2549531
Description
Flashcards by ginasnyder83, updated more than 1 year ago
|
|
Created by ginasnyder83
about 9 years ago
|
|
| Question | Answer |
| Dimensions of E-commerce security | 1. Integrity - nothing has been altered 2. Nonrepudiation - you take ownership of your actions 3. Authenticity - identifying yourself correctly 4. Confidentiality - information remains confidential 5. Privacy - how customers data is used/protected 6. Availability - site is functional & accessible |
| Security Threats | - Malicious Code * Virus * Worms * Ransomeware/ (Scareware) * Trojan Horses * Backdoor * PUPs - Potentially Unwanted Programs - Adware - Browser Parasite - Spyware * Drive-by download |
| Phishing | deceptive, online attempt to gain confidential information for financial gain - Social engineering - using human fallibility & gullibility to trick people - DMARC.org |
| Hacking | - Hackers - unauthorized access - Crackers - hackers w/ criminal intent - White Hats - Grey Hats - Black Hats - Cyber vandalism - disrupt or destroy a site - Hactivism - politically motivated hacking/ cyber vandalism * Anonymous, LulzSec - Data Breach - unauthorized access to confidential information |
| Security Threats: | - Spoofing - Pharming - SPAM sites - Identity Fraud |
| Attack Threats | - Denial of Service (DoS) - Distributed Denial of Service (DDoS) - Sniffing - intercepting network data - Insider attacks - Poorly designed software - SQL Injection - Zero Day Vulnerability |
| Technology Solutions | 1. encryption 2. SSL/TLS 3. VPN 4. wireless security |
| Encryption | o Handles: § Authenticity § Confidentiality § Nonrepudiation § Integrity o Uses a key / cipher § Substitution § Transportation § Symmetric |
| Digital Envelope | § Uses symmetric encryption § Faster, more efficient than public key cryptography |
| PGP | -pretty good privacy |
| SSL/TLS | o most common way to secure network channels o creates a secure negotiated session between parties § Data encryption § Authentication § Message integrity |
| Wireless Security | o WEP o WPA o WPAZ |
| Firewall | o monitors incoming and outbound traffic § Two Methods: ú Packet filtering · inspects packets ú Gateway application · looks at requests |
| IDS – intrusion detection system | matches in patterns to detect malicious network traffic |
| Proxy Servers | o monitors communications o spokesperson for outgoing body guard for incoming |
| OS Updates | § Force / auto update § Anti-virus software § Management Policies |
| Developing a Security Plan | § Conduct a risk assessment ú Rank by priority § Develop Security Policy ú What and why § Develop an Implementation plan § Develop a security organization ú Group to monitor security policies and acceptance § Conduct Security Audits |
| Laws | ú National information infrastructure protection act of 1996 · Made DOS attacks and sending viruses or malicious code, illegal · Considered a federal crime if doing these ú US Patriot Act · Government can obtain data / emails if suspicious |
| Online credit card transactions | o Collecting credit card # in online form o Card not present interest rates o No signature required |
| Online stored value payment | o PayPal – largest o Merchant never sees credit card # o Additional fees o Near field communications § Mobile payment systems o Digital cash § Bitcoin, Ukash o Virtual currency |
| PCI (payment card industry) Compliance: | · All devices in scope of sensitive data must be updated o 30 days for critical updates · External scan 1 time a year o Checking for vulnerabilities · Internal scans – 90 days · 12 question questionnaire |
| Scope | · Transmits, processes, stores · Least Access / Permissions o Least amount of access that allows you to do your job |
| Storing | · Credit card # = xxxx-xxx-xxx-1459 · Social # = xxx-xx-1248 o encrypted |
| Consumer behavior | attempts to understand consumers purchasing behavior in a market place. |
| 5 Stages in the Consumer Decision Process | · 1. Develop a need · 2. Search for information · 3. Look at alternatives · 4. Purchase / Make decision · 5. Post-purchase contact with supplier |
| Clickstream behavior | · Search engine –> multiple sites –> single site –> single page –> purchase · E-commerce leads to offline sales, and vice versa |
| 4 Ways Internet Marketing differs from traditional | · 1. Personalized · 2. Can be participatory · 3. Peer to peer · 4. Communal |
| Steps to create a multi-channel marketing plan: | • 1. Create a website • 2. Traditional online marketing • 3. Social Marketing • 4. Mobile Marketing • 5. Offline Marketing |
| 4 Important Functions of a website: | o 1. Establish your brand o 2. Inform your customers o 3. Shape the customer experience o 4. Separate your brand from others |
| Advantages of online advertising | § where audience has moved § Can target ads § Can track performance of ads § Opportunity for interactivity |
| Disadvantages of online advertising | § Costs vs. benefits § Accuracy issues in tracking § Supply of good places for ads |
| SEO –search engine optimization | o control site content to result in higher organic rank o metatags with keywords o change content frequently o detailed info and keywords in site o make site readable |
