Security Risks of Mobile Commerce

Mobile commerce (m-commerce) is evolving as an alternative to E-commerce services. M-commerce is a type of e-commerce which emphases on the use of services on handheld devices. It is becoming very popular among users because of ease of connectivity and its usage. With increase in the demand, it becomes essential to provide security to the services used on mobile. The user is using the mobile devices to make their secure payments and transactions. It becomes essential to increase security layers in the m-commerce to provide privacy to the user. The security risks in m-commerce are increasing exponentially. This chapter investigates the security breaches and the solutions associated with the m-commerce. It also focuses on the network services and problem related with device and user authentication. Many algorithms are proposed to make the device and the transaction safe. It is compulsory to make m-payment method very safe and secure, so that user can trust m-commerce to use their sensitive personal information.

Download Full-text

Latest Trends in Mobile Business

Encyclopedia of Multimedia Technology and Networking, Second Edition ◽

10.4018/978-1-60566-014-1.ch113 ◽

2009 ◽

pp. 829-834

Author(s):

Sumeet Gupta

Keyword(s):

Wireless Networks ◽

Mobile Devices ◽

Mobile Commerce ◽

Location Based Services ◽

Handheld Devices ◽

Personal Digital Assistants ◽

Mobile Business ◽

Mobile Gaming ◽

Advantages And Disadvantages ◽

Recent Emergence

Since the 1990s, a surge in the popularity and usage of e-commerce has led to the recent emergence of conducting business transactions using handheld mobile devices connected by wireless networks (Andrew, Valacich, & Jessup, 2003). Known as mobile commerce, m-commerce allows for anytime and anywhere commercial transactions. M-commerce is an upcoming technology whereby commercial transactions are made through handheld devices, such as mobile phones and personal digital assistants (PDA), which are connected by wireless networks. The ability to conduct business anytime and anywhere through mobile commerce will remove the space and time constraints on an individual for conducting business. Different kinds of services have since emerged for conducting m-commerce, such as location-based services (LBS) (e.g., mobile advertising), pervasive computing, and mobile gaming. These services allow for conducting not only commerce but also business activities using mobile devices. Mobile business (mbusiness) allows for mainly two kinds of services, namely, push-based and pull-based. Push-based services are initiated by the vendor while pull-based services are initiated by the customer. We will discuss these services in m-business together with their advantages and disadvantages.

Download Full-text

Mobile Commerce Applications

Internet-Enabled Handheld Devices, Computing, and Programming ◽

10.4018/978-1-59140-769-0.ch002 ◽

2011 ◽

pp. 26-45 ◽

Cited By ~ 1

Author(s):

Wen-Chen Hu

Keyword(s):

