Loading...

Investigating E-Commerce Security, Cyber Crime Detection and Prevention with Digital Forensics. The Case of Ebay and Amazon

Master's Thesis 2014 60 Pages

Computer Science - General

Excerpt

Contents

Abstract

LIST OF TABLES

LIST OF FIGURES

Chapter 1.0 Introduction
1.1 Background of the Study
1.2 Research Background
1.3 Organisational Background
1.3.1 Amazon
1.3.2 Ebay
1.4 Rational for chosen Topic
1.5 Research Questions
1.6 Research Objectives
1.7 Significance of study
1.8 Structure of the dissertation

CHAPTER 2.0 LITERATURE REVIEW
2.1 Introduction
2.2 E-Business and E-Risk
2.3 E-commerce and using The Internet
2.4 What Constitute Cybercrime
2.5 Types and Costs of Cyber crime
2.6 Cases on Cyber crime
2.7 Cyber attack and Company Performance
2.8 Curbing Cybercrime and Digital Forensic
2.9 Supplementary Threats to Computer Security
2.10 Ensuring Ethics in Digital Forensic Investigation

CHAPTER 3.0 Research Methodology
3.1 Philosophy of Research
3.1.1 Positivism
3.1.2 Interpretivist
3.1.3 Rational for chosen Approach
3.2 Research Design
3.2.1 Explorative Research
3.2.2 Descriptive research
3.2.3 Hypothesis Testing
3.3 Research Approaches
3.4 Research Methods
3.4.1 Primary methods of collecting Data
3.4.2 Interview:
3.4.3 Observation
3.4.4 Questionnaire
3.5 Sampling Method Chosen
3.6 Data Collection with Questionnaire
3.7 Mean
3.8 Limitation of Study
3.9 Data Analysis
3.10 Ethical Issues

CHAPTER 4.0 Findings and Data Analysis

CHAPTER 5.0 Conclusion
5.1 Growing Security Threat
5.2 Recommendations
5.2.1 User security policy
5.2.2 Internet port Security

References
APPENDIX 1 (Questionnaire)
APPENDIX 2 Types of Cyber Crime
APPENDIX 3 Websites promoting Security for E-commerce companies

LIST OF TABLES

Table 4. 1. Age distribution of respondents

Table 4.2 .Gender distribution of respondents

Table 4.3. Educational background of respondents

Table 4.4 Employment Status of respondents

Table 4.5 how respondents paid for items online

Table 4.6 How respondents rate their knowledge in computing

Table 4.7 Banks giving customers education, guidance and counselling on online transaction

Table 4.8 E-commerce sites frequently visited by respondents

LIST OF FIGURES

Figure 4.1 the E-commerce sites respondents have confidence in

Figure 4.2 Responses on respondents encounter of any form of fraud, delays in online transaction

Figure 4.3 Respondents visiting the wrong sites unknowingly

Figure 4.4 how respondent’s online transaction challenges were addressed

Figure 4.5 what respondents will do differently when visiting a new site for transaction?

Figure 4.6 How often respondents visit e-commerce sites to transact business

ACRONYMS AND MEANING

illustration not visible in this excerpt

ACKNOWLEDGEMENTS

I would give Praise and thanks to the Almighty God for the enablement and provisions He gave me throughout this programme, and the God is Able Ministry International (UK) for their support. Rajendra Kumar thanks you for been my supervisor, your periodic input has made this works a success thank you and all the entire Lecturers of the LSC/SBL. You did a good work.

Finally want to say a big thank you to my immediate family for their support and sacrifices in every way, my wife Joan K. Fianyi and my two lovely kids Jason and Josie.

Abstract

The growth of the e-commerce industry has facilitated the progress and relative growth of many businesses, it has cut down cost associated with big offices and the like, it has also brought convenience to both customers and business owners, thus a customer can buy verity of products at the comfort of His/her home by a click of the button or even the use of the mobile phone. Nevertheless amidst these benefits of e-commerce, it is faced with serious security problems, which put the safety of the consumers on an edge and the reputation of the firms under scrutiny. The advent of cyber crime which seeks to perpetrate all form of crime on online related transaction, such as hacking into systems illegally and stealing individual customer financial particulars, their confidential information and identity theft has become rampant. There is therefore the need to whip- up competent computer skills such as the use of digital forensics to combat these security problems that confront e-commerce.

Digital forensics takes into consideration investigation and recovery of evidence and facts in related computer or technological crime. This is where extra computer skills, tools and knowhow are employed to find perpetrators of cyber crime or stop them from advancing their crime over the Network .A quantitative research approach was used in the investigation and the findings showed that the more people traded online or engaged in all forms of transactions online the higher the risk of being victims of cyber crime one way or the other. Since e-commerce and its related industry is a modern trend and cannot be done without robust digital forensics tools and research should be enhanced to curb the advancement of this crime.

Keywords: E-commerce Security, Cyber Crime detection and prevention, Digital Forensics, Amazon, EBay, Network Security, Online Transactions, Identity theft, hacking

Chapter 1.0 Introduction

E-commerce as have progressively become an essential and indispensable constituent of business strategy and operations, as a result of the growth of technology globally, thus the main medium for trade and industry development in any given country and the world at large (Grandon, 2004). Due to this rapid growth in the e-commerce industry, many computer programmers and Information Security experts have directed their abilities to the development of applications that enhances com put e r as si s t ed trans actions vi a the internet. Smith (2009) indicated that the incorporation of Information Communications and Technologies in business transactions and its operations has enabled many businesses experience massive revolution over the period .It has also facilitated a strong correlation between firms and their corresponding customers and clients. Particularly, the use of ICT in business has enhanced productivity, promoted customer involvement, also made faster and possible patronage of goods and services in larger quantities, as well as reducing charges and its associated benefits.

E-commerce is defined as the performance of a business activity over the internet (online) for all kind of goods and services (Badger, 2013).Unlike the traditional way of doing business where there is physical contact between the buyer and the seller, its operations are carried out electronically over the internet. The individuals involved in the transactions do so via technology mediated platform. The buyer in this case the customer also makes payment either directly to the sellers account or through a third party, the customer is made to declare his/her confidential bank details to enable the other party get the money and then send whatever has been bought through a delivery service. There is virtually no physical encounter between the parties (Papadopoulou, 2006).

Although the e-commerce Industry seems to be booming, there is a massive corresponding security challenges that confronts it. The upsurge of cyber crime by unknown assailant who will usually take the advantage the world of internet offers thus anonymity and privacy. As such one can do anything on the internet with the notion that one cannot be seen. Most crimes are perpetrated with this belief system. There are various crimes that are committed via the internet and its related technologies from denial of services, identity theft, Privacy violation and intrusion as well as industrial and financial espionage, these study expatiates of these crimes further in the following chapters. Perpetrators of these crimes do it for various reasons with the underlining fact of illegally making money for themselves among other reason (Sidel, 2005).

The evolution of Digital forensics which primarily focused on extraction of data and analysing crimes scenes and equipment after they have been committed and present them in court as an evidence, has now seen improvement in its tools and related software's and applications.. Thus modern techniques of Digital forensics , which can easily track a premeditated crime over the network by employing network security phenomenon to impede these possible crimes from occurring can greatly be explored to help control the upsurge of e-commerce crime in recent times (Riem, 2001).

1.1 Background of the Study

While most normal firms have established procedures for solving the common problems that comes with doing business, many online merchants and their customers do not possess the experience and technical know-how and usually not sure how to best find solutions to the critical and technical issues involved (Abels, 2005 ). For this reason, there is the need for pragmatic steps to establish policies and technical know-how to combat this risk associated with online business and e- commerce at large, this will ensure that firms w o r k with their customers to resolve issues and concerns associated with online trade (Beynon,2004). Ultimately this can lead to significant minimization of one’s business risks. A given firm can also possibly have the chance of been vindicated should a complaint be filed against it by a buyer.

