Securing e-Business from threats and risks has become an urgent necessity nowadays especially with the growth of the cyber-crimes. Enterprises need to provide securely services and gaining the trust of the customers is the bedrock toward achieving any enterprise’s objectives and goals. Otherwise, making e-Commerce platforms exposed to the cyber-crimes will affect the e-Business performance and reputation and may destroy the e-Business at all. In this paper, the different e-Commerce security challenges are discussed by presenting the most important vulnerabilities related to the different components of the e-Commerce including the user, the security techniques, the Information Technology environment, and the e-Commerce platform. Then, the best practices that enterprises should follow to ensure a safer e-Business environment are provided. Moreover, different attack detection mechanisms deployed in e-Commerce platforms have been presented. Finally, investigations are conducted on some e-Commerce platforms in order to show how the e-Business still suffers from information disclosure.
Copyright © 2022 Praise Worthy Prize - All rights reserved.

W. Stallings and L. Brown. Computer Security: Principles and Practice. 4th Edition, Pearson, 2018.

C. Laybats and J. Davies GDRP: Implementing the regulations, Business Information Review, Vol. 35, Issue 2, pp. 81-83, 2018.
https://doi.org/10.1177/0266382118777808

L. Williams, G. McGraw, and S. Migues, 'Engineering Security Vulnerability Prevention, Detection, and Response', IEEE Software, Vol. 35, Issue 5, pp. 76 - 80, 2018.
https://doi.org/10.1109/MS.2018.290110854

E. Sepashvili, Digital Chain Policy of Contemporary Global Economy: E-commerce Evolution through E-banking and E-signature, Business and Management Sciences, Vol. 11 Issue 3, p239 - 249, 2020.

L. Yan and L. Junfeng, Risk Management of E-Commerce Security in Cloud Computing Environment, 12th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), pp. 787 - 790, Phuket, Thailand, February 2020.

M. D. Mileros, N. Lakemond, and R. Forchheimer, Towards a taxonomy of e-commerce -characterizing content creator-based business models, Proceedings of ISPIM Conferences, Florence, Italy, pp. 1 - 14, June 2019.
https://doi.org/10.22215/timreview/1276

IBM. Vulnerability involving IBM Cloud Baseboard Management Controller (BMC) Firmware [Online]. February 2019, last accessed 15 March 2021. Available at:
https://www.ibm.com/blogs/psirt/vulnerability-involving-ibm-cloud-baseboard-management-controller-bmc-firmware/

G. Somani et al., Combating DDoS Attacks in the Cloud: Requirements, Trends, and Future Directions, IEEE Cloud Computing, Vol. 4, Issue 1, pp. 22 - 32, 2017.
https://doi.org/10.1109/MCC.2017.14

F. Kamoun and M. Halaweh, User interface Design and E-commerce Security Perception: An empirical study, International Journal of E-Business Research (IJEBR), Vol. 8, Issue 2, pp. 15-32, 2012.
https://doi.org/10.4018/jebr.2012040102

M. Harwood. Internet Security: How to Defend Against Attackers on the Web. Burlington, MA: Jones & Bartlett Learning, 2016.

S. Wei, Y. Ding, and X. Han, TDSC: Two-Stage DDoS Detection and Defense System Based on Clustering, 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), Denver, CO, pp. 101 - 102, 2017.
https://doi.org/10.1109/DSN-W.2017.11

T. A. Ahanger, An effective approach of detecting DDoS using Artificial Neural Networks, International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), Chennai, pp. 707-711, 2017.
https://doi.org/10.1109/WiSPNET.2017.8299853

Y. Kourago et al. Attacks on Android Banking Applications, International Conference on Engineering & MIS (ICEMIS), Agadir, Marocco, pp. 1-6, 2016.
https://doi.org/10.1109/ICEMIS.2016.7745337

S. Jamshidi, R. Rejaie, and J. Li, Trojan Horses in Amazon's Castle: Understanding the Incentivized Online Reviews, International Conference on Advances in Social Networks Analysis and Mining (ASONAM), Barcelona, Spain, pp. 335-342, 2018.
https://doi.org/10.1109/ASONAM.2018.8508267

A. H. Lashkari et al. CIC-AB: Online ad blocker for browsers, International Carnahan Conference on Security Technology (ICCST), Madrid, Spain, pp. 1-7, 2017.
https://doi.org/10.1109/CCST.2017.8167846

H. Teymourlouei, Preventative Measures in Cyber & Ransomware Attacks for Home & Small Businesses' Data, International Conference on Scientific Computing (CSC), Athens, pp. 87 - 93, 2018.

