Unit-2

Lecture-1
Security Issues in E-Commerce Transactions
 Authentication:- Authentication ensures that the origin of an electronic
message is correctly identified. This means having the capability to
determine who sent the message and from where or which machine.
Without proper authentication, it will be impossible to know who actually
placed an order and whether the order placed is genuine or not.
 Non-Repudiation:- Non-Repudiation is closely related to authentication
and this ensures that the sender cannot deny sending a particular
message and the receiver cannot deny receiving a message.
 Access Control:- If access control is properly implemented, many other
security problems like lack of privacy will either be eliminated or
mitigated. Access control ensures only those that legitimately require
accesses to resources are given access and those without valid access
cannot have access.
 Confidentiality or Privacy:- Privacy ensures that only authorized parties
can access information in any system. The information should not be
distributed to parties that should not receive it. Issues related to privacy
can be considered as a subset of issues related to access control.
 Integrity:- Integrity ensures that only authorized parties can make
changes to the documents transmitted over the network.

Secure Electronic Transaction (SET)

 Secure Electronic Transaction (SET) is an open protocol which has the
potential to emerge as a dominant force in the security of electronic
transactions.
 Jointly developed by Visa and MasterCard, in conjunction with leading
computer vendors such as IBM, Microsoft, Netscape RSA, and GTE.
 SET is an open standard protocol for protecting the privacy and ensuring
the authenticity of electronic transactions.

1
 Functions of SET
 Provide confidentiality of payment and ordering information.
 Ensure the integrity of all transmitted data.
 Provide authentication that a card holder is a legitimate user of a credit
card account.
 Provide authentication that a merchant can accept credit card
transactions through its relationship with a financial institution.
 Ensure the use of best security practices and system design techniques
to protect all legitimate parties in an electronic commerce transaction.
 Create a protocol that neither depends on transport security mechanisms
nor prevents their use.
 Facilitate and encourage interoperability among software & network
providers.
Participants in the SET system

2
 Scope of SET
1. Motivated by the large amount of unsecured credit-card based
transactions on the Internet.
2. Network payments treated in a similar way to Mail Order/Telephone
Order (MOTO) transactions.
3. SET applies only to the ‘front end’ of payment no need to change the
‘back end’.
4. SET only addresses Payment - other protocols for shopping, payment
method selection etc. will be developed by others.

Secure Socket Layer (SSL)

 SSL is a protocol developed by Netscape for transmitting private
documents via the Internet.
 SSL uses cryptographic system that uses two keys to encrypt data a
public key known to everyone and a private or secret key known only to
the recipient of the message.
 The SSL provides end-to-end secure data transmission between the web
server and the web client.
 It is sandwiched between the TCP/IP and the application layer.
 Unlike TCP/IP that offers only reliable packet transfer, SSL ensures
secure packet transfer.
How SSL works?
The SSL performs two functions-it authenticates the websites and
ensures secure data transmission between the web server and the
client.
It achieves this either by using symmetric encryption or asymmetric
encryption.
In symmetric encryption, a key called the private key is used both for
encrypting and decrypting the data. For symmetric encryption to work,

3
the sender & receiver should share the private key. This is possible only
when the sender & receiver know each other.
In asymmetric encryption, two separate keys are used to encrypt &
decrypt data. The public key is shared with the other person and the
private key is known only to the person who decrypts the data. So, the
private key will remain a secret while the public key will be known to both
the parties.

4
 E-Commerce Notes
Unit-2
Lecture-2
Cryptography
Cryptography is the process through which the messages are altered so
that their meaning is hidden from adversaries who might intercept them.

