E-commerce business set up requires fulfilling of a number of criteria protecting rights of the buyers and target demographics. In this particular report, the major issues and challenges of setting up the E-commerce business of a clothing retailer, Style Icon, have been discussed. In the meanwhile, the potential security and fraud issues associated to the eBusiness have been elaborated. Identification of the security and fraud related threats in E-commerce business will be evident to develop a risk mitigation plan describing the methods to counter the potential security concerns and online frauds (Anandarajan and Simmers, 2012).
By conducting the risk analysis associated to the eBusiness of Style Icon, an effective mitigation plan has been developed to protect the business as well as the customers from potential online threats and fraud issues (Hinde, 2015). Furthermore, the report has described the potential ethical and legal challenges attached to the eBusiness of the retail company. In addition, the study has investigated the key concepts related to the ethical and legal issues that might affect the proceedings of the E-commerce business of Style Icon. At the end of the report, the process that can be utilised to solve the ethical and legal issues affecting the eBusiness has been discussed.
Security and Fraud Issues
The E-commerce business of Style Icon, the retail clothing brand has to deal with a number of security and fraudulent issues in the online platform. In this particular section of the report, the most evident security and fraudulent challenges to be faced by the eBusiness have been analysed as follows:
Privacy of customers visiting the website has been a major challenge for the E-commerce providers in the recent times. Due to technological advancement, theft of identity of the consumers and impersonation has become some serious privacy concerns that must be handled effectively by the E-commerce businesses (Kahn and Li?ares-Zegarra, 2012). For instance, E-commerce providers should deliver a secured online platform and payment gateway to the customers so that private information such as credit card and debit card numbers will be kept highly secure. Evidently, the E-commerce business of Style Icon must deliver disclaimer through the privacy policies to maintain the privacy of the online customers both offline and online (Martin, 2015).
Integrity, Client Authentication, and Non-repudiation
In any E-commerce business set up, data integrity, authentication of the target audience, and non-repudiation can determine the sustainability of the business. In the E-commerce business platform, Style Icon has to provide the assurance to the online customers that every data transmitted is correct. In the meanwhile, the verification of the transmitted data will certify that data has not tampered during the phase of transmission by any third party (Cheeseman, 2007). At the same point of time, the authentication of the customers must be developed so that online transactions will be secured. In addition, the E-commerce providers must deliver non-repudiation towards the clients to assure the transactions through online medium.
Technical attacks can be identified as one of the most serious challenges to be tackled by the eBusiness organisations in terms of delivering security. For instance, Denial of service (DoS) attacks can paralyse the normal activities of an E-commerce business. By overwhelming a server, such attacks can create massive difficulty for the hosts (Roberts, 2013). Therefore, the E-commerce business of Style Icon must develop defending efforts to deal with such security challenges.
Phishing Attacks and Social Engineering
In case of describing the criminal fraudulent issues in the E-commerce business, the phishing attack can be identified as the most concerning process. By using masquerading technique applied in electronic communication, the process can hack any sensitive data and information such as user name, credit card details, and high-security passwords, etc (Bottiglieri, 2011). Apart from that, social engineering is another fraudulent issue that can manipulate the actions of users to divulge confidential and sensitive data and information. In this method, fraudsters utilises Trojans horses, a malware system to get the sensitive data from the E-commerce set up (Atkins and Huang, 2013). Meanwhile, these are the two most evident fraudulent issues to be considered by eBusiness providers.
Email Frauds and Scams
Another major security problem that is faced by the e-commerce businesses in the recent years is the email frauds and scams (Panwar, 2014). It can be seen that some thieves are sending email on behalf of the company in order to collect private information of the customers. Recently, several cases of spam emails claiming that the receiver has won a huge amount of price have been filed in Australia and several other countries (Panwar, 2014). This sort of scams lead to loss of reputation of the firm and creates a feeling of insecurity among the customers. Hence, it is important for the management of Style Icon to take care of such issues and make the customers aware that the company will never ask for personal information such as credit card number or passwords through email or phone calls.
Mitigation Plan for security and fraud issues
It is important for the Style Icon to develop a security and fraud risk mitigation plan in order to keep the online transactions safe and maintain the safety of data of the consumers. Furthermore, the risk mitigation plan is required by the firm to meet the legal terms and stay safe from legal actions in the future (Hoffman and McGinley, 2010). The mitigation plan that can be used by the e-commerce business has been presented herein below:
Mitigation Plan for Security and Fraud Issues
Develop a security and fraud risk mitigation policy
First of all the management of Style Icon need to develop a policy statement regarding the identification, analysis and mitigation of security and fraud risk in the e-commerce operations (Costa, 2011). The policy document will include the role of the key members and their responsibilities in controlling the issues.
