Commerce Transaction Requests Encryption: Comparison
View Latest Version
Please note this is a comparison between Version 2 by Dean Liu and Version 1 by Mishall Hammed Al-Zubaidie.

The proliferation of wireless communication networks, credit cards, smartphones, and the continuous growth of e-commerce have led to increased product sales and delivery. E-commerce involves a complex system comprising various elements, including the Internet, online shopping websites, servers, payment methods, product delivery, and customers. However, the transactional information in e-commerce faces potential breaches and threats, emphasizing the need to protect data privacy. To ensure information security, researchers propose a high-performance and secure protocol.

  • asymmetric cryptography
  • DLD
  • e-commerce transactions
  • key identifier
  • merchant request
  • probability of data leakage

1. Introduction

Despite the utilization of both symmetric and asymmetric encryption methods in e-commerce applications, significant challenges in terms of security and performance persist with the existing solutions. This section will offer comprehensive evaluations of current research studies related to the subject matter of ourthe study.
Sidik et al. [9][1] suggested a technique in the one-time pad (OTP) manner’s flaw that can be concealed by altering each cipher text in the three pathways used in the three-passes protocol method. To modify the cipher text, a combination of the ElGamal and RSA algorithms is employed to generate super cipher text. The first and third lines are encrypted using RSA, while the second line undergoes encryption with the ElGamal algorithm. However, this approach presents several issues, including the usage of large initial numbers and complex operations, reliance on multiple keys with different lengths, vulnerability of the one-time pad due to the use of a single key for a single operation, and the susceptibility of the key to being easily cracked. Ali et al. [10][2] submitted a proposal to develop a trustworthy algorithm for multi-factor authentication for mobile payment systems. In order to increase security when authenticating mobile money, they used a cutting-edge strategy that combined a personal identification number (PIN), an OTP, and a biometric fingerprint. Additionally, they used a quick response (QR) code and biometric fingerprint to validate a mobile money withdrawal. The privacy of the OTP and PIN is enforced by fast identity online (FIDO), which employs a biometric fingerprint and RSA standard public key cryptography in addition to Fernet encryption, to protect a QR code and the data in the datasets. The weaknesses in their proposal include the complexity and large mathematical operations of the RSA algorithm, leading to system slowdowns. Additionally, external conditions like exposure to burns and diseases can alter the fingerprint, impacting both the performance and security of their proposed system.
Tyagi [11][3] proposed a method to protect data in cloud computing, specifically using image double-level encryption through convolutional neural network (CNN) auto-encoders combined with advanced encryption standard (AES) and Fernet. The process involves processing, encrypting, and decrypting the source images to produce bitmap images as outputs, which users can then decrypt using a key. However, their proposal faces some challenges, such as the double encryption level affecting performance and the potential exposure of data and information to theft and damage when stored in cloud computing. Dong [12][4] proposed a method that utilizes sensor technology and a smart platform for mining and analyzing e-commerce data. Based on the analysis, a new mobile e-commerce platform was designed, using Jingdong and Taobao as examples. Online evaluation surveys and research were conducted to determine the factors influencing logistics services and customer satisfaction under various logistics distribution models. However, there are some weaknesses in the proposal. Customer satisfaction is influenced by various factors, such as the quality of goods and services, delivery time, speed of delivery, and the attitude of delivery staff. The difference in delivery and delivery time can impact e-commerce platforms. The three-level system construction model increases user–server interaction, but also leads to a huge dynamic page containing both performance and generated data. This complexity poses security risks to the system and makes system development and maintenance challenging.
Abdul Hussien et al. [13][5] proposed an agent program installed on each customer device to handle security and purchases automatically. The encryption algorithm used strikes a balance between time and complexity, with improvements made to the AES encryption. Preprocessing steps such as zigzag and padding were added, the sub-byte step was removed, and the number of rounds decreased. However, their proposed system has the drawback of significant arithmetic operations, resulting in reduced algorithm speed, increased file memory size, and higher cost. On the other hand, Kota [14][6] proposed hybrid encryption for data storage in cloud computing. They use AES-GCM, Fernet, AES-CCM, and CHACHA20 POLY1305 algorithms for data security by block. The technique is commonly used for securing key information, with a key size of 128 bits. There are N parts to one file. Each part of the file is encrypted with a special algorithm. All files are encrypted concurrently using two distinct techniques. For the purpose of file decryption, the encryption process is reversed. Their proposal faces certain challenges, such as the use of GCM-AES to encrypt file segments, which requires minimal time and offers the highest throughput for encryption and decryption compared to similar algorithms. However, the process of dividing files into parts and having each part perform a different algorithm leads to extensive and intricate calculations.
Koppaka and Lakshmi [15][7] proposed a method that utilizes encryption algorithms in hyperchaotic sequences, incorporating the ElGamal algorithm to effectively encrypt outsourced data and reduce computing complexity. They introduced an improved ElGamal cryptosystem (IEC) algorithm, which significantly enhances data security in cloud scenarios by strengthening key pairs through a combination of the classic ElGamal algorithm and pseudorandom sequences for pseudorandom key generation. However, the IEC algorithm has different key lengths, leading to complex operations and negatively impacting system performance and computational complexity. On the other hand, Charles et al. [16][8] improved the ElGamal encryption–decryption technique to enhance data protection. Their approach involves the use of a newly created private key and a public key for decryption. Encrypted data are decrypted based on a user’s request using ResNet-50’s nearly 50-layer CNN classifier. Nevertheless, there are concerns about potential attacks on user data containing sensitive information, and the usage of ResNet incurs high costs when dealing with multiple parameters. Ahmed and Ahmed [17][9] introduced a proposal to employ encryption methods to protect networks and devices connected to each other. The challenge lies in achieving quick and reliable communication among multiple devices without interruptions. Comparing algorithms based on key size, message size, and execution time is crucial [18,19][10][11]. Vulnerabilities in the long key RSA algorithm lead to encryption delays and complex operations. Similarly, ECC experiences sluggishness in public key operations and is susceptible to performance-affecting attacks. Parvathi et al. [20][12] proposed using Fernet/AES with blockchain technology in the food supply chain to ensure secure transactions between farmers and consumers/buyers. However, this approach faces issues as data processing for each purchase and sale order takes time, affecting system performance and causing delays in orders and potential damage to goods.

