Page 1
E-Business (MBA-218)BusinessBusiness can be defined as the organized effort of individuals to produce and sell for a
profit, products and services that satisfy society’s needs.
(Example of Involved Process by business: Production, Purchases, Sales,
Advertisement, Exhibition of Products, Marketing of Products, Sampling of Products
etc.)
CommerceCommerce is a negotiated exchange of valuable object (Cash, Cheque, Gold, etc) or
services between at least two parties and includes all activities that each of the parties
undertake the complete the transaction.
Example: My Person trades eggs to one of his neighbors in exchange for repairs to his
furniture.
E- Business Definition 1: E-business in the simple words is the use of internet technologies and
computing to implement business transition online to improve customer services
operation enhances the market share, attract large number of consumers, streamline
supply chain and reach existing & new customers.
Definition 2: In general the term E-business means doing any kind of business
transaction on the internet with the aid of two integrate component of E-Commerce (EDI
& VAN).
E-CommerceDefinition 1: A part of e-business; the term refers only to the activities involved in
buying and selling online, which may include identify suppliers, selecting products or
services, making purchases commitments, completing financial transactions, and
obtaining services.
Definition 2: We will define e-commerce as the use of electronic data transmission to
implement or exchange any business activity.
Page 2
Example: A buyer sends an electronic purchases order to a seller. The seller then sends
and electronic invoice back to the buyer.
History of Internet 1969 : The US Department of Defense started the first network among major
research centers in US.
1971 : A total of major connection or nodes were established. E-mail was
introduced.
1973 : Defense Department started developing various forms of file transfer.
1984 : Domain Name Service (DNS), was introduced.
1986 : US National Service Foundation created Internet-based telephone lines
1987 : The number of hosts (Computer on the Internet) reached 10,000.
1988 : The number of hosts on the Internet became over 60,000.
1989 : Over 100,000 hosts on the Internet were registered.
1991 : The World Wide Web (WWW) was created by CERN in Switzerland.
(Conseil European pour la Recherché Nuclearire)
1992 : One million hosts on the Internet were found.
1995 : There were a total of 6.6 million hosts or computer on the Internet.
July 1997 : 1.3 million Domain names registered.
Dec. 1997 : 22 million servers, 40 million users on the WWW.
2000 : 110 million users and 72 million Domains Names.
2003 : 802.2 million users and 233 hosts.
Growth of Internet in India
Years Internet Subscribers Internet User
1997 25 45000
1998 250 200000
1999 359 1000000
2000 650 2000000
2001 1130 6668000
2002 1763 10684000
2003 3661 29000000
2004 4403 31723000
2005 6674 52875000
Page 3
Internet Usage in India
History of E-Commerce
The term E-Commerce was derived from E-mail means conducting business online with
the help of electronic devices like personal computer, phone lines, fax machine, pager
etc. IBM was the first company who use the term internationally. During 1970, the
introduction of EFT (Electronic Fund Transfer) between banks over secure private
network changed financial changed financial market. During the late 1970 & early
1980’s, E-commerce becomes widespread with in companies in the form of electronic
messaging technologies: EDI & E-mail. The 1972, IBM used this term as ‘E-business’
and the first successful transaction is held between USA and European union in 1973
with invention of personal computers.
E-commerce refers to the paperless exchange of business information using EDI,
Electronic bulletin Boards, E-mail and other network based technologies. It not only
automates manual processes and paper transaction, but also helps organization move to
fully e-environment and change the way they operate.
Electronic commerce (e-commerce) has become a buzzword for business over the past
few years
0
10000
20000
30000
40000
50000
60000
1999 2000 2001 2002 2003 2004 2005
SubscribersUser
Page 4
Total E-Commerce Transaction in India
Year Total e-commerce transaction
1998-1999 131 crore Rs.
1999-2000 450 crore Rs.
2000-2002 1400 crore Rs.
2006 (Expected) 2300 crore Rs.
Difference between E-commerce & E-Business: Internationally both the term can be interchange and having the same concepts i.e. doing
business online. However, E-Business is the term is derived from e-Commerce.
E-Commerce E-Business
1. Open System. 1. Closed System.
2. Not Secured. 2. Secured.
3. Does not involve the use of EDI. 3. Used EDI.
4. E-Commerce always operates on Internet. 4. Always operates on intranet or extranet.
5. Involve all types of commerce. 5. Involve explicitly business transactions.
6. Used for small and large transaction. 6. Used for bulky transaction.
7. amazon.com, bazaar.com are example 7. e-trade.com, e-business.com are
of E-Commerce. example of E-Business.
Main Goals of E-Commerce 1. To understand what are the need of consumer, merchants, & organization.
2. How to improve quality & quantity of goods.
3. How to increase speed of services
Need for E-Commerce
Page 5
E-Commerce Is the business environment in which information for the buying, Selling
and transportation of goods and service moves electronically. E-commerce includes any
technology that enables a company to do business electronically. Some of the direct
benefits of E-Commerce are:
Improved Productivity: (Speed of Transactions with accuracy, easier access
document and information)
Cost Saving: (Check on Duplication of entries, human Error)
Streamline Business Process
Better Customer Services: Customers can enjoy the convince of shopping at any hour anywhere in the world.
Opportunities for New Business
Major Affecting Factors of E-Commerce 1. Growth of Internet: (Speed, Subscribers, Electronic Environment)
2. Govt. Policies & Laws: (Security, Computer Crime, Data Protection and Privacy,
Telecommunication Laws)
3. Consumer Awareness: (familiar with electronic media)
Function of E-CommerceE-Commerce application enables various business functions and transactions to be done
electronically:-
E-Advertising: - Advertising of Information is currently the largest commercial activities
on the web like:
a) The organization’s own web site, where information about products and the
Organization’s profile can be found.
b) Clickable Banners
c) E-Commerce portals like: www.yahoo.com
d) Newsgroup
E-Catalogs: - Electronic Catalogs are web pages offering information about the products
or services offered by the company. An e-catalog may offer information like:
Page 6
a) Product attributes and characteristics,
b) Packaging
c) Availabilities,
d) Ways of Payment
e) Price etc.
E-Publishing: - The publication sector was one of the first to invest in new technologies
and especially in the Internet. Successful e-commerce efforts in relation to e-publishing
are the electronic newspapers and the independent publication through the internet.
Some of the services offered by the online publication include the following.
a) On-line reading/ browsing:
b) On-line Search
c) Customized Information Services
E-banking: - E-Banking offers remote banking facility electronically. Electronic
Banking is also known as cyber banking, on-line banking, virtual banking or home
banking. It enables web user to make purchase online and pay for the same using an
online banking facility. It is cost-effective, easy and 24-hour available way of doing
business. The services offered to customer include:
a) Bill Paying
b) Electronic Cheque Writing
c) Tracking of bank account, credit cards etc.
d) Record Keeping
E-Traveling
Shopping Services
Page 7
1. Shopping Services provided by independent business who send representative to store comparison shop for specific products. A shopping service is hired by contract and will compare competitive prices or prices for the same item in competitive stores, depending on the request and needs of the client.
2. Shopping Service offered to cable television subscriber where consumer can buy products (Usually at discount) that are displayed on a special shopping services channel.
3. Shopping Service offered to subscribers of personal information services for home computer use. For example: A Company provides on-line information to subscribers. Among the many services offered by this company is one called products, Guides, Etc. From which consumers may shop and select purchases right from their own computer terminals.
Information Services: Pronounced as separate letters, and short for Information Systems or Information
Services. For many companies, Information System or Services is the name of the
department responsible for as IT and Management Information System. Information
System Support different types of decision at different levels of the organizational
hierarchy. Major types of information system include structural databases and
information management software that can include the following;
Transaction Process System (TPS)
Enterprise Collaboration System (ECS)
Management Information System (MIS)
Decision Support System (DSS)
Executive Support System (ESS)
Electronic Data Interchange (EDI):-EDI is a standard for exchanging business data or document. All trading partners must
have to agree to follow some standard for exchange information like (Payment order,
Purchases order, invoices, and bills).
