Expert questions e-commerce security
03 August 2010 - 15:14 by Simon Crisp
Online security specialist and founding member of the Black Hat hacking and security expo, Jeff Moss, has criticised the way in which online retailers secure their sites, saying that their current encryption is inadequate in the face of growing threats.
Mr Moss believes that safe shopping online is not possible while retailers continue to use the Secure Socket Layer (SSL) to encrypt their sites. He explained his viewpoint during his keynote speech on the opening day of the Black Hat event.
Mr Moss said that SSL was fundamentally flawed and although he did admit that the security of e-commerce had improved since the first conference took place in the late 90s, he expressed concern about the ability of online businesses to sustain consumer confidence in the face of increasingly sophisticated cybercriminals.
This opinion is certainly strong, but it has not been accepted by the security community at large, with experts like Dan Kaminsky claiming that SSL is still a powerful tool when applied in the correct manner.
All are agreed that the power of the internet can pose a problem for all consumers, even if some have bleaker outlooks when it comes to the subject of safe shopping online. The good news is that most businesses and governments are constantly fighting to make the internet a safer place for commerce to flourish even as the threats grow and evolve.
Jane Holl Lute, who works for a US government security department, told an audience at the Black Hat conference, that the increasing power and complexity of modern technology was leaving average consumers with a lack of understanding, leaving them unable to fully benefit from the potential of modern retail and commerce. She also restated the US government's commitment to strengthening security and protecting the interests of both businesses and consumers around the world.