IT management and customer service department
Employee awareness training
An employee awareness training program must be organised by the management to make the workers aware of the security and fraud issues (Martin, 2015). The training program will teach the employees to handle such situations and strengthen the workforce in terms of security and fraud activities.
Use secure payment gateway
Style Icon must use a secure third party payment gateway in order to make secure transactions of money (Martin, 2015).
Use secure connection for online checkout
The company must use Secure Sockets Layer (SSL) authentication for the website and data protection (Cheeseman, 2013). It helps the company and its customers from getting the essential information stolen.
Do not store sensitive data
It is important for the ecommerce organisation to note that the website do store sensitive data of the customers such as CVV (Card Verification Value) Codes or passwords (Martin, 2015).
Implement a strong verification system
The security or IT department of the company will take care of the verification system. For instance, during the change of password, the customer needs to use verified email id and phone numbers (Martin, 2015). Also, the customers have to answer different verification questions in order to change the password.
Set-up system alerts for suspicious activity
The activities in the website and related to the name of the company must be tracked in order to get aware of any sort of suspicious activities (Costa, 2011). The security department can set up an alert notice for suspicious and multiple transactions that take place through a particular IP address.
Implement a whistle blowing hotline
A whistle blowing hotline system must be implemented that can be used by the company to accept complaints from the consumers regarding security and fraud issues related to the company (Tomlinson, 2010).
Customer Service department
Develop a security and fraud response management plan
The management of the firm must develop a security and fraud response management plan in order to answer and solve the queries of the consumers regarding the occurrence of such issues (Costa, 2011).
IT department and customer service department
The marketing department must create awareness among the consumers regarding the email and phone scams that are taking place in the recent days (Cheeseman, 2013). For instance, the management can send mails or message to the customers stating that the company will never ask for personal information and high security data (Tomlinson, 2010). Additionally, the company will never offer any sort of suspicious offers or price money to the consumers.
Customer service department
Ethical and Legal Issues
In the E-commerce business platform, Style Icon has to deal with a number of ethical issues related to information technology that have been applied to the eBusiness. Although vastness of internet popularity has delivered significant platform for E-commerce business, it is the responsibility of the E-commerce providers to offer safe and secure transactions and access. Effectively, the ethical and legal issues associated to the E-commerce business in Australia have been discussed herein below:
Web tracking has been identified as one of the major ethical challenges to any eBusiness. E-commerce businesses draw customer related information using the log files. Furthermore, by using cookie analysis and tracking software, E-commerce websites can trace the online preferences and movement of the individual consumers (Salehnia, 2012). In the meanwhile, such online application and tracking activities should be performed following ethical guidelines.
Privacy of Consumers
E-commerce fraud can be identified as one of the leading legal issues to be tackled by any eBusiness. Therefore, as per the Australian Statutory Regulations, E-commerce business firms have to follow the guidelines and regulations stated in the Australian Consumer Law (Cth). During the E-commerce business set up, the obligation of consumer law and cyber security terms must be followed so that internet fraudulent through E-commerce portals can be avoided (Nasir, 2014).
In developing the E-commerce business, the management of Style Icon must identify the copyright laws that are implemented to protect the intellectual property of any business (Nasir, 2014). For instance, in case of purchasing software for commercial purpose should be utilised as per the copyright laws. Also, copying contents for developing E-commerce portal should be avoided to refrain from copyright laws.
In an E-commerce business, contest over the domain name can be termed as one of the leading legal issues. Internet addresses of the E-commerce portals should be checked and verified so that domain names cannot create untoward legal challenges (Cross et al., 2012). Domain names are considered as trademark of a business. Hence, similar domain names should be avoided to evade legal consequences.
Solutions for addressing the ethical and legal issues
In order to protect the E-commerce site from potential ethical and legal issues, security experts’ solution and technological assistance must be taken into account. In the underlying section, some of the solutions have been described as follows:
Select a secure E-commerce Platform
Style Icon, the newly introduced apparel E-commerce business must choose a secure E-commerce platform that utilises object-oriented programming language for the E-commerce website. By using such secure platform, the E-commerce business can protect the administration panel from the online attackers (Schiff, 2013). In this way, security of an E-commerce business can be increased to handle the privacy issues and legal challenges.
Develop and get approval for ethical guidelines and legal policy
The management of Style Icon need to develop ethical and legal policy guidelines that will be followed during all operations of the firm. It is important to keep in mind that the ethical guidelines and legal policies are developed keeping in mind all sorts of e-transaction issues and government policies (Schiff, 2013). The legal policy and ethical guideline documents must include rules and regulations related to maintenance of customer privacy, security of customer information, copyright statements, and domain information (Davies, 2008). Furthermore, the ethical guidelines and legal policy documents must be verified by authorised bodies and proper approval must be taken in order to start the e-business in the Australian market.
