E Commerce Notes - Updated-Apr2022
Uploaded by
2crystaltayE Commerce Notes - Updated-Apr2022
Uploaded by
2crystaltaySingapore Polytechnic
Approved SMA logo in colour
Pantone Reflex Blue
Pantone Yellow 122
Pantone Red 185
Black
2 August 2000/CM
Diploma in Maritime Business
DMB 3 (Stage B)
Electronic Commerce
Module No: MA 0122
Compiled by: Capt Mohd Khalif
Student Name: __________________________________________ Admission No.
_____________
MA0122 Electronic Commerce
Table of Content Pages
Chapter 1 Introduction to Electronic Commerce 2 to 12
Chapter 2 Planning the Electronic Commerce Initiative 13 to 20
Chapter 3 Web Server Hardware and Software 21 to 29
Chapter 4 E-Business Front-End/Back-End Integration 30 to 36
Chapter 5 E-Business Network and Web Site Security 37 to 50
Chapter 6 Payment System for E-Commerce 51 to 57
Chapter 7 Legal Issues of Electronic-Commerce 58 to 61
Recommended text and References 62
Additional Reading 63
Assignment Topics 64
e-Finance Glossary 65 to 68
MA0122/HJMK/April 2022 Page 1 of 68
MA0122 Electronic Commerce
Chapter 1
Introduction to Electronic Commerce
Learning Objectives In this chapter, you will learn about:
• The basic elements of electronic commerce
• Differences between electronic commerce and traditional commerce
• Economic forces that have created a business environment that fosters electronic commerce
• The ways in which businesses use value chains to identify electronic commerce
opportunities
• The ways in which businesses use SWOT analysis and evaluate business opportunities
What Is E-Commerce?
E-Commerce refers to the process of buying or selling a product or service over an electronic
network. The most popular medium in which E-Commerce is conducted is the Internet.
E-Commerce encompasses three types of business transactions. First, a transaction can
occur between a business and consumer. When you think of E-Commerce, this type of
transaction is the first thing that springs to mind. A prime example of a business that
engages in business-to-consumer E-Commerce is Amazon. Amazon promotes itself as the
"place to find and discover anything you want to buy online" by selling books, CDs,
electronics, and videos to consumers.
Traditional Commerce and Electronic Commerce
To many people, the term electronic commerce means shopping on the part of the Internet
called the World Wide Web. Although consumer shopping on the Web was running about $130
billion per year in 2002 and is expected to exceed $500 billion by 2004, electronic commerce is
much broader and encompasses many more business activities than just Web shopping.
Electronic commerce refers to business activities conducted using electronic data transmission
via the Internet and the World Wide Web.
MA0122/HJMK/April 2022 Page 2 of 68
MA0122 Electronic Commerce
• The three main elements of e-commerce are:
– Business-to-consumer e.g. ___________________________
– Business-to-business e.g. ___________________________
– The transactions and business processes that support selling and purchasing
activities on the Web. e.g. ___________________________
Other categories include: consumer-to-consumer and consumer-to-government.
e.g. __________________________________
Definition
• Business-to-business (B2B)
– Businesses make online transactions purchases with other businesses
• Business-to-consumer (B2C)
– Online transactions between businesses and consumers
• Business-to-employee (B2E)
– Information and services made available to employees online
MA0122/HJMK/April 2022 Page 3 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
When can it happen?
At all times of the day, every day of the week, every week of the year and in every time zone
around the world.
Electronic commercial transactions are NOT limited by any externally imposed restrictions on the
timing of commerce.
Electronic Funds Transfers (EFTs) have been used by banks for many years.
Electronic Data Interchange (EDI) occurs when one business transmits computer-readable data
in a standard format to another business.
Businesses who engage in EDI with each other are called trading partners.
The standard formats used in EDI contain the same information that businesses have always
included in their standard paper invoices, purchase orders, and shipping documents.
Firms, such as General Electric and Wal-Mart, have been pioneers in using EDI to improve their
purchasing process.
MA0122/HJMK/April 2022 Page 4 of 68
MA0122 Electronic Commerce
The development of e-commerce over the internet has caused some to question the viability of
EDI. Some experts argue that internet e-commerce technology will serve different audiences and
different uses than EDI. Do you agree?
Value Added Network (VAN)
A value added network is an independent firm that offers connection and EDI transaction
forwarding services to buyers and sellers engaged in EDI. VANs are responsible for ensuring the
security of transmitted data. VANs charge a fixed monthly fee plus a per-transaction charge to
subscribers.
Activities as Business Processes
Business processes refer to the group of logical, related, and sequential activities and
transactions in which businesses engage, including:
– Transferring funds
– Placing orders
– Sending invoices
– Shipping goods to customers
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 5 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
Business Process Suitability to Type of Commerce
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 6 of 68
MA0122 Electronic Commerce
Make a list of other ‘goods and services’ that will be suited for the above.
Commodity item – product or service that is hard to distinguish from the same products or
services provided by other sellers, making them especially well suited to electronic commerce.
Shipping profile – collection of attributes that affect how easily a product can be packaged and
delivered.
Advantages of Electronic Commerce
• Electronic commerce can increase sales and decrease costs.
• Web advertising reaches a large amount of potential customers throughout the world.
• The Web creates virtual communities for specific products or services.
• A business can reduce its costs by using electronic commerce in its sales support and order-
taking processes.
• Electronic commerce increases sale opportunities for the seller.
• Electronic commerce increases purchasing opportunities for the buyer.
Disadvantages of Electronic Commerce
• Some business processes are difficult to be implemented through electronic commerce.
• Return-on-investment (ROI) is difficult to apply to electronic commerce.
• Businesses face cultural and legal obstacles to conducting electronic commerce.
Provide examples for the advantages and disadvantages of electronic commerce.
International Electronic Commerce
• About 60 percent of all electronic commerce sites are in English, therefore many language
barriers need to be overcome.
• The political structures of the world present some challenges.
• Legal, tax, and privacy are concerns of international electronic commerce.
MA0122/HJMK/April 2022 Page 7 of 68
MA0122 Electronic Commerce
Economic Forces and Electronic Commerce
Business activity today occurs within large hierarchical business organizations, referred to as
firms or companies.
Transaction costs are the total of all costs that a buyer and a seller incur as they gather
information and negotiate a purchase-sale transaction.
Transaction costs are the total of all costs that a buyer and a seller incur as they gather
information and negotiate a purchase-sale transaction. Another significant component of
transaction costs can be the investment a seller makes in equipment or in the hiring of skilled
employees to supply the product and services to the buyer.
Economic Forces and Electronic Commerce (traditional)
MA0122/HJMK/April 2022 Page 8 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
Economic Forces and Electronic Commerce (hierarchical)
(Source: Thomson, Reference #2)
Economic Forces and Electronic Commerce (networking)
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 9 of 68
MA0122 Electronic Commerce
Network Effects
As more people or organizations participate in a network, the value of the network to each
participant increases.
Example: An email account that is part of the Internet is far more valuable than an email
account that connects only to other people in the company.
Value Chains
Electronic commerce includes so many activities and transactions that it can be difficult for
managers to decide where and how to use it in their businesses.
One way to focus on specific business processes as candidates for electronic commerce is to
break the business down into a series of value-adding activities that combine to generate profits
and meet other goals.
Value Chains
A strategic business unit is one particular combination of product, distribution channel, and
customer type. A value chain is a way of organizing the activities that each strategic business unit
undertakes to design, produce, promote, market, deliver, and support the products or services it
sells.
Strategic Business Unit Value Chains
The support activities of a value chain for a strategic business unit include:
– Finance and administration
– Human resources
– Technology development
Industry Value Chains
Value system describes the larger stream of activities into which a particular business unit’s
value chain is embedded. Industry value chain (IVC) refers to value systems. IVC is used to
identify opportunities for cost reduction, product improvement, or channel reconfiguration.
MA0122/HJMK/April 2022 Page 10 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
SWOT Analysis:
Evaluating Business Unit Opportunities
Most electronic commerce initiatives add value by either reducing transaction costs, creating
some type of network economics effect, or a combination of both.
In SWOT analysis, you list the strengths and weaknesses of the business unit and then identify
opportunities presented by the markets of the business unit.
Evaluating Business Unit Opportunities
MA0122/HJMK/April 2022 Page 11 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
The Role of Electronic Commerce
• Electronic commerce can play a role in
– reducing costs
– improving product quality
– reaching new customers or suppliers
– creating new ways of selling existing products
• By examining elements of the value chain outside of the individual business unit, managers
can identify many business opportunities, including those that can be exploited by using
electronic commerce. Planning for Electronic Commerce
In this chapter, you will learn about:
• Planning electronic commerce initiatives
• Strategies for developing electronic commerce Web sites
• Managing electronic commerce implementations
MA0122/HJMK/April 2022 Page 12 of 68
MA0122 Electronic Commerce
Chapter 2
Planning the Electronic Commerce Initiative
A successful business plan for an electronic commerce initiative should include activities that
will:
Identify the initiative’s specific objectives
Link those objectives to business strategies
Manage the implementation of those business strategies
Oversee the continuing operations of the initiative after it is launched
Identifying Objectives
Common objectives include:
• Increasing sales in existing markets
• Opening new markets
• Serving existing customers better
• Identifying new vendors
• Coordinating more efficiently with existing
vendors
• Recruiting employees more effectively
• Resource decisions should consider the expected benefits and costs of meeting the
objectives.
