E-Business & E-Commerce Basics

38 %
62 %
Information about E-Business & E-Commerce Basics
aim

Published on January 2, 2017

Author: albertramanujan

Source: slideshare.net

1. E-BUSINESS By: Abhishek Duttagupta abhishek0889@gmail.com

2. Objectives OfThe Presentation. ■ The main aim of this presentation would be to try and know more about – o E-Business o E-Business Fundamentals o E-Business Framework o E-Business Application o Technology Infrastructure for E-Business o Payment Systems o Security Environment o Inter Organization E-Business (EDI)

3. MarketValue of an Organization Tangible Assets • Buildings • Equipment • Furniture • Cash Intangible Assets • Skills & competencies • Motivation of employees • Databases • Information technologies • Efficient & responsive processes • Customer loyalty & relationships Value of tangible assets 1982 : 62% 1992 : 38% 2002 : 10-15% 2012 : 08-09% Source: Brookings Institute

4. Major Industry trends • Consumer trends • Service / process trends • Organizational trends • Enterprise technology trends

5. ConsumerTrends • Speed of service • Self-service • Integrated solutions, not piecemeal products

6. Service / ProcessTrends • Convergence of sales & service: customization and integration • Ease of use: make service consistent and reliable • Flexible fulfillment and convenient service delivery: streamline your supply chain

7. OrganizationalTrends • Contract manufacturing: becoming brand intensive, not capital intensive • Retain the core, outsource the rest: Business process outsourcing • Increasing process transparency and visibility • Continuous innovation and employee retention

8. EnterpriseTechnologyTrends • Enterprise applications: Connect the corporation • Infrastructure convergence: Increasing melding of voice, data and video • Multichannel integration: computer telephony integration and voice recognition • Wireless applications enter the mainstream • Leveraging legacy investment: The rise of middleware for systems integration

9. Business Drivers of the New Economy • Global financial interdependence • Deregulation • Unrestricted capital flows • Digitization • Global communication and transportation • New geopolitical realities

10. Key Business Challenges • Agility and Speed • Focus on core competencies and processes • Customer centrality • Mass customization • Flexible IT architecture • Interoperability of infrastructure and applications portfolios

11. E-Business is All About Business IT Driving Business Business Driving IT E - Business

12. Major Benefits of e-Business • Global reach • Reduced cost • Convenience • Higher productivity and efficiency

13. What Is E-Business ?

14. ■ E-business (electronic business) is the conduct of business processes on the Internet. ■ These electronic business processes include : ■ buying and selling products, supplies and services; ■ servicing customers; ■ processing payments; ■ managing production control; ■ collaborating with business partners; ■ sharing information; ■ running automated employee services; recruiting; and more.

15. What is E-business? e-business Using internet technologies to transform key business processes Web Universal Access Standards IT Data Applications Core business processes Reliability, security and availablitiy e-business = Business +Web + I/T

16. Are E-Business & E-Commerce Different?

17. ■ E-Commerce has a narrower definition and only involves buying and selling goods and services over the Internet. ■ E-business includes e-commerce but also covers internal processes such as production, inventory management, product development, risk management, finance, knowledge management and human resources. ■ E-business strategy is more complex, more focused on internal processes, and aimed at cost savings and improvements in efficiency, productivity and cost savings.

18. Why E-Business ? ■ Anytime, anywhere commerce and services ■ Cost-effective in providing information. ■ Mobility, portability of services. ■ Availability of shared services. ■ Cost-effective utilization of services. ■ Better turn around time (for all parties involved).

19. • Web technologies • Database technologies • Integration technologies • Networking technologies • Security technologies • Application Development technology E-BusinessTechnologies

20. E-Business Network Intranet and Extranet E-Business Network Networking Vendors Network Software Network Hardware Enabling Technology E-Commerce Applications

21. What is Important in an E-Business Network? • Functionality • Reliability • Security • Speed • Scalability • Access Control

22. Why Does an E-Business Network Matter to a User? • To share knowledge and reap productivity gains by finding information faster • To communicate faster with clients and suppliers • To provide options for teleworking • To implement web services • To enable teams to work collaboratively irrespective of geography • To better automate business procedures

23. Why Does an E-Business Network Matter to an Enterprise? • To create fundamental changes in business processes • To enable fast responses and agile maneuvering • To negotiate more effectively with suppliers • To create competitive advantage • To provide instant access to global markets • To lower costs • To enable the convergence of voice, data and video • To use the e-business as a key to business operations

24. CEOs are Focusing onThese E-Business Issues • Building customer loyalty • Achieving market leadership • Streamlining business processes • Creating new products/services • Ascertaining compliance • Reaching new markets

25. E-Business Best Practices • Personalize relations • Maintain visitor privacy • Make your site easy to use • Manage visitor perceptions • Maintain site consistency • Manage business knowledge • Response quickly

