Information privacy is the main aspect of
information sharing. Today, at the time of this digital age, personal information
vulnerabilities have increased. Information can be kept private by numerous
ways, including encryption, authentication and data masking – each attempting
to ensure that information is available only to those with authorized access.
These protective measures are used to preventing unauthorized use of personal
information, which are illegal. The
review of the literature reveals that information privacy is a multilevel
concept, but rarely studied as such. Information privacy research focuses on
explaining and predicting theoretical contributions, with few studies in
journal articles focusing on design and action contributions. We recommend that
future research should consider different levels of analysis as well as
multilevel effects of information privacy.

This paper would throw
light on E-commerce privacy, security, its purpose, different security issues
and how consumer’s trust and purchasing behavior are affected by it.

E-Commerce, privacy, security, Impersonation,


Today, privacy, security
and trust are major concerns for electronic technologies. Ecommerce security is
specifically applied to the components that affect e-commerce namely

computer security, data
security, integrity, availability and other wider realms of the Information
Security framework. Privacy and
security concerns are the number one reason Web users are not purchasing over the
Web. There are six major concerns (in the descending of importance) exist:
privacy, security, threats, impersonation, forged identity and e?mail safety. The results also show that privacy and
security concerns are the main impediment to shopping on the Internet. The
implication is that the successful organizations will be those who expand their
resources and efforts to ensure their IT users’ concerns. Privacy is the control
over one’s personal data whereas; security is the attempted access to data by
unauthorized users. Information security, therefore, is an essential management
and technical requirement for any efficient and effective payment transaction
activities over the internet. E-commerce security is the protection of
e-commerce assets from unauthorized access, destruction, alteration, or use so
its dimensions to be studied are- Integrity, Privacy, Non-repudiation,
Authenticity, Confidentiality, and Availability. Web e-commerce
applications that handle payments such as electronic transactions using credit
cards or debit cards, online banking, PayPal or other tokens have more
compliance issues and are at increased risk from being targeted than other
websites as they suffer greater consequences if there is data loss or
alteration. Mule, Trojan horse and worms if launched against client systems,
pose the greatest threat to e-commerce privacy and security because they can
subvert most of the authorization and authentication mechanisms used in an
ecommerce transaction. Trust has always been an important element in
influencing consumer behavior toward merchants and has been shown to be of high
significance in uncertain environments such as Internet-based EC environments.
While a variety of factors such as branding and store reputation may influence
trust, one missing factor is the face-to-face communication and lack of touch
and feel which is present in physical interactions. Therefore, it has been
argued that trust would be favorably influenced by increase in perceptions of
security and privacy in EC transactions.


India has an internet users base of about 450 million as of
July 2017, 40% of the population Despite being the second-largest userbase in
world, only behind China (650 million, 48% of population), the penetration of e-commerce
is low compared to markets like the United
States (266 million, 84%), or France (54 M, 81%), but is growing at an unprecedented rate,
adding around 6 million new entrants every month. The industry consensus is
that growth is at an inflection point.

In India, cash on delivery is the most preferred payment
method, accumulating 75% of the e-retail activities. Demand for international
consumer products (including long-tail items) is growing much faster than in-country
supply from authorised distributors and e-commerce offerings.

In 2015, the largest e-commerce companies in India were
Flipkart, Snapdeal,
Amazon India, and Paytm.

India’s e-commerce market was worth about $3.9 billion in
2009, it went up to $12.6 billion in 2013. In 2013, the e-retail segment was
worth US$2.3 billion. About 70% of India’s e-commerce market is travel related.
According to Google India, there were 35 million online shoppers in India in
2014 Q1 and was expected to cross 100 million mark by end of year 2016. CAGR
vis-à-vis a global growth rate of 8–10%. Electronics and Apparel are the
biggest categories in terms of sales.

According to a study conducted by the Internet and Mobile
Association of India, the e-commerce sector is estimated to reach Rs. 211,005
crore by December 2016. The study also stated that online travel accounts for
61% of the e-commerce market.

According to a study done by Indian Institute of eCommerce,
by 2020 India is expected to generate $100 billion online retail revenue out of
which $35 billion will be through fashion e-commerce. Online apparel sales are
set to grow four times in coming years..


Privacy is a serious issue in
electronic commerce, no matter what source one examines. a critical reason why
people do not go online and provide false information online. Today transaction
in e-commerce typically requires the divulgence of large amounts of personal
information. Necessary information includes credit card information and
delivery details. In addition, the possession of such information gives
e-business the opportunity to analyze it, discovering trends and increasing the
efficiency of their business dealings. Consumers typically had no idea as to
the range of possible uses that possession of this information allows for, and
thus had no idea as to the possible violation of their privacy that could
occur. However, in the last decade, consumer awareness of privacy is
increasing, particularly among the Internet users. They begin to demand that
their privacy be respected by e-commerce, which requires the legislation of
e-commerce consumer rights protection.

A. Technologies used for
E-Commerce Privacy Majorly there are four broad categories of privacy

1. Technologies used for

2. Technologies for forming
contracts or agreements about the release of private data

3. Technologies for labeling and
trust, and

4. Privacy-enhancing technologies(PETs).

The technologies for surveillance
and for data capture are used by companies for business purposes, but they have
the side effect of generating biometrics, data trails, data warehousing and
data mining thus affecting personal privacy. However, privacy-enhancing
technologies (PETs) attempt to balance the surveillance or tracking
technologies through personal firewalls, cookie managers and digital cash
(e.g., E-cash).


