E-commerce (electronic commerce) is the buying and selling of goods and services, or the t, High school final essays of Biology

Download E-commerce (electronic commerce) is the buying and selling of goods and services, or the t and more High school final essays Biology in PDF only on Docsity! UNIT-I What is E-commerce? - E-commerce is not E-business-the drivers-Myths you should know- Advantages and Issues in E-commerce-Benefits and Limitations of the Internet-Role of E-Strategy- Integrating E-commerce-E-commerce Business Models. WHAT IS E-COMMERCE? E-commerce is selling goods and services on retail level with anyone, anywhere over the internet. 1. Communication Perspective:-  E-commerce is the ability to deliver products services information (or) payments via Network like internet. 2. Interface View:-  E-commerce means information and transaction exchange: B2B, B2C, C2C, and B2G. 3. Business Process:-  E-commerce means activities that support commerce electronically by networked connection. 4. Online Perspective:-  E-commerce is an electronic environment that allows sellers to buy and sell product services and information on the internet. 5. Structure:-  E-commerce deals with various media like data, text, webpage, internet telephoning and internet desktop video. 6. Market:-  E-commerce is a worldwide network. A local store can open the website and find at its door step- that include customer, suppliers, competitors, and payment services advertising agencies. E-COMMERCE IS NOT E-BUSINESS  E-business is conduct of business on internet, in supply chain planning, tracking fulfilment, involving and payment. E-business Goals:-  Reach new market.  Build customer loyalty  Enrich human capital  Market use of existing and emerging technologies  Achieve market leadership and completive advantage One example of e-business is SAP.SAP has customer for the business development E – Commerce  E-commerce is selling goods and services on retail level with anyone, anywhere over the internet 1  It includes new business with good efficiency and effective information exchange between E- merchant and customer via website.  An example E-commerce is www.amazon.com E – Commerce Advantage  Companies share information with competitors  Suppliers share information with buyers  Corporate is not layer determined on prize  Financial transaction occur with involvement of banks THE DRIVERS  Digital convergence has made it possible for digital device to communicate with others (video, film)  Anytime anywhere & anyone- Now a day’s e-commerce is available to anyone, anywhere in the world ,24 hours,7 day(24/7)  Changes in organizations-small companies make communication with big organisation for develop the business, E-commerce which make this communication is easy function)  Increasing pressure on operating costs and profit margin’s-Global competition of the product is vast. E-commerce addresses these concern quickly, efficiently.  Demand for customized products and services-Manage the customer pressure on the particular product MYTHS (Believes)  Setting up a website is easy-There are technology,networking,and design criteria  E-commerce means no more mass marketing-It is a commercial channel enable cost-effective, one to one marketing.  E-commerce means a new economy  E-commerce is revolutionary- It create a new way to marketing the product  All product can sold online using identical business model -Different product need different selling techniques  Team work -Email is the example that exchange the information  Build it and they will come  The middleman is out ADVANTAGES IN E-Commerce  Lower cost to the E-MERCHANT –It reduce problem, cost of purchase and selling  Economy-E-commerce is economical, that has no rental, insurance, infrastructure  Better customer service-Better customer service. Calling company by phone.  High margins (control and flexibility)  Quick comparison shopping-It compare product and price  Team work (suppliers vendors business partners and customers)  Growth in knowledge markets (create knowledge markets now ideas)  Information sharing conventions and control no traffic jams(no rounds and 24 hours a day 7 day a week heavy shopping bags)  Customization (takes and pretences) ISSUES IN E-COMMERCE  The cost factors(E-Commerce need infrastructure, website, networks, server, terminals)  Security (spamming, spying, file corruption and malicious misuse)  System and data integrity (data protection and integrity of the system that handle data).  System scalability  E-commerce is not free (deep, packets and smart funding ) 2  Like any new entrant B2G comes with its own set of difficulties. E-COMMERCE BUSINESS MODELS  Business models with in 13 type of model.  Free e-mail services have business model free home pages fit into a business model. Storefront model:-  This is an e-commerce site that products or goods from a price the business provides a web site with product information a shopping card and online ordering mechanism.  Users select and buy and place an order through the shopping cart.  The storefront model is typical of physical goods and service like books computer or a pizza delivery services. Click-and mortar model:-  It combines a website and physical store.  Physical stores promote to website user return unwanted items Built To Order Merchant Model:-  A manufacturer such as a computer vendor can use this model by offering goods or services and the ability to order customized versions.  The customized product is then assembled individually and shipped to the customer.  This provides added value to consumers and allows the manufacturer to create only those products that will be sold. Service Provider Model:-  A pizza delivery service can operate on a pay item basic, but many internet based services cannot easily operate this way.  It is often difficult to define the”product”sold or to what price to charge.  Some service providers provide advertising-based access to their service, hoping to recover the costs through revenue from the advertisers. Subscription- Based Access Model:-  Many service operators provide subscription-based access to their service.  A visitor pays a fixed fee par month or year in return for unlimited access to the service.  Access beyond a certain limit is subject to a surcharge.  This model is typical for accessing databases with articles, news, and patents as well as Prepaid Access Model:-  Services like telephony offer payment by the minute and are handled via a subscription.  A viable alternative is prepaid access, where users pay a certain amount for access to the service for a certain time period or content.  To paying for a prepaid telephone card, which can be renewed for the same charge. Broker Model:- 5  Brokers are market makers. As intermediaries, they bring buyers and sellers together and facilitate transactions between them those can be business-to-consumer(B2C),business-to- business(B2B),OR  Consumer-to-consumer (C2C) markets. A broker makes money by charging a fee for every facilitated transaction or a percentage of the price of the transaction.  The brokers a reward for finding a person, thing, idea, or other desired but hard-to-find item.  