificate authority attesting to the relationship between the certificate and Kalahari.net is the Thawte Certificate Authority. 29

31 Figure 2: An example of a visual representation of a digital certificate issued by the Thawte Certificate Authority to Kalahari.net Radha [2004] states that the association between public key and subject is achieved by having a trusted CA verify the subject's identity and digitally sign each public key along with other user credentials. So instead of a public key being distributed, one has to distribute his digital certificate to the public. Certification authorities eliminate the problems of physical separation associated with digital signatures, and introduce the problem of accepting a third party as suitably trustworthy [Ford 1998]. Radha [2004] explains that this problem may allow fraudsters to set up their own certificate authority and issue themselves with digital certificates which they can force the browser to trust. A suggestion is made that to secure the PKI further, control of which certificates should be trusted should be given to a local authority instead of trust being preinstalled in the browser. 30

32 According to Radha [2004] PKI can be used to secure transactions between a client and a merchant server so that no-one can sniff information passing along the wire. This can be achieved by using protocols such the Secure Socket Layer (SSL) which will be discussed later in this paper. PKI can also be used to authenticate software by distributing software that is signed by the publisher. This helps to prevent fraud as much fraud is committed through the distribution of malicious software. PKI is relatively secure infrastructure which has many benefits but is usually not used in isolation for e-commerce. The Federal Financial Institutions Examination Council [2001] states that PKI decreases many of the vulnerabilities related to passwords as it does not rely on shared secrets and its electronic credentials are difficult to compromise. Disadvantages of the infrastructure include the reasonably high cost to implement and the high complexity of implementation and management of PKI Secure channels and the Secure Socket layer (SSL) Secure channels which ensure confidentiality, authentication, and data integrity should be established between the client and the merchant before any e-commerce transactions take place. The Secure Socket Layer (SSL) is a method of providing a secure channel between clients and merchants. In fact according to Ghosh [1998] SSL is the de facto protocol for securing communication channels in e-commerce although it does not provide mechanism for handling payment. SSL is a protocol that is positioned above the transport layer and below the application layer in the protocol stack. It can therefore conceptually provide secure services to many different applications at the application layer such as telnet and ftp [Ahuja, 1997] but its main application is securing channels through the web. SSL provides security through some of the methods mentioned in the public key infrastructure: confidentiality is provided by end to end encryption, while authentication and data integrity is provided through digital certificates, digital signatures and hashing. The process of setting up a secure connection through SSL relies on public key encryption to authenticate the merchant server and to set up a private session key shared between the client and merchant web server. After setting up a secure 31

33 connection, symmetric encryption can be used for secure communications; this is preferable as it is more efficient than asymmetric encryption [Ghosh, 1998]. Below is listed the algorithm involved in initialising, communicating in and ending a SSL session between a client and a server based on Gosh [1998]. 1. Client Hello: Contains a suite of secure protocols that the client browser supports and a random challenge string generated by the browser. The challenge string is unique to the session and will be used at the end of the initialisation process to make sure the secure channel has been established. The suite of secure protocols consists of key exchange algorithms for agreeing to a private session key, private key encryption protocols for transaction confidentiality, and hashing algorithms for data integrity. 2. Server Hello : Contains the servers X.509 i standard certificate, an acknowledgement that the server can support the protocols requested by the client and a random connection identifier used, as with the random challenge string, at the close to determine if the protocol has been set up. 3. The server s certificate will then be authenticated by the client s web browser. The client will then generate a master secret to be shared between the client and server. This master secret serves as a seed to generate a number of keys used for both symmetric encryption and data integrity. This master secret is encrypted with the server s public key and sent to the server. After this public key encryption is no longer necessary for this session and private key algorithms such as RC2 (40 Bit encryption) and RC4 (128 Bit encryption) can be used to secure subsequent messages. From the master secret both server and client will generate 2 identical symmetric key pairs. One key pair is used to encrypt outgoing messages from the client and i X.509 is a standard for PKI that specifies standard formats for digital certificates. 32