| Social Search | · – searching based on social network preferences and likes of you and your friends o narrow results to those more relevant |
| Search Engine Issues: | · No one fully understands how rank is computed · Google’s admins can change ranks at will · Can hurt small businesses · Link Farms – sites that link to each other · Content Farms – conglomerates of sites and info · Click fraud – illegitimate clicks on ads |
| Banner Ads | o Oldest, most common o Cost the least, least effective o Clicks can be tracked o Some animation can be added |
| Rich Media Ads | o Full page o Show up between pages o Video, animation, interactivity o Far more effective than banner ads o Interstitial ads – must view ad before moving on o Sensory input filtering – learn to block out ads |
| Video Ads | o Ad placed before, during, or after a video o Fastest growing online advertisements |
| RTB – real time bidding | o Bid for search criteria o If win, you get those ads |
| Email Advertising | o Direct emails – customer opted in o 6% response rate – high o personal tracking ability |
| Challenges to Email Marketing | · SPAM – legitimate emails can get lost in junk emails · Your emails can get tagged as spam · CAN-SPAM Act of 2003 · Software that filters emails · Poorly targeted purchased lists |
| Viral Marketing | o You get customers to share your message for you o You put it out once, customers do the rest of the work o Generates revenue fast |
| Affiliate marketing | company refers you, for a fee o Often a per-click basis |
| Social advertising | · using social networks to share your message o Social sign on – use social network credentials for log in o Social Search – narrow results based on you and friends likes o Collaborative shopping – getting discussions going about shopping preferences Network Notifications |
| · Mobile Advertising | o Ads on mobile phone/tablets o Similar to desktop just smaller o Web browsers or native apps |
| · Local Advertising | o Done through mobile o Based on current location o Daily deal sites |
| Target by: | · o Social network preferences · o Past browser history · o Search engine history · o Offline data |
| Pricing | Dependent on demand curve · Price discrimination · Versioning · Free / freemium · Bundling · Dynamic pricing · o Auctions · o Yield management · o Flash marketing |
| Database Storage | · DBMS · SQL · Relational databases · Data warehouse · Data mining · o Query – driven · o Model – driven · Create customer profiles |
| Impressions | # of times an ad is served |
| Click-through rate (CTR) | percentage of people exposed to an online ad who actually click on the banner |
| View-through rate (VTR) | measures the 30 day response rate to an ad |
| Hits | number of HTTP requests received by a firm's server |
| Stickiness | average length of time visitors remain at a site |
| loyalty | percent of purchasers who return in one year |
| Reach | percent of total number of consumers in a market who visit a website |
| Recency | average number of days elapsed between visits |
| aquisition rate | percent of visitors who request or visit product pages |
| conversion rate | percent of visitors who purchase something |
| attrition rate | percent of customers who purchase once but do not return within the year |
| retention rate | percent of existing customers who continue to buy |
| conversation ratio | # of comments produced per post |
| applause ratio | # of likes or shares per post |
| amplification | number of retweets or reshares per post |
| sentiment ratio | ratio of positive comments to total comments |
| Cost per thousand (CPM) | advertiser pays for impressions in 1000 |
| Cost per click (CPC) | advertiser pays pre-negotiated fee for each click an ad recieves |
| Cost per action (CPA) | advertiser pays for only those users who perform a specific action |
| 5 Steps in Social Marketing | - Measuring: Fan Acquisition – getting your brand out there, getting people to like you. - Engagement – get people talking - Amplification - get your fans to share your brands with others - Community – fans come together over their shared like of your brand - Brand Strength – increases in sales |
| Measuring facebook | Fan Acquisition – # that see your brand, # that become fans Engagement – # of comments and posts on your page, # of minutes on page Amplification - # of shares, # of likes Community – average number of minutes on page, # of monthly visits by fans Brand Strength – # of purchases generated through facebook compared to those generated by other sources (conversion ratio) |
| GPS | § Geo-social marketing § Services § Geo-aware – sends messages when you pass a location § Geo-fencing – push |
| Measuring Local Marketing | · Acquisition o Impressions, how many are seen · Engagement o How many actions were taken based on your messages · Amplification o How many shares/forwards to friends · Community o Collection of responses to messages · Brand strength o Sales growth due to messages |
| 4 Main Principles of Ethics | · Responsibility – take responsibility for all your actions · Accountability – be accountable for all consequences of your action · Liability – you are liable to repay any damages done · Due Process – you must answer to the higher standards |
