Skip to main content

Best Practices for Securing E-Commerce

An e-commerce solution comprises the software, hardware, processes, services, and methodology that enable and support these transactions. Merchants choosing to sell their goods and services online have a number of methods to consider. Merchants may also choose to maintain different levels of control and responsibility for managing the supporting information technology infrastructure. For example, a merchant may choose to manage all networks and servers in-house, outsource management of all systems and infrastructure to hosting providers and/or e-commerce payment processors.

Merchants may also decide to engage a third party to perform services that support their e-commerce solution. The service provider or the services may be considered in scope for a merchant’s PCI DSS compliance if the security of the solution is impacted by this service and the service provider has not performed its own assessment. For more information, see the section on “Use of Third-Party Service Providers/Outsourcing” in the PCI DSS.

The cardholder's data may be affected as per the following:

a) Software development on behalf of the merchant
b) Hosted website, either fully or partially managed by the solution provider
c) Hosted data center/network/physical systems in support of a website
d) Shopping-cart software (including software that hands off transactions or customer information to other systems)
e) Order-management software such as chargebacks, returns, etc. that may have access to cardholder data
f) Other hosting options (offline data storage, backups, etc.)—depending on whether the data is encrypted and whether the service provider has access to the decryption keys
g) Merchant plug-ins to support payment brand and issuer authentication mechanisms
h) Managed services, including WAF or log-management services

File Type: PDF
File Size: 1.46 MB
Total Pages: 65

Direct Link Mega:
Download Now
Direct Link AnonFiles:
Download Now
Direct Link Mediafire:
Download Now
Direct Link Solidfiles:
Download Now
Direct Link Sabercathost:
Download Now
Direct Link Tusfiles:
Download Now


Popular posts from this blog

Web Hacking 101

With a Foreword written by HackerOne Co-Founders Michiel Prins and Jobert Abma, Web Hacking 101 is about the ethical exploration of software for security issues but learning to hack isn't always easy. With few exceptions, existing books are overly technical, only dedicate a single chapter to website vulnerabilities or don't include any real world examples. This book is different. Using publicly disclosed vulnerabilities, Web Hacking 101 explains common web vulnerabilities and will show you how to start finding vulnerabilities and collecting bounties.

Android Things Quick Start Guide

Android Things is the new Android based Operating System for the Internet of Things. With this book you will learn the core concepts by running code examples on different peripherals. Android Things is the IoT platform made by Google, based on Android. It allows us to build smart devices in a simple and convenient way, leveraging on the Android ecosystem tools and libraries, while letting Google take care of security updates.

Programming QuickStart Box Set

This tutorial on HTML is designed specifically for aspiring developers and web designers. This tutorial is explained in enough detail with practical examples and a simple overview so that it can be easily understood by beginners and provides enough knowledge to design their own webpages. You can get a higher level of expertise with some practice.  HTML or Hyper Text Markup Language is the most commonly used language for developing web pages.