Plain text is a message readable by anyone. Cipher text is plain text

that has been modified to protect its secrecy.
Encryption converts plain text to cipher text; Decryption converts
cipher text to plain text.
“Cryptography addresses the principles, means and methods used
to disguise information in order to ensure its authenticity”.
Cryptography is used to achieve:-
 Confidentiality: only authorized persons can access information.
 Integrity: information that was sent is what was received.
 Authentication: guarantee of originator of electronic transmission.
 Non-repudiation: originator of information cannot deny content or
transmission.
Types of Cryptography:-
 Private Key Cryptography
 Public Key Cryptography
Private Key Cryptography
In private-key cryptography, the sender and receiver agree beforehand
on a secret private key. The plain text is somewhat combined with the
key to create the cipher text. The method of combination is such that, it
is hoped, an adversary could not determine the meaning of the message
without decrypting the message, for which he needs the key.
Private-key methods are efficient and difficult to break. However, one
major drawback is that the key must be exchanged between the sender
and recipient beforehand, raising the issue of how to protect the secrecy
of the key.

5
Public Key Cryptography
In public-key cryptography, two separate keys are used to encrypt &
decrypt data. The public key is shared with the other person and the
private key is known only to the person who decrypts the data. So, the
private key will remain a secret while the public key will be known to both
the parties.
Public-key cryptography depends upon the notion of one-way functions:
a one way function is a function that is easy to apply, but extremely
difficult to invert.

6
 Digital Signature
A digital signature is an electronic signature that can be used to
authenticate the identity of the sender of a message or the signer of a
document, and possibly to ensure that the original content of the
message or document that has been sent is unchanged.
“Digital signature is a computer data compilation of any symbol or
series of symbols, executed, adopted or authorized by an individual
to be legally binded equivalent to the individual’s handwritten
signature”
 A digital signature authenticates electronic documents in a similar manner
a handwritten signature authenticates printed documents.
 A digital signature is issued by a Certification Authority (CA) and is signed
with the CA’s private key.
 The recipient of a digitally signed message can verify that the message
originated from the person whose signature is attached to the document

7
 and that the message has not been altered either intentionally or
accidentally since it was signed. Also the signer of a document cannot
later disown it by claiming that the signature was forged.
 When a message with a digital signature is transmitted & received, the
following parties are involved:-
 The signer who signs the document.
 The verifier who receives the signed document & verifies the signature.
 The arbitrator who arbitrates any disputes between the signer & the
verifier if there is a disagreement on the validity of the digital signature.
 A digital signature typically contains the Owner’s public key, the Owner’s
name, Expiration date of the public key, the name of the issuer (the CA
that issued the Digital ID), Serial no. of the digital signature and the
digital signature of the issuer.
 Digital signatures are based on a combination of public key encryption
and one way hash function that converts a message of any length into a
fixed length message digest known as hash function. The value of hash
function is unique for the hashed data. Any change in the data, even
deleting or altering a single character, results in a different value. The
content of the hash data cannot be deduced from hash which is why it is
called ‘one way’. The encrypted hash, along with other information, such
as hashing algorithm is known as digital signature.

8
 E-Commerce Notes
Unit-2
Lecture-3
Virtual Private Network
 A Virtual private network (VPN) extends a private network across a public
network, such as the internet.
 It enables a computer to send and receive data across shared or public
networks as if it were directly connected to the private network.
 This is done by establishing a virtual point-to-point connection through
the use of dedicated connections, encryption or a combination of the
two.
 VPN allows employees to securely access their company’s intranet while
travelling outside the office.
 Similarly, VPNs securely and cost effectively connect geographically
disparate offices of an organization, creating one cohesive virtual
network.
 VPN technology is also used by ordinary Internet users to connect to
proxy servers for the purpose of protecting one’s identity.

Types of VPN:
 Remote Access VPN
 Site-to-Site VPN
 Remote Access VPN:- Remote access VPNs allow employees to access
their company’s intranet from home or while travelling outside the office.