Linking Objectives to Business Strategies
Businesses can use downstream strategies, which are tactics that improve the value that the
business provides to its customers.
Businesses can pursue upstream strategies that focus on reducing costs or generating value by
working with suppliers or inbound logistics.
Linking Objectives to Business Strategies
The Web is an attractive sales channel. The Web can be used to complement business strategies
and improve competitive positions. Electronic commerce opportunities can inspire businesses to
undertake many activities. More companies are taking a closer look at the benefits and costs of
their electronic commerce projects.
A good business plan will set specific objectives for the benefits to be achieved and costs to be
incurred. Companies use pilot Web sites to test an electronic commerce idea, and then release a
production version when it works well.
MA0122/HJMK/April 2022 Page 13 of 68
MA0122 Electronic Commerce
Measuring Benefit Objectives
Many companies create Web sites to build their brands or enhance existing marketing programs.
These companies can set goals in terms of increased brand awareness, as measured by market
research surveys. Companies that sell goods or services on their sites can measure sales volumes
in units or dollars. Companies can use a variety of similar measurements to assess the benefits of
other electronic commerce initiatives. Supply chain managers can measure supply cost
reductions, quality improvements, etc.
(Source: Thomson, Reference #2)
Measuring Cost Objectives
Many changes in the cost of hardware are downward.
The increasing sophistication of software provides an ever-increasing demand for newer
hardware. The project budget must include the cost of hiring, training, and personnel.
Based on data collected in separate recent surveys, International Data Corporation and the
Gartner Group both estimated that the cost for a large company to build and implement an
adequate entry-level electronic commerce site was about $1 million.
• About 79% of that cost was labor related
• 10% was the cost of software
MA0122/HJMK/April 2022 Page 14 of 68
MA0122 Electronic Commerce
• 11% was the cost of hardware
Recent estimates of the cost to build small Web sites have continued to increase as more
companies establish themselves on the Web.
Expensive features, such as shopping carts and search engines, have become standard on even
the most basic sites.
Analysts have estimated the minimum dollar amount needed to open an entry level electronic
commerce Web site at $150,000.
(Source: Thomson,
Reference #2)
The McKinsey study estimated costs for two types of magazine sites: a full portal site that would
serve as a destination in itself and a more limited magazine companion site.
The full portal site cost estimate was $2.4 million to build and $4.3 million per year to maintain,
with a staff of 35 people. The companion site cost estimate was $150,000 to build and $270,000
per year to maintain, with a staff of two people.
Kmart’s Web store, Blue-Light.com, cost more than $140 million to create. The site is certainly
well-designed and highly functional, but the typical visitor would never guess how much this site
cost.
Comparing Benefits to Costs
If the benefits exceed the cost of a project by a comfortable margin, the company invests in the
project. Companies should evaluate each element of their electronic commerce strategies using
this cost/benefit approach. Managers often use return on investment (ROI) to evaluate any
capital investment.
MA0122/HJMK/April 2022 Page 15 of 68
MA0122 Electronic Commerce
Newspaper Web sites are a good example of this desire to establish a foothold in the online
market space. Profitable electronic commerce initiatives in the newspaper business, such as
Gannet’s USA Today and The Wall Street Journal’s WSJ.com sites, are few
Strategies for Web Site Development
The evolution of Web site functions:
• From the static brochures of the early days of electronic commerce
• To transaction processing tools
• To today’s automated homes for business processes of all kinds
(Source:
Thomson, Reference #2)
The transformation of Web site functions occurred rapidly, taking only a year or two in
most companies. Few businesses have caught up with the changes in terms of how they
develop Web sites. The purposes and scope of Web sites have increased greatly, but few
businesses today manage them as the dynamic business applications they have become.
Many large and medium-sized companies have found it extremely difficult to develop
new information systems and Web sites that work with their existing systems to create
new markets or reconfigure their supply chains.
Internal Development vs. Outsourcing
The key to success is finding the right balance between outside and inside support for the
project. Hiring another company to provide the outside support for the project is called
outsourcing.
MA0122/HJMK/April 2022 Page 16 of 68
MA0122 Electronic Commerce
The Internal Team
The first step in determining which parts of a project to outsource is to create an internal team
that is responsible for the project.
Business knowledge and creativity are much more important than technical expertise in
establishing successful electronic commerce.
Measuring the achievement of an internal team is very important.
Customer satisfaction, number of sales leads generated, and reductions in order-processing time
are examples of metrics that can provide a sense of the team’s level of accomplishment.
Early Outsourcing
In many electronic commerce projects, the company outsources the initial site design and
development to launch the project quickly.
The outsourcing team then trains the company’s employees in the new technology before
handing the operation of the site over to them.
This approach is called early outsourcing.
Late Outsourcing
The company does the initial design, development, implementation, and operates the system
until it becomes stable.
After the company has gained all the competitive advantages provided by the system, the
maintenance of the electronic commerce system can be outsourced.
This approach is called late outsourcing.
Partial Outsourcing
In partial outsourcing, the company identifies specific portions of the project that can be
completely designed, developed, implemented, and operated by another firm that specializes in
a particular function.
E-mail systems, electronic payment systems, and Web hosting are examples of partial
outsourcing projects.
Another common example of partial outsourcing is an electronic payment system.
Web hosting is one of the most common elements of electronic commerce initiatives that
companies outsource using partial outsourcing.
MA0122/HJMK/April 2022 Page 17 of 68
MA0122 Electronic Commerce
Selecting a Hosting Service
The internal team should be responsible for selecting the ISP that will provide the site’s
hosting service. For smaller electronic commerce projects, teams can consult an ISP
directory, such as ‘The List’. For larger Web sites, the team will want to obtain the advice
of consultants or other firms that rate ISPs and CSPs, such as ‘Keynote Systems’.
• The factors to evaluate when selecting a hosting service include:
• Functionality
• Reliability
• Bandwidth and server scalability
• Security
• Backup and disaster recovery
• Cost
Determine the functionality offered by a hosting service and carefully evaluate whether that
functionality will be sufficient to meet the needs of your Web site.
Because the company’s information on customers, products, pricing, and other data will be
placed in the hands of the service provider, the vendor’s security policies and practices are very
important.
New Methods for Implementing Partial Outsourcing
New ways of implementing the partial outsourcing strategy have evolved for Web businesses.
Two of the more popular methods are:
• Incubators
• Fast venturing
An incubator is a company that offers start-up companies a physical location with offices,
accounting and legal assistance, computers, and Internet connections at a very low monthly
cost. Incubators might offer seed money, management advice, and marketing assistance.
In exchange, the incubators receive an ownership interest in the company. Some companies
have created internal incubators. A number of companies have used internal incubators in the
past to develop technologies that the companies planned to use in their main business
operations.
Recently companies, such as Matsushita Electric’s U.S. Panasonic division, have started internal
incubators to help launch new companies that will grow to become important strategic partners.
MA0122/HJMK/April 2022 Page 18 of 68
MA0122 Electronic Commerce
In fast venturing, an existing company that wants to launch an electronic commerce
initiative joins external equity partners and operational partners to scale up the project
rapidly. Equity partners are usually banks or venture capitalists.Operational partners are
firms that have experience in moving projects along.
(Source: Thomson, Reference #2)
Managing Electronic Commerce Implementations
The best way to manage any complex business software implementation is to use formal project
management techniques. Individual projects can become so large that it becomes impossible for
managers to maintain control without some kind of assistance.
Project Management
Project management is a collection of formal techniques for planning and controlling the
activities undertaken to achieve a specific goal. The project plan includes criteria for cost,
schedule, and performance.
It helps project managers make intelligent trade-off decisions regarding these three criteria.
Project managers use specific application software called project management software to help
them manage projects.
Some examples tools for managing resources and schedules are Microsoft Project and Primavera
Project Planner.
Project management software can help the team manage the tasks assigned to consultants,
technology partners, and outsourced service providers.
The Project Management Institute is a not-for-profit organization devoted to the promotion of
professional project management practices.
MA0122/HJMK/April 2022 Page 19 of 68
MA0122 Electronic Commerce
Project Portfolio Management
Project portfolio management is a technique in which each project is monitored as if it were an
investment in a financial portfolio.
In project portfolio management, the CIO assigns a ranking for each project based on its
importance to the strategic goals of the business and its level of risk.
Staffing the Operation
Regardless of outsourcing, an internal team must determine the staffing needs of the electronic
commerce initiative.
The general areas of staffing include:
• Business management
• Application specialists
• Customer service staff
• Systems administration
• Network operations staff
• Database administration
Some companies outsource parts of their customer relationship management operation
to independent call centers.
A call center is a company that handles incoming customer telephone calls and e-mails
for other companies.
