Friday, August 30, 2019

E Fraud Essay

An e- fraud is considered to be an electronic crime that affects not only individuals businesses and governments but also allows for very negatively intelligent people and hackers to use their intelligence to log into other’s accounts use their credit card numbers and banking password and transact huge amounts of trade and money . it has been seen that e fraud is on the increase and this is because of the low levels of awareness, the inappropriate counter measures that are ineffective to handle this kind of fraud has led to e frauds being on the increase . The only area that has been actively involved in reducing the impact of fraud is the technical side leaving the other so many variables out of the purview of the e fraud scenario. This has made e fraud even more easier because there have been no mechanisms to reduce these occurrences and even if there are there has been limited penalties issued to the frauds that happen on the cyber space. Introduction: The complexity of modern enterprises, their reliance on technology, and the heightened Interconnectivity among organizations that is both a result and a driver of e-business these are rapidly evolving developments that create widespread opportunities for theft, fraud, and other forms of exploitation by offenders both outside and inside an organization â€Å" (KPMG 2000) The paper tries to assimilate and analyze the strategies that can be adopted by everyone who deals on the cyber space to protect their information and finances securely. This paper also tries to analyze why such frauds occurs and what can be done by stakeholders to minimize the occurrences and is it worthwhile an attempt to bring in a global governance ordinance which could help businesses and agencies nab the criminals . It is recorded that global e commerce sales are steadily growing and with this the e commerce fraud too. The eco system which has promoted the concept of ecommerce streams from the millions of shoppers and customers who use their debit and credit cards . Though online shopping is projected to be a very safe way of shopping and bank transactions through secured payment modes, frauds have been continually on the increase . It has been objectively researched that e commerce transactions have to be highly secured . Every transaction has to be screened for the following inputs . 1. Risk based authentication should be enabled for every transaction and to prove the integrity of the user. 2. Card holders‘s data has to be tokenized so that consumers identity can be authorized and protected. . Reputed brands should shut down phishing and Trojan attacks that make easy e commerce frauds. Some practical applications for reducing e commerce brands: Fraud detection and prevention by addressing the critical needs of the entire credit card eco system. Evaluating transactions for the risk and balancing risk activities in cards . High transaction abandonment rates that results from poor user experience . Reducing the compliance costs so that we e commerce frauds commitment costs become high . The following diagrammatic representation shows how the personal data ecosystem is subject to hacking by very professional hackers. (source:Google. com) Credit card fraud The credit card industry reports huge frauds conducted over the internet in the US alone, in the year 2010, $8. 6 billion card frauds occurred (Aite Group study). With worldwide electronic information sourcing and data storage and the thousands on online purchasing that is going on, the frequency of card usage has increased and this has resulted in financial institutions and cardholders becoming victims of e fraud . Countries worldwide have set up agencies to monitor e fraud and have their own agencies to take care of such crimes especially those related to the cyber space and those which happen on cyberspace and in ecommerce space . E commerce sales is expected to total almost $1 trillion by 2013. Ecommerce fraud is also growing along with this. Fraudulent transactions rose from 2. 7 billion in 2010 to $3. 4 billion in 2011 and are expected to grow exponentially. The use of internet has made these frauds possible. There are many reasons why these frauds occur. . The increasing complex software that is now being used to relay ecommerce has made the systems vulnerable to attacks . 2. There are thousands of malicious codes and other tools that help hackers and attackers . 3. The increasing use of high speed internet at homes with very little security makes attack much easy . 4. The rate at which technology is changing and the ease of adaptation to the new technology and the users rather slow pace in adopting to good computer security practices is another compelling reason for fraud . . the hidden costs that are involved in an ecommerce portal goes unnoticed because the security systems that have to take care of this and when systems are set up, there is always the likelihood that ambitious technology experts give least preference to securing the information site and privacy conditions People and business which conduct business online do not inform people of the expected frauds that could occur due to ecommerce transactions, because of this frauds happen . The lack of proper governance and regulation regarding type of penalties and punishments that would be given to fraud committers is rather slack . There are no world wide global laws to tackle such frauds and hence frauds that are committed online find no jurisdictional limits and so governments do not know how to pin point the responsibility . This loop hole has been used by fraudsters . The online world is full of pseudonyms and pseudo identities . Hence tracking such frauds also becomes very difficult. There are no experts who could be given the responsibility of tracking and strategizing how such frauds occur . Though technology now is slowly trying to understand the macro environment of the fraud related scenarios, the risk and costs associated with bringing in security is very high and hence the adaptability of such scenarios cannot be done by all firms who have e commerce portals . Stakeholders involvement in the vulnerability that exists across the value chain is seen as the most critical issue in a fraud . Crime congress global: This is an imitative