9
 Site-to-Site VPN:- Site-to-Site VPN allow employees in geographically
disparate offices to share on cohesive virtual network.
VPN systems may be classified by:-
 The protocols used to tunnel the traffic.
 The tunnel’s termination point location.
 Whether they offer site-to-site or remote access connectivity.
 The level of security provided.
VPN Architecture
There are two basic VPN architectural choices:-
 Service provider independent VPN
 Service provider dependent VPN

 Service provider independent VPN:- In a service provider

independent solution, a VPN enabled client(such as a desktop or laptop)
initiates the tunnel through the public network to the central site. To
access the computer network, the client first establishes a PPP (Point-
to-Point protocol) session to a local Internet Service Provider (ISP) for
internet access. The client then connects across the Internet to the
central site and establishes a tunnel to carry the data traffic. To the ISP
the tunnel is simply data, and there is no requirement for processing.
Advantage:
The advantage to the corporation is that it can use any Point of
Presence (POP) anywhere in the world, as long as it provides Internet
access. In addition, since the tunnel is initiated at the location of the
client, the client can travel with the same ease as carrying a laptop.
Disadvantage:
The disadvantage of this solution is that the client must be VPN enabled.
This could be prohibitively expensive to deploy for a large no. of remote
users.

 Service provider dependent VPN:- With a service provider dependent

VPN model, the corporation enters into an agreement with a service
provider such as an ISP. The corporation user dials into a local POP
with a PPP client, and the tunnel session is initiated at the POP. The
crucial difference is that the client can be any PPP client.
Advantage
This arrangement can be combined with quality of service agreements to
guarantee a level of VPN performance, although few service providers
offers true guarantees today. Another advantage is that no additional
skills are required by the user to execute a tunnel to the company LAN.

10
 Disadvantage
Data security is critical because VPN encryption does not occur until the
POP, thus leaving the enterprise communication unprotected between
the remote PC and the POP.
VPN Security
 To prevent disclosure of private information, VPNs typically allow only
authenticated remote access and make use of encryption techniques.
VPN provides security by the use of tunneling products and through
security procedures such as encryption.
 The VPN security provides:
 Confidentiality
 Authentication
 Integrity
 VPNs ensure privacy by providing a private tunnel through the internet
for remote access to the network. For full VPN security, your VPN must
be enhanced with a reliable user authentication mechanism, protecting
end points of the VPN.
 Username and password authentication is not enough-this method is
weak and highly susceptible to hacking, cracking, key loggers and other
attacks. It only takes one compromised password for your organization
to lose control over gains network access. Strong user authentication
with a VPN provides true secure remote access for today’s mobile
workforce.

E-Commerce Notes
Unit-2
Lecture-4
Types of Security Attacks
 Passive Attack
 Active Attack
 Passive Attack: In Passive attack a network intruder intercepts data
travelling through the network. A passive attack monitors unencrypted
traffic. Passive attacks include traffic analysis, monitoring of unprotected
communications, capturing authentication information such as
passwords.
11
 Types of Passive Attacks:
a) Wire Tapping or Telephone Tapping: Telephone tapping is the
monitoring of telephone and internet conversations by a third party.
Passive wire tapping monitors or records the traffic.
b) Port Scanner: A port scan can be defined as an attack that sends client
requests to a range of server port addresses on a host, with a goal of
finding an active port and exploiting a known vulnerability of that service.
c) Idle Scan: The idle scan is a TCP port scan method that consists of
sending spoofed packets to a computer to find out what services are
available. This is accomplished by impersonating another computer
called a “zombie” and observing the behavior of the “zombie” system.

 Active Attack: In active attacks intruder initiates commands to disrupt

the network’s normal operation. In an active attack, the attacker tries to
bypass or break into secured systems. This can be done through viruses
or worms. Active attacks include attempts to break protection features to
introduce malicious code, and to steal or modify information.
Types of Active Attacks
a) Denial-of-service Attack (Dos): Denial of service attack is an attempt
to make a machine or network resources unavailable to its intended
users. It generally consists of efforts to temporarily or indefinitely
interrupt or suspend services of a host connected to the Internet. One
common method of attack involves saturating the target machine with
external communication requests, so much so that it cannot respond to
legitimate traffic or responds so quickly as to be rendered essentially
unavailable. Such attacks usually lead to a server overload.
b) Spoofing attack: A spoofing attack is when a malicious party
impersonates another device or user on a network in order to launch
attacks against network hosts , steal data, spread malware or bypass
access controls.
c) Man-in-the-middle attack: The man-in-the middle is a form of active
eves dropping in which the attacker makes independent connections
with the victims & relays messages between them, making them believe
that they are talking directly to each other over a private connection,
while in fact the entire conversation is controlled by the attacker. The
attacker must be able to intercept all messages going between the two
victims & inject new ones.

