Web Developer Foundations: Using XHTML

Chapter 12 E-Commerce Overview

Modified by Linda Kenney November, 2006
1

Learning Outcomes
In this chapter, you will learn how to:
Describe E-Commerce Identify benefits and risks of E-Commerce Describe E-Commerce business models Describe E-Commerce Security and Encryption Describe EDI (Electronic Data Interchange) Describe trends and projections for E-Commerce Describe issues related to E-Commerce Describe order and payment processing Describe E-Commerce solution options

2007 Pearson Education

What is E-Commerce?
The integration of communications, data management, and security technologies to allow individuals and organizations to exchange information related to the sale of goods and services. Major functions of E-Commerce include:
the buying of goods, the selling of goods, and performance of financial transactions on the Internet.
2007 Pearson Education
3

E-Commerce Advantages for Businesses

Reduced Costs Increased Customer Satisfaction More Effective Data Management Potentially Higher Sales

2007 Pearson Education

Reduced Costs why?

2007 Pearson Education

Increased Customer Satisfaction why?

2007 Pearson Education

More Effective Data Management why?

2007 Pearson Education

Potentially Higher Sales -why?

2007 Pearson Education

E-Commerce Advantages for Consumers

Convenience why? Easier Comparison Shopping Wider Selection of Goods

2007 Pearson Education

E-Commerce Risks for Businesses

Need for a robust, reliable web site Fraudulent transactions Customer reluctance to purchase online Increased competition

2007 Pearson Education

10

E-Commerce Risks for Consumers

Possible Security Issues Possible Privacy Issues Purchasing from photos & descriptions Possible difficulty with returns

2007 Pearson Education

11

E-Commerce Business Models

B2C Business-to-Consumer
Some are online only Some are both online and Brick and Mortar

B2B Business-to-Business C2C Consumer-to-Consumer B2G Business-to-Government

2007 Pearson Education

12

Electronic Data Interchange (EDI)

EDI is the transfer of data between different companies using networks. This facilitates the exchange of standard business documents including purchase orders and invoices. EDI is not new; it has been in existence since the 1960s. Organizations that exchange EDI transmissions are called trading partners. Newer technologies such as XML and Web Services are replacing traditional EDI by allowing trading partners virtually unlimited opportunities to customize their information exchange over the Internet.
2007 Pearson Education
13

E-Commerce Statistics

Source:Forrester Research as reported on http://www.nua.com/surveys/

E-Commerce Statistics - updated

E-commerce revenue in 2006 over $2 billion
http://www.clickz.com/showPag e.html?page=3611181

2007 Pearson Education

15

Typical Internet User

A recent study by Harris Interactive discussed on Clickz.com
(http://www.clickz.com/stats/sectors/geographics/article.php/5911_1011491 )

found that the typical Internet user in the U.S. now mirrors the U.S. population.
Male Female Household Income Adults 18-49 49% 51% $40,816 74%

2007 Pearson Education

16

Black Friday stats

http://www.internetnews.com/ecnews/article.php/3645606
http://www.clickz.com/showPag e.html?page=3624037

2007 Pearson Education

17

E-Commerce Issues
Intellectual Property Security Fraud Taxation International Commerce

2007 Pearson Education

18

Intellectual Property
Domain names and cybersquatting
http://www.icann.org/udrp/udrp.htm

2007 Pearson Education

19

Security

2007 Pearson Education

20

Fraud

2007 Pearson Education

21

Taxation

2007 Pearson Education

22

International Commerce

2007 Pearson Education

23

Order & Payment Processing

Describe online ordering.

2007 Pearson Education

24

 Try: www.amazon.com

2007 Pearson Education

25

Order & Payment Processing

E-Commerce Payment Models:
Cash Check Credit Smart Card Micropayments

2007 Pearson Education

26

Cash/Check
http://www.internetcash.com/
https://www.paypal.com/ http://www.checkfree.com/

2007 Pearson Education

27

Credit Card Order Processing Flow

Secure Electronic Transactions (SET)

Standard protocol that enables secure credit card transactions on the Internet. SET uses encryption and digital certificates.

2007 Pearson Education

29

Smart Card
Similar to a credit card, but with an integrated circuit.
Mainly used in Europe, Australia, and Japan

2007 Pearson Education

30

Micropayments
Small amounts of currency are exchanged over the Internet.
http://www.peppercoin.com/
When digital and physical merchants deploy Peppercoin, consumers can use their debit and credit cards for purchases of any size. For example, a consumer can pay for a parking meter, purchase a digital news article for $0.50, or buy a pack of gum from the corner store for $0.75.