taken by the agency to help stakeholders and victims of e commerce fraud to find effective solutions. This proves information security in all countries of the world to meet the challenges arising from e commerce. This agency prominently uses technology and provides technology solutions in partnership with the business community to prevent frauds through information security technology and information risk management, forensics, investigations, audit, risk, compliance and fraud. This agency has been conducting global awareness programs for reaching out to institutes, businesses and government to partner in helping reduce ccurrences of e fraud to strategic and technological challenges. This is a strategic initiative involving al stakeholders to proactively reduce the risks of ecommerce frauds and to defend IT systems from those threats which are emerging and to comply with relevant legal and regulatory laws . this initiative is a step towards combating the threat of the increasing cases of fraud. This partnership brings out very important initiatives to protect not only customers but a lso business houses from succumbing to the increasing menace of hackers. Technology solutions and other security solutions are placed in a consultative approach towards tackling this . If an international business committed copyright infringements then legal action under Criminal Jurisprudence legal action can be resorted to under Article 61 Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs) where the loser has got legal recourse to his stolen property by means of criminal sanctions and which will thereby allow for legal and criminal punishment of the infringement and the infringer . t has been felt that all types of infringement should be punished with criminal sanctions. People can appeal under this act for legal action or they can hotlist an organization under cyber space if there are cases of patent stealing and web site hacking. The Copyright, Designs and Patents Act 1988 also known as the CDPA can be used in cases where infringement has taken place. If an international business committed copyright infringements or steals a pa tent then as a victims we can take recourse under the above mentioned acts which give protection to IRP which are stolen and pirated and copied.. Early referral is said to be the best away to ensure that the evidence is properly secured and that all the investigative revenues are fully explored with the possible undercover law enforcement activities. Perhaps, communication with the law enforcement activities allows the victim to coordinate civil proceedings with the possible criminal enforcement. Though legally recourse is available it is easy to settle out of court because protection of copyright is a prelude to production of the material or product. People who invent need to protect their patents. Once the patent is protected then it cannot be copied or pirated as punishments are very severe in such cases. With so many innovations taking place in the US especially with cyber technology there has been very serious issue of pirating software and the Beijing convention has called for all member countries to come out with anti pirating laws which could effectively punish those who are caught. USA will have to worry about the number of infringements that are taking place. It has admitted legal course in serious cases but USA is neither able to gun down the culprit nor is it able to find means of putting an end to it because of the geographical distance which makes it impossible to monitor the use of technology. USA is very careful in dealing with countries where incidences of Infringement are very high and tries to bring in severe legal clauses to protect their interests. Computer forensics investigator and other laws A computer forensics investigator works with a pre determined notion of computer crimes. But that is not a sufficient coverage that should be catered. A computer forensics investigator looks upon other law system too such as data protection, data integrity, data control, audit of data components, investigation around the computer and etc. A forensics investigator moves with an initial priority of computer crime. But he should be well governed with other laws. This helps him to establish himself more concretely on the crime scene. He is prepared with the notion of covering up the areas totally in order to fully satisfy himself on the grounds that nothing is left behind. He checks into the data system, recovers the data, checks the integrity of the data, protects the data, looks for evidences around the computer, checks the network system of the accused person, goes more deeply with the computing system to enable him searching beyond the computers to narrow down his investigation procedure. Some other laws such as, human rights, digital rights, information system laws, computer laws are of special interest to him. This gives him the power to deal with any case that involves ethical computer crime. He is much more developed investigator if he is well adverse with the above law system. E – Discovery E Discovery or Electronic Discovery refers to discovery in civil litigation. This discovery process deals with the exchange of information in the electronic format. Electronic Discovery is pretty useful for the forensics analysis. We know that Forensics analysis deals with the investigation of crime scene involving computer and cyber crimes and evidence is the prime source of investigation that leads to a successful procedure. Hence the investigator is pretty much confident about the E Discovery System. The investigator with the help of E Discovery processes such as Electronic messages, voicemail; smart phones etc recover every bit of information that is required in the gathering of evidence required for the forensics investigation. The whole process of collection data through E discovery and jotting it down to the report makes it much easier for the investigator. The E discovery has led to new developments and changes in the investigation system of the cyber crimes. With latest e discovery modes as mentioned above, an investigator is much more confident about its movement into the IT system of the accused criminal, and supporting the cause with rather strong and reliable evidences gathered. E discovery is