12
d) SQL injection: Sql injection is a code injection technique, used to attack
data driven applications, in which malicious SQL statements are inserted
into an entry field for execution.
Difference between Computer Virus and Computer Worm
Sno. Computer Virus Computer Worm
1. It cannot be controlled It can be controlled remotely.
remotely.
2. It deletes, modifies the files It only monopolies the CPU &
and also change the location memory.
of file.
3. It is slower than worm Worm is faster than virus.
4. The virus is the program code The worm is code that
that attaches itself to replicate itself in order to
application program and when consume resources to bring it
application program run it runs down.
along with it.

E-Commerce Notes
Unit-2
Lecture-5
Intranet
Intranet Software:

Intranet Software enables an organization to securely share it's information

or operations with it's members. It enables the efficient use and more
importantly reuse of an organization's gathered business knowledge and
intelligence, which increases productivity and knowledge transfer in any
organization. Increasingly, extranets are also coming into use, where external
partners, customers can also interact with an organization. E.g. ERP software
that provides a centralized repository of information for massive amount of
transaction and details generated daily.

The cost of converting an existing client-server network to an intranet is

relatively low, especially when a company is already using the Internet.

13
 Applications of Intranet:
The most popular intranet application is obviously:
1. Inter-office e-mail, this capability allows the employees of a company to
communicate with each other swiftly and easily. If the intranet has access to
the Internet, e-mail can be accessed through the Internet connection. If the
intranet is running without the Internet, special e-mail software packages can
be bought and installed so that employees can take advantage of its many
benefits.
2. An intranet has many other different applications that can be utilized by a
company. These include the Web publishing of corporate documents, Web
forms, and Web-to-database links that allow users to access information.
3. Newsletters, information on benefits, job listings and classifieds, libraries,
stock quotes, maps, historical data, catalogs, price lists, information on
competitors' products, and customer service data are just a few examples of
these types of applications.
In addition, there are several other main applications that is very popular in
the intranet format:-
1. Document publication applications
The first application that always comes to mind for intranets in and of
themselves is the publication and distribution of documents. This
application allows for paperless publication of any business information
14
 that is needed for internal employees or external customers or suppliers.
Any type of document may be published on an intranet: policy and
procedure manuals, employee benefits, software user guides, online
help, training manuals, vacancy announcements--the list goes on to
include any company documentation.

2. Electronic resources applications

In the past it has not been easy to share electronic resources across
network nodes. Employees have had problems sharing information for
various reasons including software version inaccuracies and
incompatibilities. Intranets provide the means to catalog resources
online for easy deployment across the network to any authorized user
with the click of a mouse. Software applications, templates, and tools are
easily downloaded to any machine on the network.
3. Interactive communication applications
Two-way communications and collaboration on projects, papers, and
topics of interest become easy across the intranet. Types of
communications that are enhanced and facilitated include e-mail, group
document review, and use of groupware for developing new products.
4. Support for Internet applications
Even though organizational full-service intranets are the next step in
enterprise-wide computing and have enough value to make them
desirable simply for the organizational benefits they bring, they are also
necessary for supporting any Internet applications that are built.
The transactional processes and trading of information that will be done
by all but the most elementary Web applications will require an
infrastructure to store, move, and make use of the information that is
traded. The infrastructure to accomplish those tasks is the organizational
intranet.

Generic Functions of Intranet:

Major generic functions that intranet can provide are:

 Corporate/ department/ individual WebPages: Access the web-
pages of corporate, departments and individual.
 Database access: Web- based database.
 Search engines and directories: It assists the keyword- based search.
 Interactive communication: chatting, audio and videoconference.
 Document distribution and workflow: web- based download and
routing of documents.

