Information Security Issues on eBay
eBay collects thousands of inquiries everyday.
These include registration and business transactions of members. As a large e-commerce retailer, there are lots of issues in its information security management. One particular issue is about internet fraud and how the company handles it. Internet fraud is the general term used to identify all types of fraud scheme through online services such as chat rooms, e-mail, message boards, or websites. Being one of the largest and most popular business institutions, eBay is frequently used to conduct fraudulent transactions.A.
Identity theft On 2002, a report published in CNET NEWS. com about the eBay account of Gloria Geary being hacked and changed astounded eBay users and the whole eBay community. The report said that Geary was totally horrified when she discovered that her account was used by someone in opening an auction. She was successful in convincing eBay that it was not her who created the auction and requested for its withdrawal. Most of internet fraud is performed using information from other individuals.The stealing of personal information, such as credit card number and PIN, contact information, or account passwords, for unlawful purpose is known as identity theft (others prefer the term ‘identity fraud’).
Geary was a victim of identity theft. He’s only one of the thousands who had been robbed off of his personal information by some outlaws. In UK, protection of personal data is of prime concern. The Data Protection Act provides legal basis for privacy and protection of personal data for the British people.The Act covers data that can be used in identifying a living person, such as names, birthday and anniversary dates, addresses, telephone numbers, Fax numbers, and e-mail.
It is mandatory, meaning, all organizations that process data must comply. eBay, as its initiative, has tried to resolve this problem. One important counter measures that eBay is implementing is their ID Verify program. It is a program that validates registering members by cross-checking the contact information submitted with a third party company’s (Equifax in the U. S.
) consumer and business database. B. Credit Card FraudThis type of internet crime can be a result to the previous type which is identity theft. Credit card fraud is the use of stolen credit card information to acquire services or pay goods. There are many ways of stealing credit card information. The simplest way is copying information from retailers.
Hackers can obtain big amount of credit card information by penetrating companies’ databases. Table 1 shows total loss to credit card fraud in UK. There is no specific counter measure that eBay has written about card fraud. However, it has provided some useful tips in preventing this kind of fraud.One of which is ‘not to submit card information’ in unsafe sites as your account might be stolen and used in fraudulent transactions.
Another issue that is of great significance in eBay is its strength in protecting its databases from being hacked. Well, there is really no safe database considering that technology is always changing and that hackers might someday figure out how eBay database works. As of now, eBay uses its own data encryption system in securing the data supplied by its users. Only time will tell when will the hackers will be able to decode its robotic encryption.Another issue that affects eBay’s service is its banning of selling virtual goods from the game to the actual people as it was against the provisions of free-market trade system. Truly it is but according to eBay, it is just the steps they take to simply prevent any future legal recourse from companies who own any of those goods.
eBay, however, knows and understands the limits of privacy.It said it can disclose personal information in response to legal requirements, intensify site security, respond to claims, or secure all users’ rights, property, or safety. In addition, eBay encourages its customers to disclose his privacy practices and respect the privacy of others. Conclusion eBay is an web-based retail company.
It faces many issues in information security on its legal and ethical aspect. Some of the major issues that affect eBay are the following: i) how does eBay handle internet fraud that affects the privacy of its customer;ii) how does eBay protects its databases from hideous hackers; iii) how does eBay protects itself from possible legal recourse from other companies who own the items it sells. The presence of these issues did not hinder the growth of eBay. It provided counter measures to these legal and ethical issues.
Columbia University Press. , 2003. Answers. com 25 Feb. 2007. eBay, Inc.
Security Center: Rules & Policies. Retrieved Feb 26, 2007 from http://pages. ebay. com/securitycenter/rules_policies. html