26. 1990-96 97 98 99 2000 01 02 03 04 05 06 07 08 09 2010 TechTrigger Peak of expectation Disillusionment Enlightenment True E-business WWW Dot Com Visibility Source: Gartner Group E-Business Hype Cycle

27. Global E-Readiness • It describes the extent to which a country’s business environment is conducive to Internet-based commercial opportunities • EIU E-Readiness Assessment Model 2001 - • Connectivity (30%) • Business Environment (20%) • E-Commerce Adoption (20%) • Legal Environment (15%) • Supporting E-Services (10%) • Social and Cultural Environment (5%)

28. Grouping of Countries by E-readiness Ranking .Source: The Economist Intelligent Unit, 2011

29. Electronic Markets ■ A market is a network of interactions and relationships where information, products, services, and payments are exchanged. ■ The market handles all the necessary transactions. ■ An electronic market is a place where shoppers and sellers meet electronically. ■ In electronic markets, sellers and buyers negotiate, submit bids, agree on an order, and finish the execution on- or off-line.

30. E-Business Model ■ A business model is the method of doing business by which a company can sustain itself, that is, generate revenue. ■ The business model spells out how a company makes money by specifying where it is positioned in the value chain. ■ In the new economy, companies are creating new business models and reinventing old models. ■ Presently, there is no single, comprehensive and cogent taxonomy of Web business models that one can point to. ■ Although there are many different ways to categorize e-business models, they can be broadly classified as follows: 1. E-Business models based on the relationship of Transaction Parties 2. E-Business models based on the relationship of Transaction Types

31. E-business Models : CONSUMERS C2C BUSINESS B2B GOVERNMENT B2C G2G E-Business Model Based onTransaction Partners:

32. What is Business to Consumers (B2C) ? ■ B2B stands for transaction activities involving two business entities (business-to- business transaction). B2C stands for transaction activities involving a business and a consumer (business-to-consumer transaction). ■ Electronic commerce comprises commercial transactions, involving both organizations and individuals. ■ From the technical point of view e-commerce is the processing and transmission of digitized data. ■ Example: Flipkart, Amazon etc.

33. What is Consumer to Business (C2B) ? ■ C2B stands for transaction activities involving customer (being the seller) and business (being the buyer) (Customer-to-business transaction). ■ It is similar to the B2C model, however, the difference is that in this case the consumer is the seller and the business organization is the buyer. ■ In this kind of a transaction, the consumers decide the price of a particular product rather than the supplier. ■ E.g. – Naukri.com, Monster.com.

34. What is Consumers to Consumers (C2C) ? ■ C2C stands for consumer to consumer electronic commerce. ■ The Internet has facilitated new types of C2C although it is important to note that this kind of commerce -- in the form of barter, yard sales, flea markets, swap meets, and the like -- has existed since time immemorial. ■ Notably, most of the highly successful C2C examples using the Internet actually use some type of corporate intermediary and are thus not strictly "pure play" examples of C2C. ■ Example: OLX, QUIKR etc.

35. What is Business to Business (B2B) ? ■ B2B stands for "business-to-business," as in businesses doing business with other businesses. ■ The term is most commonly used in connection with e-commerce and advertising, when you are targeting businesses as opposed to consumers. ■ Business-to-business electronic commerce (B2B) typically takes the form of automated processes between trading partners and is performed in much higher volumes than business-to-consumer (B2C) applications. ■ E.g.: Indiamart.com, Industrybuying.com, Urjakart etc.

36. What is Government to Government (G2G) ? ■ Government to government (G2G) is the electronic sharing of data and/or information systems between government agencies, departments or organizations. ■ The goal of G2G is to support e-government initiatives by improving communication, data access and data sharing. ■ Example: india.gov.in,

37. What is Business to Government (B2G) ? ■ B2G is the idea that government agencies and businesses can use central Web sites to conduct business and interact with each other more efficiently than they usually can off the Web. ■ Example for B2G are e-procurement websites (dhi.nic.in) and trade facilitation websites (investindia.gov.in) etc.

38. What is Government to Customer (G2C) ? ■ The e-Governance scenario in India has come a long way since computers were first introduced. ■ The focus now is on extending the reach of governance to have a major impact on the people at large. ■ e-Governance is an important tool to enhance the quality of government services to citizens, to bring in more transparency, to reduce corruption and subjectivity, to reduce costs for citizens and to make government more accessible. ■ For example: passportindia.gov.in, vahan.nic.in etc.

39. E-Business Models Based onTransactionTypes: ■ Based on transaction type, different types of transactions can be identified as listed below: ■ Brokerage ■ Aggregator ■ Info-mediary ■ Community ■ Value chain ■ Advertising ■ These transaction types take place in a variety of ways. ■ Moreover, any given firm may combine one or two of these as part of its web business strategy.