15
 Groupware: E-mail and bulletin board.
 Telephony: intranet is the perfect conduit for computer-based
telephony.
 Extranet: linking geographically dispersed branches, customers and
suppliers to authorized sections of intranets creates happiest customers,
more efficient suppliers, and reduced staff cost.
Considerations in Intranet Deployment:
1. Collections of web links
2. Company news and department newsletters
3. Organization charts
4. Manuals, documentation, policies
5. Basic collaboration tools (groupware)
6. Directory services (gateway to phone and other staff contact info)
7. Human resources information
8. Threaded discussions on current company topics/issues
9. Web–based email access
10. Web–based discussion list management and participation
11. Access to company databases — sales, inventory, pricing
12. Calendaring (company–wide events calendar)
13. Scheduling (meetings, personal scheduling)
14. Document management
15. Search engine of company documents
16. Employee time logging
17. Employee expense reporting
18. Forms to help automate other business processes –
work orders, jobdescriptions, mileage, maintenance requests, etc.
Intranet Application Case Studies:
Now, let us investigate some typical application case in depth, including
their return on investment (ROI).
Intranet Case studies with ROI Analysis:
The need for accountability and for clear measures of success is
increasingly demanded for all corporate expenditures, including
intranets. If you are responsible for an intranet, you need to know how
build a business case and develop a return on investment (ROI)
strategy.
Intranet ROI
Intranets and corporate portals are expensive endeavors. Despite the expense,
many organizations understand the implicit and/or explicit value. Intranets are
widely valued for:
 Streamlining business processes and driving operational
efficiencies
 Significantly reducing cost of internal business functions

16
 Enhancing communications and collaboration between employees,
managers, suppliers and partners
As with any critical business system, an intranet or portal must be delivering
measurable performance and remain accountable to the investment. If the
site’s value is not being measured, then it risks failing the needs and demands
of employees and management.
When asked how executives determine whether an intranet or portal is
delivering value, they typically point to reducing costs and improving
productivity.
Of course, IT budgets are increasingly tied to company-wide business and
strategic initiatives. The cost justification for any expenditure, including IT must
have a clear bottom line that answers the question, “What’s the payback?”
In recent years, business challenges and subsequent solutions/applications
have been the driving force behind intranet investments. They will continue to
play this role in the future.
Executives will make investments in intranets and portals (see defining in the
adjacent glossary) if such investments spur growth, cut the cost of operations,
and/or help enhance the customer experience (retaining and building the
customer base).
The challenging economic climate of the past few years means that more and
more organizations will allocate dollars to IT systems and applications that can
demonstrate a measured solution and ROI to a business problem or provide
enhanced service and growth.
Short Intranet Application Cases
Prescient Digital Media is a veteran web and intranet consulting firm. It
provides strategic Internet and intranet consulting, planning and design
services to many Fortune 500 and big brand clients, as well as small and
medium-sized leaders. It treat each client as unique; It listen to their needs,
goals and challenges; understand a client's requirements and potential; and
deliver highly effective and innovative website and intranet plans, designs and
solutions.
ROI Study Of the respondents to the Prescient Digital Media ROI survey that
undertake ‘rough estimates’ of their organization’s intranet, answers varied
from $0 to $20M. The average annual ROI of respondent intranets fell just shy
of $1 million ($979,775.58).
While less than 20% of organizations have measured specific benefits, a
majority of organizations have at the very least made a ‘rough estimate’ or
guess of the value of their ROI. While only a handful of technology companies
measured intranet ROI three years ago, there are encouraging signs of change.
A recent study, conducted by Prescient Digital Media Ltd., finds that 6% of

