UNIT-1

What is e-commerce? 

E-commerce is the buying and selling of goods or services via the internet, and
the transfer of money and data to complete the sales. It’s also known as
electronic commerce or internet commerce. 

Types of e-commerce

As commerce continues to evolve, so do the ways that it’s conducted.

Following are the most traditional types of e-commerce models:

 Business to Consumer (B2C): B2C e-commerce is the most popular e-

commerce model. Business to consumer means that the sale is taking place
between a business and a consumer, like when you buy a rug from an
online retailer.

 Business to Business (B2B): B2B e-commerce refers to a business selling

a good or service to another business, like a manufacturer and wholesaler,
or a wholesaler and a retailer. Business to business e-commerce isn’t
consumer-facing, and usually involves products like raw materials,
software, or products that are combined. Manufacturers also sell directly to
retailers via B2B ecommerce.

 Direct to Consumer (D2C): Direct to consumer e-commerce is the newest

model of ecommerce. D2C means that a brand is selling directly to their
end customer without going through a retailer, distributor, or wholesaler.
Subscriptions are a popular D2C item, and social selling via platforms like
InstaGram, Pinterest, Facebook, SnapChat, etc. are popular platforms for
direct to consumer sales.

 Consumer to Consumer (C2C): C2C e-commerce refers to the sale of a

good or service to another consumer. Consumer to consumer sales take
place on platforms likes eBay, Etsy, Fivver, etc.
 Consumer to Business (C2B): Consumer to business is when an
individual sells their services or products to a business organization. C2B
encompasses influencers offering exposure, photographers, consultants,
freelance writers, etc...

Features of e commerce

 E-Commerce is Technology-Enabled

Traditional commerce is taking place since times immemorial but E-

commerce is result of integration of digital technology with business
processes and commercial transactions.

 Technology Mediated

In E-commerce buyers and sellers meet in cyber space rather than physical
place. Hence E-commerce does not involve face to face contact.

 Universality:

Buying and selling take place through websites in E-Commerce. The websites
can be accessed from anywhere around the globe at any time therefore it
possess the feature of universality.

 Intercommunication:

E-commerce technology ensures two way communications between buyer

and seller. On one hand by using E- commerce firms can communicate with
customers through E-commerce enabled websites.

 Delivery of Information:

E-commerce serves as the best channel of communication. E-commerce

technologies ensure speedy delivery of information at very low cost and
considerably increase information density as well.
Advantages of ecommerce

 Faster buying process.

 Store and product listing creation.
 Cost reduction.
 Affordable advertising and marketing.
 Flexibility for customers.
 No reach limitations.
 Product and price comparison.
 Faster response to buyer/market demands.

Need for e-commerce

 E-Business helps in Cost Reduction

 E-Business helps in Customer satisfaction
 E-Business helps to acquire Just-In-Time Information
 E-Business helps in Transaction Efficiency
 Ease of Access to Global Market through E-Business.

Difference between Traditional Commerce and E-commerce:

TRADITIONAL
E-COMMERCE
COMMERCE
01. Traditional commerce E-commerce refers to the
refers to the commercial commercial transactions
transactions or exchange or exchange of
of information, buying or information, buying or
selling product/services selling product/services
 from person to person electronically with the
without use of internet. help of internet.
In traditional commerce it In traditional commerce
is difficult to establish and it is easy to establish and
02.
maintain standard maintain standard
practices. practices.
indirect interaction
In traditional commerce
through seller and buyer
03. direct interaction through
occurs using electronic
seller and buyer is present.
medium and internet.
Traditional commerce is E-commerce is carried
carried out by face to face, out by internet or other
04.
telephone lines or mail network communication
systems. technology.
In traditional commerce In e-commerce
05. processing of transaction processing of transaction
is manual. is automatic.
In traditional commerce
In e-commerce delivery
06. delivery of goods is
of goods takes time.
instant.
Its accessibility is
Its accessibility is for
07. 24×7×365 means round
limited time in a day.
the clock.
 Traditional commerce is E-commerce is used to
08. done where digital save valuable time and
network is not reachable. money.

