Protect Your Website

If you have an e-commerce website, you face the following risks:

• Fake purchases - These usually cost you in loss of revenue through credit card chargebacks.
  
• Fraudulent websites - Someone sets up a fraudulent website that looks similar to the official website of your company.
  
• Data theft - Intruders may try to steal your customer information such as credit card numbers.
  
• Intruder attacks - Intruder attacks may result in defacement or disruption of your website functionality.
  
• Damage to your reputation arising from any of the above items.

Protective Measures

Make sure your e-commerce website is secure. If you host your own e-commerce server rather than renting service from a third party service provider, it is important that you have considered the following:

• Constantly check for news related to security issues about the software you are using. Make sure you have applied the latest patches once available.
  
• Install and enable a firewall.
  
• Install anti-virus and ant-malicious code detection software.
  
• Use strong passwords.
  
• Check the security logs of your computer system and web server everyday.
  
• Check the daily transaction logs for suspicious activities.
  
• Do not store customer information and credit card details on a public e-commerce server.
  
• Encrypt sensitive data during transmission, processing or storage e.g. enable SSL.
  
• Conduct security assessments and audits regularly .
  
• Protect your intellectual property. Your web content, such as product images, may be stolen by others without your approval. You may consider adding a watermark to your images.
  
• Perform regular backup

Click here to learn how to secure your web application.

Other Resources

• Know more about technology crime, internet fraud - Hong Kong Police Force Technology Crime Division
  
• Securing your e-commerce systems in the Business Link of the British Government (URL://www.businesslink.gov.uk/bdotg/action/layer?r.l1=1073861197&topicId=1075385383&r.l2=1075408323&r.s=tl)
  
• Advice from the Electronics Payment site (URL://www.electronic-payments.co.uk/)