Robert e Comerce

BMIT 326 E-commerce

1 prepared by Masese

KABARAK UNIVERSITY

DEPARTMENT OF COMPUTING SCIENCES

Module No: BMIT 326

Module Title: E-COMMERCE

Module Leader Mr. Masese

Cell: 0727171725

PPuurrppoossee

To introduce the strategic and implementation of business issues that utilize electronic technologies

To utilize electronic technologies for business implementation and/or business marketing

UNIT1 : FOUNDATIONS OF E-COMMERCE

Introduction to E-commerce

Categories E-Commerce based on the transacting parties

Supply chain management , E-Procurement

UNIT 2 : NETWORK INFRASTRUCTURE FOR E-COMMERCE

Network infrastructure for E-commerce

The internet, intranet and extranets as E-commerce infrastructure

UNIT 3 ELECTRONIC DATA EXCHANGE AND ELECTRONIC PAYMENT SYSTEMS

EDI(electronic data exchange )

Classification of electronic payment systems

Unit 4 MOBILE COMMERCE

Study on mobile commerce

WAP(Wireless application protocol)

Unit 5 legal requirements in E-commerce & web security

Teaching and learning Strategy:

Lectures, Presentations by members of the class, Case discussions, Tutorials, Assignments,

Continuous assessment tests, Lab Practical, Library, appropriate software, manual/notes

BMIT 326 E-commerce


Instructional Materials/Equipment:

Course text, Handouts, White board, Presentation slides, Journals

Learning Outcomes

By the end of the course unit a student shall be able to:

Define electronic commerce as utilized in business

Outline the techniques, systems and strategies involved in business electronic commerce

Develop a business plan for an electronic commerce venture

Describe the technology that underlies E commerce

Transactions

Enumerate and discuss various issues of E-commerce such as security. Payments etc

Assessment Strategy:

Continuous Assessment Tests:

Class test I 20%

Class test II 20%

Assignments 10%

Total module work 50%

End-of-semester examination 50%

Total 100%

.

Main texts

1) Ravi Kalakota, Andrew b.Whinston, Frontiers of Electronic Commerce, Awl International

2) .Bajaj KK and Nag Debjani, From EDI to Electronic Commerce, TataMcGraw-Hill

3) .Bajaj and Nag, Electronic Commerce: The cutting edge of Business, Tata Mcgraw-Hill

4) .Greg Holden, Starting An E-commerce Business For Dummies,2nd

edition,IDG books India

5) .David Kosiur, Understanding Electronic Commerce, Microsoft Press

BMIT 326 E-commerce


FOUNDATIONS OF E-COMMERCE

Electronic commerce is an emerging concept that describes the process of buying and selling

or exchanging of products, services and information via telecommunication and computer

network including internet

Kalakota and Whinston (1997) define electronic commerce from various perspectives as :

1) From a Communication Perspective, E-Commerce is the delivery of information,

products /services, orders and payments over telephone lines, computer networks or

any other electronic means

2) From a Business Process Perspective, E-Commerce is the use of technology towards

the automation of business translations and work flows

3) From a Service Perspective, E-Commerce is a tool that caters to the need of firms,

consumers and management to cut down the translation costs while improving the

quality of goods/services and increasing the speed of delivery

4) From a Online Perspective, E-Commerce provides the capacity of buying and selling

products and information on the internet and other online service

The infrastructure for E-Commerce is networked computing, which is emerging as the

standard computing environment in business, home and government, networked computing

connects several computers and other electronic devices by telecommunication networks

E-business it refers to broader definition of e-commerce i.e just not buying and selling but

also servicing customers and collaborating with business partners and conducting electronic

translations within an organization

BMIT 326 E-commerce


E-business is all about globalization in business in terms of speed, cycle time, enhanced

productivity, reaching new customers and sharing knowledge across the world

E- Commerce In Action

Three primary processes are enhanced in e-business:

1. Production processes, which include procurement, ordering and replenishment of stocks;

processing of payments; electronic links with suppliers; and production control processes,

among others;

2. Customer-focused processes, which include promotional and marketing efforts, selling over

the Internet, processing of customers’ purchase orders and payments, and customer support,

among others;

3. Internal management processes, which include employee services, training, internal

information-sharing, video-conferencing, and recruiting. Electronic applications enhance

BMIT 326 E-commerce


information flow between production and sales forces to improve sales force productivity.

Workgroup communications and electronic publishing of internal business information are

likewise made more efficient

E-commerce can take many forms depending upon the degree of digitization of the product/

services sold the delivery process and the payment process. A product can be physical or

digital, a payment process can be physical or digital and a delivery process can be physical or

digital (pure commerce & partial commerce)

GOALS OF ECOMMERCE

The goals of ecommerce include reducing the costs associated with transactions, lowering

product cycle times, improving the speed of customer response, and improving service

quality. Most of these goals have been partially fulfilled. However, there is still a lot of

progress to be made in these areas

Others include

Access new markets and extend service offerings to customers

1) · Broaden current geographical parameters to operate globally

2) · Reduce the cost of marketing and promotion

3) · Improve customer service

4) · Strengthen relationships with customers and suppliers

5) · Streamline business processes and administrative functions

Categories E-Commerce based on the transacting parties

BMIT 326 E-commerce


Business Categories: A business organization can organize itself to conduct e-commerce with

its trading partners, which are businesses, and/or with its customers. The resulting modes of

doing business are referred to as Business-to-Business (B2B), and Business-to-Customer

(B2C) e-commerce. There is yet another category of e-commerce, referred to as Customer-

to-Customer (C2C)

1) B2B: BUSINESS TO BUSINESS

B2B Websites and Trading Transactions:This is e-commerce between businesses. The

exchange of products, service or information between businesses on the Internet in B2B e-

commerce. Some examples of B2B websites include company websites, product supply and

procurement exchanges, specialized or vertical industry portals, brokering sites, information

sites, and banking and financial sites that provide information for its business customers and

employees.

2) B2C: Business with Retail transactions:

This is business-to-consumer e-commerce. It may be defined as any business selling its

products or services to consumers over the Internet for their own use

3) C2C:

Virtual Market place with consumer to consumer: This is consumer-to-consumer e-commerce.

A virtual marketplace on the Internet in the form of a website enables sellers and buyers to

meet and exchange goods, including used goods, at a negotiated price in C2C

4)Consumer To Business

this category includes individuals who sell products and services to organizations for example

online consultancy to a business manufacturing machine parts

The Driving forces for E-commerce

Today’s business environment is influenced greatly by markets, economical, societal and

BMIT 326 E-commerce


technological factors

Market and economic pressure

1) Strong competition

2) Global economy

3) Extremely low labour cost in some countries

4) Frequent changes in market demands

5) Increased expectations

6) Awareness among consumers

Societal and environmental pressure

1) Reduction in government subsidies

2) Increased importance of ethical and legal issues

3) Rapid political changes

Technological pressure

1) Rapid technologies

2) Information overload (availability of information from different sources)

BMIT 326 E-commerce


An electronic market translations chart

1-Product/ service information request

2 - Product/ service information

3. Purchase request with payment (eg credit card no)

4. Authentication of purchaser and verification of credit status

7. Status of credit card ok

8. Purchase/service delivery (if online) or shipping document

10. Payments

2/8

8 4

9

10

payme

nts

11. Request for

payment

5. Verification of credit status

6. Status of credit card ok

6 status of credit card ok 12 payment

Paymen

t advice

Purchaser Seller/Supplie

rs

Automated

clearing house

Seller’s bank

Purchaser’s

bank

1/3

7

BMIT 326 E-commerce


Unique Features of E-commerce Technology

• Global reach

• The technology reaches across national boundaries, around Earth

• Effect:

• Commerce enabled across cultural and national boundaries seamlessly and without modification

• Market space includes, potentially, billions of consumers and millions of businesses worldwide

• Ubiquity

• Internet/Web technology available everywhere: work, home, etc., anytime.

• Effect:

• Marketplace removed from temporal, geographic locations to become ―market space‖

• Enhanced customer convenience and reduced shopping costs

• Global reach

• The technology reaches across national boundaries, around Earth

• Effect:

BMIT 326 E-commerce


• Commerce enabled across cultural and national boundaries seamlessly and without modification

• Market space includes, potentially, billions of consumers and millions of businesses worldwide

• Universal standards

• One set of technology standards: Internet standards

• Effect:

• Disparate computer systems easily communicate with each other

• Lower market entry costs—costs merchants must pay to bring goods to market

• Lower consumers‘ search costs—effort required to find suitable products

• Personalization/Customization

• Technology permits modification of messages, goods

• Effect

• Personalized messages can be sent to individuals as well as groups

• Products and services can be customized to individual preferences

• Social technology

• The technology promotes user content generation and social networking

• Effect

• New Internet social and business models enable user content creation and distribution, and support social networks

BMIT 326 E-commerce


E-COMMERCE APPLICATIONS

SUPPLY CHAIN MANAGEMENT

It is a network of relations that organizations maintain with trading partners to source, manufactures

and deliver the products

it consist of the facilities for acquiring the raw materials, transferring them and storing the intermediate

products and selling finished goods, SCM is the co-retardation of material, information and financial

flows

SCM BUSINESS OBJECTIVES

1) to get the right product, right place at the least cost

2) to keep inventory as low as possible

3) to reduce the cycle times between customer orders and dispatch of finished goods

