Specials

Guest Column: As digital spreads wings, bolstering security is paramount

http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/smartcrop_800x800/public/images/tv-images/2017/01/11/inside%20image%203.jpg?itok=N3Ft4St3

The dream of moving towards a cashless society has never been closer than it is today in India. With the recent decision of demonetization, the public is being actively urged to move online for their transactions, big or small. Aiding the public in this move has been a slew of ads, demos, tutorials and YouTube videos galore, followed by a huge migration to online shopping, boosting the digital economy of the nation. However, as a landscape changes, so does how we navigate it. And, as the market rises to meet this new demand, new and relevant questions arise --- questions about the security parameters and overall security strength of e-commerce platforms.

Immediately after the demonetization announcement that caught the entire nation off-guard, there was a noticeable drop in sales on e-commerce portals. But now things are stabilizing and the stats are looking up. In the wake of demonetization, India’s mobile wallet industry is expected to soar from US$ 22.41 million in 2015-2016 to US$ 4.37 billion in 2022. This means a huge jump in the value of mobile wallet transactions from US$ 3 billion to US$ 800.35 billion during the same period, according to a July forecast by Assocham-RNCOS titled Indian M-wallet Market: Forecast 2022.  Every second, three more Indians experience the internet for the first time and by 2030, more than 1 billion of them will be online.

Besides making this the most exciting time to be a part of the ecommerce sector, these advances are also expected to make businesses efficient in the long run. Digital payments are now seen as the future and are believed to be a way of life soon. However, with this clickable economy and with commerce involved, there is also a valid risk of cybercrimes.

Security in OTT e-subscriptions

In fact, let’s first look at the OTT platforms like Amazon Prime, Netflix, Hotstar and others, which are witnessing an increased demand for paid content. What it means is an increased set of security features to manage subscriptions and paid-content access.

The three key areas of security for OTT content are authentication, geo-blocking and control of account sharing. Netflix as a provider uses message security layer instead of using HTTPS protocol. Being tied to SSL and TLS, HTTPS suffers from fundamental security issues unknown at the time of their design. Examples include padding attacks and the use of MAC-then-Encrypt, which is less secure than Encrypt-then-MAC.

MSL is a modern cryptographic protocol that takes into account the latest cryptography technologies and knowledge. It supports the following basic security properties:

-Integrity protection: Messages in transit are protected from tampering.

-Encryption: Message data is protected from inspection.

-Authentication:  Messages can be trusted to come from a specific device and user.

-Non-replayable: Messages containing non-idempotent data can be non-replayable.

MSL has pluggable authentication and may leverage any number of device- and user-authentication types for the initial message. The initial message will provide authentication, integrity protection, and encryption if the device authentication type supports it. Future messages will make use of session keys established as a result of the initial communication.

With MSL Netflix has eliminated many of the problems they faced with HTTPS and platform integration. Its flexible and extensible design means it will be able to adapt as Netflix expands and as the cryptographic landscape changes.

Securing trust in e-commerce 

This demonetization era calls for the strengthening of cyber security mechanisms. Anyone with an email address and a social media account is at threat and can be a target. The most common kinds of cyber-crimes associated with e-commerce are to do with data privacy and protection, and include bogus deals and purchases, trademark and copyright infringement, payment frauds, disputes in B2B and B2C transactions, FEMA violations, issues of web content ownership, contract violation, hacking, phishing, cyber stalking and cyber-squatting.

Nearly 45 per cent of transactions are done via mobile, giving scope for several cons. According to a joint study by Assocham and PwC released in August 2016, cyber-crimes in India have surged around 350 per cent between 2011 and 2014.

India has germinated into a fertile ground for e-commerce, but consumers are exposed to security threats too. Fraud in the e-commerce sector leads not only to financial loss, but also a loss of reputation and simultaneously, a severe loss in business. Once a loyal customer, the individual switches to a competitor for his needs in case of breach of trust. Consumer trust in such a complex and interactive environment has become the need of the hour.

Addressing the risk of fraud

At HGS Interactive, our teams are proactive in addressing the risk of fraud that ecommerce companies can face by taking a hard look at their business models and vulnerability to fraud so that their customers can buy their products with confidence.

We understand that effective fraud risk management is a continuous process of reviewing and addressing the significant risks of fraud. Network security, confidentiality and authentication are three essential components of an e-commerce website. Several companies such as PayTM use 128-bit encryption technologies for storing information, which makes it tough to crack a password. Front-end payment card validation wherein MOD 10 checks, BIN checks, authorization responses, customer profile checks, security questions, login analysis, basic site rules such as number of orders placed through one account, value of orders or back-end manual order reviews must  be put into place.

Digital signatures and dynamic IP protection are exemplary methodologies and should be implemented on all ecommerce websites. A secure and reliable web hosting service is a prerequisite to guarantee optimum performance of an ecommerce website, all through the year.

HGS Interactive recently worked for Nakshatra, which is one of India’s most reputed diamond jewelery brands and is from the pioneer Gitanjali Group. We ensured we hosted their web app on a safe hosted service provider to whom we mandated extremely strong privacy and data security policies enforced actively. Whether it is for a top jewelery brand or numerous other clients across sectors, high-end and world class web and digital security is of paramount importance. Financial information is typically stored by payment gateways primarily for small and medium businesses, while larger platforms prefer to have their own security parameters and store the data themselves, as it provides more control and security over this extremely sensitive data.

Hosting providers like Amazon Web Services and DigitalOcean provide full access to their security profiles, but skill and expertise is required to manage and stay ahead of the curve and avoid being hacked. Credit data is stored in an encrypted format and never as pure text, so it is protected as long as the encryption is strong.

