E-Business Reflection Thread #4 Nikhita Gupta (PGP/18/094)

Imagine you are the owner of a “B2B” EC website. What could be the major kinds of attacks your site could expect to experience? Will those attacks be common to B2C sites also? Why or why not?

In any e-commerce transaction, the key stakeholders are the merchant, client and the communication links between client, bank and merchant. The attacks can happen at any of these above mentioned points.

In case of B2B, the major kind of attack can be targeted towards the client where the payment is done online. It may happen that the payment amount may be changed during the transaction or the payment maybe directed towards some other account. Second, there may be an adware or spyware which can get installed and the client may not even realize the same. Thus, leading to elicitation of confidential data.

Thus, payment and the threat of private information are the two major breaches which may happen.

The only difference between B2B and B2C will be in terms of ticket size of purchase and hence the potential risk increases from such frauds.

Though many attacks would be common between the two because the process remains the same. However, there might be a difference in way the information can be extracted. Example: If the location button is switched ON on the mobile phone while making the transaction, some malware maybe used to elicit the personal details like where are you currently or data stored on the cell.