Professional Documents
Culture Documents
Arup K Das
Doctorate, Information Management, MDI Gurugram
Head of Security & Compliance, Ericsson India Digital Services
Guest Faculty, FMS, University of Delhi
2
Introduction to E-Business
Key Differences
E-Business & E-Commerce
5
Types of E-Business
▪ B2G (Business to Government)
✓ B2G is the online exchange of information and transactions between
businesses and government agencies, also known as e-government.
✓ B2G allows government agencies and businesses to use electronic means to
conduct business and interact with each other over the internet.
✓ E.g. Infosys offering electronic tax filing services to Govt. of India
6
E-Business Environment: Key Elements
▪ Economies of exchanging information
✓ Firms can take advantage of both richness and reach of information using the internet
✓ The cost of sending additional units of information via the internet is practically zero
and the reach is global
7
E-Business Environment: Key Elements
▪ Speed of change
✓ The internet has speeded up the transactions process and raised
expectations of customers.
✓ Firms need to readjust their lead times, response times and distribution and
delivery times in order to meet the exacting demands of customers,
suppliers and partners across the supply chain in the internet economy.
▪ Economies of abundance
▪ Information is a valuable asset in the internet economy.
▪ Revenue can be created by the dissemination of information based on its
value to consumers
▪ Firms with exclusive rights to the ownership of valuable information can
gain a good revenue stream through the production and protection
(copyright) of such information.
8
E-Business Environment: Key Elements
▪ Merchandize exchange
✓ The internet provides a mechanism for displaying a huge array of products
and services without having to incur the costs of display that traditional
stores incur.
✓ Search facilities can channel consumers to the exact types of products and
services they are interested in and the website can offer additional services
such as discount facilities, links to complementary products, product
reviews, transactions, payments and delivery.
▪ Prosumption
✓ The internet can be used as a means of communicating with customers and
enriching the relationship between buyer and seller.
✓ This can lead to customising or personalising products or services to match
the requirements of individual customers.
9
E-Business Markets
▪ Electronic marketplaces (e-marketplaces) are electronic exchanges where firms
can register as buyers or sellers and undertake business activities using the
internet.
▪ Typically, e-marketplaces attract firms from each element of an industry supply
chain to enhance the efficiency of communications and to undertake
transactions.
▪ There are three main types of e-marketplaces:
▪ Public exchanges: independently-operated B2B trading platforms for facilitating online transactions
between trading partners. These are open to any business or group of businesses.
▪ Consortium exchanges: an exchange owned and operated by a group of competing businesses
who combine their buying power to gain group-wide savings on the supply of materials.
▪ Private exchanges: an exchange owned and operated by a single firm to link its trading system
directly to that of its suppliers.
10
E-Market Place – Old & New Economy
11
Emerging Technologies in E-Business
World Wide Web
▪ Team of researchers at the National Center for Supercomputing Applications
(NCSA) at the University of Illinois developed a windows-based graphical user
interface for the Internet, now popularly known as Web Browser.
▪ Web browser developed by Marc Andreeson and his team of researchers at the
NCSA was called ‘Mosaic’ and represented the first truly worldwide web.
▪ In 1994 the same group of researchers developed Netscape, which was
followed by Microsoft’s Internet Explorer
▪ The market for web browsers is also competitive, with Google, Lycos, Yahoo!
and AltaVista – all have their web browsers
▪ This was followed by the world’s best known navigator - Netscape Navigator
▪ By mid 1990s businesses across the globe began using the internet for
conducting online transactions (e-commerce) and a host of other business
activities such as communicating with suppliers, distributors, partners,
manufacturers and government bodies (e-business) got setup.
▪ This was followed by concept of Portal - a website that acts as a gateway to the
information on the internet by providing search engines, directories and other
services such as personalized news or free e-mail
13
Information Infrastructure
▪ Information infrastructure is the support system that allows the internet to
work
▪ Main infrastructure support facilities exist where access to the internet has
moved beyond fixed location computers to incorporate mobile wireless
computers and mobile phones
▪ Most nations have constructed their own national information infrastructure
(NII) to facilitate connectivity in homes, educational institutions, businesses
and public organizations
▪ The investment required for building the information infrastructure has been
considerable and the connectivity rates differ markedly between countries and
continents
▪ An effective infrastructure needs to be able to support
▪ High rates of interactivity
▪ Reliant on robust hardware and software
▪ Continuous power supplies
▪ State-of-the-art telecommunications systems
▪ Availability of efficient maintenance and support systems
14
Broadband
▪ Broadband is a term used to describe the bandwidth of a transmitted
communications signal
▪ The bandwidth describes a range of frequencies that the signal occupies
▪ The bandwidth for digital and analogue corresponds to the amount of
information received or sent over a particular time unit
✓ Higher bandwidth increases transmission speeds and facilitates the communication of much greater
volumes of information
15
Electronic Data Interchange
▪ Electronic Data Interchange (EDI) describes the exchange of documents
between organizations in standardized electronic form directly between
computer applications
▪ It is the standard format of communication between organizations that it offers
▪ Purchase orders, invoices and material releases are just some examples of
these processes where EDI can result in cost savings and increased efficiency
▪ EDI stretch back to the early 1960s, but the development of the Internet gave
the use of EDI an added boost
▪ Key features of EDI –
▪ Use of an electronic transmission medium
▪ Use of structured, formatted messages based upon agreed standards
▪ Faster delivery of electronic documents from sender to receiver
▪ Direct communication between applications and systems
16
Programming Languages
▪ Programing language facilitates the development of a set of instructions from
the programmer that constitutes a computer program
▪ Instructions must be translated by a language translator into the computer’s
own machine language before they can be processed
▪ Two types of Language Translators
✓ Assemblers – That translates symbolic instruction codes
