What Is E-Commerce? An Overview
What Is E-Commerce? An Overview
What Is E-Commerce? An Overview
E-Commerce
E-commerce (electronic commerce or EC) is the buying and selling of goods and services on the Internet. In practice, this term and a newer term, ebusiness, are often used interchangeably. For online retail selling, the term e-tailing is sometimes used.
E-Commerce
e-Commerce is the term for electronic business transactions, commerce or Internet trade. e-Commerce or e-business, therefore, refers to the business transactions between: B2B - Businesses to Business B2C Business to Customers
C2C - Consumer to Consumer B2G/G2B - Government / Government to Business
that are wholly or partially conducted over the Internet or similar public or private computer networks. ...
E-Commerce
Electronic Commerce means different things to different people. Originally, the term meant selling things online. The term has evolved to mean conducting business online (which can include customer service functions, sales, marketing, PR, advertising, and more).
E-Commerce
E-Commerce means commerce with anyone , anywhere, any time. It emphasizes new business opportunities that result in greater efficiency and more effective transaction.
E-Commerce
Electronic commerce enables organizations of all sizes and in all market sectors to improve their competitiveness. It cuts across geographic boundaries and time zones to save time and costs, to open up new market opportunities and enable even the smallest of companies to compete globally.
E-Commerce
Electronic commerce spans established processes such as bar code scanning and electronic data interchange (EDI) as well as newer arrivals, like e-mail, the Internet, the RFID (Radio Frequency Identification) and mobile electronic commerce.
E-Commerce
"Electronic commerce covers any form of business or administrative transaction or information exchange that is executed using any information and communication technology (ICT)."
E-Commerce
It covers following areas of activities:
- Business to Business (B to B) - Business to Consumer (B to C) , and - Business to Government (B to G) - Consumer to Consumer (C to C)
E-Commerce
Electronic commerce does not necessarily doing business over the Internet only. It may be doing business electronically using other modes e.g. FAX, EDI etc.
E-Commerce
Though people use e-Commerce and e-Business interchangeably, but there is thin difference between the two.
E-Commerce
E-Commerce is what we discussed above , but e-Business means connecting business systems directly to critical constituents e.g. Customers, Suppliers etc. and those who are involved with the business.
E-Commerce
E-Commerce
Drivers of e-Commerce:
- Digital Convergence:
The digital revolution has made it possible for almost all digital devices to communicate with each other. The Internets massive growth and reach during the past 10 years has enabled e-Commerce to come to this level.
N.B.: With convergence Data , Voice, Documents, Video
etc. can be merged and stored in the central database.
Course Developed by K.K.Nigam
13 April 2012 14
E-Commerce
Any Time , Any Where , Any One:
e-Commerce is available to anyone, any time , anywhere i.e. 24/7 ( 24 hours a day and 7 days a week)
E-Commerce
Changes in Organizations:
It enables employees to have improvement in the quality of their work. Better utilization of their time to have improved productivity.
E-Commerce
Widespread Access of IT:
Exponential growth in the PC penetration together with networking enables the organizations to have centralized working meaning there by better check and control and availability of information without any delay.
E-Commerce
Increasing Pressure on Operating Costs and Profit Margins:
Global Competition and the proliferation of products and services world wide have added unusual pressure to keep close watch on operating costs and maximizing profits.
E-Commerce
Demand for Customized Products and Services:
Customers are becoming more and more demanding. They want better products and services, delivery at a much lower cost. Mass customization puts pressure on firms to handle customized requests on a mass scale.
E-Commerce
It is predicted that those who cannot cope with such demanding situation, may ultimately out of the business.
eCommerce Security
Course Developed by K.K.Nigam
13 April 2012 33
E-Commerce Security
The recent growth of the Internet has focused worldwide attention on the growing problem of privacy, security and the potential for fraud and deception unless security standards are properly implemented .
13 April 2012
E-Commerce Security
The IT system that supports e-Commerce is susceptible to abuse and failure in many ways. Some of them are: - Fraud, resulting in direct financial loss. Funds might be transferred from one account to another or financial records are simply destroyed.
