By Christy Hudgins-Bonafield
The early '90s scramble to get rich quick as an ISP has become a rush for e-commerce gold--with electronic nuggets luring hundreds of commerce service provider (CSP) startups worldwide. But there are major questions about the way some of these startups are handling security.
For business merchants, especially smaller companies, the competitive pricing offered by some CSPs makes them an obvious, and perhaps the only affordable, path to e-commerce. The danger is that many CSPs are little more than garage operations, without telephone listings or even rudimentary security. Even larger, well-credentialed CSPs may have primitive ideas about what constitutes good security.
Some CSPs transmit credit-card information without any form of encryption. Others use a single firewall for their entire operation, rather than establish internal firewalls between applications. We've found CSPs that don't use firewalls at all, relying instead on the filtering capabilities of their routers. Some merely defer all security to the merchants hosting at their facilities.
Jim Balderston, an analyst with Zona Research, suggests that merchants who rely on router-based security alone to protect credit-card information may leave themselves open to charges of failing to exercise due diligence. "Banks and credit-card companies are now putting their servers in secure locations the way that merchants put their cash proceeds in a vault," Balderston says.
While credit-card liability is rarely a major issue for those who buy from e-commerce sites, the liability for merchants can be significant. Forrester Research estimates that a $1 million theft from an online bank (say, 1,000 accounts at $1,000 each) will cascade into a $100 million loss after factoring in network downtime, audits, bad publicity, insurance hikes and fleeing customers. More sobering, Forrester further asserts that about half of all online attacks succeed.
|
|
|
|
Article Sections
Cashing In on E-Commerce
"The Electronic Crane: E-Commerce Infrastructure Builds Upward,"
"Who's Minding the Store? Before You Choose a CSP, It Pays To Investigate,"
"Four Solutions To Rev Up Your E-Commerce Business,"
CSP Surveys
Breadth of Service Survey
Infrastructure Survey
How we scored the CSPs
Small Merchant Services
Mid-Tier Merchant Services
High-End Merchant Services
Company
Directoryto browse our data, starting with a particular company.
Network Computing Linksallows you to request additional product information from our advertisers.
 Print This Page
 E-mail this URL
|
REPORTS
ANALYTICS
Follow 