In EDI the information must move without intervention among trading partners.
Supply Chain Management (SCM):-
Page 8
SCM can be define as an electronic alternative to the traditional paper chain, providing
companies with a smarter, faster, more efficient way to get the right product to the right
customer at the right time and price.
Multimedia Content for E-Commerce Application
1. Multimedia content can be considered both fuel and traffic for e-commerce
application.
2. Multimedia content is the combination of text audio, video, and graphics in a
computer file document.
3. It is the natural way to communication to the people.
4. The goal of multimedia is to increase the utility of all information through the
processing & distribution of new forms such as image, audio, video.
5. Multimedia has come to means the combination of computers, television and
telephone capabilities in a single device.
Multimedia Storage Servers and Electronic Commerce Application:-
1. E-commerce requires robust server to store and distribute large amount of digital content to consumer.
2. These multimedia storage servers are large information warehouse capable of handling various content, ranging from books, newspapers, advertisement catalog, movies and games.
3. These servers serve information upon request must handle, large scale distribution, guarantee security and complete reliability.
E-Commerce Framework
Text Image
Graphics Audio
Numerical VideoData Hologram Animation
Multimedia
Page 9
It is clear that e-commerce application will be built on existing infrastructure myriad of computer, communication, network and connection software framing the nascent information superhighway.
E-Commerce Application:1. Supply chain Management2. On-line Banking3. Procurement & Purchasing4. On-line Marketing & Advertisement5. Home Shopping
Figure shows variety of possible e-commerce applications, including both inter organizational & consumer oriented example none of these uses would be possible without each of the building blocks in the infrastructure.
Building Blocks in the information
1. Common business services, for facilitating the buying & selling process.2. Messaging & Information distribution, as a means of sending & retrieving
information. We frequently send & retrieve the information so these are facilities of E-commerce.
Common business services Infrastructure/Security/Authentication/Electronic Payment
The messaging & information distributionInfrastructure (EDI, E-mail)
Multimedia content & Network Publishing Infrastructure
The information superhighway infrastructure (Telecommunication, Cable TV, wireless network,
Internet
Public Policy legal & PrivacyIssues
(Cyber Law, IT Act 2000)
Technical Standard for e-document s, multimedia &
Network Protocols
Page 10
3. Multimedia content & network publishing for creating a product and a means to communication about it. The e-commerce related website has the information about the products and its design.
4. The information superhighway- The very foundation for providing the highway system along which all e-commerce.
The Two pillars supporting all e-commerce applications & infrastructure are just a indispensable.
1. Public Policy, to govern such as universal access privacy and information pricing.2. Technical Standard- To dictate the nature of information publishing, user
interface and transport in the interest of compatibilities across the entire network. Information can be access by any type of devices which consumer choose & support any type of Operating System.
Difference between E-Commerce & Traditional System
S.No. Basis E-Commerce Traditional
1 Reduce the data error
It does not involve data at multi points. With E-commerce data goes directly from one to another computer without involving human being.
The buyer & Seller create purchases order on their system print it or fare it or mail to receiver. The receiver then re-enter the same information on the computer. This will create the error.
2 Reduce Cost
Initial cost of e-commerce is very high as compared to paper process but over a long period of time it is very effective.
As time is money, time is directly linked to saving the money. In it there is a repetition of same work at every level. So it involves a lot of time and if the error is arisen that will lead to more wastage money.
3 Reduce Paper Work
E-Commerce data in the electronic form makes it easy to share it across the organization.
It requires re-entry of data at each level and requires lot of time. So the peak time is wasted in re-entering and printing of the reports.
4 Reduce ProcessCycle Time
E-commerce reduces the processing cycle time of complete cycles as the data is entered the system it is simulating process.
In Traditional System, when the buyer order in a paper format, the data is re-entered into the seller’s computer and then only processing can take place which is a time consuming and full commitment.
Page 11
What is required in order to conduct E-Commerce?
Number 1-3 below are the components that you will need to conduct E-Commerce, and number 4-5 are optional depending on how you intend to accept payment,
1. You need a commercial website.2. You need products or services that you plan to sell through your website.3. You need a shopping cart system or an order form that your customers can use to
shop for and purchases what you are selling.4. If you plan to accept credit cards as payment, you will need a credit card merchant
account.5. If you plan to process credit cards in real time over the web, you will need an
online payment gateway.
*** Website: It is collection of web pages which are linked each other.
*** Shopping Cart: A piece of software that keeps a record of the choices you making during an online buying session.
*** Gateway: It is a software program used to connect two networks using different Protocols so that they cam transfer data between the two network.
*** Electronic fund Transfer: It is transfer of money between financial institutions over secure private networks.
Electronic Markets
Direct Transaction
Low Transaction Cost
Direct Access to Market
New Business
Manufacturers Dealers Open
Market
Page 12
Industry’s Perspective
Consumer’s Perspective
Shopping Mall
Variety of Merchandise
Shopping Worldwide at Home
Assets Management
Job hunting at home
Labour Markets
Quick Shopping
Consumers
Financial Market
Electronic Market
Improving Quality of Life Enterprises
Households
Governments
Resource & Energy Savings
Economic Growth in Developing Countries
Enhancing International Free Trade System
Decreasing Unemployment
Page 13
Impact on the society
Private Gateway
E- Commerce Entities
Online Consumer
Merchant
WebSite
Internet
Online Transaction Server
Processing Network
AcquiringMerchant
Bank
Issuing Consumer
BankI n s t i t u t e sG o v e r n m e n t
M e r c h a n t sM a n u f a c t u r e s
S u p p l i e r sC o n s u m e r
N e t w o r kC o r p o r a t e
I n t e r n e tC o m m e r c i a l
P r o c e s sM a r k e t i n g
S a l e sP a y m e n t
E-C
omm
erce
Page 14
Component of E-Commerce
Advances services and home banking
On-Line Shopping Services
Consumer Home
BankServer
Bill PaymentInter bank clearing house
Real –time financial information
(Stock ticker)
Investment vehicles (bonds, mutual funds)
Gateway
Consumer
Merchant or Commerce ServerTransaction ManagementSecurityReturn Management Settlement
Protocol Conversion over or Private Stand-in authorization/ ManagementSecurity
Acquiring Bank/Banking Network
Card Information, checking account Info, Receipt Management, Security
Page 16
Verify
On-line Credit Card Transaction
Simplified on-line mercantile model
Processor
Customer
Merchant
Customer Bank
Encryption Software
Credit Card Processor
Third Party
MonthlyStatement
18
28
728
328
6328
4328 5
4328
Page 17
What is Electronic Payment System (EPS)?
The Electronic fund transfer of money between financial intuitions over secure private network.
Making Payments on the internet are essentially electronic version of the traditional payment systems. But in the electronic payment everything is digital and it is designed to handle electronically, no change and/or old currency problems!
Electronic Payment System is more sure faster payment systems which serve its customer fast and low cost services.
Advantage of Electronic Payment System
1. EPS is not bounded by region boundaries so that fund can transfer anywhere. 2. It is secure method of fund transfer. It provides faster services compare to
conventional payment system. 3. It provides services not only to big organization, bank, business transaction but
also to users and consumers for online shopping & marketing at very low cost.4. It provides various way by which a customer can make payment such credit card,
digital cash, debit card etc.
Issues Involves in EPS
PaymentInstitution
Merchant Customer with need
(1) Buy Request (2) Remittance Request
(4) Delivery (3) Approval
Page 18
1. The selection of the mode of EPS which is chosen by consumers in which customer must satisfy for example- E-Cash, E-Cheque, Credit Cards and Debit Cards.
2. In online market, how can we manage the financial risk associated with various payment instrument- Privacy, Frauds and Mistakes as well as other risks like bank
3. What are the step-by-step procedure & institutional arrangements that from the fabric of the electronic payment business process that link consumer and organization?
