Practical Security Testing Of Electronic Commerce Web Applications

The availability of the internet and cheaper data tariffs made the effective use of Electronic Commerce (ecommerce) applications by the people for purchasing the daily needs and regular household items. The success of the e-commerce platforms is based on the trust and security that they maintain regarding users personal and payment data. However, the poor design and development, unnoticed mistakes in coding of the E-commerce websites and applications lead to many vulnerabilities and thereby becomes the simple target for the hackers. Along with conventional security testing methods, application dependent methods need to be applied on the ecommerce web applications which are built using various programming environments. To this end, this paper presents various possible practical security methods followed by penetration testers along with counter measures that can be applicable for avoiding vulnerabilities in e-commerce websites.