E-Commerce Security
- Theft of confidential, proprietary , technological or marketing information belonging to the company.
E-Commerce Security
- Disruption of service, resulting in
13 April 2012
E-Commerce Security
- Loss of Customer confidence stemming from illegal intrusions into customer files or company business, dishonesty , human mistakes or net work failures.
13 April 2012
38
E-Commerce Security
Security therefore has become critical for running the operations successfully and needs to be addressed with utmost care.
E-Commerce Security
Risk is a matter of degree e.g. banks require greater security than an office or shop/store mainly because of losing millions of dollars/Rupees if sufficient care is not taken.
E-Commerce Security
The biggest risk that has come to light is fraudulent usage of Credit cards.
E-Commerce Security
Security concerns generally involve following issues:
- Confidentiality - Authentication - Integrity - Access Control - Firewalls
E-Commerce Security
Basic Flaws in the Internet Infrastructure:
a. Lower Layer Protocol Lower layer protocol, including Ethernet are broadcast in nature, as a result , it is possible for any machine connected to a LAN to send/receive the data to some other machine connected to the same LAN.
E-Commerce Security
b. Authentication: No protocol in the entire TCP/IP suit contains any authentication of the communicating parties as such it is virtually impossible to accurately determine whether the addresses in the data packets are genuine.
E-Commerce Security
c. Packet Contents- There are precautions to authenticate the contents of the packets.
E-Commerce Security
d. Sequence Numbers: Certain implementations of TCP make use of easily guessable sequence numbers. The ability to predict TCP sequence numbers coupled with the lack of authentication in TCP makes it possible to establish fraudulent connections with unsuspecting system without raising any alarm on legitimate system.
E-Commerce Security
e. Firewall: Firewall serve a valuable purpose in securing Internet connected networks , but they do not provide end-to-end transaction security and cannot be considered adequate security solution for the Internet. f. Crackers: These are the people who try to break the key codes.
E-Commerce Security
The Solution How to build an Infrastructure That can be trusted for e-Commerce Following may be considered as possible security measures: - Firewall may be installed to protect the
organization from hacking and unauthorized access.
13 April 2012
E-Commerce Security
- Encryption/Decryption may be used to protect the contents from easy understanding. Two types of encryptions are possible a. Hardware encryption using hardware devices may help organizations protect their data. b. Software encryption is subject to specific application. This encryption is done by using Keys for encryption and decryption.
13 April 2012
49
E-Commerce Security
Site Blocking means prohibiting
access to websites which may not be felt secured and can transmit viruses, hacking , information theft etc.
E-Commerce Security
Digital Certificates for Web servers to provide authentication, Privacy and data integrity through encryption. Digital certificate certifies that message is authentic and from reliable source and it has not been tampered.
E-Commerce Security
A secure on-line payment management system to allow ecommerce websites to security and automatically accept, process and manage payments on-line.
Payments On
Internet
Course Developed by K.K.Nigam
13 April 2012 53
Payments on Internet
Electronic Payments are Financial transactions made without the use of documents such as Cheques.
Payments on Internet
Having Paychecks directly deposited to your Saving Account, having your Electricity /Telephone Bill paid Electronically etc. are examples of e-Payments.
Payments on Internet
Thus e-Business has led to creating the e-Payments. Let us see what are methods through which such payments can be made.
Payments on Internet
Some of the most common modes of Payments are:
- Payment through Credit / Debit/ Smart cards - Digi cash/ E-cash - E- Wallet - EFT ( Electronic Fund Transfer) - ACH ( Automatic Clearing House)
Payments on Internet
Most of online purchases are paid for by a credit card. Merchants like credit card payments because an instant authorization guarantees that the card is valid (as opposed to a cheque which may bounce).
Payments on Internet
Customers like paying by credit cards because they can easily cancel a transaction in case they don't receive products or services according to the agreement in the transaction.
Payments on Internet
How Payment is made through Credit /Debit or Smart Cards: Credit card information /Number submitted by the customer is sent to the bank which has issued the credit card to verify. If the transaction is approved, the merchant notifies the customer that the order has been placed.