A software agent or “robot” that looks for price and availability for a good or a service.  www.mysimon.com . Advertiser Model:- A site offers free access to something and shows advertisements on every page. A user clicks on an advertisement and goes to an advertiser’s page. The advertiser pays the site operator for showing the advertisement. There are two main types of business advertiser models-targeting advertisers and updating advertisers. An advertisement related to the topic at hand on the site gets higher exposure and click-through. The site operator earns more money if it places targeted advertisements. Portal Site Model:- In this business model, a portal offers one-stop access to specific content and services like news, stock information, message boards, or chat. The portal site can then target its ads based on the personalization. Free Access Model:- Users are given something for free, but with advertisements. A free web space provider typically provides advertising banners at the top or bottom of its sites. Electronic greeting cards are sent with a personal message and an advertisement. Virtual Mall Model:- A virtual mall is a hasting site for many merchants, service providers, brokers and other businesses. Virtual mall operator chargers a fee for setting up and maintaining the merchant’s”booth” and for including the merchant in the sitewide catalog. The virtual mall can act as an intermediary between customers and the business it hosts by facilitating payment. Virtual Community Model:- Virtual community is a web site that attracts a group of users with a common interest who work together on the site. Users share information and make contributions in other ways. Infomediary Model:- An infomediary collects evaluates and sells information on consumers and their buying behavior to other parties who want to reach those consumers. A visitor is offered something for free, like free hardware or free internet access, which allows the infomediary to monitor the visitor’s online activities. The information gathered can be extremely valuable for marketing purposes. The infomediary needs to keep track of its users. This allows intersession tracking of user’s site usage patterns and thereby generates data. UNIT-II 6 Mobile Commerce: The Business of Time: What is M-commerce?-How Wireless Technology is employed: Bluetooth- Satellite Technology- 2G Digital Cellular Technology-Wireless LAN-Wireless Application Protocol: How WAP Works-WAP Benefits-WAP Limitations. WHAT IS M-COMMERCE?  Imagine receiving an important e-mail while you’re out to lunch or away on business, or checking your stock portfolio on the way to the airport.  M-commerce is the transmission of user data (e.g.-mail, spreadsheet) without wires. It is also the management of the processes that handle the product or service needs of a consumer via a mobile phone and the use of wireless devices to facilitate the sale of products and services anytime, anywhere.  This technology takes into account a viable relationship between a mobile phone and a person to generate a business opportunity that normally.  M-commerce also refers to business transactions and payments conducted in a non-PC-based environment.  M-commerce is not about selling products or services on a mobile device. That is part of m- commerce but does not include the personal role played by a mobile phone.  Information-based consumer services like searching the Web for restaurants or movies using a data enabled cellular phone or sending e-mail.  Transaction services as downloading and listening to digital music in a wireless setup, making purchases by using a cellular device.  Location-centric, personalized services that anticipate your purchases based on your location and data stored in your “profile”, by product, time of the year. HOW WIRELESS TECHNOLOGY IS EMPLOYED:- BLUETOOTH  Bluetooth is a universal, low-cost, low-powered wireless technology that uses short-range radio frequency (RF) to hook up wireless connectivity among computers, scanners, and printer.  It allows any Bluetooth-enabled device to communicate with other similar devices that allow electronic devices to communicate and share information without action from a user, wires, or cable.  These devices include cell phones, palm pilots, computers, home appliances, headphones, and keyboards.  Bluetooth communicate on a radio-frequency band of 2.45 gigahertz radio spectrum to wirelessly connect devices within 10 to 100 yards. Bluetooth SIG:-  Bluetooth (SIG) to develop standards for the technology, hoping toSpecial Interest Group expedite its development and final adoption. One of the SIG’s the world. Bluetooth is supported by over 2500 hardware/ software manufacturers who make up the SIG.  The SIG divides itself into two categories: Promoter members and associate companies work together like a board of directors to make decisions for the SIG. the associate companies are members of different work groups.  Bluetooth user short range radio links to allow wireless communication between computers and all types of portable electronic devices, forming small, private networks.  It creates a common language between various electronic devices that makes it possible for them to communicate and connect with one another.  The key Bluetooth features include low cost, low power consumption, low complexity, and robustness. Bluetooth-enabled laptops can communicate with palmtops and mobile phones synchronize schedules and contacts. 7  Palm pilots function like cellular phones. The communication between a PDA and a personal computer is referred to as data synchronization.  These devices are all located in the microprocessor, which servers as the brain of the PDA .  The microprocessor coordinates all of the PDA’s function according to programmed instructions stored in the operating ss function according to programmed instructions stored in the operating system.  The microprocessor also must connect to the mobile telecommunications switching office (MTSO)located in a certain cell site. Cellular phones  Wireless communications work around specific cells or geographic areas.  Cellular radio provides mobile telephone service by employing a network of cell sites distributed over a wide area.  A cell site contains a radio transceiver and a base station controller, which manages, sends, and receives traffic from the mobiles in its geographical area to a cellular telephone switch. It also employs a tower and antennas and provides a link to the distant cellular switch, the mobile telecommunications switching office.  This MTSO places calls from land-based telephones to wireless customers, switches calls between cells as mobiles travel across cell boundaries, and authenticates wireless customers before they make calls.  When the cell phone receives the SIC, the phone compares it to the SIC programmed into the phone. If the SICs match, the phone knows that the cell it is communicating with is part of its home system.  The SIC, the phone also transmits a registration request, and the MTSO keeps track of the phone’s location in a database.  