This dissertation discusses how to take measures to prevent and manage cyber attack and h o w customers can reduce exposure to fraudulent transactions, thereby minimizing fraud-related business losses (Aiken, 2006); by employing advanced modern ICT tool such as digital computer Forensics to curb the crime and uncover perpetrators. A common area that enhances transparency in online b u s i n e s s includes:

- Setting up Clear Policies
- Resolving disagreements
- systems to protect customers debit or credit card and /or any other medium used in making payment online
- How to use digital Forensics to detect and prevent cyber fraud
- Examining the Pay flow fraud prevention services

1.2 Research Background

E-commerce risk and security is somehow known to the prospective customers, as mentioned by Larose and Rifon (2007), The Internet though presents many opportunities to companies and individuals, it also at the same time provide as many security risks and the later most often would outnumber the opportunities online business gives in terms of the gravity of damage on the customer and the business owner (Moore, 2006). Hackers, viruses, malware, and the like-are major Security issues that confronts and frightens individual customers and companies at any level of Internet related business or E-commerce. These problems are often resolved by the use of Hardware's and software’s that are needed by these firms to guard against hackers and infectious viruses from their intranet systems (Moore, 2006). Security goes beyond Hardware and software systems; t h e y onl y represent o n e l a ye r of securit y. Digital forensics tools and its related policies that require users and network administrators to take precautions would have to be implemented and this will facilitate a solid security measures that may not be compromised.

Systems S e c u r i t y threats h a v e progressively increased from b o t h o u t s i d e a n d inside corporate boundaries. Internal security threat used to be the challenge of most corporate firms and these threats characteristically y included employees within a company getting hold of company systems through loopholes in security and also having access to employee passwords. There have been marginal changes from internal security threat to external threats due to t h e growth o f t h e Internet and corporate extranets. Intruders from outside corporate boundaries now represent a growing concern (O'Brien, et al 2011).

1.3 Organisational Background

E-commerce is becoming a strong industry for trade irrespective of what one deals in; the industry is becoming extremely successful because of the rate at which technology is on the ascendancy globally. The growth of Technology is the growth of E-business. Many firms which would have folded up under the normal brick and mortar system of doing business, now thriving firms that are making good sales and eventually profit: E-commerce industry cannot be over emphasised many individuals and companies have benefited from it (Oates, 2001b).

The Web’s influence on the global economy is truly amazing. The business world knows that the Web is one of the best ways for business such as manufacturers to sell their products directly to the public, retailers to expand their stores into unlimited geographical locations, and for entrepreneurs to establish a new business cheaply (Jordan, et al, 2004).

These things make it expedient for any manager in this globally digital economy to know:

- Where technology stands in the business processes he or she is running
- How company’s strategies are largely influenced by technology
- The dynamic nature of technology in these times
- How the organisation and its corresponding partners can be abreast with the rapidly changing technology.

1.3.1 Amazon

Amazon.com is a company originally from USA. One of the biggest companies, among others to sell over the internet .On July 16the 1994 Jeff Bozos founded Amazon.com, and later was launched in 1995, the company traded first in bookstore over the internet. When it observed that patronage was good, quickly diversified by adding other things that were observed could sell quickly, VHS, DVDs, CD, video games, MP3s, Home Appliances, clothes, fixtures, as well as food items. Amazon.com is now over 15 years old and can boast of being among others the largest online retailers globally; it deals in almost anything a person would need in the day to day activities of life (Boston Globe 2012). Irrespective of the economic challenges, e-commerce activities in the U.S.A as at 2010 saw growth up to about 12%, as reported by Forrester Research. Other finding by Forrester also shows that two-thirds of people living the U.S. and the U.K have transacted a business over the internet in the last year. The online industry is growing rapidly and so are its corresponding challenges (Forrester, 2011).

1.3.2 Ebay

EBay in 1995 was started by Pierre Omidyar, as an auction web. EBay has since remained a company known for auctions of ranges of goods and services over the web. Sellers of products exhibits their items on the internet and potential buyers bid for them within a given period of time and the highest bidder is declared a winner still on the internet without any physical encounter with the supposed seller(Owen, 2009). Payment is done over the internet by the winner of the bid thus the supposed buyer eBay gives constant notification during the bidding especially when one is out bided this they do for one to keep increasing written amount for which one would want to buy a product been auctioned. The items that this company auctions are arranged in categories and one can browse to select a choice of. Ebay now due to the changing trend in technology and the e-commerce industry does not only auction but also sell various items on their web, though still hold on to their trade mark as the biggest auctioneers (Mullen, 2009).

EBay is one of the e-commerce firms that use the services of third party Company to receive payment and this is the PayPal Company. This used to be a company owned by some other People but over the year’s eBay have managed to acquire this company. Though now belongs to the eBay company, its operate as a separate entity which many online shoppers don’t know, it is still seen as a third party payment receiver for eBay. Engaging in bidding in an auction on eBay is free and has remained as such since it started operation (Hunckler, 2013).

1.4 Rational for chosen Topic

E-commerce operators or businesses will usually take the responsibility of building and designing their own website, others will choose to subcontract part or all of its responsibilities. If the firm is not financially constrain it will usually make professionals take up the design processes of the web page (Kotabe . 2008).In most cases e-commerce businesses who do not have enough funds to outsource the building of its website would have to do so themselves. This supposes that it will take up the task of discovering e-commerce software package to meet their budget and requirements. The type of software a company uses can determine the success or failure of the system (Ranjay G., 2000, Perez, 2005).

Whether a business owner is a novice or an expert, starting a new business or giving brick- and- mortar business a web presence, the right e-commerce software package should be used without compromise. Regardless of the products that will be listed the expediency and the security of both the customer and the business itself should not be taken for granted (Tong, 2013).Over the years many household individuals and companies have lost huge sums of money whiles transacting business online, this has been necessitated by the influx of hackers and cyber crime which has become rampant year after year. E- commerce companies should be up to the task by employing appropriate systems or software's to combat these computer mediated crimes to ensure the safety of the users and customers and the emerging e-commerce industry as a whole, a typical Technology component that can assist these e-commerce firms is Computer forensics (Traynor, 2005).

When forensics is mentioned it usually brings to mind television and movie dramas, focuses around murder scenes or surgical procedures conducted by a specialist. Nevertheless, a growing concern of technology demands retrieving information from a computer system. In recent times a computer forensic examiner may work visa vie law enforcement institutions, retrieving h i d d e n or deleted information from a home computer system and office computer is common now (Swartz, 2005); This information may range from deleted files to existing documents stored on a hard drive, Network activities or other storage media and also encrypting files by putting password on them and providing some system security against unauthorised entry , this is imperative for the growing technology industry (Stephenson, 2002).

1.5 Research Questions

The following questions are the underlining queries that were considered in undertaking this research:

1. How often do people transact businesses online, example eBay and/ or Amazon?
2. What Digital Forensic Tools are used to detect and prevent e-commerce crime?
3. How Knowledgeable are customers in Computer and its related Technology?
4. How were online crimes or fraud related issues Handled?

1.6 Research Objectives

The Aims and objective of this research was constituted by the following;

- T o investigate and substantiate E-commerce as an Emerging industry for trade
- T o uncover the challenges and problems associated with E-commerce Security
- T o investigate e-commerce pitfalls and how to resolve them with Digital forensics
- T o recommend safety systems using Digital computer forensic to enhance e- commerce and all computer-related technologies.

1.7 Significance of study

The significance of study can be categorised into three thus: investigating E- commerce to affirm that it's a growing global industries which has flaws and shortcomings such as security issues that needs to be addressed by those who go into it as a medium of business, and Secondly the fact that customers who engage in online business needs security from identity theft, credit card hacking or theft and phishing, thus the convenience of the customer should be paramount to the e-commerce firm (Chuang, 2004).The third a s p e c t o f the significance of the study is to propose the use of computer assisted programmes such as computer forensic or in advance digital forensic to curb these cyber crime to facilitate amicable transaction between a given company and respective customer(s) (Larose, 2007).

1.8 Structure of the dissertation

In Chapter one, Introduction and Background of Study of this research is carried out, this is where the fundamental issues on the subject of the research are tackled. Basic definition into E- commerce and its security, as well as Digital Forensics which are the subject matter of this research are substantiated Chapter two, an extensive review of theoretical framework of the underlining subject matter is carried out with recent case studies and occurrences as far as the investigation of E-commerce with its related security challenges are concerned. Proposed solution to cyber threats with Digital Forensics are also provided in this chapter.

Chapter Three, the research Methodology and the philosophy of research are expounded, as well as the research strategies that were used to undertake the research.

In Chapter four, Statistical computation and observation of findings which constitute the Data Analysis and Interpretation section of this research was carried out.