40. Brokerage Model ■ Brokers are market-makers: they bring buyers and sellers together and facilitate transactions. ■ Brokers play a frequent role in business-to-business (B2B), business-to-consumer (B2C), or consumer-to-consumer (C2C) markets. ■ Usually a broker charges a fee or commission for each transaction it enables. ■ Types of Brokerage Models are: – Marketplace Exchange – Buy/Sell Fulfillment – Auction – Transaction – Search – Virtual Marketplace

41. Aggregator Model ■ Electronic commerce business model where a firm (that does not produce or warehouses any item) collects (aggregates) information on goods and/or services from several competing sources at its website. ■ The firm's strength lies in its ability to create an 'environment' which draws visitors to its website, and in designing a system which allows easy matching of prices and specifications. ■ Aggregator model includes: ■ Virtual Merchant ■ Catalog Merchant ■ Bit Vendor ■ Subscription model

42. Info-mediary Model ■ Data about consumers and their consumption habits are valuable, especially when that information is carefully analyzed and used to target marketing campaigns. ■ Independently collected data about producers and their products are useful to consumers when considering a purchase. ■ Some firms function as info-mediaries (information intermediaries) assisting buyers and/or sellers understand a given market. ■ Info-mediary model includes: ■ Advertising Networks ■ Audience Measurement Services ■ Incentive Marketing

43. Community Model ■ The viability of the community model is based on user loyalty; Users have a high investment in both time and emotion. ■ Revenue can be based on the sale of ancillary products and services or voluntary contributions; or revenue may be tied to contextual advertising and subscriptions for premium services. ■ The Internet is inherently suited to community business models and today this is one of the more fertile areas of development, as seen in rise of social networking. ■ Types are : – Open Source – Open Content – Public Broadcasting – Social Networking Services

44. Value Chain Model ■ Value chain selling is supported through two business models: demand chain and a supply chain; E-Commerce supports the transactions through both the demand chain business model and supply chain business model. ■ Products, goods, services, or information are delivered through the parties of the value chain from producers to end users. ■ A value chain also has relationship and administrative aspects, that is, you can manage the relationship of the partners or enterprises in your value chain, as well as offer some administrative services to those parties. ■ As a result, value chain business models must manage the two sides of their businesses: their customers and direct sales, and their channel partners and suppliers; each requires its own management channels and practices.

45. Advertising Model ■ The web advertising model is an extension of the traditional media broadcast model. ■ The broadcaster, in this case, a web site, provides content (usually, but not necessarily, for free) and services (like email, IM, blogs) mixed with advertising messages in the form of banner ads. ■ The banner ads may be the major or sole source of revenue for the broadcaster. The advertising model works best when the volume of viewer traffic is large or highly specialized. ■ Advertising model includes: – Search Engine Portals – Classifieds – User Registration Content-based sites – Contextual Advertising / Behavioral Marketing

46. E-Business Conceptual Framework Media Infrastructure e-Business Strategy Public Policy Technology Infrastructure Capital Infrastructure

47. HARDWARE SOFTWARE INTERNET ACCESS, SERVICES, E-payment, CERTIFICATES, ADVERTISEMENT E-business Application Framework

48. E-BusinessApplication ■ E-Business application can be sub-categorized as : 1. Internal Business Systems 2. Enterprise Communication & Collaboration 3. Electronic Commerce

49. Internal Business Systems ■ These include the internal systems and processes of a business like : o customer relationship management o enterprise resource planning o document management systems o human resources management.

50. Enterprise Communication and Collaboration ■ These include the communication systems and collaboration processes that the business uses or might use : o VoIP o content management system o e-mail o voice mail o Web conferencing o business process management.

51. Electronic Commerce ■ These include the transactional part of e-business i.e. e-commerce : o internet shop o supply chain management o online marketing o Other e-marketing

52. E-business Categories [ E-trade [ E-consulting [ E-transactions [ E-learning [ E-mail [ E-marketing

53. ■ Access Control & Security – Access control – Authentication – Security measures ■ Profiling & Personalizing – Profile management & personalizing – Behavior tracking Essential E-commerce Processes ■ Catalog Management – Pricing calculation – Product configuration – Catalog generation

54. ■ Search Management – Content-based search – Parametric-based search – Rule-based search ■ Content Management – Dynamic content generation – Data repository Essential E-commerce Processes

55. Essential E-commerce Processes ■ Payment – Shopping cart – Payment method support – Payment verification ■ Workflow Management – Buying process automation – Document management – Rule & role-based content routing