Consider all legal requirements and licensing
The management of Style Icon must consult with legal advisors to check whether the policy and guidelines of the company match with the legal requirements. Furthermore, all licensing requirements such as domain name, company incorporation certificate, and e-commerce business license must be approved from the government of Australia (Schiff, 2013). Additionally, the ethical requirements related to HR management must also be met by the firm.
Describe the terms and conditions to the consumers and take their approval
The e-commerce website must provide all terms and conditions related to the formation of the user accounts, the transactions e-commerce portal, and the product and services. Additionally, proper approval of the consumers must be taken to know whether the customers are aware of the terms and conditions through e-verification and e-signature of the users (Wales, 2013).
Take permission from the consumers while storing their data
The permission of the consumers must be taken while saving their personal data and information. For instance, the company must mention that it will store the personal data of the user such as email ID, address, name, phone number and other information (Landrock, 2012). The mobile application of the company must ask for permission before using the device location of the user.
Copyright terms and condition must be presented in the e-commerce portal
The copyright terms and conditions of the company must be presented in the e-commerce portal to be safe from misuse and reuse of data by other companies. Additionally, the copyright regulations must state that no third party is allowed to use the information and pictures available over the website for commercial purpose (Landrock, 2012).
By considering the above analysis, it can be seen that an e-commerce business like Style Icon need to face several security and fraud related risk while and after commencing its operations. Hence, it is important for the management of the firm to identify the security and fraud risk to develop a proper risk mitigation plan. Furthermore, the company needs to face several ethical and legal challenges that must be considered in order to operate safely and smoothly in the Australian market. Conclusively, proper security risk mitigation plan and consideration of the ethical and legal requirements can be helpful for the company to be safe from legal obligations and future uncertainties.
Anandarajan, M. and Simmers, C. (2012). Managing web usage in the workplace. 2nd ed. Hershey, Pa.: IGI Global (701 E. Chocolate Avenue, Hershey, Pennsylvania, 17033, USA).
Atkins, B. and Huang, W. (2013). A Study of Social Engineering in Online Frauds. Open Journal of Social Sciences, 01(03), pp.23-32.
Bottiglieri, W. (2011). Electronic Signatures And The Statute Of Frauds. Journal of Business Case Studies (JBCS), 4(1), p.113.
Cheeseman, H. (2007). The legal environment of business and online commerce. 2nd ed. Upper Saddle River, N.J.: Pearson Prentice Hall.
Cheeseman, H. (2013). Business law. 1st ed. Upper Saddle River, N.J.: Pearson/Prentice Hall.
Costa, E. (2011). Global e-commerce strategies for small businesses. 3rd ed. Cambridge, Mass.: The MIT Press.
Cross, F., Miller, R., Cross, F. and Cross, F. (2012). The legal environment of business. 3rd ed. Mason, Ohio: South-Western.
Davies, A. (2008). The development of laws on electronic documents and e-commerce transactions. 1st ed. Ottawa: Library of Parliament.
Hinde, S. (2015). Identity theft: theft, loss and giveaways. Computer Fraud & Security, 5(5), pp.18-20.
Hoffman, S. and McGinley, T. (2010). Identity theft. 2nd ed. Santa Barbara, Calif.: ABC-CLIO.
Kahn, C. and Li?ares-Zegarra, J. (2012). Identity Theft and Consumer Payment Choice: Does Security Really Matter?. SSRN Electronic Journal.
Landrock, P. (2012). Security — the Building Block for E-commerce Growth. Computer Fraud & Security, 20(9), pp.7-8.
Martin, E. (2015). Managing information technology. 4th ed. Upper Saddle River, N.J.: Pearson/Prentice Hall.
Nasir, M. (2014). Legal issues involved in E-commerce. Ubiquity, p.2.
Panwar, A. (2014). Cyber Crime Through Social Engineering. SSRN Electronic Journal.
Roberts, M. (2013). Internet marketing. 3rd ed. Boston, Mass.: McGraw-Hill/Irwin.
Salehnia, A. (2012). Ethical issues of information systems. 3rd ed. Hershey: IRM Press.
Schiff, J. (2013). 15 Ways to Protect Your Ecommerce Site From Hacking and Fraud. [online] CIO. Available at: [Accessed Oct. 2017].
Tomlinson, M. (2010). Tackling E-commerce Security Issues Head On. Computer Fraud & Security, 5(11), pp.10-13.
Wales, E. (2013). E-commerce Counts Cost of Online Card Fraud. Computer Fraud & Security, 15(1), pp.9-11.