2. Importance of the E-Merchant in E-Commerce Transactions

E-merchant is known as a commercial transaction, conducted electronically in facilitating both marketing and stalking operations anywhere, anytime and with whoever participates in the transaction over the Internet. This adaptability is what attracts customers, and merchants can increase the sales of their products by partnering with multiple websites. Customers can buy goods and/or services directly from online retailers. Merchants deal on a day-to-day basis on their websites. They sell goods and services daily to customers for a fee, and often have coupons on the website. Online market merchants offer to sell goods or services that will be sold in online stores via online shopping malls by uploading data or information [2][13]. E-commerce provides a number of merchants and platforms via the Internet, and the merchant is responsible for the quality of the product and its price, and the quality of sales. E-merchant platforms play a crucial role in the financial gains of platform merchants by managing user interactions, curating content, and imposing transparent and flexible management limits. Large online marketplaces like eBay, Amazon, and Alibaba have a significant impact on content selection, categorization, and display. However, the quality of goods sold by merchants on these platforms may be questionable. Some sellers resort to deceptive advertising, leading to the selling of subpar goods in e-commerce transactions [21][14].
The sales volume is influenced by pricing, which is set by the merchants. Consumers interact with merchants to inquire about product prices. Social media advertising and consumer engagement for products on social platforms can boost merchant sales and generate commissions. Merchants invest in search engine marketing to promote suggested products to consumers [22][15]. The availability of numerous deals and opportunities to make purchases through Internet sales has increased significantly. (1) Consumers and e-merchants interact online through a server rented by the e-merchant from an Internet service provider (ISP). (2) All online transactions include terms of use and terms of sale, which are typically posted on the e-merchant’s website. Interested customers must click the accept button to agree to these terms. (3) By clicking the accept button, customers electronically bind themselves to the contract with the e-merchant. (4) The payment process involves two intermediary banks—the commercial bank of the acquiring party and the bank’s issuing bank. The client mechanism authorizes the e-issuing customer’s bank to make payments to the purchasing merchant’s bank on behalf of the customers for the cost of the items. (5) Once the payment process is complete, the e-merchant fulfills its obligations by delivering the items according to the agreed timing and product specifications [23][16]. The importance of the e-merchant in e-commerce to protect the security of information, customer data, and product data is crucial in electronic commerce to prevent theft and ensure data protection. To achieve this, built-in encryption techniques are used, providing high data security and promoting products effectively. The process involves implementing encryption and authentication protocols to safeguard sensitive information exchanged between the merchant and goods suppliers, as well as between the merchant and customers. Transactions in e-commerce involve sensitive data such as names, addresses, mobile numbers, and banking information, making it a target for attackers. Protecting this information is essential for the security of electronic commerce, as the merchant acts as a link between suppliers and customers.

