Securing Customer Email Communication in E-Commerce

Abstract

A solution is proposed for making emails sent by eSystems, such as online stores, to their customers more secure. The goal is to protect customers' privacy and to mitigate the possibility of different attacks, e.g., phishing. An overview of existing email related security standards and technologies is given and the suitability of these solutions for securing customer email communication is analyzed. The approach proposed in this paper is based on public key cryptography and OpenPGP. It combines already well established standards in a novel way to achieve a higher level of email security in e-commerce setting. A proof-of-concept implementation of the proposed solution is also presented. The implementation will be made available as an add-on module for an open source e-commerce platform Zen Cart. The authors make an argument for encouraging online stores to integrate security features such as described in this paper to protect their customers from online fraud.