Payments on Internet
The actual transfer of money from the credit card bank to the merchant may happen in a few hours, or even in a few days.
Payments on Internet
Merchants who accept credit card payments pay fee (between 1 and 7 percent of the card charge) for each card charge.
Payments on Internet
In addition, in some cases merchants pay authorization fee for each credit card authorization attempt, as well as other fees related to credit card processing.
Payments on Internet
Some Common Issues with payments through Credit cards:
Technical issues:
There are several technical issues involved in online credit card payments:
Payments on Internet
Quick check for typos.
Since the merchant may be charged for each credit card authorization, it is convenient to check that the credit card number makes sense before sending it to the issuing bank to authorize.
Payments on Internet
There is an easy algorithm to verify a credit card number: the last digit of the credit card number is computed from the other digits using a simple procedure.
Payments on Internet
Authenticating the user -protection from customer fraud.
Since the card is not physically present during the transaction, it is practically impossible for a merchant to distinguish a legitimate credit card user.
13 April 2012
Payments on Internet
In online transactions the user is usually asked to provide additional information, such as their address and phone number, and the card's billing address, if different from the customer's address. However, this information can be easily mistyped.
13 April 2012
Payments on Internet
While in a telephone transaction an operator can use their judgment to approve or reject a transaction based on how much of the information has matched and how confident the customer sounds, in an online transaction the level of "tolerance" of typos and mistakes must be set automatically.
13 April 2012
Payments on Internet
Protecting Card Numbers in transmission.
Since information transmitted in an online transaction is sufficient for approval of a credit card charge, it is essential that this information is protected from eavesdropping (Quantifying vulnerability in sensor networks) .
Payments on Internet
The most common way of doing it is to encrypt data in transmission. This is done via SSL (Secure Socket layer).
Payments on Internet
However, many online businesses do not use SSL when transmitting credit card numbers and other customer information, or do not make SSL the default for such transmissions.
Payments on Internet
N.B.: SSL, the secure sockets layer,
has been widely implemented and is the de facto standard for providing secure e-commerce
Payments on Internet
Protecting Card Numbers on the Merchant's Site.
In practice, the main vulnerability of dealing with credit card numbers is not the transmission, but the storage. Security experts agree that storing credit card numbers at the merchant's site is a risky practice, and should be avoided.
Course Developed by K.K.Nigam
13 April 2012 74
Payments on Internet
If credit card numbers need to be stored, they should be stored on a secure machine, and preferably in an encrypted form. They should not be stored in a database which is (at least partially) accessible to customers, nor should they be stored (in any form) on the web server.
Payments on Internet
Protecting from Merchant fraud The other side of protecting a merchant from a customer's fraud is protection of a customer against a merchant's fraud.
13 April 2012
Payments on Internet
If the merchant knows enough of the customer's credit card information to be able to authorize a transaction, then the merchant (including many of the merchant's employees) know enough to be able to use the credit card themselves!
13 April 2012
Payments on Internet
In the majority of cases the highest priority of the merchant is to protect the reputation of the business and their own, and a fraud is not in the merchant's interests.
13 April 2012
Payments on Internet
DigiCash (or E-cash)
DigiCash (also known as E-cash) is an electronic payment system developed by Dr. David Chaum, who is widely regarded as an inventor of digital cash. The system was based on digital tokens called digital coins. DigiCash operate as follows:
Payments on Internet
- A customer establishes an account with the bank or other organization that could mint and receive digital coins. The customer's account was backed by real money in some form, for instance it could be linked to the customer's Savings account.
13 April 2012
Payments on Internet
- The customer also needs to download and install a software called electronic wallet (e- Wallet).
13 April 2012
Payments on Internet
[Software, residing as a plug-in in the Web browser, that enables a cardholder to conduct online transactions, manage payment receipts and store digital certificates. Like your real wallet, your digital wallet stores your credit card number and shipping details. This wallet initiates the data encryption in a SET
13 April 2012
Payments on Internet
- To obtain DigiCash, the customer uses the electronic wallet to create digital coins. The coins are sent to the bank to sign. When the coins are signed, the equivalent amount of money is withdrawn from the customer's account.
