In today’s global business environment, E-commerce is a good option for new entrepreneurs, startups, small businesses, and recently established enterprises. It is a powerful business transformation tool that offers companies the opportunity to enhance their operations, reach new markets, and improve their services to both customers and suppliers.
Nonetheless, E-commerce can only be fully leveraged through open networks, which require a high degree of confidence in the authenticity and privacy of transactions that are difficult to maintain in an untrusted public network, such as the internet. Hence, the importance of cryptography as a coherent, consistent approach to E-commerce security.
Cryptography is a method of protecting information and communications through codes so that only those for whom the information is intended can read and process it (Rouse, 2018). Within the field of cryptology, two main types of cryptography can be identified: Symmetric Key Cryptography (Private/Secret Key Cryptography) and Asymmetric Key Cryptography (Public Key Cryptography) (CGI, 2002). They are both convenient for cybersecurity.
Therefore, it is essential to understand how Cryptography delivers security and trust for E-commerce startups.
- Cryptography, a security tool for E-commerce startups:
The abolition of geographic distances characterizes e-commerce activities as they grant businesses exposure and access to a larger audience. Since trust is a critical factor in consumers’ online purchasing decisions, E-commerce’s rise depends heavily on the users’ confidence in the system.
However, because E-commerce businesses and startups, in particular, are vulnerable to online security breaches and cyber-attacks, business owners and customers are prone to serious security threats. The failure to address these risks adequately may eradicate the trust and cause even the most prudent business operators and clients to forgo the use of the internet and revert to traditional business methods (Marchany and Tront, 2002).
Cryptology is, effectively, pervasively used in cybersecurity. It is one of the primary technical methods for protecting the confidentiality and integrity of information. From this perspective, cryptographic tools can provide dual technical and legal certainty to E-commerce startups by:
- Applying Access control: Access control is a selective restriction of admissionto data. It consists of two main components, which are authentication and authorization.
- Ensuring confidentiality: A key component of information confidentiality is encryption. It protects data by making it unreadable until decrypted or unscrambled, using the correct cipher and key.
- Establishing authenticity and non-repudiation: Typically, non-repudiation refers to a situation where a statement’s author cannot successfully dispute its authorship or the validity of an associated contract (Wikipedia). In a legal setting, cryptography ensures authentication of both data in transit and data at rest, identifies senders and recipients to one another, and protects against repudiation.
- Ensuring integrity: Integrity of information refers to protecting information from being modified by unauthorized parties. A robust cryptographic technique can ensure the integrity of system software and the accuracy of the information regularly.
Despite significant progress in cybersecurity via cryptography, vulnerabilities continue to exist. Hence, the need to ensure the capability to recover if systems fail, keys are lost or compromised, etc.
- Cryptography, an evidence tool for E-commerce startups.
E-commerce startups’ sustainable growth depends on consumers’ faith in effective technologies and a clear legal framework that could guarantee the security of electronic transactions. Conveniently, cryptographic technologies provide precisely the required infrastructure.
Nonetheless, their utilization demands that evidence law statutes be modernized to grant tolerability and legal value to electronic records and signatures – with conceivably some economic incentives thrown into startup the necessary infrastructural investments.
Providing a legal framework alongside a good technical infrastructure for non-repudiation in E-commerce startups makes commercial transactions more efficient and secure, less costly, and gives consumers and companies greater commence in their online transactions. In addition, it helps in incident response and remediation activities once the company realizes that a breach has happened (Brown, 2018).
With that in mind, numerous initiatives arose to build a futuristic legal Framework for digital evidence. The European Union (EU), for instance, approved in 1999 a directive giving digital signatures on contracts consented over the internet, the same legal status as their hand-written equivalents. Moreover, in 2000, the U.S. House of Representatives and Senate approved a digital signature. Also, in October 2019, China’s National People’s Congress passed the “Cryptography Law” aiming at “regulating the utilization and management of cryptography, facilitating the development of the cryptography business and ensuring the security of cyberspace and information” (State news agency Xinhua).