Investigating customer-facing security features on South African e-commerce websites

Deen Brandreth; Jacques Ophoff

doi:10.1007/978-3-030-66039-0_10

Investigating customer-facing security features on South African e-commerce websites

Deen Brandreth, Jacques Ophoff^*

^*Corresponding author for this work

SDI - Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

46 Downloads (Pure)

Abstract

E-commerce websites often store sensitive customer information and there is the impression that customers are not as concerned about protecting their data as they should be. Instead they often choose convenience over security. There are those who argue that e-vendors do not provide the necessary environment to adequately protect their customers’ data by utilizing multi-factor authentication and by providing customer support that educates and encourages customers to follow security best practices. This study develops criteria to evaluate website security and goes on to investigate how the top 20 South African e-commerce websites perform against this. The results show that multi-factor authentication is underutilized and security in the form of password-based authentication can be improved. Furthermore, despite many customer support channels and resources, there is little emphasis placed on educating and encouraging customers to follow security best practices. The results suggest areas for security improvement in order to build trust in e-commerce websites.

Original language	English
Title of host publication	Information and Cyber Security
Subtitle of host publication	19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers
Editors	Hein Venter, Marianne Loock, Marijke Coetzee, Mariki Eloff, Jan Eloff, Reinhardt Botha
Place of Publication	Cham
Publisher	Springer
Pages	144-159
Number of pages	16
ISBN (Electronic)	9783030660390
ISBN (Print)	9783030660383
DOIs	https://doi.org/10.1007/978-3-030-66039-0_10
Publication status	Published - 19 Dec 2020
Event	19th International Conference on Information Security - virtual conference, Pretoria, South Africa Duration: 25 Aug 2020 → 26 Aug 2020 Conference number: 19th https://infosecsa.com/

Publication series

Name	Communications in Computer and Information Science
Publisher	Springer
Volume	1339
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	19th International Conference on Information Security
Abbreviated title	ISSA 2020
Country	South Africa
City	Pretoria
Period	25/08/20 → 26/08/20
Internet address	https://infosecsa.com/

Access to Document

10.1007/978-3-030-66039-0_10

Ophoff_InvestigatingCustomer-FacingSecurityFeatures_Accepted_2020Accepted author manuscript, 444 KB

Cite this

Brandreth, D., & Ophoff, J. (2020). Investigating customer-facing security features on South African e-commerce websites. In H. Venter, M. Loock, M. Coetzee, M. Eloff, J. Eloff, & R. Botha (Eds.), Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers (pp. 144-159). (Communications in Computer and Information Science; Vol. 1339). Springer. https://doi.org/10.1007/978-3-030-66039-0_10

Brandreth, Deen ; Ophoff, Jacques. / Investigating customer-facing security features on South African e-commerce websites. Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers. editor / Hein Venter ; Marianne Loock ; Marijke Coetzee ; Mariki Eloff ; Jan Eloff ; Reinhardt Botha. Cham : Springer, 2020. pp. 144-159 (Communications in Computer and Information Science).

@inproceedings{a86e01f770e9417b991a7f101a022b8f,

title = "Investigating customer-facing security features on South African e-commerce websites",

abstract = "E-commerce websites often store sensitive customer information and there is the impression that customers are not as concerned about protecting their data as they should be. Instead they often choose convenience over security. There are those who argue that e-vendors do not provide the necessary environment to adequately protect their customers{\textquoteright} data by utilizing multi-factor authentication and by providing customer support that educates and encourages customers to follow security best practices. This study develops criteria to evaluate website security and goes on to investigate how the top 20 South African e-commerce websites perform against this. The results show that multi-factor authentication is underutilized and security in the form of password-based authentication can be improved. Furthermore, despite many customer support channels and resources, there is little emphasis placed on educating and encouraging customers to follow security best practices. The results suggest areas for security improvement in order to build trust in e-commerce websites.",