✓ Compilers – That translates high level language codes
17
Machine Language
▪ Initial and most basic form of program language used binary numbers as codes
for instructions – i.e. 0 and 1
▪ This language is also known as the First Generation of Program Language
▪ It was slow, cumbersome and prone to error
▪ Instructions were required for every switch and indicator used by the program
18
Assembly Language
▪ This is known as the Second Generation of Program Language
▪ It was developed to overcome the problems associated with writing machine
languages
▪ Assembler languages require translator programs (assemblers) that enable a
computer to convert the instructions into machine language
▪ Assembler languages use letters of the alphabet and symbols rather than binary
numbers as codes for instruction
19
High Level Language
▪ This is known as the Third Generation of Program Language
▪ It uses statements, or arithmetic expressions as codes for instruction
▪ This language is termed ‘high-level’ because it uses high-level language
translator programs that allow each statement to generate numerous
instructions when converted into machine language
▪ It’s simpler to learn than assembler languages, since they are less formal, and
rules based
▪ Examples – Basic, C, Cobol, Fortran
20
Fourth Generation Language
▪ There are many languages available that are less procedural and formal than
the ones previously discovered
▪ Fourth generation languages (4GL) place the onus on programmers to specify
the results they are looking for
▪ Computer then works out the sequence of instructions to achieve the stated
results
▪ 4GL makes the programming process simpler and uses more conventional
language
▪ Advances in artificial intelligence (AI) technology means that program
languages are available in many natural spoken languages
▪ Examples – SQL, Post Script
21
Object Oriented Programming Language
▪ Object Oriented Programming Languages are tools for software development
▪ It binds together the data elements and the procedures to be performed upon
them to create objects
▪ For example - an object could be personal financial data and the actions to be
performed may convert the data into a graph
▪ This capability has a number of attributes including ease of use, increased
efficiency and increased quality of presentation
▪ Importantly, once objects are programmed, they can be reused
22
Service Oriented Architecture
An ever growing catalog of business services to enable business agility and growth
Reservations:
Check
Avilability()
Service Y
Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()
Avilability()
Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()
▪ Breaking E-commerce
portal into small business
units
▪ One successful order
needs to proceed through
all of these modules
within a specific time
frame.
▪ Each of these business
modules should have its
own business logic and
stakeholders.
▪ They may communicate
with other third-party
vendor software for some
specific needs, and also
with each other.
24
Industry Standards
EDI, XML, ebXML
▪ EDI
✓ One of the first e-marketplace models proposed for integrating systems was that of the Electronic
Data Interchange (EDI) communication system between partners participating in the supply chain
✓ Assuming no standardized system of communication exists then for n partners in the supply chain,
then there are n (n-1) /2 possible different communication interfaces
✓ Thus, EDI system of implementations required a huge amount of work across the entire supply chain
in order to integrate and align communications standards
▪ XML
✓ Extensible Markup Language (XML) is a class of data objects that are stored on computers
✓ XML paved the way for a more technological-centered acceptance of standardization as a concept
among a global business community still coming to grips with the implications of the internet
✓ But it still had a problem integrating small and medium sized enterprises due to the prohibitive costs
of participation
▪ ebXML
✓ ebXML is an attempt to overcome restricted applications by operating a horizontal standard that can
be developed for use in any vertical industry, with the main users being small and medium sized
enterprises
✓ It is one of the most promising attempts at introducing an integration standard to date
✓ This system is a joint development between the United Nations (Trade Facilitation and Electronic
Business) and the OASIS (Organization for the Advancement of Structured Information Systems)
25
Industry Standards
UBL, Rosetta Net, UDDI
▪ UBL
✓ Universal Business Language (UBL) also stands alongside ebXML as the most comprehensive effort to
standardize to date
✓ It uses the horizontal business library developed by Commerce One called ‘xCBL’
✓ UBL harmonises xCBL with a host of other business libraries
✓ However, companies across different industries, regions and trading conventions use different
documentation and procedures, which UBL doesn’t support through a single interface to meet the
needs of every participant
✓ Rosetta Net
✓ Rosetta Net is an industry specific system geared towards vertical standards in the IT, electronics and
hi-tech industries
✓ It is geared towards creating an industry standard that helps to leverage efficiency and cost savings
across the supply chain
▪ UDDI
✓ Universal Description Discovery and Integration (UDDI) is a competition to ebXML
✓ UDDI is the initiative developed by a consortium comprising Microsoft, IBM and Ariba. It stores
information about the integration profiles and capabilities of companies in a shared directory
✓ Main differences between UDDI & ebXML
❖ UDDI - Aims for a standard registry for firms that accelerate the integration of systems for e-marketplaces
❖ ebXML - Aimed at standardizing how XML is used in general B2B integration
26
Wireless Technology
▪ WAP
✓ Wireless Applications Protocol (WAP) is a standard that transfers data and information to wireless
devices
✓ WAP rollout in 2000 was the first effective standard specifically aimed at mobile devices
✓ Wireless Markup Language (WML) was designed for making data, information and limited graphics
legible on small hand-held devices such as mobile phones
27
Wireless Technology
▪ Bluetooth
✓ Bluetooth is a specification for short-range radio communications among mobile devices
✓ Mobile devices operating Bluetooth can communicate when they come within range of each other
and establish a network relationship
✓ Bluetooth also has built-in security features such as encryption and authentication functions
▪ Wi-fi
▪ Wireless-fidelity, or wi-fi, is a high-speed local-area network enabling wireless access to the internet
for mobile, office and home users
▪ Its main attribute is its flexibility since it can be used in built-up urban areas without the need for a
fixed connection
▪ Wi-fi can be found in public places such as airports, restaurants, hotels and hospitals. These places
provide so-called ‘internet hotspots’ where mobile devices can hook up to the internet without
needing a fixed wire.