Post-Implementation Audits
A post-implementation audit is a formal review of a project after it is up and running.
The post-implementation audit gives managers a chance to examine the objectives,
performance specifications, and cost estimates, to schedule delivery dates that were
established in its planning stage, and to compare them to what actually happened.
MA0122/HJMK/April 2022 Page 20 of 68
MA0122 Electronic Commerce
Chapter 3
Web Server Hardware and Software
Web Server Basics
The main job of a Web server computer is to respond to requests from Web client computers.
• The three main elements of a Web server are the:
– Hardware
– Operating system software
– Web server software
Types of Web Sites
Important - Determine what the company wants to accomplish with the server.
Estimate number of visitors connecting concurrently
Types of files to be delivered through the site
• Types of service by the site:
– simple development sites
– Intranets
– information-only sites
– business-to-business portals
– Storefronts
– Content-delivery sites.
Development Sites (stand alone)
This is the simplest Web site and the least costly to implement. It can be developed with low-
cost Web site building tools, e.g. Microsoft FrontPage or Macromedia Dreamweaver.
Testers can access the site through their PCs on the existing LAN.
MA0122/HJMK/April 2022 Page 21 of 68
MA0122 Electronic Commerce
Intranet
Corporate intranets
– house internal memos,
– corporate policy handbooks,
– expense account worksheets,
– budgets,
– newsletters,
– a variety of other corporate documents.
Intranets are shielded from the Internet and they do not require additional security software
Extranet
It’s intranets that allow certain authorized parties outside the company to access certain parts of
the information stored in the system.
e.g. VPN, Secured Site (HTTPS)
Transaction-Processing Sites
Either business-to-business or business-to-consumer electronic commerce sites which are
available 24/7.
High-reliability servers
– Require spare server computers to handle high traffic volumes
– Transaction-processing sites must also run security software.
MA0122/HJMK/April 2022 Page 22 of 68
MA0122 Electronic Commerce
Content-Delivery Sites
• Content-delivery sites deliver contents
– e.g. news, histories, summaries, and other digital information.
• Able to be presented rapidly on the visitor’s screen
• Must be updated frequently
• Able to locate articles quickly with a fast and precise search engine.
Web Clients and Servers
• Visitor on the Web is the Web client computers on a worldwide client/server network.
• Client/server architectures are used in LANs, WANs, and the Web.
• Web software is platform neutral, letting computers communicate with each other easily.
Platform Neutrality of the Web
(Source: Thomson, Reference #2)
Dynamic Content
Dynamic content is non- static information constructed in response to a Web client’s request.
Server-side technologies are programs running on the Web server to create the Web pages before
sending them back to the client. ASP, JSP, and PHP are server-side scripting mechanisms that build
dynamic sites and Web applications.
MA0122/HJMK/April 2022 Page 23 of 68
MA0122 Electronic Commerce
The Future of Dynamic Web Page Generation
The Apache Cocoon Project is an initiative where content is stored with XML tags that describe
the meaning of each content item. Instead of creating a Web page, Cocoon can produce a
response tailored to the request by applying a style sheet to the data. Other similar efforts are
underway from Microsoft (.NET) and Oracle.
Various Meanings of “Server”
• Server – any computer used to provide files to other computers connected to it through a
network.
Sometimes included in that meaning, however, are:
– Server software
– Database server
Therefore, it is important to ask qualifying questions when determining what one might mean by
“server”.
Two-Tier Client/Server Architecture
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 24 of 68
MA0122 Electronic Commerce
Three-Tier and N-Tier Client/Server Architectures
(Source: Thomson, Reference #2)
Operating Systems for Web Servers
A computer must have an operating system to run programs and keep track of multiple users
logged on to the system. It must also ensure that they do not interfere with one another.
Some common operating systems for Web servers include;
Microsoft products
Windows 2000 Advanced Server
Windows 2003 Server
Microsoft .NET
Unix-based products
Linus
Solaris
FreeBSD
Web Server Software
The most popular Web server programs in use today:
MA0122/HJMK/April 2022 Page 25 of 68
MA0122 Electronic Commerce
Apache, HTTP Server, Microsoft Internet Information Server (IIS) and iPlanet Enterprise
Server
Web Site and Internet Utility Programs
Finger is a program that runs on UNIX operating systems. It allows users to obtain information
about other network users. Many organizations have disabled Finger commands for privacy and
security reasons.
• Ping (Packet Internet Groper) tests the connectivity between two computers connected to
the Internet.
Tracert (TRACE RouTe) sends data packets to every computer on the path (Internet) between
computers and clocks the packet’s round-trip times.
Electronic Mail (e-mail)
Originated in the 1970’s on the ARPANET. It is widely used today in business to convey messages
within seconds, there are many benefits to using email.
• There are also drawbacks:
– Spam or junk mail:
• Wastes time and disk space
• Often contains offensive content that poses risks for employers
– Viruses:
• Can be carried by email and infect entire systems
– Time
– Business people can spend up to two hours a day responding to messages
Telnet allows users to log on to a computer that is connected to the Internet.
FTP, File Transfer Protocol is the part of the TCP/IP rules that defines the formats used to
transfer files between TCP/IP computers.
o Can transfer files one at a time, or several at once
o Displays remote and local computers’ directories
o Has built-in error controls to copy files accurately
Indexing and Searching
• Search engine and indexing programs are important elements of many Web servers.
MA0122/HJMK/April 2022 Page 26 of 68
MA0122 Electronic Commerce
• Search engines, or search tools, search either a specific site or the entire Web for requested
documents.
An indexing program can provide full-text indexing that generates an index for all documents
stored on a server.
Data Analysis
Web servers can capture:
– visitor information,
– data about who is visiting a Web site
– how long the visitor’s browse the site
– the date and time of each visit
– and which pages were displayed
Two of the most popular Web log file analysis
Analog Web server log file analyzer
WebTrends Web server log file analyzer.
Remote Server Administration
With remote server administration,
– The administrator can control a Web site from any Internet-connected computer.
– Remote service maintenance
– Remote backup
Web Server Hardware
The fundamental job of a Web server is to process and respond to Web client requests sent
using HTTP. Web server computers have more memory, larger and faster hard disk drives, and
faster processors than typical desktop or notebook PCs.
A virtual server, or virtual host, is a feature that maintains more than one server on one
machine.
Web Server Performance Evaluation
Benchmarking is a form of testing used to compare the performance of hardware and software.
Hardware and operating systems are key areas for benchmarking. The speed of its connection
can affect a Web server’s performance.
Throughput and response time can be used to measure a server’s Web page delivery capability.
MA0122/HJMK/April 2022 Page 27 of 68
MA0122 Electronic Commerce
Web Server Hardware Architectures
Large electronic commerce Web sites must deliver millions of individual Web pages every day.
They must also process thousands of customer and vendor transactions each day.
The large collections of servers that these sites have are called server farms.
Web Server Hardware Architectures
One approach to Web server architecture is called a centralized architecture, which uses a few
very large and very fast computers. Another approach is a decentralized architecture, which uses
a large number of servers. Most large decentralized sites use load-balancing systems.
Load-Balancing Systems
A load-balancing switch is a piece of network hardware that monitors the workloads of the
servers attached to it and assigns incoming Web traffic to the server that has the most available
capacity.
In a simple load-balancing system, the traffic that enters the site from the Internet, encounters
the load-balancing switch, which then directs the traffic to the Web server best able to handle
the traffic.
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 28 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
Web Hosting Choices
When making Web server hosting decisions, a company should ask whether the hardware, or
platform and software combination, can be upgraded when the traffic on its site increases.
Using a service provider’s shared or dedicated hosting services instead of building an in-house
server or using a co-location service means that the staffing burden shifts from the company to
the Web host.
MA0122/HJMK/April 2022 Page 29 of 68
MA0122 Electronic Commerce
Chapter 4
E-Business Front-End/Back-End Integration
In this chapter, you will learn to:
• Define e-business front-end and back-end operations
• Describe enterprise resource planning (ERP) systems
• Discuss Supply Chain Management (SCM) systems
• Define Customer Relationship Management (CRM) systems
• Describe the technologies used to integrate ERP, SCM, and CRM systems
An e-business’s front-end operations consist of hardware and software. The customers directly
interact and have some control.
• An e-business’s back-end operations are not directly accessed by its customers.
They include hardware and software and also the following.
o accounting and budgeting
o Manufacturing
o Marketing
o inventory management
o order tracking and distribution
New data acquired by the front-end operations must be made available to the back-end
operations for execution
Integration of front-end and back-end operations will:-
• Provide an e-business with more useful information about its overall business efforts
• Reduce costs by allowing data to be shared across front-end and back-end
applications
MA0122/HJMK/April 2022 Page 30 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 31 of 68
MA0122 Electronic Commerce
Enterprise Resource Planning (ERP) Systems
• Enterprise resource planning (ERP) is a term used to refer to a system that links individual
applications (for example, accounting and manufacturing applications) into a single
application that integrates the data and business processes of the entire e-business
(Source: Thomson, Reference #2)
Origins of ERP Systems
ERP systems grew out of a function called materials resource planning (MRP) which was used to
allocate resources for a manufacturing operation.
