Welcome to Our Website!
You are a UK e commerce website, how safe are sending your personal information when? Not as safe as you think that maybe, safe, a security consulting firm that "specializes in ethical hacking exam. E-Commerce community to British after testing 100 UK websites for clients in the way of information processing alleged deficiencies is fundamental.
Ethical hacking is normally done with the consent of the target: paid security experts look for holes in the system. In this case, the test and were not approved, so beware Computer Misuse Act was safe (CMA) Test against. Instead, his team signed up for one site client accounts, and then went through the standard process, all customers conclusions about how sites handle customer data is reached.
For example, almost all places of E by the client user name, then they ask who use mail address as a password if forgotten with the client. 60 from people who clearly forgot password requests that have been tested% response or no e-mail address in the database.
"This is a fatal mistake, secure, test manager, says Ken Munro argued that the attackers received a special e-mail address an e commerce site can check recorded. An attacker to list the address To check for targeted attacks can start. "If I wanted to give a cross attack through e-mail account information for the script to steal your client's site, I now know my clients email addresses is, "he says.
Some banks have started following this approach (which generally combines something you know, some you like a needle, as a smart card). , If any, that some e-commerce sites: hardware token for each user to give away most of them out of business at the cost of sets. One important question will be disputes over these basic security issues: How E-commerce companies can line between usability and security lifts running?