E-commerce: Protecting purchaser privacy to enforce trust

Electronic Commerce Research

Volumn 11, Issue 4, 2011, Pages 421-456

  Antoniou, Giannakis ^a   Batten, Lynn ^b  

^a Philips College Nicosia   (Cyprus)

^b DEAKIN UNIVERSITY   (Australia)

Author keywords

C2B; E commerce; Privacy; Trust

Indexed keywords

EID: 80255136286     PISSN: 13895753     EISSN: 15729362     Source Type: Journal    
DOI: 10.1007/s10660-011-9083-3     Document Type: Article

References (72)

1. http://www. microsoft. com/technet/security/bulletin/MS01-017. mspx: Microsoft Security Bulletin MS01-017: Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard: Last Access: 2009.
2. Ackerman, M. S., Cranor, L. F., & Reagle, J. (1999). Privacy in e-commerce: examining user scenarios and privacy preferences (pp. 1-8). New York: ACM Press.
3. Amit, B., & Steve, M. (2003). Authentication in e-commerce. Communications of the ACM, 46, 159-166.
4. Anderson, B. B., Hansen, J. V., Lowry, P. B., & Summers, S. L. (2006). The application of model checking for securing e-commerce transactions. Communications of the ACM, 49, 97-101.
5. Antoniou, G., Batten, L., & Parampalli, U. (2008). Designing information systems which manage or avoid privacy incidents (pp. 131-142). Berlin: Springer.
6. Antoniou, G., Batten, L., & Parampalli, U. (2008). A trusted approach to e-commerce. In W. Jonker & M. Petkovic (Eds.), SDM 2008 (Vol. 5159, pp. 119-132).
7. Asami, T., Kikuchi, T., Rikitake, K., Nagata, H., Hamai, T., & Hatori, Y. (2002). A taxonomy of spam and a protection method for enterprise networks. In Information networking: wireless communications technologies and network applications (pp. 442-452).
8. Ashrafi, M. Z., & Ng, S. K. (2008). Enabling privacy-preserving e-payment processing. In Lecture notes in computer science (vol. 4947, p. 596).
9. Ashrafi, M. Z., & Ng, S. K. (2009). Privacy-preserving e-payments using one-time payment details. Computer Standards & Interfaces, 31, 321-328.
10. Barnard, L., & Wesson, J. (2004). A trust model for e-commerce in South Africa. In Proceedings of the 2004 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries (pp. 23-32).
11. Berendt, B., Günther, O., & Spiekermann, S. (2005). Privacy in e-commerce: stated preferences vs. actual behavior. Communications of the ACM, 48, 101-106.
12. Bhargav-Spantzel, A., Woo, J., & Bertino, E. (2007). Receipt management-Transaction history based trust establishment. In Proceedings of the 2007 ACM workshop on digital identity management (pp. 82-91).
13. Birnhack, M. D. (2008). The EU data protection directive: an engine of a global regime. Computer Law & Security Report, 24, 508-520.
14. Blomer, J., & Seifert, J. P. (2003). Fault based cryptanalysis of the advanced encryption standard (AES). In Lecture notes in computer science (pp. 162-181).
15. Burns, S. (2002). Unique characteristics of e-commerce technologies and their effects upon payment systems. GSEC (GIAC Security Essentials Certification)-Version 1.
16. Camenisch, J., Shelat, A., Sommer, D., Fischer-Hubner, S., Hansen, M., Krasemann, H., Lacoste, G., Leenes, R., & Tseng, J. (2005). Privacy and identity management for everyone. In DIM'05 (pp. 20-27). New York: ACM.
17. Carbonell, M., Torres, J., Izquierdo, A., & Suarez, D. (2008). New e-payment scenarios in an extended version of the traditional model. In Computational science and its applications-ICCSA 2008 (pp. 514-525).
18. http://www. scmagazineus. com/EU-Commission-says-payment-fraud-moving-to-the-internet/article/109505/: EU Commission says payment fraud moving to the Internet: Last Access: 02/02/2009.
19. Castañeda, J., & Montoro, F. (2007). The effect of Internet general privacy concern on customer behavior. Electronic Commerce Research, 7, 117-141.
20. Chang, E., Dillon, T., & Hussain, F. (2006). Trust and reputation for service-oriented environments. New York: Wiley.