Types of E-Payment System
Three categories of EPS:1) Banking & Financial Payments:
Large scale or whole payment (e.g. bank to bank transaction) Small scale or retail payment (e.g. ATM)
2) Retailing Payments: Credit Cards(VISA or Master Cards) Private label credit/debit cards Charges cards(e.g. American Express)
3) Online E-Commerce Payments: E-Cash E-Cheque
Digital Token – Based Electronic System
In a traditionally system, their deficiency is their assumption that the parties will at some
time or other’s physical presence or that will be a sufficient delay in the process for
frauds, overdrafts and other undesirables to be identified and corrected.
Entirely new forms of financial instruments are also being developed. One such new
financial instrument is “Electronic Tokens” in the form of electronic Cash/Cheque.
Simply stated, electronic tokens are equivalent to cash that is backed by a bank.
Electronic tokens are of three types:
1. Cash or real-time: Transaction are settled with the exchange of electronic
Page 19
currency. An example of on-line currency exchange is electronic cash (e-cash).
2. Debit or prepaid: User pay in advance for the privilege of getting information. Examples of prepaid payment mechanism are stored in smart card and electronic purses that store electronic money.
3. Credit or postpaid: The server authenticates the customers and verifies with the bank and funds are adequate before purchases. Examples of postpaid mechanism are credit/debit cards and electronic Cheque.
Certificate Authority
Certificates Authority is issued to companies and organizations that are accessible via the
internet. They are issued for certain period of time and are used as a guarantee of the
security of a web site.
Digital Certificate
Digital certificate is defined as a method to verify electronically for authenticity. The
digital certificate equivalent of positive identification, such as a driver’s license.
Issued by various certificate authorities, digital certificates are used to prove that a
website, or a visitor to a website, is the entity or person they claim to be: An electronic
credential issued by a certification authority to establish the identity of an organization
when doing business on the internet.
Contents of digital certificate
It includes
Holder’s Name, organization, address. The name of certificate authority. Public key of the holders for cryptographic use. Time limit, these certificates are issued for 6 month to a year long. Digital certificate identification number.
Electronic Cash
Page 20
Electronic cash is a form of electronic payment system which is based on encryption; it
means it is a secure payment system. Security of e-cash is measures by digital signature.
It uses a pair of key for locking & unlocking fund.
Locking key is used for encoding of a message into a cipher text. The encoding
key is kept private and the decoding key is made public.
By supplying all customers (buyers & sellers) with its public key, a bank enables
customers to decode any message or (currency) encoded with banks private key.
Purchasing E-Cash from Currency Servers or e-mint
The purchase of e-cash from an on-line currency server (or bank) involves two steps.
1. Establishment of an account 2. Maintaining enough money in the account to back the purchases.
Working of E-Cash
The e-cash transaction take place in three district and independent phases as discussed below:
7. Credit Merchant a/c
6. Return E-Cash
3. Send E-Cash
E-mint
Consumer’s Bank
Merchant’s Bank
ConsumerMerchant
1. Request to obtain cash
2. Transfer Money
4. Send E-Cash
5. Delivers Goods
Page 21
Phase- 1: Obtaining Electronic cash:
1. The consumer requests his/her bank to transfer money to the e-mint to obtain e-cash.
2. The consumer bank transfers money from the consumer’s a/c to the e-mint.3. The e-mint sends e-cash to the consumer. The consumer servers his/her cash.
Phase- 1: Purchasing with Electronic cash:
4. The consumers select the goods and transfer the e-cash to the merchant.5. The merchant provides the goods to the consumer.
Phase- 3: Redeeming Cash by the Merchant:
6. The merchant may sent the e-cash to its bank and the bank in turn redeems the money from the e-mint.
7. The e-mint transfer money to the merchant’s bank for crediting the merchant’s a/c.
Properties of E-CashFollowing four properties
1) Monetary value: (E-cash created by one bank and accepted by others)2) Interoperability: (Exchangeable as payment for other e-cash, paper cash, goods, services. )3) Retrieval & Storage4) Security: (E-cash should not be easy to copy)
Advantage Best suited for small transactions. Authentication is not an issue who pay’s is not important as long as a
merchant gets his payment.
Operational risk associated with e-cash1. The time over which given money is valid.2. How much can be stored on and transferred by electronic money.3. The no. exchange that can take place before a money needs to redeposit with a
bank or financial institutional.4. The number of such transactions that can be made during a given period of time.
Electronic Cheque:
Page 22
Electronic Cheque has all the same features as a paper Cheque. It functions as a message to the sender’s bank to transfer funds, the message is given to the receiver, who in turn endorses the Cheque and presents it to the bank to obtain funds.
Working of E-Cheque
Phase-1: Purchasing Goods
1. The consumer accesses the merchant server and the merchant server presents its goods to the consumer.2. The consumer selects the goods and purchase them by sending an electronic Cheque to the merchant.3. The merchant may validate the electronic Cheque with its bank for payment authorization.4. Assuming the Cheque is validated the merchant closes the transaction with the consumer. Phase-2: Depositing Cheque at the merchant’s bank:
1. The merchant electronically forwards the Cheque to the bank.2. The merchant bank forwards the e-Cheque for clearing house for cashing. 3. The clearing house with the consumer bank, clears the Cheque and transfers money to the merchants bank, which updates the merchant account.Smart Card:
7. Forward Cheque
6. Forward Cheque
5. Forward to bank
3. Validate Cheques
1. Access and Browser
Merchant’s BankConsumer’s Bank
ConsumerBrowser
Clearing House
MerchantSystem
4. Close Transaction
2. Select goods pay e-Cheque
8. Account Update
Page 23
Smart cards are credit and debit cards and other card products enhanced with microprocessor, capable of holding more information than the traditional magnetic stripe. Most of these methods are known as stored value cards or electronic purse system. Units of prepayment or currency value are electronically stored on an IC chip imbedded in these cards.
Smart cards are basically of two types: Relationship-based smart credit card and electronic purse. Electronic purse, which replace money, are also known as debit cards and electronic money.
Relationship-based smart credit card: A relationship-based smart card is an enhancement of existing card services and/or the addition of new services that a financial institution delivers to its customers via a chip-based card or other device. These new services may include access to multiple financial accounts, balance inquiry and other information cardholder may want to store on their card.Working :( Access multiple accounts, such as credit, debit, investments or stored value for e-cash, on one card or electronic devices)
Electronic Purse and debit cards:E-Purse is wallet size smart card embraced with programmable microchip that store monitory value in form of money. The electronic purse works in the following manner. After the purse is loaded with money, at an ATM or through the use of an inexpensive special telephone, it can be used to pay for example Candy in a vending machine equipped with a card reader. The vending machine is authentic and there is enough money available for a chocolate bar.
Credit Card:
The credit card transaction simply requires that the consumer have a valid credit card number and expiry date when placing an order. This information has been provided through standard internet option like e-mail/sms.In credit cards may used a long with a personal information number (PIN). The pin is a secret code that the consumer must enter while using the credit card online. As such, it prevents misuse of the card in case it is stolen.
Working of Credit Card:
Phase:1 Purchases of goods: transaction starting from 1-4.Phase:2 Settlement of transaction from 5-6.Phase:3 Consumer update of credit card bill in the transaction number.
Page 24
Working of Credit Card:
3. Request and obtain
credit authorization
5. Provide credit and
receipt
4. Close Transaction
1. Access Home page
2. Select goods, make credit card payment
Card Issuer Merchant’s Bank
Consumer(Browser)
Merchant
6. Forward receipt and obtain payments
Page 25
E-Security
A security threat is define as a circumstances, condition, or event to cause economic hardship to data or network resources in the form of destruction, disclosure, and modification of data, denial of services and/or fraud & waste.
