E-commerce and Security |
---|
Introduction |
For e-commerce to be effective your prospective clients demand a secure way of handling their financial details. Without this fundamental feature, on-line sales will be low. The key to an approved e-commerce application is that sensitive information is always held ENCRYPTED (and useless to anyone but the vendor) until it reaches the vendor's processing PC (i.e. data is encrypted on the buyers PC, still encrypted during Internet transfer, still encrypted while temporarily on the ISP server, still encrypted while downloading to the vendor - only when the order is processed - and no longer on the Internet - is the data decrypted (and of any use). |
Security method |
Encryption is the key to transferring private and confidential data over the Internet. However, encryption has a time factor - the higher the encryption the longer the data takes to be transferred. Therefore it makes sense to have both an open channel for non-sensitive data (e.g. requests for more information) and a secure channel which uses encryption (e.g. for credit card details). The encryption can be enabled in two ways: using a Java Applet or using SSL. (An alternative is where all secure payment information is collected by an "Online Credit Card Provider" such as NetBanx, WorldPay, Secure Trading or Datacash - not discussed here). |
Using Java Applet |
Encryption occurs on the buyer's PC and decryption only occurs on the vendor's PC. At no stage is the transaction decrypted whilst it travels over the Internet, or whilst it is stored on a web site. In addition, orders (including credit card details) are only stored on a web site (still encrypted) until the vendor downloads them to their PC. Hence there is no large store of orders available online to invite attack. |
The encryption is carried out by using a Java applet. The Java applet is subject to the standard security restrictions of their "sandbox" which restricts their ability to communicate across the Net to only the web site that they are downloaded from. Decryption is carried out on the vendor's PC after orders have been downloaded from the web. The encryption technique used falls into two parts. The first is to use Diffie-Hellman key exchange to agree a 128 bit key for use by the SAFER block cipher. The Diffie-Hellman key currently used is 256 bits and this will be increased further in the future up to 1024 bits, depending on performance. This encryption method is used on the following fields only : - credit card number - credit card type - credit card expiry date Other fields in orders placed using the system are also encrypted using Safer with a 128 bit key, but using a fixed key built in to the software and common across all instances of the software. The following banks have approved the use of this method in particular e-commerce applications - Barclays Bank, Midland Bank and The Royal Bank of Scotland. |
Using SSL |
Where the SSL option is used, the buyers personal details, credit card information and other order information is sent from the browser to the server, using industry standard SSL encryption. At the server, the order is encrypted before being written to disk using the same method and encrypting the same fields as is explained in the Java encryption. Hence the order is only stored encrypted on the web site. When the vendor downloads the orders, they are sent over the Internet using SSL and then decrypted on their PC. Hence there is no large store of orders available online to invite attack. |
Diffie-Hellman |
Diffie-Hellman key exchange has been published for over 25 years and has been proved to be strong. RSA have based their encryption method on the same fundamental mathematics. RSA (used in SSL) is essentially a derivation of Diffie-Hellman. Actinic chose to use Diffie-Hellman for the following reasons : - it is a public / private key method : this is essential for the ordering model adopted by the e-commerce application - the algorithm has been around for many years and has stood the test of time - it is now patent-free - it has been selected by an increasing number of industry leaders as their system of choice: - Microsoft for NT 5 - Sun Microsystems for their SKIP system - Cisco for their routers A short description of the Diffie-Hellman algorithm can be found at Racal's web site http://www.racal.com/rdg/products/diffie.htm |
Safer |
The SAFER SK-128 block encryption method was developed by Massey (the developer of IDEA which is used in PGP). The key for use with SAFER is negotiated using Diffie-Hellman. The algorithm has been around for some time and has stood the test of time. It is a public algorithm and is freely available. SAFER is briefly described in the RSA FAQ on http://www.rsa.com/rsalabs/newfaq/q78.html |
Key length |
A key length of 128 bit Safer key gives a reasonable performance whilst being several orders of magnitude beyond where brute force methods could break the encryption. SSL offers only a 40-bit key in non-US implementations (although 56 bit key implementations are now becoming available). To put things in context, each additional bit of key space takes twice as long to break. So a 41 bit key is twice as strong as a 40 bit key. The 128 bit key is 4,722,366,482,869,645,213,696 times as strong as the SSL 56 bit key. |
