types of business or e-commerce on...

E-Business (MBA-218)BusinessBusiness can be defined as the organized effort of individuals to produce and sell for a

profit, products and services that satisfy society’s needs.

(Example of Involved Process by business: Production, Purchases, Sales,

Advertisement, Exhibition of Products, Marketing of Products, Sampling of Products

etc.)

CommerceCommerce is a negotiated exchange of valuable object (Cash, Cheque, Gold, etc) or

services between at least two parties and includes all activities that each of the parties

undertake the complete the transaction.

Example: My Person trades eggs to one of his neighbors in exchange for repairs to his

furniture.

E- Business Definition 1: E-business in the simple words is the use of internet technologies and

computing to implement business transition online to improve customer services

operation enhances the market share, attract large number of consumers, streamline

supply chain and reach existing & new customers.

Definition 2: In general the term E-business means doing any kind of business

transaction on the internet with the aid of two integrate component of E-Commerce (EDI

& VAN).

E-CommerceDefinition 1: A part of e-business; the term refers only to the activities involved in

buying and selling online, which may include identify suppliers, selecting products or

services, making purchases commitments, completing financial transactions, and

obtaining services.

Definition 2: We will define e-commerce as the use of electronic data transmission to

implement or exchange any business activity.

Example: A buyer sends an electronic purchases order to a seller. The seller then sends

and electronic invoice back to the buyer.

History of Internet 1969 : The US Department of Defense started the first network among major

research centers in US.

1971 : A total of major connection or nodes were established. E-mail was

introduced.

1973 : Defense Department started developing various forms of file transfer.

1984 : Domain Name Service (DNS), was introduced.

1986 : US National Service Foundation created Internet-based telephone lines

1987 : The number of hosts (Computer on the Internet) reached 10,000.

1988 : The number of hosts on the Internet became over 60,000.

1989 : Over 100,000 hosts on the Internet were registered.

1991 : The World Wide Web (WWW) was created by CERN in Switzerland.

(Conseil European pour la Recherché Nuclearire)

1992 : One million hosts on the Internet were found.

1995 : There were a total of 6.6 million hosts or computer on the Internet.

July 1997 : 1.3 million Domain names registered.

Dec. 1997 : 22 million servers, 40 million users on the WWW.

2000 : 110 million users and 72 million Domains Names.

2003 : 802.2 million users and 233 hosts.

Growth of Internet in India

Years Internet Subscribers Internet User

1997 25 45000

1998 250 200000

1999 359 1000000

2000 650 2000000

2001 1130 6668000

2002 1763 10684000

2003 3661 29000000

2004 4403 31723000

2005 6674 52875000

Internet Usage in India

History of E-Commerce

The term E-Commerce was derived from E-mail means conducting business online with

the help of electronic devices like personal computer, phone lines, fax machine, pager

etc. IBM was the first company who use the term internationally. During 1970, the

introduction of EFT (Electronic Fund Transfer) between banks over secure private

network changed financial changed financial market. During the late 1970 & early

1980’s, E-commerce becomes widespread with in companies in the form of electronic

messaging technologies: EDI & E-mail. The 1972, IBM used this term as ‘E-business’

and the first successful transaction is held between USA and European union in 1973

with invention of personal computers.

E-commerce refers to the paperless exchange of business information using EDI,

Electronic bulletin Boards, E-mail and other network based technologies. It not only

automates manual processes and paper transaction, but also helps organization move to

fully e-environment and change the way they operate.

Electronic commerce (e-commerce) has become a buzzword for business over the past

few years

0

10000

20000

30000

40000

50000

60000

1999 2000 2001 2002 2003 2004 2005

SubscribersUser

Total E-Commerce Transaction in India

Year Total e-commerce transaction

1998-1999 131 crore Rs.

1999-2000 450 crore Rs.

2000-2002 1400 crore Rs.

2006 (Expected) 2300 crore Rs.

Difference between E-commerce & E-Business: Internationally both the term can be interchange and having the same concepts i.e. doing

business online. However, E-Business is the term is derived from e-Commerce.

E-Commerce E-Business

1. Open System. 1. Closed System.

2. Not Secured. 2. Secured.

3. Does not involve the use of EDI. 3. Used EDI.

4. E-Commerce always operates on Internet. 4. Always operates on intranet or extranet.

5. Involve all types of commerce. 5. Involve explicitly business transactions.

6. Used for small and large transaction. 6. Used for bulky transaction.

7. amazon.com, bazaar.com are example 7. e-trade.com, e-business.com are

of E-Commerce. example of E-Business.

Main Goals of E-Commerce 1. To understand what are the need of consumer, merchants, & organization.

2. How to improve quality & quantity of goods.

3. How to increase speed of services

Need for E-Commerce

E-Commerce Is the business environment in which information for the buying, Selling

and transportation of goods and service moves electronically. E-commerce includes any

technology that enables a company to do business electronically. Some of the direct

benefits of E-Commerce are:

Improved Productivity: (Speed of Transactions with accuracy, easier access

document and information)

Cost Saving: (Check on Duplication of entries, human Error)

Streamline Business Process

Better Customer Services: Customers can enjoy the convince of shopping at any hour anywhere in the world.

Opportunities for New Business

Major Affecting Factors of E-Commerce 1. Growth of Internet: (Speed, Subscribers, Electronic Environment)

2. Govt. Policies & Laws: (Security, Computer Crime, Data Protection and Privacy,

Telecommunication Laws)

3. Consumer Awareness: (familiar with electronic media)

Function of E-CommerceE-Commerce application enables various business functions and transactions to be done

electronically:-

E-Advertising: - Advertising of Information is currently the largest commercial activities

on the web like:

a) The organization’s own web site, where information about products and the

Organization’s profile can be found.

b) Clickable Banners

c) E-Commerce portals like: www.yahoo.com

d) Newsgroup

E-Catalogs: - Electronic Catalogs are web pages offering information about the products

or services offered by the company. An e-catalog may offer information like:

http://www.yahoo.com/

a) Product attributes and characteristics,

b) Packaging

c) Availabilities,

d) Ways of Payment

e) Price etc.

E-Publishing: - The publication sector was one of the first to invest in new technologies

and especially in the Internet. Successful e-commerce efforts in relation to e-publishing

are the electronic newspapers and the independent publication through the internet.

Some of the services offered by the online publication include the following.

a) On-line reading/ browsing:

b) On-line Search

c) Customized Information Services

E-banking: - E-Banking offers remote banking facility electronically. Electronic

Banking is also known as cyber banking, on-line banking, virtual banking or home

banking. It enables web user to make purchase online and pay for the same using an

online banking facility. It is cost-effective, easy and 24-hour available way of doing

business. The services offered to customer include:

a) Bill Paying

b) Electronic Cheque Writing

c) Tracking of bank account, credit cards etc.

d) Record Keeping

E-Traveling

Shopping Services

1. Shopping Services provided by independent business who send representative to store comparison shop for specific products. A shopping service is hired by contract and will compare competitive prices or prices for the same item in competitive stores, depending on the request and needs of the client.

2. Shopping Service offered to cable television subscriber where consumer can buy products (Usually at discount) that are displayed on a special shopping services channel.

3. Shopping Service offered to subscribers of personal information services for home computer use. For example: A Company provides on-line information to subscribers. Among the many services offered by this company is one called products, Guides, Etc. From which consumers may shop and select purchases right from their own computer terminals.

Information Services: Pronounced as separate letters, and short for Information Systems or Information

Services. For many companies, Information System or Services is the name of the

department responsible for as IT and Management Information System. Information

System Support different types of decision at different levels of the organizational

hierarchy. Major types of information system include structural databases and

information management software that can include the following;

Transaction Process System (TPS)

Enterprise Collaboration System (ECS)

Management Information System (MIS)

Decision Support System (DSS)

Executive Support System (ESS)

Electronic Data Interchange (EDI):-EDI is a standard for exchanging business data or document. All trading partners must

have to agree to follow some standard for exchange information like (Payment order,

Purchases order, invoices, and bills).