| 5 Steps to reason through a dilemma | · 1. Identify the issue · 2. Define the conflict / dilemma · 3. Identify the stakeholders · 4. Identify your possible options · 5. Identify the possible consequences |
| Common Ethical Principles: | · Golden rule · Universalization · Slippery slope · Collective utilitarian principle · Risk aversion · No free lunch · New york times test · Social contract rule |
| Privacy | the moral right of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the state |
| Information Privacy | includes both the claim that certain information should not be collected at all by gov’t or business firms, and the claim of individuals to control the use of whatever information is collected about them |
| Right To Be Forgotten | the claim of individuals to be able to edit and delete personal information online |
| Personally Identifiable Information (PII) | any data that can be used to identify, locate, or contact an individual |
| Anonymous Information | demographic & behavioral information that does not include any personal identifiers a. Ex) Age, occupation, income, zip, ethnicity |
| Social Networking | encourages the sharing of info and preferences |
| 3rd Party Cookies | used to track user behavior over hundreds of websites to create profiles |
| Profiling | the creation of digital images that characterize online individual and group behavior |
| Anonymous Profiles | identify people as belonging to highly specific and targeted groups |
| Personal Profiles | – add a personal email address, postal address, and/or phone number to behavioral data |
| Deep Packet Inspection | a technology of recording every key stroke at eth ISP level of every Internet user then using that info to make suggestions and target ads |
| Informed Consent | consent given with knowledge of all material facts needed to make a rational decision |
| Two Models for Informed Consent: | 1. opt-in 2. opt-out |
| 1. Opt-In | – requires an affirmative action by the consumer to allow collection and use of consumer information |
| 2. Opt-Out | the default is to collect the information unless the consumer takes an affirmative action to prevent the collection of data |
| o Notice/Awareness (core principle) | sites must disclose their information practices before collecting data |
| Federal Trade Commission’s Fair Information Practice includes: | - awareness - consent - participation - security - enforcement |
| Safe Harbor | a private, self-regulating policy and enforcement mechanism that meets the objectives of gov’t regulators and legislation but does not involve gov’t regulation or enforcement |
| Online Privacy Alliance (OPA) | formed by the online industry in 1998 to encourage self-regulation in part as a reaction to growing public concerns on privacy and threats of legislation being proposed by the FTC and privacy advocacy groups |
| Network Advertising Initiative | formed by the advertising industry, as a way of developing privacy policies |
| 3 Main Types of Intellectual Property: | 1. copyright 2. patent 3. trademark law |
| Copyright Law | protects original forms of expression such as writings, art, drawings, photographs, music, motion pictures, performances, and computer programs from being copied by others for a minimum of 70 years |
| Patent | grants the owner an exclusive monopoly on the ideas behind an invention for 20 years |
| 3 things that cannot be patented: | i. Laws of nature ii. Natural phenomena iii. Abstract ideas |
| Trademark | a mark used to identify and distinguish goods and indicate their source |
| Dilution | – any action that would weaken the connection between the trademark and the product |
| Anticyberqsquatting Consumer Protection Act of 1999 | created civil liabilities for anyone who attempts in bad faith to profit from an existing famous or distinctive trademark by registering an Internet domain name that in identical or confusingly similar to, or “dilutive” of, that trademark |
| Cybersquatting | involves the registration of an infringing domain name, or other Internet use of an existing trademark, for the purpose of extorting payments from the legitimate owners |
| Cyberpiracy | involves the same behavior as cybersquatting but with the intent of diverting traffic from the legitimate site to an infringing site |
| Typosquatting | using common misspellings to divert traffic to an infringing site |
| Net Neutrality | treat all online data equally |
| ISP's differentiated pricing by: | 1. cap-pricing 2. usage-based pricing 3. highway pricing |
| Cap Pricing | putting caps on bandwidth usage, charging more for additional usage in tiers of pricing • Speed Tiers – charging more for higher speed Internet Service |
| Usage-Based Pricing | charging on the basis of metered units of Internet service • Congestion Pricing – charging more for peak hour Internet service |
| Highway (Toll) Pricing | charging service providers like Netflix for their use of the Internet based on their Internet use |
Want to create your own Flashcards for free with GoConqr? Learn more.