56. E-Business Infrastructure Requirements ■ Web Hosting ■ Domain Name Services ■ Storage and Backup ■ Server Speed and Reliability ■ Management Information & Security ■ Technical Support & Advanced Solutions ■ Pricing ■ Selecting an Internet Service Provider ■ Location ■ Price ■ Internet Tool Kit

57. ■ Internet Security ■ Internet Security Software ■ Anti-Virus Software ■ Firewall ■ Privacy Policy ■ Legal statement ■ Data sharing ■ Log files ■ Email addresses E-Business Infrastructure Requirements

58. ■ Broadband Internet Access ■ Narrowband ■ ISDN (Integrated Services Digital Network) ■ Broadband ■ Faster Uploads and Downloads ■ Affordability ■ Speed ■ Constant Internet Access ■ Reliability E-Business Infrastructure Requirements

59. Electronic Payment System

60. What is Electronic Payment System ? ■ Electronic payment system is a system which helps the customer or user to make online payment for their shopping. ■ The content of this exchange is usually some form of digital financial instrument (such as encrypted credit card numbers, electronic cheques or digital cash) that is backed by a bank or an intermediary, or by a legal tender. ■ The various factors that have lead the financial institutions to make use of electronic payments are: – Decreasing technology cost: – Reduced operational and processing cost: – Increasing online commerce.

61. Requirements for e-payments ■ Atomicity – Money is not lost or created during a transfer ■ Good atomicity – Money and good are exchanged atomically ■ Non-repudiation – No party can deny its role in the transaction

62. Desirable Properties of Digital Money ■ Universally accepted ■ Transferable electronically ■ Divisible ■ Private (no one except parties know the amount) ■ Anonymous (no one can identify the payer)

63. Most Prevalent Methods Of EPS ■ The most widely used and prevalent methods of Electronic Payment System are: 1. NetBanking 2. PayPal 3. Electronic Cash 4. Software Wallets / E-Wallets 5. Smart Cards 6. Credit / Debit cards.

64. NetBanking ■ This is a system, well known in India, that does not involve any sort of physical card used by customers who have accounts enabled with Internet banking. ■ Instead of entering card details on the purchaser's site, in this system the payment gateway allows one to specify which bank they wish to pay from. ■ Then the user is redirected to the bank's website, where one can authenticate oneself and then approve the payment. ■ Typically there will also be some form of two-factor authentication. ■ It is typically seen as being safer than using credit cards, with the result that nearly all merchant accounts in India offer it as an option

65. PayPal ■ PayPal is a global e-commerce business allowing payments and money transfers to be made through the Internet. ■ Online money transfers serve as electronic alternatives to paying with traditional paper methods, such as cheques and money orders. ■ PayPal is an acquirer, a performing payment processing for online vendors, auction sites, and other commercial users, for which it charges a fee. ■ The fees depend on the currency used, the payment option used, the country of the sender, the country of the recipient, the amount sent and the recipient's account type. ■ The company also has significant operations in Omaha, Scottsdale, Charlotte and Austin in the United States; Chennai in India; Dublin in Ireland; Berlin in Germany; and Tel Aviv in Israel. From July 2007, PayPal has operated across the European Union as a Luxembourg-based bank

66. Electronic Cash (E-Cash) ■ A system that allows a person to pay for goods or services by transmitting a number from one computer to another. ■ Like the serial numbers on real currency notes, the E-cash numbers are unique. ■ This is issued by a bank and represents a specified sum of real money. It is anonymous and reusable. ■ Complex cryptographic algorithms prevent double spending – Anonymity is preserved unless double spending is attempted ■ Serial numbers can allow tracing to prevent money laundering

67. E-Cash Process 1. Consumer buys e-cash from Bank 2. Bank sends e-cash bits to consumer (after charging that amount plus fee) 3. Consumer sends e-cash to merchant 4. Merchant checks with Bank that e-cash is valid (check for forgery or fraud) 5. Bank verifies that e-cash is valid 6. Parties complete transaction

68. E-Wallets  The E-wallet is another payment scheme that operates like a carrier of e-cash and other information.  The aim is to give shoppers a single, simple, and secure way of carrying currency electronically.  Trust is the basis of the e-wallet as a form of electronic payment.  Most favored E-Wallets in India are Paytm, PayU Money, Mobikwik and Oxigen

69. Smart Cards ■ Smart Cards are Plastic card containing an embedded microchip ■ So far not successful in U.S., but popular in Europe, Australia, and Japan. Not at all used in India. ■ Success depends on: – Critical mass of smart cards that support applications – Compatibility between smart cards, card-reader devices, and applications

70. Smart Cards Process

71. Credit / Debit Cards ■ A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services, based on the cardholder's promise to the card issuer to pay them for the amounts so paid plus other agreed charges. ■ The card issuer (usually a bank) creates a revolving account and grants a line of credit to the cardholder, from which the cardholder can borrow money for payment to a merchant or as a cash advance.

