International Journal of Network Security
Currently e-commerce system security focuses on mechanisms such as secure transactional protocols, crypto-graphic schemes, parameter sanitization and it is assumed that putting these in place will guarantee a secure e-commerce application. However, often vulnerabilities in the business application logic itself are often ignored that can make the effect of these security mechanisms null and void. Essentially, the weakest link can be at the server rather the client and ignoring this is done at a developer's peril. This paper focuses on this weakest link in e-commerce system.