▪ Wimax
▪ Wimax is a broadband service that can support data transmission at speeds of up to 10 Mb a
second, twenty times faster than conventional 512 kb/s available on copper wires
▪ The higher data rates will allow firms to transmit large amounts of information faster as well as
making it easier to use services that rely on video
▪ The Wimax initiative offers greater reach (25 miles) than wi-fi broadband technology (100 ft)
28
Emerging Networking Technologies
▪ Internet Protocol
✓ Internet protocol (IP) is a system that facilitates the convergence of voice and video with existing
forms of internet communication
✓ It allows workers to communicate with anyone else in any part of the globe using a choice of
communications media
▪ VOIP
✓ VoIP is a means of making telephone calls over the internet and is set to have a considerable impact
on the telecoms market
✓ Internet telephony works by breaking down the voice call (in similar fashion to the dismantling of
data for online contact), sending it over the internet and then reassembling it at the receiver’s end
▪ IPTV
✓ Internet television (IPTV) enables viewers to choose from a vast archive of film and television
programs
✓ The aim is to deliver a range of existing TV channels alongside video-on-demand services through a
set-top box
▪ Mobile TV
▪ Major telecommunications businesses are involved in providing mobile television services - what their
customers want from the service, how they use it and how much they are willing to pay
▪ It provides another channel for telecommunication companies, content providers, broadcasters,
advertisers and other businesses to reach customers
29
Cloud Computing Technologies,
EDI and its role in E-Business
Traditional E-Commerce Setup
E-Commerce setup on Cloud Computing
What is EDI?
Traditional Manual Process
33
Standard EDI Formats
▪ EDI documents are processed by computers and
use standard, computer-friendly formats.
▪ Standards describe each piece of data and its
format (e.g., type of document, parties involved,
actions to take, mmddyy).
▪ Standards eliminate company-to-company
variations, allowing each business partner's
computer system to speak a common language.
▪ There are a variety of EDI standards for various
industries, regions and use cases - each with
different versions, so EDI partners must use the
same standard and version
▪ Popular standards includes ANSI X12 in the U.S.,
UN/EDIFACT globally and industry-specific
standards, such as HIPAA
34
How does EDI work?
EDI Network
35
EDI 850 Data Interchange
▪ EDI 850 Data Interchange set provides
same information as a paper PO
document
❑ PO Number
❑ Order date
❑ Requested shipping and/or delivery date
❑ Vendor details such as name, address and/or
contact details
❑ Buyer details such as name and delivery
address
❑ Buyer billing information
❑ Item identifiers, such as product SKUs or UPC’s
❑ Quantity and unit of measure of items ordered
❑ Price per unit, as well as the total price for the
order
❑ Shipping terms, such as the shipping method,
preferred carrier, and desired delivery date
❑ Proposed payment terms
❑ Allowances and charges
36
EDI Standards
EANCOM
37
EDI Standards
EDIFACT
38
EDI Standards
X12
Common X12 Message Types
▪ X12 is an EDI messaging standard
developed by the American
National Standards Institute
(ANSI).
▪ X12 encompasses a set of
standards and corresponding
messages that define specific
business documents used in a wide
variety of industries today and is
the de-facto EDI standard in the
United States
▪ Developed in 1979, it has been
extended over the past decades to
meet the requirements of global
business processes including those
of finance, insurance,
transportation, supply chains, and
government
39
EDI Standards
TRADACOMS
Tradacoms Messages
▪ Tradacoms is an early standard for
EDI and was primarily used in the
UK retail sector.
▪ It was originally one of the
precursors to the UN/EDIFACT
standard and has since been
largely deprecated in favor of the
EDIFACT EANCOM subsets, though
it is still used by many UK
retailers.