In addition, organization must be concerned with the inherent security threats associated with business over the web such as:
1. Unauthorized user access2. Tampering and eavesdropping
Processor
Customer
Merchant
Customer Bank
Encryption Software
Credit Card Processor
Third Party
MonthlyStatement
18
28
728
328
6328
4328 5
4328
Page 26
To overcome this strong network security solution is essential which can transparently and automatically control the access of corporate intranets or extranets. The solution must provide identification and authentication of users, encryption of all traffic from the application to the user, and access control to all information.
E-Security can be divided into two parts:
1) Client-server network security2) Data & transaction security
Client-server network security: Client server security ensure that only authorized users can access to information resources.
a) Physical Security: When unauthorized user gain physical access to computerb) Software Security: When program/software is comprised into doing thing
they should not.c) Inconsistent Usage: When administrator assembles combination of Hardware
& Software such that the system is seriously flowed from a security point of view.
To reduce these security threats, various protection methods are used. Protection-also called authorization or access control.
Protection methods are:-1) Trust-based security2) Security through 3) Passwords Schemes4) Biometric System
A) Trust-based security: Trust based security means to trust everyone & do nothing extra for protection and there is not access restriction on any kind of data access. All users work in a network can shared information, this approach assume that no any user make an expensive break as detection of files or modification of data or unauthorized access of data Now a days this approach do not work, it used in past.
B) Security through Obscurity: Any network can be secure as long as nobody outside its management group is allowed to find out any thing about its operational details.
Hiding account password in binary files or script so that “nobody will ever find them”.
But its usefulness is minimal in the UNIX world. Where users are free to move around the file system, have a great understanding of programming techniques.
They can easily guess at the bits of knowledge considered confidential. These bypass the whole basis of STO and make this method of security useless.
Page 27
C) Password Schemes: One security is password schemes. However it can also break when we use some common words or names for password.
The simplest method used by most hackers is dictionary comparison. Comparing a list of encryption user passwords against a dictionary of encryption common words. This schemes often works because users tend to chose relatively simple or familiar words as passwords as passwords.
As a solution we use mixed-case passwords containing at least one non alphanumeric character & changing passwords every 60 to 90 days
We can also include one time passwords, smart card randomized tokens.
D) Biometric System: Biometric system involve some identical aspects which related to human body such as compare the finger prints, palm prints and voice recognition. Biometric Systems are very expensive to implement. Biometric System use one to one relationship and one to many relationships.
Data & Message Security:Transaction securities have two parts:
I) Data Security II) Message Security
Data Security: Data securities suffer from packet sniffing.
Sniffing attack begin when a computer is compromised to sharing some data or program.
Cracker starts to install packet sniff into data that monitors the networks sniffer program to attack on network traffic, telnet, FTP.
Session that legitimate user initiate to gain access to another system. The session contains the login ID, password and user no. of the person
logging into other machines, all this necessary information a sniffer needs to login into machine.
Message Security:
Threats to message security fall into three categories
a) Confidentiality b) Integrity c) Authentication/Identification
a) Message Confidentiality: Confidentiality is important for user sensitive data such as credit card number. This requirement will be amplified when other kinds of data such as employee records, government files and social security number, begin traversing the nature.
b) Message Integrity: Content of transaction must be unmodified during transport.
Page 28
It must be clear that number one has added, delete or modified any part of the the message.
Error detection codes or checksum, sequence no., and encryption techniques are methods to enhance information integrity.
Sequence number prevents recording, loss or replaying of message by an attacker. Encryption technique such as digital signature can detect modification of a
message.
C) Message Sender authentication/identification
For e-commerce, it is important that clients authenticate themselves to servers that servers authenticate to clients, that both authenticate to each other.
Authentication in e-commerce basically requires the users to prove his or her identify for each requested service.
Third-party authenticate services must exist within a distribution network environment where a sender can not be trusted to identification itself correctly to a receiver.
Client-Server Security Threats:
These threats can be divided into two major categories. 1) Threats to client2) Threats to server
Threats to client
1) Client threats mostly arise from malicious data or code, Malicious code refers to viruses, worms, Trojan horses and deviant.
Virus: A code segment that replicate by attaching copies of itself to existing executable (EXE files). The new copy of the viruses is executed when users executes the host programs some viruses displaying a text string or delete all files on the hard disk on a particular date.
Trojan Horse: A program that performs a desired task but also includes unexpected functions.
Example: Editing program for multi-user system. This program could be modified to randomly delete one of the user’s file.
WORM: A self replicating program that a self continued & does not require a host program.Clients must scan for malicious data & executable program fragment that are transferred from the server to the client.
Threat to servers
Page 29
Threat to server consist unauthorized modification of source data. Unauthorized eavesdropping Modification of incoming data packets.
Eavesdropping: Hackers can use electronic eavesdropping to trap user names & unencrypted password sent over that network. It is difficult to delete that some one is eavesdropping encryption can prevent eavesdropping from obtaining data traveling over unsecured network. Denial of Services: It is two types.
1) Service Overloading 2) Messaging Overloading
Service Overloading: One can easily overload a www server by writing a small loop that sends requests continually for a particular file for example: A home page.
Message Overloading: Occurs when some one sends a very large file to a message box every few minutes. The message box rapidly grows in size & begins to occupy all space on the disk and increase the no. of receiving process on the recipients’ machine & causing a disk crash.
Packet Replay: Refer to the recording & retransmission of message packets in the network. Hacker could replay legitimate authentication sequences message to gain access to a secure system.
Packet Modification: Integrity threat, involve modifying a message packet or destroyed the message packet.
IP Spoofing: A technique where an attackers attempts to gain unauthorized access through a false source address to make it appear as though communication have originated in a part of the network with high privileges. Some Security threats & SolutionsThreats Security Function TechnologyData intercepted, read or modified illicitly
Encryption Encoder data to prevent tempering
Symmetric and Asymmetric encryption
False identify with an intension of fraud
Authentication Identity verification of both sender & receiver
Digital signature
Unauthorized user on one network gains access to another
Firewall Filter and prevents certain traffic from entering the network or server
Firewalls:Virtual private nets
Encryption as the basis for data & messaging security:
Page 30
Encryption is a cryptography technology to scramble (encrypted) the data with a key so that no one can make sense of it while its being transmitted. When data reaches its destination, the information is unscramble (decrypted) using same or different key.
Cryptography: The terms used commonly in a cryptography system are as follows:
Intruder: Intruder is a person who is not authorized to access the information or th network.
Plain Text: Intelligible message that is to be converted into unintelligible message (Encrypted message).
Cipher Text: Message in an encrypted form.
Example:
(Encrypt Form) (Decrypt Form)
Plain Text Algorithm Cipher Text Algorithm Plain Text
Goods Next Two Word Iqqfu Previous Two word Goods
Sales Previous One Word rzkdr Next One word Sales
Encryption: Process of converting plain text to cipher text.Decryption: Process of converting cipher text to plain text.
Algorithm: A cryptography algorithm is a mathematical function.Key: String of digits.
There are two type of cryptography or methods of encryption
Secret key or symmetric key Public key or asymmetric key
Page 31
Secret key: In this scheme, both the sender and recipient possess the same key to encrypt and decrypt the data.
Example: DES: (Data Encryption Standard)
For example message A encrypts a message with secret key & e-mails the encrypted message to B on receiving the message, B checks the header to identify the sender & takes out the duplicate of the secret key, B then uses the secret key to decrypt the message.
Shared key techniques suffer from the problem of key distributions since shared keys must be securely distributed to each pair of communicating parties.
The i) Generation ii) Transmission & iii) storage of keys is called key management.
In a business environment where a company deals with 1000 of on-line customers, it is impractical to assume that key management will be flawless.
Drawbacks Both parties must agree upon a shared secret key. If there are “n” correspondent one have to keep track of n-different secret keys. If
the same key is used by more than one correspondent, common key holders can read each other’s mail.
Symmetric encryption schemes are also subjected to authenticity problems. Because, sender & recipient have same secret key identity of originator or recipient can not be proved. Both can encrypted or decrypted the message.