A. Zahra and M. A. Shah, IoT based ransomware growth rate evaluation and detection using command and control blacklisting, International Conference on Automation and Computing (ICAC), Huddersfield, pp. 1 - 6, 2017.
https://doi.org/10.23919/IConAC.2017.8082013

F. N. Esirci and A. a. Bayrakci, Hardware Trojan detection based on correlated path delays in defiance of variations with spatial correlations, Design, Automation & Test in Europe Conference & Exhibition (DATE), Lausanne, pp. 163-168, 2017.
https://doi.org/10.23919/DATE.2017.7926976

K. Xiao, X. Zhang, and M. Tehranipoor, A clock sweeping technique for detecting hardware Trojans impacting circuits delay, IEEE Design and Test, Vol. 30, Issue 2, pp. 26 - 34, 2013.
https://doi.org/10.1109/MDAT.2013.2249555

L. Xue and S. Ren, Power analysis-based Hardware Trojan detection, IEEE National Aerospace and Electronics Conference (NAECON), Dayton, OH, pp. 253 - 257, 2017.
https://doi.org/10.1109/NAECON.2017.8268780

R. Shende and D. D. Ambawade, A side channel based power analysis technique for hardware trojan detection using statistical learning approach, Thirteenth International Conference on Wireless and Optical Communications Networks (WOCN), Hyderabad, pp. 1 - 4, 2016.
https://doi.org/10.1109/WOCN.2016.7759894

P. William Robert and A. Maheshwar, A study on effect of credit card on customer satisfaction in Chennai, Journal of Contemporary Issues in Business & Government, Vol. 26 Issue 2, pp. 1055 - 1062, 2020.

L. Xiaogang et al., Pricing and Product-bundling Strategies for E-commerce Platforms with Competition, European Journal of Operational Research, Vol. 283, Issue 3, pp. 1026 - 1039, June 2020.
https://doi.org/10.1016/j.ejor.2019.11.066

S. Daklov and A. Malinova, A survey of e-commerce Security Threats and Solutions, International Conference on Innovations in Science and Education, Prague, Czech Republic, March 2021.
https://doi.org/10.12955/pns.v2.135

G. Baldini et al., Ethical Design in the Internet of Things. Science and Engineering Ethics, Vol. 24, Issue 3, pp. 905 - 925, 2018.
https://doi.org/10.1007/s11948-016-9754-5

C. Li and B. Palanisami, Privacy in Internet of Things: From principles to technologies, IEEE Internet of Things Journal, pp. 1-18, 2018.
https://doi.org/10.1109/JIOT.2018.2864168

M. Merhi, Multi-Country Analysis of E-commerce Adoption: The Impact of National Culture and Economic Development., Pacific Asia Journal of the Association for Information Systems; 2021, Vol. 13 Issue 3, p 1 - 23, ISSN 1943-7544, 2021.

D. Tolstoy et al., The development of international e-commerce in retail SMEs: An effectuation perspective, Journal of World Business, Elsevier, Vol. 56, Issue 3, ISSN 1090-9516, April 2021.
https://doi.org/10.1016/j.jwb.2020.101165

V. G. Pono et al., Trust in Merchants and E-commerce Platforms as Antecedents of Users' Purchase Intention in C2C E-Commerce, 5th IEEE International Conference on Computing Engineering and Design (ICCED), Singapore, April 2019.

M. J. Girsang, Can Information Security, Privacy and Satisfaction Influence The E-Commerce Consumer Trust?, 8th IEEE International Conference on Information and Communication Technology (ICoICT), Yogyakarta, Indonesia, June 2020.
https://doi.org/10.1109/ICoICT49345.2020.9166247

A. A. Baabdullah and Y. Ansari, Factors Influencing Online Buying Behavior of Customers in Saudi Arabia, Journal of Economic Administrative & Legal Sciences, Vol. 4 Issue 6, p 146 - 159, June 2020.