In EDI the information must move without intervention among trading partners.

Supply Chain Management (SCM):-

SCM can be define as an electronic alternative to the traditional paper chain, providing

companies with a smarter, faster, more efficient way to get the right product to the right

customer at the right time and price.

Multimedia Content for E-Commerce Application

1. Multimedia content can be considered both fuel and traffic for e-commerce

application.

2. Multimedia content is the combination of text audio, video, and graphics in a

computer file document.

3. It is the natural way to communication to the people.

4. The goal of multimedia is to increase the utility of all information through the

processing & distribution of new forms such as image, audio, video.

5. Multimedia has come to means the combination of computers, television and

telephone capabilities in a single device.

Multimedia Storage Servers and Electronic Commerce Application:-

1. E-commerce requires robust server to store and distribute large amount of digital content to consumer.

2. These multimedia storage servers are large information warehouse capable of handling various content, ranging from books, newspapers, advertisement catalog, movies and games.

3. These servers serve information upon request must handle, large scale distribution, guarantee security and complete reliability.

E-Commerce Framework

Text Image

Graphics Audio

Numerical VideoData Hologram Animation

Multimedia

It is clear that e-commerce application will be built on existing infrastructure myriad of computer, communication, network and connection software framing the nascent information superhighway.

E-Commerce Application:1. Supply chain Management2. On-line Banking3. Procurement & Purchasing4. On-line Marketing & Advertisement5. Home Shopping

Figure shows variety of possible e-commerce applications, including both inter organizational & consumer oriented example none of these uses would be possible without each of the building blocks in the infrastructure.

Building Blocks in the information

1. Common business services, for facilitating the buying & selling process.2. Messaging & Information distribution, as a means of sending & retrieving

information. We frequently send & retrieve the information so these are facilities of E-commerce.

Common business services Infrastructure/Security/Authentication/Electronic Payment

The messaging & information distributionInfrastructure (EDI, E-mail)

Multimedia content & Network Publishing Infrastructure

The information superhighway infrastructure (Telecommunication, Cable TV, wireless network,

Internet

Public Policy legal & PrivacyIssues

(Cyber Law, IT Act 2000)

Technical Standard for e-document s, multimedia &

Network Protocols

3. Multimedia content & network publishing for creating a product and a means to communication about it. The e-commerce related website has the information about the products and its design.

4. The information superhighway- The very foundation for providing the highway system along which all e-commerce.

The Two pillars supporting all e-commerce applications & infrastructure are just a indispensable.

1. Public Policy, to govern such as universal access privacy and information pricing.2. Technical Standard- To dictate the nature of information publishing, user

interface and transport in the interest of compatibilities across the entire network. Information can be access by any type of devices which consumer choose & support any type of Operating System.

Difference between E-Commerce & Traditional System

S.No. Basis E-Commerce Traditional

1 Reduce the data error

It does not involve data at multi points. With E-commerce data goes directly from one to another computer without involving human being.

The buyer & Seller create purchases order on their system print it or fare it or mail to receiver. The receiver then re-enter the same information on the computer. This will create the error.

2 Reduce Cost

Initial cost of e-commerce is very high as compared to paper process but over a long period of time it is very effective.

As time is money, time is directly linked to saving the money. In it there is a repetition of same work at every level. So it involves a lot of time and if the error is arisen that will lead to more wastage money.

3 Reduce Paper Work

E-Commerce data in the electronic form makes it easy to share it across the organization.

It requires re-entry of data at each level and requires lot of time. So the peak time is wasted in re-entering and printing of the reports.

4 Reduce ProcessCycle Time

E-commerce reduces the processing cycle time of complete cycles as the data is entered the system it is simulating process.

In Traditional System, when the buyer order in a paper format, the data is re-entered into the seller’s computer and then only processing can take place which is a time consuming and full commitment.

What is required in order to conduct E-Commerce?

Number 1-3 below are the components that you will need to conduct E-Commerce, and number 4-5 are optional depending on how you intend to accept payment,

1. You need a commercial website.2. You need products or services that you plan to sell through your website.3. You need a shopping cart system or an order form that your customers can use to

shop for and purchases what you are selling.4. If you plan to accept credit cards as payment, you will need a credit card merchant

account.5. If you plan to process credit cards in real time over the web, you will need an

online payment gateway.

*** Website: It is collection of web pages which are linked each other.

*** Shopping Cart: A piece of software that keeps a record of the choices you making during an online buying session.

*** Gateway: It is a software program used to connect two networks using different Protocols so that they cam transfer data between the two network.

*** Electronic fund Transfer: It is transfer of money between financial institutions over secure private networks.

Electronic Markets

Direct Transaction

Low Transaction Cost

Direct Access to Market

New Business

Manufacturers Dealers Open

Market

Industry’s Perspective

Consumer’s Perspective

Shopping Mall

Variety of Merchandise

Shopping Worldwide at Home

Assets Management

Job hunting at home

Labour Markets

Quick Shopping

Consumers

Financial Market

Electronic Market

Improving Quality of Life Enterprises

Households

Governments

Resource & Energy Savings

Economic Growth in Developing Countries

Enhancing International Free Trade System

Decreasing Unemployment

Impact on the society

Private Gateway

E- Commerce Entities

Online Consumer

Merchant

WebSite

Internet

Online Transaction Server

Processing Network

AcquiringMerchant

Bank

Issuing Consumer

BankI n s t i t u t e sG o v e r n m e n t

M e r c h a n t sM a n u f a c t u r e s

S u p p l i e r sC o n s u m e r

N e t w o r kC o r p o r a t e

I n t e r n e tC o m m e r c i a l

P r o c e s sM a r k e t i n g

S a l e sP a y m e n t

E-C

omm

erce

Component of E-Commerce

Advances services and home banking

On-Line Shopping Services

Consumer Home

BankServer

Bill PaymentInter bank clearing house

Real –time financial information

(Stock ticker)

Investment vehicles (bonds, mutual funds)

Gateway

Consumer

Merchant or Commerce ServerTransaction ManagementSecurityReturn Management Settlement

Protocol Conversion over or Private Stand-in authorization/ ManagementSecurity

Acquiring Bank/Banking Network

Card Information, checking account Info, Receipt Management, Security

Browser:

A View of Internet Payment Process

Other CommunicationBetween the bank &

customer

Verify

On-line Credit Card Transaction

Simplified on-line mercantile model

Processor

Customer

Merchant

Customer Bank

Encryption Software

Credit Card Processor

Third Party

MonthlyStatement

18

28

728

328

6328

4328 5

4328

What is Electronic Payment System (EPS)?

The Electronic fund transfer of money between financial intuitions over secure private network.

Making Payments on the internet are essentially electronic version of the traditional payment systems. But in the electronic payment everything is digital and it is designed to handle electronically, no change and/or old currency problems!

Electronic Payment System is more sure faster payment systems which serve its customer fast and low cost services.

Advantage of Electronic Payment System

1. EPS is not bounded by region boundaries so that fund can transfer anywhere. 2. It is secure method of fund transfer. It provides faster services compare to

conventional payment system. 3. It provides services not only to big organization, bank, business transaction but

also to users and consumers for online shopping & marketing at very low cost.4. It provides various way by which a customer can make payment such credit card,

digital cash, debit card etc.

Issues Involves in EPS

PaymentInstitution

Merchant Customer with need

(1) Buy Request (2) Remittance Request

(4) Delivery (3) Approval

1. The selection of the mode of EPS which is chosen by consumers in which customer must satisfy for example- E-Cash, E-Cheque, Credit Cards and Debit Cards.

2. In online market, how can we manage the financial risk associated with various payment instrument- Privacy, Frauds and Mistakes as well as other risks like bank

3. What are the step-by-step procedure & institutional arrangements that from the fabric of the electronic payment business process that link consumer and organization?