OriginalMessage
EncryptedMessage
EncryptedMessage
OriginalMessage
Secret Key Encrypt
Secret Key Decrypt
Internet
Page 32
Public Key Cryptography
This scheme operates on double key called pair key one of which is used to encrypt the message and only the other one in the pair is used decrypt. This can viewed as two parts, one part of the key pair, called private key known only by the designated by the owner, the other part, called the public key, is published widely but still associated with owner.
Schematic diagram of Asymmetric Encryption
Encrypting & decrypting
Data encrypted with public key can only be decrypted with private key. Data encrypted with private key can only be decrypted with public key.
Strong points of this scheme The key can be used in two different ways:
1. Message confidentiality can be proved: The sender uses the recipients public key to encrypt a message, so that only the private key holder can decrypt the message, non other.
EncryptedMessage
Original Message
Original Message
EncryptedMessage
Internet
(Cipher Text)
(Cipher Text)
Public Key Encrypt
Private Key Decrypt
Page 33
2. Authenticity of the message originator can be proved: The receiver uses his private key to encrypt a message, to which only the sender has access. 3. Easy to distribute public key: Public key of the pair can be easily distributed.
Person “Y’s” Private Key
Person “Y’s” Public Key
EncryptedMessage
Original Message
Original Message
EncryptedMessage
Internet
(Cipher Text)
(Cipher Text)
Encrypt
Decrypt
Person “X”
Person “Y”
Page 34
Firewalls:
The term firewall is a method of placing a device a computer or a router-between the network and the internet to control and monitor all traffic between the outside world & the local network.
A firewall system is usually located at a gateway point such as a site’s connection to the internet.
A firewall is simply a barrier between two networks-in most cases an internal network often called the trusted network and case an external network called untrusted.
Firewalls examine incoming & outgoing packets according to a set of policies defined by administrator either let them through or block them.
Firewall Policy: Firewall generally implement one of two basic design policies.1) Premises Approach2) Restrictive Approach
Internet
40,000 networks-no. of
hackers?
EnterprisesLANOr
WAN
Firewall by pass should not
be allowed
Page 35
Permissive Approach: Allows all the services to pass the site by default, with the exception of those services that the network services access policy has identified as disallowed. Restrictive Approach: A firewall that implement the second policy denies all services by default, but then passes those services that have been identified as allowed.
The first policy is desirable, since it offers more a venues for getting around the firewall.
Second policy follows the classic access model used in all areas of information security.
Certain service, such as FTP, Archie & RPC are difficult to filter, for this reason, they may be better accommodated by a firewall that implements the first policy.
The second policy is stronger and safer, but it is more restrictive for users.
Types of Firewall: Two types of firewalls
A) Static FirewallB) Dynamic Firewall
Static Firewall: Static firewalls are generally pre-configured and they allow or deny the access from the outside world by default. Default allows the inbound traffic, in such a mechanism only the specified user will be denied access to the network of the enterprises. In the default deny policy, only the specific users who display their authentication are permitted to access the network.
Dynamic Firewall: The dynamic firewall uses allow and denial of services policy at the network on the time basis.
Some service on the network may be allowed and other may be denied for a specific time interval.
The configuration of such firewall is slightly more complex.
Now a day’s firewall can be implementing in two ways:-1) IP packet screening routers.2) Proxy Application Gateways.
1) IP packet screening routers: This is a traffic routing service placed between the network service
provider’s router & the internal network. The firewall router filters incoming packets to permit or deny IP Packets
based on several screening rules. It examines the source & destination addresses & port of incoming TCP &
UDP packet & denies or allows packets to enter based on a set of predefined rules.
Packet filter are inexpensive but relatively complex process.
Page 36
It usually requires precise knowledge of network, transport and sometime
even application protocols.
Another problem with is packet filters is that they are susceptible to IP
spoofing; A tricky hackers can gain access to a corporate network by
changing IP address in packet headers to ones that are acceptable.
Public Internet
Secure firewall with IP packet screening router
Proxy Application Gateways:
A proxy server application gateway is a special server that typically runs on a
firewall machine.
Instead of directly talking to external WWW servers, each request from the
client would be routed to a proxy on the firewalls that is defined by the users.
The proxy waits for a request from inside the firewall, forwards the request to
the remote server outside the firewall, forwards the request to the remote
server outside the firewall reads the response & then returns it to the client.
Sample Screening Rules: Protocols (TCP, UDP) Source IP address (Domain.edu) Target TCP port 80 (WWW only)
IP Packet screening router
Page 37
Public Internet
Digital Signature: E-Commerce business transactions for authentication the digital signature are used. The authentications refer the legal, financial & other document related issues.
Digital Signature is just like hand written signature which determined presence & absence of authentications.
The digital signature consist of two parts
1. Signature in the document: Signer authentication 2. Document Authentication
Signer Authentication: A signature should indicate who signed a document, message or record and should be difficult for another person to produce without authorization.
Document Authentication: A signature should identify what is signed. Sender can not remove the content of messages after signing it. The receiver can not do any change in the message.
Hash Function: It is a formula that converts a message of a given length into a string of digits called a message digest.
(Hash function Message digest) Digital Signature
Working: X sends the message to Y Sender Receiver
Encrypt With sender’s private
key
X Y
Proxy server on the firewall machine that connect to the external internet
Web HTTPServer
FTPServer
GopherServer
Telnet Server
USENET news Server
Client inside the Firewall
Secure subnet inside the firewall security perimeter
Page 38
1. Sender generates a message.
2. Sender creates a “Message digest” of the message by using Hash Function.
3. Sender attaches the digital signature to the end of the message.
4. Sender encrypts both message & signature with receiver’s public key.
5. Receiver decrypts entire message with own private key.
6. Receiver calculates the message digest using hash function.
(Receiver uses the same hash function as that of sender used, which was agreed upon
before hand)
Advantage: Unauthorized persons can access to the public key of X person, but can not have his hash function, which makes the digital signature authentic.
Page 39
Types of E-Commerce or E-Commerce Transaction Model
Business to Consumer (B to C)Business to Business (B to B)Consumer to Business (C to B)Consumer to Consumer (C to C)
Business to Consumer: B2C, E-Commerce offers consumers the capabilities to browse,
select and buy merchandise online from a wider verity of sellers and at better prices. The
B2C of electronic commerce transaction is ideally suited for the following type’s
merchandise.
Goods that can be easily transformed into digital format, such as book, music, clips and videos and software packages.
Items that follow standard specification like printer. Ribbon, ink cartridge etc. Highly rated branded items or items with return security: such as Compaq
computers, e-gadgets Sony etc. Items sold in packet that can not be opened even in physical stores e.g. Kodak
film rolls. Item that can be experienced online, such as music, videos etc.
Example: http:\\ www.dell.com , http:\\ www.mustafa.com.sg
How does B2C Work?
1. Customer identifies a need2. Searches for the product or services 3. Selects a vendor and negotiates a price4. Receives the products or services5. Makes Payment 6. Gets services and warranty claims
Business to Business: B2B, electronic commerce facilitates inter-organizational
interaction and transaction. This type of E-commerce requires two or more business
entities interacting with each other directing, or through intermediary.
Application of B2B:
1. Inventory Management 2. Channel Management 3. Distribution Management4. Order fulfillment & delivery 5. Payment Management
Page 40
The B2B electronic commerce can be following type:i) Supplier orientedii) Buyer orientediii) Intermediary oriented
Supplier oriented:A supplier sets up the electronic market place. Number of customer/buyer
business interacts with the supplier at its electronic commerce marketplace. Typically, it is done by a dominant supplier in the domain of products its supplies.
Buyer oriented: In buyer oriented electronic commerce, major businesses with high
volume purchases capacity create an electronic commerce marketplace for purchases and gaining by starting a site on their own. The online e-commerce marketplace is used by the buyer for placing request for quotations and carrying out the entire purchases process.