21. Chau, P. Y. K., Hu, P. J. H., Lee, B. L. P., & Au, A. K. K. (2007). Examining customers' trust in online vendors and their dropout decisions: an empirical study. Electronic Commerce Research and Applications, 6, 171-182.
22. Claessens, J., Preneel, B., & Vandewalle, J. (1999). Anonymity controlled electronic payment systems. In Proceedings of the 20th symposium on information theory in the Benelux (pp. 109-116).
23. Cohen, M. I. (2008). PyFlag-an advanced network forensic framework. Digital Investigation, 5, S112-S120.
24. Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., & Reagle, J. (2002). The platform for privacy preferences 1. 0 (P3P1. 0). Specification 16.
25. Doherty, S. (2001). Keeping data private. Network Computing, 12, 83-91.
26. Dolev, D., & Yao, A. (1983). On the security of public key protocols. Information Theory, IEEE Transactions on29, 198-208.
27. Doney, P. M., & Cannon, J. P. (1997). An examination of the nature of trust in buyer-seller relationships. Journal of Marketing, 61, 35-51.
28. Ellison, C. M., Frantz, B., Lampson, B., Rivest, R., Thomas, B. M., & Ylonen, T. (1999). Simple public key certificate theory. Available at www. ietf. org/rfc/rfc2693. txt.
29. Fomenko, V. (2006). Generating virtual reality shops for e-commerce. Dissertation, Vrije Universiteit Brussel.
30. http://www. ecommercetimes. com/story/65918. html: Heartland Bleeds Data, Potential Victims Could Number Millions.
31. Hinde, S. (2005). Identity theft: theft, loss and giveaways. Computer Fraud & Security, 18-20.
32. Jaeger, P. T., Bertot, J. C., & McClure, C. R. (2003). The impact of the USA Patriot Act on collection and analysis of personal information under the Foreign Intelligence Surveillance Act. Government Information Quarterly, 20, 295-314.
33. Jakobsson, M., Mraihi, D., Tsiounis, Y., & Yung, M. (1999). Electronic payments: where do we go from here. In CQRE (pp. 43-63).
34. Jarvenpaa, S. L., Tractinsky, N., & Vitale, M. (2000). Consumer trust in an Internet store. Information Technology and Management, 1, 45-71.
35. Katsikas, S. K., Lopez, J., & Pernul, G. (2005). Trust, privacy and security in e-business: Requirements and solutions. In Proc. of the 10th panhellenic conference on informatics (PCI'2005) (pp. 548-558).
36. Komiak, S. X., & Benbasat, I. (2004). Understanding customer trust in agent-mediated electronic commerce, web-mediated electronic commerce, and traditional commerce. Information Technology and Management, 5, 181-207.
37. Konar, D., & Mazumdar, C. (2006). An improved e-commerce protocol for fair exchange. In LNCS: Vol. 4317. ICDCIT 2006. Berlin: Springer.
38. Kumaraguru, P., & Cranor, L. (2005). Privacy in India: attitudes and awareness. In Proceedings of the 2005 workshop on privacy enhancing technologies (PET2005) (Vol. 30).
39. Lacohee, H., Phippen, A. D., & Furnell, S. M. (2006). Risk and restitution: assessing how users establish online trust. Computers & Security, 25, 486-493.
40. Laudon, K. C., & Traver, C. G. (2005). E-commerce: business-technology-society (p. 377). New York: Prentice Hall.
41. Lim, B., Lee, H., & Kurnia, S. (2007). Exploring the reasons for a failure of electronic payment systems: a case study of an Australian company. Journal of Research and Practice in Information Technology, 39, 231-243.
42. Lorrie Faith, C., & Brian, A. L. (1998). Spam! Communications of the ACM, 41, 74-83.
43. Luo, H., Fang, B., & Yun, X. (2006). A counting-based method for massive spam mail classification. Lecture Notes in Computer Science (vol. 3903, p. 45).
44. Marshalla, A. M., & Tompsett, B. C. (2005). Identity theft in an online world. Computer Law & Security Report, 21, 128-137.
45. Mary, J. C., & Pamela, K. A. (1999). Information privacy concerns, procedural fairness, and impersonal trust: an empirical investigation. Organization Science, 10, 104-115.