MRP systems software ultimately became very complex allowing for efficiencies of scale not
previously possible. Even more sophisticated ERP systems began to replace MRP systems in the
1980s. By the early 1990s, other enterprise activities were being incorporated into ERP systems
Today, an ERP system can encompass, but is not limited to, the following functions:
– Sales and order entry
– Raw materials, inventory, purchasing, production scheduling, and shipping
– Accounting
– Human resources
– Resource and production planning
MA0122/HJMK/April 2022 Page 32 of 68
MA0122 Electronic Commerce
E-Business ERP Systems
An e-business must keep track of and process a tremendous amount of information. Businesses
realized that much of the information they needed to run an e-business — stock levels at various
warehouses, cost of parts, projected shipping dates — could already be found in their ERP
system databases.
A major part of the online efforts of many e-businesses involved adding Web access to an
existing ERP system. Many e-businesses want the same things from their business infrastructure.
Thus, rather than custom build applications, many companies prefer to use prepackaged ERP
system software, which is often more efficient and less expensive to implement
Cost of Implementing ERP Systems
Most businesses need extensive help from consultants to configure their ERP system software
around their existing business practices, or to suggest changes in business practices in order to
better fit the ERP system requirements. This process of mutual adaptation is called systems
integration.
The consultants who supervise the integration process are often referred to as systems
integrators. The total cost of ownership (TCO) of an e-business’s ERP systems including fees to
systems integrators, can run from thousands to millions of dollars
The actual cost of an ERP system, however, is often dwarfed by the time and effort a business
must spend to fully integrate its business processes with the ERP system. The return, however,
can be equally significant
Outsourcing ERP Systems
One response to the challenge of managing a complex ERP system is to outsource it. Some
businesses choose to outsource not only the installation but also the ERP system software.
As businesses finished installing ERP systems to manage internal processes, they began to
consider the benefits of integrating their ERP system directly with their vendors.
Supply Chain Management (SCM) Systems
Supply chain management, or SCM, is the management of the materials, money, information,
and other resources that go into a business’ products for resale. SCM systems use technology to
more effectively manage supply chains.
A typical SCM system might address the following issues:
Planning / Vendor selection / Manufacturing / Logistics
MA0122/HJMK/April 2022 Page 33 of 68
MA0122 Electronic Commerce
The two basic types of SCM system software are supply chain planning software (SCP) and supply
chain execution software (SCE)
SCP software uses mathematical models to predict inventory levels based on the efficient flow of
resources into the supply chain
SCE software is used to automate different steps in the supply chain such as automatically
sending purchase orders to vendors when inventories reach specified levels
(Source: Thomson, Reference #2)
With the advent of the Internet, e-businesses began to demand different things from their SCM
systems. Most importantly, SCM systems vendors (largely the same vendors that provide ERP
systems software) had to modify their products to include a Web-based interface. The ultimate
goal of a business ERP system is complete optimization of internal business processes
Customer Relationship Management (CRM) Systems
Customer relationship management (CRM) systems, sometimes called e-CRM systems, use
technology to help an e-business manage its customer base.
CRM allows an e-business to match customer needs with product plans and offerings, remind
customers of service requirements, and determine what products a customer has purchased
CRM systems are sometimes broken down into two components:
Operational CRM, which includes direct customer interactions
Analytical CRM, which takes the data captured by operational CRM processes and uses it
to identify trends
A major benefit of CRM technologies is the ability to tailor, or personalize; a customer’s online
purchasing experience
MA0122/HJMK/April 2022 Page 34 of 68
MA0122 Electronic Commerce
Personalization and CRM
Personalization ensures that each customer’s Web experience is tailored to their specific needs
Some personalization software simply concentrates on recommending products to returning
online customers based on their past purchasing history.
But, effective personalization software goes further, by offering products or services tailored to
the individual customer — whether or not the products or services have been previously
purchased
Personalization software products draw information from e-business databases in order to
customize Web site content for each individual customer.
Rather than using off-the-shelf personalization software, many e-businesses create their own in-
house personalization software or combine customized off-the-shelf personalization software
with software developed in-house to better meet the e-business’s information needs.
Data Mining/Web Mining
Data mining is the process of using mathematical techniques to look for hidden patterns in
groups of data, thereby discovering previously unknown relationships among the many pieces of
information stored in a database.
A data warehouse is a database that contains huge amounts of data, such as customer and sales
data. Data mining techniques can be used to extract new patterns of data from a data
warehouse that can then be used by management to aid in decision making.
Web mining uses data mining techniques to discover previously unknown patterns or trends in
data gathered via the Web. Using data and Web mining techniques, marketers can identify many
interesting statistics and correlations that can help an e-business better attract and sell to its
customers.
Because the rewards of paying attention to such data can be very great, e-businesses are turning
to data mining/Web mining software to sift through their data.
Data mining/Web mining software is specialized software that enables e-businesses to apply
sophisticated statistical tools to their databases in order to identify patterns in data that would
otherwise have remained hidden
Integrating E-Business ERP, SCM, and CRM Systems
In today’s e-business world, an enterprise is faced with multiple applications serving different
constituencies on different devices. Solving this problem can be expensive.
Most e-businesses have been forced to choose between extremely expensive, custom-designed
application integration software, and less expensive prepackaged application integration
software designed to meet the most common e-business needs.
MA0122/HJMK/April 2022 Page 35 of 68
MA0122 Electronic Commerce
When building custom application integration software, e-businesses often start with one of the
two best-known application integration technologies:
Sun Microsystems, Inc.’s Java 2 Enterprise Edition
Microsoft Corporation’s .NET
When looking for the advantages of lower cost and faster implementation, e-businesses needing
to integrate applications often turn to prepackaged application integration software called
middleware.
Middleware
Middleware is software that helps two applications communicate by translating messages and
transmitting them in a way that each application understands.
Enterprise Application Integration tools or EAI is middleware designed specifically for integrating
legacy system applications with ERP, SCM, and CRM systems applications
Middleware applications typically work by creating a centralized “message space,” or data bus,
through which data can travel from one application to another. More and more often,
middleware tools use XML to handle communications between disparate applications.
XML is compact, modular, and has become a standard format for transmitting data. Since XML is
fairly new, many older applications do not work with XML
But both J2EE and .NET support the use of XML by implementing parsers, or programs that
translate application output (if it’s not in XML already) into XML and XML into the format
expected by the receiving application. A parser knows precisely the format the receiving
application expects
Block Chain
A Blockchain is a digital records of transactions. It comes from a structures where each individual
records called Blocks are linked together in a single list called a Chain. Blockchains are used for
recording transactions made with cryptocurrencies, such as Bitcoins, Netcoins, Litecoin and
Ether etc. Each transaction added to a blockchain is validated by multiple computers on the
internet. These systems are configured to monitor specific type of blockchain transaction, form a
peer-to-peer network.
Blockchain is a peer to peer network with no central authority, managing the data. Peer to peer
or P2P means the peers are computer network systems which are connected to each other via
the Internet. Files can be shared directly between systems on the network without the need for
a central server. In other words, each computer on a P2P network becomes a file server as well
as a client server.
The only requirements for a computer to join a peer-to-peer network are internet connection
and a P2P software. Once connected to the network, the software allows the user to search for
files on other user computers and vice versa, thereby making file sharing easy.
MA0122/HJMK/April 2022 Page 36 of 68
MA0122 Electronic Commerce
When a new block is generated to a blockchain, it is linked to the previous block using a
cryptographic hash generated from the contents of the previous block. This ensures that the
chain is never broken and each block is permanently recorded. It is also intentionally difficult to
alter past transaction in the blockchain since all subsequent blocks must be altered first.
Blockchain technology can also be used for non-financial purposes. For example, the Inter-
Planetary File System (IFPS) uses blockchain to decentralize file storage by linking files together
over the Internet. Some digital signature platforms now use blockchain to record signatures and
verify documents have been digitally signed. Blockchain can even be used to protect intellectual
property by linking the distribution of content to the original source.
