Indian Institute of Technology Kharagpur

Electronic Commerce

Prof. Indranil Sen Gupta

Dept. of Computer Science & Engg.
I.I.T. Kharagpur, INDIA

Lecture 35: Electronic Commerce

On completion, the student will be able to:
1. Illustrate the typical architecture of an electronic
commerce system.
2. Identify the main challenges that need to be solved
in an e-commerce implementation.
3. Explain the various electronic payment systems in
use.

1
 Introduction

• What is E-commerce?
¾Process of buying, selling, or exchanging
products, services, and information
through computer networks.
• How is it different from E-business?
¾EB is a broader form of EC, that also
includes:
ƒ Servicing customers.
ƒ Collaborating with business partners.
ƒ Carry out transactions electronically within an
organization.

Dimensions of E-Commerce

Digital Product

Physical Product

Physical Digital
Agent Agent
Physical
Process

Digital
Process

2
• Traditional commerce:
¾All the dimensions are physical in nature.
¾Perform all business transactions off-line.
¾Buy and sell products through physical
agents and representatives.

• Pure E-commerce:
¾All the dimensions are digital in nature.
¾Pure online (virtual) organizations.
¾Buy and sell products online.
• Hybrid approach:
¾A combination of digital and physical
dimensions.
¾Primary business carried out in the
physical world.
¾Provide some services on-line.

3
4
Classification of E-commerce
by Nature of Transaction

5
• Business-to-business (B2B):
¾ All the participants are businesses or other
organizations.
• Business-to-consumer (B2C):
¾ The businesses sell their products to
consumers (individual shoppers).
• Business-to-business-to-consumer
(B2B2C)
¾ A business provides some service to a client
business.
¾ The client business maintains its own
customers, to whom the service is finally
provided.

• Consumer-to-business (C2B):
¾ Individuals can sell products or provide services
through the Internet to organizations.
• Consumer-to-consumer (C2C):
¾ An individual can sell products or services
directly to another individual.
• Mobile commerce (M-commerce):
¾ E-commerce in a wireless mobile environment.
• Location commerce (L-commerce):
¾ M-commerce transactions targeted to individuals
in specific locations at specific times.

6
• Intrabusiness E-commerce:
¾ This includes all internal organizational activities
among various departments and sections in an
organization.
• Collaborative commerce (C-commerce):
¾ Individuals or groups collaborate online.

E-commerce is Interdisciplinary

• Encompasses several disciplines:

¾Computer science
¾Consumer behavior
¾Management information system
¾Business laws and ethics
¾Economics
¾Accounting and auditing
¾Network security

7
 Benefits of E-commerce

• Point-of-view of organizations:
¾Can expand the marketplace beyond
geographic boundaries.
¾Reduce overheads of paper-based
information processing.
¾Lowers communication cost.
¾Allows reduced inventories and
overheads.

• Point-of-view of consumers:
¾Allows shopping 24 hours a day.
¾From any geographic location.
¾Provides a wide variety of choices.
¾Allows quick product and price
comparisons before making final
selection.
¾Allows quick delivery of products.
¾Virtual auctions are possible.

8
• Point-of-view of society:
¾More number of individuals can work at
home, less traveling for shopping.
ƒ Less traffic, less pollution.
¾Enables people to have access to
products which otherwise were out of
their reaches.

Limitations of E-commerce

• Technical issues:
¾Lack of standardization.
¾Security becomes a very big issue.
¾It is sometimes difficult to integrate EC
technologies with existing applications.

9
 Getting it to Work

• A big challenge to organizations

¾How to put together tools and
technologies and get competitive
advantage in implementing EC.
¾Setting up the required connectivity
through networking is most important.
¾Most of EC transactions carried out
through:
ƒ Internet
ƒ Intranet
ƒ Extranet

• Major concern to many:

¾How to transform themselves to take
advantage of E-commerce?
ƒ A company selling cookwares.
ƒ A company selling toys.
ƒ A company selling food items.

10
 Electronic Payment System

Basic Requirements

• An electronic payment system must

possess the following desirable
properties:
¾Widely recognized and accepted.
¾Convenient to use.
¾Hard to tamper with.
¾Based on well-established security
principles.