Once the MTSO gets a call, it tries to find you and your phone.it looks in the database to see which cell site you are in. the MTSO then picks up a frequency par that your phone will use in that cell to take the call.  The two base stations coordinate with each other through the MTSO.  The MTSO of the cell site that you are roaming in contacts the MTSO of your home system, which then checks its database to confirm that the SIC of your cell phone is valid.  Your home system verifies your phone to the local MTSO, which then tracks your phone as you move through the cell sites. WIRELESS LAN  The technology uses radio waves unbounded by the physical constraints of cabling and walls to connect laptops and other electronic devices to a LAN.  A WLAN is identical to a regular LAN, except that the devices are wireless.  Each computer has a wireless network interface card (WNIC)with an antenna built into it.  It is designed to receive the signals and transmit them to the WNIC.  WLAN design is flexible it only travels 150 feet. 10  Wireless LANs lack built-in security, leaving business network open to potential hacking. Security can be strengthened by adding higher-level encryption. FACTORS TO CONSIDER  For an organization to adopt wireless LAN technology, several factors must be considered.  RANGE AND COVERAGE: The interaction between the airwaves and objects can affect how the energy propagates. Most WLANs use radio frequencies to allow the penetration of most indoor walls and objects. WLAN infrastructure has a range of less than 100 feet to more than 300 feet. This coverage can be extended to allow roaming through the use of microcells.  THROUGHPUT: The actual throughput or performance of a WLAN varies from system to system. The throughput for most commercial WLAN configurations is 1.6 Mbps and now more commonly 11 Mbps. These data rates provide enough throughputs for most productivity applications such as e-mail exchanges.  SECURITY AND INTEGRITY: Wireless technology originally was developed for military applications to provide a secure and reliable means of communication. Today’s WLANs have strong security measures built in making them more secure than most wired LANs.  COST AND SCALABILITY: The cost of a WLAN includes the infrastructure cost (access points) and user cost (WLAN adapters).  USER COSTS: These depend on the number of wireless LAN adapters (one per client device) and the cost of installing and maintaining a WLAN.  STANDARDIZATION OF WLANS: Widespread acceptance of wireless infrastructure depends on industry standardization to provide compatibility and reliability among vendors and manufacturers. WIRELESS APPLICATIONS PROTOCOL  Wire Internet services are in high demand because the digital cellular network continues to be a rapidly growing market.  WAP is basis for the mobile Internet.  Embrace existing standards and technology wherever possible  Create worldwide wireless protocol specifications that will work across differing wireless network architectures.  Bring internet content to digital cellular phones and other wireless terminals and devices.  With WAP a sales representative can access data such as the status of a customer’s recent order, review past buying history.  The WAP concept is straightforward. Cellular devices are connected permanently to a wireless network.  Internet protocol layer to the network, these devices and millions or user can be connected permanently to the Internet without having to dial in. With this protocol, one is able to access the internet and keep to touch with anyone, anywhere, anytime, via a micro browser -equipped wireless phone.  You call up her account through a secure connection.  This type of interactive electronic exchange marks the dawn of the mobile internet revolution. HOW WAP WORKS? 11  When one accesses a web site from a PC web browser, the user requests data and the server sends that data in the form of HTML over an IP network.  Web browser converts the performs the role of a PC web browser. It requester data from a web site via a WAP gateway that acts as a “go-between” for a web browser and a web server.  It translates the web mark up language (WML) to or form HTML. A mark up language is a way of adding information to content that tells the device receiving the content what to do with it.  It specifies the format and presentation of text and the hierarchies of pages, and it links their pages.  The protocol gateway converts user requests from the WAP protocol stack (HTTP and TCP/IP).  Encoders and decoders convert WAP content into compact encoded formats to reduce the size of data sent over the network. Wireless Application Environment (WAE)  A WAP element that establishes an interoperable environment to allow operators and service providers to build applications and services for a large variety of wireless platforms. Wireless Mark Up Language (WML)  Based on XML, Mark-up language that has garnered enormous support due to its ability to describe data, unlike HTML  ,which is used to describe the display of data Wireless Session Protocol (WSP)  A WAP element that decides whether a network and a device will communicate back and forth or whether data will be transmitted straight from a network to the device. Wireless Transaction Protocol (WTP)  A WAP layer that ensures that data flow from one location to another efficiently based on a request/reply paradigm. Wireless Transport Layer Security (WTLS) 12 Key B2B Entities 4. JIT deliverer. Focus on just-in-time delivery. This phase of B2B is critical because ensuring delivery of items just when they are needed means savings in time and money. 5. Web-based platform. Focus on the Internet, intranets, and extranet connects islands of information on separate computers within the firm. An extranet is a dedicated network between business partners on the Internet. 6. B2B Tools. electronic data interchange (EDI) Focus on and software agents. EDI is the electronic exchange of business documents like bills, orders, and shipping notices between business partners. EDI is designed to convert proprietary data into a format that can be transmitted electronically. 7. Focus on Integrating B2B withBack-end technical support. Enterprise Resource Planning (ERP). technical infrastructure such as ERP, database management systems, and intranet data flow means keeping most information traffic on the supplier’s servers. 