SCM COMPONENTS

1) SUPPLIER MANAGEMENT: It is concerned with building relations with geographically

dispersed suppliers and also reducing the number of suppliers though e-commerce

2) INVENTORY MANAGEMENT: It is concerned with shorting the cycle between order and

dispatch and keeping the inventory levels to minimum

3) CHANNEL MANAGEMENT : It is concerned with disseminating information about

changing operating operations conditions(policies, prices, delivery, schedules to trading

patterns )

4) DISTRIBUTION MANAGEMENT : it is concerted with using EDI to move document(eg

shipping information) trading partners

5) PAYMENT MANAGEMENT :it is concerned with sending and receiving the payments

between companies and supplies electronically through electronic funds transfer(EFT)

6) SALES FORCE MANAGEMENT: is concerned with improving the communications and

flow of information among the sales, customers services and production functions through

automation

BMIT 326 E-commerce


E-PROCUREMENT

E- procurement has shifted the procurement paradigm from paper to automation thereby increasing

efficiently and effectiveness

efficiency – through lowering procurement cost, fast cycle times, elimination of unauthorized buying

effectiveness – though increased control over supply chain, higher quality purchasing decisions

GOALS OF E- PROCUREMENT

1) Reduce in purchase cycle time and cost

2) enhancement in budgetary control

3) elimination of administrative errors

4) increase in buyer 's productivity

5) improvement in payment process

Physical or digitally delivery

Product

selection

Approval

cycle

Requisition

Purchase order

Supplier fulfillment

Product shipped Product received

e-payments

B2B e- commerce

BMIT 326 E-commerce


E -PROCUMENT CHAIN FUNCTIONS

1) Management control – management control deals with decisions on which products are

availably to different employees departments and projects

2) on line product selection – on-line catalogs make product selections easier and less expensive,

beside saving time all suppliers are accessible from the system

3) electronic ordering -e- procurement system should facilitate the order placement via online

forms-faxing or emailing in a systematic manner

4) application integration – a good e- procurement system should be interacted with the existing

application such as general ledger, accounts payable, purchasing orders

5) information and reporting : the system should be able to track what was purchased, by whom,

at what price and how long it took to complete each step of the cycle

JUST IN TIME MANUFACTURING

is an interacted management system in manufacturing as well as retailing which focuses on the

elimination of wastes such as time ,material ,lab our and equipments in the production cycle

major benefits

a) Production cost will decrease as the stock is reduced and hence overheads of maintaining large

inventories are reduced

b) Market risks are passed on through the supplier chain

c) Quality control of production is enhanced only the goods are required at a specific period of

production

E-CRM

What is Customer Relationship Management

Increased competition, globalization, the growing cost of customer acquisition, and high customer

turnover are major issues in organizations today. CRM is a combination of business process and

technology that seeks understand a company‘s customers from a multi faceted perspective: who are

they, what they do and what they like?

Customer life cycle: The three phases of CRM

There are three phases of CRM: Acquisition, Enhancement and Retention. Each has a different impact

on the customer relationship and each can more closely tie a firm to its customers. The three phases of

BMIT 326 E-commerce


CRM have been explained below:

1. Acquiring New Customers

You acquire new customers by promoting product/service leadership that pushes performance

boundaries with respect to convenience and innovation. The value proposition to the customer is the

offer of a superior product backed by excellent service.

2. Enhancing the Profitability of Existing Customers

You enhance the relationship by encouraging excellence in cross-selling and up-selling. This deepens

the relationship. The value proposition to the customer is an offer of greater convenience at lower cost.

3. Retaining profitable customers for life

Retention focuses on service adaptability - delivering not what the market wants, but what the customer

wants. The value proposition to the customer is an offer of a proactive relationship that works in his or

her best interest. Today, leading companies focus on retention much more than on attracting new

customers This because the cost of attracting a new customer is higher than the cost of retaining an

existing customer

Strategic Model for e-Business/CMS/CRM- Software Development

1. Stage of Orientation

Define your short, medium and long term targets to discuss your individual requirements

2. Stage of Analysis

Analyses of special requirements for your application

3. Stage of Design and Layout

Visual displays based on your ideas

4. Stage of Transformation

Realizing requirements and ideas in the software solutions

5. Stage of Implementation

Full implementation of your e Business solutions

BMIT 326 E-commerce


Network infrastructure for E -commerce

electronic commerce needs a network infrastructure to transport the content – data, audio,visual,text,

animation, this network infrastructure is provided by what is known as the I- WAY or information

super highway.

The information highway is a high capacity, electronic pipeline to a consumer or business premise that

is capable of simultaneously supporting a large of e-commerce applications and providing interactive

connectivity between users and between users and other users

the I way has changed the way business advertise, market or sell their products or services, it has also

changed the relationships between business and customers and between business and their

collaborators

Multimedia Content for E-Commerce Applications • Multimedia content can be considered both fuel and traffic for electronic commerce

Generic Framework of Electronic Commerce

Common Business Services Infrastructure(Security/Authentication, Electronic Payment, Directories/Catalogs)

Messaging & Information Distribution Infrastructure(EDI, E-Mail, HyperText Transfer Protocol)

Multimedia Content & Network Publishing Infrastructure(Digital Video, Electronic Books, World Wide Web)

Information Superhighway Infrastructure(Telecom, Cable TV, Wireless, Internet)

Electronic Commerce ApplicationsSupply Chain Management Online Marketing and Advertising

Procurement & Purchasing Online Shopping

Audio and Video on Demand Online Financial Transaction

Entertainment and Gaming Education and Research

Pu

blic

po

licy, le

gal, e

co

no

mic

al

develo

pm

en

t, an

d p

rivacy is

su

es

Tech

nic

al s

tan

dard

s fo

r ele

ctro

nic

do

cu

men

ts, m

ultim

ed

ia c

on

ten

ts, b

usin

ess

tran

sactio

ns, a

nd

netw

ork

pro

toco

ls

BMIT 326 E-commerce


applications.

• The technical definition of multimedia is the use of digital data in more than one format, such as

the combination of text, audio, video, images, graphics, numerical data, holograms, and

animations in a computer file/document. See in Fig.

• Multimedia is associated with Hardware components in different networks.

• The Accessing of multimedia content depends on the hardware capabilities of the customer

Information Delivery/Transport & E-Commerce Applications

• Transport providers are principally telecommunications, cable, & wireless industries.

Transport Routers

Information Transport Providers Information Delivery Methods

• Telecommunication companies long-distance telephone lines;

local telephone lines

• Cable television companies Cable TV coaxial, fiber optic &

satellite lines

• Computer-based on-line servers Internet; commercial on-line

service providers

• Wireless communications Cellular & radio networks;

paging systems

Consumer Access Devices

Information Consumers Access Devices

• Computers with audio & video Personal/desktop computing

capabilities Mobile computing

• Telephonic devices Videophone

• Consumer electronics Television + set-top box Game

systems

• Personal digital assistants (PDAs) Pen-based computing, voice-

driven computing

BMIT 326 E-commerce


Components of the I way

The I way or information super high way consists of various components which can be broadly

categorized as :

1) Network access equipment : which is at the consumer end and enables the consumer to access

the network .it consist of the hardware such as computers, modems, routers, switches for

computer network.

2) Access roads or media : provide the communications backbone for the transmission of data

and information, the access provides may be differentiated into four categories : telecoms

based, cable TV based, wireless based or computer based on line systems

The main function of the access providers is to link the users and the e-commerce application

providers such as the telecoms networks, satellite works and the Internet

1. Global information distribution networks : providing the infrastructures for connecting

across the countries and continents, they include such networks as the long distance

telephone lines, the satellite networks and the Internet

components of the information super highway

network access equipments access media global information distribution

Telecom based access

Cable Tv Based access

Wireles based access

internet,intranet,extranet

Based access

Consumer access

equipment

Telecom networks

Satellite networks

internet

BMIT 326 E-commerce


Consumer access equipment :

The consumer may access equipment or consumer premises equipment or the terminal equipment

consist of the equipment that the customer uses to connect to the network.

It may consist of the TV setup boxes or the TV signal ,computer and the modem, pagers and cellular

phones, the type of consumer access equipment being used depends on the communication mode being

used

Access Roads or Access Media:

the access roads or access media is the way in which the consumer homes and work places are linked

with the backbone of the network infrastructure for E- commerce

They include :

1) Telecoms based -long distance and local telephone

2) Cable Tv Based – used to provide high speed data to homes

3) Wired cable Tv – the cable is employed with high capacity broad band coaxial cable to link

millions of subscribes with the same cable

4) Internet, intra net and extra net

GLOBAL INFORMATION DISTRIBUTION NETWORKS

They consist of the infrastructure crossing the countries and continents; they include the long distance

telephone lines, satellite networks and Internet

1) Long distance networks -long distance telephone connectivity is provident through cable by

the inter exchange carriers

2) Satellite networks - they are accessible from any point of the globe, they also provide broad

band digital service to many points without the cost acquiring wire or cable connection

3) Internet -is a group of worldwide information highways and resources that enables the world to

become an information society. It has been viewed as a prototype for the National Information

Infrastructure (NII). It provides a platform for E-COMMERCE

Internet Mail enables one to send information in the form of letters, messages, advertisements,

spreadsheets, game programs, binary files, multimedia data files across the Net to one or more

Internet addressees.

Intranet.