34 decrypt incoming messages to the server. In other words the clients outgoing write key is the same as the servers incoming read key. 4. Client finish: Client encrypts the server s random connection ID with client write key. The server will know the connection is set up if this decrypts to the same as the original connection ID 5. Server Finish: Server encrypts the clients challenge string with the servers write key. The client then decrypts this with the clients read key and compared it to the original challenge string. Now both client and server know the connection has been set up Secure Payments and SET There exist many payment schemes that use a variety of payment protocols and implementations to provide secure payment services. Ghosh [1998] indicates that the key difference between secure payment protocols and secure web sessions is that secure payment protocols provide a method for guaranteeing that merchants receive payments while keeping payment details such as credit card number confidential. Secure web sessions however leave payment details up to the merchant. An advantage of secure payment protocols is that credit card details are not available to the merchant and are therefore safeguarded from a potential unsafe merchant. Examples of secure payments protocols include the ipk protocols by IBM and Secure Electronic Transaction (SET). SET is a technical standard for secure payments over the Internet that focuses on credit cards and was developed by MasterCard and Visa. According to Ghosh [1998] SET does not specify actual implementation and therefore does not specify the ordering process, the payment method selection and the platform or security procedures needed to secure the SET client and host machines. 33

35 SET does however specify the following requirements: Confidentiality: SET is only concerned with the confidentiality of payment information such as credit card numbers and is not concerned with order information. The securing of payment details is achieved through encryption. If confidentiality of order details was needed SET could conceptually use the lower level SSL to create a secure channel thereby encrypting the entire web session [Ghosh, 1998]. Data integrity: Digital signatures are used to guard against data corruption or malicious tampering of data [Ahuja, 1997]. Client Authentication: Ahuja [1997] indicates that the client must be authenticated to be a legitimate user of a valid bank-card account number. This can be achieved by a digital certificate issued to the client by the credit card issuer or by digital envelopes which contain the client digital signature [Ghosh, 1998]. Merchant Authentication: The client must have a method of verifying that the merchant has a relationship with a banking institution that permit the merchant to accept bank-card payments [Ahuja, 1997]. This is achieved through merchant digital certificates. The following is an example of the steps involved in a typical SET transaction based on Ghosh [1998]: 1. Consumer sends request for transaction to merchant. 2. Merchant acknowledges request. The consumer and merchant exchange their digital signatures in these first 2 steps. 3. Consumer digitally signs a message digest of the order and encrypts the credit card number. The digital signature can be used by the merchant to provide authentication, non-repudiation and data integrity. The card number is 34

36 encrypted with the merchant s bank s public key in order to hide the number from the merchant. 4. The merchant sends the purchase amount to be approved and the credit card number to the merchant bank. The merchant s bank then uses traditional backend structures to check credit. 5. The approval or denial is sent back to the merchant. 6. The merchant confirms the purchase with the consumer stating that the request has been approved or denied. 7. The consumer can then request the status of the order i.e.: if the merchant has received payment from the bank the merchant can start delivering the product. 8. The merchant can respond to the status enquiry the merchant only wants to release the product once payment has been received and can report back on the status of the order. If the order is processed in batch cycles instead of real time the order payment may take longer to receive and therefore the order longer to deliver. 9. The merchant requests payment from the bank (in real time or batch cycles). 10. The bank will send confirmation of the transfer from the consumers credit card account to the merchant. It can be seen that in the SET transaction payment of the merchant is included in the transaction. This differs from the SSL transaction which is only concerned with securing the channel and does not consider payments Pseudo Card Numbers Pseudo credit card numbers are card numbers that are non permanent and can be used once only. Users are able to use a one time credit card number for each purchase 35