Its resource focuses on Its resource focuses on

0.9
supply side. demand side.
In traditional commerce In e-commerce customers
customers can inspect can not inspect products
11.
products physically before physically before
purchase. purchase.
Its business scope of Its business scope is
12. business is a limited worldwide as it is done
physical area. through digital medium.

Challenges Faced by e-commerce Businesses

 Finding the right products to sell

 Attracting the perfect customer
 Generating targeted traffic
 Capturing quality leads
 Nurturing the ideal prospects
 Converting shoppers into paying customers
 Retaining customers
 Achieving profitable long-term growth
 Choosing the right technology & partners

Unit-2
What is a Network Security Policy?

A network security policy delineates guidelines for computer network access,

determines policy enforcement, and lays out the architecture of the
organization’s network security environment and defines how the security
policies are implemented throughout the network architecture.

Network security policies describe an organization’s security controls. It aims

to keep malicious users out while also mitigating risky users within your
organization. The initial stage to generate a policy is to understand what
information and services are available, and to whom, what the potential is for
damage, and what protections are already in place.

Cryptology

Cryptology is the mathematics, such as number theory, and the application of

formulas and algorithms, that underpin cryptography and cryptanalysis. Since
the cryptanalysis concepts are highly specialized and complex, we concentrate
here only on some of the key mathematical concepts behind cryptography.

Cryptographic algorithms

Cryptographic algorithms Can be classified as follows: Encryption algorithms

that are used to encrypt data and provide confidentiality. Signature
algorithms that are used to digitally “sign” data to provide authentication.
Hashing algorithms that are used to provide data integrity.

Public-key algorithm

Public-key algorithm (also known as an asymmetric algorithm) is one where

the keys used for encryption and decryption is different, and the decryption
key cannot be calculated from the encryption key. This allows someone to
keep a public-key/private-key pair.

Digital signature
Digital signature is a mathematical technique used to validate the authenticity
and integrity of a message, software or digital document. It's the digital
equivalent of a handwritten signature or stamped seal, but it offers far more
inherent security.

How do I create a digital signature?

Steps to apply for a Digital Signature Certificate

STEP 1: Log on and select your type of entity,

STEP 2: Fill the necessary details.

STEP 3: Proof of identity and address.

STEP 4: Payment for DSC.

STEP 5: Post the documents required.

Unit-3

E-Commerce - Payment Systems

E-commerce sites use electronic payment, where electronic payment refers to

paperless monetary transactions. Electronic payment has revolutionized the
business processing by reducing the paperwork, transaction costs, and labor
cost. Being user friendly and less time-consuming than manual processing, it
helps business organization to expand its market reach/expansion. Listed
below are some of the modes of electronic payments −

 Credit Card
 Debit Card
 Smart Card
 E-Money
 Electronic Fund Transfer (EFT)

Credit Card
Payment using credit card is one of most common mode of electronic
payment. Credit card is small plastic card with a unique number attached with
an account. It has also a magnetic strip embedded in it which is used to read
credit card via card readers. When a customer purchases a product via credit
card, credit card issuer bank pays on behalf of the customer and customer has
a certain time period after which he/she can pay the credit card bill. It is
usually credit card monthly payment cycle. Following are the actors in the
credit card system.

 The card holder − Customer

 The merchant − seller of product who can accept credit card payments.
 The card issuer bank − card holder's bank
 The acquirer bank − the merchant's bank
 The card brand − for example, visa or MasterCard.

Debit Card

Debit card, like credit card, is a small plastic card with a unique number
mapped with the bank account number. It is required to have a bank
account before getting a debit card from the bank. Debit cards free the
customer to carry cash and cheques. Even merchants accept a debit card
readily. Having a restriction on the amount that can be withdrawn in a day
using a debit card helps the customer to keep a check on his/her spending

Smart Card

 Smart card is again similar to a credit card or a debit card in

appearance, but it has a small microprocessor chip embedded in it. It
has the capacity to store a customer’s work-related and/or personal
information. Smart cards are also used to store money and the amount
gets deducted after every transaction. Smart cards can only be accessed
using a PIN that every customer is assigned with.

