Computing Magazine

Heartbleed: A Serious Threat to the eCommerce Industry

Posted on the 26 March 2015 by Savita Singh @Compgeekblog

It has been a while since eCommerce has taken the nation by a storm and changed the dynamics of shopping. Many claim that it is the future of shopping and trade around the world. We could not agree more as it sure is convenient as hell to be able to order services and products from the comfort of your home and get them delivered to you. Since its initial days, the eCommerce industry has come a long way and is now more secure than ever all thanks to the SSL and its secured server. You know you are in safe hands when you see a lock and https:// in your web browser while paying online. However, SSL is exactly what is being targeted by Heartbleed. Let us analyze what Heartbleed is and if the eCommerce industry is safe now.

Lets get to know the Heartbleed

To being with, let us understand what Heartbleed actually is. It happens to be a loophole in the popular OpenSSL library, which employed by almost every web server using SSL. Anyone who knows how to exploit this loophole can have access to information like user passwords, credit card numbers and private security keys, to name a few. Needless to say, it is a serious threat to eCommerce and almost everyone stand to lose a lot from it.

heartbleed-ecommerce-computergeekblog2

How to know whether an eCommerce domain is safe and how to prevent?

The security bug has already affected a number eCommerce websites on the Internet and there are various tool available, which help in determining whether or not an eCommerce domain is affected by the issue. It is suggested to get your website tested for the bug and if found positive, get your hosting provider or network administrator to upgrade their OpenSSL implementation. This might involve recycling the SSL keys and certificates of your website and it will also revoke the old ones. Therefore, be prepared to experience a little setback in the business for a short while.

Is eCommerce safe now?

Now the big question that arises is for individuals, who are active users of the eCommerce websites of whether or not it is safe to go online. Chances are that almost every major player in this industry would have had their Open SSL implementation upgraded by now and as such are safe against the Heartbleed. However, it always pays to be secure and thus we getting the Chromebleed Checker extension for the Google Chrome web browser. After all, prevention is definitely better than the cure.

Conclusion

Heartbleed may have caused some serious wrinkles for eCommerce players, however, it is not something that has no solution. Rapid and timely execution of counter measures may prevent some serious damages. It is recommended to upgrade the OpenSSL just to be on the safer side.


Back to Featured Articles on Logo Paperblog