In Chapter Five, Discussion, Conclusion and Recommendation are made extensively, this is where the whole research is summed up for both the researcher and any other person to get the import of the investigation carried out on E-commerce and its security challenges and using Digital forensic to ensure security and confidence in the system.

CHAPTER 2.0 LITERATURE REVIEW

2.1 Introduction

E-commerce is elemental to business activities in recent years. Most companies have e- commerce inherent in their daily operations thus obvious publicly on their websites. The phrase 'cyberspace' denotes a computer mediated network specifically on the web where electronic activities take place as well as a place communication and/or interactions over the internet are facilitated. E-commerce is encountered with a p r e v a l e n t p r o b l e m o f e -crime, commonly known as cybercrime (Hunckler, 2013). Cybercrime can entirely interrupt a firms merchandise activities. Public companies lose billions of pounds annually as a result of cybercrime, they lose assets, businesses, and reputations are damaged. According to (Ranchman et al. 2008; Mello 2007) the US economy loses more than $100 billion annually because of cybercrime. A typical example is when a company’s website is hacked and as such can goes down; customers will then take their businesses somewhere else. Making the company lose all the income that would have come in at the time.

Additionally the losses associated with cybercrime can include customers losing confidence in the victimised company; this is because most customers care so much about the security of their financial particulars during a business transaction .Owing to this an organisation can lose prospective commerce relations and operations because of the stigma that comes with cyber crime. Such liability can cause a decline in the market value of an organisation, as a result of justifiable concerns of stakeholders such as investors, monetary analysts, and creditors (Smith, 2009). It is for this reason that the use of Computer technology such as digital forensics is imperative to curb these unbearable crimes.

2.2 E-Business and E-Risk

Risk is integrated in doing business in any form, and in any part of the world, E- commerce or transacting businesses online i s not immune to risk (Bhasin,2003).Some of the risk that are associated with e-commerce includes, stolen Credit card number, personality theft, stolen Social Security Numbers, and sometimes goods bought and paid for never arrives. All these eminent issues and more are rampant because there is no physical encounter between the buyer and the seller basically; electronic mediums as mentioned earlier are employed as cited in: Cyber Source Stross (2009). The research further postulates a statistics b y cyber source a provider of electronic imbursement and threat control solutions, estimates that $3 billion was missing as a result of the above mentioned anomalies in e-commerce between 2006 and 2009 in the United States.

Since online activity has become imperative and indispensible to individuals and business, there is the need to employ certain tools such as digital and computer Forensic to ensure user security on the web and the respective organisations also ensure these tools are equal to the task of meeting the challenges that confront E-commerce (O'Brien and Marakas, 2011). The authors O'Brien and Marakas further established that fraudsters in cyberspace look for opportunity to penetrate and abuse systems, these they do either for the fun or selfish gains. Once system is infiltrated, impostors can possibly cause devastating problems such as deleting or altering information.

A res earch b y Smith e t al . (2003): To a na l ys e t he reason t hat m akes e - ecommerce susceptible to risk includes the following;

(a) Old methods of solving e-business problems may not work due to changing environment.
(b)The more an e-commerce company expands the higher the scope of risks.
(c) System hackers will always devise new techniques and tools to attack system operations.
(d) When a system is digitized it creates exceptional challenges for digital information and online transactions.

2.3 E-commerce and using The Internet

E-commerce are used interchangeably by most people with e-business, they are however distinct theories altogether. In e-commerce, information and communications technology (ICT) are used in inter-business or inter-organizational transactions (Ranjay and Garino 2000).

They on the other hand stated that e-commerce is dynamic and therefore has many forms and each o f these have unique challenges confronting it and corresponding customers and the need t o find a way to resolve for the safety and the protection of innocent customers and the security of their m o n e y and the respective businesses as a whole is imperative.

E-business is said to use ICT to augment business activities and operations geared towards organisational development (Perez, 2005). It consists of any course of action that a firm (profit oriented, governmental or non-profit oriented entity) conducts over a computer- arbitrated network usually with computer assisted applications. These computing paradigms are used to facilitate and project the image of the organisation with the ultimate goal of development and attracting relatively larger customers for a given activity of the organisation (Deitel et al, 2001).

Lynda,(2002) as cited in : (Sachs Goldman,2000:p.68-71) Managers of organisation must take into consider electronic associated risks also known as e-risk, and these are the possible challenges associated with doing business online. Safety measures must be p u t in place against online fraud, malicious hackers, computer viruses, among other cybercrimes. Kratchman et al. (2008) asserts that electronic business started in the 1950s with the emergence of early computers. Nevertheless, the advent of World Wide Web early twentieth century assisted in growth of e-business.

E-commerce is subject to various forms of risks which are posed by cyber threats. These threats can be decreased by instituting efficient controls (Runyan et al. 2008). Cyber crime is exceptional from other threats that businesses face in recent time it has unique characteristics, as expressed by Speer (2000). Zombori (2001) also observes the types of actual risks of e- commerce, affected cyber crime. He stresses the fundamental issue of doing e-business is trust. When trust is lost, the possibility of e-commerce firms running financial loss will be very high The prevention, detection, investigation, and the prosecution of cybercrimes will in the long run reduce the consequences e-crime leaves on business and will ensure public's confidence. A mutual open sharing of information strategic methods of curbing this crime by private, public, and international bodies will facilitate a successful detection and prevention of these crimes (Oates, 2001a).

Literatures in various academic disciplines try to investigate the behaviour of those who engage in cyber crimes (Kranhold, 2004). It was discovered, most countries of the world have different approaches with their regulations, standards and legitimacy regarding various forms of cyber attacks, symbolic significance, the level of digitised strength and weakness in defence of cybercrime was used as the criteria for the selection of t h e target network. Riem (2001) asserts the greatest threat to E-commerce security is the employee of any organisation, consultants and service providers working in a respective company, relatively to those external hackers endeavouring to gain entry. Yapp (2008) attest that the supreme threats to security in an organisation are those within, about 70% of all kinds of frauds, exploitations and abuses begin. Lack of stern policies on password and controls are the derivation of most of these problems.

When there is good news the corporate image of an organisation benefits and subsequently suffers if it bad news; the results is either improvement or decrease in the firm’s outcome. Initial examination of the market consequences concerning right behaviour shows that a firms repute and corporate control are characterised by quality in the place of work and its reputation (Clarkson et al. 2004; Fukami et al. 2011). The impact of e-commerce initiatives has been evaluated by the use of event studies the essence is to identify special attributes of e- commerce firms a n d to appraise firm valuation or stock returns (Hand 2007). This study augments the research literature concerning stock market performance and e- commerce, by investigating the effect of cybercrime on an organisations stock price and e- commerce marketing activity (Chen and Siems 2001).

2.4 What Constitute Cybercrime

There are various crimes that are perpetrated via the internet in this case as far as e- commerce is concerned and the experience of Amazon and eBay with their corresponding users (Douglas T, 2002);

- C o m p u t e r assisted crimes; this is where the computer is used as a tool to enhance a criminal activity and these activities are not exclusive to computers only, example will be child pornography, fraud, cyber bully etc.
- C o m p u t e r Specific crimes; these crimes includes password attacking, server attacks, system hacking, denial of services, sniffers. These crimes are directed to the computers and available digital gadget, the network and the various systems on which data is stored.
- Computer incidental; The computer becomes supplementary to crime perpetration such client list on spreadsheets, drug traffickers and terrorist interchanging information on various apps on the computer such as Skype, facebook and the like.

2.5 Types and Costs of Cyber crime

The crimes that use to exist in the past have taken a new form known as the cyber crime, due to the advent of technology. Companies who were victims of theft or robbery will use verbal communication to convince customers to win their trust back. Relatively in modern time e- commerce firms use the internet to facilitate this communication even before they are attacked, they will usually assure customers of their safety and convenience as far as their websites are concerned. Appendix 2 catalogues common types of cyber crime (Swartz, 2005).

The harm engineered by cyber crime has varying effects over the passage of time. A typical example is about computer viruses which use to be seen as very dangerous and damaging to the any computer system that gets infected in recent years it is not that dangerous as it use to Be because counter stronger anti-viruses have come up to reduce the effects of damage they can cause to a system (Sommer, 2004). Also there were legislations across the globe against computer viruses proponent, it was seen as a criminal offence tantamount to prosecution, and this also assisted in reducing viral infections to systems. The sharing of information between local agencies, Federal states exposes possible virus attack a typical example is the collaboration that exist between the Federal Bureau of investigation and the secret service in USA to fights against cyber crime (ProQuest., (2010)).