Encryption equals protection

I strongly believe that encryption of data equals protection. Encryption lets you scramble information using a mathematical formula, which is tough to break without a “key”. You can implement technologies like SSL (Secure Sockets Layer) and SHTML (Secure-HTML), with web forms to secure your ecommerce website. Encryption can also be incorporated in your email package through a technology known as S/MIME (Secure/Multipurpose Internet Mail Extensions). It is mandatory to have these in place during transactions to prevent vulnerable attacks from networks.

Firewalls are another essential aspect in stopping attackers before they can breach your network and gain access to your critical information. Major certifications reaffirm credibility, while a full-featured secure environment is expected to boast security measures like virtual private cloud, encrypted data storage, identity and access management, and Multi-Factor Authentication (MFA) to provide users with peace of mind.

To summarize, customers expect a safe experience when shopping on any ecommerce website. And as a responsible business, protecting their personal and financial information is not only the paramount responsibility of any business, but it is also considerably easier and far less costly than recovering from a breach. It is crucial to ensure the security of the existing infrastructure and upgrade present systems and oversee the smooth transition to the more advanced digitization of India.

Also Read

Irdeto joins Frog by Wyplay community to offer integrated security solutions

Jaitley, stakeholders discuss broadband speed & penetration, wi-fi, digitisation, open Net & cyber security

http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/large/public/sachin-karweer.jpg?itok=sSyD4McyThe author, Sachin Karweer, is Business Head, HGS Interactive, a Hinduja Group company that creates new paradigms for digital consumer experience. The views expressed here are personal and Indiantelevision.com need not necessarily subscribe to them

Latest Reads

http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/12/06/rajiv.jpg?itok=_XjLJGEq
Govt extends support to M&E sector in fighting digital piracy

NEW DELHI: The government of India yesterday stressed that it stood alongside the media and entertainment (M&E) industry in fighting digital piracy to safeguard loss of revenue and ease norms for doing business, while CII entertainment committee head and Viacom18 group CEO Sudhanshu Vats.

Specials Event Coverage Occasions
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/12/05/Media%20and%20Entertainment%20Industry.jpg?itok=MnCSdBVE
M&E industry to hit Rs8 trillion revenue by 2022: report

According to a report published by Boston Consulting Group (BCG) and Confederation of Indian Industry (CII), India’s media and entertainment (M&E) industry is expected to reach revenue of Rs7.5-8 trillion by 2022 from an estimated Rs4.5 trillion in 2017. Over the next five years, the industry...

Specials Event Coverage Occasions
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/12/01/atf_0.jpg?itok=tdmv_6Vr
ATF’s first Animation Pitch announces winners

MUMBAI: As the Asia TV Forum (ATF) draws to a close today. The event saw several activities such as an exciting round of on-stage pitches where producers from all over Asia presented their ideas, the winners of the inaugural Asia TV Forum & Market (ATF) Animation Pitch and the unveiling of the...

Specials Event Coverage ASIA TV FORUM
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/11/28/ATF800.jpg?itok=7d6mb_hu
Indian OTTs to be in focus on day 2 of ATF

MUMBAI: Singapore-based Reed Exhibitions’ Asia TV Forum (ATF) will commence today with 60 countries taking part. The first day will see sessions based on content, advertising and the evolution of storytelling and digital traditions and innovation Ninety thought leaders will deliver fresh insights...

Specials Event Coverage ASIA TV FORUM
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/11/25/Kriss_Barker.jpg?itok=vVWGtO0T
'It is criminal for TV not to think of social change' - PMC's Kriss Barker

For most programming executives and managements in TV companies today, television is all about running on a treadmill chasing ratings, viewership, and the concomitant revenues, followed by the next bonus and promotion. Every trick in the creative book and outside it is resorted to keep the...

Specials Event Coverage Occasions
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/11/23/atf.jpg?itok=Pv-14Qq8
ATF 2017 attracts Indian content studios, both big and small

MUMBAI: Singapore-based Reed Exhibitions’ Asia TV Forum (ATF) is round the corner and the buzz around the event only seems to be ramping up. This year, the forum will see around 60 countries from all over the globe. From 28 November to 1 December 2017, more than 90 thought leaders will deliver...

Specials Event Coverage ASIA TV FORUM
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/11/22/atf.jpg?itok=J8JpuLp1
Singapore's ATF 2017 promises more than ever

Reed Exhibitions’ Asia Television Forum (ATF) is back. And Asia’s leading content market cum conference which brings together Asia’s broadcasters, digital platforms, distributors, studios, content creators to strike deals amongst each other and other international buyers and sellers from ---...

Specials Event Coverage ASIA TV FORUM
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/11/13/MIPCOM800.jpg?itok=G89xfoU-
MIPCOM 2017 - Content Really is King!

Eye-opening, international, new content for multi-platform that fully embraced digital and VR were my key takeaways from MIPCOM 2017. The world may be going digital but content will always be king!

Specials Event Coverage Mipcom
http://www.indiantelevision.com/sites/drupal7.indiantelevision.co.in/files/styles/340x340/public/images/tv-images/2017/10/16/Chhota%20Bheem_0.jpg?itok=ehNRJugd
Chhota Bheem becomes Mighty with Netflix

CANNES: The studio behind the popular animated show Chhota Bheem, Green Gold Animation has been commissioned by Netflix to make an exclusive 13-episode series on its trademark show. Paradoxically titled Mighty Little Bheem, the series is set to be released in August 2018. Each episode of Mighty...

Specials Event Coverage Mipcom

Latest News

Load More

Sign up for our Newsletter

subscribe for latest stories