(The Hosting News) – Working with Indiana University, Microsoft Research recently discovered a security flaw with how online cashier systems operate. The flaw centered around how Amazon.com payments were conducted and allowed users to complete online orders at free or discounted rates. The final effect was deceiving the online retailer into believing that a payment had been made in full.
The vulnerability was exposed through the online retailer’s shopping cart. The researchers were able to set their own prices for items including a magazine, a power strip, and a blood-alcohol level device. Once the problem was discovered, Amazon was quickly notified and fixed the problem.
However, similar vulnerabilities in online shopping could affect various online retailers on a larger scale. The researchers from Indiana University will present the results of their study at next month’s IEEE Symposium on Security and Privacy.