72. Credit CardTransactional Process

73. Payment Gateways o A payment gateway is an e-commerce application service provider service that authorizes payments for e-businesses, online Shopping, etc. o Payment gateway protects credit cards details encrypting sensitive information, such as credit card numbers, to ensure that information passes securely between the customer and the merchant and also between merchant and payment processor.

74. How Does Payment GatewayWork ?

75. Risks In Using E-Payment Systems o Customer’s risks : o Stolen credentials or password o Dishonest merchant o Disputes over transaction o Inappropriate use of transaction details o Merchant’s risk : o Forged or copied instruments o Disputed charges o Insufficient funds in customer‘s account o Unauthorized redistribution of purchased items o Main issue: Secure payment scheme

76. E-Payment Issues o Secure transfer across internet o High reliability: no single failure point o Atomic transactions o Anonymity of buyer o Economic and computational efficiency: allow micropayments o Flexibility: across different methods of Ecommerce o Scalability in number of servers and users

77. Designing E-Payment Systems o It includes several factors: o Privacy: A user expects to trust in a secure system; just as a telephone is a safe o Security: A secure system verifies the identity of two-party transactions through “user authentication” & reserves flexibility to restrict information/services through access control o Intuitive interfaces: The payment interface must be as easy to use as a telephone.

78. Designing E-Payment Systems (Contd..) o Database integration: With home banking, for ex, a customer wants to play with all his accounts. o Brokers: A “network banker” - someone to broker goods & services, settle conflicts, & financial transactions electronically, must be in place o Pricing: One fundamental issue is how to price payment system services. For e.g., From cash to bank payments, from paper based to e-cash. The problem is potential waste of resources. o Standards: Without standards, the welding of different payment users into different networks & different systems is impossible.

79. Security Requirements Of E-Payment Systems Authentication Integrity Non-repudiation Privacy Safety Security Requirements of EPS

80. Security Environment

81. The E-commerce Security Environment ■ Overall size and losses of cybercrime unclear – Reporting issues ■ 2009 CSI survey: 49% of respondent firms detected security breach in last year – Of those that shared numbers, average loss $288,000 ■ Underground economy marketplace: – Stolen information stored on underground economy servers

82. Types of Attacks Against Computer Systems (Cybercrime) SOURCE: Based on data from Computer Security Institute, 2009

83. What Is Good E-commerce Security? ■ To achieve highest degree of security – New technologies – Organizational policies and procedures – Industry standards and government laws ■ Other factors – Time value of money – Cost of security vs. potential loss – Security often breaks at weakest link

84. The E-commerce Security Environment

85. E-Business General Security Issues o Confidentiality o Authentication o Integrity o Access Control o Non-Repudiation o Firewalls

86. Customer & Merchant Perspectives OnThe Different Dimensions Of E-Business Security

87. TheTension Between Security and OtherValues ■ Ease of use: – The more security measures added, the more difficult a site is to use, and the slower it becomes ■ Public safety and criminal uses of the Internet – Use of technology by criminals to plan crimes or threaten nation-state

88. SecurityThreats in the E-commerce Environment ■ Three key points of vulnerability: 1. Internet communications channels 2. Server level 3. Client level

89. ATypical E-commerceTransaction

90. Vulnerable Points in anTypical E-commerce Environment SOURCE: Boncella, 2000.

91. Most Common SecurityThreats in the E-commerce Environment ■ Malicious code – Viruses – Worms – Trojan horses – Bots, botnets ■ Unwanted programs – Browser parasites – Adware – Spyware

92. Most Common SecurityThreats (cont…) ■ Phishing – Deceptive online attempt to obtain confidential information – Social engineering, e-mail scams, spoofing legitimate Web sites – Use of information to commit fraudulent acts (access checking accounts), steal identity ■ Hacking and Cyber-vandalism – Hackers – Cyber-vandalism: Intentionally disrupting, defacing, destroying Web site – Types of hackers: White hats, black hats, grey hats

93. ■ Credit card fraud / theft – Hackers target merchant servers; use data to establish credit under false identity ■ Spoofing ■ Pharming ■ Spam / Junk Web sites ■ Denial of service (DoS) attack – Hackers flood site with useless traffic to overwhelm network – Distributed denial of service (DDoS) attack Most Common SecurityThreats (cont…)

94. ■ Sniffing – Eavesdropping program that monitors information traveling over a network ■ Insider jobs – Single largest financial threat ■ Poorly designed server and client software ■ Mobile platform threats – Same risks as any Internet device – Malware, botnets, vishing / smishing Most Common SecurityThreats (cont…)

95. Technology Solutions ■ Protecting Internet communications (encryption) ■ Securing channels of communication (SSL, S-HTTP, VPNs) ■ Protecting networks (firewalls) ■ Protecting servers and clients