Is an intra business or intra-organization delivery system .Intranet is a technology that uses

Internet technology to deliver an organization‘s internal information.

This includes integration of E-mail, FTP, Mail Server(s) and Web server(s) with the internal

BMIT 326 E-commerce


applications. It is a corporate of LAN and Wan

Objective of an Intranet.

The objective of an Intranet is to organize each individual‘s desktop with minimal cost, time and

effort to be more productive, cost-efficient, timely and competitive. Access to all information,

applications and data can be made available through the same browser.

Applications of Intranets

Intranets provide the infrastructure for many intra business commerce applications such as:

1) cross – functional integration :

Intranets may be used to create a cross functional enterprise system that integrates and automates many

of the business processes across the enterprises enables information sharing and helps in improving the

efficiency and effectiveness of the business processes

2) Enterprise E-commerce Applications : centralized sale and purchase can be done online

3) Enhanced knowledge sharing : knowledge and information can be shared through

4) Enhanced group decision : web based group ware and work flow is becoming the standard

Internet platform

5) Document management : employers can access and exchange pictures, photos, charts, maps

over the Internet

6) Software distribution : an Intranet server may be used as an application ware house thus

avoiding many maintenance and support problems

7) Project management : share the design and reports and check the projects progress

8) Training : intra-organization training can be provided using the Intranet

Achievements of Intranet in an organization.

1) Reduced cost

2) Reduced telephone expenses

3) Easier, faster access to remote locations

4) Easier, faster access to technical and marketing information

5) Increased access to competitive information

6) Easier access to customers and partners

7) Latest, up-to-date research base.

BMIT 326 E-commerce


The extranet

An extranet or extended Intranet links the intranet in different locations for communication and

collaborations with geographically dispersed branches, suppliers, customers and other business

partners.

Extranet transmissions are usually conducted over the Internet, using the TCP/IP protocols

Applications of Extranet

1) enhanced communications

They help to improve communications between geographically dispersed branches

2) productivity enhancements

Just in time information delivery helps to enhance the productivity of businesses as availability of

information when needed is more useful then information that is late or never

3) cost reduction

Errors are reduced due to automation, paper publishing costs are reduced and sometimes even

eliminated

Electronic Data Interchange ( EDI)

EDI and Networks: Short for Electronic Data Interchange, the transfer of data between different

companies using networks such as VANs or the Internet. As more and more companies get connected

to the Internet, EDI is becoming increasingly important as an easy mechanism for companies to buy,

sell, and trade information. ANSI has approved a set of EDI standards known as the X12 standards.

EDI and Process: Basically, the electronic data interchange process is the computer-to-computer

exchange of business documents between companies.

EDI documents: EDI replaces the faxing and mailing of paper documents. EDI documents use

specific computer record formats that are based on widely accepted standards. However, each

company may use the flexibility allowed by the standards in a unique way that fits their business

needs.

EDI for Industries: EDI is used in a variety of industries. In fact over 80,000 companies have made

the switch to EDI to improve their efficiencies. Many of these companies require all of their partners

to also use EDI.

BMIT 326 E-commerce


Example for EDI:

1. Invoice, Shipping Notice, Receiving Advice: EDI can be used to electronically transmit

documents such purchase orders, invoices, shipping notices, receiving advice and other standard

business correspondence between trading partners.

2. Financial EDI or EFT (Electornic Fund Transfer): EDI can also be used to transmit financial

information and payments in electronic form. EDI is usually referred to as Financial EDI and

Electronic Funds Transfer.

3.BPR (Business Process Reengineering): EDI allows a new look at the ―Process” within an

organization, with a view to reengineer them in what has come to be known as Business Process

Reengineering (BPR).

Overview of EDI Benefits

1. Cost Benefits: The EDI process provides many benefits. Computer-to-computer exchange of

information is much less expensive than handling paper documents.

2. Compare with manual and EDI as cheaper: Studies have shown that processing a paper-based

order can cost $70 or more while processing an EDI order costs a dollar or less. Much less labor time is

required. Fewer errors occur because computer systems process the documents rather than

processing by hand.

3. EDI Transactions and reliable: EDI transactions between companies flow faster and more reliably

than paper documents. Faster transactions support reduction in inventory levels, better use of

warehouse space, fewer out-of-stock occurrences and lower freight costs through fewer emergency

expedites.

4. EDI Purchase and Orders with reduce the time interval : Paper purchase orders can take up to 10

days from the time the buyer prepares the order to when the supplier ships it. EDI orders can take as

little as one day.

5. EDI eliminates many of the problems: The use of EDI eliminates many of the problems

associated with traditional information flow.

BMIT 326 E-commerce


The delay associated with making documents is eliminated.

Since data is not repeatedly keyed, the chance of error are reduced

Time required to re-enter data is saved.

As data is not re-entered at each step in the process, labour costs can be reduced

Because time delays are reduced, there is more certainty in information flow.

The other advantage in the use of EDI is that it generates functional acknowledgement

whenever an EDI message is received, and it is electronically transmitted to the sender. This

acknowledgement state that the message is received.

6. Core Concept of EDI without human intervention: is that data is transferred electronically in

machine processable form, that is, the EDI message can be immediately processed by the receiving

computer without any human intervention, or interpretation or rekeying.

7. EDI and characteristics of situation: EDI is more suited in the areas where any of the following

characteristics exist:

A large volume of repetitive standard actions

Very tight operating margins

Strong competition requiring significant productivity improvements.

Operational time Constraints

Trading partners request for paperless exchange of documents.

Disadvantage: Drawbacks are few and far between, but there are some. For example, companies

choosing to implement both paper and EDI processes must manage both of these processes.

However, as stated before, using EDI is much more efficient than using paper, lending strength to

the argument against paper documents. Also, companies must ensure that they have the resources in

place to make an EDI program work; however, the need for these resources (or their hiring) may be

offset by the increased efficiency that EDI provides.

BMIT 326 E-commerce


Data Security for EDI Applications: Data security and control are maintained through out the

transmission process using passwords, user identification and encryption. Both the buyer‘s and the

supplier‘s EDI applications edit and check the documents for accuracy.

Value Added Networks

VAN: A Value Added Network is defined as a telecommunication network, primarily for data, that

process or transforms data and information in some way, and thereby provides services beyond simple

transport of information.

EDI Communication Systems and translation software: VAN is a third-party link in the EDI

communication system that provide the EDI translation software-service.

Value Added Network (VAN): VANs are private networks that add value to the basic

communication provided by common carriers by offering specialized services such as access to

commercial data bases, E-mail and video conferencing. Safaricom broadband is an example of a

VAN.

VANs present an attraction for companies that exploit the benefits of telecommunication without any

major investment. A value-added network (VAN) is a hosted service offering that acts as an

intermediary between business partners sharing standards based or proprietary data via shared

business processes. VANs traditionally transmitted data formatted as Electronic Data

Interchange (EDI).

Traditional methods of business document handling versus sending these documents

over EDI.

BMIT 326 E-commerce


Computerized business applications and standard formats: Since data is exchanged in

standard predefined formats, it becomes, possible to exchange business documents

irrespective of the computerised business application at either end of communication.

Accounts Receivable application as example: For example, the supplier's Accounts

Receivable application for raising an Invoice for payment could still be implemented on a file

system using COBOL while the customer's Accounts Payable may be based on an RDBMS

such as ORACLE.

BMIT 326 E-commerce


EDI messages can be used to totally automate the procurement process between two

trading partners.

Application-to-application without rekeying: Once data is entered into the buyer's computer

system and transmitted electronically, the same data gets entered into the seller's computer,

without the need for rekeying or re-entry. This is normally referred to as application-to-

application EDI.

Integrated with application programs: EDI can be fully integrated with application programs.

This allows data to flow electronically between trading partners without the need for rekeying,

and between internal applications of each of the trading partners.

BMIT 326 E-commerce


Traditional documents with problems: The repeated keying of identical information in the

traditional paper-based business communication creates a number of problems that can be

significantly reduced through the usage of EDI. These problems include:

increased time

low accuracy

high labour charges

increased uncertainty

Standardised electronic message formats: EDI consists of standardised electronic message

formats for common business documents such as Request for Quotation, Purchase Order,

Purchase Order Change, Bill of Lading, Receiving Advice, Invoice, and similar documents.

Without paper documents: These electronic transaction sets enable the computer in an

organization to communicate with a computer in another organization without actually

producing paper documents.

Automation: To take full advantage of EDIs benefits, a company must computerise its basic

business applications.

Agreement and EDI with Trading partners: Trading partners are individual organizations that

agree to exchange EDI transactions.

Cooperation and active participation of trading partners: EDI cannot be undertaken unilaterally

but requires the cooperation and active participation of trading partners. Trading partners

BMIT 326 E-commerce


normally consist of an organization's principal suppliers and wholesale customers.

Retail stores with EDI: Since large retail stores transact business with a large number of

suppliers, they were among the early supporters of EDI.

Manufacturing sector with EDI: In the manufacturing sector, EDI has enabled /the concept of

Just-In-Time (JIT) inventory to be implemented. / JIT reduces inventory and operating capital

requirements.

Costs and Benefits

Direct benefits

1. No need to rekey: Since the transfer of information from computer to computer is

automatic, there is no need to rekey information. Data is only entered at the source*

2. Cost of processing EDI documents is much smaller than that of processing paper

documents.