Mobile Devices ◽

Intelligent Agents ◽

Cell Phones ◽

Mobile Commerce ◽

Smart Phones ◽

Handheld Devices ◽

Future Research ◽

Third Way ◽

Object A ◽

Business Entities

Commerce, the exchange or buying and selling of commodities on a large scale involving transportation of goods from place to place, benefits from the convenience and ubiquity conveyed by mobile commerce technology. There are many instances that illustrate how mobile handheld devices help commerce. Important considerations that must be taken into account when trying to categorize applications include the nature of the communicating parties (e.g. people, intelligent agents, databases, sensors), the types of handheld mobile devices involved (e.g., cell phones, smart phones, PDAs, tablets), the nature of the transaction (e.g., push or pull delivery systems), and the actual content of the communication (e.g., a bank transaction, weather alert, or digital image). Not all m-commerce consists of buying and selling; other types of transactions such as banking transactions (e.g. bill paying) or polling (on-line surveys) are also of interest. In fact, “mobile transactions” or “mobile services” are probably more general terms for the concepts that we will discuss here. Obviously, no transaction can take place without some means of communication, whether it be face-to-face speech, so-called “snail” mail, e-mail, telephone, inter-office memos, or other means. Thus, one way in which mobile commerce applications can be differentiated is by their means of communication. For handheld mobile devices this will always involve some form of wireless technology, but the connection could transmit either voices or data. Another way in which mobile commerce applications can be differentiated is by the nature of the entities originating the communications on either end of the transaction; participants in m-commerce might be humans, or they might be intelligent agents representing humans or business entities, and in either case may be either at a fixed location or mobile. A third way to differentiate mobile handheld applications is by the computing demands they place on the handheld device. Applications which can run on ordinary cell phones are suitable for a mass market, while those that require more powerful clients like laptops are more likely to be aimed at smaller groups of users. Mobile applications that are location-aware will require a client device to have GPS capabilities, so that the user’s physical location can be ascertained. Table 2.1 uses these taxonomy features to identify the fundamental nature of applications in each category. The physical devices that support all of these various applications are evolving rapidly. At present there are a number of differently named devices competing in this application arena, including cell phones, “smart” phones, PDAs, tablet PCs and laptop computers. Future research is likely to focus on designing and producing a single device that will support all of these applications for most users. Although calling such a multi-purpose object a “phone” seems grossly inadequate, it will surely include that communication capability because cell phones are the most popular mobile devices today and are generally regarded as indispensable by their owners. The name that will evolve for this gadget is yet to be imagined.

Download Full-text

Reflections on U-PriSM 2

International Journal of Mobile Human Computer Interaction ◽

10.4018/ijmhci.2014040106 ◽

2014 ◽

Vol 6 (2) ◽

pp. 73-78

Author(s):

Sonia Chiasson ◽

Heather Crawford ◽

Serge Egelman ◽

Pourang Irani

Keyword(s):

Mobile Devices ◽

User Interfaces ◽

Personal Information ◽

Third Party ◽

Security And Privacy ◽

Sensor Data ◽

Usable Security ◽

Security Risks ◽

Privacy And Security ◽

Novice Users

The Second Usable Privacy and Security for Mobile Devices Workshop (U-PriSM 2) was co-located with MobileHCI'13 in Munich, Germany. The U-PriSM 2 was an opportunity for researchers and practitioners to discuss research challenges and experiences around the usable privacy and security of mobile devices (smartphones and tablets). Security and privacy often involve having non-security experts, or even novice users, regularly making important decisions while their main focus is on other primary tasks. This is especially true for mobile devices where users can quickly and easily install apps, where user interfaces are minimal due to space constraints, and where users are often distracted by their environment. Likewise, mobile devices present unique privacy and security risks because they allow third-party applications access to personal information and sensor data. The amount and sensitivity of such personally identifying information is likely to increase as device functionality increases. The convergence of these factors means that improvements to security and privacy provisions on mobile devices are becoming increasingly important. Workshop participants had a chance to explore mobile device usage and the unique usable security and privacy challenges that arise, discuss proposed systems and ideas that address these needs, and work towards the development of design principles to inform future development in the area.

Download Full-text

Network Security and Its Implications on Program Management

International Journal of Safety and Security Engineering ◽

10.18280/ijsse.100603 ◽

2020 ◽

Vol 10 (6) ◽

pp. 739-746

Author(s):

Bongs Lainjo

Keyword(s):