a radical change in the process of investigation and has led to much more focused and integrated system of computer investigation. Conclusion The whole conclusion is based on the cyber crimes and the enacting system of law prevailing. The cyber crimes have increased in geometric progression over the years which have led to many disasters and crimes. With the increased number of crimes taking place day in day out, the laws have been made much stricter in order to ensure that the numbers of crime taking place gets minimized and there is a fear of messing up the computer system. The laws have addressed the message of intent of distorting computer systems which will constitute a crime. Many forensics investigators have been seen in the picture off late which governs the system of computer crime. These investigators are well adverse with the system laws and crime scenes. They effectively handle the situation and get to the desired results enabling quick and accurate reply to crime involved. Thus the laws have been successful over the years in minimizing computer threats and crimes. Ecommerce has revolutionized trade in many ways and consumers have also been cheated in ways that were unknown in traditional sales. In order to protect the consumers, traders on the internet and operators in the cyber space have got together to form associations and laws that would protect the consumers in the text of ecommerce. Though every country has passed consumer protection acts which are rules and regulations to protect the consumers from fraudulent trade practices in the market. There laws were enacted to protect the consumers and give them rights to ensure that they obtain truthful information and right products as so designed by the seller. The laws have been designed to protect consumers from businesses indulging in unlawful and unfair practices . The governments of all countries have passed regulations to protect the rights of consumers especially in those products where health and safety are chief ingredients. Consumer protection is also in the form of consumer rights which consumers can exercise through redressal grievance and consumer courts. This is the history behind the concept of consumer protection. In direct contrast to the traditional business where the buyer and seller are in direct contact with each other and the buyer can inspect the goods before buying, in ecommerce the communication is only through an electronic form and business is conducted in a paperless environment. More importantly the internet or e transactions play a very important role in helping buyers and in assisting in choice comparisons and locating a product on the internet. (http://www. apec. rg/apec/apec_groups/som_special_task_groups/electroniccommerce. html. Accessed on 13/2/04) Consumer concerns in e commerce starts form the point of instance as the buyer is not known to the seller and vice versa and hence the privacy and confidentiality aspect of a trade which has to be concluded needs authenticity. Consumers are worried about 1. The unfair marketing practices that sellers resort to on the web. 2. The terms of sale, refunds, cancellation of orders, warranty conditions 3. Enforceability of the contract, performance and non performance. . Delivery time, late deliveries and no delivery verification. 5. The most illegal use of information available on credit cards payment made for online purchases. 6. Fraud and cheating because transactions are not authenticated by any physical source. 7. unsafe products not confirming to safety standards. 8. Misuse of personal information for other purposes. Since majority of e commerce transactions lead to the buyer being put to a disadvantage the Issues relating to consumer disputed have to be minimized and arbitrated. t is all the more difficult because the sellers are beyond national jurisdiction as it happens on cyberspace and SO the risks that arise out of such trade has to be taken care of and the consumers have to be suitably protected. a landmark development n the form of the E -Commerce group otherwise known as The Electronic Commerce and Consumer Protection Group is constitute d by leading companies on the net like America Online, AT&T, Dell, IBM, Microsoft, Network Solutions and Time Warner. These companies predominately deal in online sales of their products and so recognize the growing need of consumer protection and have addressed issues regarding consumer protection as best practices of industry and have created an environment which would allow consumers to resolve disputes arising on cyber space. The American Bar Association Task Force on E-commerce and Alternative Dispute Resolution is one of the best reference guide to consumer protection on the cyber space. This organization was asked to suggest workable guidelines that parties dealing in online transactions can use for ODR’s (online dispute redressal) . the complexity further arose from the fact that there was multijurisdictional disputes arising from B2B and B2c businesses. (THIS IS THE LAW ENFORCEMENT AND IS REFREED TO IN EXACT TEXT) To quote the words of the task force of the Ecommerce group â€Å"that there are many ways to help prevent as well as to help resolve disputes or complaints that arise from e-commerce transactions, the Task Force makes the following recommendations and observations: 1. E-commerce businesses should place an enhanced emphasis on all stages of dispute prevention, complaints handling, and effective methods of redress through ADR and ODR. 2. Internet merchants, governmental and nonprofit entities should place a greater emphasis on consumer education and the prevention of e-commerce disputes. 3. Protecting consumers requires adequate standards and codes of conduct for ecommerce businesses. 4. Internet merchants should be encouraged to participate in and subscribe to relevant e-commerce codes of conduct and trust mark programs. 5. Internet merchants should develop or continue to improve on their in-house complaints handling mechanisms, and educate consumers as to how to use these in-house procedures effectively. 6. For consumers, recourse to in-house complaints mechanisms is normally the first and best means to obtain redress from reputable merchants. Accordingly, consumers should be encouraged to utilize the in-house complaints handling mechanisms offered by reputable Internet merchants before resorting to third party dispute resolution mechanisms. 