3. Customer service is improved. The quick transfer of business documents and marked

decrease in errors allow orders to be fulfilled faster.

4. Information is managed more effectively .

5. There is improved job satisfaction among data entry operators, clerks etc. when

redeployed in more creative activities

Strategic benefits

1. Customer relations are improved through better quality and speed of service.

BMIT 326 E-commerce


2. Competitive edge is maintained and enhanced.

3. Reduction in product costs can be achieved.

4. Business relations with trading partners are improved.

5. More accurate sales forecasting and business planning is possible due to information

availability at the right place at the right time.

COMPONENTS OF EDI SYSTEMS

Three Main Components of EDI: The three main components required to be able to send or

receive EDI messages are:

1) EDI standards

2) EDI software

3) third party networks for communications.

EDI STANDARDS

EDI and Business application and hardware: Using EDI it becomes possible for a business

application on the computer of one organization to communicate directly with the business

application on the computer of another organization. This exchange of information should be

independent of hardware, software or the nature of implementation at either of these two

organizations.

BMIT 326 E-commerce


EDI and standard format: To achieve this, it is required to extract data from the business

application and to transform it into a standard format which is widely, if not universally,

acceptable. This standard data when received at the destination is interpreted and

automatically delivered to the recipient application in an acceptable form.

EDI and structured format of business documents: The exchange of business documents in a

commonly agreed structured format necessitated the development of EDI standards.

EDI SOFTWARE

Structured EDI format: EDI software consists of computer instructions that translate the

information from unstructured, company-specific format to the structured EDI format, and

then communicate the EDI message.

EDI software and translates: EDI software also receives the message and translates from

standard format to company-specific formats Thus the major functions of the EDI software are

data conversion, data formatting and message communication.

EDI software available for computers: EDI software is available for mainframes,

minicomputers, and microcomputers. The requirements of EDI are: a computer, a

communication interface and appropriate software.

EDI Translators: EDI Translators perform the important function of translating business data

from company-specific formats to standard formats and vice-versa. When a document is

BMIT 326 E-commerce


received, the EDI translation software automatically changes the standard format into the pro-

prietary format of the document-processing software.

Good EDI translation Software: The most important concern when buying EDI translation soft-

ware is flexibility. A good EDI translation software product can handle multiple standards and

version/release upgrades. It will output the same flat-file structure regardless of standard or

version of standard.

EDI users: EDI users in different parts of the world began electronic trading before

UN/EDIFACT was established.

THIRD PARTY NETWORKS FOR COMMUNICATIONS.

Networks EDI server with mailboxes: EDI documents are electronically exchanged over

communication networks which connect trading partners to one another. These

documents are stored in user mailboxes on the network's EDI server from where they can

be downloaded/uploaded at the user's convenience.

VAN and Trading partners: These Value Added Networks (VANs) provide users with a

single point interface to the trading community freeing the user from the worries of

handling different communication protocols, time zones and availability of the computer

system at the other end—common problems in cases where direct links have to be

maintained with each trading partner

BMIT 326 E-commerce


ELECTRONIC PAYMENT SYSTEMS

The concept of electronic commence relates to selling goods or services over the internet. this involves

making payment over the internet, Thus online payment system and E-commerce are intricately given

that online consumers must pay for products and services

Electronic payments systems are proliferating in banking, retail, health care, online markets and even

governments. It provides cost effective and provide higher quality service to the end users(customers)

EFT(Electronic Funds Transfer) is any transfer of funds initiated through an electronic terminal,

telephonic instrument or computer so as to order, instruct or authorize a financial institution to debit

or credit an amount

EFT uses computer and telecommunication components both to supply and transfer money or financial

assets

Electronic payment requirement need to fulfill the following:

1) Acceptability : in order to be successful, the payment system needs to be widely accepted

2) Convertibility : the digital money should be able to be converted into other types of funds

3) Efficiency : the cost per transaction should be low or nearly zero

4) Flexibility : several methods of payment should be supported

5) Scalability : payment should be easy as in the real world

6) Security : electronic payment systems should allow financial transactions over open networks

such as the internet

Types of electronic payments systems

BMIT 326 E-commerce


1) Instant paid or cash : translations are settled with the exchange of electronic currency. An

example of on line currency exchange is electronic cash or e-cash.

2) Debit or pre – paid : users have to first pay in advance and then can buy a product or service

eg smart cards al called as electronic wallets

3) Credit or post paid : allows the users to buy a product or service and pay after wards eg

credit cards

Electronic commerce users hold different view points to these payments mechanisms depending

on various factors :

1) The nature of the translation for which mechanism is designed : the choice of the payment

mechanism depends on the type of the parties involved in the translation, amount involved

2) The Means Of Settlement Used : the electronic payment mechanism may be backed by cash

or credit , the choice of the payment mechanism to be used depends greatly on whether

translations will deal in cash or credit

3) Approach to security, anonymity and authentication: electronic payments vary in the

protection of privacy and confidentially of the translation .

4) Risk involved :the risk rises if the translation has long lag times between the product delivery

and payment to merchants

Electronic cash

Electronic cash ,digital money,e-cash provide the means to transfer money between transacting

over a network such as the internet.

Electronic cash must satisfy some properties of digital money :

1) monetary value :e-cash must have a monetary value either by cash or bank authorized

credit

2) interoperability : exchangeable as payment for other e-cash, paper cash, goods and

services and also between multiple banks and multiple currencies

BMIT 326 E-commerce


3) storability and retrievability : remote storage and retrieval of e- cash using telephone or

personal communication device , would allow users to exchange e – cash for products and

services from home or office or while traveling

4) security : to avoid double spending of the amount

5) divisibility : e – cash must be available in several denominations, it should also be divisible

in a way similar to real cash

BMIT 326 E-commerce


ELECTRONIC CASH

Digital cash is a payment message bearing a digital signature which functions as a medium of

exchange or store of value. Paper currency and coins represent value because they are backed by a

trusted third party, the government and the banking industry.

How does Digital Cash work?

There are a number of electronic cash protocols. To a degree, all digital cash schemes operate in the

following manner: A user installs a "cyber wallet" onto computer.

1) Money can be put in the wallet by deciding how much is needed and then sending an

encrypted message to the bank asking for this amount to be deducted from the user's

account.

2) The bank reads the message with private key decryption and verifies if it has been

digitally signed in order to identify the user.

3) The bank then generates "serial numbers", encrypts the message, signs it with its digital

signature and returns it. The user is now entitled to use the message (coin or token) to

spend it at merchant sites. Merchants receive e-cash during a transaction and see that it

has been authorized by a bank.

4) They then contact the bank to make sure the coins have not been spent somewhere else,

BMIT 326 E-commerce


and the amount is credited to the merchant's account.

Categorization of Digital Cash

It is apparent that various authors have different specifications for e-cash. There are a number of

categories in which these descriptions may be distinguished.

1. Anonymous or Identified. Anonymous e-cash works just like real paper cash. Once anonymous e-

cash is withdrawn from an account, it can be spent or given away without leaving a transaction trail.

This however, can be considered contentious, such as Paypal, a recognized form of digital cash, is not

considered to be entirely anonymous.

2. Online or Offline. Online means you need to interact with a bank (via modem or network) to

conduct a transaction with a third party. Offline means you can conduct a transaction without having to

directly involve a bank.

3.Smart Cards or Purely Electronic. Smart cards are similar to credit cards, but store money-related

information on a chip within the card. They may be used in digital cash applications. Again, there is

ambivalence as to whether smart cards represent "true" digital cash

As it was mentioned in the introduction, there are two types of system for digital cash, namely, the

online system and offline system. In the following, systems‘ structure, advantages and disadvantages

are discussed.

Online Digital Cash

Result

Bank

User Merchant

Withdraw

Coins

Receipt

Payment

Deposit

Coins

Deposit

Coins

Link with other

banks

BMIT 326 E-commerce


The diagram above shows the structure of the online digital cash system, the structure is indeed very

similar to the one which is being used in the existing paper cash system. In this system, we have got

three main components; the bank, customers and merchants, the user withdraw coins from the

bank, spend in the shop and the shop deposit the coin back to the bank.

The user ID in this online digital cash system is fully anonymous and it is done by using a protocol

called Blind Signature Protocol. Blind signatures are typically employed in privacy-related

protocols where the signer and message author are different parties.

This protocol simply eliminates the association between the user ID and the serial number of the coin.

Although it is good to hide user‘s identity totally, but this raises the problem of ―double spending‖ –

since the digital cash is digitally represented, it is very easy to duplicate and let the user spend the coin

twice.

To tackle the double spending problem, the merchant has to verify the coin with the bank at the

point of sale in each of the transaction, this verification of the legitimacy of the coin requires extra

bandwidth and is a potential bottleneck of the system especially when the traffic is high. The real

time verification also means there is a need for the synchronization between bank servers.

Pros and Cons of the online digital cash system

Here is the summary of the pros and cons of the online system:

Pros

Provides fully anonymous and untraceable digital cash:

- Provides user with confident that their user ID will not be revealed in anyways.

No double spending problems.

- Double spending is not possible at all due to the fact that coins are checked in real time

during the transaction.

Don't require additional secure hardware

- No additional hardware is needed for the implementation; existing POS (Point of Sale)

BMIT 326 E-commerce


devices could be used with a software update.

Cons

Communications overhead between merchant and the bank.