Types of E-Payment System

Three categories of EPS:1) Banking & Financial Payments:

Large scale or whole payment (e.g. bank to bank transaction) Small scale or retail payment (e.g. ATM)

2) Retailing Payments: Credit Cards(VISA or Master Cards) Private label credit/debit cards Charges cards(e.g. American Express)

3) Online E-Commerce Payments: E-Cash E-Cheque

Digital Token – Based Electronic System

In a traditionally system, their deficiency is their assumption that the parties will at some

time or other’s physical presence or that will be a sufficient delay in the process for

frauds, overdrafts and other undesirables to be identified and corrected.

Entirely new forms of financial instruments are also being developed. One such new

financial instrument is “Electronic Tokens” in the form of electronic Cash/Cheque.

Simply stated, electronic tokens are equivalent to cash that is backed by a bank.

Electronic tokens are of three types:

1. Cash or real-time: Transaction are settled with the exchange of electronic

currency. An example of on-line currency exchange is electronic cash (e-cash).

2. Debit or prepaid: User pay in advance for the privilege of getting information. Examples of prepaid payment mechanism are stored in smart card and electronic purses that store electronic money.

3. Credit or postpaid: The server authenticates the customers and verifies with the bank and funds are adequate before purchases. Examples of postpaid mechanism are credit/debit cards and electronic Cheque.

Certificate Authority

Certificates Authority is issued to companies and organizations that are accessible via the

internet. They are issued for certain period of time and are used as a guarantee of the

security of a web site.

Digital Certificate

Digital certificate is defined as a method to verify electronically for authenticity. The

digital certificate equivalent of positive identification, such as a driver’s license.

Issued by various certificate authorities, digital certificates are used to prove that a

website, or a visitor to a website, is the entity or person they claim to be: An electronic

credential issued by a certification authority to establish the identity of an organization

when doing business on the internet.

Contents of digital certificate

It includes

Holder’s Name, organization, address. The name of certificate authority. Public key of the holders for cryptographic use. Time limit, these certificates are issued for 6 month to a year long. Digital certificate identification number.

Electronic Cash

Electronic cash is a form of electronic payment system which is based on encryption; it

means it is a secure payment system. Security of e-cash is measures by digital signature.

It uses a pair of key for locking & unlocking fund.

Locking key is used for encoding of a message into a cipher text. The encoding

key is kept private and the decoding key is made public.

By supplying all customers (buyers & sellers) with its public key, a bank enables

customers to decode any message or (currency) encoded with banks private key.

Purchasing E-Cash from Currency Servers or e-mint

The purchase of e-cash from an on-line currency server (or bank) involves two steps.

1. Establishment of an account 2. Maintaining enough money in the account to back the purchases.

Working of E-Cash

The e-cash transaction take place in three district and independent phases as discussed below:

7. Credit Merchant a/c

6. Return E-Cash

3. Send E-Cash

E-mint

Consumer’s Bank

Merchant’s Bank

ConsumerMerchant

1. Request to obtain cash

2. Transfer Money

4. Send E-Cash

5. Delivers Goods

Phase- 1: Obtaining Electronic cash:

1. The consumer requests his/her bank to transfer money to the e-mint to obtain e-cash.

2. The consumer bank transfers money from the consumer’s a/c to the e-mint.3. The e-mint sends e-cash to the consumer. The consumer servers his/her cash.

Phase- 1: Purchasing with Electronic cash:

4. The consumers select the goods and transfer the e-cash to the merchant.5. The merchant provides the goods to the consumer.

Phase- 3: Redeeming Cash by the Merchant:

6. The merchant may sent the e-cash to its bank and the bank in turn redeems the money from the e-mint.

7. The e-mint transfer money to the merchant’s bank for crediting the merchant’s a/c.

Properties of E-CashFollowing four properties

1) Monetary value: (E-cash created by one bank and accepted by others)2) Interoperability: (Exchangeable as payment for other e-cash, paper cash, goods, services. )3) Retrieval & Storage4) Security: (E-cash should not be easy to copy)

Advantage Best suited for small transactions. Authentication is not an issue who pay’s is not important as long as a

merchant gets his payment.

Operational risk associated with e-cash1. The time over which given money is valid.2. How much can be stored on and transferred by electronic money.3. The no. exchange that can take place before a money needs to redeposit with a

bank or financial institutional.4. The number of such transactions that can be made during a given period of time.

Electronic Cheque:

Electronic Cheque has all the same features as a paper Cheque. It functions as a message to the sender’s bank to transfer funds, the message is given to the receiver, who in turn endorses the Cheque and presents it to the bank to obtain funds.

Working of E-Cheque

Phase-1: Purchasing Goods

1. The consumer accesses the merchant server and the merchant server presents its goods to the consumer.2. The consumer selects the goods and purchase them by sending an electronic Cheque to the merchant.3. The merchant may validate the electronic Cheque with its bank for payment authorization.4. Assuming the Cheque is validated the merchant closes the transaction with the consumer. Phase-2: Depositing Cheque at the merchant’s bank:

1. The merchant electronically forwards the Cheque to the bank.2. The merchant bank forwards the e-Cheque for clearing house for cashing. 3. The clearing house with the consumer bank, clears the Cheque and transfers money to the merchants bank, which updates the merchant account.Smart Card:

7. Forward Cheque

6. Forward Cheque

5. Forward to bank

3. Validate Cheques

1. Access and Browser

Merchant’s BankConsumer’s Bank

ConsumerBrowser

Clearing House

MerchantSystem

4. Close Transaction

2. Select goods pay e-Cheque

8. Account Update

Smart cards are credit and debit cards and other card products enhanced with microprocessor, capable of holding more information than the traditional magnetic stripe. Most of these methods are known as stored value cards or electronic purse system. Units of prepayment or currency value are electronically stored on an IC chip imbedded in these cards.

Smart cards are basically of two types: Relationship-based smart credit card and electronic purse. Electronic purse, which replace money, are also known as debit cards and electronic money.

Relationship-based smart credit card: A relationship-based smart card is an enhancement of existing card services and/or the addition of new services that a financial institution delivers to its customers via a chip-based card or other device. These new services may include access to multiple financial accounts, balance inquiry and other information cardholder may want to store on their card.Working :( Access multiple accounts, such as credit, debit, investments or stored value for e-cash, on one card or electronic devices)

Electronic Purse and debit cards:E-Purse is wallet size smart card embraced with programmable microchip that store monitory value in form of money. The electronic purse works in the following manner. After the purse is loaded with money, at an ATM or through the use of an inexpensive special telephone, it can be used to pay for example Candy in a vending machine equipped with a card reader. The vending machine is authentic and there is enough money available for a chocolate bar.

Credit Card:

The credit card transaction simply requires that the consumer have a valid credit card number and expiry date when placing an order. This information has been provided through standard internet option like e-mail/sms.In credit cards may used a long with a personal information number (PIN). The pin is a secret code that the consumer must enter while using the credit card online. As such, it prevents misuse of the card in case it is stolen.

Working of Credit Card:

Phase:1 Purchases of goods: transaction starting from 1-4.Phase:2 Settlement of transaction from 5-6.Phase:3 Consumer update of credit card bill in the transaction number.

Working of Credit Card:

3. Request and obtain

credit authorization

5. Provide credit and

receipt

4. Close Transaction

1. Access Home page

2. Select goods, make credit card payment

Card Issuer Merchant’s Bank

Consumer(Browser)

Merchant

6. Forward receipt and obtain payments

E-Security

A security threat is define as a circumstances, condition, or event to cause economic hardship to data or network resources in the form of destruction, disclosure, and modification of data, denial of services and/or fraud & waste.