Chapter 5
E-Business Network and Web Site Security
In this chapter, you will learn to:
• Describe general e-business and Web site security issues
• Identify ways to protect the physical security of a network
• List internal network security risks and explain how to protect against them
• Discuss external network and Web site security risks and explain how to protect against
them
• Identify the risks associated with an e-business’s online transactions
• Illustrate a virtual private network
• Describe wireless security issues
• Discuss the importance of security audits
General Network and Web Site Security Issues
E-business security: protecting data and physical networks
E-business security risks include:
– Physical risks: Damage to network and data
– Internal risks: Threats originating within organization
– External risks: Threats from outside the organization
– Transactional risks: Data loss and interception
Physical Risks
MA0122/HJMK/April 2022 Page 37 of 68
MA0122 Electronic Commerce
Include accidental or deliberate damage to equipment or data resulting from natural disaster or
sabotage
Specific issues include:
– Network equipment and physical location
– Electrical power backup
– Internet connectivity redundancy
– Outsourcing physical risks
Network Equipment and Physical Location
Equipment and locations security include:
• Network facilities location: network equipment and server rooms always locked, locations
anonymous
• Fire protection: install fire-suppression systems that do not damage servers, routers,
electrical equipment
• Network facilities construction: construction and design of facilities more substantial than
conventional office space
Electrical Power Backup
E-businesses should consider two levels of backup power:
– Batteries that assume power within milliseconds of a failure
– Power generators that automatically start when the batteries die
• Critical servers should never be out more than five minutes per year to achieve “five nines
reliability” (99.999% uptime)
Internet Connectivity Redundancy
• E-businesses should have more than one connection to the Internet
• ISPs and Web hosting companies often have connections to more than one NSP
• Complete data-centre redundancy allows
e-businesses to continue operations from a different location in the event of a major disaster
MA0122/HJMK/April 2022 Page 38 of 68
MA0122 Electronic Commerce
Outsourcing Physical Risks
• Using Web hosting services provides physically secure environment for e-business servers
• Fee for service arrangement provides power, connectivity, and secure environment
• Eliminates internal risks to physical security
Physical Risks to Network and Web Site Assets
• Include accidental or deliberate damage to equipment or data
• Caused by natural disaster or sabotage
• Threat to network infrastructure includes:
– Damage to network equipment
– Damage to power supplies
– Damage from fire
Network Equipment and Physical Location
• Physical security begins with equipment safety
• Threat reduction includes proper management of network facilities location and fire
protection
• Security countermeasures for network facilities locations include:
– Locked network equipment room doors with restricted personnel access
– Locations of servers and switching equipment kept anonymous
• Fire protection and countermeasures to prevent fire damage include:
– Use fire suppression system approved for electrical fires in server, switch, and power
rooms
– Use only fire extinguishers approved for electrical fires in server, switch, and power
rooms
– Pre-select and train employees responsible for fire control
Internal Security Risks
MA0122/HJMK/April 2022 Page 39 of 68
MA0122 Electronic Commerce
• Come from inside the company: unhappy employees, poor security awareness, poor
planning
• Establishing and enforcing security policy is first countermeasure
• Additional countermeasures include:
– Password protecting the network
– Using biometric identification
– Using smart card authorization
Passwords
• Passwords are used to identify a specific computer user and grant user access
• Effective when created properly and changed regularly
Biometric Identification
• Measurement of biological data
• Biometric security devices and software measure and record a computer user’s unique
human characteristics (such as eye retina or iris) for user identification
Smart Card
• Smart cards contain an embedded memory chip with user identification information
• Can be used to authenticate a remote user logging into a network
• Disadvantage: Risk of loss or theft
Backup and Restore Policies and Procedures
• Describes the plan for securing vital data files and software in case of disaster
• Specifies when and how critical files and software are backed up
• Backups should be built in to daily, weekly, monthly network maintenance schedule
• Test restore procedure, and archive, by performing periodic restores
• Backup media should also be stored offsite
• Some e-businesses assign backup responsibilities to employees outside of IT department
• Offsite storage also available via Internet connection from data management companies
Disaster Recovery Planning
• Disaster Recovery Plan is part of e-business’ Business Continuity Plan
MA0122/HJMK/April 2022 Page 40 of 68
MA0122 Electronic Commerce
• DRP for network operations should include procedures for handling electrical outages, data
loss, and security breaches
• Plan can include the use of redundant servers and equipment to handle system failover
• DRP should be tested periodically
External Security Risks
• Originate outside the company’s network
• Must bypass network defenses
• Connecting to the Internet exposes private LANs to risk of attack
• Stringent security necessary to protect against external risk
Hackers
• Outside intruders that deliberately gain unauthorized access to individual computers or
computer networks
• White hat hackers find and make known weaknesses in computer systems without regard
for personal gain
• Black hat hackers (crackers) gain access to steal valuable information, disrupt service, or
cause damage
Hacker Attack Tactics
• Objective: interrupt operations or use hacked computer as base of attack on other
computers
• The most common method is to send confusing data to a server or other computer
• Crashing a program can allow a hacker to take control of computers
• Buffer overflows tie up operating memory, degrading performance, causing crashes
Distributed Denial of Service Attacks
• Denial of Service (DoS) attacks designed to disable network using flood of useless traffic
• Distributed DoS uses multiple computers to attack networks
• DDoS attacks include:
MA0122/HJMK/April 2022 Page 41 of 68
MA0122 Electronic Commerce
– Unending string of Pings
– Sending hundreds of huge e-mail messages
(Source: Thomson, Reference #2)
Web Site Defacement
• Hacker deliberately changes the content of Web pages
• Caused by breaking into network, accessing Web site files and modifying files
• Better known victims include FBI, Goodyear, NY Times, and NASA
Hacker Countermeasures
• Firewalls designed to resist buffer overflows and other common types of hacker attacks
• Firewall types include:
– Packet-filtering firewalls
– Circuit-level firewalls
– Application-level firewalls
MA0122/HJMK/April 2022 Page 42 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
• Network Address Translation uses external IP addresses to hide internal IP addresses
• Proxy server uses external IP address to send HTTP request over Internet and forwards
responses from HTTP servers to requesting client using internal IP address
MA0122/HJMK/April 2022 Page 43 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
• A filter is a process or device that screens incoming information
• Allows only information that meets specified criteria through
• Disabling service ports denies access to HTTP, e-mail from Internet
• Restricting access to internal IP addresses hides computers
Viruses
Standard computer viruses:
• Are small, usually destructive, programs that are inserted into other files that then become
“infected”
• Infect executable programs or operating system files, spreading when infected program
executes
• Can also spread via e-mail headers or attachments
• Can prevent a computer system from booting, erase files or entire hard drives, prevent the
saving or printing of files, and send repetitive e-mail messages
Worms
• Viruses that reside in a computer’s memory replicating itself
• Uncontrolled replications consume a computer’s resources, slowing or crashing the system
MA0122/HJMK/April 2022 Page 44 of 68
MA0122 Electronic Commerce
Macro Viruses
• A macro virus is a virus that infects macros
• Distributed in files such as Word documents or Excel workbooks e-mailed or transferred via
removable drives
Trojan Horses
• Pretends to be something useful or fun, does something malicious instead
• Used to steal passwords, record a user’s keystrokes, locate IP addresses, and plant other
destructive programs
Wireless Viruses
• “Liberty Crack” Palm Trojan, identified in August 2000
– Could delete all applications on a Palm device
• “Phage” discovered in September 2000
– Infected Palm operating system applications and documents
– Proliferated when users beamed or shared an infected document
Virus Hoaxes
• Some so-called viruses trumpeted in the media or announced via warning e-mails are just
hoaxes
• False warnings about viruses proliferate as quickly as real viruses
• Creates an atmosphere in which a real virus warning might not be taken seriously
• Several antivirus software vendors maintain up-to-date information on viruses, worms,
Trojan horses, and hoaxes. This information is available online.
Virus Countermeasures
• Countermeasures to block infections include:
– Antivirus software
– Employee education
– Installing software updates and patches
– User awareness
– Use of application software tools
MA0122/HJMK/April 2022 Page 45 of 68
MA0122 Electronic Commerce
Transactional Security
Transactional security includes:
– Authentication
– Integrity
– Non repudiation
– Confidentiality
Protective measures include: sending and receiving encrypted messages or data, using digital
certificates to authenticate the parties involved in the transaction, and storing retained
customer information properly
Encryption
Cryptography is the art of protecting information by encrypting it. Encryption is the translation
of data into a secret code called cipher text. Cipher text that is transmitted to its destination and
then decrypted (or returned to its unencrypted format) is called plaintext.
Both parties in a transaction need access to encryption key. Network encryption uses two keys: a
public key to encrypt information and a private key to decrypt it
Public Key Infrastructure
An e-business obtains public and private keys from a certificate authority (CA). Public keys are
posted to a public directory. Private keys are given only to the e-business requesting the keys. A
digital certificate is the electronic security credential that certifies an entity’s identity
MA0122/HJMK/April 2022 Page 46 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
How Public Key Encryption Works
Public-key encryption is asymmetric. It uses very large prime numbers to create public keys.
Public and private keys are used for the initial session greeting; session keys encrypt and decrypt
data. Session keys are shorter keys created and used only during the current session and
discarded afterward. In the U.S., session keys usually consist of 16 digits equaling 128 bits, also
called 128-bit keys
Security Protocols
Secure Sockets Layer (SSL) uses public key encryption and digital certificates; and is included in
Web browsers/Web servers. Transport Layer Security (TLS) used to assure no third-party access
to Internet communications Uses two protocols:
TLS Record Protocol
TLS Handshake Protocol
Secure Electronic Transactions (SET) protocol used for presenting credit card transaction on the
Internet
MA0122/HJMK/April 2022 Page 47 of 68
MA0122 Electronic Commerce
Virtual Private Networks
Virtual Private Networks (VPNs) are private networks that use the Internet to transmit data
VPNs use:
• Firewalls
• Public key encryption
• Digital certificates
(Source: Thomson, Reference #2)
Tunneling
Tunneling encapsulates one protocol within another protocol. VPNs using the Internet
encapsulate encrypted data, sending and receiving IP addresses, and a special tunneling protocol
within a regular IP packet.