40
EDI Standards
HIPAA
41
EDI Protocols AS: Application Statement
42
EDI Protocols
EDI Features Age Status & Security
Protocol Popularity
AS3: Open • AS3 built on File Transfer Developed Quite largely Provides tight
standards for Protocol (FTP) in 2006 used, but not security with
EDI data • Companies have used FTP to by IETF as popular as implementation of
transportation send data, including EDI data, AS2 / AS4 MDN with digital
& application across the Internet to partners signatures &
interoperability • It adds MDN to provide receipt encryption,
verification making it more
• Supports both push & pull FTP secured than FTP
capabilities & FTPS
AS4: Transfer • AS4 is a SOAP-based web API Developed As popular as Supports password
files between layered over HTTP in 2013 AS2 & used by authentication
trading • Built on open standards (MIME, by IETF companies who (X.509 security
partners using SOAP, WS-Security) modernize tokens), MDN
Web Services • Provides rich support for meta their data receipts, digital
data & payload agnostic (incl. communication signature &
Legacy EDI) authentication;
• Receivers can reroute messages Supports Transport
and can correlate them with Layer Security
past or future messages (TLS); Supports
• Supports error generation, Push whole range of
/ Pull interactions encryption
43
EDI Protocols
EDI Features Age Status & Security
Protocol Popularity
EDI via • FTP with VPN – FTP use a virtual FTP in EDI is Most widely FTP with VPN,
FTP: VPN, private network (VPN), which in existence used File SFTP and FTPS
SFTP & provides an extra layer of security since early Transfer offer different
FTPS around transactions 1960s Protocol and levels of security,
• SFTP - SFTP is essentially FTP with quite easy to but both FTPS &
a Secure Shell (SSH), which use SFTP have same
encrypts message & decrypts upon set of drawbacks –
receipt lack of non-
• FTPS - FTP over SSL (Secure repudiation and
Sockets Layer) message
management
OFTP & • Odette File Transfer Protocol (OFTP) Developed in Widespread Supports
OFTP2 built specifically for B2B document 1986 by use encryption and
exchange Odette throughout in digitally signed
• Provides digitally signed electronic Organization Europe messages;
delivery receipts Requests signed
• Uses Open System Interconnection receipts and
(OSI) model provides massive
• Supports Push / Pull mode of data compression
communication
• OFTP2 designed for use across web
44
EDI Protocols
EDI Features Age Status & Security
Protocol Popularity
Web EDI using • Web EDI is simply conducting Existing for Web EDI is The forms’ fields
Smart Forms EDI through an Internet many years traditionally are automatically
browser now popular and converted into an
• Enables trading partners to use based around EDI message and
online forms to create, a hub (EDI sent via secure
exchange, and manage company) Internet protocols,
electronic documents and spoke such as FTPS,
• It replicates paper-based model HTTPS or AS2
documents using simple, pre- (partners
populated forms to help connect to
businesses communicate and EDI
comply with their business company)
partners
Mobile EDI • Supports Mobile Apps Quite new Getting No particular
• Supports adoption of Direct and popular now security standard
Exchange (DEX) in the retail applicable in transaction set in
industry (scan item barcodes today’s the space
into mobile devices to create scenario
invoices); Transmit to receivers
via in-store docking stations;
Verify quantity; Generate
digital invoice
45
E-Business Indian IT Policies
&
Case Study Discussions
Data
▪ The draft bars retailers in the country from allowing data access to foreign
businesses even with the consent of the user
▪ Currently, data gathered by eCommerce companies in the country is stored
on the private cloud storage capacities outside India for financial reasons
▪ Due to this, companies like Amazon and Flipkart will have to undergo
major restructuring processes
▪ Also, the draft has proposed that the Data gathered by these companies
must be shared with smaller players in the eCommerce field, particularly
the start-ups
▪ This is intended to provide a level playing field to all players, big or small
▪ The reasoning behind these changes is that Data is a national asset, and
everybody should have access to it
47
E-Commerce Market Place & Consumer
Protection
▪ E-Commerce marketplaces are digital platforms, i.e. online platforms on
which goods (physical or digital) or services, are sold
▪ An E-Commerce marketplace is expected to provide all round benefits in
comparison to its physical counterpart, by increase in access and
economies of scale in operation
▪ With the advent of online E-Commerce in India, consumers have benefitted
from increased competition in the market by way of getting access to
greater variety of products at competitive prices
▪ Another benefit in this field has been the development in logistics (delivery
partners), which has provided employment to a significant number of
people
48
Anti-Piracy & Anti-Counterfeiting
▪ The eCommerce industry is plagued with the problem of Anti-Piracy and
Anti-Counterfeiting
▪ To tackle this, the draft policy has proposed certain changes to be complied
with
▪ It suggests that E-Tailers (Electronic Retailers) must publicly share all
relevant details of the sellers listed on their portals
▪ Online retailers must display phone numbers and email addresses for
consumer grievances and offer a primary solution to each problem within a
week
▪ Online retailers also have to seek authorization from trademark owners
before enlisting the products
49
Authentic Ratings & Reviews
▪ The draft policy talks about transparency and non-discrimination in
publishing of ratings and reviews.
▪ All ratings and reviews for verified purchases must be published as
registered by the consumer, except those found to be promotional, abusive
or inappropriate in a community setting.
▪ Marketplaces are required to devise mechanisms to prevent fraudulent
reviews and ratings by the sellers and their affiliates
50
Consumer Oriented Customer Service
▪ The policy laid down outlines the publication/display of phone number and
email address for consumer grievances is mandatory for all E-Commerce
sites and applications where purchase and sale of products is taking place.
▪ A system of acknowledgment of consumer complaints to be put in place as
well as clear cut timelines for their disposal.
▪ These timelines are to be displayed prominently on the website /
application. A first resolution to all consumer complaints must be provided
within 1 week.
51
Prevention of Sale of Prohibitive Items
▪ The policy sketches how websites or applications where purchase-sale of
products take place, must display list of products which are prohibited, as
prescribed by the Director General of Foreign Trade (DGFT) or any other
competent authority, on their site.
▪ Sellers must provide an undertaking to the platform/site/application that
they are not engaged in transacting in such products on the platform and
the same must be made accessible to consumers.
▪ In case it is found that products being sold are prohibited, or a complaint
to that effect is received, the platform shall immediately remove the listing
or other reference to the product within 24 hours.
▪ Such sellers shall also be blacklisted from the platform and the relevant
authorities notified.
▪ The liability of the platform in case used for sale of prohibited goods shall
be determined as per provisions of law.
52
Ten Online Business Laws
1. Taxes
▪ First, know that every state and country has different expectations and standards when it comes to
taxes.. That means, you have to conduct some research and understand your target market.
▪ For instance, if your store’s demographic is located in the U.S., you’ll likely want to display your
prices exclusive of tax. However, if your target market is Australia, where shoppers are accustomed
to seeing all-inclusive prices, you’ll want to include tax.
2. Payment Gateway
▪ There are many payment gateways available for E-Commerce
▪ Need to align with the payment gateway, that’s most applicable for your business
53
Ten Online Business Laws
4. Shipping Restrictions
▪ You need to know your shipping restrictions. E.g. Not all shippers restrict the same items
▪ Most shipping companies clearly specify their restricted items
▪ Also, it may be noted that some providers may allow you to ship usually restricted items but will
require some extra paperwork and fees.