In addition, organization must be concerned with the inherent security threats associated with business over the web such as:

1. Unauthorized user access2. Tampering and eavesdropping

Processor

Customer

Merchant

Customer Bank

Encryption Software

Credit Card Processor

Third Party

MonthlyStatement

18

28

728

328

6328

4328 5

4328

To overcome this strong network security solution is essential which can transparently and automatically control the access of corporate intranets or extranets. The solution must provide identification and authentication of users, encryption of all traffic from the application to the user, and access control to all information.

E-Security can be divided into two parts:

1) Client-server network security2) Data & transaction security

Client-server network security: Client server security ensure that only authorized users can access to information resources.

a) Physical Security: When unauthorized user gain physical access to computerb) Software Security: When program/software is comprised into doing thing

they should not.c) Inconsistent Usage: When administrator assembles combination of Hardware

& Software such that the system is seriously flowed from a security point of view.

To reduce these security threats, various protection methods are used. Protection-also called authorization or access control.

Protection methods are:-1) Trust-based security2) Security through 3) Passwords Schemes4) Biometric System

A) Trust-based security: Trust based security means to trust everyone & do nothing extra for protection and there is not access restriction on any kind of data access. All users work in a network can shared information, this approach assume that no any user make an expensive break as detection of files or modification of data or unauthorized access of data Now a days this approach do not work, it used in past.

B) Security through Obscurity: Any network can be secure as long as nobody outside its management group is allowed to find out any thing about its operational details.

Hiding account password in binary files or script so that “nobody will ever find them”.

But its usefulness is minimal in the UNIX world. Where users are free to move around the file system, have a great understanding of programming techniques.

They can easily guess at the bits of knowledge considered confidential. These bypass the whole basis of STO and make this method of security useless.

C) Password Schemes: One security is password schemes. However it can also break when we use some common words or names for password.

The simplest method used by most hackers is dictionary comparison. Comparing a list of encryption user passwords against a dictionary of encryption common words. This schemes often works because users tend to chose relatively simple or familiar words as passwords as passwords.

As a solution we use mixed-case passwords containing at least one non alphanumeric character & changing passwords every 60 to 90 days

We can also include one time passwords, smart card randomized tokens.

D) Biometric System: Biometric system involve some identical aspects which related to human body such as compare the finger prints, palm prints and voice recognition. Biometric Systems are very expensive to implement. Biometric System use one to one relationship and one to many relationships.

Data & Message Security:Transaction securities have two parts:

I) Data Security II) Message Security

Data Security: Data securities suffer from packet sniffing.

Sniffing attack begin when a computer is compromised to sharing some data or program.

Cracker starts to install packet sniff into data that monitors the networks sniffer program to attack on network traffic, telnet, FTP.

Session that legitimate user initiate to gain access to another system. The session contains the login ID, password and user no. of the person

logging into other machines, all this necessary information a sniffer needs to login into machine.

Message Security:

Threats to message security fall into three categories

a) Confidentiality b) Integrity c) Authentication/Identification

a) Message Confidentiality: Confidentiality is important for user sensitive data such as credit card number. This requirement will be amplified when other kinds of data such as employee records, government files and social security number, begin traversing the nature.

b) Message Integrity: Content of transaction must be unmodified during transport.

It must be clear that number one has added, delete or modified any part of the the message.

Error detection codes or checksum, sequence no., and encryption techniques are methods to enhance information integrity.

Sequence number prevents recording, loss or replaying of message by an attacker. Encryption technique such as digital signature can detect modification of a

message.

C) Message Sender authentication/identification

For e-commerce, it is important that clients authenticate themselves to servers that servers authenticate to clients, that both authenticate to each other.

Authentication in e-commerce basically requires the users to prove his or her identify for each requested service.

Third-party authenticate services must exist within a distribution network environment where a sender can not be trusted to identification itself correctly to a receiver.

Client-Server Security Threats:

These threats can be divided into two major categories. 1) Threats to client2) Threats to server

Threats to client

1) Client threats mostly arise from malicious data or code, Malicious code refers to viruses, worms, Trojan horses and deviant.

Virus: A code segment that replicate by attaching copies of itself to existing executable (EXE files). The new copy of the viruses is executed when users executes the host programs some viruses displaying a text string or delete all files on the hard disk on a particular date.

Trojan Horse: A program that performs a desired task but also includes unexpected functions.

Example: Editing program for multi-user system. This program could be modified to randomly delete one of the user’s file.

WORM: A self replicating program that a self continued & does not require a host program.Clients must scan for malicious data & executable program fragment that are transferred from the server to the client.

Threat to servers

Threat to server consist unauthorized modification of source data. Unauthorized eavesdropping Modification of incoming data packets.

Eavesdropping: Hackers can use electronic eavesdropping to trap user names & unencrypted password sent over that network. It is difficult to delete that some one is eavesdropping encryption can prevent eavesdropping from obtaining data traveling over unsecured network. Denial of Services: It is two types.

1) Service Overloading 2) Messaging Overloading

Service Overloading: One can easily overload a www server by writing a small loop that sends requests continually for a particular file for example: A home page.

Message Overloading: Occurs when some one sends a very large file to a message box every few minutes. The message box rapidly grows in size & begins to occupy all space on the disk and increase the no. of receiving process on the recipients’ machine & causing a disk crash.

Packet Replay: Refer to the recording & retransmission of message packets in the network. Hacker could replay legitimate authentication sequences message to gain access to a secure system.

Packet Modification: Integrity threat, involve modifying a message packet or destroyed the message packet.

IP Spoofing: A technique where an attackers attempts to gain unauthorized access through a false source address to make it appear as though communication have originated in a part of the network with high privileges. Some Security threats & SolutionsThreats Security Function TechnologyData intercepted, read or modified illicitly

Encryption Encoder data to prevent tempering

Symmetric and Asymmetric encryption

False identify with an intension of fraud

Authentication Identity verification of both sender & receiver

Digital signature

Unauthorized user on one network gains access to another

Firewall Filter and prevents certain traffic from entering the network or server

Firewalls:Virtual private nets

Encryption as the basis for data & messaging security:

Encryption is a cryptography technology to scramble (encrypted) the data with a key so that no one can make sense of it while its being transmitted. When data reaches its destination, the information is unscramble (decrypted) using same or different key.

Cryptography: The terms used commonly in a cryptography system are as follows:

Intruder: Intruder is a person who is not authorized to access the information or th network.

Plain Text: Intelligible message that is to be converted into unintelligible message (Encrypted message).

Cipher Text: Message in an encrypted form.

Example:

(Encrypt Form) (Decrypt Form)

Plain Text Algorithm Cipher Text Algorithm Plain Text

Goods Next Two Word Iqqfu Previous Two word Goods

Sales Previous One Word rzkdr Next One word Sales

Encryption: Process of converting plain text to cipher text.Decryption: Process of converting cipher text to plain text.

Algorithm: A cryptography algorithm is a mathematical function.Key: String of digits.

There are two type of cryptography or methods of encryption

Secret key or symmetric key Public key or asymmetric key

Secret key: In this scheme, both the sender and recipient possess the same key to encrypt and decrypt the data.

Example: DES: (Data Encryption Standard)

For example message A encrypts a message with secret key & e-mails the encrypted message to B on receiving the message, B checks the header to identify the sender & takes out the duplicate of the secret key, B then uses the secret key to decrypt the message.

Shared key techniques suffer from the problem of key distributions since shared keys must be securely distributed to each pair of communicating parties.

The i) Generation ii) Transmission & iii) storage of keys is called key management.

In a business environment where a company deals with 1000 of on-line customers, it is impractical to assume that key management will be flawless.

Drawbacks Both parties must agree upon a shared secret key. If there are “n” correspondent one have to keep track of n-different secret keys. If

the same key is used by more than one correspondent, common key holders can read each other’s mail.

Symmetric encryption schemes are also subjected to authenticity problems. Because, sender & recipient have same secret key identity of originator or recipient can not be proved. Both can encrypted or decrypted the message.