37 made online and therefore do not have to submit their real credit card numbers online. According to Clark [2001] the purchases made by the pseudo credit card numbers are recorded against the user s real credit card number and once a purchase has been made with the number it expires and any attempts to use that number are rejected. Clark [2001] identifies pseudo credit card numbers as the easiest fraud reduction system to implement. Benefits offered to the consumer include increased fraud prevention through client authentication techniques for example: entering a password before receiving a pseudo card number. Benefits to the merchant identified by Clark [2001] include the fact that the entire process is transparent to the merchant, meaning that the merchant need not alter his existing systems to support the pseudo card numbers. Another benefit addresses the insecure merchant problem. Because the pseudo card numbers expire after the transaction, if a merchant stores these credit card number and a hacker gains access to them they will be of no use. Another advantage is that this approach seems to be gaining acceptance with card issuers. Clark [2001] identifies American Express and MasterCard as card issuers that seem to have implemented this type of systems to a degree. The following is a typical process involved when making payment with a pseudo card number based on those identified by Clark [2001]. Figure 3 shows a visual representation of the interaction of the steps mentioned below between the cardholder, merchant, acquirer and issuer. 1. Cardholder authenticates himself with the digital wallet. 2. Cardholder request a pseudo card number through a digital wallet. 3. The wallet server issues a pseudo number to the cardholder. 4. Customer purchases an item using the pseudo number. 5. Merchant sends payment request to acquirer through an internet payment gateway. 6. The acquirer sends a payment authorisation message to the issuer via and inter bank network. 36

38 7. The issuer replaces the pseudo card number with the real credit card number. 8. The transaction is authorised. 9. The issuer sends the response to the acquiring bank containing the pseudo card number not the real number. 10. The acquirer sends a response to the merchant. 11. The Merchant sends a transaction response to the consumer. 37

39 Internet Issuer 2. Cardholder request pseudocard number 3. Cardholder receives pseudocard number Wallet Sever 7. Pseudocard number is replaced with real number 8. Real card number is replaced with pseudocard number Inter bank network Consumer Wallet 1. Cardholder authenticates himself with the digital wallet. 6. Acquirer sends request to issuer via inter bank network 9. Issuer sends response to acquirer via inter bank network 4. Cardholder makes a purchase Acquirer Payment Gateway Internet 11. Merchant sends transaction confirmation to customer Merchant Acquirer Plugin 5. Merchant sends transaction request to acquirer 10. Acquirer sends transaction response to merchant Internet Figure 3: Steps involved in the pseudocard transaction based on those identified by Clark [2001] 38

40 5.3 Conclusion A number of methods for securing the e-commerce transaction have been described and identified. Because of factors such as simplicity, interoperability and popularity of the original payment mode, SSL has emerged as the dominant protocol in the e- commerce market despite its security flaws [Sahut and Galuszewska, 2004]. In order to further assess the reason that SSL has kept its popularity over other solutions, a critical analysis of the different mechanisms will now be conducted. 39

41 Chapter 6 Critical Analysis of the E-Commerce transaction security mechanisms In order to critically analyze the mechanisms used to secure e-commerce a table of the advantages and disadvantages has been generated. These advantages and disadvantages are then discussed in more detail. Table 1: Comparison of the advantages and disadvantages of mechanisms used to secure the e-commerce transaction Mechanisms Advantages Disadvantages Security Provided User ID and Passwords 1. Familiar 2. Quick 3. User friendly. Weaknesses caused by : 1. External disclosure 2. Guessing 3. Eavesdropping 4. Replay attacks 5. Host compromise. 1. Authentication Tokens 1. Can provide 1. Inconvenience. 1. Authentication multifactor 2. Cost. authentication. 2. Can be used to increase security by generating one time passwords. 3. Can prevent unauthorised access (stealing) of 40

42 authentication mechanisms (passwords or keys). Biometrics 1. High level of 1. Inconvenience and 1. Authentication security. invasiveness. 2. High cost. PKI 1. Difficult to 1. Complexity to 1. compromise. implement and Confidentiality* 2. Doesn t rely on manage. 2. Data integrity shared secrets. 2. Higher cost than 3. Non- 3. Wide spread passwords. repudiation general use. 3. Slower more 4. Authentication processing time * Only provided needed. over through the secure channel SSL 1. Difficult to 1. Does not handle 1. compromise. payments. Confidentiality* 2. Doesn t rely on 2. Does not provide 2. Authentication shared secrets. non-repudiation and 3. Data integrity 3. Widely adopted client authentication. * Only provided in e-commerce. 3. The insecure over through the merchant / secure channel illegitimate merchant problem. 4. Slower more processing time needed. 5. Higher costs than passwords. Payment 1. Difficult to 1. Resistance to 1.Confidentiality Protocols (SET in compromise. adoption. 2. Data integrity particular) 2. Doesn t rely on 2. Slow speed of 3. Non- 41