- The cost of the extra security and anonymity also becomes the bottleneck of the system

due to real time verification.

Huge database of coin records.

- The bank server needs to maintain an ever-growing database for all the used coins‘ serial

numbers.

Difficult to scale, need synchronization between bank servers.

- There is a need to perform synchronization of coin‘s serial numbers every time a coin is

deposit into the bank. This is simply impractical.

Coins are not reusable

- It has to be deposited back to the bank for verification; therefore, coins can only be used

once.

2. Offline Digital Cash

In the off-line scheme, the withdrawal and disposal of the coins are very similar to the one in the on-

line scheme; the main difference is in the transaction part of the model. Instead of verifying coins

during every transaction, the security of each entity in the system is guaranteed without a direct

Bank 1

Merchant Users

Temper-

resistant

device

T.R.D.

Others

Bank

T.R.D - Temper –

Resistant Device

BMIT 326 E-commerce


involvement with the bank.

This is achieved by adding an additional component in the model called the ―Temper – Resistant

Device‖. In a real life example, you could think of it as the Smart Card Reader at the Point of Sale. The

device is trusted by the bank and is used to verify the authenticity of the coin but does not check

whether the coin has been double spent.

This device makes the whole transaction offline but let the system suffers from the double spending

problem. Therefore, we need a new method to let the bank to trace back who double spent the money

but at the same time, keeping the system to be anonymous. One may ask that how could a system be

traceable and anonymous? Are they not the opposite of each other in the first place? A method called

―Secret Splitting‖ is commonly used to allow the user to be anonymous as long as he/she doesn‘t

double spend.

Pros and Cons of the offline digital cash system

Pros

Off-line scheme -The offline model is a fully offline and portable system.

User is fully anonymous unless double spend - The user is as anonymous as the online system if and only if they did not double spend.

Bank can detect double spender - The ID of the double spender would be revealed, this is an advantage towards the bank as

it might worries about double spending problem.

Banks don‘t need to synchronize database in each transaction. - The frequency of the synchronization between the bank servers is kept to a minimum as

these are always done via batch updates.

Coins could be reusable - Depending on the implementation, coins in the system could be reusable which further

reduces the overhead and the size of the coin in the database.

Cons

Might not prevent double spending immediately - As the user could in theory still double spend by risking the chance of being caught. (The

chance is really high indeed!)

BMIT 326 E-commerce


More expensive to implement - The extra security hardware needed in the system requires an additional cost.

Overall advantages of digital cash

E-cash is basically software; it can be programmed to do things that paper money could never do. This

ability opens up a whole range of exciting functionality that money may offer. Besides this, there are

many other advantages on offer.

1. For the Users:

1.1 Convenience. One of the most apparent benefits of digital cash is convenience. Users may access

funds, pay for items or be paid from the comfort of their home. With smart card implementation, users

will also be able to initiate financial transactions wherever they may be. Cell phones are being

developed to process electronic cash transactions; this will ensure convenience reaches unimaginable

heights. Not only is such ease of use desirable, but it saves time and effort and inevitably money. Such

capability will also empower the disabled, making them more competitive in the financial world.

1.2 Security. The user is also protected against the bank's refusal to honor a legitimate note, since

nobody is able to counterfeit the bank's digital signature on the note. Another important benefit for the

user is improved security. Passwords for the electronic wallet could safeguard itself from abuse by

thieves by making encrypted backup copies of its contents

1.3 Intractability. The primary advantage digital cash promises over other electronic payments are

anonymity. True anonymous digital cash would also provide unconditional intractability. The

―blinding‖ carried out by the user's own device makes it impossible for anyone to link payment to

payer. But users can prove unequivocally that they did or did not make a particular payment, without

revealing anything more, if they need to.

2. For the Bank:

2.1 Less Processing. Single transactions need not be authorized on line, debited from the customer's

account or printed for the customer. This greatly reduces processing effort, meaning time is saved and

less staff is required

2.2 Security. With the security measures built into the electronic wallet, fraud costs and costs for

clarifying disputed transactions could be reduced. Nowadays, card fraud is a very important problem.

The same applies to card counterfeiting and forged bank notes.

2.3 Handling. Handling costs for paper cash are exorbitant. This includes guarding, transporting,

counting, storing and the like. With weightless cash bereft of any volume, these massive savings will be

made.

3. For the Retailer:

3.1 Time saving. The instantaneous quality of electronic transactions, means retailers accounts will be

credited for immediate use if necessary.

BMIT 326 E-commerce


3.2 Transaction Costs. Retailers must pay a fee of 2 to 7 percent of the purchased amount to the credit

card company. The fees for digital cash transactions are likely to be smaller than for today's cards

because of smaller operating costs for the issuer. Costs for counting, storing and transporting cash

would also decrease.

Global Disadvantages:

1. Safety. The safety of any system is only as strong as its weakest link. German national television

recently showed how a hacker could create a Web page, with an embedded ActiveX control, that is able

to snatch money from one bank account and deposit it into another, bypassing the customary personal

identification number that is meant to protect theft.

2. Algorithm. Most algorithms used in these monetary systems have been around for many years

already. Numerous cryptology experts have attempted breaking them without success. However, one

can never rule out the possibility of a security break in the future.

3. Physical Securities. Another weak spot is the user‘s personal hardware (e.g. the smart card) and his

copy of the software. Only complete physical security can guarantee the safety of the stored money.

There are some skeptical of the physical safety of the smart card chips.

4. Economic Disruption. Another disadvantage is a possible uncontrolled growth of E-cash systems.

Such a monetary explosion could undermine bank- and government-controlled money systems, giving

rise to a confusing and inefficient system. Economists also predict that speed and ease of e-cash will

increase monetary velocity which in turn will cause unnecessary inflation.

5. Users. First of all, fewer people can understand the technology behind digital money, and thus it

does not inspire confidence. Conventional money on the other hand does not require any profound

knowledge in order to use it. This is an often underestimated topic as user confidence is the key to the

success of digital cash. The rising of e-cash could also foster a have and have-not society: Those with

PCs would have ready access to the new technology, while those without, many of them low-income

consumers, would not.

6. Legal problems. Digital cash's untraceable nature will loosen government's control over financial

information. Money laundering and tax evasion could proliferate in stateless e-money systems. A major

fear is that criminals will take advantage of such systems to aid illegal activities.

BMIT 326 E-commerce


ELECTRONIC CHECKS

Electronic checks, also known as digital token based systems, pertains to the use of networking

service to issue and process payments that emulate real world chequeing., the payer issues a digital

cheque to the payee and the payee deposits it in the bank to redeem the amount .

Each translation is carried over the internet, the payer must register with a third party account

server before being able to write electronic cheques .

The registration process varies depending on the account server and may requires a credit card

or a bank account to back the cheques, the account servers performs the task of authenticating the

payer. Once registered, the buyer or payer can issue electronic cheques for the purchase of goods and

services

Buyer‘s bank Seller‘s bank

Accounting server

Buyer‘s browse r Seller‘s server

(1) Access and browse

2) Select goods, transfer e-cheque

3) Forward e-cheque

to bank 6) Transfer money

5) Forward

cheque

4) forward cheque

7. Transfer

money

BMIT 326 E-commerce


An e-check translation involves the following steps:

5) The buyer accesses the seller‘s server to select the goods or services

6) The buyer purchases the goods/service by sending an electronic cheque to seller‘s

server-it may be sent through e-mail

7) The seller forwards the cheque to his bank electronically

8) The seller‘s bank forwards the e-cheque to the accounting server for payer

authentication and clearing.

9) The accounting server works with the buyer‘s bank, clears the cheque and transfers the

money to the seller‘s bank updates the seller‘s account

10) The buyer‘s bank updates the buyer‘s account

11) The accounting server forwards the cheque to the buyer‘s bank and updates the buyer‘s

account

12) The buyer‘s bank transfers the money to the accounting server

13) The accounting server sends the translation money, the accounting server will return the

cheque to the seller‘s bank

An e cheque, like a paper cheque, contains the name of the payer, the name of payer‘s bank, the

payer‘s account number, the name of the payee and the amount of the cheque.

Like the paper cheque the e-cheque bears the digital equivalent of a signature which is a

computed number that authenticates the cheque from the owner of the cheque, also the cheque needs to

be endorsed by the payee using another signature before the cheque can be paid.

CREDIT CARD BASED ELECTRONIC PAYMENT SYSTEM

A credit card is a small plastic card that has a magnetic strip on the exterior; the magnetic strip

carries some encoded form of encoded information about the card number and the card holder.

The data that is encoded onto the card the card may be encrypted making it difficult for potential

thieves to decode or copy the information onto another card. A card reader I required to read as well

write information to the magnetic strip

Magnetic strip card: Holds a value that can be recharged by inserting it into the

appropriate machines, inserting currency into the machine, and withdrawing the card; the

BMIT 326 E-commerce


card’s strip stores the increased cash value. Magnetic strip cards are passive; that is, they

cannot send or receive information, nor can they increment or decrement the value of cash

stored on the card

Magnetic strip cards are vulnerable to compromise because the informarion is magnetically

encoded and stored on the exterior of the card.(this can be copied, forged or altered )

Another drawback is that magnetically stored data is vulnerable to damage, if the card is placed

close to a magnet or to another magnetically encoded device

Categories of on line payments over the internet

1) Payments using plain credit card details

2) Payments using encrypted credit card details

3) Payments using third party verification

Payments using plain credit card details

The earliest method of payment was through unencrypted credit card numbers over the internet

,the low level of security inherent in the design of the internet makes this method problematic.

