In recent years, purchases and sales of products and services via the Internet have grown meteorically. The growth of e-commerce (as we more commonly know it) whilst increasingly convenient for sellers and customers alike, also reveals new risk areas for them both as well.
E-commerce, still growing strong
According to a report from Digital Commerce 360 published in January 2019, global e-commerce has been steadily growing within the retail sector. This is especially visible within two of the largest dominating economies in the world, the US and China.
China is now the number one e-commerce market globally with online sales surpassing $877.00 billion in 2017, with retail sales hitting a grand total of $5,85 trillion during the years 2017 and 2018. Moreover, the US has the second largest global market in retail sales, coming in at $449.88 billion during the same period.
This growth is easy to explain in light of the benefits offered by e-commerce such as purchasing goods directly from anywhere using any device, the huge range in choice shopping online provides as well as increasingly competitive pricing.
Conversely, though, far more information is required from you as a customer. To complete an e-commerce transaction you need to share your personal data, such as name and last name, shipping address, billing information, among others, introducing complex data privacy issues that need to be subsequently addressed.
Privacy threats to e-commerce
Users may be reluctant to share their personal data if they believe their privacy can be invaded, at risk or shared with third parties without their consent.
Unauthorized access to or reuse of their personal data, as well as illegal sale of their private information to other parties, are one of their main concerns. Fortunately, users are more vigilant than ever about their privacy protection and may stop using an e-commerce service if they have the impression that privacy safeguards are not guaranteed.
Threats affecting an e-commerce site can compromise personal data from their visitors. These can be accidental, intentional or due to human error. The most typical security and privacy threats include phishing and social engineering, personal or card data theft or misuse, malware, and hacking.
Two highly prevalent threats that can adversely impact the personal information of an e-commerce site visitor are phishing and social engineering attacks. With this technique, hackers send emails to customers presenting themselves as a legitimate business and attempting to get users into clicking on malware links or disclosing their personal or card information.
Another privacy threat to e-commerce is password and identity theft. Sites should enforce strong passwords or advanced authentication methods while raising awareness to their visitors or customers about best practices when creating passwords (i.e. do not reuse passwords or use simple patterns). Otherwise, attackers might find patterns and easily discover user passwords allowing for their personal data to be stolen
All of these threats highlight the importance of having the appropriate data privacy measures to ensure that the protection of personal data of e-commerce site visitors and customers is guaranteed.