Tunneling protocols include: Point-to-Point, GRE, L2TP, and IPSec. Method of data encryption
and encapsulation depends on the protocol used
Wireless Security
Eavesdropping on early wireless transmissions was fairly simple:
FDMA (frequency division multiple access) technologies stayed on one frequency for call
duration, required “listening device” that operated on same frequency
TDMA (time division multiple access) technologies switch can be intercepted using
device that listens for one-third of a second and then decompresses signal into full
second of speech
MA0122/HJMK/April 2022 Page 48 of 68
MA0122 Electronic Commerce
CDMA (code division multiple access) (other current standards) poses more of a challenge, but …
not invincible
WAP and WTLS
Wireless Transport Layer Security (WTLS) uses encryption and digital certificates. Upon accessing
WAP server, WAP client requests secure connection. WAP server responds by sending digital
certificate, with public key.
WAP client generates encrypted session key to WAP server, which decrypts the key. WAP
client/server can send/receive encrypted data for balance of session.
WLANs and Security
WLANs are most vulnerable at wireless access points. Hackers need only an 802.11b-enabled
laptop, an inexpensive antennae, and WLAN access point detection software, such as
NetStumbler.
Using “meaningful” access point names and “default” settings on wireless access points
simplifies hacker’s job. Using Wireless Equivalent Privacy (WEP) security protocol (IEEE 802.11b
Wi-Fi) provides encryption and authentication of wireless transmissions.
IrDA and Bluetooth Security
Short distances and line-of-sight requirements for IrDA devices make “sniffers” impractical.
Using laptops with default IrDA port settings in public places (such as airports) automatically
allows networking with other IrDA devices without authentication or passwords. Bluetooth uses
128-bit link key, private encryption keys, user PIN and device addresses for transmission
security.
Bluetooth vulnerability: device address sent with each transmission and user PINs can be
compromised easily by theft or loss of device
Security Audits
Security audit is a comprehensive review and assessment of an e-business’s security
vulnerabilities.
A complete security audit should include: reviewing security policies, employee security training,
and the physical security of the e-business’s offices and network facilities.
Audits can include examining the technical security of a network via penetration testing or actual
attempted hacking attacks by security audit personnel
MA0122/HJMK/April 2022 Page 49 of 68
MA0122 Electronic Commerce
Penetration Test Protection
When evaluating security firms request:
o Proof of insurance: cover cost of fixing damage/losses caused by penetration
testing
o Nondisclosure agreements: prevent disclosure of test results, network and
proprietary information
o Scanning tools: determine what scanning tools will be used for testing
o Scope of engagement: scope of audit and test plans
o Documentation: final detailed accounting of audit, including individual test
results, findings
MA0122/HJMK/April 2022 Page 50 of 68
MA0122 Electronic Commerce
Chapter 6
Payment System for E-Commerce
In this chapter, you will learn about:
• The basic functions of payments systems that are used in electronic commerce
• The history and future of electronic cash
• How electronic wallets work
• The use of stored-value cards in electronic commerce
Electronic Payment Systems
Electronic commerce involves the exchange of some form of money for goods and services.
Implementation of electronic payment systems is in its infancy and still evolving. Electronic
payments are far cheaper than the traditional method of mailing out paper invoices and then
processing payments received.
Estimates of the cost of billing one person vary between $1 and $1.50. Sending bills and
receiving payments over the Internet promises to drop the transaction cost to an average of 50
cents per bill.
• Today, four basic ways to pay for purchases dominate business-2-consumer commerce.
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 51 of 68
MA0122 Electronic Commerce
Electronic cash distribution and payment can be handled by wallets, smart cards, or proprietary
limited-use scrip.
Scrip is digital cash minted by a company instead of by a government (Gift Certificate).
Companies like Payment Online sell packages of payment processing services to Web merchants
that accept several types of payments.
Payment Cards
• Payment cards are all types of plastic cards that consumers use to make purchases:
– Credit cards
• such as a Visa or a MasterCard, has a preset spending limit based on the
user’s credit limit.
– Debit cards
• removes the amount of the charge from the cardholder’s account and
transfers it to the seller’s bank.
– Charge cards
• such as one from American Express, carries no preset spending limit.
Advantages and Disadvantages of Payment Cards
Advantages:
• Payment cards provide fraud protection.
• They have worldwide acceptance.
• They are good for online transactions.
Disadvantages:
• Payment card service companies charge merchants per-transaction fees and
monthly processing fees.
Payment Acceptance and Processing
• Open and closed loop systems will accept and process payment cards.
• A merchant bank or acquiring bank is a bank that does business with merchants who want to
accept payment cards.
• Software packaged with your electronic commerce software can handle payment
card processing automatically.
MA0122/HJMK/April 2022 Page 52 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
Electronic Cash
• Electronic cash is a general term that describes the attempts of several companies to create
a value storage and exchange system that operates online in much the same way that
government-issued currency operates in the physical world.
• Concerns about electronic payment methods include:
• Privacy
• Security
• Independence
• Portability
• Convenience
• Electronic cash should have two important characteristics in common with real currency:
• It must be possible to spend electronic cash only once.
• Electronic cash ought to be anonymous.
• The most important characteristic of cash is convenience.
MA0122/HJMK/April 2022 Page 53 of 68
MA0122 Electronic Commerce
• If electronic cash requires special hardware or software, it will not be convenient for people
to use.
Holding Electronic Cash: Online and Offline Cash
Two approaches to holding cash: online storage and offline storage. Online cash storage means
that an online bank is involved in all transfers of electronic cash.
Offline cash storage is the virtual equivalent of money you keep in your wallet. However, it must
prevent double or fraudulent spending.
Advantages of Electronic Cash
• Electronic cash transactions are more efficient and less costly than other methods.
• The distance that an electronic transaction must travel does not affect cost.
• The fixed cost of hardware to handle electronic cash is nearly zero.
• Electronic cash does not require that one party have any special authorization.
Disadvantages of Electronic Cash
• Electronic cash provides no audit trail.
• Because true electronic cash is not traceable, money laundering is a problem.
• Electronic cash is susceptible to forgery.
• So far, electronic cash is a commercial flop.???
How Electronic Cash Works
To establish electronic cash, a consumer goes in person to open an account with a bank. The
consumer uses a digital certificate to access the bank through the Internet to make a purchase.
Consumers can spend their electronic cash at sites that accept electronic cash for payment. The
electronic cash must be protected from both theft and alteration.
Providing Security for Electronic Cash
To prevent double spending, the main security feature is the threat of prosecution.
A complicated two-part lock provides anonymous security that also signals when someone is
attempting to double spend cash.
One way to trace electronic cash is to attach a serial number to each electronic cash transaction.
MA0122/HJMK/April 2022 Page 54 of 68
MA0122 Electronic Commerce
(Source: Thomson, Reference #2)
Electronic Cash Systems
Compaq Computer’s electronic cash technology allows users to use its NetCoin electronic cash.
KCOM offers its own NetCoin electronic cash system and offers electronic cash through its
NetCoin Center.
No standards were ever developed for the entire electronic cash system.
CheckFree provides online payment processing services to both large corporations and individual
Internet users. CheckFree permits users to pay all their bills with online electronic checks.
CheckFree provides part of the technology that the Web portal Yahoo! uses to provide its Yahoo!
Bill Pay service.
Clickshare is an electronic cash system aimed at magazine and newspaper publishers. Users with
an ISP that supports Clickshare are automatically registered with Clickshare. Clickshare tracks
users with the standard HTTP Web protocol.
MA0122/HJMK/April 2022 Page 55 of 68
MA0122 Electronic Commerce
InternetCash provides electronic currency that is very similar to traditional cash. Customers
must first purchase an InternetCash card from stores, such as Circle K.
Customers then go online and activate their cards by entering a 20-digit code and creating a PIN.
After their card is activated, customers can pay for purchases using the InternetCash
card at any site that accepts it.
PayPal.com is a free service that earns a profit on the float, which is money that is deposited in
PayPal accounts. The free payment clearing service that PayPal provides to individuals is called a
peer-to-peer payment system.
PayPal allows customers to send money instantly and securely to anyone with an e-mail address,
including an online merchant.
Electronic Wallets
An electronic wallet serves a function similar to a physical wallet:
• holds credit cards, electronic cash, owner identification, and owner
contact information
• provides owner contact information at an electronic commerce site’s
checkout counter
Some electronic wallets contain an address book. Electronic wallets make shopping more
efficient.
Electronic wallets fall into two categories based on where they are stored:
Server-side electronic wallet
Client-side electronic wallet
Electronic wallets store shipping and billing information, including a consumer’s first and last
names, street address, city, state, country, and zip or postal code. Electronic wallets
automatically enter required information into checkout forms.