OriginalMessage

EncryptedMessage

EncryptedMessage

OriginalMessage

Secret Key Encrypt

Secret Key Decrypt

Internet

Public Key Cryptography

This scheme operates on double key called pair key one of which is used to encrypt the message and only the other one in the pair is used decrypt. This can viewed as two parts, one part of the key pair, called private key known only by the designated by the owner, the other part, called the public key, is published widely but still associated with owner.

Schematic diagram of Asymmetric Encryption

Encrypting & decrypting

Data encrypted with public key can only be decrypted with private key. Data encrypted with private key can only be decrypted with public key.

Strong points of this scheme The key can be used in two different ways:

1. Message confidentiality can be proved: The sender uses the recipients public key to encrypt a message, so that only the private key holder can decrypt the message, non other.

EncryptedMessage

Original Message

Original Message

EncryptedMessage

Internet

(Cipher Text)

(Cipher Text)

Public Key Encrypt

Private Key Decrypt

2. Authenticity of the message originator can be proved: The receiver uses his private key to encrypt a message, to which only the sender has access. 3. Easy to distribute public key: Public key of the pair can be easily distributed.

Person “Y’s” Private Key

Person “Y’s” Public Key

EncryptedMessage

Original Message

Original Message

EncryptedMessage

Internet

(Cipher Text)

(Cipher Text)

Encrypt

Decrypt

Person “X”

Person “Y”

Firewalls:

The term firewall is a method of placing a device a computer or a router-between the network and the internet to control and monitor all traffic between the outside world & the local network.

A firewall system is usually located at a gateway point such as a site’s connection to the internet.

A firewall is simply a barrier between two networks-in most cases an internal network often called the trusted network and case an external network called untrusted.

Firewalls examine incoming & outgoing packets according to a set of policies defined by administrator either let them through or block them.

Firewall Policy: Firewall generally implement one of two basic design policies.1) Premises Approach2) Restrictive Approach

Internet

40,000 networks-no. of

hackers?

EnterprisesLANOr

WAN

Firewall by pass should not

be allowed

Permissive Approach: Allows all the services to pass the site by default, with the exception of those services that the network services access policy has identified as disallowed. Restrictive Approach: A firewall that implement the second policy denies all services by default, but then passes those services that have been identified as allowed.

The first policy is desirable, since it offers more a venues for getting around the firewall.

Second policy follows the classic access model used in all areas of information security.

Certain service, such as FTP, Archie & RPC are difficult to filter, for this reason, they may be better accommodated by a firewall that implements the first policy.

The second policy is stronger and safer, but it is more restrictive for users.

Types of Firewall: Two types of firewalls

A) Static FirewallB) Dynamic Firewall

Static Firewall: Static firewalls are generally pre-configured and they allow or deny the access from the outside world by default. Default allows the inbound traffic, in such a mechanism only the specified user will be denied access to the network of the enterprises. In the default deny policy, only the specific users who display their authentication are permitted to access the network.

Dynamic Firewall: The dynamic firewall uses allow and denial of services policy at the network on the time basis.

Some service on the network may be allowed and other may be denied for a specific time interval.

The configuration of such firewall is slightly more complex.

Now a day’s firewall can be implementing in two ways:-1) IP packet screening routers.2) Proxy Application Gateways.

1) IP packet screening routers: This is a traffic routing service placed between the network service

provider’s router & the internal network. The firewall router filters incoming packets to permit or deny IP Packets

based on several screening rules. It examines the source & destination addresses & port of incoming TCP &

UDP packet & denies or allows packets to enter based on a set of predefined rules.

Packet filter are inexpensive but relatively complex process.

It usually requires precise knowledge of network, transport and sometime

even application protocols.

Another problem with is packet filters is that they are susceptible to IP

spoofing; A tricky hackers can gain access to a corporate network by

changing IP address in packet headers to ones that are acceptable.

Public Internet

Secure firewall with IP packet screening router

Proxy Application Gateways:

A proxy server application gateway is a special server that typically runs on a

firewall machine.

Instead of directly talking to external WWW servers, each request from the

client would be routed to a proxy on the firewalls that is defined by the users.

The proxy waits for a request from inside the firewall, forwards the request to

the remote server outside the firewall, forwards the request to the remote

server outside the firewall reads the response & then returns it to the client.

Sample Screening Rules: Protocols (TCP, UDP) Source IP address (Domain.edu) Target TCP port 80 (WWW only)

IP Packet screening router

Public Internet

Digital Signature: E-Commerce business transactions for authentication the digital signature are used. The authentications refer the legal, financial & other document related issues.

Digital Signature is just like hand written signature which determined presence & absence of authentications.

The digital signature consist of two parts

1. Signature in the document: Signer authentication 2. Document Authentication

Signer Authentication: A signature should indicate who signed a document, message or record and should be difficult for another person to produce without authorization.

Document Authentication: A signature should identify what is signed. Sender can not remove the content of messages after signing it. The receiver can not do any change in the message.

Hash Function: It is a formula that converts a message of a given length into a string of digits called a message digest.

(Hash function Message digest) Digital Signature

Working: X sends the message to Y Sender Receiver

Encrypt With sender’s private

key

X Y

Proxy server on the firewall machine that connect to the external internet

Web HTTPServer

FTPServer

GopherServer

Telnet Server

USENET news Server

Client inside the Firewall

Secure subnet inside the firewall security perimeter

1. Sender generates a message.

2. Sender creates a “Message digest” of the message by using Hash Function.

3. Sender attaches the digital signature to the end of the message.

4. Sender encrypts both message & signature with receiver’s public key.

5. Receiver decrypts entire message with own private key.

6. Receiver calculates the message digest using hash function.

(Receiver uses the same hash function as that of sender used, which was agreed upon

before hand)

Advantage: Unauthorized persons can access to the public key of X person, but can not have his hash function, which makes the digital signature authentic.

Types of E-Commerce or E-Commerce Transaction Model

Business to Consumer (B to C)Business to Business (B to B)Consumer to Business (C to B)Consumer to Consumer (C to C)

Business to Consumer: B2C, E-Commerce offers consumers the capabilities to browse,

select and buy merchandise online from a wider verity of sellers and at better prices. The

B2C of electronic commerce transaction is ideally suited for the following type’s

merchandise.

Goods that can be easily transformed into digital format, such as book, music, clips and videos and software packages.

Items that follow standard specification like printer. Ribbon, ink cartridge etc. Highly rated branded items or items with return security: such as Compaq

computers, e-gadgets Sony etc. Items sold in packet that can not be opened even in physical stores e.g. Kodak

film rolls. Item that can be experienced online, such as music, videos etc.

Example: http:\\ www.dell.com , http:\\ www.mustafa.com.sg

How does B2C Work?

1. Customer identifies a need2. Searches for the product or services 3. Selects a vendor and negotiates a price4. Receives the products or services5. Makes Payment 6. Gets services and warranty claims

Business to Business: B2B, electronic commerce facilitates inter-organizational

interaction and transaction. This type of E-commerce requires two or more business

entities interacting with each other directing, or through intermediary.

Application of B2B:

1. Inventory Management 2. Channel Management 3. Distribution Management4. Order fulfillment & delivery 5. Payment Management

http://www.mustafa.com.sg/

http://www.dell.com/

The B2B electronic commerce can be following type:i) Supplier orientedii) Buyer orientediii) Intermediary oriented

Supplier oriented:A supplier sets up the electronic market place. Number of customer/buyer

business interacts with the supplier at its electronic commerce marketplace. Typically, it is done by a dominant supplier in the domain of products its supplies.

Buyer oriented: In buyer oriented electronic commerce, major businesses with high

volume purchases capacity create an electronic commerce marketplace for purchases and gaining by starting a site on their own. The online e-commerce marketplace is used by the buyer for placing request for quotations and carrying out the entire purchases process.

