Wednesday, March 02, 2005
Internet Commerce Growing Despite Fraud Concerns
E-commerce continues to grow dramatically in spite of security threats, recent research indicates. E-commerce dollar volume in 2004 rose 88 percent and transaction volume grew by 39 percent over the previous year, according to Verisign's latest Internet Security Intelligence Briefing.
The VeriSign report monitors trends in Internet usage, commerce, fraud and security threats. The briefing points to increased customer confidence, growing broadband Internet access penetration across the United States, the availability of more inexpensive goods on the Internet, and an increasing number of rural customers shopping online for goods they cannot buy locally as drivers of increased e-commerce. The biggest surprise in this year's Internet Security Intelligence Briefing was the dramatic sales increase in 2004.
Staying Atop Security: With greater opportunity comes greater challenges, however, as both humans and worms continue to scan for systems that are not patched against common exploits.
Worm propagation attempts, such as "MS-SQL version overflow" and "MS-PCT Client Hello overflow" still generate the majority of the security events, according to VeriSign. During the fourth quarter of 2004, VeriSign counted more than 680,000 "MS-SQL version overflow" attempts and over 375,000 "MS-PCT Client Hello overflow" attempts.
The VeriSign report reveals that most security events originate in the United States. During the period October 2004 to January 2005, the U.S. generated 79 percent of fraudulent transactions, followed by Canada (5.7 percent), Taiwan (2.6 percent), Korea (2.5 percent) and the UK (2.4 percent).
Security threats are leading merchants and consumers alike to look for measures to protect both ends of the transaction. The verifications of secured sites reached more than 9 million per day in the fourth quarter of 2004 alone, indicating a strong demand among Web site operators for security seals and the increasing propensity of online shoppers to conduct transactions only with secured Web sites.
Combatting Fraud: Romania, Vietnam, and the U.S. were the top source countries for total volume of e-commerce fraud over the 2004 holiday period; Belarus, Slovenia and Vietnam were the top countries for internal percentage of fraudulent transactions.
"Merchants are employing more automated fraud protection," Fraser Smith, product manager with VeriSign payment services, told the E-Commerce Times. "But they are also using human intuition as the decision maker. Our study shows that 84 percent of the transactions reviewed by humans were accepted. Only six percent of overall e-commerce transactions were deemed too risky to complete."
Facing Phishing: VeriSign also addresses one of the latest security threats: phishing. The briefing reveals that 58 percent of phishing capture sites were located outside of the U.S. during the October 2004 to January 2005 period, up from 37 percent reported for the first half of 2004. Griffiths said this increase is due to better efforts at shutting down capture sites in the U.S., and the comparative difficulty of shutting down capture sites abroad.
Internet Traffic Still Rising: As security experts strive to implement practices and procedures that will curb fraud, Internet traffic and usage is evidence that consumers appreciate these efforts. Domain Name System (DNS) queries in the fourth quarter of 2004 fluctuated between 380 and 400 billion per month, a whopping 80 billion queries higher than December 2003. In 2004, the .com top-level domain grew over 25 percent, while .net grew over 20 percent, showing continued demand and usage of these domains.
Still, security experts agree there is more work to be done.
More information at Guardian eCommerce.
Brought to you by the Guardian eCommerce Safe Site Privacy Seal Program.
The VeriSign report monitors trends in Internet usage, commerce, fraud and security threats. The briefing points to increased customer confidence, growing broadband Internet access penetration across the United States, the availability of more inexpensive goods on the Internet, and an increasing number of rural customers shopping online for goods they cannot buy locally as drivers of increased e-commerce. The biggest surprise in this year's Internet Security Intelligence Briefing was the dramatic sales increase in 2004.
Staying Atop Security: With greater opportunity comes greater challenges, however, as both humans and worms continue to scan for systems that are not patched against common exploits.
Worm propagation attempts, such as "MS-SQL version overflow" and "MS-PCT Client Hello overflow" still generate the majority of the security events, according to VeriSign. During the fourth quarter of 2004, VeriSign counted more than 680,000 "MS-SQL version overflow" attempts and over 375,000 "MS-PCT Client Hello overflow" attempts.
The VeriSign report reveals that most security events originate in the United States. During the period October 2004 to January 2005, the U.S. generated 79 percent of fraudulent transactions, followed by Canada (5.7 percent), Taiwan (2.6 percent), Korea (2.5 percent) and the UK (2.4 percent).
Security threats are leading merchants and consumers alike to look for measures to protect both ends of the transaction. The verifications of secured sites reached more than 9 million per day in the fourth quarter of 2004 alone, indicating a strong demand among Web site operators for security seals and the increasing propensity of online shoppers to conduct transactions only with secured Web sites.
Combatting Fraud: Romania, Vietnam, and the U.S. were the top source countries for total volume of e-commerce fraud over the 2004 holiday period; Belarus, Slovenia and Vietnam were the top countries for internal percentage of fraudulent transactions.
"Merchants are employing more automated fraud protection," Fraser Smith, product manager with VeriSign payment services, told the E-Commerce Times. "But they are also using human intuition as the decision maker. Our study shows that 84 percent of the transactions reviewed by humans were accepted. Only six percent of overall e-commerce transactions were deemed too risky to complete."
Facing Phishing: VeriSign also addresses one of the latest security threats: phishing. The briefing reveals that 58 percent of phishing capture sites were located outside of the U.S. during the October 2004 to January 2005 period, up from 37 percent reported for the first half of 2004. Griffiths said this increase is due to better efforts at shutting down capture sites in the U.S., and the comparative difficulty of shutting down capture sites abroad.
Internet Traffic Still Rising: As security experts strive to implement practices and procedures that will curb fraud, Internet traffic and usage is evidence that consumers appreciate these efforts. Domain Name System (DNS) queries in the fourth quarter of 2004 fluctuated between 380 and 400 billion per month, a whopping 80 billion queries higher than December 2003. In 2004, the .com top-level domain grew over 25 percent, while .net grew over 20 percent, showing continued demand and usage of these domains.
Still, security experts agree there is more work to be done.
More information at Guardian eCommerce.
Brought to you by the Guardian eCommerce Safe Site Privacy Seal Program.