2007 Pearson Education

31

E-Commerce Storefront Solutions

Instant Online Storefront Off-The-Shelf Shopping Cart Software

Custom Built Solution

Semi-Custom Built Solutions on a Budget

2007 Pearson Education

32

Instant Online Storefront

Yahoo!
http://smallbusiness.yahoo.com/ecommerce/

Earthstores
http://home.earthstores.com/

FreeMerchant
http://www.freemerchant.com/

2007 Pearson Education

33

Off-The-Shelf Shopping Cart Software

Miva Merchant, http://www.miva.com/us/
Mercantec http://www.mercantec.com/

2007 Pearson Education

34

Custom Built Solution

IBM's WebSphere Microsoft's Visual Studio.NET

Macromedia Dreamweaver
Etc.

2007 Pearson Education

35

Semi-Custom Built Solutions on a Budget

E-Commerce add-ons for FrontPage and Dreamweaver
Paypal order processing

Free shopping cart scripts

2007 Pearson Education
36

 STOP HERE

2007 Pearson Education

37

E-Commerce Security
Encryption
Used to ensure privacy within an organization and on the Internet. The conversion of data into an unreadable form, called a ciphertext. This ciphertext cannot be easily understood by unauthorized individuals.

Decryption
The process of converting the ciphertext back into its original form, called plaintext or cleartext, so it can be understood.

The encryption/decryption process requires an algorithm and a key.

2007 Pearson Education
38

 Encryption is needed because information in a packet can be intercepted as it travels across media.

2007 Pearson Education

39

E-Commerce Security Encryption Types

Secure E-Commerce transactions make use of the encryption technologies below: Symmetric-key Encryption Asymmetric-key Encryption Hash Encryption These technologies are used as part of SSL (Secure Sockets Layer) the technology that helps to make commerce on the Internet secure.
2007 Pearson Education
40

E-Commerce Security Types of Encryption(1)

Symmetric-Key Encryption

Also called single-key encryption. Both the encryption and decryption use the same key. Since the key must be kept secret from others, both the sender and receiver must know the key before communicating using encryption. An advantage of symmetric-key encryption is speed.
2007 Pearson Education
41

E-Commerce Security Types of Encryption(2)

Asymmetric-Key Encryption Also called public-key encryption. There is no shared secret. Instead, two keys are created at the same time. This key pair contains a public key and a private key. Public-key encryption is much slower than symmetric-key encryption.
2007 Pearson Education
42

E-Commerce Security Types of Encryption(3)

Hash Encryption A hash algorithm transforms a string of characters into a usually shorter fixedlength value or key that represents the original string, called a digest. Hash encryption is one-way encryption. Hash encryption is used for information that will not be read or decrypted. The function of hash encryption is to verify the integrity of information.
2007 Pearson Education
43

Secure Sockets Layer (SSL)

SSL is a protocol that allows data to be privately exchanged over public networks. SSL was developed by Netscape and is used to encrypt data sent between a client (usually a web browser) and a web server. SSL utilizes both symmetric and asymmetric keys. SSL uses the https protocol instead of the http protocol Most browsers display a lock icon when SSL is being used.
2007 Pearson Education
44

Secure Sockets Layer (SSL)

SSL provides secure communication between a client and server by using:
Server and (optionally) client digital certificates for authentication Symmetric-key cryptography using a "session key" for bulk encryption Public-key cryptography for transfer of the session key Message Digests (hash encryption) to verify the integrity of the transmission

2007 Pearson Education

45

SSL in Action

2007 Pearson Education

46

SSL & Digital Certificate

SSL enables two computers to securely communicate by using a digital certificate for authentication.

A digital certificate is a form of an asymmetric key that also contains information about the certificate, the holder of the certificate, and the issuer of the certificate.
2007 Pearson Education
47

Digital Certificate
The contents of a digital certificate include:
The public key Effective date of the certificate Expiration date of the certificate Details about the Certificate Authority -- the issuer of the certificate Details about the certificate holder A digest of the certificate content
2007 Pearson Education
48

Certificate Authority
A Certificate Authority is a trusted third-party organization or company that issued digital certificates. Well-known Certificate Authorities:
Verisign
http://www.verisign.com

Thawte
http://www.thawte.com
2007 Pearson Education
49

Obtaining a Digital Certificate

Request a certificate from a Certificate Authority and pay the application fee. The Certificate Authority:
verifies your identity, issues your Certificate, and supplies you with a public/private key pair.

Store the certificate in your software such as a web server, web browser, or email application. The Certificate Authority makes your certificate publicly known.
2007 Pearson Education
50

SSL & Digital Certificates

When you visit an e-commerce site that uses SSL, a number of steps are involved in the authentication process.
The web browser and web server go through initial handshaking steps using the server certificate and keys. Once trust is established, the web browser encrypts the single secret key (symmetric key) that will be used for the rest of the communication. From this point on, all data is encrypted using the secret key.
2007 Pearson Education
51

Summary
This chapter introduced you to basic e-ommerce concepts and implementations. Consider taking an E-Commerce course to continue your study of this dynamic and growing area of web development.

2007 Pearson Education

52