Privacy Threats in E-Shopping (Position Paper)
- Cite this paper as:
- Diaz J., Choi S.G., Arroyo D., Keromytis A.D., Rodriguez F.B., Yung M. (2016) Privacy Threats in E-Shopping (Position Paper). In: Garcia-Alfaro J., Navarro-Arribas G., Aldini A., Martinelli F., Suri N. (eds) Data Privacy Management, and Security Assurance. DPM 2015, QASA 2015. Lecture Notes in Computer Science, vol 9481. Springer, Cham
E-shopping has grown considerably in the last years, providing customers with convenience, merchants with increased sales, and financial entities with an additional source of income. However, it may also be the source of serious threats to privacy. In this paper, we review the e-shopping process, discussing attacks or threats that have been analyzed in the literature for each of its stages. By showing that there exist threats to privacy in each of them, we argue our following position: “It is not enough to protect a single independent stage, as is usually done in privacy respectful proposals in this context. Rather, a complete solution is necessary spanning the overall process, dealing also with the required interconnections between stages.” Our overview also reflects the diverse types of information that e-shopping manages, and the benefits (e.g., such as loyalty programs and fraud prevention) that system providers extract from them. This also endorses the need for solutions that, while privacy preserving, do not limit or remove these benefits, if we want prevent all the participating entities from rejecting it.