E-Money

 E-Money transactions refer to situation where payment is done over the

network and the amount gets transferred from one financial body to
another financial body without any involvement of a middleman. E-
money transactions are faster, convenient, and save a lot of time. Online
payments done via credit cards, debit cards, or smart cards are
 examples of emoney transactions. Another popular example is e-cash. In
case of e-cash, both customer and merchant have to sign up with the
bank or company issuing e-cash.

Electronic Fund Transfer

 It is a very popular electronic payment method to transfer money from

one bank account to another bank account. Accounts can be in the same
bank or different banks. Fund transfer can be done using ATM
(Automated Teller Machine) or using a computer.
Nowadays, internet-based EFT is getting popular. In this case, a
customer uses the website provided by the bank, logs in to the bank's
website and registers another bank account. He/she then places a
request to transfer certain amount to that account.

E-CASH

·         It is cryptographic electronic money cash system designed in 1983 used as

micropayment system.
·         It combines computerized convenience with security and privacy that
improve on paper cash. E-Cash is based on cryptographic systems called
digital signature. This method involves a pair of numeric keys that work in
tandem; one for locking and the other for unlocking. It focuses on replacing
cash as the principal payment vehicle in consumer oriented payments system.
Customers open an account with bank and either buy or receive free special
software for their PC’s.
·         Two approaches to holding electronic cash are online storage where the
consumer does not personally have possession of it and off-line where the
consumer does have physical control.   A smart card is an example of off-line
electronic cash storage. 

PROPERTIES OF E-CASH
1.Monetary value: It is back by either cash, a bank authorized credit, or a bank
certified cashier cheque. When e-cash created by one bank is accepted by
others, reconciliation must occur without any problem.

2.Interoperable: It is exchangeable as payment for other e-cash, paper cash,

goods or services, lines of credit, deposit in banking account, bank notes or
obligation, electronic benefit transfer and the like. Most e-Cheque proposal
use a single bank.

3.Storable and retrieval: Remote storage and retrieval would allow user to
exchange e-cash from home or office or while traveling. The cash could be
stored on the remote computer memory, in smart cards or special purpose
devices. It is preferable that cash is stored on a dedicated device that can’t be
altered and should have suitable interface. To facilitate personal
authentication using passwords or other means.

4.Security: E-Cash is not easy to copy or temper with while being exchanged.
This includes preventing or detecting duplication or double spending.
Detection is essential in order to audit whether prevention is working or not
or to know the tricky issue of double spending. 

ADVANTAGES OF E-CASH:
1.   More efficient than cash, checks or credit cards for both the consumer and the
merchant.
2.   Lower transaction costs and perhaps product costs related to increases in
efficiency.
3.   The distance which electronic cash must travel in a transfer does not effect
the transmission costs or the time as it does with traditional payment
methods.
4.   Electronic cash does not require any special authorization, so anyone may use
it for almost any kind of transaction, large or small.

DISADVANTAGES OF E-CASH:
1.      Potential collection problems if an Internet tax is ever enacted.
2.    Since electronic cash does not leave an audit trail, it could be used in money
laundering operations or as a medium of exchange in other illegal activities.
3.      Electronic cash is susceptible to forgery and double spending abuses.

2. E-CHEQUES

 Electronic Cheques are designed to accommodate the many individuals and

entities that might prefer to pay on credit or through some mechanism
other than cash.

 In e-Cheque system, consumer posses an e-Cheque book on a Personal

computer memory card International Associations (PCMCIA Card). The
buyers must register with a third party account server before they are able
to write e-Cheque. As needed, Cheque are return electronically from an e-
Cheque book on the card. They are then send over the internet to the
retailer, who in turn sends the e-Cheque to the customer banks. Settlement
is made through a financial network such as ACH. E-Cheque method was
deliberately created to work in much the same way as a conventional
paper Cheque.
 ADVANTAGES OF E-CHEQUE:

1. They work in the same way as traditional Cheque, thus simplifying

customer education.
2. E-Cheque is well suited for clearing micro payments; their use of
conventional cryptography makes it much faster than e-cash.
3. E-Cheque creates float and the availability of float is an important
requirement for commerce.
4. Financial risk is assume by the accounting server and may result in easier
acceptance. Reliability and scalability are providing by using multiple
accounting servers.