References

  1. Sidik, A.P.; Efendi, S.; Suherman, S. Improving one-time pad algorithm on Shamir’s three-pass protocol scheme by using RSA and ElGamal algorithms. In Proceedings of the Journal of Physics: Conference Series; IOP Publishing: Bristol, UK, 2019; Volume 1235, p. 012007.
  2. Ali, G.; Dida, M.A.; Elikana Sam, A. A Secure and efficient multi-factor authentication algorithm for mobile money applications. Future Internet 2021, 13, 299.
  3. Tyagi, S. Enhancing security of cloud data through encryption with AES and Fernet algorithm through convolutional-neural-networks (CNN). Int. J. Comput. Netw. Appl. 2021, 8, 288–299.
  4. Dong, Z. Construction of mobile e-commerce platform and analysis of its impact on e-commerce logistics customer satisfaction. Complexity 2021, 2021, 6636415.
  5. Abdul Hussien, F.T.; Rahma, A.M.S.; Abdul Wahab, H.B. A secure environment using a new lightweight AES encryption algorithm for e-commerce websites. Secur. Commun. Netw. 2021, 2021, 9961172.
  6. Kota, C. Secure File Storage in Cloud Using Hybrid Cryptography. Available at SSRN 4209511. 2022. Available online: https://ssrn.com/abstract=4209511 (accessed on 25 June 2023).
  7. Koppaka, A.K.; Lakshmi, V.N. ElGamal algorithm with hyperchaotic sequence to enhance security of cloud data. Int. J. Pervasive Comput. Commun. 2022.
  8. Charles, V.B.; Surendran, D.; SureshKumar, A. Heart disease data based privacy preservation using enhanced ElGamal and ResNet classifier. Biomed. Signal Process. Control 2022, 71, 103185.
  9. Ahmed, S.; Ahmed, T. Comparative analysis of cryptographic algorithms in context of communication: A systematic review. Biomed. Signal Process. Control 2022, 12, 161–173.
  10. Al-Zubaidie, M. Implication of lightweight and robust hash function to support key exchange in health sensor networks. Symmetry 2023, 15, 152.
  11. Muhajjar, R.A.; Flayh, N.A.; Al-Zubaidie, M. A perfect security key management method for hierarchical wireless sensor networks in medical environments. Electronics 2023, 12, 1011.
  12. Parvathi, R.; Girish, M.; Sandeep, M.G.; Abhiram, K. Secured blockchain technology for agriculture food supply chain. J. Pharm. Negat. Results 2022, 13, 357–361.
  13. Cybersource. 2023 Global Ecommerce Payments and Fraud Report. Technical Report, Cybersource A Visa Solution. 2023. Available online: https://www.cybersource.com/en-us/solutions/fraud-and-risk-management/fraud-report.html#cw-243544106 (accessed on 1 June 2023).
  14. He, H.; Zhang, B. Strategy analysis of multi-agent governance on the e-commerce platform. J. Theor. Appl. Electron. Commer. Res. 2023, 18, 1–18.
  15. Li, Z.; Ren, L.; Li, Z.; Chen, J.; Tian, X.; Zhang, Y. Price dispersion, bargaining power, and consumers’ online shopping experience in e-commerce: Evidence from online transactions. Math. Probl. Eng. 2023, 2023, 6638665.
  16. Sugito, P. Sales multiplize through e-commerce training For Batik craftsman in Paiton Probolinggo. Empower. Soc. 2023, 6, 9–16.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/)
Video Production Service
Feedback