5. Inventory
▪ You may start storing the clothing for your online boutique in a spare closet or packing your
handmade jewelry in too many storage boxes in your home
▪ However, if you’ll be holding substantial inventory, you should also check your lease deed, or
zoning codes to see if there are any prohibitions on running a business like the one, you’re
contemplating out of your home
▪ You could benefit from having a brick-and-mortar location or warehouse in the early stages of
your business.
▪ Having a clear and organized inventory management strategy in advance will help you create a
scalable business plan for the future
54
Ten Online Business Laws
6. Age Restriction
▪ Anytime you launch a website, it’s absolutely required that it comply with the Children’s Online
Privacy Protection Act (COPPA)
▪ This act includes quite a few regulations, but the one that will likely apply to your site is the
inability to collect any personal information from a child under the age of 13
▪ If you’re planning on selling a product or service tailored specifically to a young audience, you’ll
need to abide by COPPA regulations
▪ As far as age verification requirements for ecommerce stores selling age-restricted items, you
should look into your country’s specific codes
7. Business Insurance
▪ There are multiple types of insurance for small businesses, including general liability, product
liability, professional liability, commercial liability, and home-based insurance
▪ During your vetting process, it’s a good idea to at least take a look at product liability insurance.
It’s intended for companies that manufacture, wholesale, distribute, and retail a product and may
be liable for its safety
55
Ten Online Business Laws
8. License & Permits
▪ Depending on which product you decide to offer, you may need a license to sell it.
▪ This varies based on the country in which you’re located, so contact your local licensing
department.
▪ If you’re selling special products to a regulated industry (e.g., medical devices or holistic health
care supplements), you’ll need to check with your state to see if you need to be licensed to
provide those kinds of products or service
9. PCI Compliance
▪ PCI compliance is a necessary protection for online sellers, and nearly all SaaS E-Commerce
platforms have it baked into some degree
▪ Educating your business on PCI compliance is the first step to making sure you’re protected
56
Case Study Discussions
Amazon.com
57
Electronic Payment Systems
E-Payment System – Definition & Entities
▪ An E-Payment system is a system that allows your customers to
pay for products and services online. This complex mechanism
works with the following entities:
✓ Purchaser
✓ Merchant
✓ Purchaser’s Bank
✓ Merchant’s Bank
✓ Payment Processor and
✓ Payment Gateway
59
E-Payment System – How it works?
1. After the buyer puts in all the required information and
pushes the button to finalize the purchase, the data is
sent to a seller’s web server through an SSL connection.
60
Best Way to integrate an E-Payment GW
▪ Hosted Payment Gateway
✓ Small business owners will probably prefer the Hosted Payment Gateway method if they are fine with
processing the payment externally.
✓ No PCI compliance is required, as all the processing is handled by the service provider. This method is simple
and fast to integrate.
✓ However, the drawbacks here are quite significant —you can’t control a hosted gateway. To make a
payment, customers must leave your website — this is not good in terms of conversion and marketing in
general. Additionally, some buyers may be suspicious about going to third-party websites, which weakens
your brand image.
✓ On the other hand, integration is easy — all you need to do is to add JavaScript code, which will serve as
your “Buy” button and direct the customer to the third-party website to make a transaction.
61
Best Way to integrate an E-Payment GW
▪ Integrated Method
✓ If you have a medium to large sized business, your brand image and user experience are very important and
are crucial factors in revenue and potential growth. That’s why the integrated method can work best here.
✓ This approach will keep your customer on your website all the time and you will get complete control over
the payment process. You will be able to adjust and customize the payment system just as you want.
✓ The main drawback is because you need to support a payment system yourself, it could get very expensive.
You will store the financial information of your customers, so you need to get PCI compliance to even be able
to do that.
✓ If you have custom features in mind, they may be quite sophisticated to implement. You need a team of
experts to successfully execute the integration and add APIs to your server. While vendors offer detailed
guides on this process, it is better to find the right team to perform it.
62
E-Commerce Payment Systems
A Comparison
PayPal Amazon Pay Stripe 2CheckOut Authorize.net
Payment PayPal, Apple Pay, Amazon Pay AliPay, Apple Pay, PayPal, ACH, PayPal, Apple
Methods Android Pay, Venmo, Android Pay, WebMoney, Pay, E-check,
Bitcoin Bitcoin, WeChat, Payoneer, Visa Checkout
ACH, EPS WeChat, Wire
Credit/Debit Visa, MasterCard, Visa, MasterCard, Visa, MasterCard, Visa, MasterCard,
Card Support Visa, MasterCard, American Express, JCB, American Express, American American
American Express, Diner's, NYCE, STAR, AMEX Express, JCB, Express, JCB,
JCB, AMEX, Diners China Union, EuroCard Discover Discover
Club
Setup Fee No No No No $49
Transaction Fee 2.9% + $0.30 2.9% + $0.30 2.9% + $0.30, 3.5% + 0.35% 2.9% + $0.30
ACH/Bitcoin
Processing 0.8%
Features AVS, SSL, CCV, Virtual AVS, SSL, CCV AVS, SSL, CCV, AVS, SSL, CCV AVS, SSL, CCV,
Terminal Virtual Terminal Virtual Terminal
63
E-Payment System Benefits
▪ Reaching more clients from all over the world, which results in more sales.
▪ More effective and efficient transactions — It’s because transactions are
made in seconds (with one-click), without wasting customer’s time. It comes
with speed and simplicity.
▪ Convenience - Customers can pay for items on an E-Commerce website at
anytime and anywhere. They just need an internet connected device. As
simple as that!