Intermediately oriented:In buyer oriented e-commerce, in the business to business context, a third
party set up the electronic commerce marketplace and attracts both the buyer and seller businesses to interact with each other. The buyers and seller, both benefits from the increased option in terms of pricing, quality, availability and delivery of goods.
Relation between B2B and B2C models.
Summary of E-Business Transaction Models
Model Description Example
B2C Sells products or services directly to consumers. amazon.com, autobytel.com, eDiets.com, pets.com,
B2BSells products or services to other businesses or bring multiple buyer & seller together in a central marketplace.
metalsite.com, verticalnet.com, shop2gether.com
B2G Business selling to local, state and federal agencies. igov.com
C2C Consumer sell directly to other consumers ebay.com, inforocket.com, baazee.com
C2B Consumers fix price on their own, which businesses accept or decline. priceline.com
Manufacturer Distributor Retailer ConsumerRaw MaterialProducer
B2B B2C
Page 41
Consumer to Consumer (C2C)
C2C e-business model, consumers sell directly to other consumers via online classified
advertisements and auctions or by selling personal services or expertise online.
infoRocket.com, one of the first question and answer marketplaces, is driven by a person
to person auctions format.
Consumer to Business (C2B)
The C2B model can be described as a form of e-commerce where, the transaction,
originated by the customer has a set of requirement specifications and specific price for
merchandise.
Mobile Commerce
Mobile Commerce stands for electronic commerce made through mobile devices.
M-commerce is defining by following ways
“M-commerce is the use of mobile devices to communicate inform, manage & entertain using text and data via a connection to public & private network”
(by Lehman brother)
“Business to consumer transaction conducted from a mobile device” (by J.P. Morgan)
“Mobile commerce refers to any transaction with monetary value that is conducted via a mobile telecommunications network” (by Durlacher)
MobileInfo.com: Define m-commerce as “any electronic transaction of information
interaction conducted using mobile device and mobile networks (wireless or switched
public network) that leads to transfer or real or perceived value in exchange for
information, services or goods”
Typical Example of m-commerce:1) Purchasing airline tickets2) Purchasing movie tickets3) Restaurant booking and reservation 4) Hotel booking & reservation
M-Commerce is currently mainly used for the sale of mobile phone, ring tones and games as well as video and audio content, including full length music tracks.
Page 42
Other services include the sending of information such as cricket scores via SMS.
Currently the main payment methods used to enable m-commerce:
Premium-rate calling numbers. Charging to the mobile telephone user’s bills or Deducting from their calling credit either directly or via reverse-charged SMS.
Separating Mobile Commerce form E-commerce
Technology E-Commerce M-Commerce
Device Personal Computer Cellular phones, pagers
Operating System Windows, Unix, Linux Pocket PC, Palm OS.Presentation Standard HTML HTML, WML, i-mode
Browser Ms Internet Explorer, Netscape Navigator.
Nokia Browser, Ms Mobile Explorer
Possessor Network TCP/IP & Fixed wire line Internet
GSM, GSM/GPRS, TDMA, CDMA
Mobile Computing Framework
Application of M-Commerce
1. Wireless delivery technology and switching methods(Cellular, radio, paging, satellite and wireless LAN)
2. Mobile information access devices(Laptop, notebook, other portable computers and mobile phones)
3. Mobile data internetworking standard & equipment(No any interruption in between Bridge or Tunnels)
4. Mobile computing-based business application(Inventory & Package tracking and retail point of sale)
(Most frequently mentioned include mail-enabled application & Information or data services to mobile users.) )
Page 43
1. Goods: There can be two type of domain like business to business and business
to Consumer. For example a vendor can sale to consumer or to another vendor.
2. Service: Again services can be business to business and business to consumer.
For example a company can provide services directly to consumer or to another
company.
3. Information: Information services can be paid to consumers or to other
companies. The second aspect is advertising.
Goods Services Information
Bus
ines
s to
Con
sum
er
ShoppingVendingTrading
Paid- Information
Advertising TicketingE-CashBanking
Discount and LoyaltySchemes
Gaming andGambling
Page 44
Bus
ines
s to
Bus
ines
s
Limitations of Mobile-Commerce
1. Lack of consumer awareness about mobile commerce.2. M-commerce operating system and platform (other software) is not as easy as
well as desktop software’s.3. Weak processor4. Limited memory5. Tiny screens and poor resolutions6. Typically to enter data entry.
Security Issues Pertaining to Mobile Commerce
1. To make the radio path as secure as the fixed network, this implies obscurity and confidentiality to protect against eavesdropping.
2. To have strong authentication to protect the operator against billing fraud.3. To prevent operators from compromising each other’s security, whether
unintentionally or because of competitive pressures.
On the other hand, a security process must not: Significantly add to the delay of the initial call set up. Allow for increased error rates, or error broadcast. Add unnecessary complexity to the rest of the system. Be-cost ineffective.
ProcurementTrading
Page 45
Wireless Application: A Wireless is software that runs on a wireless device that exchanges content over a wireless network. The actual wireless applications are distinguish from one another based on the wireless devices, network, and application families. This can be summarized as:
Web Phones: The most common device is the internet ready cellular phone, which call a web phone. Most web phones work only when they have a network connection. Newer advanced web phones can run application.
Wireless Handles: Another common devices, the wireless handheld, such as a Palm, can also message and use a Micro browser.
Two way Pagers: A device used often in business is the pager. The most popular is the two way pager because it lets you receive and send a message as well as use micro browser.
Voice Portals: A recent advance is the voice portal, which lets you have a conversation with an information service by using a kind of telephone or mobile phone.
Communication Appliance: Such electronic devices are fitted with wireless technology that can participate in the Internet. Example includes wireless cameras, watches, radio, pens and many other devices.
WAP (Wireless Application Protocol): WAP provides web contents to small-area display devices in mobile phones. The service providers format contents in the WAP format. WAP was invented and is driven by WAP Farum- a group originally formed by Nokia, Ericssin, Motorola and phone.com in 1997. WAP is a group specification that offers a standard method to access Internet based content and services from wireless devices such as mobile phones etc.Wireless Technologies
Time Division Multiple Access (TDMA): TDMA is a digital transport that divides the frequency range allotted to it into a series of channels. Each channel is divided into time slots. Each conversion within that channel gets a time slot; hence the term “division” in the name.
GSM- (Global System for Mobile Communication):- GSM is one of the most popular mobile communication standards. It is the first digital cellular system to be used commercially. GSM Communication uses cellular networks.
Mobile communication using a cellular network
C1 C2 C3
C5 C6
C4
C7
Page 46
GSM is a second generation (2G) communication standard. GSM provide integrated services for voice and data. GSM cell phones require SIM (Subscriber Identity Module) cards for their operation. SIM is a smart card that identifies the user terminal by inserting the SIM card into the terminal, the user can have access to all the subscribed services without SIM card, the terminal do not work. The three kinds of services delivered by a GSM system are teleservices, supplementary services and bearer services.
General Packet Radio Services (GPRS): GPRS is a speed enhanced data transmission services designed for GSM system. GPRS is a packet oriented service for mobile stations data transmission and their access to the internet.
Code Division Multiple Access (CDMA): CDMA is used as multiplexing method in many mobile telephony system. CDMA is an air link interface coding scheme, where in multiple subscribers are granted access to the same radio frequency source by assigning subscriber’s transmitted and received signals a spectrum- spreading code. A code transmitter assigns a unique code to each wireless connection and then broadcasts its data out on the channel simultaneously with all other connections.The receiver is able to decode each conversation by deciphering the unique code assigned to each connection.
Teleservices
Telephone/FAX Voice full 13 kbps SMS up to 160
Character MMS-GIF, JPG Video Text Access
Supplementary Services
Call Forward Caller line ID Call hold Call Waiting Call Charge
Advice
Bearer Services
Full Duplex Synchronous &
asynchronous
Page 47
E-Commerce & Banking
Electronic Banking also known as electronic fund transfer (EFT), use computer and electronic technology as a substitute for checks on paper transactions.