15 B2B vs B2C Essentially, the following characteristics differentiate them. Contrast between B2C and B2B The connection mechanism. In B2C, the connection mechanism is consumer-to-system. In B2B, one business uses a Web browser to interact with a Web server application of another business. Types of relationship. The relationship in B2C mainly involves placing orders and executing payments. In B2B, the relationship focuses on online procurement, order fulfillment and work – in – process tracking for high – volume transactions. Nature of Control. The control mechanism in B2C is unidirectional. The seller controls the relationship with the consumer. In B2B, control ranges from one – sided control to peer – to – peer setups, depending on the nature of the relationship between the two businesses. Nature of Needs – Based Segmentation. Needs – based segmentation is more focused in B2B than in B2C, which tends to drive down costs and Procurement. For example, GE developed a Web – based TPN (Trading Process Network) that allows suppliers to bid on component contracts. This $1 Billion per year business reduces procurement time by half and processing costs by at least one third. Sales Complexity. The level of sales complexity is higher in B2B than B2C. Many products are purchased as parts for other products, making the relationship more like a partnership. Bigger purchases mean bigger discounts and prices are nearly always negotiable. Large business also use sophisticated computer systems to exchange invoices with suppliers, whose Web sites must be integrated to do business. 16 ADVANTAGES AND DISADVANTAGES OF B2B B2B e – commerce is e – commerce between business. It is a worldwide bazaar where4 one can buy anything, from paper clips to oil tankers. The goal is to save money on purchases that are negotiated instantly. Suppliers use the purchaser’s Web site to respond to bids and sell excess inventory. Replacing a purchasing bureauracy with online links means savings, improved efficiency in ordering material, amny fewer errors and a just – in – time environment that minimizes inventory sitting in the warehouse. Electronic alliances with distributors, suppliers, resellers, and other partners generate information for businesses regarding customers, products, suppliers, transportation, inventory, competitors, supply – chain alliances, and marketing and sales. Businesses have access to customers sales history ; product sales history; terms and discounts; product offerings and availability; and promotions, sales, and marketing information. They also can get shipping schedules, inventory locations, carrying charges, and response time for inventory replenishment. They can learn about roles and responsibilities in supply – chain alliances and available partners, along with competitors, products and market share. Supply – Chain Management And B2B Supply – Chain management (SCM) refers to overseeing materikals, information, and fincnces as they move in a process from supplier to manufacturer to wholesaler to retailer to consumer. It involves coordinating and integrating these flows within and among companies. The ultimate goal is to reduce inventory on the assumption that products are available when needed. As a solution, sophisticated SCM systems with Web inter – faces are competing with Web – based application service providers (ASP) who promise to provide part or all of the SCM service for companies who rent their service. There are two main types SCM systems: planning applications that use advanced algorithms to decide on the best way to fill an order and execution applications that track the physical status of goods, management of materials, and financial information involving all companies involved. The classic model of company vs company is giving way to supply chain vs supply chain. Success is now measured by assembling a team of companies that can rise above the win/lose negotiations of conventional trading relationships. It means working together to deliver the best products at the most attractive price. In terms of relationships between businesses. B2B can best be explained using the supply – chain process. The supply chain represents all the events associated with the flow and transformation of goods from the raw material stage to the end – user customer. It is the process of moving goods from the customer’s order through raw materials, parts supplier, production, wholesaler, and retailer to the end customer. This process includes order generation order taking, status feedback, and timely delivery of goods and services. B2B Supply – Chain Collaboration A B2B supply chain requires collaboration among a group of manufacturers, retailers and suppliers using the Internet to exchange business information and work jointly at forecasting demand for their products, developing production schedules, and controlling inventory flow. There are many benefits: reduced inventory, higher sales, improved ability to customize products for different business buyers, and reduced production costs. The main challenge is establishing trust among partners to 17 SUPPLY – CHAIN MANAGEMENT (SCM) In each firm, transactions are processed differently. Orders, production scheduling, and other internal processing also are handled differently. B2B integration means interacting with these heterogeneous systems without being tied to one specific system technology. There are other challenges as well. If the buyer is not providing a prompt and, reliable stream of information to the supplier, the vendor is unlikely to produce the necessary goods in a prompt and consistent manner. Suppliers also have other companies they cater to. The criteria used for B2B integration, then, depends on how close a relationship an organization wants to establish with another, how much agreement is required between them, how complex the integration must be, and whether it threatens their autonomy. Embedded in any agreement among partners is the availability of a way to manage partners in a supply chain. Called partner relationship management (PRM), this system is a new phase in B2B. Integration. It focuses on how partners engage each other on a regular basis. THE TRUST FACTOR "Every vendor wants to know three things {company budget, the area where critical operations have the highest priority and who in the organization makes the final decisions. What is the chain snaps? With so many suppliers, vendors, retailers, financial institutions and intermediaries making up the supply chain, what happens when one of the links snaps or is temporarily inactive? B2B Models B2B e – commerce based on who controls the marketplace: buyer, supplier, or intermediary. Each model is explained in the following sections. Buyer – Oriented B2B As shown in figure the buyer loads products via a catalog or a directory, with specific requests regarding make, model, size, price, and so on. Outside suppliers access the catalog, decide what product they want to bid on, send the information to the buyer, and hope to be the lowest bidder. Supplier – oriented B2B The supplier-oriented B2B model is close in design to the B2C model. A manufacturer or a supplier invites individual consumers as well as business customers to order products via its electronic store. 