Development of secure e-commerce protocol

Abstract

Increased security breaches in e-commerce over the previous decade have prompted e-commerce enterprises to take more precautions. The inability to securely retain personal data has resulted in violations primarily involving credit card fraud and the theft of user accounts. In this context, e-commerce companies invest in increasing database security to more securely keep user data. Furthermore, these security flaws demonstrate the critical necessity for security protocols and solutions to be implemented. Existing approaches are insufficient and place undue pressure on e-commerce businesses in terms of calculation and connectivity. Similar database flaws exist in mobile payment systems, and numerous safeguards should be included. In general, user data is maintained encrypted and unencrypted in database systems, and user data can be viewed when the database is compromised. In this thesis, we propose an e-commerce protocol that takes security to the next level by employing a novel technique to address existing security flaws in e-commerce and mobile payment systems. Furthermore, even if the database is taken, this protocol prevents access to personal data, removing users' concerns about privacy. Users will have a right to claim how their data is used and will be able to regulate it. To accomplish these enhanced capabilities, users' data is transformed using mathematical procedures and stored in the database in this modified form. Finally, we implemented the proposed protocol and designed attack scenarios to demonstrate that it has been validated and compared to other known protocols and algorithms. The analysis revealed that the suggested protocol outperforms the compared approaches in terms of execution time.