Authentication is also a significant problem and the vendor is usually responsible to ensure that

the person using the credit card is its owner.

Once registered, the buyer or payer can issue electronic cheques for the purchase of goods and

services

Card issuer‘s

server Acquirer‘s

server

Customer‘s browser Vendor‘s server

(1) Access vendor server

6) Check for

credit card

authenticity

and credit

status

4 request 3. forward to issuer

5.Sends authorization to accept credit card

9.Request for payment forwarded and money

transferred

Account update to

customer and transfer of

funds

2. Select goods and make credit

card

Payment through credit card number

6.authorisati

on forward

8.request to clear

payment

BMIT 326 E-commerce


Payment using Encrypted credit card Details

The problem with plain credit card on-line payments is that of confidentiality of the credit card

number and authenticity of the customer. The problem can be solved through encryption of the credit

card number and the message contents.

Smart card: A stored-value card that is a plastic card with an embedded microchip that can

store information. Credit, debit, and charge cards currently store limited information on a

magnetic strip. A smart card can store about 100 times the amount of information that a

magnetic strip plastic card can store. A smart card can hold private user data, such as

financial facts, encryption keys, account information, credit card numbers, health insurance

information, medical records,

However, this would add to the cost of the credit card translation itself and hence encryption

may be restricted to only high value, sensitive payments

The scheme uses two sets of public – private keys, one belonging to the customer and the other

to the credit card issuer ,the credit card number is doubly encrypted using the banker ‘s(issuer’s) public

key for the confidentiality(only the bank can decrypt the credit the credit card) and the customer’s

private key for authenticity of the sender(only the customer could have encrypted card number)

Payments using third party verification

In third-party processing, the consumer register with a third party on the internet to verify

electronic transactions via credit cards. such third parties are commonly referred to as on-line third

party processors(OTPPS)

OTPPS requires an OTPP account number by filling out the registration form consisting of the

customer information profile that is backed by a traditional financial instrument such as a credit card.

BMIT 326 E-commerce


Smart cards and electronic payment systems

Smart cards have been in existence since 1980s and have become a widely accepted and secure means

of handling off-line as well as transactions

A smart card is a small plastic that contains a microprocessor and a storage unit. Smart card

technology has been able to overcome most of the limitations of the magnetic strip cards. However

they are expensive to implement. But they hold greater amounts of data compared to magnetic strip

cards

Smart cards are classified as follows:

1. Memory smart cards or electronic purses or debit cards

2. Intelligent or relationship- based smart cards

Memory smart cards or electronic purses or debit cards

Electronic purses are smart cards that are capable of storing monetary value onto their

microprocessor chip, this money can be used by the consumer for purchase.

These are used as debit cards for the payments against purchase of goods/services or as pre

1.Request for purchase and OTP A/C

Vendor server cu Customer

browser

OTPP server

5. Authorisation

2. Request for

verification of

customer account

and credit status

4.approval

3. Request for

approval of payment

6..Debit customer account

BMIT 326 E-commerce


paid telephone cards , they contain less information and processing capabilities than the intelligent

smart cards, they are loaded with money using smart card reader.

Intelligent or relationship- based smart cards

Relationship based smart cards are enhanced smart cards that store card holder information

including Name, Birth Date, Personal Shopping Preferences And Actual Purchase Records , such

information will enable the merchants to accurately track consumers behaviour and develop

promotional programs to increase shopping loyalty

Relationship based smart cards are expected to offer consumers far grater options including

the following :

1) Access to multiple services such as debit, credit, investment or stored value for

e-cash on a single card.

2) Variety of functions such as access to cash, bill payment, balance inquiry

3) Multiple service at multiple locations using multiple device types such as ATM,

Screen Phone, Personal Computer, Personal Digital Assistant(PDA)

Designing Electronic Payment System

There are many factors that are to addressed when designing any new electronic payment

system for the complete success of the system :

1. Privacy : the user must not be exploited ,the payments should be anonymous as possible

2. Security: security of the translation can be achieved through user authentication and

restriction of the information/ service through access control

3. User friendly interface : users value convenience is vital hence the interface should be easy

to use

4. Brokers : a ―network broker‖ i.e someone to broker goods and services, settle conflicts and

facilitate financial translations electronically must be available .

5. Pricing :there should be subsidies to encourage the customers to move the traditional

payment systems to e- payment systems

6. Standards : standardization of the electronic payment systems is desirable for

interoperability, giving the users the ability to buy and receive information, regardless of

which financial institutions is managing their accounts

BMIT 326 E-commerce


Mobile commerce

Mobile commerce is concerned with E-commerce applications via the media of wires and mobile

computing a mobile commerce environment allows the users to access personal or business

information and carry out all E – commence translations while traveling away from home or work

place .

This is further more important as the size, cost and power requirement of the equipment and services

are declining fast as the demand is increasing, the key feature of Mobile computing environment is that

the user does need not maintain a fixed position in the network.

Mobile commerce are wireless transmission method that enables mobile computing i.e it enables

communication without wires. The main aim is to over come limitations in communications due to

dispersed locations and geography

Mobile computing it focus on the application side. it builds on the concept of being able to compute

no matter where the user is, choice for mobile computing include infrared, cellular, packet radio

service, microwave and satellite services.

The goal of mobile computing is to provide true computing freedom, free from the limitations of

locations and geography, so that the users can connect to a network from anywhere ,any time and use

the services provided.

Users with the following kind of profiles are candidates for mobile computing

1) who need to send and receive emails while away from the office

2) who need to access software applications such as corporate databases

3) who are constantly on road but need to process data constantly

Benefits of wireless and mobile computing

1) MOBILITY: mobility indicates constant physical movement of a person and his network

appliance i.e extending the office to any location in which a person might be.

2) Ease of installation in difficult to wire areas : the implementations of wireless networks offers

many tangible cost saving when performing installations in difficult to wire areas such as rivers,

freeways or other obstacles separating the building you want to connect

3) Reduced installation time : the installations of cabling is often a time consuming activity, on

other hand the deployment of wireless LANS,MANS and WANS greatly reduces the need for

BMIT 326 E-commerce


cable installations, making the network available for use much sooner.

4) Long –term saving : organizations reorganize resulting in the movement of people,new floor

plans, office partitions and other renovations, these changes often require re-cabling the network,

incurring both labour and materials cost.

Mobile computing applications

1) Remote communications

The traditional real time communications required people to structure their work around pre-

determined or fixed place in the form of an office or home and during fixed hours. However mobile

computing has helped to balance the working environment and hours according to the needs of the

organizations and the individuals.

2) Remote Data Access

A mobile user needs to have access to various applications and data files that reside on the server in

the organization‘s network, these include accounting packages, product and price information‘s

The aim of the mobile computing environment is to allow workers to be effective while at a remote

locations as they are in their usual offices when fully connected

Today a growing list of applications are being built on the mobile computing infrastructure include

Point of sale

Customer service

Field sales automation

Virtual meetings taxi dispatching

Mobile information access devices

Information can be sent over co-axial cables, fiber optic and the wireless networks in many forms

which include – text, audio, video, animation. The mobile users may use a wide variety of information

access devices for utilizing this information these include portable computers, personal assistants and

data communication equipment

1) Portable computers: these are divided into three distinct types – laptops, notebooks and hand held,

they vary on their method of entering storing, displaying and processing the data

2) Personal Digital Assistant : the personal digital assistant may be thought of a PC reduced in size

to fit inside the coat pocket, however, optimization in size and weight means limiting the functionality

The PDA may be subdivided as follows

BMIT 326 E-commerce


a) Digital assistant: they are small hand held device capable of capturing and digitizing data, digital

assistants can carry out functions of information processing as well as voice, data and fax

communication

They rely on pen based user interface in place of a key board and make heavy use of handwriting

recognition

b) Personal communicator : personal communicators couple a cellular telephone with a pen – based

interface. They are capable of carrying out functions of e-mails, fax transmission and reception and

personal information management besides the normal functions of a cellular phone .

The major draw back is they are accommodate only limited amount of text and user can not read the

screen and talk on the phone at the same, time

c) Palm tops : Palmtops also called personal organizers are designed to provide support for such

personal tasks such as diary maintance, notepad, calculator functions and computing functions limited

by the software available only in the ROM(read only memory ) they use keyboard and the screen as the

user interface

BMIT 326 E-commerce


Mobile Commerce

陳偉樑 B91901156

Mobile commerce from the Customer‘s point of view

1) The customer wants to access information, goods and services any time and in any place on his mobile

device.

2) He can use his mobile device to purchase tickets for events or public transport, pay for parking,

download content and even order books and CDs.

3) He should be offered appropriate payment methods. They can range from secure mobile micro

payment to service subscriptions

Provider‘s point of view

BMIT 326 E-commerce


1) The future development of the mobile telecommunication sector is heading more and more towards

value-added services. Analysts forecast that soon half of mobile operators‗ revenue will be earned

through mobile commerce.

2) Consequently operators as well as third party providers will focus on value-added-services. To

enable mobile services, providers with expertise on different sectors will have to cooperate.

3) Innovative service scenarios will be needed that meet the customer‘s expectations and business

models that satisfy all partners involved.