20 Buyer Oriented B2B Model Supplier – Oriented B2B Model Electronic Auctions In an auction, a seller offers a product or an item for sale. This is called “putting n item up for bid” because the seller does not put a price on the item. Interested buyers get information about the item and offer bids – prices they are willing to pay. An auctioneer, who handles the whole process, keeps the auction going until the bids are closed. In some cases, the product was misrepresented, and in others the product was never delivered. Once a transaction is completed, the successful buyer and seller are requested to record feedback about each other. Other mechanisms to handle improper trading behavior are buying an insurance program or installing an escrow program. An escrow program accepts payment from the buyer through a third party that holds the funds until the buyer inspects the purchased item and decides whether to accept or reject it. 21 Forward Auctions One seller entertains bids from many buyers. This seller controlled model allows the seller to post products or services it wants to sell via its auction web side. Buyers view the offer and submit competing bids. Sometimes, buyers can see other buyers bids and respond to them. Sometimes the auction is blind, and bids are sealed from competing buyers. After the expiration date the seller reviews the bids and selects the highest one. Payment and fulfillment are handled through normal electronic channels. Forward Auction Model Reverse Auctions A reverse auction generally is used to solicit bids, and the lowest bidder wins. It is buyer controlled: Buyers post the goods they want to buy, and sellers compete to provide them. The buyer pits suppliers against one another in a bidding war. Reverse Auction Model 22 The process is labor intensive and promotes delays and waste throughout the entire purchase cycle he alternative is EDI. The buyer's EDI computer generates the purchase order transaction in its purchasing application (the same step it took in the traditional method ;). The purchase order transaction is transmitted directly to the seller’s EDI system in machine-readable EDI standard generated by the buyer's EDI system. The seller's EDI system sends an acknowledgment notice to the buyer’s EDI system after it passes the order information to the receiving order entry application for processing. The processing is handled like any incoming purchase order. The seller's EDI system communicates with the company’s network to activate shipping and billing. It also generates shipping confirmation to the seller and a copy to the buyer. The buyer's EDI system sends an electronic payment to the seller’s computer. EDI is a fast and efficient way of handling business transactions. All communications occur through the interactive EDI servers of the buyer and the seller. It speeds up the business exchange between buyers as well as between seller and seller. Well - known retailers like Wal-Mart, Proctor & Gamble, and Levi Strauss could not have been successful without the quick response, fast product delivery, speed, data integrity and standardization that EDI offers. Traditional Information Flow between Buyer and Seller Information flow between Buyer and Seller with EDI 25 ADVANTAGES AND DRAWBACKS EDI has three tangible benefits 1. Cost reduction and time savings. By eliminating unnecessary paperwork information flow becomes more efficient. The seller's EDI computer sending acknowledgments and electronic billing climinates the paper invoice, for example. 2. Improved B2B problem resolution. This improves trading partner relationship. In most cases, partners cooperate on how to set up EDI and its various: applications. The result is improvement in information sharing and cooperation. 3. Accuracy with integrity. Eliminating data entry means improved accuracy in the way data ate processed. Despite the benefits, EDI has definite drawbacks 1. EDI is expensive and requires a heavy investment to launch and maintain the technology. 2. Every contact requires special hardware and software. 3. EDI requires expensive VAN networking to operate at peak efficiency, only high-volume, large trading partners can afford this investment. 4. EDI is not easy to use, learn, or implement. Justifying EDI: Under what conditions could a business justify implementing EDI? We know that EDI is a candidate if the business situation is paper intensive, people intensive, and requires fast information processing of delivery of goods. 1. Volume of data. Companies that handle a large volume of data am a regular basis find EDI a welcome relief. 2. Frequency of document transmission and reception. EDI is justified when documents are sent and received frequently. 3. Content sensitivity. International contracts or orders make the content highly sensitive for accuracy. 4. Time sensitivity. Internal information processing procedures are also quick and accurate. Web based EDI FINANCIAL EDI This specialized EDI centers on the electronic transmission payments between a Payee and a payer via their respective banks. Financial EDI 15 part of B2B because it allows businesses to replace the labor – intensive activities of collecting, disbursing and processing payments with an electronic system. 26 It also improves the certainty of payment flows between trading partners bank accounts. Two main types of noncash payment procedures are presently in use for B2B payments: bank checks and electronic funds transfer (EFT). Checks are used worldwide; they are instruments of payment by which payees collect funds from payers. If payee and payer have an account with the same bank, the bank's check processing system simply debits the payer's account and credits the-payee's account by the same amount. In the evening, the not on us checks are processed through an automated clearing-house (ACH). If the payer's bank says the account against which the check is drawn is invalid, closed, or overdrawn, ACH returns the check to the payee’s bank marked “insufficient funds,” “account closed,” and so on If the payer’s bank acknowledges the account and the amount as valid, ACH instantly processes a debit to the payer's account and a credit to the payee’s account. EFT is the transfer of credit between banks, where payments flow electronically from the payer’s bank to the payee’s bank. Federal Reserve’s system called Fed Wire. Or through the Clearing House Interbank Payments System (CHIPS). EFT is one of the earliest examples of online payment systems in banking. The two primary ACH services are 1. Preauthorized credits for example, a university depositing payroll in faculty/staff’s respective banks. 2. Preauthorized debits, such as bill payment. To provide these services, banks have shared ACH systems with other bank systems, such as Fed Wire and CHIPS. 27  Hacking, netspionage, cracking, viruses, global worms, employees with malicious intent, cyber terrorism, internal theft – these are just some of the security challenges.  Assessing the security needs of the firm.  Establishing a good policy.  Fulfilling Web Security needs.  Structuring the security environment.  Monitoring the system.  