2.6 Cases on Cyber crime

A case study on online databases, newspapers and current periodical were carried out on ProQuest online and the objective of the study was to look at issues concerning e-crime, cyber crime, and computer fraud. Online access is provided by Pro-Quest Research Library for a large number of academic subjects. The Pro-Quest databases are made up of 4,100 tiles and above, almost 2,900 in full text, as of 1971 until (Pro-Quest 2012). The cases evaluated in this study were listed at the top of the search, they concerned companies that traded publicly, and also comprised news stories in details.

As at February 2000, Amazon.com, and Ebay.com, among others were the victim sites involved in a cyber crime attacks, these companies were victimised their websites were hacked and alterations were made to the coding of the program. The companies had to shut down due to the brutality of the attack and to have enough time to repair the damages caused and to impede unauthorised access. Security features were strengthened to safeguard the systems against future attacks (Kranhold, 2004).

The Western Union branch in Data Corp was also attacked by some individual hackers, as at September 2000. During this cyber attack on the companies site credit-card details for 15800 clientele were stolen, the theft took place because a n employee was negligent with the files and made them open to attack and it was at a time where a r o u t i n e maintenance was been done. The authorities were notified by Data Corp, the FBI and CIA were called to conduct investigation (Colden, 2000).

A perpetrator hacked into Choice Point Inc.'s database in October 2004 at this instant, 146000 credit card files were stolen from the system. The intruder did hack the system this time e- crime procedures; however, the perpetrator faked his identity about some few forms and over the phone .The whole information was simply handed over to the intruder as a result. This was a routine activity carried out by Choice Point Inc to legitimate businesses, for a price. In this case, the perpetrator gave false information about him and was given access to the files; the respective company has taken measures to prevent this problem from recurring because of the incident (Perez and Brooks, 2005).

In November 2004 The Federal Trade Commission undertook a survey in which its workers posed as troubled customers of various banks so as to measure the banks' capacity to act in response and avert electronic-theft. The Citizens Financial Group and Hibernia Corporation were graded as the last five banks as far as prevention and thwarting e-crime (Saranow, 2004).

Professional criminals in May 2005 get hold of about 500 customers’ confidential information at Wachovia Inc illegally. A complicated hacking method was not used the criminal however engaged traditional bribery to recruit former employees of the company. The supposed former employees sold out the information to the fraudsters at $10 a. The information was subsequently sold to law firms criminal and collection agencies by these criminals; the incident was reported to the New Jersey police for investigation (Yuan, 2005).

Card- systems Inc. An organisation that processed credit card operations for small Scale and mid- sized businesses had their database hacked in June, 2005 and credit card details were acquired again as a result. The security of the database was compromised and over 45 million particulars of cards issued by MasterCard, Visa USA Inc., American Express were stolen. Due to the security breach, a lot of banks were affected negatively. A private investigation company, thus Morgan Chase were made to inspect the security of its customers at the time of the incident (Sidel and Pacelle 2005).Washington Mutual Inc. such as Morgan Chase had a negative impact as a result of the security breakdown at the Card- Systems Inc. Washington Mutual Inc. Was made to close down over 1,500 debit-card accounts (Sidel and Pacelle, 2005).

2.7 Cyber attack and Company Performance

In most of the cases carried out on cyber crime, the person responsible is a hacker, or has relatively some computer expertise. Cyber-crime includes cyber-terrorism, electronic-theft, espionage, internet credit card fraud, and phishing. Companies Affected included Yahoo, Amazon, and EBay, and financial institution such as Morgan Chase (JP) and Washington Mutual’s. Damages survived were closure of websites to stolen classified information (Owen, 2009).

2.8 Curbing Cybercrime and Digital Forensic

Company's stock market performance is generatively affected by Cybercrime and its relative activities; subsequently, e-commerce firms and their stakeholders obviously have advantage in impeding cybercrime. Defensive measures can be engaged to ensure the prevention of cybercrime. Nonetheless, irrespective of how many preventive measures are in place, except accurately and constantly programmed, the system may either negligibly report cyber crimes or excessively as a result giving false alarm, by a single interruption detection (Digital evidence, 2000). Interruption discovery methods include detection of anomaly in the system, tripwires, and configuration checking tools. Prevention techniques are imperfect, as such, e-commerce firms should establish measures for analysis of and revitalization the system after cybercrime attack occurs (Wilding, 2003).

Qualified experts can aid in resolving cybercrimes. Most e-business firms usually require competent computer security persons; thus, hiring outside experts, for example, forensic accountants, computer forensic professional. If negligence of a company’s computer security personnel caused a security breach or electronic crime, a professional from outside will still be needed and useful to the entire security of a company’s system. Though many law enforcement bodies do not have the requisite expertise to investigate some issues of cybercrime, however they can help to some extent; say by seizing computers that were used to perpetrate crime for further investigation (Kerr et al. 2003).

Digital forensics s is concerned about an investigation into anything that has technology connotation, just like forensic science, it subject systems and technology to observation and investigate the technology against anything that may be of the interest of the investigator. Technology has advanced and computer programmers have applications that can track criminal irrespective of their location this they do by making use of the GPS. If digital forensic is introduced into e-commerce, it will reduce if not totally eradicate cyber crime. This implies that business owners can determine the location of a shopper or customer if the person happens to be a hacker he/she can easily be identified (Stephenson, 2003a).

2.9 Supplementary Threats to Computer Security

Though unlawful access incapacitating a system has severe complications, they don’t constitute the main threat to compu ter security. There are basically five threats to E- commerce security:

(a) natural catastrophes, (b) corrupt workforces, (c) unhappy workforces, (d) and inadvertent blunders and oversights.

Human errors constitute the major cause of the breaches that occur in computer security, inadvertent oversights and mistakes are very common in the implementation and operation process of a system (Stephenson, 2003b). However if a system is well developed these continues errors will be reduced there should be an effective internal control measures.

The individuals in any given organisation are the key to computer and information security. According to surveys carried out showed that systems development is very effective when users are part of the process, the system will not likely to fail. The following steps by organisations are essential to effective computer security. Security policies and controls should be enforced and communicated constantly (Stephenson, 2003c)

(a) Controls and security techniques should be put in place to ensure access to users and traceable information system should be implemented
(b) Users should be restricted to their area of jurisdiction only and not to other part of the system.
(c) Intermittent security training should be conducted.
(d) Some personnel should be made to be responsible for the security of the system in a liberated manner.

2.10 Ensuring Ethics in Digital Forensic Investigation

This study investigate E-commerce and its associated information security and cyber crimes challenges and impact it has on users, they also disrupt marketing and commerce activity, and specifically cybercrime greatly affect the operations of companies and their output. In addition, the study looks at possible way to ensure user convenience and the securing their confidential details (Tong, 2013).

Authentication, authorization, and encryption are some basic security methodologies .Though several companies offer s e c u r i t y software, as technology advances, so will the ingenuity of the hackers and vigilance is therefore warranted on a continuing b a s i s (Traynor, 2005). The policy and privacy issue that governs e-commerce should be made available to prospective customers in various ways. It is imperative that e- commerce firms do not play on the ignorance consumers given products.

The law should be reconsidered to accept the scientific and procedural discoveries of Digital Forensics in its attempt to detect and expose perpetrators of cyber crime. Observation of ethics in the practise to unravel criminal activities over the internet is as equally important as catching the criminals. According to Moore (2006) the court will usually accept digital forensic evidence in a typical cyber fraud case if the investigation and analysis was done within a generally accepted scientific parameters and ethical considerations not compromised

CHAPTER 3.0 Research Methodology

This is the general philosophy that guides the researcher in an attempt to find answers to questions. It’s a way to systematically find solutions to research problems. In research methodology, various steps are adopted generally by the researcher and logically studying a given research problems (Esterberg, 2002). Research methodology gives reasons and relevance to the use of research methods or techniques such as developing test or indices, the calculation of mode, mean, median and standard deviation, ANOVAs, correlation and regression or chi-square, its concept also help in how the researcher can appropriately us any of the above research techniques.