3. SMART CARDS
 A smart card is a plastic card with a small, built in microcomputer chip and
integrated circuit that can store and process a lot of data.
 These are generally made of polyvinyl chloride, but sometimes
polyethylene terephthalate based polyesters, acrylonitrile butadiene
styrene or polycarbonate.
 They can provide personal identification, authentication, data storage, and
application processing and strong security authentication for single sign-
on (SSO) within large organizations.
 Depending on your application you should choose right card.

Seven key legal issues in the e-commerce

Domain name
the choice of domain name in the e–commerce is difficult process requiring
assessment of many factors. Except the considerations for association a
domain with the name of a brand and the meaning of the domain in the
process of the website optimization, there are also legal aspects whose
neglecting or ignorance can have serious consequences in the future.

Website
The well optimized and functional website with friendly user interface
plays a key role for the success of the e–commerce. The contract for its
creation should cover a wide range of legal issues.

Rights of Intellectual Property

By creating an e-commerce website emerged a new object of intellectual
property and all copyrights and related rights with regard to their use in
the website must be clearly stipulated in the contract.

Terms and conditions, required information

E-commerce site must contain certain information that is expressly
referred to the Law on Consumer Protection. These duties include
providing information to the user regarding the name and the address of
the provider, the general characteristics of the commodities/services.

Privacy and security

Data protection is becoming increasingly important issue for the customers
in the e-commerce. Collection and the storage of personal data of the
costumers should be made lawfully, with the implementation of adequate
measures and modern technical resources for protection of the personal
data of the costumers.
 Online deals
Forming legally binding online agreements consists of the following main
elements - an offer and acceptance, consideration and a capacity to enter
into a contract.

Return policy
The Law on the consumer protection which regulate the sales in e-
commerce contains an unambiguous provision for the right of every
costumer to return the purchased goods within seven days term after the
delivery

What is Cyber Law?

Cyber law, also known as Internet Law or Cyber Law, is the part of the overall
legal system thet is related to legal informatics and supervises the digital
circulation of information, e-commerce, software and information security. It
is associated with legal informatics and electronic elements, including
information systems, computers, software, and hardware. It covers many
areas, such as access to and usage of the Internet, encompassing various
subtopics as well as freedom of expression, and online privacy.

Features of Cyber Law

The Cyberlaw IT act 2000 came into consideration on 17th October 2000 to
deal with e-commerce and Cybercrime in India. Eager to know Cyberlaw
comes under which list of Indian Constitution? Cyberlaw came into existence
after the making of the Indian Constitution. So, it is a residuary subject
handled by Central Government and is not included in the three lists namely,
Union, State, and Concurrent. According to the act following is the list of
features of Cyberlaw:

 All the electronic contracts made via secure electronic channels are valid
legally.
 There are security measures in place for e-records and digital signatures.
 The Cyberlaw act defines a process for the appointment of an adjudicating
officer for carrying out inquires.
 The IT law act provides recognition for digital signatures legally. Also, the
digital signatures are obligated to use asymmetric cryptosystem and a hash
function.
 The senior police officials and other officials are authorized to search any
public case without a warrant.
 There is a provision in the act to establish a Cyber Regulatory Appellant
Tribunal. This tribunal handles appeals made against the final order of the
Adjudicating Officer or the Controller. But an appeal against the tribunal’s
order can only be made in the High Court.
 There is also a provision in the act to form a Cyber Regulations Advisory
Committee that will advise the Central Government and the Controller.
 The nature of the Cyberlaw act even applies to online crime or offenses
that are committed outside India.
 There is also a provision to form the Controller of Certifying Authorities
which licenses and regulates working of the Certifying Authorities. All the
digital signatures are stored by the Controller in such a case.