Personal Information ◽

The Internet ◽

Security Risks ◽

Valuable Data ◽

Internet Technologies ◽

Security Breaches ◽

Medical Institutions ◽

Thematic Review ◽

Almost All

The Internet and related technologies have enabled companies to automate almost all of their operations resulting in enhanced efficiencies and cost-effectiveness. The technologies, however, have also introduced numerous security risks. Through security risks such as Electronic Hacking (EH), individuals and companies have lost a lot of valuable data and money. In this regard, there is a need to understand the extent of the threat of EH. A comprehensive thematic review and analysis of EH with a focus on developments, evolution, challenges, prognosis, and prevalence in select institutions was thus conducted. The research involved reviewing the literature on cybersecurity and its effect on organizations' operations. The result shows that cases of security breaches and associated costs continue to increase. Over five years, the healthcare and medical institutions were the most vulnerable. They were closely followed by corporations. The implications are that as institutions become more automated, their respective degrees of cybercrime vulnerability increase. The consequences of security breaches are normally dire for companies, as well as individuals. Millions, or possibly billions, of dollars worth of data, have been lost as a result of security breaches. This trend is expected to continue in the future, as computers and Internet technologies continue to advance. Through cybercrimes, numerous companies' operations have been sabotaged, and personal information from social media and email stolen. Long term, effective and sustainable strategies are therefore required. The paper is significant because it identifies the information security risks various organizations are exposed to and strategies that organizations can use to mitigate the risks.

Download Full-text

Secondary User Authentication Based on Mobile Devices Location

2010 IEEE Fifth International Conference on Networking, Architecture, and Storage ◽

10.1109/nas.2010.56 ◽

2010 ◽

Cited By ~ 1

Author(s):

Min-Hsao Chen ◽

Chung-Han Chen

Keyword(s):

Mobile Devices ◽

User Authentication ◽

Secondary User

Download Full-text

Handheld versus Mobile Data Acquisitions for Spatial Analysis of Natural Turfgrass Sports Fields

HortScience ◽

10.21273/hortsci11019-16 ◽

2016 ◽

Vol 51 (9) ◽

pp. 1176-1183 ◽

Cited By ~ 8

Author(s):

Chase M. Straw ◽

Rebecca A. Grubbs ◽

Kevin A. Tucker ◽

Gerald M. Henry

Keyword(s):

Mobile Devices ◽

Soil Compaction ◽

Correlation Coefficients ◽

Penetration Resistance ◽

Handheld Devices ◽

Moderate Correlation ◽

Mobile Data ◽

Sampling Grid ◽

Normalized Difference Vegetative Index ◽

Sports Fields

Research compared handheld and mobile data acquisitions of soil moisture [volumetric water content (VWC)], soil compaction (penetration resistance), and turfgrass vigor [normalized difference vegetative index (NDVI)] of four natural turfgrass sports fields using two sampling grid sizes (4.8 × 4.8 m and 4.8 × 9.6 m). Differences between the two sampling grid sizes were minimal, indicating that sampling with handheld devices using a 4.8 × 9.6 m grid (120–130 samples) would achieve results similar to the smaller grid size. Central tendencies and data distributions varied among the handheld and mobile devices. Moderate to strong correlation coefficients were observed for VWC and NDVI; however, weak to moderate correlation coefficients were observed for penetration resistance at three of the four locations. Kriged maps of VWC and NDVI displayed similar patterns of variability between handheld and mobile devices, but at different magnitudes. Spatial maps of penetration resistance were inconsistent due to device design and user reliability. Consequently, mobile devices may provide the most reliable results for penetration resistance of natural turfgrass sports fields.

Download Full-text

Client-Side Relevance Feedback Approach for Image Retrieval in Mobile Environment

Multimedia Data Engineering Applications and Processing ◽

10.4018/978-1-4666-2940-0.ch010 ◽

2013 ◽

pp. 193-204

Author(s):

Ning Yu ◽

Kien A. Hua ◽

Danzhou Liu

Keyword(s):

Information Retrieval ◽

Mobile Devices ◽

Relevance Feedback ◽

Handheld Devices ◽

System Response ◽

Feedback Systems ◽

Feedback Information ◽

Battery Power ◽

System Response Time ◽

Client Side

During the last decade, high quality (i.e. over 1 megapixel) built-in cameras have become standard features of handheld devices. Users can take high-resolution pictures and share with friends via the internet. At the same time, the demand of multimedia information retrieval using those pictures on mobile devices has become an urgent problem to solve, and therefore attracts attention. A relevance feedback information retrieval process includes several rounds of query refinement, which incurs exchange of images between the mobile device and the server. With limited wireless bandwidth, this process can incur substantial delay, making the system unfriendly to use. This issue is addressed by considering a Client-side Relevance Feedback (CRF) technique. In the CRF system, Relevance Feedback (RF) is done on client side along. Mobile devices’ battery power is saved from exchanging images between server and client and system response is instantaneous, which significantly enhances system usability. Furthermore, because the server is not involved in RF processing, it is able to support more users simultaneously. The experiment indicates that the system outperforms the traditional server-client relevance feedback systems on the aspects of system response time, mobile battery power saving, and retrieval result.

