HTTPS Hacking Protection

In general, e-commerce sites utilize SSL to ward off the authorized detection and decoding of confidential data over a network. In most cases, the communication between Web browser and e-commerce Web server uses HTTPS protocol. However, the communication often induces some drawbacks, simply denoted by hole. This, in addition, furnishes an opportunity for a hacker to manipulate the data, i.e. decoding the data, using SSL-MITM (SSL Man in the Middle) technique. According to the trials in an experiment with auditor security collection, the results illustrate a hacker and a victim who are on the same local area network; the hacker could be able to decode confidential data (password or credit card number) with the possibility of more than 50 %. This paper presents 3 different methodologies to prevent the decoding using SSL-MITM on the confidential data which normally traverses over e-commerce Web sites. In addition, the evaluation of 3 schemes is conducted to show the degrees of efficiency of the techniques. Furthermore, this information can be preliminarily utilized as a factor to increase the security of e-commerce website.