11
 Payment by Cheques

Payment
Customer Merchant

Submit

Clear
Statement

Bank

• Some issues:
¾Merchant has no way of confirming the
validity of the cheque until it is cleared
by the bank.
¾Consumer cannot detect any fraud
anywhere until the statement arrives
from the bank.
¾Cost of processing errors can be fatal.
ƒ Vastly outweighs the cost of normal
actions.

12
 Payment by Credit Cards

Payment
Customer Merchant

Request Receive
Statement authorization authorization

Authorization
Bank System
Settlement

• Some issues:
¾Authentication is carried out online.
ƒ Using credit card number, card holder’s name,
date of expiry, etc.
¾Settlement with the bank is usually done
offline.
ƒ Processed at the end of the day, for instance.
¾Consumer cannot detect any fraud until
the statement arrives.
ƒ This process can be sped up through Internet
statement access.

13
 ¾Merchant carries the risk of fraud in
“card not present” transactions.
ƒ Transactions carried out without the
merchant physically verifying the card.
ƒ Credit card companies often assume
liabilities for their merchants, which banks
with cheque cannot.

Internet Transactions

Customer Merchant
Payment Authorize
instruction
Authorization
Middleman System

Settlement

Bank

14
• Some issues:
¾These are “card not present” transactions.
ƒ Online nature provides instant verification.
ƒ The most important issue is authentication
and confidentiality.
¾All payment systems in existence today in
Internet transaction systems are some
small variation of this general principle.

Payment Systems

• Book entry systems:

¾Credit cards over SSL
¾E-cheque (Netcash)
¾Virtual credit cards (First Virtual)
¾Encrypted credit cards (Cybercash)
¾Secure Electronic Transaction (SET)
¾……
• Bearer certificate systems:
¾True digital cash (Digicash)

15
 SET : A Case Study

Introduction

• SET is based on two earlier protocols:

¾ STT (VISA / Microsoft)
¾ SEPP (MASTERCARD / IBM)
• Some features:
¾ Card details are never disclosed to the merchant.
ƒ Encrypted purchase instruction (PI) can only
be decrypted by the acquirer.
ƒ PI is cryptographically tied to the order
instruction (OI) processed by the merchant.
ƒ Client’s digital signature protects the
merchant from client repudiation.

16
• The SET protocol is very complex.
• Includes certification management also.
¾SET has complete public key infrastructure
(PKI) using customized X.509 standard.
¾Certificates implemented as X.509 profile
with SET-specific extensions.
¾Card based infrastructure makes certificate
management relatively easy.

17
 SOLUTIONS TO QUIZ
QUESTIONS ON
LECTURE 34

Quiz Solutions on Lecture 34

1. What is the basic purpose of SSL record

protocol?

The SSL record protocol is mainly

responsible for data encryption and
integrity. It is also used to encapsulate data
sent by other higher level SSL protocols.

18
 Quiz Solutions on Lecture 34

2. What does SSL handshake protocol aim

to achieve?

The SSL handshake protocol serves the

following purposes:
ƒ Initiate a session between the server
and the client.
ƒ Negotiate the algorithms and keys to
be used for data encryption.
ƒ Provide mutual authentication.

Quiz Solutions on Lecture 34

3. What is the difference between tunnel

mode and transport mode in IPSec?
The tunnel mode encapsulates the entire
IP packet within IPSec protection.
The transport mode encapsulates only
the transport layer information within
IPSec protection.

19
 Quiz Solutions on Lecture 34

4. What is the difference in the

functionalities of SSL and s-HTTP?

The main difference is:

ƒ SSL is designed to establish a secure
connection between two hosts.
ƒ s-HTTP is designed to send individual
messages securely.

QUIZ QUESTIONS ON
LECTURE 35

20
 Quiz Questions on Lecture 34

1. How is E-business different from E-

commerce?
2. What is M-commerce? Why is it considered
to be important in modern day scenario?
3. What benefits can E-commerce provide to
consumers?
4. What are the requirements of a good
electronic payment system?
5. What are “card not present” transactions?
How are they handled in Internet shopping?

21