The growth of e-commerce during high-demand periods, such as Christmas and Black Friday, also leads to an increase in the number of cyber attacks in Brazil. To ensure the stability and security of their e-commerce platforms, many companies are already starting preparations to prevent their customers from facing issues during purchases.
This involves reviewing security vulnerabilities, slowness, and errors that can lead to attacks and frauds and affect both the user experience and the brand’s reputation. A study by PwC reveals that more than half of consumers (55%) would avoid buying from a company after a negative experience, and 8% would give up after a single unfavorable incident.
“Investing in the quality and security of digital systems not only avoids financial and image losses but also ensures a positive experience for users, strengthening trust in the brand and promoting success in high-traffic events,” says Wagner Elias, CEO of Conviso, a company specializing in application security (AppSec).
According to the expert, recent cases such as the Facebook data leak and failures in the Latam/Multiplus system highlight the importance of robust preparation at a time like this, given the increase in the number of attacks on companies’ security worldwide. According to a 2020 report from the Consortium for Information & Software Quality (CISQ), the number of system flaws increases by about 15% annually. Additionally, Security Magazine revealed that software failures caused a loss of 2.4 trillion dollars in the United States in 2022 and a growth of 1.52 trillion dollars in “technical debt,” referring to rework to correct deficiencies in software.
Application Security
The work of protecting e-commerce software is carried out by what is called application security, a market that is expected to grow worldwide, reaching $25 billion in 2029 (Mordor Intelligence).
It consists of having a comprehensive and detailed view of the vulnerabilities of a system and implementing defense mechanisms in an anticipatory manner. ‘In a comparative way, it works like this: when you park your car, you consider whether the place is safe and if there are measures to be taken to protect the vehicle. Similarly, problems are anticipated, and strategies are created to avoid risks,’ compares Luiz Henrique Custódio, TechLead at Conviso.
For Custódio, the ideal scenario would be for companies to constantly review their platforms to identify and correct possible security breaches, creating a security culture.
Furthermore, for major events, it is important for companies to invest in robust infrastructure and perform load tests to ensure that their systems can handle access spikes.
Consumers Should Be Alert
Wagner Elias, CEO of Conviso, emphasizes that caution is essential for both companies and consumers. However, for consumers, this involves following secure practices when browsing and conducting online transactions. ‘Always opt for secure payment methods, such as Google Pay, Apple Pay, or credit cards, which offer legal protection in case of issues with the seller.’
It also highlights the importance of keeping smartphone and PC software updated, as criminals often exploit security vulnerabilities in outdated systems. “Avoid downloading apps and software from suspicious sources, and if you need to download from a link, carefully check the information and reviews of the app,” Elias warns. “Beware of offers that seem too good to be true; they may hide fraudulent intentions.”
Fraudulent websites often mimic well-known stores to steal personal and financial information. Elias suggests other tips: “Always check if the site URL begins with ‘HTTPS’ and displays a padlock icon in the address bar. Fake sites usually do not have these features. Also, be alert to grammatical and typing errors, and make sure the site provides clear contact information, such as email, phone, and physical address”.
Other common fraud strategies include phishing scams, where criminals try to obtain personal information through fake messages, and fake apps, which often contain malware. “To avoid these problems, download apps only from official stores, like the App Store and Play Store. Also, be wary of pop-ups offering downloads of fake antivirus, as they can be used to steal sensitive data,” he concludes.