▪ Lower transaction cost and decreased technology costs
▪ Expenses control for customers, as they can always check their virtual
account where they can find the transaction history
▪ Today it’s easy to add payments to a website, so even a non-technical
person may implement it in minutes and start processing online payments
▪ Payment gateways and payment providers offer highly effective security and
anti-fraud tools to make transactions reliable.
64
E-Payment System Pitfalls
▪ E-commerce fraud is growing at 30% per year. If you follow the security
rules, there shouldn’t be such problems, but when a merchant chooses a
payment system which is not highly secure, there is a risk of sensitive
data breach which may cause identity theft.
▪ The lack of anonymity — For most, it’s not a problem at all, but you need
to remember that some of your personal data is stored in the database of
the payment system.
▪ The need for internet access — As you may guess, if the internet
connection fails, it’s impossible to complete a transaction, get to your
online account, etc.
65
Security and Privacy in E-Business
Security
▪ Security is one of the most important issues affecting e-business
▪ Secure transactions are of high value to customers
▪ It underpins confidence in e-business and e-commerce and helps e-
businesses to achieve growth
▪ However, online transactions are inherently insecure
▪ Firms engaging in E-business need to be both open and closed. They need to
be open to sharing information and also closed to hackers / intruders
▪ There are a number of ways internet security can be breached. The most
common is the spreading of computer viruses
▪ Other security breaches include:
✓ Un-authorised network entry
✓ DOS - Denial of Service
✓ Data Loss, Information Loss,
✓ Manipulation of software applications or systems programs
✓ Fraud, trafficking in illegal materials, theft and piracy
67
Microsoft STRIDE Model
Threat Property Definition Example Mitigation Examples
Spoofing Authentication Impersonating something or Threat action aimed to illegally access To authentication user:
someone else and use another user's credentials, such • Digest authentication
as username and password. • Id authentication
• Cookie authentication
• Kerberos authentication
• PKI systems such as SSL/TLS and
certificates
• IPSec
• Digitally signed packets
To authenticate code or data:
• Digital signatures
• Message authentication codes
• Hashes
Tampering Integrity Modifying data or code Threat action aimed to maliciously • File integrity verification (i.e. AIDE,
change/modify persistent data, such as HIDS, etc.)
persistent data in a database, and the • ACLs
alteration of data in transit between two • Digital signatures
computers over an open network, such • Message Authentication Codes
as the Internet.
Repudiation Non-repudiation Claiming to have not Threat action aimed to perform illegal • Strong Authentication
performed an action operations in a system that lacks the • Secure logging and auditing
ability to trace the prohibited • Digital Signatures
operations. • Secure time stamps
• Trusted third parties
Information Confidentiality Exposing information to Threat action to read a file that one was • Encryption
someone not authorized to see not granted access to, or to read data in • ACLs
Disclosure
it transit.
Denial of Availability Deny or degrade service to Threat aimed to deny access to valid • ACLs
users users, such as by making a web server • Filtering (firewall)
Service
temporarily unavailable or unusable. • Quotas
• Authorization
• High availability designs
Elevation of Authorization Gain capabilities without proper Threat aimed to gain privileged access • ACLs
authorization to resources for gaining unauthorized • Group or role membership
Privilege
access to information or to compromise • Privilege ownership
a system. • Permissions
• Input validation
Threat-driven approach – Cyberattack Flow
Encryption
▪ Encryption is the most commonly used method of securing transmissions via the internet
▪ There are two main types of encryption – secret key and public key
▪ Secret-key encryption is where parties to a transaction share a common encrypted key number that is
known only to them
▪ The same key is used to encrypt and decrypt a message
▪ Public-key encryption is where the encrypted key number used is different for sender and receive
▪ This method, sometimes known as asymmetric cryptography, uses two keys – one to encrypt the
message and the other to decrypt the message
▪ The keys are related by numerical code and the material only becomes readable when the keys are used
in combination
▪ Each user has a public key and a private key. No key pair can be transformed into the other
▪ Public-key encryption is based on Pretty Good Privacy (PGP) software that encrypts e-mail messages and
is available in both free and commercial formats.
▪ Most private users of the internet are likely to have a security system called Secure Sockets Layer (SSL)
that was developed by Netscape and widely distributed as a means of securing messages across HTTP.
SSL-enabled servers use digital certificates as a means of authenticating transactions. Most B2C
transactions are secured via SSL
70
Public Key Infrastructure
▪ The Public Key Infrastructure (PKI) is one initiative that is designed to provide a generic
solution to the issue of security
▪ PKI is an E-Commerce architecture that combines specialist authorities, digital certificate
management systems, and directory facilities to create secure networks on top of
unsecured networks such as the internet
▪ PKI is managed by certificate authorities
▪ The certificate authority records all users of public keys in the form of a digital certificate
and oversees all operational aspects of data encryption
▪ The effective management of public keys and certificates has ensured that PKI is a
popular choice of architecture for e-businesses
▪ PKI offers security in three important areas: confidentiality, authenticity and non-
repudiation.
