Last updated: Shedding light on the dark web: Impacts on mainstream commerce

Shedding light on the dark web: Impacts on mainstream commerce

0 shares

Listen to article

Download audio as MP3

When you hear the terms “deep web” or “dark web”, what comes to mind? The answer is probably not anything to do with mainstream digital commerce, and yet the dark web poses major threats to everyone doing business online. Surprisingly, it may also offer opportunities for the future of commerce. Let’s see how.

A brief explanation of the deep web and dark web

When we refer to the deep web, we’re talking about the portions of the web that are not indexed by Google and the other search engines. While Google has built a massive web index in excess of 100,000,000 gigabytes, that’s only a fraction of the total content available on the internet. Calculating the true size of the deep web—quantifying a known unknown—is no easy task. However, there are numerous estimates that speculate that between 85 to 90 percent of the web is “invisible” and subsequently not crawled and indexed by search engines.

By and large, the deep web, sometimes referred to as the invisible web, is not particularly scary. The vast majority of the deep web is made up of things like academic repositories, library archives and state/federal government databases. With the right web address and credentials these sites are accessible via standard web browsers over a standard internet connection. Since these are primarily niche sites not intended for use by the general public, there is no benefit for them to be indexed, so they remain a hidden and harmless part of the Internet.

The dark web is the encrypted layer of the deep web. It offers users the ability to securely and anonymously access the internet without being traced. This is accomplished via tools created through the Tor project.

Originally developed by the U.S. Naval Research Laboratory, Tor is short for The Onion Router. In simplified terms, Tor is a distributed, virtual network that randomly bounces encrypted web traffic between point A and point B. Using a Tor client and browser to access the network, a user’s traffic hops across numerous servers within the network, creating successive layers of cover that make tracking a user’s web movements virtually impossible. An additional feature of Tor, Hidden Services, allows for the creation of websites that, using a dot onion domain (.onion), can also take advantage the technology.

When a Tor user connects with a Tor site, their meeting point is a randomly generated URL combined with a random network connection that establishes anonymous communications in both directions. This does not render a Tor user entirely invisible. Anyone monitoring web traffic won’t know what a Tor user is doing or where they’re doing it, but they’ll know they’re doing something. An additional level of security can be added by using a VPN to access Tor.

This powerful, privacy-driven technology enables government agencies and the military to communicate securely, whistleblowers to connect with journalists to expose corruption, and tens of millions people around the world to circumvent country-level internet censorship to freely access the Internet. It also serves as an enablement tool for many of the web’s bad actors. This is where threats to every legitimate merchant flourish, and why we should all be concerned enough to do something about it.

The threat to merchants

The dark web provides an environment for experienced hackers to coordinate sophisticated attacks, would-be cyber-criminals to purchase hacking kits, stolen credit card and identity information to be auctioned to the highest bidder, the trafficking of stolen and counterfeit goods, and some forms of money laundering, often involving bitcoin, to take place. Collectively, these threats hit at the very core of what enables all forms of commerce: trust

As more merchant sites are compromised, and consumers/businesses victimized, the shadow of doubt begins to be cast over the entire industry. We’ve come too far to experience a broader pull-back in the overall growth of digital commerce. Yet, we’ve also reached a point where consumers and business users can exclude any, or most, brands in favor of the few that are capable of earning and retaining their trust.

As everyone benefits from the free and open nature of the internet, the question is whether the industry is doing enough to directly combat these threats. Relying solely on law enforcement agencies to confront the problem is not sufficient. Conducting business-as-usual is not the answer. It brings us no closer to solving these problems; it also creates an economic dilemma not unlike the tragedy of the commons.

It’s time to take action. This could start with organizations like NRF/Shop.org becoming more vocal in advocating on behalf of merchant security, potentially raising funds to combat these threats head-on, and publicizing these efforts to bolster consumer confidence. This could continue with individual merchants taking efforts to make digital commerce more secure.  

Opportunity in the darkness?

When I mention opportunity within the dark web, I’m not referring to a yet-to-be-launched ultra-exclusive, invitation-only commerce site—though its time will come. The immediate opportunity exists in the very technology itself.

Did you know Facebook operates a version of its site on the dark web? Facebook launched the site in 2014 to provide direct access to Tor users, who, previously, were often flagged as hacked accounts when accessing Facebook. This offers their privacy-conscious users an alternative way to connect to the site, and enables access for people in many countries where Facebook is blocked and otherwise unavailable, boosting overall user engagement.

With the hidden services site in place, all communications outside of Facebook are anonymous and encrypted. However, once logged in, Facebook is able to collect information on all user actions within the site, providing it with the data that is the lifeblood of its business. Just as SSL, HTTPS, and credit card tokenization have become default security protocols for transactional sites, Tor hidden services may be the next frontier in website security for online merchants.

Like Facebook, operating a hidden services site would run in parallel to, not in place of, an existing ecommerce site. This would come with some necessary trade-offs. Ad retargeting (a cost-effective, but flawed approach to engagement) would not be possible for these users, for example. On the flipside, it would provide these same customers with a level of protection not currently available. This offers customers a benefit that could go a long way toward instilling confidence and loyalty in a particular brand.

As privacy concerns become more widespread, the user-base for services like Tor will only grow. This provides more incentive for merchants to experiment with this technology. For companies that are early adopters, this would, at least temporarily, offer security as a competitive advantage. And a competitive advantage, no matter how short-lived, is certainly worth pursuing.

Flexible. Agile. Future-proofed.
The power of hybrid, composable commerce is real.
Discover real-life examples of success HERE

Search by Topic beginning with