For the purposes of this paper a descriptive statistics with mean frequency indices will be used to test the variables that are central to the topics investigated. Thus how e- commerce has been beneficial to users in terms of convenience and relatively how damaging it is with regards to its security challenges or flaws (Jackson, 2010) The author postulate that research methods is just one aspect of research methodology, Thus this concept is not only about research method, but also considers the reason for the method used within the framework of the study, The use of a particular method is not only to satisfy the researcher but also to all those concern. The reason for research study undertaken, research problems, how they have been identifies, the ways and reasons of hypothesis formulation, the methods adopted for the collection of data and its analysis and a host of similar issues are undertaken in research methodology as far as the research problems are concerned.

3.1 Philosophy of Research

Research philosophy is about the process by which data concerning observable fact should be collected, evaluated and used. The approach to research philosophy is encompassed by various terminologies such as epistemology thus what is known to be the truth and doxology that which is supposed to true (Berg, 2009). The essence of research is to find answers the way a researcher observes is usually influenced by the basic assumptions that under pins the given research philosophy. The assumed position will always determine the research design and methods. There are basically two research philosophy used in modern research and they include Positivist which is also called scientific and interpretivist also known to be anti-positivist (Cozby, 2001).

3.1.1 Positivism

A positivist position is when the researcher considers or adopts the strategies of a natural scientist, thus specific data is processed to get exact result, and hypotheses are always generated and then resolved after critical analysis (Beins and MaCathy, 2012). This method is of the view that the researcher needs to focus on the reality of the facts available for the research, thus make use of the basic concepts available. Social realities of observable fact form the basis of positivism. A typical example of positivist approach that was used for this work is the realism philosophy.

3.1.2 Interpretivist

This concept argues that a clear distinction should be drawn between humans and object during a research activity Its of the view that meaning should be attributed to any object used to explain a research which is human oriented, It’s a type of philosophic approach where humans interpret objects and things they see around them. Interpretive is expected to take an empathetic position thus putting one into an environment to understand how things are done to be able to come out with a critical result (Berg, 2009).

3.1.3 Rational for chosen Approach

A positivist philosophic approach was used for this research because its concept of reality is useful for the investigation of e-commerce security and cyber crime, unlike the interpretivist, one would have to assumed a stance in this situation it is a realistic occurrences with substantial evidence, what this work seek to uncover is to find out the cause of the vulnerability of most e-commerce sites and how to prevent them with digital forensics mechanisms. Thus a realist philosophy under positivism was ideal (Alcock, (2011)).

3.2 Research Design

Research design is the pragmatic structural plan for the entire process in finding solution to a given research problem. This supposes that the design of research is the framework for the collection of information and subsequently analysing. The design unfolds type oh been undertaken thus descriptive or exploratory type of research approach and it also helps mine the expectation of the researcher (Greene, et al 2008).

3.2.1 Explorative Research

These types of research try to find solutions to ambiguous occurrences that may not even have a research basis in the first place. The researcher explores to find meanings to occurrence, and then generate possible research questions to be able to arrive at a point to collect data and conduct authentic research (Ashcraft & Krause, 2007)

3.2.2 Descriptive research

This type of research looks at the research problem to be solved and setup a structure to meticulously find a solution to the research problem (Austad, (2002)). A good measurement techniques is very imperative for this type of research since the judgement of the researcher will determine the authenticity of the result

3.2.3 Hypothesis Testing

The hypothesis for this paper was tested with Descriptive Mean statistics

The hypotheses has two concept the Null hypotheses denoted with H0 and the alternate hypothesis expressed with H1

H 0: the more transactions are made over the internet the higher the risk of been a victim of fraud

H1: There is no Risk when transactions are made frequently over the internet

After the research findings the null hypothesis was accepted the details are in chapters 4 and 5

3.3 Research Approaches

There are two fundamental approaches thus quantitative and qualitative approaches. Quantitative approach entails data generated in a quantitative format and it’s subject to thorough quantitative analysis in a rigid and formal manner. This approach has other sections such as inferential, experimental and simulation approach (Cozby, 2001). The essence of the inferential approach is to constitute a database out of which inferences can be made on the characteristics of a given population. This usually implies a survey research where a sample population is considered either by questioning or observing to establish its features and it is then inferred that the population has the exact features (Dillman, et al. 2009).

A general background of a given research problem is studied and analysed before undertaken. This is to choose the right tools to use in analysing the findings. Research strategy is made of two concepts in research and they are quantitative and qualitative form of data analysis (Banner, 2009)

Quantitative form of analysis is where the findings a subject to statistical format and then computed with special computer software’s such as SPSS excel or Epi-info. This type of research strategies was used in the data analysis of this paper and the SPSS was used alongside Excel to computer the data and test hypotheses. Diagrams were generated with Excel Qualitative approach is subject to the interpretation of secondary data where a researcher only observes and makes deductions from exiting findings without any statistical application.

The qualitative approach concerns itself with the subjective analysis of views, attitudes and behaviour of existing findings. Research in this approach is basically dependent on the impressions and insights of the researcher. Non-quantitative or rigorous quantitative forms are generated as a result of this approach. Interviews, focus group discussions and observations are some of the techniques used in carrying out this aspect of research design (Dillman, 2007).

However for the purposes of this paper which seek to investigate E-commerce and its corresponding security issues and considering user convenience, Quantitative approach of research design was employed.

3.4 Research Methods

This refers to the techniques that determines the kind of questions to be asked by a researcher and the know how to collect to facilitate a smooth research process. Research method play various roles such as determining the reasoning pattern of the researcher, how to interpret and communicate research findings to the understanding of the layman also it determinants regulations for standardised evaluation of findings of a research activity (Beins, 2011). The underlining factor about research methods is to have a theory or hypothesis to develop research objectives (Bem, 2011).

3.4.1 Primary methods of collecting Data

Primary methods of data collection were used to carry out the data collection of this research. It is primary data because the researcher gets first hand information from respondents and tries to evaluate the response. There are no inferences from other source of data though there could be such information already existing on a given research problem. There are various types of primary data collection these include, observation, interviews and questionnaires (Berg, 2009).This method of data collection was used in gathering data for this study.

3.4.2 Interview:

It’s one of the expensive medium of collecting primary data. The researcher consults the respondent independently to collect data (Cozby, 2001).

3.4.3 Observation

This is commonly used in the natural science and now in the social sciences as well, this is where a researcher places his/her objects of study under critical surveillance over a period of time to be able to ascertain an expected result (Leary, 2001).

3.4.4 Questionnaire

This the most common form of primary data collection. Where predetermined questioned are printed out and given to respondent randomly to answer. The results is then analysed and interpret to meet the objectives of the research. This Type of primary data collection was used for this paper (Bowman and Anthonysamy, 2006).

3.5 Sampling Method Chosen

This is concerned with choosing individuals from a given population who will assist in a given research project. Sampling methods always go through a procedure of identifying the population out of which a sample can be selected for the solution of a given research problem (Grissom, 2005).

There are two types of sampling, thus probability sampling and non - probability sampling. Probability sampling; this is where each sample size in a given populace have the equal chance to participate in a research. The research there for indecently select without iota of bias. A probability sampling was used for this work where the total population size was 100 people who have transacted any form of business online before, out of which 60 were used as sample size to represent respondents. These were given the questions to respond to. Any of these 100 people could have the questions (Heerwegh, 2009).

Furthermore, non probability sampling method: this is where element in a given populace do not have equal chances of participating in a research. The sample size is carefully selected by the research to suit his/her research objectivity. This is usually used in relative research approach.

3.6 Data Collection with Questionnaire

There are various forms of data collection in making inquiry such as interview, observation, focus group discussion and questionnaires (Saunders, et al, 2007).

Questionnaires were administered to respondent for data to be collected for the purposes of this paper. This method of collecting data is very common, especially in big research work. 60 questionnaires were administered with 100% respondent responses. Questionnaires form data collection is a method that is being used by individual research workers, public and private agencies and the government. In this method questionnaires were printed out and given to people concern with a request to answer the questions and return them. A questionnaire is made up of a number of questions arranged in an orderly form; questions were about the topic under review. The respondents were not influenced to answer the question to suit the interest of the researcher, however on their own will, so every outcome of the findings is the true results of the respondents concerns.