▪ The public-key encryption provides confidentiality; digital certificates ensure authenticity
of identity; and the PKI management systems ensure non-repudiation such that
transactions cannot be denied by either buyer or seller
▪ In Public Key Encryption, two related keys, one public and one private, work together to
with one used for encryption and the other used for decrypting
71
Security Breaches
▪ Hacking - Computer hacking is where someone deliberately and illegally gains access to
a system. Much hacking activity is for criminal gain. That is, hackers seek to gain
valuable information, such as credit card details, in order to commit fraud. Different
types of hacking are as follows:
✓ Monitoring of information
✓ Accessing Databases
✓ Identity Fraud
✓ DOS (Denial of Service)
▪ Spam - It is unsolicited e-mails that are sent to random and untargeted addresses. The
motivation for sending spam e-mails is multifarious and may include
✓ Initiating a form of direct advertising;
✓ A method of spreading viruses;
✓ A method of inserting ‘cookies’ as a means of gathering valuable information that
can then be sold on to third parties;
✓ A malicious attack on particular organizations or individuals; or as a means of
making a political gesture
72
Security Breaches
▪ Fraud - It represents one of the biggest barriers to the growth of the internet for
business and commerce. The true scale of fraudulent activity on the internet may never
be known since many victims prefer not to report the crime and firms opt to avoid
negative publicity.
Fraud Actions Details
Auction The buyer pays for goods that are wrong, faulty or do not appear at
all
Internet Access Offers of ‘free’ internet access may have hidden charges and high
cancellation fees
Credit Card Fraud credit card details are requested by some sites as proof of age; this
may result in unauthorised charges
Personal Website Offers of free website access for one month, but charges via the
telephone bill
Modem Scam Download a ‘free’ dialer to access adult sites but high charges follow
73
General Data Protection Regulation
GDPR
HIGHLIGHTS:
▪ Tabled for adoption on 24 May 2016, it
shall apply from 25 May 2018.
▪ It is a regulation, not a directive.
▪ It is a General Data Protection Regulation
that will cover all sectors, including E.g.
telecom and IT
▪ It brings plenty of new consumer rights
and compliance requirements :
✓ High fines for non-compliance
(up to 4% of company’s global
turnover)
✓ Mandatory DPIA (Data Protection
Impact Assessment)
✓ Mandatory DPO (Data Protection
Officer)
✓ 72 hours data breach notification
✓ Liability for the data processor
Data Controllers & Data Processors
Data Controllers Data Processors
1 2 3 4 5 6 7 Legacy
Applications
Web-based
Transaction Router
client,
GUI client,
Translator
Other Clients
Visual & 7
Non-visual Databases
components
E-Commerce Framework
▪ An E-Commerce Framework is made of the underlying architecture
needed to develop and maintain a system for selling products online.
▪ At its core, an E-Commerce Framework provides three essential
functions:
✓ Frontend Display: A presentation layer where users can view and interact with
content
✓ Product Catalog and Shopping Cart: A collection of product information and an
interface for selecting items to purchase
✓ Transaction Processing: The ability to accept online payments
▪ Enterprise Document
Management (EDM)
Systems provide
knowledge management
repository of first
generation
▪ Enterprise Information
Portals (EIP) is the next
generation browser-based
knowledge management
systems
Customer Relationship Management
CRM
▪ Supply Chain Management (SCM) refers to the management of interrelationships with other
businesses along the supply chain that combine to produce and sell products to customers
▪ Normally, SCM involves coordinating and communicating across a network of business
relationships from suppliers of raw materials, to manufacturers, distributors and retailers
E-Business Skills
STRENGTH WEAKNESS
OPPORTUNITY THREAT
▪ The combination of all these advantages enabled Tesco to build a huge brand loyalty among
large numbers of customers and this has been translated into a sustained competitive
advantage over rivals
First Mover Strategy
▪ First-mover advantages are significant in creating competitive advantage as they enable
firms to amass a huge market value
▪ It helps to develop a large customer base that later entrants have to overcome in order to
compete effectively
▪ Branding and building customer loyalty are other important first-mover-related advantages
▪ Key to competitive advantage is building a business model around brand recognition and
superior service such that customers are reluctant to switch to rivals even if the cost of
doing so is zero
▪ In e-commerce, firms need to compete effectively by offering lower prices because of the
absence of significant search costs.
▪ This affects industry profitability and the level of competition. Firms need to adopt a range
of strategies to counteract the shift in power to consumers.
▪ Differentiation, expanding the product range, and price discrimination are some options
that firms may pursue to create competitive advantage
Differentiation
▪ Value can be created by differentiation across each stage of the value chain
▪ This is achieved by undertaking activities that lower buyers’ costs or raise buyers’
performance
▪ There are many ways to create a competitive advantage by differentiating products or
services in the e-business environment. Some of the most prominent methods include:
✓ Creating a strong brand;
✓ Real world promotional programs;
✓ Easy site navigation;
✓ Creating an online community;
✓ Offering personalization of products or services;
✓ Offering customization of products or services;
✓ Real-time merchandising;
✓ Offering valuable ordering applications;
✓ Quick order processing; Providing order status information;
✓ Developing incentives for repeat purchases;
✓ Offering excellent customer service;
✓ Creating loyalty programs;
✓ One-to-one marketing techniques
Cost Leadership
▪ An organization that adopts a cost leadership strategy strives to be the lowest cost
producer in the industry
▪ A cost leadership position can create a competitive advantage in e-business because it may
allow an organization to lower prices
▪ In the internet economy, those firms that compete effectively on price are the ones most
likely to gain customers and competitive advantage
▪ There are many ways in which organizations can seek to reduce costs & it include:
✓ Focusing on a broad market to gain economies of scale;
✓ Minimizing customer acquisition costs;
✓ Creating a community of buyers to gain network economies;
✓ Minimizing the risk of first-time purchasing by ensuring secure transactions;
✓ Minimizing the cost of servicing customers;
✓ Imitating successful business models and web applications
✓ Limiting the product range
✓ Selling products with low distribution costs (E.g., information-based products and services)
✓ Investing only in technology that further helps to reduce costs
✓ Minimizing staff numbers
✓ Advertising solely through the internet
Focus
▪ A focus strategy is when an organization seeks competitive advantage through cost
leadership or differentiation in a broad market segment or narrow, well-defined market
segment of customers
▪ Organizations that adopt a focus strategy typically serve a specific niche market
▪ The internet allows firms to target market segments more closely; they can then offer
customized and personalized products and services to those customers
▪ Those firms that gain a competitive advantage by adopting a focused strategy involve
✓ Focusing the marketing push on specified customers (perhaps as a result of permission marketing)
✓ Offering added services to the main product or service (chat-room facilities for a virtual community),
✓ Utilizing e-procurement systems that specialize in matching buyers with specialist niche market
suppliers
▪ The key to success for firms adopting a focus strategy is to use their specialist knowledge
and expertise to offer customers added value in the shape of better-quality products or
services, greater response times to customer requests and better customer service based
on more personalized relationships
▪ Understanding customers’ needs and wants is an important aspect of gaining a competitive
advantage and underpins a focused strategy by building a specialized knowledge of a niche
market.