5) Objectives of Cyber Law

 Unlike paper-based communication, the legal recognition of all the

transactions via electronic media whether data or e-commerce is
granted by the Cyberlaw.
 Digital Signatures became legal only due to the introduction to
Cyberlaw.
 One of the biggest advantages of Cyberlaw is that it facilitates the e-
filling of documents with Government departments and agencies.
 It also grants legal sanctions and also allows electronic fund transfer
between financial institutions and banks.
 It also legally recognizes the bankers to keep the books of accounts in
electronic form.
Types of Cyber Law/features /limitation

Now let us discuss what are the types of Cyberlaw? The law has rules dictating
behavior while using computers and the internet. It also prevents
unscrupulous activities online. Some major types of Cyberlaw are:

 Copyright: These days’ copyright violations come under Cyberlaw. It

protects the rights of companies and individuals to get profit from their
creative work. In earlier days, online copyright violation was easier. But
due to the introduction of Cyber law, it has become difficult to violate
copyright. This is very good!
 Defamation: Generally, people use the internet to speak out their
minds. But in case of fake public statements on the internet that are
bound to hamper someone’s business and reputation that is when
defamation law comes into the picture. Defamation Laws are a kind of
civil law only.
 Fraud: What is Cybercrime law? The major motive of this law is to
protect people from online fraud. The consumers these days depend on
Cyberlaw to prevent online fraud. IT law prevents credit card theft,
identity theft, and other money-related crimes that are bound to happen
online. People who commit online frauds face state criminal charges.
They may also witness a civil action by the victim.
 Harassment and Stalking: Some statements made by people can
violate criminal law that refuses stalking and harassment online. When
somebody posts threatening statements repeatedly about somebody
else, this violates both criminal and civil laws. Cyber lawyers fight and
defend people when online stalking occurs.
 Freedom of Speech: The internet is used as a medium of free speech.
But there are laws to avoid free speech that may cause immorality
online. Cyber lawyers should advise their clients about the amount of
free speech allowed online. Sometimes the Cyber lawyers fight cases for
their clients where they debate whether their client’s actions are within
the permissible limit of free speech.
 Trade Secrets: Businesses depend on Cyber laws to preserve their
trade secrets. For example, some organizations might steal online
 algorithms or features designed by another firm. In this case, Cyber laws
empower the victim organization to take legal action to protect its
secrets.
 Contracts and Employment Laws: You might have agreed upon many
terms and conditions while opening a website or downloading some
software. This is where the Cyberlaw is used. These Terms & Conditions
are designed for online privacy concerns.  

Cyber Laws of India

Section 65 – Tampering with computer Source Documents

A person who intentionally conceals, destroys or alters any computer source

code (such as programmes, computer commands, design and layout), when it
is required to be maintained by law commits an offence and can be punished
with 3 years’ imprisonment or a fine of 2 Lakhs INR or both

Section 66 - Using password of another person

If a person fraudulently uses the password, digital signature or other unique

identification of another person, he/she can face imprisonment up to 3 years
or/and a fine of 1 Lakh INR.

Section 66D - Cheating Using computer resource

If a person cheats someone using a computer resource or a communication

device, he/she could face imprisonment up to 3 years or/and fine up to 1 Lakh
INR

Section 66E - Publishing private Images of Others

If a person captures, transmits or publishes images of a person’s private parts

without his/her consent or knowledge, the person is entitled to imprisonment
up to 3 years of fine up to 2 Lakhs INR or both
Section 66F - Acts of cyber Terrorism

A person can face life imprisonment if he/she denies an authorized person the
access to the computer resource or attempts to penetrate/access a computer
resource without authorization, with an aim to threaten the unity, integrity,
security or sovereignty of the nation. This is a non-bailable offence.

Section 69 - Govt.'s Power to block websites

If the government feels it necessary in the interest of sovereignty and integrity

of India, it can intercept, monitor or decrypt any information generated,
transmitted, received or stored in any computer resource. The power is
subject to compliance of procedure. Under section 69A, the central
government can also block any information from public access.

Advantages of Cyber Law:

 Organizations are now able to carry out e-commerce using the legal
infrastructure provided by the Act.
 Digital signatures have been given legal validity and sanction in the Act.
 It has opened the doors for the entry of corporate companies for issuing
Digital Signatures Certificates in the business of being Certifying
Authorities.
 It allows Government to issue notification on the web thus heralding e-
governance.
 It gives authority to the companies or organizations to file any form,
application or any other document with any office, authority, body or
agency owned or controlled by the suitable Government in e-form by
means of such e-form as may be prescribed by the suitable Government.
 The IT Act also addresses the important issues of security, which are so
critical to the success of electronic transactions.