W. Li, W. Meng, and L. Kwok, Surveying Trust-Based Collaborative Intrusion Detection: State-of-the-Art, Challenges and Future Directions, IEEE Communications Surveys & Tutorials, Vol. 24 Issue 1, p280-305, December 2021.
https://doi.org/10.1109/COMST.2021.3139052

A. Pashaei et al., Improving the IDS Performance through Early Detection Approach in Local Area Networks Using Industrial Control Systems of Honeypot, IEEE International Conference on Environment and Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems Europe (EEEIC / I&CPS Europe), pp. 1-5, Madrid, Spain, June 2020.
https://doi.org/10.1109/EEEIC/ICPSEurope49358.2020.9160574

R. K. Jamra et al., Systematic Review of Issues and Solutions for Security in E-commerce, International Conference on Electrical Engineering and Informatics (ICELTICs), pp. 1-5, Jakarta, Indonesia, October 2020.
https://doi.org/10.1109/ICELTICs50595.2020.9315437

Y. Xiao, L. Zhu, and X. Li, A Review on Trust and Reputation Management Systems in e-commerce and P2P Network, 2nd International Conference on E-Commerce and Internet Technology (ECIT), pp. 58-62, Hangzhou, China, March2021.
https://doi.org/10.1109/ECIT52743.2021.00020

J. Bao, X. Geng, and P. Yu, Research on the Construction of E-Commerce Credit System Based on Blockchain, 12th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), pp. 776-779, Phuket, Thailand, February 2020.
https://doi.org/10.1109/ICMTMA50254.2020.00170

G. Ruiling et al., A DNS-based Data Exfiltration Traffic Detection Method for Unknown Samples, 7th IEEE International Conference on Data Science in Cyberspace (DSC), pp. 191-198, Guilin, China, July 2022.
https://doi.org/10.1109/DSC55868.2022.00032

N. R. Mohan and N. P. Kumar, Predicting and Analysis of Phishing Attacks and Breaches in E-Commerce Websites, International Journal of Scientific Research in Science, Engineering and Technology, Technoscience Academy, pp. 170 - 175, 2020.
https://doi.org/10.32628/IJSRSET207443

R. Laurens et al., Using Disposable Domain Names to Detect Online Card Transaction Fraud, IEEE International Conference on Communications (ICC), pp. 1-7, Shanghai, China, May 2019.
https://doi.org/10.1109/ICC.2019.8761144

A. S. Rajawat, K. Barhanpurkar, D. Mukhopadhyay, and A. Ghosh, Scheme Invisible Internet Protocol (I2P) using Blockchain techniques for tracking Darkweb User Activities, 4th International Conference on Computing, Power and Communication Technologies (GUCON), pp. 1-5, Kuala Lumpur, Malaysia, September 2021.
https://doi.org/10.1109/GUCON50781.2021.9573880

E. Rescola, The Transport Layer Security (TLS) Protocol Version 1.3, RFC 8446, August 2018.
https://doi.org/10.17487/RFC8446

E. Barker and A. Roginsky, Transitioning the Use of Cryptographic Algorithms and Key Lengths, Special Publication (NIST SP)-800-131A Revision 2, March 2019. (Accessed March 21, 2022).
https://doi.org/10.6028/NIST.SP.800-131Ar2

OWASP, The Ten Most Critical Web Application Security Risks, OWASP Top 10 - 2021, Top 10:2021 List, 2021.

D. Guamán et al., Implementation of techniques and OWASP security recommendations to avoid SQL and XSS attacks using J2EE and WS-Security, 12th Iberian Conference on Information Systems and Technologies (CISTI), Lisbon, pp. 1-7, 2017.
https://doi.org/10.23919/CISTI.2017.7975981

A. Aborujilah et al., Descriptive Analysis of Built-in Security Features in Web Development Frameworks, 16th International Conference on Ubiquitous Information Management and Communication (IMCOM), Seoul, Korea, January 2022.
https://doi.org/10.1109/IMCOM53663.2022.9721750

N. Abu Talib, Assessment of Dynamic Open-source Cross-site Scripting Filters for Web Application, KSII Transactions on Internet & Information Systems, Vol. 15, Issue 10, pp. 3750 - 3770, October 2021.
https://doi.org/10.3837/tiis.2021.10.015

C. Gupta, R. K. Sigh, and A. K. Mohapatra, A survey and classification of XML based attacks on web applications., Information Security Journal: A Global Perspective, Vol. 29, Issue 4, pp 183 - 198, April 2020.
https://doi.org/10.1080/19393555.2020.1740839