These are Steps to control security challenges. ASSESS SECURITY NEED  A Chief security officer is in charge of overseeing the entire security setup for the firm. He or she should be well versed in technology as well as the nature of the business. ADOPT A SECURITY POLICY THAT MAKES SENSE Policies should cover the threats that attack confidentiality, integrity and the privacy. DESIGN THE SECURITY ENVIRONMENT 30 The design beings with sketching out the stepping stones - the sequence and parameters in the security network based on the security policy and requirements of the e-commerce system. Security Perimeter A security perimeter generally includes Firewalls, authentication, virtual private networks (Vpns) and intrusion detection devices. Firewall The first line of defense of a company’s E-site is the firewall. Traditionally, firewalls included host of applications and services such as file transfer protocol (FTP) support. Authentication Another Technology protecting the perimeter is authentication. Under the old EDI system. Both sender and receiver had to sign up for the service with the value-added network (VAN) provider and agree on the format to be used before transactions were carried out. THE VIRUS: COMPUTER ENEMY NUMBER ONE 31  The most serious attack on a client computer or a server Internet environment is the virus.  A virus is malicious code that replicates itself and can be used to disrupt the information infrastructure. They can infect a number of different portions of the computer’s operating and file system.  They incorporate themselves into computer networks, files and other executable objects and replicate.  Virus developers are creative and are constantly inventing new viruses for all kinds of occasions. Therefore no network is immune. Types of Viruses The most common way of classifying a virus is by the way that it infects the system. These categories include file viruses, boot viruses, microwave viruses, stealth viruses, fast and slow infectors, armored viruses, multipartite viruses (infect different kinds of files by going into the master boot record and then going into memory), tunneling viruses and camouflage viruses. Categories File Virus A file virus is one that attacks executable files. Boot Virus A Boot virus attacks the boot sectors of the hard drive and the diskette. Macro Virus A macro virus exploits the macro commands in software applications such as Microsoft Word. SPYWARE AND ADWARE: Spyware Spyware is software that unknowingly install onto a computer that sets up shop without the user’s knowledge or permission. Once in residence it could be used for myriad reasons like collecting information about user's computer habits. Adware Adware is software that sneaks into your hard disk and lurks in the background allowing pop-up ads and releasing information for outsiders without authorization. More specifically here is what spyware does:  Allows the hijacking of your computer for unauthorized to use.  Collaborates with a hacker to steal your files.  Attacks third-party computers in Denial-Of-Service (DOS) attacks that expose them to legal liability.  Profiles your surfing habits (what sites you access, graphics you download, purchases you make, etc…) and releases them to a third party for future spam or pop-up junk.  Monitors every keystroke you type, your email traffic, passwords, Bank information, perhaps giving the information to a blackmailer. 32 One category firewall called cyber walls is a additional in Firewall Technology. Although they are software based they are more characteristic of hardware Technologies. HOW DOES A FIREWALL WORK? A Firewall is a software system that enforces an access control policy between two networks. It detects intruders, blocks them from entry, keeps track of what they do and where they originate, notifies the system administrator of mischievous acts and produces a report. How was done various, but most firewalls do one of two things: 1. Block traffic (called default Deny) 2. Permit traffic (called default Permit) Block Traffic Default denies blocks all traffic except that explicitly allowed by the firewall administrator. Permit Traffic Default permit allows all traffic except the traffic that is explicitly blocked by the firewall administrator. WHY WOULD YOU WANT A FIREWALL The firewall’s primary goal is to people out and away from the company’s e-commerce infrastructure. It provides real security and afternoon plays a key role as a security blanket phone company management. The firewall protects against the following situations.  Email services that are known to be problems.  Unauthorized interactive log-ins from the outside world.  Undesirable material such as pornographic images, movies or literature.  Unauthorized sensitive information leaving the company. Firewall cannot prevent the following  Via magnetic tape or a diskette.  Weak security policies.  Traitors or disgruntled employees.  Data-driven attacks. DESIGN AND IMPLEMENTATION ISSUES The First policy is how does the company want to operate the system? The Second design issue is the level of monitoring and control the Organization wants. The Third design issue is financial and administrative. The fourth design issue is whether the company wants internal Firewall installed. Security Policy: A strong security policy should dictate the firewall design, not the other way around. 35 Deny Capability: Every firewall should be able to support “default deny”. It should not have to be programmed to do the task. Filtering Ability: A firewall design should allow filtering techniques (deny, permit) for each host system within the organization. Filtering ability also should be flexible to filter on as many attributes as necessary. These attributes include IP source and destination addresses, source and destination TCP ports and user-friendly inbound and outbound interfaces. Scalability: A firewall design should be flexible enough to respond to the network’s changing environment. Authentication: A firewall design should do a good job of screening users for specific application and allow deny/permit privileges to be individualized. Recognizing Dangerous Service: A good firewall should be able to identify potentially dangerous service and disable them in time to minimize damage. Effective Audit Logs: A good Firewall system should log ongoing traffic and suspicious activities and produce reports in an easy-to-read format. This feature also implies good documentation of the design and implementation process. MANAGED FIREWALL SERVICES Many firms do not have the technical experience to design their own firewall systems; they use managers of firewall services. ISPs and long-distance carriers tend to be the main suppliers of such services. They set up firewalls at their data headquarters or on customer premises. Either way, they monitor customer security remotely through their network Operator. Unfortunately, not all providers do a secure enough job. RECOVERY FROM ATTACK Security prevention and detection gets most of the attention, yet recovery is equally important in defending a Web site. Regardless of the protection measures, not all attacks can be averted. In e- commerce, the merchant must anticipate and block possible means of attack. The security system 36 must detect intrusion, respond in a way that limits damage, maintain the system's availability, and ensure full recovery without delay. Assuming prevention measures are in place, the cycle of recovery includes the following. ROLE OF BIOMETRICS SECURITY Biometrics is the science and technology of quantifying and statistically scrutinizing biological data. FORMS OF BIOMETRICS Biometrics falls under two categories Physiological and Behavioral. Physiological Fingerprint Verification: Government agencies Identity authentication, Airport traffic security, ID of missing children, Medical and Insurance Industry. Iris Analysis: Correctional facilities, Department of motor vehicles. Facial Analysis: Banking, Airport security, Building security, Welfare agencies, Computer facilities and Credit Card Companies. 