Drawing the Line

You need to draw the line between being safe and exaggerating. Online frauds happen, but you shouldn’t put your website under lockdown just because someone might make a purchase using a stolen credit card. Security features are necessary and your visitors should see a few logos that attest to the fact that your website is safe to use, but don’t add more measures that necessary. As long as you know when to stop and you don’t make your visitors feel uncomfortable, your sales will increase gradually and no one will drop their order because of your security features.

Read more »

Posted in: Security

Security Warnings

The worst feature that can be implemented in an eCommerce store is the pop up security warning. Most people who are navigating the internet are not very familiar with how online payments work and they are very skeptical when it comes to giving out their credit card information. If a security warning appears on the screen, there are high chances that they will simply get scared and avoid making the purchase altogether. You shouldn’t give your customers the chance to panic: just implement the necessary features and make sure that your website is secure when it comes to online payments.

Read more »

Posted in: Security

Decreasing Sales with Security Features

If people reach the checkout page and they need to jump through hoops before you give them the chance to place their order, they will most likely leave your store and increase your shopping card abandonment rate. A good example is adding a Captcha code next to the registration form. Users don’t like deciphering these codes and you need to find another way to deter spammers. Some of today’s Captcha codes are quite complicated and there is no reason to add them to an online store.

Read more »

Posted in: Security

Necessary Security Measures

Adding security features to an eCommerce website is not only recommended, it is also necessary. You need to make sure that your customers can give out their credit card information and that it won’t fall into the wrong hands. But how do these safety features affect your sales? Are people more likely to make purchases on websites with many security add-ons or on websites that aren’t focused on credit card security? The answer is somewhere in between.

Necessary Security Measures

SSL certificates are viewed as the standard in eCommerce and running a large online business is almost impossible without this security feature. Most people feel comfortable entering their credit card information once they see the SSL logo and there is no doubt that such a feature will be beneficial. Other merchants offer similar tools for security, but the point is always the same: the transfer of information is encrypted and you can be sure that your credit card information will be kept secret.

Read more »

Posted in: Security

[08/10] Linux Security Summit 2010 slides published

I've updated the papers section of the site to include my slides from the Linux Security Summit 2010. The title of the presentation was "Linux Security in 10 Years". In the presentation, I demonstrated the threat of kernel exploitation, how kernel exploitation subverts access control/container-based security, the need to have a broader view of system protection, in particular the need for kernel self-protection.

# grsecurity

Read more »

Posted in: Linux,Security,Tutorial