Featuring 11 Papers as of August 8, 2013
Protecting Small Business Banking
Susan Bradley - August 8, 2013
Over the last several years, the use of online banking and other financial transactions have risen dramatically.
Security of Mobile Banking and Payments
Vanessa Pegueros - January 8, 2013
There doesn't seem to be a week that something relative to mobile and/or mobile payments is not in the news.
Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data
nuBridges, inc - September 29, 2009
Exploring the use of tokenization as a best practice in improving PCi dss compliance, while at the same time minimizing the cost and complexity of PCi dss compliance by reducing audit scope.
A Trusted Smart Phone and Its Applications in Electronic Payment
Changying Zhou - August 29, 2006
This paper analyzes the building blocks of the trusted smart phone and proposes a framework to provide a trusted platform for mobile electronic payment.
An Overview of Session Hijacking at the Network and Application Levels
Mark Lin - May 5, 2005
With the business of ecommerce booming, more and more sensitive information is being passed around on the web. Financial and identity information are constantly at risk of being stolen as more and more users take advantage of the ease of doing business online through web applications.
"SET" to Pull Down the Insecurity Barrier in Front of E-commerce
Onur Arikan - October 31, 2003
This paper addresses the topic of Secure Electronic Transaction (SET).
Inspection Grade Card for Conducting E-Commerce
Andrew McAllister - October 31, 2003
This paper provides instructions for inspecting and grading E-Commerce sites, offering descriptions and sample questions to prepare for the inspection.
eCommerce and Defense in Depth
Clayton Dillard - October 31, 2003
This document gives an overview of some common methods that can be employed to build defense-in-depth into your eCommerce solution.
Unique Characteristics of Ecommerce Technologies and their Effects upon Payment Systems
Stephen Burns - October 31, 2003
This paper discusses and highlights unique characteristics of the technologies of the ecommerce world compared with traditional payment systems and the way these characteristics may be exploited to compromise payment systems.
Shopping for Security
Kimberly Lemieux - October 31, 2003
This paper serves as a tool to assist users in establishing and testing some baseline security measures as described in the EUser's Security Concerns.
Information Security Issues in E-Commerce
David Olkowski - March 26, 2001
A discussion on some of the issues in the state of information security as it pertains to e-commerce.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
All papers are copyrighted. No re-posting or distribution of papers is permitted.