96. Tools Available to Achieve Site Security

97. Encryption ■ Transforms data into cipher text readable only by sender and receiver ■ Secures stored information and information transmission ■ Provides 4 of 6 key dimensions of e-commerce security: 1. Message integrity 2. Nonrepudiation 3. Authentication 4. Confidentiality ■ Examples of Encryption methods are – 1. Symmetric Key Encryption 2. Public Key Encryption & Public Key Using Digital Signatures 3. Digital Envelopes 4. Digital Certifications & Certification Authority

98. Public Key Encryption ■ Uses two mathematically related digital keys – Public key (widely disseminated) – Private key (kept secret by owner) ■ Both keys used to encrypt and decrypt message ■ Once key used to encrypt message, same key cannot be used to decrypt message ■ Sender uses recipient’s public key to encrypt message; recipient uses his/her private key to decrypt it

99. Public Key Cryptography with Digital Signatures

100. Digital Envelopes ■ Address weaknesses of: – Public key encryption ■ Computationally slow, decreased transmission speed, increased processing time – Symmetric key encryption ■ Insecure transmission lines ■ Uses symmetric key encryption to encrypt document ■ Uses public key encryption to encrypt and send symmetric key

101. Creating a Digital Envelope

102. Digital Certificates and Public Key Infrastructure (PKI) ■ Digital Certificates are a means by which consumers and businesses can utilize the security applications of Public Key Infrastructure (PKI). ■ PKI comprises of the technology to enables secure e-commerce and Internet based communication. ■ Digital certificate includes: – Name of subject/company – Subject’s public key – Digital certificate serial number – Expiration date, issuance date – Digital signature of CA ■ Public Key Infrastructure (PKI): – CAs and digital certificate procedures – PGP Encryption (Pretty Good Privacy)

103. Digital Certificates & Certification Authorities

104. Limits to Encryption Solutions ■ Doesn’t protect storage of private key – PKI not effective against insiders, employees – Protection of private keys by individuals may be haphazard ■ No guarantee that verifying computer of merchant is secure ■ CAs are unregulated, self-selecting organizations

105. Securing Channels of Communication ■ Secure Sockets Layer (SSL): – Establishes a secure, negotiated client-server session in which URL of requested document, along with contents, is encrypted ■ Secure - HTTP (“https”) – Provides a secure message-oriented communications protocol designed for use in conjunction with HTTP ■ Virtual Private Network (VPN): – Allows remote users to securely access internal network via the Internet, using Point-to-Point Tunneling Protocol (PPTP)

106. Secure Negotiated Sessions Using SSL

107. Protecting Networks ■ Firewall – Hardware or software – Uses security policy to filter packets – Two main methods: 1. Packet filters 2. Application gateways ■ Proxy servers (proxies) – Software servers that handle all communications originating from or being sent to the Internet

108. Firewalls and Proxy Servers

109. Protecting Servers and Clients ■ Operating system security enhancements – Upgrades, patches ■ Anti-virus software: – Easiest and least expensive way to prevent threats to system integrity – Requires daily updates

110. Management Policies, Business Procedures, & Public Laws ■ Indian firms and organizations spend about 12% of IT budget on security hardware, software, services. ■ Managing risk includes – Technology – Effective management policies – Public laws and active enforcement (IT Act 2000, Cyber Law Under IPC)

111. A Security Plan: Management Policies ■ Risk assessment ■ Security policy ■ Implementation plan – Security organization – Access controls – Authentication procedures, inc. biometrics – Authorization policies, authorization management systems ■ Develop Security Protocol ■ Security audit

112. Ethical, Social & Political Issues in E-Business

113. Understanding Ethical, Social, and Political Issues in E-Business ■ Internet technology and its use in e-business disrupts existing social and business relationships and understandings ■ Costs and benefits of technology must be carefully considered, especially when there are as yet no clear-cut legal or cultural guidelines

114. A Model for Organizing the Issues ■ Issues raised by Internet and e-commerce can be viewed at individual, social and political levels ■ Four major categories of issues: – Information rights – Property rights – Governance – Public safety and welfare

115. The Moral Dimensions of an Internet Society

116. Basic Ethical Concepts ■ Ethics – Study of principles used to determine right and wrong courses of action ■ Responsibility & Accountability ■ Liability – Laws permitting individuals to recover damages ■ Due process – Laws are known, understood – Ability to appeal to higher authorities to ensure laws applied correctly

117. Privacy ■ Privacy: – Moral right of individuals to be left alone, free from surveillance or interference from other individuals or organizations ■ Information privacy: – Includes both the claim that certain information should not be collected at all, as well as the claim of individuals to control the use of whatever information is collected about them