Expanding Product Lines
▪ Porter (1987) notes that firms can achieve competitive advantage by expanding into
related product lines and exploiting the transfer of skills or the benefits of sharing of
activities such as promotion or distribution
▪ Sharing can lead to economies of scale, cost reduction and the maximum utilisation of the
firm’s resources
▪ An example of an organization expanding product lines is Friends Reunited
(www.FriendsReunited.com), the website that specializes in bringing together old school
friends
▪ Buoyed by the success of the initial web application, the organization intends to expand
into online recruitment
▪ The company bought online recruitment agents Topdogjob.com in the early 2000
▪ The site has been rebranded as FriendsReunitedJobs.com and will retain the skills and
expertise of the co-founders of Topdogjob.com
▪ The acquisition is part of a strategy to expand and diversify the services provided. The
company had already diversified into providing a genealogy site (www.GenesReunited.com)
and an online dating agency
▪ The expansion and diversification fits into the distinct web application that has proved so
successful in the past – namely, bringing people together for different purposes
Bricks and Clicks
▪ Some ‘pure play’ e-businesses have been spectacularly successful by using the internet
effectively in marketing and selling their products and services
▪ However, the majority of dot-com firms struggle to make any significant profits
▪ The attraction of e-business is the potential it offers for lowering costs and expanding
access to markets and customers
▪ There is a compelling argument that favors a mix of ‘bricks and clicks’ as the most effective
means of using the internet (Gulati and Garino, 2000)
▪ This means that the internet is used for e-business to support functions within the
organization, and for e-commerce as an additional service to customers alongside the core
activities undertaken by traditional methods
▪ Traditional firms have a number of advantages over ‘pure play’ internet firms like, a) An
established brand name; b) Have physical assets that can add value to and support the e-
business venture; c) Have a long-standing and established relationships with distributors
▪ However, perhaps the most significant advantage that traditional businesses have over
internet ‘pure plays’ is that they are not wholly reliant on the success of the e-business
venture for the continued existence of the firm
▪ Invariably, traditional businesses use the internet as a means of offering customers an
additional sales channel and medium of communication as well as providing an additional
marketing channel for the firm
Future of E-Business
▪ The internet is now firmly established in the life of most people where connectivity is available
▪ The business community and consumers have been through a learning experience in applying the internet
to meet their specific needs
▪ The ability of consumers to access and use the internet has been one of the main reasons for the revival of
online shopping in recent years
▪ Different organizations have different levels of use for the internet
▪ Some are internet ‘pure plays’ who are totally reliant on the internet for their business. Others use the
internet as an additional service for their customers
▪ The internet, extranet and intranet all play a key role in the internal and external processes of
organizations
▪ it is possible to make value judgements regarding the future impact of the internet on key parts of the
economy that includes
✓ Development of new Technologies
✓ Nature of industry changes
✓ Development of new products and services
✓ Extension of Markets
✓ Behavior of buyers online
✓ New business applications on the internet
✓ Bridging the digital divide
Questions & Answers
111
Question Pattern
▪ Total – 8 Questions (All 10 Marks each)
❑ Question-1 (Mandatory) – 1x10 Marks
❑ Attempt any 6 Questions from Rest 7 Questions – 6x10 Marks
▪ Question-1 – Key concepts (short descriptions)
▪ Questions will be conceptual. It will be to test your knowledge and
understanding of the subject
▪ You need to play the role of an E-Business person in the industry
according to the situations given in the question
112
Additional Topics
113
Salesforce.com
Features
114
Salesforce.com
Benefits
115
Search Engine Optimization
▪ Search Engine Optimization is the process of improving the quality of web-based /
Internet searches
▪ It’s the process of increasing the website traffic through search engine results
▪ When your customers search for your product / services, they will have more probability
for discovering your website
▪ You need a Search Optimization to ensure –
▪ Your website is useful for your target audience with a positive user experience by using “key words”. E.g
Write content that people will love to read and provide “meta” information to help google to pick your content
▪ Growing your traffic by attracting searchers through organic searches using SEO
▪ Use your existing traffic to ensure that the searchers have a lasting impression. Capitalizing on existing
traffic may help to improve the conversion rate
▪ Your website should be designed to reliably produce conversion.
▪ Study your audience closely to give them what they need
▪ Give you audience what they want
▪ Optimizing your website for SEO can be done by –
▪ Conducting thorough key word search
▪ Optimizing on-page SEO (E.g. Meta Tags, URLs)
▪ Promoting off-page SEO (E.g. guest blogging, social media activity)
▪ Optimizing website for mobile & speeding up website performance
▪ Setting up high quality back links
116
Thank You
117