37 4. Anonymous and off-line (I- L): Electronic Cash, which includes transactions such as making deposits in one's account via ATM and using a credit card with a merchant who does not have an online connection to the Visa/MasterCard network. ANALYZING CASH, CHECKS AND CREDIT CARDS Regardless of the form of money, two distinct sets of properties should be considered in a money transfer: the ACID test (Atomicity, Consistency, Isolation, and Durability) and the ICES test (Interoperability, Conservation, Economy, and Scalability). THE ACID TEST. 1) Atomicity: A transaction must occur completely or act at all. 2) Consistency: All parties involved in the transaction must agree to the exchange. 3) Isolation: Each transaction must be independent of any other transaction and be treated as a stand-alone episode. 4) Durability: It must always be possible to recover the last consistent state or reverse the facts of the exchange. This means reversing charges in the event that customers change their mind. THE ICES TEST. The ICES test addresses four important properties of money transfer. 1) Interoperability: Ability to move back and forth between different systems. 2) How well money holds its value over time (temporal consistency) and how easyConservation: Money is to store and access (temporal durability). 3) Processing a transaction should be inexpensive and affordable. This property has aEconomy: direct relationship to the size of the transaction. A $10,000 purchase costing only $0.90 to process is economical. If the charge is the same for a S5 item, it would be considered expensive. In banking, wiring money from one bank to another usually generates a fee (say, $25), regardless of the amount of money transferred. 4) This test refers to the ability of the system to handle multiple users at the same time.Scalability: REQUIREMENTS FOR INTERNET-BASED PAYMENTS  Electronic payments are financial transactions made without the use of paper documents such as cash or checks. Having your pay check deposited directly to your checking or savings account, having your telephone bill paid electronically, and having transactions handled via point-of-sale or debit card are all electronic payments. INTERNET-BASED-PAYMENT SYSTEMS MODELS  Four main models illustrate Internet-based payment systems: electronic currency, credit cards, debit cards, and smart cards. Electronic currency is the network equivalent of cash. For example, electronic funds transfer (EFT) moves cash from one account. Credit cards are the electronic equivalent of checks. 1. Acceptability: For electronic payment to work, the system must be widely accepted by, and acceptable to merchants. Merchants must have the technical ability and the processes to expedite a sale without delay. 40 2. Ease of integration: The Web site interface must be effective and well integrate into the total network environment. It also should be independent of any other payment instrument. 3. Customer base: Enough users and enough traffic must be present to justify investing in the electronic payment mechanism. 4. Ease of Use and Ease of Access: User's don't like to wait. Using a payment system should be as easy as pressing a button on the screen. ELECTRONIC TRANSACTION SYSTEMS An electronic transaction system makes it possible to process transactions over the Internet, whether the customer uses Visa, MasterCard, Discover, American Express, or any other form of card. The elements required to do business on the Internet are a storefront, a shopping cart, a merchant account and an electronic transaction processing system to pay the merchant against the customer's credit or debit card. Several systems can do this job. The following examples illustrate how the bulk 'of Internet payment systems work. 1. CYBER CASH The main Cyber Cash transaction system centers on secure credit card payments. Cyber Cash servers act as a gateway between the merchant on the Internet and the secure financial networks 1. Customer places an order on merchant's Web site, then enters the payment and shipping information to initiate purchase process. 2. Consumer verifies the information and clicks the appropriate button to submit the packet of information back to the merchant. 3. Merchant ships the order (packet of information) and forwards payment information, which has been digitally signed and encrypted, to the Cyber Cash server. 4. Cyber Cash server receives the packet, moves the transaction behind its firewall off the Internet, unwraps the packets within a hardware-based crypto box(the same technology banks use to handle PINs as they are shipped from an ATM network), reformats the transaction, and forwards it to the merchant's bank over secure, dedicated lines. 5. Merchant's bank forwards authorization request to issuing bank via the card association that settles credit card transactions (or directly to Visa, American Express, Discover, and so on) for approval. The decision is sent back to the Cyber Cash server. 6. Cyber Cash transmits approval or denial code back to merchant, who presents it to consumer. Merchant proceeds with the fulfillment phase (shipping the order). Cyber Cash uses an e-wallet; no one except the customer and the banks ever sees the customer's credit card number. 2. NETBILL 41 This product is a secure and economical payment method for purchasing digital goods and services via the Internet. The Net bill server maintains accounts for consumers and merchants which allows customers to pay merchants for goods to be delivered. 1. A consumer requests a price quote by clicking on the URL in his or her browser. 2. The merchant responds with a price quote. 3. The consumer accepts (or declines) the price via a Money Tool pop-up window. 4. The merchant delivers the goods in encrypted form. 5. The Money Tool acknowledges receipt of the goods. 6. The merchant contacts Net Bill’s transaction server to record the transaction and transfer funds. 7. The Net Bill transaction server confirms that funds have been transferred and stores the decryption key. 8. The merchant sends the decryption key to the Money Tool, which displays the goods in the consumer's browser. SECURE ELECTRONIC TRANSACTION (SET) 42 4. A cardholder can dispute charges or purchases to the card issuer. In this case, the merchant's acquiring bank can reverse payments or adjust payments as he situation warrants. No signature gets verified and no face-to-face clues are available to interpret. The five-step process as it relates to purchases over the Internet. DEBIT CARDS Payments can be made on a Website in two ways: Debit cards and Credit cards. Most ATM cards are debit cards with a Visa or MasterCard logo. They look exactly like credit cards, except they directly tap your checking account every time you make a purchase or a withdrawal. They are easier, more convenient, less burdensome and offer great access to your money then do checks, ATMs or credit cards. Debit cards are different, however, because transactions are processed through the issuing bank's credit card network. When a debit card is used for off-line transactions, as in the case of retail purchases, a thief can drain an account simply by getting hold does not need the card; the card number is sufficient to commit the fraud. When a debit card is used with a PIN, as in using an ATM machine, it is called an online transaction. The cardholder simply inserts the card in the machine, enters the PIN number, and proceeds as when using an ATM card. All debit card purchases are reflected in the monthly hard copy statement the bank mails each customer for reconciliation. 