3.7 Mean

Mean is a common tendency for measurement, it is the calculation of the average of a given values. A mean can be used to calculate the distribution of event by summing all the values and dividing them by the total number of the given value distribution, it is expressed mathematically as;

illustration not visible in this excerpt

Where,

µ enunciated as mu signifies the mean for the total population,

Ẍ Represent the sample mean

∑ (sigma) is the sum of

X denotes the individual values

N denotes the number of values in a given distribution

The mean is calculated by adding all the X values and dividing it by the total number of values in the distribution thus N (Skamp, 2007).

3.8 Limitation of Study

There were no major draw backs on this study except for the fact that expected time period for the collection of questionnaires from respondents were delayed. All 60 questionnaires administered were however retrieved. The topic under decision is very broad which could have been expanded in various ways and a respondent of 6o is not enough to represent the total statistical outcome; however it is feasible for the purposes of this work.

3.9 Data Analysis

After determining the reliability of the mean variation for the calculation of this sample, Frequency distribution for demographic variables were obtains. The data was analysed with emphasis on ensuing outcome in percentages (Hyde, 2005). Each question in the questionnaire was adequately discussed. Mean descriptive statistic was used to test the hypothesis

3.10 Ethical Issues

Researchers are not excluded from the likelihood lapses of good judgment that affect all and sundry. It’s on record that the ethical breaches that confront research are relatively uncommon. However it is a moral offense for any individual embarking on a solution to respective research problems takes another person’s findings without due reference and appreciating the intellectual property of the supposed researcher. Ethical norms are supposed to be practiced and upheld by any researcher in any given discipline. Ethics in research is now been taught in most academic institution, this is to ensure that value is placed on the findings of people. This research took into consideration the entire necessary ethical phenomenon. The respondents were told that confidentiality and secrecy of their information will be highly guarded and this study as far as the researcher is concerned did not and will not cause and harms to any person whatsoever (Ideland, 2009).

There are numerous reasons why it’s important for a researcher to adhere to ethical practices; it facilitate a genuine discovery of knowledge to satisfy the reason for the supposed research problem and also its a form of accountability on the part of the researcher (Cozby, 2001, Esterberg, 2002).I have tried to strictly abide by ethical rules and regulation in this dissertation.

CHAPTER 4.0 Findings and Data Analysis

Table 4. 1. Age distribution of respondents

illustration not visible in this excerpt

The table above shows the age distribution of respondents with 18-25 years as the highest with 38.3%, and 26-33 as the next with 25% these being active age group who will go online more often to purchase items and the least age group respondent with 18.3% is between 34- 41 and 42 and above.

Table 4.2 .Gender distribution of respondents

illustration not visible in this excerpt

The table above also displays the gender distribution of respondent thus male and female; with male respondents being the highest saw 51.7% and subsequently female respondents saw 48.3% in the gender distribution.

The table below shows the educational background of respondents, and the highest educational background of respondent is the Masters level with 50% indicating respondent have enough knowledge to know what they are about. The least with 3% were seen by college and High school respectively.

Table 4.3. Educational background of respondents

illustration not visible in this excerpt

Table 4.4 Employment Status of respondents

illustration not visible in this excerpt

The table above also displays the employment status of respondent the highest with 40% and 21% are unemployed and the least fall with the student category with 15%.

Figure 4.1 the E-commerce sites respondents have confidence in

illustration not visible in this excerpt

The figure above shows the most visits e-commerce under discussion in this research, thus Amazon and eBay. Respondent were asked to respond with reference to their level of confidence in any of them or both. The highest with 48% representing Amazon and 45 % for eBay indicating most respondent will buy from Amazon than eBay. Most respondent gave remarks to the reason of their choice and it was because EBay deals more with individual items and payment is done through a third party and the fear of who to hold responsible in case of unforeseen contingencies was a major concern to respondents. The rest of the respondents who buy from both (Amazon and eBay) represented by 7% do so as a result of long period of transacting with these two e-commerce firms.

Table 4.5 how respondents paid for items online

illustration not visible in this excerpt

The major issue with online transaction is the mode of payment and the table above represents the payment type’s respondents use to complete their transaction. It was obvious that most respondents use the Visa debit card represented by 21% and subsequently the Visa credit card with 13%. Others use the visa electron and American express represented with 15% and 11% respectively.

Figure 4.2 Responses on respondents encounter of any form of fraud, delays in online transaction

illustration not visible in this excerpt

The figure above represents responses of online shoppers and the largest portion of respondents have some form of fraud or delays in items purchased online, this is represent by 78.33% and subsequently 21.67% of respondent have not experienced any form of fraud in their online transaction yet. This suggest that, online shoppers are prone to cyber crime every moment this is also because e-commerce is an industry that is growing rigorously and so it implies cyber criminals have developed the skills of causing security threat to online shopper and the organisation as a whole.

Table 4.6 How respondents rate their knowledge in computing

The table below represents the level of computer literacy of respondents, most respondents who gave their responses have just basic knowledge in computers and its relative technology this is represent with 25% being the highest of the responses and 18.3% had no knowledge at all with computing and its related perphrals.21.7% are experienced and have some level of technical knowhow when it comes to computing. It’s said that cyber crime is on the increase because of lack of knowledge in computing by online shoppers.

illustration not visible in this excerpt

Figure 4.3 Respondents visiting the wrong sites unknowingly

illustration not visible in this excerpt

The figure above shows the response of respondents, mistakenly visiting online sites thinking its eBay or Amazon. This aspect of scam is called Phishing, thus some individual hackers develops sites that looks just like the original and this they used to steal from shoppers, Though 56.67% being the height in the distribution indicated NO for those who have not had such experience and 43.33% being YES thus not a significance difference. Implies that cyber crime exist and really going on at the detriment of uninformed customers

Table 4.7 Banks giving customers education, guidance and counselling on online transaction

illustration not visible in this excerpt

The table above represents the frequency with which banks educate their customers on certain security issues in transacting any business online with their bank cards.78.3% of the response were No representing the highest meaning bank do not give period counselling to their customers on how to protect and ensure their security.21.7% responded Yes thus the banks give some form of education to their customers. There are various schools of thought on this which is carried out in chapter 5.

Figure 4.4 how respondent’s online transaction challenges were addressed

illustration not visible in this excerpt

The figure above shows the experiences of respondents of how their challenges during or after a transaction online were treated. As per the questions administered the respondents were asked to write the response in their own words, this outcome is however a paraphrase and summary of what they said. Those whose challenges were not handled with urgency saw 40% and those who were given the needed assistant was represented with 16.7% , 25% said on most of the occasion delivery dates were changed without prior notice until they made attempts to get in touch with the customer service representative. 18.3% indicated getting through to customer service was difficult.

The figure below represents the decisions of respondent on what they will do if they are trading on a new unfamiliar e-commerce site other than the renowned eBay and/or Amazon. Some of these decisions were based on the experiences they have had concerning online transactions66.7 % retorted to be sure of the credibility of the company before they engage in any business activity.8.3% which is the least respondents said they will not even attempt buying, while 25% would want to be certain about the performance of their customer services and how quick they respond to customers.

illustration not visible in this excerpt

The table below represents the e-commerce sites respondents’ visit frequently. Though there are a lot of e-commerce firms these ones were chosen for the purpose of this research. However the unnamed e-commerce sites are denoted as others and this was represented with 6.67 % the least patronised sites whiles Amazon saw 50% and EBay with 43.33% being the highest and the least respectively.

Table 4.8 E-commerce sites frequently visited by respondents

illustration not visible in this excerpt

Figure 4.6 How often respondents visit e-commerce sites to transact business

illustration not visible in this excerpt

The figure above represents the number of times respondent visits e-commerce sites to transact business according to the provision of the periodic time frame for this purposes of this paper,26.7% transact bunnies on e-commerce ones a month and 25% does the same ones a week. This is related to the working class in the actives ages.11.7% purchase from online firms every week. Whiles 20% Patronizes e-commerce site ones a month

The table below shows a Descriptive Mean statistics, which was used to test hypothesis and the variables that were used are the frequency with which respondents transact businesses online as against their encounter or experiences in terms of fraudulent activity in the process.

The outcome shows the level of correlation between the frequency of online transactions and fraud related experiences, thus the more one goes online to do business the higher the risk of experience a criminal activity. Statistical elucidation is carried out in chapter 5.