MA0122/HJMK/April 2022 Page 56 of 68
MA0122 Electronic Commerce
Stored-Value Cards
A stored-value card can be an elaborate smart card or a simple plastic card with a magnetic strip
that records the currency balance.
A smart card is better suited for Internet payment transactions because it has limited processing
capability.
Smart Card
A smart card is a plastic card with an embedded microchip containing information about you.
A smart card can store about 100 times the amount of information that a magnetic strip plastic
card can store.
A smart card contains private user information, such as financial facts, private encryption keys,
account information, credit card numbers, health insurance information, etc.
(Source: Thomson, Reference #2)
MA0122/HJMK/April 2022 Page 57 of 68
MA0122 Electronic Commerce
Chapter 7
Legal Issues of Electronic-Commerce
• State the reasons for legal problems in electronic commerce
• Lists the issues that could be raised when using electronic commerce
• Describe what constitutes a contract and an interchange agreement
• World is used to conduct business and commerce on signed documents
• Current legal practice has paper docs and signatures affixed
• Frauds take place with paper documents – e.g. forged, tampering
• World comfortable with these problems but e-com’s unknown as documents transmit
electronically
• Prove that message existed, that it was sent, was received, was not changed in transit etc.
• Legal complication arises which need to be address
International Laws for EDI issues
• The use of EDI in logistics applications mainly concerns the electronic interchange of trading
documents such as purchase orders, acknowledgements, letters of credit, bills of lading, and
invoices.
• With legal and government conditions, different requirements per industry often exist
concerning the format and content of these documents
• Defining the limits of responsibility for an international transaction between two parties is a
significant issue
Electronic Contracting
Electronic contracting’ is the automated process of entering into contracts via the parties’
computers:
- whether networked or
- Through electronic messaging.
Because the parties can programme their computers to respond automatically to certain input (such
as an offer or enquiry), the parties may not be aware in every case of precisely what their networked
computers are doing, and consciously participate in the contract formation process.
Moreover, the errors that result from computers making contracts are sometimes not the sort that
human beings would make, and the legal rules relating to mistake, bad faith, misrepresentation, and
the like may not quite fit the errors that result from computers processing transactions.
MA0122/HJMK/April 2022 Page 58 of 68
MA0122 Electronic Commerce
In view of those facts, this document recommends best practices for businesses making
contracts electronically.
Laws for Electronic Commerce
• Legal requirement is to establish the authenticity of an electronic message or document
• This includes integrity, confidentiality, and non-repudiation of origin and receipt of an
electronic document in case of dispute
• Rules and guidelines needed for maintaining records, providing VAN services, Internet
service providers etc
• to take care of general record keeping and control requirements, confidentiality,
privacy control, use of digital signatures.
• The Info-Communications Development Authority of Singapore Act 1999 (IDA Act) (No. 41
of 1999) provides for the formation of the Info-communications Development Authority of
Singapore (IDA)
It is a merger of the National Computer Board (NCB) and the Telecommunication Authority of
Singapore (TAS).
The IDA Acts sets out the powers, functions and duties of IDA as the regulator and promoter of
the information and communications technology (ICT) industry in Singapore.
Main purpose of IDA is to promote the efficiency and international competitiveness of the ICT
industry in Singapore.
This Act seeks to ensure that telecommunication services that are reasonably accessible to all
people in Singapore, and supplied as efficiently and economically as practicable. It sets
performance standards that reasonably meet the social, industrial and commercial needs of
Singapore. To encourage, promote, facilitate, invest in and otherwise assist in the establishment,
development and expansion of the ICT industry in Singapore.
Evidence Act 1990 Ed. Cap. 97 was amended in 1997 to allow the use of electronic records as
evidence in the courts
In July 1998, the Electronic Transactions Act (ETA) was enacted to facilitate:
- electronic commerce,
- electronic filing of documents with government agencies,
- minimize fraud and forgery in electronic records
- the promotion of the use of electronic signatures to give authenticity to
electronically transmitted documents.
MA0122/HJMK/April 2022 Page 59 of 68
MA0122 Electronic Commerce
Computer Misuse Act 1998 REVISED:
- define a class of critical computer systems and
- provide them with greater protection like illegal alteration, erase, copy, etc)
(http://agcvldb4.agc.gov.sg/)
European Union Model
- Adopted by UN for International Commercial Use of EDI
- It applies to interchange of data and not the underlying commercial contracts between
parties
The provisions of the model agreement regulate:
- the processing and acknowledgement of receipt of EDI messages where the
acknowledgement is not requested,
- security of EDI messages, confidentiality and protection of personal data,
recording and storage of EDI messages, and operational requirements for EDI
- The objective of the model agreement is to provide a contractual basis for the EDI users.
- The users need a mandatory legal basis regulating their obligations and duties
deriving from an EDI agreement
Abstract taken partly from the European model EDI agreement
It is the intention that the agreement shall function as a standard agreement for the use of
electronic data interchange (EDI).
The players in the market which enter into this agreement with their system operator
hereby accept that all use of electronic data interchange (EDI) between the players
which have entered into corresponding agreements with their respective independent
transmission system operator shall be governed by the conditions stated in this
agreement.
Abstract taken partly from the European model EDI agreement
The players therefore only need to enter into this agreement with their respective independent
transmission system operator to have an agreement with all other players, which also have
entered into corresponding agreements with their respective independent transmission system
operator.
The system operators enter this agreement witheach other.
MA0122/HJMK/April 2022 Page 60 of 68
MA0122 Electronic Commerce
Summary
• Rapid expansion of internet, Global E-Commerce
• Right commercial and legal environments are crucial to this form of trade conducted over
invisible national barriers
• Consumer and merchant interests have to be protected without infringing too much on their
freedom of operations
• Govt to provide legal framework- basic rights such as privacy, intellectual property,
prevention of fraud and consumer protection.
MA0122/HJMK/April 2022 Page 61 of 68
MA0122 Electronic Commerce
Recommended Text
1. Sokol, Phyllis K, (1995), `From EDI to Electronic Commerce: a business initiative’,
McGraw Hill
2. Turban, Efraim, (2009), ‘Introduction to electronic commerce’, Prentice Hall
References
1. Kosiur, David R, (1997), ‘Understanding electronic comerce’, Microsoft Press.
2. Thomson, (2004), E-Business Management, Thomson Learning
3. Schneider, Gary P.,(1952), Electronic Commerce, Course Technology Cengage
Learning
4. Hanson, Ward (2000), Principles of Internet Marketing, South Western College Pub.
5. Van Slyke, Craig, (2002), E-Business Technologies: Supporting the net-enhanced
organization, Wiley.
MA0122/HJMK/April 2022 Page 62 of 68
MA0122 Electronic Commerce
Additional Reading
What Is E-Commerce?
E-Commerce can be defined as business activities conducted using electronic data
transmission via the Internet and WWW. A lot of people think only of business-to-consumer
(B2C) shopping on the web as E-Commerce, but in fact, business-to-business (B2B)
transactions account for a much larger proportion of revenue generated directly by electronic
commerce.
Core Components Of An E-Commerce Website
If you break down any E-Commerce website into its primary components, you would see that
it basically involves combining an easy-to-use, manageable website design with a Shopping
Cart Program and an Online Merchant Account -- then setting those up through a reliable E-
Commerce Hosting provider. If you acquire each of these components and integrate them
together, you will have the basics you need to start attracting customers and selling your
products & services online.
Hosting Account - You will need an account from a web hosting provider and you
will need to register a domain name for your business (such as www.adamssite.com).
To ensure security of online transactions, your E-Commerce Hosting account must
have SSL capability -- which is provided by SSL Certificates.
Business Website - For this component you will either have to build a site yourself,
or hire a professional design company to do it for you. We suggest looking into using
low-cost Webpage Templates or E-Commerce Templates to fulfill this part of your E-
Commerce puzzle rather than paying the higher costs of custom web design.
Shopping Cart - As with your website's files, any shopping cart program you select
will need to be uploaded to you hosting account and installed there. A good Shopping
Cart Program will have its own online administrative webpage that allows you to
easily add / remove product offerings and update information & pricing on each
product.
Merchant Account - In order to process credit card orders and eChecks from Internet
customers, you will need to select an affordable merchant account provider. You can
obtain an Online Merchant Account either from your bank or from one of many
merchant account services available on the Internet.
Putting them all together into a working E-Commerce website does require some technical
knowledge. If you don't have any experience at all within your company for configuring
shopping carts and coding them correctly to work with your merchant account, you should
seek assistance from a professional web developer.
MA0122/HJMK/April 2022 Page 63 of 68
MA0122 Electronic Commerce
Assignment topics
1. Do a case study of an existing e-commerce company.
Discuss the history of the Company and novel aspects of its products and/or business
model.
If there is agreement that the company is a success, discuss the reasons that it succeeded.
Which, if any, technological developments were this company attempting to exploit?
2. Compare two existing e-commerce companies that are competitors. Which do you think
is better, and why?
Consider the same set of issues suggested in Topic 1.
3. Design your own e-commerce company. Consider the same set of issues suggested in
Topic 1. Make your case to investors and to customers.