1. Using a debit card frees you from having to carry cash or a check book. You don't have to carry traveller’s checks, show identification, or give out personal information at the time of the transaction. 2. Debit cards are more readily accepted by merchants than are checks, especially in countries where check cashing and check processing are not widely used. 3. It is generally easier to get a debit card than a credit card, You can get a debit card the moment you have a checking or a savings account. 4. 4. Returned debit card purchases are treated just like returns for items purchased by cash or check. 5. 5. The debit card is a quick pay now process. No grace period is given as for credit card payments. 6. 6. A major problem at this time is that using a debit card may mean less protection for items that are never delivered, for defective items or for items that were misrepresented. With credit card purchases, you can contest the charge and put a 7. Hold on payment within 60 days. 8. Cardholders might overspend their limit before anyone finds out. Retailers do not have verification machines to see a bank account balance before the sale During busy times, most retailers process small sales on faith. 45 SMART CARDS First produced in-1977 by Motorola is a thin, credit card-sized piece of plastic that contains a half- inch-square area that serves as the card's input/output system. Smart Cards uses and applications are the following: 1) Provides users with the ability to make a purchase. It contains stored value the cardholder can spend at retailers. 2) Holds cash, ID information, and a key to a house or an office. 3) Provides three categories of applications. The first is information to authenticate an individual's claim of personal identification using either token-based (e.g., a passport, driver's license, credit card) or knowledge-based (e.g., PIN numbers or passwords) authentication approaches. The second category is authorization for things like drug prescription fulfillment and voting purposes. The third category is transaction processing. The smart Card could be loaded with cash value in ATM machines and used as a credit card. A more recent development in smart card design is capturing fingerprints for improved authentication. 4) Provides encryption and decryption of messages to ensure security, integrity, and confidentiality. Though not inherently anonymous, smart cards can be designed to share no transaction information. 5) Acts as a carrier of value in a system, similar to what is called any electronic purse. For example, Visa Cash allows a customer to use a smart card for small purchases by storing specific cash value that can be replenished once the amount is used up. The standard technology is to allow transfer from a smart card to an authorized merchant. Known smart card applications include the following 1. are gaining importance with government agencies around the world.Government Smart cards They often are used to control areas of access for government employees. Postal workers in France carry smart cards to gain access to apartment buildings. The cards are programmed daily with the postal workers' predefined schedules. This card allows access only at certain times, facilitating easy access to appropriate individuals and discouraging intruders. 2. The identification market benefits greatly from the security associated with smartIdentification: Examples are driver's licenses immigration cards. 3. : Countries with national health care systems, such as Germany and France, HaveHealth care employed smart cards to reduce service costs associated with the health care industry. 4. The retail industry widely uses applications of the smart card; more specifically, toLoyalty: identify and reward customers. The Boots Advantage Card in Britain is one such example of a loyalty card retailers use to capture customer information and better cater promotions processes to them. 5. Telecommunications: Smart cards are widely used in the telecommunications industry. The Global Standard for Mobile Communicators (GSM) has been adopted in Hong Kong, Singapore. Australia, New Zealand, India, South Africa and the Persian Gulf states. A smart card called a Subscriber Information Module contains the information necessary to access the network. This card can be inserted into GSM phone, and the user is billed automatically. The user's location is detected, and any incoming phone calls are directed to that phone. 46 6. Transportation: Contactless smart card technology is quickly gaining acceptance in the transportation industry throughout the world. Hong Kong uses a single smart card, the Octopus card, in most of its public transportation systems. Octopus equipment has been installed in all buses in the city. Passengers also are able to travel franchised trams, coaches, and railways in Hong Kong using the Octopus card. 7. Financial institutions were one of the first to adopt smart cards for various applications.Financial: There are several common uses of smart cards within the industry. Including electronic purses, credit and debit cards, and payment associations. Electronic purses attempt to eliminate the costs associated with small change at the point of sale. The electronic cents purse is a smart card that stores a maximum value of 99 cents. When a customer presents this card at the point of sale, the transaction is rounded up or down to the nearest whole number and the card is either credited or debited to account for the difference. ELECTRONIC FUNDS TRANSFER AND AUTOMATED CLEARING HOUSE Electronic funds transfer (EFT) is a computer based system that facilities the transfer of money or processing financial transactions between two financial institutions the same day or overnight. Interbank transfer is one of the earliest forms of electronic payment systems on private networks. The routes bank transactions among financialAutomated clearinghouse (ACH) institutions so that accounts held by respective financial institutions can be debited and credited. Suppose your present checking account shows a balance of $100 in bank A. You walk up to the teller one morning to deposit a payroll check for $280 written on your employer’s Bank B in your checking account. The teller deposits the “not on us” check in your checking account and gives you a receipt shoeing a total balance of $380,but the amount available is still $100.the teller places a “hold “on the 47