Electronic banking provides any time; anywhere access to cash through an automated teller machine (ATM) or direct deposit of e-Cheque into your saving accounts.
Now, In current scenario, technology is changing between banks and their consumers.
In particular technology innovations have enabled the following capabilities:
1. Online delivery of bank brochures and marketing information.2. Electronic Access to bank statements3. Abilities to request the transfer of funds between accounts.4. Electronic bill payment and presentations.
These online capabilities increase the facilities and speed of retail banking.
What is Mobile Banking?
Mobile Banking is a service that allows you to do banking transactions on your mobile phone without making a call, using the SMS facility.
How is this different from making a call on my mobile phone or using Phone Banking?
The difference between making a call on your mobile and sending a text message are as follow:
You are not required to dial a number; you send a text message i.e. a coded message to the SMS Centre of your Cellular Service Provider.
Bank does not charge anything for this service. However, the cellular service provider may charge a nominal charge for the SMS facility.
In Mobile banking, you actually see your banking transaction on your mobile phone screen as opposed to hearing a message through the phone.
How does mobile banking work?
Mobile banking works on the “Text Message Facility” also called the SMS that is available on mobile phones. This facility allows you to send a Short Text Message from your mobile phone instead of making a phone call.
All you need to do is type out a short text message on your mobile phone and send it out to a pre-designated number. The response is sent to you as SMS message, all in the matter of a few seconds.
Page 48
This message travels from your mobile phone to the SMS Centre of the Cellular Services Provider, and there it travels to the bank’s system s. The information is retrieved and sent back to you mobile phone via SMS Centre, all in a matter of a few seconds.
What is the Company ID in the Bill Pay message?Company ID consists of 4 alphanumeric character, which are predetermined by the company and help identify the bill.
Your Phone is now your bank!
When you dial in to Phone banking, a voice prompt will guide you through the various transactions. You may also a talk phone banker, who will provide you with the required assistance.
Avail of the following services via phone banking
Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates
What can I do using Net banking?
Manage you Demat Account Create fixed deposits online. Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates
Changing Dynamic in the Banking Industry
Page 49
By using the electronic banking technology, banks have increased profitability. In the past, the banking industry was chiefly concerned with assets quality and capitalization, but now a day this is not enough.
Bank need to find new ways to increase revenue in a “mature market” for most traditional banking services, a through understanding of this competitive environment is needed before banks can determine their online strategy.
Find different factors contribute to the new competitive Changing consumer desires driven by online commerce Optimization of branch networks in order to reduce costs. Changing demographics trends and potential new consumer markets New online economic products
Changing Consumer needs
Now a day Consumers like fast financial process with secured environment so that they want e-services like:
Online account related information Online download account statement Online transfer funds between account to account Online Payment of bills & dues Online purchasing & selling online other services
Consumer Oriented Service
Consumer Life-Style Needs Complementary Multimedia Services
Entertainment Movies on demand, video cataloging, interactive ads, Multi-user games, online discussion
Financial Services and information Home banking, Financial service, Financial news
Essential Services Home shopping, Electronic catalogs
Education and Training Video conferencing, on-line database
Home Banking Management
Page 50
Home banking services are often categorized as basic, intermediate, and advanced.
Basic Services are related to personal finance: checking and savings account statement reporting, round the clock banking with ATM fund transfer, bill payment, account reconciliation, Stop payment request.
Intermediate services include a growing collection of home financial management services, which include household budgeting, update stock values and tax return preparation.
Advanced Services include stock and mutual fund brokerage or trading services, currency trading, and credit & debit card management.
Management Issues in online banking
According to dynamic changing in banking industry, bank’s management has resourcefulness and vision to connect the technology and give consumers with new services & products on their satisfactory. Banks must deliver high quality products at the consumer’s convenience with high tech personal and affordable services. Management has to balance the five key values that increasingly drive consumer’s banking decisions:
Simplicity, Customized Services, Convenience, Quality & Price
Online banking will realize its full potential when the following key elements fall into place:
1. The development of any interesting portfolio of product and services that are attractive to consumer and sufficiently differentiated form competitors.
2. The creation of online financial supply chains to manage the shift from banks as goalkeeper models to banks as gateways.
3. The emergence of low-cost interactive access terminals for the home as well as affordable interactive home information services.
4. The identification of new market segments with unused needs such as the willingness to pay for the convenience of remote banking.
5. The development of effective back-office systems that can support sophisticated retail interface.
E-Commerce & Retailing: Retailing includes all the activities involved in selling goods as services directly to final consumer for personal, non business use.
Page 51
A retailer or retail store is any business enterprises whose sale volume comes primarily from retailing.Any organization selling to final consumer.Whether it is a manufacturer, whole seller or retailer is doing retailing. It does not matter how the goods or services are sold (By person, mail, telephone, vending machine or Internet) or where they are sold (in a store, on the sheet, or in the consumer’s home).
Almost every retailer is re-evaluating every aspects of its operation from customer services to advertisement, merchandise to store design and logistics to order fulfillment. Further more, reaching to the pressure of retailers, supplier and assessing technology based solutions to drive down costs (Labour, delivery and production) and become more efficient producers of goods.
Means e-commerce provide a gateway for retails business, now a days supermarkets, Big Bazaar etc, are providing you a commercial website for retail selling. Example: www.futurebazaar.com, www.giftmate.com
Online Mercantile Models Online channels such as online services and the web are also impacting traditional retail business models. In traditional model, the consumer went to the store and located the product. In the online model, the retailer seeks out the consumer. The success of catalog retailers demonstrates that a significant portion of customer has embraced the reverse model: the retail going to the customer.
Retailers need to consider the following in developing a business model:
1. Product/Content Issues: What kinds of products are suited for online retailing?
2. Software Interface Issues: What kind of futures will constitute an effective interface? What features make it easy to find and select items for online purchases?
3. Process Issues: What are the specific steps in the shopping process from a consumer’s perspective? What kind of processes should companies develop to fulfill orders efficiently?
4. Pricing Issues: How much will consumers be willing to pay for convenience?
5. Payment Issues: What payment methods would consumers use for online purchases?
Management Challenges in on-line retailing:
1. Pay Attention to Product Description
Page 52
2. Streamline Site Architecture3. Consider Shopping Search
1.) Pay Attention to Product DescriptionsMost medium to large retailers will have a database of products, with product descriptions that are substantially the same between products, or even between competitors who sell products from the same manufacturer. Search engines are not likely to index multiple pages with very similar content, and without something else to differentiate a page from competitors, ranking for that product name will be difficult, McGee said. In fact, it's not likely that retailers want to rank for their exact product names, as found in the product database. Most searchers are not entering a query for "Izod solid crested pique polo," but will instead search for "Izod polo shirt," which would be a better phrase to optimize a page for, he said. "Product databases are not optimized for searchers. It's not hard to convince a client that when we show them how many searches are being done for general terms, like 'polo shirt,' and how few are being done for the specific brand name in the database," McGee said.
2.) Streamline Site ArchitectureAnother challenge for some retailers is the lack of a text-based navigation system, which leaves search engine spiders unable to access many of the products on a site. While all sites should have a search box on their site, it cannot be the only way to navigate the site, McGee said. "At the very least, they need to have a directory or sitemap. But since many users like to browse instead of search for specific products, they should consider adding navigation to product category pages as well," he said. That's not to downplay the value of a well optimized site search. On a large-scale e-commerce site, visitors will head for the site search box about half the time, by some accounts. In addition, many SEO experts agree that generating reports from site search can show the retailer searcher intent and help optimizing pages for certain keywords, both for internal site search and for external search engines. In addition to on-site SEO, retailers should follow the same strategies as other sites to get inbound links to their sites -- such as by providing informational content worth linking to. This can be done with specific sections of the retailer’s site, new mini-sites or blogs. Retailers should also consider tagging their product images with relevant keywords and making them available to spiders to they'll be found in image searches.