Attributes of M-Commerce and Its Economic Advantages

1) Mobility—users carry cell phones or other mobile devices

2) Broad reach—people can be reached at any time

3) Ubiquity—easier information access in real-time

4) Convenience—devices that store data and have Internet, intranet, extranet connections

5) Instant connectivity—easy and quick connection to Internet, intranets, other mobile devices,

databases

6) Personalization—preparation of information for individual consumers

7) Localization of products and services—knowing where the user is located at any given time and

match service to them

Mobile Computing Infrastructure

Hardware

1) Cellular (mobile) phones, Attachable keyboard, PDAs, Interactive pagers

BMIT 326 E-commerce


2) Other devices Notebooks, Handhelds ,Smart pads

SSccrreeeennpphhoonneess--aa tteelleepphhoonnee eeqquuiippppeedd wwiitthh ccoolloorr ssccrreeeenn,, kkeeyybbooaarrdd,, ee--mmaaiill,, aanndd IInntteerrnneett

ccaappaabbiilliittiieess

EE--mmaaiill hhaannddhheellddss aanndd WWiirree lliinneedd--ccoonnnneecctteedd bbyy wwiirreess ttoo aa nneettwwoorrkk

Unseen Infrastructure Requirements

1) Suitably configured wireline or wireless WAN modem

2) Web server with wireless support

3) Application or database server - for specific translations

4) Large enterprise application server – for the organizational information

5) GPS locator used to determine the location of mobile computing device carrier

Software

1) Micro browser – extract information

2) Mobile client operating system (OS)

3) Bluetooth—a chip technology and WPAN standard that enables voice and data communications

between wireless devices over short-range radio frequency (RF)

4) Mobile application user interface

5) Back-end legacy application software

6) Application middleware

7) Wireless middleware

BMIT 326 E-commerce


Networks and access

a. Wireless transmission media

i. Microwave

ii. Satellites

iii. Radio

iv. Infrared

v. Cellular radio technology

What Do You Need In Place To Support M-Commerce

An operator offering m-commerce needs to be able to provide a clear and compelling message to the

market of the accessibility, usability and trustworthiness of the m-commerce service, and also for the

service to be cost-effective to run. This leads to many operational requirements.

1)Available to both prepaid and postpaid customers

Prepaid mobile customers are now in the majority in Kenya , and contrary to initial expectations, they

are more likely to make use of higher margin mobile services like SMS and ring-tone download.

This is most likely as a result of their younger profile, being more open to next-generation services like

m-commerce. These buying habits suggest they will be valuable m-commerce customers in the future.

2) Pre-advice of charge

M-commerce customers will expect to know before executing a purchase all information relevant to the

decision to agree to proceed with the purchase, including availability and price.

The rating system must be able to provide pre-advice of charge information to the payment system, so

that the customer knows exactly what amount will appear on their bill or be deducted from their

BMIT 326 E-commerce


balance.

3) Pre-event authorization and authorization of delayed spend

Based on the same information as is used for pre-advice of charge, the operator needs to be able make

a decision on whether the customer has sufficient account balance or credit limit to cover the cost of

the transaction

4) Balance management

With the advent of m-commerce and other next generation mobile services the customer may well wish

to fund different services in different ways. For example, to hold a monthly postpaid contract for voice

calls, but pay for all m-commerce purchases from a dedicated prepaid account.

5) Authentication and authorization

M-commerce requires the customer and merchant to be initially authenticated in order to ensure that

they both have the right to conduct the transaction, and the individual transactions need to be

authorized by the payment issuer to ensure that funds or credit is available. Authentication &

authorization need to be very lightweight - requiring little user interaction, otherwise users will be put

off.

Subscriber management

Providing a simple and compelling subscriber experience is vital for mobile operators wishing to speed

the uptake of next-generation services. The advent of technologies such as wireless Java and MMS are

providing operators with the ability to offer a wide range of content services to subscribers.

To do so, operators will need to be able to deal effectively with a complex array of content partners,

business models, access devices, bandwidth and network issues.

The functionality includes:

1) • Being able to make customers aware of services relevant to their lifestyle

2) • Ensuring that a service is compatible with the subscriber's mobile device

3) • Controlling operators' exposure to risk by careful revenue assurance during the transaction process

4) • Settling between the various parties to a transaction, including sponsors and advertisers as well as

the content owner and the customer.

BMIT 326 E-commerce


Case study M –Commerce in Kenya

Drivers enhancing the growth of M-commerce

1) Widespread availability of devices

2) No need for a PC

3) Handset culture handset can provide multiple functions

4) Declining prices of hand sets and service charge compared to organizations offering the same

service

5) Improvement of bandwidth like 3G network

6) Explosion of EC in general

Classification of M-Commerce Services

1) Financial e.g. Secure banking services

2) Entertainment e.g. Mobile Gambling

3) Shopping e.g. Purchase of goods

4) Information e.g. Local Information

5) Payment e.g. Electronic Wallet

6) Advertising e.g. Intelligent Advertising

Enabling Technologies

Introduce two transmission mode, GPRS and W-CDMA

GPRS (General Packet Radio Service)

1) A step between GSM and 3G cellular networks.

2) Transmission rate via a GSM network within 9.6Kbps ~ 115Kbps.

3) GPRS supports the widespread range of bandwidth, it is a effective application under the

limited bandwidth.

4) Mobile phone can receive and transmit data at the same time. (e.g. make a phone call and

receives e-mail at the same time)

W-CDMA (Wideband Code-Division Multiple Acces)

1) the transmission technology for third generation (3G) UMTS mobile communication.

2) The transmission rate is up to 2Mbps, it makes mobile multimedia grows rapidly.

WAP(Protocol) and i-mode(Service)

WAP(Wireless Application Protocol)

It is a open and standard wireless application software protocol.

The WAP system are composed of two main factors：

1) WML（Wireless Markup Language）: similar to HTML

2) WAP Gateway / Proxy : to change the webpage source code to the suitable one.

3) Need a connecting action

4) Payment according to time used.

i-mode

1) The first packet-based, always-on, mobile Internet service

2) Various services available : Banking, game, wallpaper, music….

BMIT 326 E-commerce


3) Payment according to packets received

Other related technologies

J2ME (Java 2 Micro Edition)

A kind of programming language used in small, connectable consumer and embedded

devices. it makes mobile phones have a ability to execute program.

XML（eXtensible Markup Language）

A Standard for structured document interchange on the Web. It makes the description

language used by different browsers can be changed more quickly.

IPv6

IPv4 use 32bit, this is not enough. IPv6 expand it to 128bit, so that every mobile phone

can get its own IP.

IPv4 IPv6

Addresses are 32 bits (4 bytes) in

length.

Addresses are 128 bits (16 bytes) in length

Must support a 576-byte packet size

(possibly fragmented).

Must support a 1280-byte packet size (without

fragmentation).

Mobile Payment Issues

User Network

Operator

Financial

Institution

ContentProvider/Merchant

• Security

• Privacy

• Ease of Use

• Devices

• Open Standards

• Inter-operability

• Roaming

• Authentication

• Integrity

• Non-repudiation

• Fraud reduction

• Getting Paid

• User adoption

• Low Cost

Issues

Non-repudiation refers to a state of affairs where the purported maker of a statement will not

be able to successfully challenge the validity of the statement or contract

http://en.wikipedia.org/wiki/Contract

BMIT 326 E-commerce


Mobipay system

User

))))

OPERATOR NETWORK

+

Processor+Issuer/Acquirer

If PIN

not

entered

directly

1. User chooses Mobipay payment

method on merchant site

1

Internet

Merchant

REF:01021234

Alternative:+ PIN

3

3. User sends reference (+ PIN)

Mobipay

System

with Access

Node router

4

4. Data validation

4

5. PIN request

REF:010212341500 ptasStore XPIN:- - - - -

5 7

7. Authorisation

2. Merchant sends unique Mobipay

reference asociated with amount

Product .....:

REF. 1234

2

6. PIN response

6

REF:010212341500 ptasStore XPIN:12345

WEB

WEB

GSM

Delivery

REF 1234

Store x

OK

8

8. Confirmation

8

Vending

Machine OR

BMIT 326 E-commerce


Limiting technological factorsLimiting technological factors

Mobile

Devices

•Battery

•Memory

•CPU

•Display Size

Networks

•Bandwidth

•Interoperability

•Cell Range

•Roaming

Localisation

•Upgrade of Network

•Upgrade of Mobile

Devices

•Precision

Mobile Middleware

•Standards

•Distribution

Security

•Mobile Device

•Network

•Gateway

Networks

•Bandwidth

•Interoperability

•Cell Range

•Roaming

Difference between m commerce and e commerce

1) E commerce is available to only those places where we have net connectivity, but with m

commerce we are free from all such boundaries.

2) Video conferencing has become possible with m commerce even in places where there is no

internet.

3) E commerce not only needs internet but also electricity whereas there is no such requirement

with m commerce.

4) M commerce is easier to get to in comparison to e commerce but at present, using m

commerce is costlier than using e commerce

BMIT 326 E-commerce


Web security

Network Security

Data on the network is analogous to possessions of a person. It has to be kept secure from

others with malicious intent. This intent ranges from bringing down servers on the network to

using people's private information like credit card numbers to sabotage of major organizations

with a presence on a network. To secure data, one has to ensure that it makes sense only to

those for whom it is meant.

This is the case for data transactions where we want to prevent eavesdroppers from listening

to and stealing data.