118. E-commerce and Privacy ■ Major ethical issue related to e-commerce and privacy: – Under what conditions should we invade privacy of others? ■ Major social issue: – Development of “expectations of privacy” and privacy norms ■ Major political issue: – Development of statutes that govern relations between record- keepers and individuals

119. Information Collected at E-commerce Sites ■ Personally identifiable information (PII): – Data that can be used to identify, locate, or contact an individual ■ Anonymous information: – Demographic and behavioral information that does not include any personal identifiers ■ Almost all e-commerce companies collect PII and use cookies to track clickstream behavior

120. Profiling and BehavioralTargeting ■ Profiling – Creation of digital images that characterize online individual and group behavior ■ Anonymous profiles – Identify people as belonging to very specific and targeted groups ■ Personal profiles: – Add personal identifiers ■ Advertising networks can: – Track consumer behavior and browsing behavior on the Web – Dynamically adjust what user sees on screen – Build and refresh high-resolution data images or behavior profiles of consumers

121. Profiling and BehavioralTargeting (cont…) ■ Deep packet inspection – Records every keystroke at ISP level of everyone and uses information to make suggestions, target ads ■ Weblining: – Charging some customers more for products based on profiles ■ Network advertising firms: – Web profiling serves consumers and businesses ■ Critics: – Profiling undermines expectation of anonymity and privacy ■ Consumers: – Significant opposition to unregulated collection of personal information

122. The Internet and Government Invasions of Privacy ■ Various laws strengthen ability of law enforcement agencies to monitor Internet users without knowledge and sometimes without judicial oversight ■ Government agencies are largest users of private sector commercial data brokers ■ Retention by ISPs of user data a concern

123. Informed Consent ■ Consent given with knowledge of all the material facts needed to make a rational decision ■ Two models: – Opt-in – Opt-out ■ Many E-Business firms merely publish information practices as part of privacy policy without providing for any form of informed consent

124. Private Industry Self-Regulation ■ Safe harbor: – Private, self-regulating policy and enforcement mechanism that meets objectives of government regulations and legislation, but does not involve government regulation or enforcement – e.g. Privacy seal programs (TRUSTe, BBB Reliability Seal) ■ Industry associations include: – Online Privacy Alliance (OPA) – Network Advertising Initiative (NAI) ■ Privacy advocacy groups – e.g. Epic.org

125. Technological Solutions to Privacy Invasion on theWeb ■ Spyware, cookie, pop-up blockers ■ Platform for Privacy Preferences (P3P): – Comprehensive technological privacy protection effort sponsored by W3C – Standard for communicating to users a Web site’s privacy policy – Compares site policy to user’s preferences or to other standards – Works through user’s Web browser

126. Secure ElectronicTransaction (SET) Protocol ■ Jointly designed by MasterCard and Visa with backing of Microsoft, Netscape, IBM and others ■ Designed to provide security for card payments as they travel on the Internet – Contrasted with Secure Socket Layers (SSL) protocol, SET validates consumers and merchants in addition to providing secure transmission ■ SET specification – Uses public key cryptography and digital certificates for validating both consumers and merchants – Provides privacy, data integrity, user and merchant authentication, and consumer nonrepudiation

127. The SET Protocol

128. Intellectual Property Rights ■ Intellectual property: – Encompasses all tangible and intangible products of human mind ■ Major ethical issue: – How should we treat property that belongs to others? ■ Major social issue: – Is there continued value in protecting intellectual property in the Internet age? ■ Major political issue: – How can Internet and e-commerce be regulated or governed to protect intellectual property?

129. Types of Intellectual Property Protection ■ Three main types of intellectual property protection: – Copyright – Patent – Trademark law ■ The goal of intellectual property law is to balance two competing interests—the public and the private ■ Maintaining this balance of interests is always challenged by the invention of new technologies

130. Trademarks and the Internet ■ Cybersquatting: Registration of domain name or other Internet use of existing trademark for purpose of extorting payments from legitimate owners. ■ Cyberpiracy: Same behavior as cybersquatting, with intent of diverting traffic from legitimate site to infringing site ■ Metatagging: Using other’s trademarks as metatags in misleading or confusing manner ■ Keywording: Using other’s trademarks as keywords on search engines in a misleading or confusing manner ■ Deep linking: Bypassing target site’s home page and linking directly to content page ■ Framing: Displaying content of another site within frame or window

131. Governance ■ Involves issue of social control ■ Primary questions: – Who will control Internet and e-commerce? – What elements will be controlled and how? ■ Stages of governance and e-commerce – Government Control Period (1970–1994) – Privatization (1995–1998) – Self-Regulation (1995–present) – Government Regulation (1998–present)

132. Who Governs E-commerce and the Internet? ■ Currently in a mixed mode policy environment where self-regulation, through variety of Internet policy and technical bodies, co-exists with limited government regulation ■ ICANN ■ Governments vs. ITU (International Tele-Communication Union) ■ Can Internet be controlled, monitored, and regulated from a central location ?