4. (For “techies” in the class) Implement an e-commerce service and give a demo.
Since the implementation has to be done fairly quickly, you should consider building an
“add-on” service that would help consumers make better use of existing mass-market
services. In addition to doing the demo, you will have to submit a brief written description of
both the software design/implementation and the benefit you claim to provide to users.
5. Analyze some aspect of “cyber rights” from the social, commercial, and technological
points of view. Examples include but are not limited to “online anonymity,” “online privacy,”
and individual control over online transaction data.
How does technology enhance this right and/or threaten it? Which existing companies have
products or services whose primary purpose is to enhance this right or to exploit the lack of
it? In the US today, what are the limits on this right?
What do you think they should be? Is there another country that handles this right
differently, and, if so, which country’s approach do you think is better?
MA0122/HJMK/April 2022 Page 64 of 68
MA0122 Electronic Commerce
e-finance GLOSSARY
ACH Automatic Clearing House, an electronic
network in which parties exchange payment
instructions.
charge card a payment card, such as American Express or
Diner's Club, with no pre-set spending limit, in
which the card user is expected to pay his bill in
full (i.e., convenience but not credit is extended).
check conversion a payment process in which a paper check is
converted into an electronic ACH transaction
either at physical point of sale (POS check
conversion) or online (online check conversion).
CHIPS (Clearing House Interbank Payment System), a
wire transfer system used mainly to settle
foreign-exchange transactions).
credit card a payment card, with a pre-set spending limit,
such as Mastercard or Visa, where the card user
has the option of paying his account in full or
making payments.
debit card a payment card in which the purchase amount is
either immediately debited from the card user's
bank account (an online debit transaction) or as
soon as feasibly possible (an offline debit
transaction).
digital cash (also known as "e-cash" or "cyber cash"),
any kind of electronically stored money (which
has value because participating online vendors
will accept it).
digital wallet (also known as "e-wallets"), software that stores
credit-card and other personal information, and
then loads this information into e-commerce
sites upon command.
MA0122/HJMK/April 2022 Page 65 of 68
MA0122 Electronic Commerce
e-finance GLOSSARY
Dutch auction an auction in which prices are bid down from an
initially very high price; see "English" auction.
EBPP Electronic Bill Presentation and Payment
EBT Electronic Benefits Transfer, a payment system
used by various government entities to
electronically deliver benefits (e.g., social security
payments) to recipients.
e-check an online payment process in which a check is
electronically written and cleared online,
resulting in a debit from one checking account
and a corresponding credit of the same amount
into another checking account.
ECN Electronic Communications Network, commonly
used for trading stocks after hours (examples:
Instinet, Island), usually via an electronic
matching system of buys and sells.
ECP Electronic Check Presentment, strips the routing
and payment information from a paper check and
then electronically sends this information to the
paying bank.
EDI Electronic Data Interchange, any system which
exchanges data electronically either through
leased telephone lines or (more recently) via the
internet.
EFT Electronic Funds Transfer, mainly carried out by
either wire transfer or ACH.
English auction an auction in which prices are bid up (often from
a "reserve" price, below which the seller
withdraws the good or service); see "Dutch"
auction.
MA0122/HJMK/April 2022 Page 66 of 68
MA0122 Electronic Commerce
e-finance GLOSSARY
FEDI Financial EDI in which the information being
exchanged is financial in nature.
Fedwire a wire transfer system operated by the U.S.
Federal Reserve.
merchant account an account with a bank that enables a vendor to
accept credit cards issued by the bank (called the
"merchant bank" or "acquiring bank").
micropayments payments too small to be handled by a credit
card, generally less than $1 to $2.
payment cards any type of card which can be used to
electronically pay for a purchase; includes: credit
cards, charge cards, debit cards, and smart cards.
online payment system a payment system wherein a person stores
money at a web site (e.g., at paypal.com) via
credit card or check, and then sends some or all
of this money to a recipient who can either spend
the money online (at participating vendors) or be
mailed a check.
POS Point of Sale
private key an encryption algorithm (to encode credit-card
and other sensitive information) that is privately
held by the user (on his hard drive, or on a secure
server).
public key an encryption algorithm that is freely available to
the public (at, say, a public web site.
reverse auction an auction in which the buyer states/posts a price
and then sellers accept or decline the offer
(example: priceline.com).
MA0122/HJMK/April 2022 Page 67 of 68
MA0122 Electronic Commerce
e-finance GLOSSARY
script (also called "virtual points"), online payments for
rewarded activities such as viewing web sites and
filling out surveys (example: beenz.com).
SET Secure Electronic Transaction, an internet
"protocol" (set of rules) which provides security,
via encryption, for credit card information
traveling over the internet.
smart card a payment card (or, actually, any card) with a
microprocessing chip in it allowing information
and monetary value to be stored.
SSL Secure Sockets Layer, an internet protocol for
encrypting payment information and other
sensitive data (gradually being replaced by the
superior SET protocol).
VAB Value Added Bank - a bank which serves as the
focal point through which EDI and FEDI
information is exchanged among firms.
VAN Value Added Network, the particular electronic
network through which firms exchange
information with each other (see "EDI").
virtual credit card software which generates a one-time number
(subsequently approved by participating
merchant banks) in lieu of the actual credit-card
number.
virtual escrow an online escrower who assures that the buyer
satisfactorily receives a good or service before
the seller is paid (e.g.,
i-Escrow.com.
wire transfer large, wholesale payments electronically made
between and among banks and other financial
institutions.
MA0122/HJMK/April 2022 Page 68 of 68
You might also like
- Introduction To Electronic Commerce: Objectives ObjectivesNo ratings yetIntroduction To Electronic Commerce: Objectives Objectives20 pages
- Traditional Commerce and Electronic CommerceNo ratings yetTraditional Commerce and Electronic Commerce33 pages
- Management Information Systems, 10 Edition, by Raymond Mcleod, Jr. and George P. Schell © 2007, Prentice Hall, IncNo ratings yetManagement Information Systems, 10 Edition, by Raymond Mcleod, Jr. and George P. Schell © 2007, Prentice Hall, Inc43 pages
- Project File OF E-Commerce ON Commercialization of E-CommerceNo ratings yetProject File OF E-Commerce ON Commercialization of E-Commerce23 pages
- Introduction To E-Commerce - Notes From Chapter 1No ratings yetIntroduction To E-Commerce - Notes From Chapter 121 pages
- Chapter 1 - Introduction To E-Commerce PDFNo ratings yetChapter 1 - Introduction To E-Commerce PDF26 pages
- Introduction To Electronic Commerce: Meer Qaisar Javed Qaisar - Javed@uog - Edu.pkNo ratings yetIntroduction To Electronic Commerce: Meer Qaisar Javed Qaisar - Javed@uog - Edu.pk18 pages
- Module On Chapter 5. E Commerce - 091616No ratings yetModule On Chapter 5. E Commerce - 09161611 pages
- Chapter 2 Ecommerce Presence and Internet Value ChainNo ratings yetChapter 2 Ecommerce Presence and Internet Value Chain57 pages
- Ecommerce: E-Commerce Is The Activity of Buying or Selling of Products On Online Services orNo ratings yetEcommerce: E-Commerce Is The Activity of Buying or Selling of Products On Online Services or47 pages
- AWS-SOP - Creating ALB and Configuring Target Groups, Listeners and StickinessNo ratings yetAWS-SOP - Creating ALB and Configuring Target Groups, Listeners and Stickiness15 pages
- Canine Protection Training: The Police Dog: History, Breeds and ServiceNo ratings yetCanine Protection Training: The Police Dog: History, Breeds and Service30 pages
- CIE IGNITE Season 01 Ideathon Idea SubmissionsNo ratings yetCIE IGNITE Season 01 Ideathon Idea Submissions255 pages
- A General Theory of Domination and Justice 1st Edition Lovett Instant DownloadNo ratings yetA General Theory of Domination and Justice 1st Edition Lovett Instant Download145 pages
- The Ultimate Guide To Reading The WaterNo ratings yetThe Ultimate Guide To Reading The Water39 pages
- Existentialist Feminism and Simone de Beauvoir PDFNo ratings yetExistentialist Feminism and Simone de Beauvoir PDF2 pages
- Steel Welded Fabric List Price (SG) - V2.00No ratings yetSteel Welded Fabric List Price (SG) - V2.002 pages
- Tenses: S + V1/s/es S + Tobe (Is, Am, Are) + CNo ratings yetTenses: S + V1/s/es S + Tobe (Is, Am, Are) + C3 pages
- Blockchain's Impact On Marketing by SlidesgoNo ratings yetBlockchain's Impact On Marketing by Slidesgo8 pages
- Module II - Lecture Notes 1 - Isentropic Flow - Area Variation With Mach NumberNo ratings yetModule II - Lecture Notes 1 - Isentropic Flow - Area Variation With Mach Number4 pages
- BZ-08-062-F Forklift Handover Checklist FormNo ratings yetBZ-08-062-F Forklift Handover Checklist Form2 pages