author = "Deen Brandreth and Jacques Ophoff",

year = "2020",

month = dec,

day = "19",

doi = "10.1007/978-3-030-66039-0_10",

language = "English",

isbn = "9783030660383",

series = "Communications in Computer and Information Science",

publisher = "Springer",

pages = "144--159",

editor = "Hein Venter and Marianne Loock and Marijke Coetzee and Mariki Eloff and Jan Eloff and Reinhardt Botha",

booktitle = "Information and Cyber Security",

note = "19th International Conference on Information Security, ISSA 2020 ; Conference date: 25-08-2020 Through 26-08-2020",

url = "https://infosecsa.com/",

}

Brandreth, D & Ophoff, J 2020, Investigating customer-facing security features on South African e-commerce websites. in H Venter, M Loock, M Coetzee, M Eloff, J Eloff & R Botha (eds), Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers. Communications in Computer and Information Science, vol. 1339, Springer, Cham, pp. 144-159, 19th International Conference on Information Security, Pretoria, South Africa, 25/08/20. https://doi.org/10.1007/978-3-030-66039-0_10

Investigating customer-facing security features on South African e-commerce websites. / Brandreth, Deen; Ophoff, Jacques.

Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers. ed. / Hein Venter; Marianne Loock; Marijke Coetzee; Mariki Eloff; Jan Eloff; Reinhardt Botha. Cham : Springer, 2020. p. 144-159 (Communications in Computer and Information Science; Vol. 1339).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Investigating customer-facing security features on South African e-commerce websites

AU - Brandreth, Deen

AU - Ophoff, Jacques

N1 - Conference code: 19th

PY - 2020/12/19

Y1 - 2020/12/19

N2 - E-commerce websites often store sensitive customer information and there is the impression that customers are not as concerned about protecting their data as they should be. Instead they often choose convenience over security. There are those who argue that e-vendors do not provide the necessary environment to adequately protect their customers’ data by utilizing multi-factor authentication and by providing customer support that educates and encourages customers to follow security best practices. This study develops criteria to evaluate website security and goes on to investigate how the top 20 South African e-commerce websites perform against this. The results show that multi-factor authentication is underutilized and security in the form of password-based authentication can be improved. Furthermore, despite many customer support channels and resources, there is little emphasis placed on educating and encouraging customers to follow security best practices. The results suggest areas for security improvement in order to build trust in e-commerce websites.

AB - E-commerce websites often store sensitive customer information and there is the impression that customers are not as concerned about protecting their data as they should be. Instead they often choose convenience over security. There are those who argue that e-vendors do not provide the necessary environment to adequately protect their customers’ data by utilizing multi-factor authentication and by providing customer support that educates and encourages customers to follow security best practices. This study develops criteria to evaluate website security and goes on to investigate how the top 20 South African e-commerce websites perform against this. The results show that multi-factor authentication is underutilized and security in the form of password-based authentication can be improved. Furthermore, despite many customer support channels and resources, there is little emphasis placed on educating and encouraging customers to follow security best practices. The results suggest areas for security improvement in order to build trust in e-commerce websites.

U2 - 10.1007/978-3-030-66039-0_10

DO - 10.1007/978-3-030-66039-0_10

M3 - Conference contribution

AN - SCOPUS:85098281306

SN - 9783030660383

T3 - Communications in Computer and Information Science

SP - 144

EP - 159

BT - Information and Cyber Security

A2 - Venter, Hein

A2 - Loock, Marianne

A2 - Coetzee, Marijke

A2 - Eloff, Mariki

A2 - Eloff, Jan

A2 - Botha, Reinhardt

PB - Springer

CY - Cham

T2 - 19th International Conference on Information Security

Y2 - 25 August 2020 through 26 August 2020

ER -

Brandreth D, Ophoff J. Investigating customer-facing security features on South African e-commerce websites. In Venter H, Loock M, Coetzee M, Eloff M, Eloff J, Botha R, editors, Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers. Cham: Springer. 2020. p. 144-159. (Communications in Computer and Information Science). https://doi.org/10.1007/978-3-030-66039-0_10