Vulnerability Scanning of E-Payment GatewaysCategories
Course & option
Diploma in Infocomm Security Management
Vulnerability Scanning of E-Payment Gateways
Preshant Achuthan, Chan Kok Jing, Daryl, Cheong Jie Ning, Jacqueline, Xin Zhiyuan
Liew Chin Chuan (firstname.lastname@example.org)
The trend of online shopping has become an increasing phenomenon in today’s world, driven by the connectivity and convenience that came along with rapid technology advancement. Payment gateways play a crucial and central role in e-commerce. In the event that the payment gateway is compromised, banks are held accountable to the merchant for failure to receive the correct payment funds. Security of payment gateways is a major factor in ensuring that transactions made are genuine. However, banks are in no control of payment gateways employed by online shopping sites. Banks are concerned with the fact that payment gateways, or even the shopping site, may be vulnerable and susceptible to cyber-attacks. The problem to be discussed and further explored in this project – What can be done to help banks minimize payment processing risks stemming from vulnerabilities found in e- commerce sites & payment gateways?
The solution developed, SANTA, automates the whole processing of navigating to the checkout page of an e-commerce site and detecting the various payment gateways employed by the site. SANTA would then proceed on to scan these payment gateways to identify any potential vulnerabilities which may be present.
SANTA can be used by banks to automate this whole processing of identifying payment gateways used by an e-merchant and proceed on to check for any vulnerabilities present. This will greatly reduce the operating costs for banks as compared to running penetration tests on a regular basis.