Although Willie Sutton denied having said it, we’ve all heard the quote attributed to him about why he robbed banks: “Because that’s where the money is.” Nowadays, money can be found in lots of places other than banks, including the burgeoning e-commerce market. With online shopping estimated to exceed $1.5 -$2 trillion once the year’s receipts are tallied , the e - commerce sector is an attractive target for cyberthieves .
There’s more than money to be had by breaching e-commerce sites, of course. These sites often store payment card numbers and other sensitive customer data. Information of that type can be sold as another route to getting money, or used for other criminal purposes , including identity theft .
Complicating the challenges of securing e-commerce sites is their proliferation combined with the variety of ways in which they’re used. Even if the sites themselves have strong security protections, the devices accessing them and the networks carrying e-commerce often don’t . For example, i ndividual stores have created their own apps , which can be easily compromised if they’re not securely designed.
Most notable from a security perspective, however, is the increased use of mobile devices for online shopping. During 2016, 60 percent of transactions confirmed as fraudulent originated from a mobile device, according to security firm RSA.
With mobile transactions expected to outpace Web transactions for the first time during 2017, RSA also expects to see fraud to grow rapidly. The fact that many users access e-commerce sites over free and unsecured Wi-Fi networks introduces another point of vulnerability in these online transactions.
Helping to counter the increasing mobility risk will be a combination of biometric authentication technologies on mobile devices, along with risk-based transaction monitoring solutions. For better protection against rogue Wi-Fi networks, customers can also turn to solutions such as those offered by third party vendors .
Beyond mobility -specific security controls, the portfolio of security technologies continues to grow larger and become more sophisticated. Among the most important tools now available to e-commerce site operators are security information and event management (SIEM) systems and advanced threat and incident management (ATIM) systems and services.
Given the volume of traffic and tra