43 shared secrets. system. repudiation 3. Guarantee 3. High cost to 4. Authentication merchants receive implement. payment. 4. Lack of portability. 4. Prevent the 5. Difficulty in insecure merchant/ managing illegitimate client certificates. problem. Pseudo Credit 1. Ease of 1. Relatively new and 1.Confidentiality Card Numbers implementation not yet widely 2. Data integrity 2. No insecure adopted. 3. Non- merchant problem. 2. The illegitimate repudiation 3. High security merchant problem 4. Authentication against fraud still exists. prevention. 3. Merchant has to 4. Increasing stop accepting real acceptance with credit card numbers. card issuers. 6.1 User IDs and passwords, tokens and biometrics The use of user IDs in combination with passwords as an authentication technique relies on the fact that the password is kept secret. Although this technique is very familiar to most computer users, doesn t take much time to process and is user friendly, the use of a secret has inherent weaknesses. These weaknesses unfortunately make one of the most widely adopted authentication techniques one of the least secure methods of authentication available. Ford [1998] and Verisign [2004] both identify five major threats to password use in e-commerce: External disclosure Guessing Eavesdropping Replay attacks 42

44 Host compromise. External disclosure is caused by writing the password somewhere easy to access causing it to be learned by an attacker, and guessing results from using password that are easy to remember and therefore have an obvious connection to the user. Eavesdropping results from intercepting passwords during electronic transactions, while replay attacks involve an attacker intercepting an encrypted password and reusing it at a later stage. Host compromise involves the attacker actually gaining access to the system that stores the password. 6.2 Tokens Tokens can provide a higher level of authentication and negate some of the threats to authentication mechanisms such as password use by combining with these authentication techniques to proved multifactor authentication. For example a user having to enter a password as well as having to be in possession of a valid token in order to authenticate themselves, is far more secure than the singular use of a password. Tokens such as First National Bank s Digitags provide a token that doesn t interact directly with the computer. This system requires a user to enter a standard password in order to access a one time password that is automatically generated by the Digitag. The one time password can then be used once for banking authentication. The system thus increases security not only by implementing multiple authentications (one local authentication on the token itself and another authentication for the banking system), but by generating a unique one time password that helps prevent problems such as external disclosure guessing, eavesdropping, replay attacks and host compromise. Tokens are often used to store authentication mechanisms such as private keys. In this way these mechanisms become more secure as they prevent unauthorised parties accessing the user s computer and copying the keys for their own use. 43

45 The use of tokens such as smartcard for authentication can also help prevent the transmission of shared secrets through local authentication. For example the smartcard would be inserted into a specialized device attached to the computer and would authenticate the e-commerce user locally, preventing the user from having to send a password or key over the Internet for central authentication. Tokens however do have their disadvantages. The price of a physical token is obviously more expensive than the use of a non physical authentication technique such as a password, and this price needs to either be paid by the user or the merchant. The high price and current limited distribution of specialised devices used to read some tokens, such as smartcard readers, is even more of a disadvantage. The inconvenience of having to be in possession of a physical token which may readily be lost also needs to be considered when thinking of authentication techniques for e- commerce. 6.3 Biometrics Biometric techniques are highly secure authentication mechanisms based on something the user is. This makes them almost impossible to fake. Unfortunately some of these techniques are not always 100% accurate and this, in combination with the high price of the equipment needed and the invasiveness of some of the techniques, means that currently biometrics is not a viable solution to e-commerce. 6.4 Public Key Infrastructure (PKI), Digital Certificates and Digital signatures PKI could be a reasonably secure method of providing confidentiality, data integrity, non-repudiation, and authentication to e-commerce making it difficult to compromise. It doesn t rely on shared secrets and therefore prevents some weaknesses associated with the sharing of secrets. PKI has wide general use for example in securing , but has only really been adopted in the form of SSL in the e-commerce sector. One reason that it has not been adopted is because of the complexity of the management of digital certificates and keys for client authentication. If a merchant has 5000 clients for example, the merchant would have to store 5000 client public keys and would 44