Other aspects of security involve protecting user data on a computer by providing password

restricted access to the data and maybe some resources so that only authorized people get to

use these, and identifying miscreants(trouble maker) and thwarting(upsetting) their attempts

to cause damage to the network among other things.

Network security includes the following four steps:

Secure: Lock your networks with a combination of authentication, encryption, firewalls,

and continuous patching of system vulnerabilities.

Examine: To maintain a secure network, you have to regularly monitor the state of

security mechanisms, readiness, and incident handling procedures.

Network vulnerability scanners from a number of reputable vendors will proactively

locate areas of weakness, and IDSs can alert and respond to security events when

they occur. Your organization can get high visibility of the network data stream and the

security condition of the network using emerging security solutions.

BMIT 326 E-commerce


Test: Equally as vital as network examination and assessment is testing. Without

adequate testing of the security solutions, it's tough to know about new threats and

attacks.

The hacker community is an ever-changing continuum with menacing designs on your

systems and data. You can perform this testing yourself or you can outsource it to a

third party.

Enhance: Use the information gathered from the Examine and Test phases to

constantly enhance and improve the corporate security implementation and modify the

security policy as new vulnerabilities and risks are identified and the business model

changes.

Security service

Is something that enhances the security of the data processing systems and the information

transfers of an organization, intended to counter security attacks

make use of one or more security mechanisms to provide the service, replicate functions

normally associated with physical documents

eg have signatures, dates; need protection from disclosure, tampering, or destruction; be

notarized or witnessed; be recorded or licensed

they include :

Message Integrity. Would message alteration by a third party be harmful?

BMIT 326 E-commerce


Authentication. Does the receiver care where the message originated from?

Confidentiality. Would a third party gain from the disclosure of message content?

1) Message Integrity

Message integrity is required to ensure that messages have not been altered in transit.

Typical alterations to a message could include:

Altering the originating user's identity

Altering the identity of the application sending the message

Altering data in the message

Altering configuration information in the message

To support verification of message integrity, messages are signed. Rather than sign the

message elements directly, digest values are calculated, and these values are signed. This

can improve performance, because less computer resource is used to create a hash of data

than to digitally sign it.

2) Authentication

Authentication is required to allow the receiver to determine where the message has

originated from.

In practice the recipient of a message will often authenticate the sender of a message that is

received by first checking that the signed data in the message has been signed using the

public certificate whose private key was used to sign the message for message integrity

purposes and then checking the credentials in that public certificate to determine the identity

of the sender.

BMIT 326 E-commerce


3) Confidentiality

Confidentiality is required to conceal sensitive information in messages. Not all parts of

messages are necessarily sensitive, and in some cases a message may not be considered

sensitive at all, and so there may be no need for confidentiality. In the SCM Sample

application, parts of the message that are typically considered sensitive include:

The Soap Body – this could contain information such as order data, which could aid competitors

The Signature – in some cases the body of the message will contain predictable variations,

making it subject to guessing attacks. To prevent this the signature data should also be encrypted

The Start Header – this custom SOAP header includes the location of a callback service

4) Confidentiality

Indicates whether or not the message is encrypted. It contains one of the following:

―None‖. The security analysis concluded that confidentiality was not required

Certificate ―:‖ MessageParts. In which case confidentiality was applied as described below.

Certificate identifies the public key which is used to encrypt the symmetric key which is used

to encrypt the various parts of the message. Its structure and semantics is the same as

“Certificate” as defined under Message Integrity.

Message Parts are a list of the parts of the message that are encrypted. Each part is

encrypted separately. It may contain some combination of: “Body”, “Start Header” and

“Signature”. “Signature” means the digital signature that results from signing the message is

encrypted.

BMIT 326 E-commerce


Security attacks

Interruption :An asset of the system is destroyed or becomes unavailable, this is a threat to

availability

Interception : an unauthorized party gain access to an asset, this is a threat to secrecy

Modification : an unauthorized party gains access but tampers with an asset

Fabrication : this is also a threat to integrity, an unauthorized party inserts counterfeits objects

into the system

Model for Network Security

• using this model requires us to:

– generate the secret information (keys) used by the algorithm

– develop methods to distribute and share the secret information

– design a suitable algorithm for the security transformation

BMIT 326 E-commerce


– specify a protocol enabling the principals to use the transformation and secret

information for a security service

Model for Network Access Security

The second model is concerned with controlled access to information or resources on a

computer system, in the presence of possible opponents. Here appropriate controls are

needed on the access and within the system, to provide suitable security. Some cryptographic

techniques are useful here also.

• USING THIS MODEL REQUIRES US TO:

– Select appropriate gatekeeper functions to identify users

– Implement security controls to ensure only authorised users access designated

information or resources

• Trusted computer systems can be used to implement this model

COMMUNICATION SECURITY GOALS

The basic goal inn protecting communications will be to provide reasonable assurance that

BMIT 326 E-commerce


outsiders cannot read or modify your message

1.economy in both procurement costs and easy to use

Expensive, hard to use solutions are unrealistic for many organizations, however some

organizations will accept higher costs for better security

2. Easy communication with multiple hosts

Each host in the organization need to communicate with a growing communicate of other

hosts, it must be connected to LAN

3. Generic internet access

Internet provides a wealthy of information and communication opportunities ,but it also brings

a broadly based international threat directly to you desk top

4. Strongly secrecy

Leaking a single message can seriously compromise the organization goals and cause

damage from which it is very difficult to recover strongly secrecy is very expensive to achieve.

Cryptography

Data that can be read and understood without any special measures is called plaintext or

cleartext. The method of disguising plaintext in such a way as to hide its substance is called

encryption.

Encrypting plaintext results in unreadable gibberish called ciphertext. You use encryption to

BMIT 326 E-commerce


make sure that information is hidden from anyone for whom it is not intended, even those who

can see the encrypted data. The process of reverting ciphertext to its original plaintext is

called decryption.

Plaintext _____ Encryption ________ cipher______text plaintext _decry encryption

Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography

enables you to store sensitive information or transmit it across insecure networks (like the

Internet) so that it cannot be read by anyone except the intended recipient.

Social Engineering

It is the means of breaking and entering into a computer system by extracting information

such as passwords, firewall configurations data, network operating system data from

unsuspecting company employers or employers or employees “ willing to help”

Social engineers play on the general trusting nature of human beings and their natural instinct

to help others do their jobs.

Many times the social engineer may also use anger or draw employee’s sympathy to get

information, most commonly social engineers use the telephone to gain information by calling

and posing as a service person or high level executive or a person from the “help desk”

Hence the rule should be not to divulge sensitive information over the phone ,even if the

BMIT 326 E-commerce


claimant is the system administrator as no problem requires an administrator to obtain a

user’s password.

BMIT 326 E-commerce


LEGAL REQUIREMENTS IN E- COMMERCE

Internet provide the largest opportunity for free speech that has ever existed, yet this freedom may

offend some people and may be illegal under the (indecency) offensiveness act or may be just

considered unethical

Privacy issues

The threats of users or individuals on the internet include:

1) Computer matching

This consists of collecting customer information through web site registration and cookies; this

information is generally used to market additional business services.

Another threat is the unauthorized matching and sale of information about users from databases of

sales transactions processing systems

2) Computer monitoring

This consists of monitoring the productivity and behavior of the employees by the employers, such

monitoring is considered unethical because it monitors individuals and not just work

4) Corporate E- MAIL Privacy

For many companies monitoring the private e-mails of their employees is a policy for they may

suspect their employees for illegal or unauthorized activity.

5) Spamming

Spamming is the indiscriminate sending of unsolicited emails to many internet users and is

generally used for mass-mailing of advertisements and junk mail

6) Flaming

It is the practice of sending extremely critical, derogatory and vulgar email message or electronic

bulletin board posting to users on the internet.

Privacy protection

The privacy issues on the internet are of concern and protecting the privacy of users a number of

regulatory and self regulatory frameworks have come up

1. Self regulatory acts

There are some suggestions how the users can protect their privacy

a) Think before you give out personal information on a site

b) Use encryption for sending critical information as credit numbers

BMIT 326 E-commerce


c) Avoid cookies, this can be achieved by – Deleting cookies files stored in your computer

2. Privacy policies

Most organizations and ISPs have now began to understand that the collection of vast amounts of

personal information on customer, clients and employees requires that the information and therefore the

individual is protected . it involves-

Data collection : data should be collected on individuals only to accomplish a legitimate business

objective

Data accuracy: sensitive data gathered on individuals should be verified before it is entered into the

database

Intellectual property issues

Intellectual property is the intangible created by individual or corporations which is protected under

copyright, trade secret and patent laws

Copy right is a statutory grant that provides the creators of intellectual property with ownership of it

for 28 years, they are entitled to collect fees from anyone who wants to copy or use the property

Trade secret is intellectual work which is a company secret and not based on public information

Patent is a document that grants the holder exclusive rights on an invention for 17 years

Copy righting is the major intellectual property issues related to E-commerce include :

1)The internet and cyber space are fast encouraging and enabling the use of pirated soft wares, cds,

music and movies- destroying thousands of jobs and millions in revenue

2) Software is a major issue on the internet, reproduction and distribution of copyrighted works is

common on the internet

3) Another controversial issues in the electronic world is the expansion of library and distance over the

internet without compromising copyrights

Documents

Robert e Comerce