133. Taxation ■ Issue of taxation of e-commerce sales illustrates complexity of governance and jurisdiction issues ■ National and international character of Internet sales wreaking havoc on traditional taxation schemes in E-Businesses around the world for local commerce and local jurisdictions ■ Unlikely that comprehensive, integrated rational approach to taxation issue will be determined for some time to come

134. Net Neutrality ■ Currently, all Internet traffic treated equally – all activities charged the same rate, no preferential assignment of bandwidth. ■ Internet backbone providers would like to charge differentiated prices and ration bandwidth by pricing or speed (bandwidth controls).

135. Public Safety andWelfare ■ Protection of children and strong sentiments against pornography – Passing legislation that will survive court challenges has proved difficult:  Children’s Internet Protection Act upheld by U.S. Supreme Court (requires schools and libraries to install technology protection measures).  No such specific laws exist in India. Usually clubbed with the Information Technology Act, 2000 & Indian Penal Code, 1860 as well as Information Technology Bill. ■ Efforts to control gambling and restrict sales of drugs and cigarettes

136. Inter - Organization E - Business

137. EDI: Electronic Data Interchange ■ What is EDI? ■ Exchange of electronic data between companies using precisely defined transactions ■ Set of hardware, software, and standards that accommodate the EDI process ■ “EDI is the forefather / pre-cursor of B2B” ■ Estimated $500 billion worth of goods per year ■ EDI: usually over value-added networks (VANs)

138. Electronic Data Interchange

139. Relation Between Retailers, Manufacturers & Suppliers in EDM

140. How Does Electronic Data Exchange (EDI)Work ? – Supplier’s proposal sent electronically to purchasing organization. – Electronic contract approved over network. – Supplier manufactures and packages goods, attaching shipping data recorded on a bar code. – Quantities shipped and prices entered in system and flowed to invoicing program; invoices transmitted to purchasing organization

141. – Manufacturer ships order. – Shipment notice EDI transaction sent (not shown) – Purchasing organization receives packages, scans bar code, and compares data to invoices actual items received. – Payment approval transferred electronically. – Bank transfers funds from purchaser to supplier’s account using electronic fund transfer (EFT). How Does EDIWork ? (Cont.)

142. Electronic Data Interchange Standards ■ EDI requires companies to agree on standards – Compatible hardware and software – Agreed upon electronic form format ■ Established EDI standards – Automotive Industry Action Group (AIAG) – X.12 de facto umbrella standard in U.S. and Canada – EDI for Administration, Commerce, and Trade (EDIFACT) umbrella of standards in Europe

143. HowTo SubscribeTo EDI ? ■ Larger companies purchase hardware and software ■ Medium and small companies seek third-party service – Value-added networking (VAN) – Managed network services available for a fee

144. Electronic Data Interchange OnTheWeb ■ Advantages of Web EDI – Lower cost – More familiar software – Worldwide connectivity ■ Disadvantages of Web EDI – Low speed – Poor security

145. The Importance of Electronic Data Interchange ■ Need for timely, reliable data exchange in response to rapidly changing markets ■ Emergence of standards and guidelines ■ Spread of information into many organizational units ■ Greater reliability of information technology ■ Globalization of organizations

146. EDI Software X12 Database 1. Document Support 2. Mapping 3. Standards Support 4. Translation Communications

147. Value Added Network (VAN) o A Value Added Network (VAN) is a private network provider used to facilitate electronic data interchange (EDI). o In the 1980s, VANs emerged as a way to connect supply chain participants. o They offered store-and-forward mailboxes and were deployed to help trading and supply chain partners automate many business-to-business communications and thereby reduce the number of paper transfers needed.

148. Point-to-Point: EDIWithout aVAN Buyer 1 2 3 4 A B C D Supplier

149. Value Added Network (VAN) EDI: 1 2 3 4 A B C D Buyer Supplier

150. Interconnect Strategy OfVAN EDI GEVAN AT&T VAN

151. Percent Customer/supplier requirement Cost savings Data accuracy/error reduction Quick access to data In 2006, EDI grew substantially due to customer / major supplier requirements or requests. EDI is an element used to streamline business processes. Why do Companies use EDI? 0% 10% 20% 30% 40% 50% 60% 1990 1995 2000 2005 2006

152. EDI USERS Government Health care Retail Grocery Transportation Policy Insuranc e Manufacturing AutomotivePetroleumElectronicsChemicalBanks Construction Advertising

153. Please write to abhishek0889@gmail.com for any queries or concerns.

Add a comment