46. http://www. securecomputing. net. au/News/126871, hackers-attack-forensics-tools. aspx: Hackers attack forensics tools: Last Access: 02/02/2009.
47. McCormick, J. (2009). Look out for fraudulent Microsoft digital certificates.
48. McKnight, D. H., Choudhury, V., & Kacmar, C. (2003). Developing and validating trust measures for e-commerce: an integrative typology. Information Systems Research, 13, 334-359.
49. Merkle, R. C. (1989). A certified digital signature (pp. 218-238). London: Springer.
50. Miyazaki, A. D., & Fernandez, A. N. A. (2001). Consumer perceptions of privacy and security risks for online shopping. Journal of Consumer Affairs, 35, 27-44.
51. Molloy, I., Li, J., & Li, N. (2007). Dynamic virtual credit card numbers. In S. Dietrich & R. Dhamija (Eds.), LNCS: Vol. 4886. FC 2007 and USEC 2007 (pp. 208-223). Berlin: Springer.
52. Moores, T. (2005). Do consumers understand the role of privacy seals in e-commerce? Communications of the ACM, 48, 86-91.
53. http://www. ecommercetimes. com/story/65568. html: Credit Card Firms Wail, Gnash Teeth Over New Consumer-Friendly Rules: Last Access: 02/02/2009.
54. Pan, Y., & Zinkhan, G. M. (2006). Exploring the impact of online privacy disclosures on consumer trust. Journal of Retailing, 82, 331-338.
55. Rajaraman, V. (2001). Electronic commerce. Resonance, 6, 6-13.
56. Ray, I. (2002). Fair exchange in e-commerce. ACM SIGecom Exchanges, 3, 9-17.
57. Ray, I., & Zhang, H. (2008). Experiences in developing a fair-exchange e-commerce protocol using common off-the-shelf components. Electronic Commerce Research and Applications, 7, 247-259.
58. Rivest, R. L., & Lampson, B. (1996). SDSI-a simple distributed security infrastructure. Manuscript.
59. Schneier, B. (1995) Blowfish. Applied Cryptography 336-339.
60. Seigneur, J. M., & Jensen, C. D. (2004). Trust enhanced ubiquitous payment without too much privacy loss. In Proceedings of the 2004 ACM symposium on applied computing, 1593-1599.
61. Senicar, V., Jerman-Blažic, B., & Klobucar, T. (2003). Privacy-enhancing technologies-approaches and development. Computer Standards & Interfaces, 25, 147-158.
62. Shu, Y., & Kanliang, W. (2009). The influence of information sensitivity compensation on privacy concern and behavioral intention. SIGMIS Database, 40, 38-51.
63. Smith, L. M., & Smith, J. L. (2006). Cyber crimes aimed at publicly traded companies: is stock price affected? American Accounting Association Southwest Region, Oklahoma City.
64. Spiekermann, S., Grossklags, J., & Berendt, B. (2001). E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior (pp. 38-47). New York: ACM.
65. Tan, H., & Guo, J. (2005). Some methods to depress the risks of the online transactions. In Proceedings of the 7th international conference on electronic commerce (pp. 217-220).
66. Teo, T. S. H., & Liu, J. (2007). Consumer trust in e-commerce in the United States, Singapore and China. Omega, 35, 22-38.
67. Thomas, P. V. D., Vishal, M., & Hamid, N. (2007). The effect of consumer privacy empowerment on trust and privacy concerns in e-commerce. Electronic Markets, 17, 68-81.
68. Ureche, O., & Plamondon, R. (2000). Digital payment systems for Internet commerce: the state of the art. World Wide Web, 3, 1-11.
69. Viganò, L. (2006). Automated security protocol analysis with the AVISPA tool. Electronic Notes in Theoretical Computer Science, 155, 61-86.
70. Vlastos, E., & Patel, A. (2007). An open source forensic tool to visualize digital evidence. Computer Standards & Interfaces, 29, 614-625.
71. Xie, M., Yin, H., & Wang, H. (2006). An effective defense against email spam laundering (pp. 179-190). New York: ACM.
72. Yun, Y., Yong, H., & Juhua, C. (2005). A web trust-inducing model for e-commerce and empirical research. In Proceedings of the 7th international conference on electronic commerce. Xi'an: ACM.