Possible attacks |
All security methods can be attacked. The design objective of any e-commerce application is to ensure that to take orders across the Net was no more risky than other accepted methods of accepting credit card orders, and that the inherent security of the e-commerce application was at least as good as that of SSL. |
Interception of packets on the web |
Using an approved e-commerce application orders are totally secure against this threat - all data is only transmitted once it has been encrypted. No data appears in clear on the Internet in transit. In practise, interception of packets on the web is now a remote possibility. |
Breaking security on the web site enabling hackers to copy web orders |
Other methods, including some SSL only based systems keep orders on the web server in clear text. With an approved e-commerce application, the hacker would gain no benefit as orders are still encrypted whether SSL is used or not, and the typical haul will be much smaller than with an SSL server as the catalog orders are always removed from the web site when the vendor next dials in. Employees at an Internet Service Provider (ISP) have access to the servers. They could easily copy stored orders both silently and transparently. They can also remove any potential audit trail. If ISP employees are disaffected, this is a serious risk with most current ecommerce systems. An approved e-commerce application prevents this abuse since all orders are held encrypted. |
Physical breach of security at the vendor site. |
This is a known and accepted risk as it is the same risk as where credit card slips are physically stored at the vendor's site. Anyone who keeps client details on any form of PC (or even on paper records) is vulnerable. |
Network access to the PC at the vendor site. |
The vendor's PC is attached by dial-up and therefore not permanently attached. Hence, beyond standard security features provided by the ISP and the PC software, the principal protection is anonymity - there is no way for a hacker to know the identification of the PC with approved e-commerce application software running, or when they will be online. SSL based solutions have a server permanently connected to the Internet and keep all the credit card details available on-line. They are far more vulnerable to compromise in this respect. |
Subversion of the web site to substitute different software |
Substituting software at the web site is a potential risk. For a hacker to subvert an approved e-commerce application they would need to compromise either the encryption at the web site or the Java applet. a) Compromise of the encryption at the web site at a secure server. This would require complete disassembly and understanding of the security method - a reasonably uncommon skill. There is a clear audit trial of this type of attack which is itself a disincentive. b) Substitution of the Java Applet. The resulting Java Applet could still only communicate back to its host web site so this method would require a co-operating process running on the web server and would thus leave a clear audit trail. This would require complete disassembly and understanding of the security method - a reasonably uncommon skill, and especially difficult as approved e-commerce applications deliberately renam variables etc. so that it is extremely hard to understand the code). This risk is far more severe for SSL-only systems which store orders permanently on the web site. If a hacker can get in to a web server, then they can grab all the orders (including historical orders) on the site which are stored in clear text. This is more likely than an attack on an approved e-commerce application as it would reap a larger reward in terms of credit card information and would leave less of an audit trail and it could happen from any site. |
Timing attacks |
This is only theoretically an avenue of attack. The concept behind it is that timing the encryption process gives some indication of the size of key used - a large number takes more processing time than a small one. This is used to try and limit the universe of potential keys for a brute-force attack. In practice, it is useless on the Internet because: a) The net itself introduces random delays b) Some of the encryption is performed on the client's PC. Since these will vary enormously in specification and loading, no useful information can be obtained. A similar argument applies to encryption at the server c) The encryption at the client cannot easily be observed or timed d) For client based encryption, the encryption is only performed once per PC so would not yield any comparisons |
Summary |
Overall, it can be seen that the use of an approved e-commerce application represents a much safer way of transacting business across the Internet than just using SSL and this applies whether the approved e-commerce application is used in SSL or Java Applet mode. This is primarily because it never decrypts the orders at the web site nor stores them in clear and this is by far the most likely point of attack. |
Approved e-commerce applications |
For information on an e-commerce application which fulfills all the above requirements, and is approved by a number of national High Street Banks, contact us today. |