13 April 2012
Payments on Internet
- When the customer wants to make a purchase, he/she sends signed digital coins to the merchant. The merchant verifies the bank's signature and deposits the coins to the bank, where they are credited to the merchant's account.
13 April 2012
Payments on Internet
CyberCash / CyberCoin
CyberCash is a system that allows customers to pay by a credit card without revealing the credit card number to the merchant.
13 April 2012
Payments on Internet
To achieve this, a credit card number is sent to the merchant in an encrypted form.
13 April 2012
Payments on Internet
To enroll, a customer installs a software called CyberCash wallet on their computer. At the time of the installment the wallet generated a pair of a public and a private key.
13 April 2012
Payments on Internet
The wallet was protected by a passphrase, and a backup key was stored encrypted on a floppy disk. A CyberCash account was linked to the customer's credit card.
13 April 2012
Payments on Internet
A purchase was conducted the following way:
- When the purchase was initiated, the CyberCash wallet displayed the amount, the merchant's name, and other information. After the customer approved the transaction, an encrypted payment order was sent to the merchant.
13 April 2012
Payments on Internet
- The merchant could decrypt some of the information in the order, such as the product list, the address, etc., but not the other (such as the credit card information). The merchant's software would add its own payment information to the order, digitally sign it, and then send it to the CyberCash gateway.
13 April 2012
Payments on Internet
- The CyberCash gateway would decrypt the information. The order would be checked for duplicate requests. The gateway would verify that the customer's and the merchant's order information match (i.e. no fraud was committed on either side). Then it would perform the money transfer and send the approval message to the merchant.
13 April 2012
Payments on Internet
The main point of this scheme was to prevent merchant's fraud, and thus allow customers to do business with more merchants without fear of scam.
13 April 2012
Payments on Internet
However, CyberCash and CyberCoin were not able to find the market. The main reasons for the failure were the large size of customer's software and the fact that very few merchants would accept CyberCash payment. The company was eventually bought by VeriSign.
13 April 2012
Payments on Internet
SET (Secure Electronic Transactions)
SET is the Secure Electronic Transaction protocol for sending money over Internet. It has been developed jointly by MasterCard, Visa, and several computer companies. SET uses mechanisms similar to CyberCash. However, being a standard protocol, it is built into a wide variety of commercial products.
13 April 2012
Payments on Internet
In SET the order information consists of two parts:
The part which is private between the customer and the merchant (such as the items being ordered) and information which is private between the customer and the bank (such as the customer's account number).
13 April 2012
Payments on Internet
SET allows both kinds of information to be included in a single signed transaction: the part private between the customer and the merchant is encrypted using the merchant's private key, and the part private between the customer and the bank is encrypted using the bank's public key.
13 April 2012
Payments on Internet
The reason why SET never became popular was pretty much the same as for CyberCash: the trouble of getting a digital wallet software and setting it up for each credit card was not worth it for a customer, because very few merchants would accept SET payments.
13 April 2012
Payments on Internet
Electronic Funds Transfer (EFT )
is a Computer based system that facilitates the transfer of Money or the processing of financial transactions between financial institutions like banks. The transfer gets effected the same day.
13 April 2012
Payments on Internet
The Automated Clearing House (ACH)
Routes bank transactions involving more than one financial institution so that the correct accounts held by the correct financial institution can be debited/credited.
13 April 2012
Payments on Internet
PayPal PayPal is an electronic payment system which can transfer money between its accounts. In order to use PayPal, one has to obtain a PayPal account, which is associated either with the customer's credit card or with their regular bank account. The validity of a credit card is checked by the usual ways.
13 April 2012
Payments on Internet
PayPal provides easy interface to send money to anyone by giving the person's e-mail account.
13 April 2012
Payments on Internet
In order for the person to retrieve the money, they must have a PayPal account. To avoid fraud, PayPal sends an e-mail message to both the initiator and the recipient of the transaction.
13 April 2012
Thank You
13 April 2012
103