17
organizations undertake ongoing, specific measurement of the ROI of their
intranet. Occasional measurement is undertaken by 26% of the respondent
organizations.
While extensive ROI measurement has not yet become mandatory at a
majority of organizations with intranets, ROI is a priority in 76% of the survey
respondents. Rather than attempt to measure the intranet or portal’s entire
value, those companies that are successfully gauging value are measuring
specific benefits. This paper lists intranet benefits in 10 key categories –
including hard costs, increased revenue, etc. – with two supporting categories:
content management and procurement.
The precision, scope of work and execution required to build and maintain a
successful intranet or portal is massive – from governance to content
management, and from technology to business processes. At the heart of a
successful intranet is the strength of the underlying plan. Failure to develop an
integrated plan that accounts for an organization’s structure, stakeholder, and
user requirements will almost certainly ensure failure and, with it, a loss of
significant time, money and jobs.
Finally, while appraising the ROI of an intranet or portal is critical for most
executives, there exists a great deal of untapped, intangible value that is
perhaps even more critical than the measured dollars and cents. When
properly deployed, intranets improve communication and collaboration and
improve employee satisfaction, which in turn can improve productivity. All
benefits are clearly important to any organization, but not always a
measurable ROI.
Share Knowledge Among Corporate Employee
Intranets offer several facilities that aid knowledge sharing:
Easy-to-access and use: The use of World Wide Web (WWW) browsers give a
low cost and easy-to-use interface to information and applications
Universal access to information: Information can be kept on any 'server' on
the network, and can be accessed from anywhere within the Intranet.
Person-to-person interaction: Intranets simplify interaction between people in
different locations, through electronic mail, and computer conferencing
Informal networks: Publishing information and making contact is quick and
informal on an Intranet.
Scalable networks: As organizations restructure, it is easy to add or remove
servers to the overall network.
Access to external information and knowledge: Intranets usually have
gateways to the external Internet, which give access to a rapidly growing global
information resource

18
 E-Commerce Notes
Unit-2
Lecture-6
Firewall
 Firewall is software or hardware based network security system that
controls the incoming and outgoing network traffic by analyzing the data
packets and determining whether they should be allowed through or not,
based on a rule set.
 A firewall establishes a human barrier between a trusted, secure internal
network & another network that is not assumed to be secure and trusted.
 Many personal computer operating systems include software-based
firewalls to protect against threats from the public Internet. Many routers
that pass data between networks contain firewall components and
conversely many firewalls can perform basic routing functions.

Types of Firewall
 Network Layer or Packet Filters Firewall
 Application Layer Firewall
 Proxy Firewall
 Unified Threat Management(UTM)
Network Layer or Packet Filters Firewalls

19
Network layer firewalls, also called packet filters, operate at a relatively
low level of the TCP/IP protocol stack, not allowing packets to pass
through the firewall unless they match the established rule set.
A simple router is the traditional network layer firewall, since it is not able
to make particularly complicated decisions about what a packet is
actually taking to or where it actually came from. Modern network layer
firewalls have become increasingly more sophisticated & now maintain
internal information about the state of connections passing through them
at any time.
Application Layer Firewalls
Application layer firewalls work on the application level of the TCP/IP
stack, and may intercept all packets traveling to or from an application.
They block other packets (usually dropping them without
acknowledgement to the sender).
On inspecting all packets for proper content, firewalls can restrict or
prevent outright the spread of networked computer worms and Trojans.
Proxy Firewalls
Proxy firewalls offer more security than other types of firewalls. Unlike
application layer firewalls which allow or block network packets from
passing to and from a protected network, traffic does not flow through
proxy. Instead computers establish a connection to the proxy which
serves as an intermediary and initiate a network connection on behalf of
the request. This prevents direct connections between systems on either
side of the firewall and makes it harder for an attacker to discover where
the network is, because they will never receive packets created directly
by their target system.
Unified Threat Management
A product category called unified threat management (UTM) has
emerged. These device promise integration, convenience & protection
from pretty much every threat out there and are especially valuable to
small & medium-sized businesses.
Unified Threat Management is a firewall appliance that not only guards
against intrusion but performs content filtering, spam filtering, intrusion
detection & anti-virus duties traditionally handled by multiple systems.
These devices are assigned to combat all levels of malicious activity on
the computer network.