46 have to add a new key each time a new client wished to make a purchase. This method is a little less efficient in speed and has a slightly higher cost to implement than password for example, but is mainly used as part of SSL to provide secure e- commerce. 6.5 The Secure Socket Layer (SSL) SSL is a mechanism that uses PKI to secure the channel between the merchant and client. It is therefore also a difficult mechanism to compromise that doesn t use shared secrets and that provides confidentiality, data integrity, and authentication but not non-repudiation. An advantage of this technique is that it is widely adopted for use in e-commerce Problems with SSL SSL only usually enforces server authentication through digital certificates and therefore client authentication is usually performed by username and password over SSL. According to Radha [2004] the protocol does not provide any non-repudiation and once the communicated information is transferred to the server it may become insecure as SSL only protects the channel communication. A server could therefore for example deny that they received a clients order and use his credit card details for unauthorised transactions. These weaknesses and SSL s inability to handle transferring of payments may make it less secure for e-commerce than payment protocols such as SET for example The insecure merchant and Illegitimate merchant problem SSL only secures the channel between the merchant and client, therefore when the client s payment details reach the merchant side these details are no longer encrypted and are readable by anyone that has access to that system. This introduces two problems, the insecure merchant and the illegitimate merchant. The insecure merchant 45

47 problem involves a legitimate merchant receiving a client s payment details but then failing to secure them from outsiders, because of an insecure system on which these details are stored. Figure 4, shows the inability of the hacker to access the client s details while in transit between the client and the merchant. Once these details reach the merchant server however, the details are stored unencrypted on an insecure system. The insecurity of the merchants systems allows a hacker to access the client s payment details, which could then be fraudulently used. The use of a payment protocol could prevent these problems as a payment protocol automatically takes care of payment thus not allowing merchants direct access to the client s payment details. This is achieved by keeping the details in an encrypted state until the details reach the banks systems, which are legitimate and presumed to be secure. Figure 4: The insecure merchant problem The illegitimate merchant problem involves a merchant with fraudulent intent pretending to offer legitimate services. Again, because SSL only encrypts the client s payment details while in the channel between the client and the merchant, the merchant will have direct access to the client s payment details when these details reach the merchant server (Figure 5). The merchant thus has only to convince the 46

48 client that he/she is offering a legitimate service in order to gain direct access to the client s payment details. Figure 5: The illegitimate merchant problem The use of a payment protocol could prevent these problems as a payment protocol automatically takes care of payment through the bank, thus not allowing merchants direct access to the client s payment details (figure 6). This is achieved by keeping the details in an encrypted state until the details reach the banks systems which are legitimate and presumed to be secure. 47

49 Figure 6: The use of payments protocols in order to prevent the illegitimate merchant and insecure merchant problems 6.6 Secure Payments and SET Advantages of SET As had been discussed above the main advantage of using a payments protocol over using a mechanism that only provides a secure channel is that it prevents the illegitimate merchant/ insecure merchant problem. SET and payments protocols are usually high security mechanisms that don t use shared secrets for merchant authentication and are therefore difficult to compromise. Another advantage of payments protocols is that they ensure that the merchant automatically receives payment after the transaction has occurred; this means that merchants don t have to manage the complex interaction between issuers and banks. SET had an advantage as it was backed by two powerful credit card issuers in VISA and MasterCard and despite this and other advantages mentioned above was still not generally adopted. Some of the disadvantages of SET and payments protocols that caused the lack of adoption are now discussed. 48