7. at present, the lack of ODR does not appear to be a material impediment to the growth of B2C e-commerce. . At present, ODR is subsidiary to other higher priority consumer protection activities, including consumer education and use of measures that help prevent or decrease the incidence of fraud in Internet transactions. 9. Recognizing that enforcement of outcomes and decisions reached through ODR may be difficult, consumers should be encouraged to consider using other dispute prevention mechanisms such as escrow services and credit card charge back mechanisms when transacting online. 10. Rather than create a code of conduct for ODR Service Providers, the Task Force has drafted Recommended Best Practices by ODR Service Providers. 1. The Task Force recommends the creation of a new informational entity (referred to as the ADRCenter) that would provide information about ODR in an effort to educate and familiarize consumers, businesses, lawyers and other professionals with this new type of service. 12. For the advancement of ODR as an effective and efficient means of cross-border dispute resolution for both B2B and B2C transactions, there needs to be an appropriate emphasis on the development of interoperable communication and data-sharing platforms. 3. The Task Force believes that much of the education that will be useful for consumers will also be useful for businesses – especially small to medium sized enterprises and those who are ne w to the Internet marketplace and to cross-border transactions. ( Task force quoted verbatim) among all of ecommerce frauds the greatest of consumer complaints arose from identity thefts. The Federal trade commission has released statistics stating that out of 2004,000 complaints received from consumers 42% elated to fraud and identity of the seller, followed by internet auctions which constituted 10%,followed by other non performances like non delivery of goods, inferior quality goods, trial offers from the net, shop at home offers and so on. This only reiterates that consumers have to be protected and laws of cyber space have to be strictly regulated to afford consumer protection. Consumer protection measures were seen very importantly in the light of an interactive poll which shows the increased awareness of consumers against online frauds . They were dissuaded by online shopping and cited some of the reasons why they had not shopped recently. 57% said that they were worried about their credit card number being stolen,57% were worried about confidentiality measures being violated,38% doubted the integrity on the seleers,26% wanted some personal attention to be given while they shopped,37% doubted the reliability of the sellers,47% said that wanted to physically inspect the product and 25% cited many unknown reasons. source: Harris interactive)It was increasingly felt that consumer education will be able to help protect consumers better. It also shows increased concerns about consumers not knowing how to transact online. It is suggested that traders using the electronic media need to given all information that is required for consumers to feel safe about shopping online . Quoting Internet merchants association ,† Merchants need to have greater and enhanced disclosure on their websites as well as heightened compliance with relevant consumer protection law. † Another pertinent consumer protection data and study conducted by a New Zealand organization on 700 web sites explicitly brought out the consumers heightened awareness of ecommerce frauds and consumers came out with their reasons of the need for protecting their rights against fraudulent organizations. They said that 50% of the vendors had not installed security measures on the payment options, 62% did not speak of refund policies, 78% said that the vendors did not advice customers of how to lodge complaints,90% said that they did not know about laws pertaining to consumer redresses and 25% said that the vendors did not show physical address. Despite all this majority of consumers preferred to shop online so laws pertaining to consumer protection need to be implemented in its fullest sense. Consumers International released its Privacy@ net study in which it concluded: that though almost all the traders online collected data regarding the personal information of the buyers very few of them institutionalized a privacy policy regarding the use of the information that the buyer gave. Though these were correct measures to provide security, majority of these proved meaningless to the buyers. it was very common in the US and Europe to find traders giving scant respect to global standards on data privacy. Even the basic principles of informing the customers of how the data will be used, how the firm will access the data , how the consumer can use the data and how the security of the data is sought and maintained is not disclosed. A comparative study of the sites of USA and UK are no different with regard to privacy policy as both played on the information made available to them. The US online trading sites set decent privacy policies which looked good enough to follow. In The European trading sites the consumers had the law backing them up and the presence of an ombudsman and a government representative in the form of a data protection officer took care of the consumer rights and protection if breached. He also intervened to speak on behalf of the consumers if the law was tampered with . in fact it is sad to know that both the countries have left little choice to consumers in terms of data protection.. † This was a comparative study of the European merchants and the USA merchants. But both of them accepted the fact that consumer protection was a must if their sales and revenues had to increase. As a step towards greater protection measures to consumers the task force on ecommerce and protection said that various disputes redressal mechanisms have to be introduced in the form of dispute prevention like education of consumers, feedback collection from consumers, ombudsman appointments, negotiations, mediation, arbitrators, and assessment of valid consumer grievances.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.