E-Commerce Notes
Unit-2
Lecture-7

20
 Electronic Payment Systems
Electronic Payment is a financial exchange that takes place online
between buyers and sellers. The content of this exchange is usually
some form of digital financial instrument (such as encrypted credit card
numbers, electronic cheques or digital cash) that is backed by a bank or
an intermediary, or by a legal tender.
The various factors that have lead the financial institutions to make
use of electronic payments are:
1. Decreasing technology cost:
The technology used in the networks is decreasing day by day, which is
evident from the fact that computers are now dirt-cheap and Internet is
becoming free almost everywhere in the world.
2. Reduced operational and processing cost:
Due to reduced technology cost the processing cost of various
commerce activities becomes very less. A very simple reason to prove
this is the fact that in electronic transactions we save both paper and
time.
3. Increasing online commerce:
The above two factors have lead many institutions to go online and
many others are following them.
There are also many problems with the traditional payment
systems that are leading to its fade out. Some of them are
enumerated below:
1. Lack of Convenience:
Traditional payment systems require the consumer to either send paper
cheques by snail-mail or require him/her to physically come over and
sign papers before performing a transaction. This may lead to annoying
circumstances sometimes.
2. Lack of Security:
This is because the consumer has to send all confidential data on a
paper, which is not encrypted, that too by post where it may be read by
anyone.
3. Lack of Coverage:
When we talk in terms of current businesses, they span many countries
or states. These business houses need faster transactions everywhere.
This is not possible without the bank having branch near all of the
company’s offices. This statement is self-explanatory.
4. Lack of Eligibility:
Not all potential buyers may have a bank account.
5. Lack of support for micro-transactions:
Many transactions done on the Internet are of very low cost though they
involve data flow between two entities in two countries. The same if
done on paper may not be feasible at all.
21
 Types of Electronic Payment System
1. Electronic Tokens
An electronic token is a digital analog of various forms of payment
backed by a bank or financial institution. There are two types of tokens:
 Real Time: (or Pre-paid tokens) - These are exchanged between
buyer and seller, their users pre-pay for tokens that serve as currency.
Transactions are settled with the exchange of these tokens. Examples of
these are DigiCash, Debit Cards, Electronic purse etc.
 Post Paid Tokens – are used with fund transfer instructions between
the buyer and seller. Examples – Electronic cheques, Credit cards etc.

2. Credit Cards
 A credit card is a small plastic card issued to users as a system of
payment.

 It allows its holders to buy goods & services based on the holder’s
promise to pay for these goods and services.

 Essentially a credit card allows you to:-

 Purchase products or services whenever and wherever you want, without
ready cash and paying for them at a later date.
 Have an option of paying only a part of the total expenses. The balance
amount can be carried forward, with an interest charged.
 Enjoying a revolving credit limit without any charges for a limited period
(mostly 20 to 50 days).
Types of Credit Cards
1. Standard Credit Card: The most common type of credit card allows
you to have a revolving balance up to a certain credit limit. These credit
cards have a minimum payment that must be paid by a certain due date
to avoid late payments.
2. Premium Credit Cards: These cards offer incentives and benefits
beyond that of a regular credit card. Examples of premium credit cards
are gold and platinum cards that offer cash back, reward points, travel
upgrades and other rewards to cardholders.
3. Charge Cards: Charge cards do not have a credit limit. The balance on
a charge card must be paid in full at the end of each month. Charge
cards do not have a minimum payment since the balance is to be paid in
full. Late payments are subject to a fee, charge restrictions, or card
cancellation depending on your card agreement.
4. Limited Purpose Card: Limited purpose credit cards can only be used
at specific locations. Limited purpose cards are used like credit cards