Intermediately oriented:In buyer oriented e-commerce, in the business to business context, a third

party set up the electronic commerce marketplace and attracts both the buyer and seller businesses to interact with each other. The buyers and seller, both benefits from the increased option in terms of pricing, quality, availability and delivery of goods.

Relation between B2B and B2C models.

Summary of E-Business Transaction Models

Model Description Example

B2C Sells products or services directly to consumers. amazon.com, autobytel.com, eDiets.com, pets.com,

B2BSells products or services to other businesses or bring multiple buyer & seller together in a central marketplace.

metalsite.com, verticalnet.com, shop2gether.com

B2G Business selling to local, state and federal agencies. igov.com

C2C Consumer sell directly to other consumers ebay.com, inforocket.com, baazee.com

C2B Consumers fix price on their own, which businesses accept or decline. priceline.com

Manufacturer Distributor Retailer ConsumerRaw MaterialProducer

B2B B2C

Consumer to Consumer (C2C)

C2C e-business model, consumers sell directly to other consumers via online classified

advertisements and auctions or by selling personal services or expertise online.

infoRocket.com, one of the first question and answer marketplaces, is driven by a person

to person auctions format.

Consumer to Business (C2B)

The C2B model can be described as a form of e-commerce where, the transaction,

originated by the customer has a set of requirement specifications and specific price for

merchandise.

Mobile Commerce

Mobile Commerce stands for electronic commerce made through mobile devices.

M-commerce is defining by following ways

“M-commerce is the use of mobile devices to communicate inform, manage & entertain using text and data via a connection to public & private network”

(by Lehman brother)

“Business to consumer transaction conducted from a mobile device” (by J.P. Morgan)

“Mobile commerce refers to any transaction with monetary value that is conducted via a mobile telecommunications network” (by Durlacher)

MobileInfo.com: Define m-commerce as “any electronic transaction of information

interaction conducted using mobile device and mobile networks (wireless or switched

public network) that leads to transfer or real or perceived value in exchange for

information, services or goods”

Typical Example of m-commerce:1) Purchasing airline tickets2) Purchasing movie tickets3) Restaurant booking and reservation 4) Hotel booking & reservation

M-Commerce is currently mainly used for the sale of mobile phone, ring tones and games as well as video and audio content, including full length music tracks.

Other services include the sending of information such as cricket scores via SMS.

Currently the main payment methods used to enable m-commerce:

Premium-rate calling numbers. Charging to the mobile telephone user’s bills or Deducting from their calling credit either directly or via reverse-charged SMS.

Separating Mobile Commerce form E-commerce

Technology E-Commerce M-Commerce

Device Personal Computer Cellular phones, pagers

Operating System Windows, Unix, Linux Pocket PC, Palm OS.Presentation Standard HTML HTML, WML, i-mode

Browser Ms Internet Explorer, Netscape Navigator.

Nokia Browser, Ms Mobile Explorer

Possessor Network TCP/IP & Fixed wire line Internet

GSM, GSM/GPRS, TDMA, CDMA

Mobile Computing Framework

Application of M-Commerce

1. Wireless delivery technology and switching methods(Cellular, radio, paging, satellite and wireless LAN)

2. Mobile information access devices(Laptop, notebook, other portable computers and mobile phones)

3. Mobile data internetworking standard & equipment(No any interruption in between Bridge or Tunnels)

4. Mobile computing-based business application(Inventory & Package tracking and retail point of sale)

(Most frequently mentioned include mail-enabled application & Information or data services to mobile users.) )

1. Goods: There can be two type of domain like business to business and business

to Consumer. For example a vendor can sale to consumer or to another vendor.

2. Service: Again services can be business to business and business to consumer.

For example a company can provide services directly to consumer or to another

company.

3. Information: Information services can be paid to consumers or to other

companies. The second aspect is advertising.

Goods Services Information

Bus

ines

s to

Con

sum

er

ShoppingVendingTrading

Paid- Information

Advertising TicketingE-CashBanking

Discount and LoyaltySchemes

Gaming andGambling

Bus

ines

s to

Bus

ines

s

Limitations of Mobile-Commerce

1. Lack of consumer awareness about mobile commerce.2. M-commerce operating system and platform (other software) is not as easy as

well as desktop software’s.3. Weak processor4. Limited memory5. Tiny screens and poor resolutions6. Typically to enter data entry.

Security Issues Pertaining to Mobile Commerce

1. To make the radio path as secure as the fixed network, this implies obscurity and confidentiality to protect against eavesdropping.

2. To have strong authentication to protect the operator against billing fraud.3. To prevent operators from compromising each other’s security, whether

unintentionally or because of competitive pressures.

On the other hand, a security process must not: Significantly add to the delay of the initial call set up. Allow for increased error rates, or error broadcast. Add unnecessary complexity to the rest of the system. Be-cost ineffective.

ProcurementTrading

Wireless Application: A Wireless is software that runs on a wireless device that exchanges content over a wireless network. The actual wireless applications are distinguish from one another based on the wireless devices, network, and application families. This can be summarized as:

Web Phones: The most common device is the internet ready cellular phone, which call a web phone. Most web phones work only when they have a network connection. Newer advanced web phones can run application.

Wireless Handles: Another common devices, the wireless handheld, such as a Palm, can also message and use a Micro browser.

Two way Pagers: A device used often in business is the pager. The most popular is the two way pager because it lets you receive and send a message as well as use micro browser.

Voice Portals: A recent advance is the voice portal, which lets you have a conversation with an information service by using a kind of telephone or mobile phone.

Communication Appliance: Such electronic devices are fitted with wireless technology that can participate in the Internet. Example includes wireless cameras, watches, radio, pens and many other devices.

WAP (Wireless Application Protocol): WAP provides web contents to small-area display devices in mobile phones. The service providers format contents in the WAP format. WAP was invented and is driven by WAP Farum- a group originally formed by Nokia, Ericssin, Motorola and phone.com in 1997. WAP is a group specification that offers a standard method to access Internet based content and services from wireless devices such as mobile phones etc.Wireless Technologies

Time Division Multiple Access (TDMA): TDMA is a digital transport that divides the frequency range allotted to it into a series of channels. Each channel is divided into time slots. Each conversion within that channel gets a time slot; hence the term “division” in the name.

GSM- (Global System for Mobile Communication):- GSM is one of the most popular mobile communication standards. It is the first digital cellular system to be used commercially. GSM Communication uses cellular networks.

Mobile communication using a cellular network

C1 C2 C3

C5 C6

C4

C7

GSM is a second generation (2G) communication standard. GSM provide integrated services for voice and data. GSM cell phones require SIM (Subscriber Identity Module) cards for their operation. SIM is a smart card that identifies the user terminal by inserting the SIM card into the terminal, the user can have access to all the subscribed services without SIM card, the terminal do not work. The three kinds of services delivered by a GSM system are teleservices, supplementary services and bearer services.

General Packet Radio Services (GPRS): GPRS is a speed enhanced data transmission services designed for GSM system. GPRS is a packet oriented service for mobile stations data transmission and their access to the internet.

Code Division Multiple Access (CDMA): CDMA is used as multiplexing method in many mobile telephony system. CDMA is an air link interface coding scheme, where in multiple subscribers are granted access to the same radio frequency source by assigning subscriber’s transmitted and received signals a spectrum- spreading code. A code transmitter assigns a unique code to each wireless connection and then broadcasts its data out on the channel simultaneously with all other connections.The receiver is able to decode each conversation by deciphering the unique code assigned to each connection.

Teleservices

Telephone/FAX Voice full 13 kbps SMS up to 160

Character MMS-GIF, JPG Video Text Access

Supplementary Services

Call Forward Caller line ID Call hold Call Waiting Call Charge

Advice

Bearer Services

Full Duplex Synchronous &

asynchronous

E-Commerce & Banking

Electronic Banking also known as electronic fund transfer (EFT), use computer and electronic technology as a substitute for checks on paper transactions.