Table 4.9 Mean Statistics

illustration not visible in this excerpt

CHAPTER FIVE 5.0 Conclusion

Trading over the internet is not only about a company having an attractive website with goods and services waiting to be sold to customers. E-commerce as an emerging trading industry cannot to be over emphasised, it has gone through series of changes over the years. Most Companies that are successful now can attribute it to online trading, it is faster, cheaper and easier to trade online, and companies are able to reach millions of clients across the globe without any physical contact. This is a massive development in business transactions. Unlike the normal brick and mortar business certain where a company is limited to a group of customers who chooses to transact business with the respective firm (Abels, (2005))

E-commerce is not a different type of emerging business, it’s the same form of business that has existed over the years, the only difference is that its employs new tools to facilitate business transaction, and this news tools have been made available as a result of the discoveries and development in technologies, as well as computer systems. Just as any business has challenges related to security such as theft and embezzlement of funds, e- commerce as a business also has its security problems, this has become rampant in modern time due to the fast growing nature of technology. In the advent of these security issues, computer forensics and its related its related mechanism which are also designed to ensure surety, investigate and arrest criminals associated with online activities such as e-commerce needs to be employed greatly to enhance the security that e-commerce is fighting for. This paper discusses into details some of the major security challenges that confront e-commerce industry (Schultz & Shumway, 2002).

5.1 Growing Security Threat

There burden of cyber attack is a nightmare for all and sundry, it’s not only an issue with the respective e-commerce companies, it’s a concern that must be taking serious by every individual. Crime is on the ascendancy, because perpetrators now can hide under anonymity the internet and its related technology provides, thus one can sit any where commit a crime and would not be noticed. It is for this concern that a competent computer tools should be employed to stop these occurrences (Wilding, 2003, Zombori, 2001). Digital forensics should be promoted and resourced with all needed equipment since this aspect of IT has what it takes to overcome the problem of anonymity so that anywhere cyber crime is committed perpetrators can be brought to book The entire network security requires . From the research findings respondents were asked if they had experienced any form of fraud whiles transacting business online and out of the total respondents of 60 people, 47 which represents 78.33 % have had some form of fraudulent attack or have experienced it, the minority which was constituted by 13 with 21.67% have not experienced any crime related issues with their online transitions.

The implication of this implies that the kind of fraudulent experiences respondent might have had may include phishing, identity, theft, stolen credit card details among other. These and more other online criminal activities prevail in the e-commerce industries and they are the reason the security concerns as far as online transactions are concerned...

A descriptive mean statistics used to test Hypothesis, the Null hypotheses is of the view that the more one visits the internet to transact business the higher the risk, this was ascertained as respondents were asked to respond to how often they visit Amazon or EBay and any other e- commerce site the results are state above.

The mean value for how often respondents use e-commerce sites was 2.01 and the experiences of criminal activity is 1.22 the difference between the two is 0.88 which is a little closer to 1 it presuppose a strong correlation between the two variable so we accept the hypothesis.

5.2 Recommendations

E-commerce has become indispensible in the day to the day activities and dealings in this modern world, it is for this fact that the issues bordering on its security should be taken as a global issues and attempts should be made to overcome this challenge.

One of the areas that I would recommend with the issues of overcoming cyber threat is that Security policy and procedure should be entrench in every country and a global policy collaboration by developed countries would really be a good step in the right direction. Though research shows there are policies on these security problems, they are not treated as important as Atomic bomb terrorist. Security policies should cut across the firm, the user and both developing and developed countries.

5.2.1 User security policy

Education and awareness creation should be done constantly by the banks and the e- commerce firms may have to update and educate users to be able to distinguish between the illegal and legal activities that they face every now and then when transacting business online. Users also may need education on how to protect their security pin to their debit or credit card and not give their passwords of their individual subscription to theses e-commerce sites to other people, if other persons rather than legitimate owners log onto an account it become difficult to determine who is facilitating a security breach (Silberschatz K., 2009)

5.2.2 Internet port Security

This is another policy that is highly recommended for e-commerce companies. This port security defines access and what the internet resources are used for. With this a firm can know who enters their system, thus external users such as suppliers, buyers and various stakeholders to a respective company (Pemble, 2005).The port security permits configuration for the Hypertext Transfer Protocol (HTTP) and disables SSL access. This implies that the user only does what the system permits and cannot go beyond those boundaries such as breaking into the server of the firm.

This research on investigating e-commerce security have been carried out in various forms by different authors, this paper is also a contributions but there are more to explore especially in deploying digital forensics in E-governance and national issues not only on e-commerce and trade related.

References

ABELS, S., AND HAHN, A. (2005). Conception of a framework for the combination of heterogeneous methods for reclassifying product data in the e-business domain. Proceedings of the 26 McMaster World Congress. Hamilton, Canada.

ALCOCK, J. (2011). Back from the future: Parapsychology and the Bem affair.

ANDAM, Z. R., PROGRAMME, U. A. P. D. I. & FORCE, E.-A. T. (2003). E-commerce and E- business, e-ASEAN Task Force.References

ASHCRAFT,M.,H., &KRAUSE, J.,A.,(2007). Social and behaviour researchers experinces with their IRBs. Ethics and Behaviour,17,99.1-17

AUSTAD, S. N. (2002). A mouse’s tale. . Natural History, 111, 63-71.

BADGER, E. (2013). How the Internet Reinforces Inequality in the Real World:The Assurance Services on E-Commerce. Accounting Forum, 32, 46-61.

BANNER, D. J. A. A., J.W. (2009). Computer-assisted qualitative data analysis software: a review. Canadian journal of cardiovascular nursing 19, 24-31. behavioral research methods Needham Heights, MA, Allyn & Bacon.

BEINS, B. C. (2011). Methodological and conceptual issues in cross-cultural research. In K. D. Keith (Ed.), . Cross-Cultural Psychology Malden, MA Wiley-Blackwell., 37-55.

BEINS, B., C, AND MACATHY, M., A., (2012) .Research Methods and statistics. Library of congress United States

BEM, D. J. (2011). Feeling the Future: Experimental evidence for anomalous retroactive influences on cognition and affect. Journal of Personality and Social Psychology, 100, 400-430.

BERG, B. 2009. Qualitative research Bosten.

CHEN, A., AND SIEMS T.( 2001). B2B e-marketplace announcements and shareholder wealth. Economic and Financial Review.

CHUANG, T. T., & NAKATANI, K (2004). Planning and deployment of collaborative commerce: A conceptual framework and empirical evidences. nternational Journal of Electronic Business, 2, 155-175.

Clarkson, P. and Richardson G., (2004). The Market Valuation of Environmental Chronicles

COLDEN, A. (2000). Western Union reassures clients No financial fraud found since hacking. In: POST, D. (ed.).

COZBY, P. (2001). Methods in Mountain View, CA: Mayfield. , Califonia.

DEITEL, M., GOMMANS K., KRISHMAN S. (2001) .e-business and e-commerce.how to programme

DIGITAL EVIDENCE (2000). Standards and principles, Scientific Working Group on Digital Evidence (SWGDE) and International organisation on Digital Evidence (IOCE)

DILLMAN, D. (2007). Mail and internet surveys.

DOUGLAS T( 2002). Hacker Culture, Minnesota, University of Minnesota Press.

ESTERBERG, G.( 2002). Qualitative methods in social research, Boston, McGraw Hill.

FORRESTER 2011. The Professional Automation Report and Springboard Research Framework. Journal of International Management, 11, 541-562.

GRANDON, E. E., AND PEARSON, J. M 2004. Electronic commerce adoption:An empirical study of small and medium U.S. businesses. Information and Management, 42, 195-220.

GRISSOM, R. J., & KIM, J. J. (ed.) 2005. Effect sizes for research, Mahwah, NJ: Lawrence Erlbaum Associates.

HAND, M. Profit, losses and the non-linear pricing of Internet stocks. Working paoer, 2007 University of North Carolina ,Chapel Hill.

HEERWEGH, D. 2009. Mode differences between face-to-face and web surveys: An experimental investigation of data quality and social desirability effects. International Journal of Public Opinion Research, 21, 110-122.

HUNCKLER, M. 2013. e-commerce Magazine Top 20 Start-ups of All Time:Verge In Consumer Safeguards At Some Large Institutions. Wall Street Journal of information management, 39, 10.