Security is the
most prominent part of any transaction that takes place over the internet.
Customers will lose their faith when their data is not secure. In e-business, following
are the essential requirements for safe e-payments/transactions:

·Integrity ? Information
should not be altered during its transmission over the network.

Availability ? Information should be available wherever and whenever
required within a time limit specified.

Authenticity ? There should be a mechanism to authenticate a user before
giving him/her an access to the required information.

Non-Repudiability ? It is the protection against the denial of order or
denial of payment. Once a sender sends a message, the sender should not be able
to deny sending the message. Similarly, the recipient of message should not be
able to deny the receipt.

Security is the main concern when it comes to e-commerce.
Since financial transactions are the backbone of e-commerce, if not the entire
purpose of it, any hesitation on the part of the customer when it comes to
making online payments could spoil the e-commerce party entirely. Surely, this
is an issue, as many consumers depend on these acceptable modes of payment to
quickly exchange services. Here are several ways a hack can take place:

The payment gatewayAn infected user-computer that could bring in
malwareA shopping cart
software provider that is exporting vulnerability into your

A. Major types of E–Commerce

1. Unauthorized access-
access is when someone gains access to a website, program, server, service, or
other system using someone else’s account or other methods. For example, if
someone kept guessing a password or username for an account that was not theirs
until they gained access it is considered unauthorized access. It implies
illegal access to data, systems or applications for some malicious purpose. In
Passive unauthorized access the hacker listens to communication channels for
finding secrets or content which may be used for damaging purposes. However, in
Active unauthorized access the hacker modifies system or data with an intention
to manipulate or change.

Denial of Service- A denial-of-service attack is a security
event that occurs when an attacker takes action that prevents legitimate users
from accessing targeted computer systems, devices or other network resources. It
may occur by spamming and viruses. Spamming is unusual e-mail bombing caused by
a hacker targeting one computer or network, and sending thousands of email
messages to it. However, viruses are self-replicating computer programs
designed to perform unwanted events.

 3. Theft and Fraud-Fraud occurs when
the stolen data is used or modified. Hackers break into insecure merchant web
servers to harvest archives of credit card numbers generally stored along with
personal information when a consumer makes an online purchase.

Technologies used for e-commerce Security

defensive measures used in transaction security are:

Encryption – It is the process of
transforming plain text or data into cipher text that cannot be read by anyone
except the sender and receiver. It is  done
with the help of data encryption algorithms. A key is involved for encoding and
decoding the data.

Secure Socket Layer – The SSL protocol provides
server authentication, client authentication and message integrity for TCP/IP
connections. It prevents eavesdropping, tampering when data is transported over
the internet between two applications.

Digital Signature – It is a signature in
encrypted electronic code which is encrypted by the sender with his public key
and can be decrypted only with the public key 
of the sender.




The study reveals that consumer’s
loyalty to a web site is loosely linked to the levels of trust. Thus, the
development of trust not only affects the intention to buy, as shown by
previous researchers, but it also directly affects the effective purchasing
behavior, in terms of cost, preference, and frequency of visits, therefore, the
level of profitability provided by each consumer. In addition, the analyses
show that trust in the internet is particularly influenced by the security
perceived by consumers regarding the handling of their private data. Web
browsers and Web sites should display visible security mechanisms such as
statements about data protection and firewalls (protection), an unbroken
lock/key (encryption), digital certificates (authentication) from trusted third
parties and familiar and verifiable domain names (verification).

In summary, privacy and
security are still ongoing research problems. There have been some interesting
and significant findings, however, in the last five years that bear important consequences
for e-commerce sites and consumers. Not only must
e-commerce sites and consumers judge security vulnerabilities and assess
potential technical solutions, they must also assess, evaluate, and resolve the
risks involved. A networked application cannot offer full measures of
connectivity, security, and ease-of-use, all at the same time; there seems to
be an intrinsic trade-off here, and some sacrifice is unavoidable. Accordingly,
the first security concern from an e-commerce merchant’s perspective should be
to keep the web servers’ archives of recent orders not on the front-end web
servers but behind the firewall. Furthermore, sensitive servers should be kept
highly specialized, by turning off and removing all inessential services and
applications (e.g., ftp, email). Until e-commerce vendors achieve the necessary
delicate balance of privacy, trust and security, effective and quantitative
ecommerce transactions will remain a problem. Thus, the mechanisms of
encryption, protection, verification and authentication indeed influence
perceptions of security. The marketplace can be trustworthy only when consumers
feel trust in transacting in that environment.               



1 Research
Paper “E-Commerce- Study of
Privacy, Trust and Security from Consumer’s Perspectivehttp” www.ijcsmc.com/docs/papers/June2016/V5I6201647.


2 Wikipedia



3 https://misq.org/privacy-in-the-digital-age-a-review-of-information-privacy-research-in-information-systems.html

4 https://www.ijser.org/researchpaper/Design-Implementation-an-E-Commerce-Sites-Security-System-based-on-Local-Binary-Pattern.pdf