Electronic banking provides any time; anywhere access to cash through an automated teller machine (ATM) or direct deposit of e-Cheque into your saving accounts.

Now, In current scenario, technology is changing between banks and their consumers.

In particular technology innovations have enabled the following capabilities:

1. Online delivery of bank brochures and marketing information.2. Electronic Access to bank statements3. Abilities to request the transfer of funds between accounts.4. Electronic bill payment and presentations.

These online capabilities increase the facilities and speed of retail banking.

What is Mobile Banking?

Mobile Banking is a service that allows you to do banking transactions on your mobile phone without making a call, using the SMS facility.

How is this different from making a call on my mobile phone or using Phone Banking?

The difference between making a call on your mobile and sending a text message are as follow:

You are not required to dial a number; you send a text message i.e. a coded message to the SMS Centre of your Cellular Service Provider.

Bank does not charge anything for this service. However, the cellular service provider may charge a nominal charge for the SMS facility.

In Mobile banking, you actually see your banking transaction on your mobile phone screen as opposed to hearing a message through the phone.

How does mobile banking work?

Mobile banking works on the “Text Message Facility” also called the SMS that is available on mobile phones. This facility allows you to send a Short Text Message from your mobile phone instead of making a phone call.

All you need to do is type out a short text message on your mobile phone and send it out to a pre-designated number. The response is sent to you as SMS message, all in the matter of a few seconds.

This message travels from your mobile phone to the SMS Centre of the Cellular Services Provider, and there it travels to the bank’s system s. The information is retrieved and sent back to you mobile phone via SMS Centre, all in a matter of a few seconds.

What is the Company ID in the Bill Pay message?Company ID consists of 4 alphanumeric character, which are predetermined by the company and help identify the bill.

Your Phone is now your bank!

When you dial in to Phone banking, a voice prompt will guide you through the various transactions. You may also a talk phone banker, who will provide you with the required assistance.

Avail of the following services via phone banking

Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates

What can I do using Net banking?

Manage you Demat Account Create fixed deposits online. Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates

Changing Dynamic in the Banking Industry

By using the electronic banking technology, banks have increased profitability. In the past, the banking industry was chiefly concerned with assets quality and capitalization, but now a day this is not enough.

Bank need to find new ways to increase revenue in a “mature market” for most traditional banking services, a through understanding of this competitive environment is needed before banks can determine their online strategy.

Find different factors contribute to the new competitive Changing consumer desires driven by online commerce Optimization of branch networks in order to reduce costs. Changing demographics trends and potential new consumer markets New online economic products

Changing Consumer needs

Now a day Consumers like fast financial process with secured environment so that they want e-services like:

Online account related information Online download account statement Online transfer funds between account to account Online Payment of bills & dues Online purchasing & selling online other services

Consumer Oriented Service

Consumer Life-Style Needs Complementary Multimedia Services

Entertainment Movies on demand, video cataloging, interactive ads, Multi-user games, online discussion

Financial Services and information Home banking, Financial service, Financial news

Essential Services Home shopping, Electronic catalogs

Education and Training Video conferencing, on-line database

Home Banking Management

Home banking services are often categorized as basic, intermediate, and advanced.

Basic Services are related to personal finance: checking and savings account statement reporting, round the clock banking with ATM fund transfer, bill payment, account reconciliation, Stop payment request.

Intermediate services include a growing collection of home financial management services, which include household budgeting, update stock values and tax return preparation.

Advanced Services include stock and mutual fund brokerage or trading services, currency trading, and credit & debit card management.

Management Issues in online banking

According to dynamic changing in banking industry, bank’s management has resourcefulness and vision to connect the technology and give consumers with new services & products on their satisfactory. Banks must deliver high quality products at the consumer’s convenience with high tech personal and affordable services. Management has to balance the five key values that increasingly drive consumer’s banking decisions:

Simplicity, Customized Services, Convenience, Quality & Price

Online banking will realize its full potential when the following key elements fall into place:

1. The development of any interesting portfolio of product and services that are attractive to consumer and sufficiently differentiated form competitors.

2. The creation of online financial supply chains to manage the shift from banks as goalkeeper models to banks as gateways.

3. The emergence of low-cost interactive access terminals for the home as well as affordable interactive home information services.

4. The identification of new market segments with unused needs such as the willingness to pay for the convenience of remote banking.

5. The development of effective back-office systems that can support sophisticated retail interface.

E-Commerce & Retailing: Retailing includes all the activities involved in selling goods as services directly to final consumer for personal, non business use.

A retailer or retail store is any business enterprises whose sale volume comes primarily from retailing.Any organization selling to final consumer.Whether it is a manufacturer, whole seller or retailer is doing retailing. It does not matter how the goods or services are sold (By person, mail, telephone, vending machine or Internet) or where they are sold (in a store, on the sheet, or in the consumer’s home).

Almost every retailer is re-evaluating every aspects of its operation from customer services to advertisement, merchandise to store design and logistics to order fulfillment. Further more, reaching to the pressure of retailers, supplier and assessing technology based solutions to drive down costs (Labour, delivery and production) and become more efficient producers of goods.

Means e-commerce provide a gateway for retails business, now a days supermarkets, Big Bazaar etc, are providing you a commercial website for retail selling. Example: www.futurebazaar.com, www.giftmate.com

Online Mercantile Models Online channels such as online services and the web are also impacting traditional retail business models. In traditional model, the consumer went to the store and located the product. In the online model, the retailer seeks out the consumer. The success of catalog retailers demonstrates that a significant portion of customer has embraced the reverse model: the retail going to the customer.

Retailers need to consider the following in developing a business model:

1. Product/Content Issues: What kinds of products are suited for online retailing?

2. Software Interface Issues: What kind of futures will constitute an effective interface? What features make it easy to find and select items for online purchases?

3. Process Issues: What are the specific steps in the shopping process from a consumer’s perspective? What kind of processes should companies develop to fulfill orders efficiently?

4. Pricing Issues: How much will consumers be willing to pay for convenience?

5. Payment Issues: What payment methods would consumers use for online purchases?

Management Challenges in on-line retailing:

1. Pay Attention to Product Description

http://www.giftmate.com/

http://www.futurebazaar.com/

2. Streamline Site Architecture3. Consider Shopping Search

1.) Pay Attention to Product DescriptionsMost medium to large retailers will have a database of products, with product descriptions that are substantially the same between products, or even between competitors who sell products from the same manufacturer. Search engines are not likely to index multiple pages with very similar content, and without something else to differentiate a page from competitors, ranking for that product name will be difficult, McGee said. In fact, it's not likely that retailers want to rank for their exact product names, as found in the product database. Most searchers are not entering a query for "Izod solid crested pique polo," but will instead search for "Izod polo shirt," which would be a better phrase to optimize a page for, he said. "Product databases are not optimized for searchers. It's not hard to convince a client that when we show them how many searches are being done for general terms, like 'polo shirt,' and how few are being done for the specific brand name in the database," McGee said.

2.) Streamline Site ArchitectureAnother challenge for some retailers is the lack of a text-based navigation system, which leaves search engine spiders unable to access many of the products on a site. While all sites should have a search box on their site, it cannot be the only way to navigate the site, McGee said. "At the very least, they need to have a directory or sitemap. But since many users like to browse instead of search for specific products, they should consider adding navigation to product category pages as well," he said. That's not to downplay the value of a well optimized site search. On a large-scale e-commerce site, visitors will head for the site search box about half the time, by some accounts. In addition, many SEO experts agree that generating reports from site search can show the retailer searcher intent and help optimizing pages for certain keywords, both for internal site search and for external search engines. In addition to on-site SEO, retailers should follow the same strategies as other sites to get inbound links to their sites -- such as by providing informational content worth linking to. This can be done with specific sections of the retailer’s site, new mini-sites or blogs. Retailers should also consider tagging their product images with relevant keywords and making them available to spiders to they'll be found in image searches.