HYDE, J. S. 2005. The gender similarities hypothesis. American Psychologist, 60.

IDELAND, M. 2009. Different views on ethics: How animal ethics is situated in a committee culture. Journal of Medical Ethics, 35, 250-262.

JACKSON, S. 2010. Research Methods. A modular Approach, Belmont, CA Libarary of Congress.

KERR K. BAINES A., LANGFIELD K. SMITH K. (2013). Accounting Information Systems

KOTABE ., M., K., & MURRAY, Y. 2008. Outsourcing, performance, and the role of e-commerce: A dynamic perspective. Industrial Marketing Management, 37, 44-50.

KRANHOLD, K. 2004. Handling Aftermath of Cyber sabotage. Wall Street Journal of information management, 15, 5.

LAROSE, R., AND RIFON, N. 2007. promoting I-safety: Effects of privacy warnings and privacy seals on risk assessment and online privacy behaviour. Journal of Consumer Affairs, 127-148.

LEARY, M. R. 2001. Introduction to

MOORE, R. 2006. Cybercrime: Investigating High-Technology Computer Crime Cincinnati, Ohio, Anderson Publishing.

MULLEN, A. 2009. The history of eBay". Happy news. The history of eBay.

OATES, B. 2001a. Cyber Crime.

OATES, B. 2001b. Cyber Crime.Cyber Crime.How Technology makes it Easy and What to do About it. Information Systems Management.

O'BRIEN, J. A. & MARAKAS, G. M. 2011. Management Information Systems, McGrawHill/Irwin.

OWEN (2009). eBay founder fact checks John McCain, Gawker Media.

PAPADOPOULOU, P., ANDREOU, A., KANELLIS, P., & MARKATOS,D. (2006). Trust and relationship building in electronic commerce. internet Research: Electronic Networking Applications and Policy, 11, 320-333.

PEMBLE, M. (2005). Evolutionary trends in bank customer-targeted malware. Network Security, 2005, 4-7.

PEREZ, E. AND RICK B., (2005). File Sharing: For Big Vendor of Personal Data, A Theft Lays Bare the Downside; Choice Point Struggles to Gauge How Much Information Fell Into Wrong Hands. The Model: 'Small-Town Life.' Wall Street Journal

PEREZ, J. (2005). Security concerns to stunt e-commerce growth. Computer World.

PROQUEST. (2010). Online information service.

Pro-Quest.2012. Online information service

RANJAY G., A. G. J. (2000). Bricks to clicks. E-commerce/Internet:B2B:2B or Not 2B Siliconindia.

RANJAY G. AND GARINO J. (2000). Bricks to clicks. E-commerce/Internet: B2B:2B or Not 2B Siliconindia

RIEM, A. (2001). Cybercrimes Of The 21st Century. Computer Fraud & Security.

RUNYAN H., SMITH K.T., SMITH L.M., SMITHJ.L (2008). Implications of Web Assurance Services on E-Commerce. Accounting Forum journal 31p.61

SARANOW, J. 2004. Guarding Identities: Banks Fall Short; Survey Finds Wide Gaps In Consumer Safeguards At Some Large Institutions. Wall Street Journal of information management.

SIDEL, R., AND PACELLE, M. (2005). Credit-Card Breach Tests Banking Industry's Defences. Wall Street Journal of information management

SIDEL, R., AND PACELLE ,M. (2005). Credit-Card Breach Tests Banking Industry's Defenses. Wall Street Journal of information management, 21.

SILBERSCHATZ K., N. A., KALAKECH A.,( 2009). Operating System Concepts

SKAMP, K. (2007). Conceptual learning in the primary and middle years. The interplay of heads.hearts and hands-on science, 53, 18-22.

SMITH, K. 2009. Worldwide Growth of E-Commerce. E-Business

SOMMER 2004. Intrusion Detection Systems as Evidence :Recent Advances Intrusion Detection. information Management and security, 9, 9-8.

SPEER, L. (2000). Redefining borders.

STEPHENSON, P. (2002). End-to-End Digital Forensics Computer Fraud and Security. information security journal, 39, 16.

STEPHENSON, P. (2003a). Structured investigation of digital incidents in complex computing environments. Information Systems Security, 12, 29-38.

STEPHENSON, P. (2003b). A Comprehensive Approach to Digital Incident Investigation.Elsevier Information Security Technical Report.

STEPHENSON, P. (2003c). Using Evidence Effectively, Computer Fraud and Security information Management and security, 3, 5.

STROSS (2009). Introduction to Information Systems: Enabling and Transforming Business. United States: Call Willey.

SWARTZ, N. (2005). U.S. Justice Department releases digital evidence guidelines. The Information Management Journal, 39, 10.

TONG, F. (2013). China’s cross-border e-commerce journal Internet Retailer, 30, 20.

TRAYNOR, M. (2005). Anonymity and the Internet.” Computer and Internet Lawyer. Wall Street Journal of information management, 22, 1-16.

WILDING, E. (2003). Lost Opportunities Computer Fraud and Security. AICPA. American Institute of CPAs.

YAPP, P. (2008). Passwords: Use and Abuse. Computer Fraud & Security information Management and security, 8, 14-16.

YUAN (2005). Companies Face System Attacks From Inside, Too. Wall Street Journal of information management, 5.

ZOMBORI, G. (2001). E-Finance and Crime. A Report on Cyber-Crime and Money. York University (Canada). : Laundering Nathanson Centre for the Study of Organized Crime and Corruption.

APPENDIX 1 (Questionnaire)

Dear Respondent,

This questionnaire is geared solely towards research towards the award of MBA (computer Forensics) by University of Gloucestershire.

The purpose of this questionnaire is to investigate Ecommerce and what will ensure user security the emphasis is how E-commerce business can employ Digital forensic to facilitate user or customer convenience and safety.

I would kindly ask that you provide honest answers to the questions to make the results of this study a reflection of the true situation.

The questionnaire is solely for academic purpose and so any information received will be Kept confidential. Your cooperation and patience will be much appreciated. Thank you

1. Age

- 18-25
- 26-33
- 34-41
- 42 and Above

2. Gender Male

- Female

3. Educational Background

- College
- High school
- A Level
- Under graduate Degree
- Masters Degree
- Associate Professional

4. Employement

- Status
- Employed
- Unemployed

If Employed Which Industry?

5. Which of these sites do you frequently buy from? (You can select more than one answer)

- EBay
- Amazon
- Both

6. How often do you buy from eBay and/or Amazon?

- Once a week
- every week
- Ones a month
- every month
- ones a while

7. How often do you buy from online?

- Once a week
- every week
- Ones a month
- every month
- Ones a while

8. What type of payment do you use?

- Visa
- Visa Debit Card
- Visa Credit card
- Visa Electron
- American Express

9. Which of these sites are you comfortable with when buying?

- EBay
- Amazon
- Both
- Please State reason for your choice;

10. Have you encountered any form of fraud, delivery delays with regards to buying online before?

- Yes
- No

11. How would you grade your knowledge in computer and its related operations?

- Basic
- Intermediate
- Experienced User
- Professional in Computing
- Have no knowledge

12. Have you mistakenly visited sites that you thought were either eBay or Amazon?

- Yes
- No

13. Have you received any form of counselling, education or advice from your bankers on buying online?

- Yes
- No

14. How was your challenge with online buying addressed?

illustration not visible in this excerpt

15. What will you do differently when visiting a site for the first time?

illustration not visible in this excerpt

APPENDIX 2 Types of Cyber Crime

illustration not visible in this excerpt

APPENDIX 3 Websites promoting Security for E-commerce companies

illustration not visible in this excerpt

(https://care.safebuy.org.uk/) Accessed 10th March, 2014

illustration not visible in this excerpt

(http://www.secure-commerce.org/) Accessed 10th March, 2014

illustration not visible in this excerpt

(http://vegas.mrcevents.org/ehome/index.php?eventid=106192&&tabid=236567) Accessed 10th March, 2014

Details

Pages
60
Year
2014
File size
2.1 MB
Language
English
Catalog Number
v300815
Institution / College
University of Gloucestershire
Grade
B
Tags
investigating e-commerce security cyber crime detection prevention digital forensics case ebay amazon

Author

Share

Previous

Title: Investigating E-Commerce Security, Cyber Crime Detection and Prevention with Digital Forensics. The Case of Ebay and Amazon