Download Full-text

Advances in Information, Security, Privacy & Ethics

Handbook of Research on Security Considerations in Cloud Computing - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-8387-7.ch008 ◽

2015 ◽

pp. 173-183

Author(s):

Joseph M. Woodside

Keyword(s):

Cloud Computing ◽

Personal Information ◽

Cloud Security ◽

Cyber Attacks ◽

Security Breaches ◽

Teacher Student ◽

Delivery Costs ◽

Administrator Perspective ◽

Future Of Education ◽

Prime Target

The future of education lays in the hand of Cloud Computing given the benefits of learning delivery, costs reduction, and innovation. At the same time, the threat of cyber-attacks and security breaches are also mounting for education based organizations and are a prime target given the amount and type of personal information available. This manuscript discusses the cloud security, privacy, and ethical mechanisms required from a teacher, student, and administrator perspective.

Download Full-text

Present and Future of Mobile Commerce

Mobile Commerce ◽

10.4018/978-1-5225-2599-8.ch068 ◽

2018 ◽

pp. 1431-1447

Author(s):

Barkha Narang ◽

Jyoti Batra Arora

Keyword(s):

Mobile Devices ◽

Pervasive Computing ◽

Mobile Device ◽

Context Awareness ◽

Mobile Commerce ◽

The Other ◽

Commercial Activity ◽

Software Applications ◽

Information Appliances ◽

The One

Mobile Commerce is a term to describe any commercial activity on a mobile device, such as a mobile phone (iPhone, Android, Blackberry) or a tablet (iPad, Galaxy Tab, Surface). This includes all steps of the customer journey; reach, attract, choose, convert and retain. Hence mobile commerce is probably best described as shopping that takes advantage of unique properties of mobile devices. It is also called as m-commerce. Pervasive computing aims at availability and invisibility. On the one hand, pervasive computing can be defined as availability of software applications and information anywhere and anytime. On the other hand, pervasive computing also means that computers are hidden in numerous so-called information appliances that we use in our day-to-day lives Characteristics of pervasive computing applications have been identified as interaction transparency, context awareness, and automated capture of experiences.

Download Full-text

Mobile Commerce Security and Its Prevention

Mobile Commerce ◽

10.4018/978-1-5225-2599-8.ch023 ◽

2018 ◽

pp. 433-449

Author(s):

Mona Adlakha

Keyword(s):

Mobile Devices ◽

Best Practice ◽

Personal Data ◽

Mobile Commerce ◽

Mitigation Strategies ◽

Risk Prevention ◽

Third Party ◽

Security Measures ◽

Security Risk ◽

Security Standards

Mobile commerce is the next generation of e-commerce, where payments and financial transactions can be carried out with utmost ease using handheld mobile devices. Mobile devices are at a higher security risk due to the large amount of critical financial and personal data available on it. The cause or consequence of these threats could be - malware and spyware attacks; multiple or incorrect m-Commerce payments; breaches due to unauthorized access or disclosure, unauthenticated transactions and risk due to the use of third party networks. This chapter discusses how to manage security risks in m-commerce by first identifying them and then discussing preventive measures for their mitigation. A continuous approach for risk prevention needs to be followed, reviewing the strategy according to the latest challenges. Various risk prevention and mitigation strategies can be adopted. Service providers must follow physical and digital security measures to protect consumer's business information. Independent auditing should ensure compliance with best practice security standards.

Download Full-text