3.) Consider Shopping SearchAnother tactic to increase traffic and inbound links is to take advantage of shopping search engines. By showing up in the many places shopping search engines display their results, retailers are increasing their exposure. And since many retailers are currently not taking advantage of these listings, this exposure will give those retailers that do a competitive advantage, if only for a short time. The top five shopping search engines each had more than 20 million unique visitors in December 2006, according to comScore and self-reported numbers. Yahoo Shopping, and CNET topped 30 million unique visitors, followed by Price Grabber, Shopping.com and Shopzilla. NextTag and MSN Shopping added a combined 24 million more unique visitors, bringing the total unique visitors to the top 7 shopping search engines to 163 million last month.

Electronic Data Interchange: EDI is defined as the inter-process communication (Computer Application to Computer Application) of business information in a standardized electronic form.

In short, EDI communicate information pertinent (Appropriate) for business transactions between the computer systems of companies, government organization, small business and banks.

Using EDI, trading partners establish computer to computer links that enable then to exchange information electronically.

EDI enables retailers and venders to place orders and pay bills electronically, reducing time & the expense of paperwork.

The primary advantage of EDI to business is a considerable reduction in transaction costs by improving the speed & efficiency of filling orders.

EDI can be used to electronically transmit documents such as purchases orders, invoice, shipping notice, receiving advices, and other standard business correspondence between trading partners.

EDI may be most easily understood as the replacement of paper-based purchases order with electronic equivalent. Essential of EDI are

1) An electronic transmission medium (VAN, Internet)2) Structured formatted message based on agreed standards3) Relatively fast delivery 4) Direct communication between application

Benefits of EDI

Two categories of benefits

1) Direct Benefits2) Strategic Benefits

Direct Benefits:

1.) Since the transfer of information form computer to computer is automatically, there is no need to re-send again and again, data is only entered at the source.

2.) Cost of processing EDI documents is much smaller than that of processing paper documents.

3.) Customer service is improved. The quick transfer of business document & marked decrease in error allow orders to be fulfilled faster.

4.) Information is managed more effectively.5.) There is improved job satisfaction among data entry.6.) EDI can also reduce postage bills.

In short, EDI reduce operating costs, administrative errors and delivery delays.Strategic Benefits:

1.) Customer relations are improved through better quality & speed of service.2.) Competitive edge is maintained & enhanced.3.) Reduction in product costs can be achieved.

4.) Business relations with trading partners are improved.5.) More accurate sales forecasting & business planning is possible due to

information availability at the right place at the right time.

E-mail versus EDI

E-mail EDI

1.Structure of E-mail is simple & easiest way of sending & receiving mail via an network communication

The structure of EDI is more complex. comparing e-mail.

2.Either at the sending end or at the receiving end, the data are composed by, reply by or interpreted by humans

There is typically no human involvement in the processing of the information, as the interface has software to software

3. In e-mail there is no need of any specific standard to which users have to follow.

EDI must follow the some EDI standard without EDI standards transact between trading parties not take place.

4.The message is compared by a human and/or a replay is composed by a human and/or interpreted by a human

The interchange is composed by one software for interpretation by another software.

5. It is not provided much security features a the EDI documents provides

EDI provides security aspects to its customers by providing some legal issues.

6.

To use this features of internet the users have not need any complex information. They use it by only receiver & self e-mail ID address.

EDI is based on four layer architecture & at each layer there is variety of services provided.

7.

No any third party verification no any legal aspects, no any authentication are needed to the user for sending the data or receiving the data.

EDI provides security, confidentially, authority on data.

Architecture of EDI: The architecture of EDI is divided into four layers.

1) Application Layer2) Standard Translation Layer3) Transport Layer4) Physical Layer

Application Layer

First layer of EDI defines the business applications that are used by EDI. This layer of EDI translates business application into request for quotation,

purchases orders, acknowledgment & invoices. For every company this layer is specific & also for the software that company

uses. By this layer of EDI the companies form are change into more specific format &

then it may be send to various partners of the companies. The trading partners of the company have a several software applications to handle all forms aspects.

To achieve all above activities the company must follow the EDI standards. Examples of EDI Standard are XIZ, ANSI, and EDIFACT etc.

If the sender & receivers of company want to exchange some files then requires a compatible standards of EDI.

Standard Translation Layer

This layer of EDI architecture defines the structure of business form & some content, which are related with the application layer. This layer of EDI has no mean without application layer so we can say that EDI applications & standard are interlinked.

For Ex. – EDIFACT, ANSI X12 business form standards.

Transport Layer

This layer correspondent closely with the non-electronic activity of sending a business form from one company A to company B. The business form could be sent via regular postal services, registered mail or private carrier.

EDI documents are exchanged rapidly over electronic networks using the existing e-mail program & infrastructure.

EDI document transport is more complex then simply e-mail message or sharing files through a network, a modem, or a bulletin board.

EDI documents are more structured than e-mail.

Physical Layer

This layer defined the component communication path for EDI data transaction. What ate the structure of e-commerce supported EDI in which information can

be build & what are the communications established over which EDI data transfer from one consumer to another consumer.

How EDI works

How EDI works

1. Preparation of Electronic Documents: The first step in the sequence of EDI is the collection of information and data. In the case of companies who already use computer to issue their documents like purchases orders, they may already have some sort of database which stores those information then they can start with the next step described below.

Information /Data

Internal format

Conversion

EDI Translator

EDI envelope for document

messaging

Information /Data

Internal format

Conversion

EDI Translator

EDI envelope for document

messaging

Modem Modem Internet

&VAN

2. Outbound Translation: The next step is to translate the electronic file or database into a standard format according to the specification of the corresponding document. The resulting data file should contain a series of structured transactions related to the purchases order for example. If more than one company is involved in the particular transaction, individual files should be produced for each of them.

3. Communication: Then the computer should connect and transmit through (VAN) automatically, those data files to the prearranged. The VAN should then process each file and route to the appropriate electronic mailboxes according to the destination set in the file.

4. Inbound Translation: The destination of company should be able to retrieve the file from their electronic mailboxes in a constant period, and then reverse the process by translating the file from the standard format into the specific format required by the company application software.

5. Processing the electronic documents: The internal application system of the destination of company can process the received documents now. All the resulted documents corresponding to the received transaction should use the same process or steps to transmit back to the transaction originator. The whole cycle of the electronic data interchange can then be completed. EDI Standards:

The need of defining standard is clear in order to assuring the success of EDI. It is

because the EDI relies on the use of standard structure and interpretation of electronic

business transaction to perform the interchange of data between all trading partners, so

errors can be reduced in the transmission of data regardless the computer system

involved.

There are two major standard widely used today which defined the syntactical

requirement for a wide variety of EDI transaction types. Virtually, almost any business

needs can be addressed within those standards. They are briefly described in below.

1) ANSI ASC X12 Standard 2) United Nations EDITFACT Standard

ANSI ASC X12 Standard: In 1979, The American National Standard Institute (ANSI) chartered a new committee called the Accredited Standards Committee (ASC) X12 to develop uniform standards for cross-industry electronic communications. It provide guideline and rules for EDI on how the data should be structured, what documents should be transmitted electronically.

The X12 standard defines a set of documents, which is referred as transaction sets, for a wide range of business transaction forms. Each transaction set is given a numeric code which is similar to the way in most of paper forms where forms numbers are assigned.

Example:

Transaction Set Document Title Specification No.850 Purchases Order X12.1810 Invoice X12.2

United Nations EDIFACT Standards: Many Companies are required to participate in the international market and exchange electronic data over different countries. Obviously, there is a need to extent the EDI in a global basis. With the concerns of this, general authority of UN/EDI.The EDIFACT (Administrations, Commerce, and Transport) standards development is responsible by two groups of organizations. The syntax and the data dictionary are done by the international Standard Organization (ISO).

Financial EDI (FEDI): FEDI is typically setup between banks and their corporate customers allow the bank receive payment authorizations from payer