Page 53
3.) Consider Shopping SearchAnother tactic to increase traffic and inbound links is to take advantage of shopping search engines. By showing up in the many places shopping search engines display their results, retailers are increasing their exposure. And since many retailers are currently not taking advantage of these listings, this exposure will give those retailers that do a competitive advantage, if only for a short time. The top five shopping search engines each had more than 20 million unique visitors in December 2006, according to comScore and self-reported numbers. Yahoo Shopping, and CNET topped 30 million unique visitors, followed by Price Grabber, Shopping.com and Shopzilla. NextTag and MSN Shopping added a combined 24 million more unique visitors, bringing the total unique visitors to the top 7 shopping search engines to 163 million last month.
Electronic Data Interchange: EDI is defined as the inter-process communication (Computer Application to Computer Application) of business information in a standardized electronic form.
Page 54
In short, EDI communicate information pertinent (Appropriate) for business transactions between the computer systems of companies, government organization, small business and banks.
Using EDI, trading partners establish computer to computer links that enable then to exchange information electronically.
EDI enables retailers and venders to place orders and pay bills electronically, reducing time & the expense of paperwork.
The primary advantage of EDI to business is a considerable reduction in transaction costs by improving the speed & efficiency of filling orders.
EDI can be used to electronically transmit documents such as purchases orders, invoice, shipping notice, receiving advices, and other standard business correspondence between trading partners.
EDI may be most easily understood as the replacement of paper-based purchases order with electronic equivalent. Essential of EDI are
1) An electronic transmission medium (VAN, Internet)2) Structured formatted message based on agreed standards3) Relatively fast delivery 4) Direct communication between application
Benefits of EDI
Two categories of benefits
1) Direct Benefits2) Strategic Benefits
Direct Benefits:
1.) Since the transfer of information form computer to computer is automatically, there is no need to re-send again and again, data is only entered at the source.
2.) Cost of processing EDI documents is much smaller than that of processing paper documents.
3.) Customer service is improved. The quick transfer of business document & marked decrease in error allow orders to be fulfilled faster.
4.) Information is managed more effectively.5.) There is improved job satisfaction among data entry.6.) EDI can also reduce postage bills.
In short, EDI reduce operating costs, administrative errors and delivery delays.Strategic Benefits:
1.) Customer relations are improved through better quality & speed of service.2.) Competitive edge is maintained & enhanced.3.) Reduction in product costs can be achieved.
Page 55
4.) Business relations with trading partners are improved.5.) More accurate sales forecasting & business planning is possible due to
information availability at the right place at the right time.
E-mail versus EDI
E-mail EDI
1.Structure of E-mail is simple & easiest way of sending & receiving mail via an network communication
The structure of EDI is more complex. comparing e-mail.
2.Either at the sending end or at the receiving end, the data are composed by, reply by or interpreted by humans
There is typically no human involvement in the processing of the information, as the interface has software to software
3. In e-mail there is no need of any specific standard to which users have to follow.
EDI must follow the some EDI standard without EDI standards transact between trading parties not take place.
4.The message is compared by a human and/or a replay is composed by a human and/or interpreted by a human
The interchange is composed by one software for interpretation by another software.
5. It is not provided much security features a the EDI documents provides
EDI provides security aspects to its customers by providing some legal issues.
6.
To use this features of internet the users have not need any complex information. They use it by only receiver & self e-mail ID address.
EDI is based on four layer architecture & at each layer there is variety of services provided.
7.
No any third party verification no any legal aspects, no any authentication are needed to the user for sending the data or receiving the data.
EDI provides security, confidentially, authority on data.
Architecture of EDI: The architecture of EDI is divided into four layers.
1) Application Layer2) Standard Translation Layer3) Transport Layer4) Physical Layer
Page 56
Application Layer
First layer of EDI defines the business applications that are used by EDI. This layer of EDI translates business application into request for quotation,
purchases orders, acknowledgment & invoices. For every company this layer is specific & also for the software that company
uses. By this layer of EDI the companies form are change into more specific format &
then it may be send to various partners of the companies. The trading partners of the company have a several software applications to handle all forms aspects.
To achieve all above activities the company must follow the EDI standards. Examples of EDI Standard are XIZ, ANSI, and EDIFACT etc.
If the sender & receivers of company want to exchange some files then requires a compatible standards of EDI.
Standard Translation Layer
This layer of EDI architecture defines the structure of business form & some content, which are related with the application layer. This layer of EDI has no mean without application layer so we can say that EDI applications & standard are interlinked.
For Ex. – EDIFACT, ANSI X12 business form standards.
Transport Layer
This layer correspondent closely with the non-electronic activity of sending a business form from one company A to company B. The business form could be sent via regular postal services, registered mail or private carrier.
EDI documents are exchanged rapidly over electronic networks using the existing e-mail program & infrastructure.
EDI document transport is more complex then simply e-mail message or sharing files through a network, a modem, or a bulletin board.
EDI documents are more structured than e-mail.
Physical Layer
This layer defined the component communication path for EDI data transaction. What ate the structure of e-commerce supported EDI in which information can
be build & what are the communications established over which EDI data transfer from one consumer to another consumer.
Page 57
How EDI works
How EDI works
1. Preparation of Electronic Documents: The first step in the sequence of EDI is the collection of information and data. In the case of companies who already use computer to issue their documents like purchases orders, they may already have some sort of database which stores those information then they can start with the next step described below.
Information /Data
Internal format
Conversion
EDI Translator
EDI envelope for document
messaging
Information /Data
Internal format
Conversion
EDI Translator
EDI envelope for document
messaging
Modem Modem Internet
&VAN
Page 58
2. Outbound Translation: The next step is to translate the electronic file or database into a standard format according to the specification of the corresponding document. The resulting data file should contain a series of structured transactions related to the purchases order for example. If more than one company is involved in the particular transaction, individual files should be produced for each of them.
3. Communication: Then the computer should connect and transmit through (VAN) automatically, those data files to the prearranged. The VAN should then process each file and route to the appropriate electronic mailboxes according to the destination set in the file.
4. Inbound Translation: The destination of company should be able to retrieve the file from their electronic mailboxes in a constant period, and then reverse the process by translating the file from the standard format into the specific format required by the company application software.
5. Processing the electronic documents: The internal application system of the destination of company can process the received documents now. All the resulted documents corresponding to the received transaction should use the same process or steps to transmit back to the transaction originator. The whole cycle of the electronic data interchange can then be completed. EDI Standards:
The need of defining standard is clear in order to assuring the success of EDI. It is
because the EDI relies on the use of standard structure and interpretation of electronic
business transaction to perform the interchange of data between all trading partners, so
errors can be reduced in the transmission of data regardless the computer system
involved.
There are two major standard widely used today which defined the syntactical
requirement for a wide variety of EDI transaction types. Virtually, almost any business
needs can be addressed within those standards. They are briefly described in below.
1) ANSI ASC X12 Standard 2) United Nations EDITFACT Standard
ANSI ASC X12 Standard: In 1979, The American National Standard Institute (ANSI) chartered a new committee called the Accredited Standards Committee (ASC) X12 to develop uniform standards for cross-industry electronic communications. It provide guideline and rules for EDI on how the data should be structured, what documents should be transmitted electronically.
The X12 standard defines a set of documents, which is referred as transaction sets, for a wide range of business transaction forms. Each transaction set is given a numeric code which is similar to the way in most of paper forms where forms numbers are assigned.
Page 59
Example:
Transaction Set Document Title Specification No.850 Purchases Order X12.1810 Invoice X12.2
United Nations EDIFACT Standards: Many Companies are required to participate in the international market and exchange electronic data over different countries. Obviously, there is a need to extent the EDI in a global basis. With the concerns of this, general authority of UN/EDI.The EDIFACT (Administrations, Commerce, and Transport) standards development is responsible by two groups of organizations. The syntax and the data dictionary are done by the international Standard Organization (ISO).
Financial EDI (FEDI): FEDI is typically setup between banks and their corporate customers allow the bank receive payment authorizations from payer