Cybercriminals target e-commerce. Fraudulent purchases and false returns, in addition to targeting retailers’ websites, not only cause direct financial losses, but also add additional costs and burdens on both the sellers and customers.
New Zealand data The study shows that 75% would drop a brand if there was a cybersecurity problem. Nearly as many (66%) consumers said that they would not trust a brand that had suffered a breach of data affecting their personal data.
Even more concerning for online merchants, 44% of consumers blame cyber-incidents on a lack of security measures by a company. E-tailers are in a difficult situation as both customer loyalty and retention is at stake.
A cyber-attack could cause a retailer to lose customers and damage their reputation. Retailers must protect their customers’ entire shopping experience in store, on mobile apps and online.
According to Brent Johnson, CISO of digital payments and data-security firm, Bluefin. Data from cyberattacks is being used to fuel black market activity.
Hackers sell data stolen from websites on the black market. They make millions of dollars. This activity has grown in recent years.
“We’re seeing sophisticated attacks on a variety of commercial targets.” Johnson told E-Commerce Times, “Almost 30,000 sites are targeted.”
Cyberattacks have now become so widespread that even the Payment Card Industry has been affected. PCI Security Standards Council He noted that the latest revision to safety standards includes more controls for electronic commerce.
Consumers’ Recklessness is part of the problem.
According to the Help Net Security Report, 800,000 cyberattacks have affected businesses. Over 60,000 attacks were distributed-denial-of-service attacks (DDoS), while 4,000 attacks were ransomware.
This is exacerbated by the fact that online shoppers are not aware of how to protect themselves from cyberattacks. Researchers claim that this lack of knowledge encourages shoppers to make reckless purchases.
Two examples are highlighted in the report. More than half of respondents (55%) admit to using their corporate device for online shopping. This poses risks to infrastructure. Fewer respondents (35%) believe that fake ecommerce platforms are too difficult for cybercriminals.
Payment Industry Standards are different in each region
Payment card processing is often not uniform due to the increasing number of international e-commerce transactions. The varying standards can lead to higher fraud rates for U.S. customers compared to European consumers.
“I don’t think Europe is ahead in terms of cybersecurity. “I would say that they are ahead in payment security because of what they are doing with EMV technology and chip-and-PIN.” [Europay, Mastercard, and Visa] Johnson clarified: “We’re talking about standards and everything else.”
European merchants now require identification and proof of ownership of the account at the point-of-purchase, which makes their system more secure. Card payment standards are more robust, making it harder for thieves to carry out fraudulent transactions with phony cards and card-not present sales.
These systems do not exist in full for online transactions in the U.S. If someone has your card number they can still use it to make transactions.
In comparison, the card payment standards of Europe have decreased fraud incidents. They take standards much more seriously, he said.
The Use of AI by Cyberattackers and Defenders
Cybercriminals take advantage of AI, resulting in more efficient attacks and fraudulent ecommerce transactions. Cybersecurity experts use AI-powered tools to identify phishing attacks and analyze incoming web traffic to find an opening for breaching networks.
Johnson, however, believes that it will take some time for AI to be successful enough to improve cyber defenses. AI is growing in popularity. He knows that AI is a powerful defensive tool.
“We use some already.” This will continue to increase. It’s not much I can add about this right now. He said, “It is exploding to be honest.” He hinted at what AI could do in the future.
Already Protecting Card Payments
Johnson believes that there are two new technologies in place to protect digital transactions. Tokenization and point-to-point (P2PE), both of which are already proven solutions to the problem, can be used against the bad guys.
P2PE monitors the payment card inserting process at the cloud point of sale.
“It’s super simple in terms of compliance and way more secure,” he said.
Tokenization is a way to create a digital representation for payment information. Tokens hide sensitive data and protect it by hiding the identity behind the payment transaction.
When combined with AI powered applications, payment tokenization utilizes large language model (LLM) and deep-learning techniques to protect sensitive data. A temporary code is generated to replace the original information.
“We do a great deal of tokenization for card-onfile transactions on the electronic commerce side. We can return a token to a retailer. [who does] Johnson explained, “They don’t have hard data available in their environment.”
Cyberwar Battle Ongoing
Johnson, who has a broad view of cybersecurity, gave a cautious answer to the question about whether it was a win-lose situation or a game of whack-amole.
Sometimes it feels as if we’re winning. It feels like we lose a lot of the time. “It’s a battle,” he said.
He stated that data integration has led to a greater risk of zero-day and supply-chain attacks.
If you are unable to use the applications, tools or services that you depend on, it will affect thousands of companies.” Johnson’s biggest concern in cybersecurity is this.
To answer your question: It’s whack a mole for sure. “But we will continue being okay,” he concluded.