22
 with a minimum payment & finance charge. Store credit cards & gas
credit cards are examples of limited purpose credit cards.
5. Secured Credit Card: Secured credit cards are an option for those
without a credit history or those with blemished credit. Secured cards
require a security deposit to be placed on the card. The credit limit on a
secured credit card is equal to the amount of the deposit made.
6. Prepaid Credit Card: Prepaid credit cards require the cardholder to
load money onto the card before the card can be used. The credit limit
does not renew until more money is loaded onto the card. Prepaid cards
are similar to debit cards, but are not tied to a checking account.
7. Business credit card: Business credit cards are designed specifically
for business use. They provide owners with an easy method of keeping
business & personal transactions separate.
The Players
Before exploring the process of using credit card online, let’s identify the
players in the credit card system. They are:
The card holder: a consumer or a corporate purchaser who uses credit
cards to pay merchant.
The merchant: the entity that accept credit cards and offers goods or
services in exchange for payments.
The card issuer: a financial institution (usually a bank) that establishes
accounts for cardholders and issues credit cards.
The acquirer: a financial institution (usually a bank) that establishes
accounts for merchants and acquires the vouchers of authorized sales
slip.
The card brand: bank card associations of issuers acquires ( like Visa
and MasterCard) which are created to protect and advertise the card
brand, establish and enforce rules for use and acceptance of their bank
cards and provide networks to connect the involved financial institutions.
The brand authorizes the credit- based transaction and guarantees the
payment to merchants. Sometimes the issuing bank performs the
business of the brand.
The process of using credit card:

23
1. Issue a credit card to a potential card holder.
2. The cardholder shows the card to a merchant whenever he/she needs
to pay for a product or services.
3. The merchant then asks for approval from the brand company, and the
transaction is paid by the credit. The merchant keeps a sales slip.
4. The merchant sells the slip to the acquiring bank and pays a fee for the
service. This is called the capturing process.
5. The acquiring bank requests the brand to clear for the credit amount
and gets paid. Then the brand asks for clearance to the issuer bank.
6. The amount is transferred from issuer to brand. The same amount is deducted
from the cardholder’s account in the issuing bank.
Advantages of Credit Cards:
 They allow you to make purchases on credit without carrying around a lot
of cash.
 They allow convenient remote purchasing ordering/shopping online or by
phone.
 They allow you to pay for large purchases in small, monthly installments.
 Many cards offer additional benefits such as additional insurance cover on
purchases, cash back, air miles & discounts on holidays.
 Under certain circumstances, they allow you to withhold payment for
merchandise which proves defective.
Disadvantages of Credit Cards:
 You may become an impulsive buyer and tend to overspend because of
the ease of using credit cards. Cards can encourage the purchasing of
goods & services you cannot really afford.
 Lost or stolen cards may result in some unwanted expense &
inconvenience.
 The use of large no. of credit cards can get you even further into debt.
24
  Using a credit card especially remotely introduces an element of risk as
the card details may fall into the wrong hands resulting in fraudulent
purchases on the cards. Fraudulent or unauthorized charges may take
months to dispute, investigate and resolve.

3. Smart Cards
 A smart card is a plastic card about the size of a credit card, with an
embedded microchip that can be loaded with data.
 Smart cards are made of plastics generally polyvinyl chloride.
 Smart cards can provide identification, authentication, data storage &
application processing.
 A smart card contains more information than a magnetic strip card and it
can be programmed for different applications.
 Smart cards within the next five years will be the industry standard in
debit and credit cards. As the major high street banks and finance
houses are now investing in the changeover to smart card technology.
 You may use a smart card to:-
 Establish your identity when logging on to an Internet access provider or
to an online bank.
 Pay for parking at parking meters or to get on subways, trains or buses.
 Give hospitals or doctors personal data without filling out a form.
 Make small purchases at electronic stores on the web.
Advantages of Smart Cards:
 Greater Reliability
 Storage Capacity is increased up to 100 times.
 Smart cards are multifunctional.
 The anticipated working life of a smart card is ten years compared to that
of a magnetic strip card.

4. Electronic Cheques
The electronic cheques are modeled on paper cheques, except that they
are initialted electronically.
They use digital signatures for signing and endorsing and require the
use of digital certificates to authenticate the payer, the payer’s bank and
bank account.
Electronic checks allow merchants to convert paper check payments
made by customers to electronic payments that are processed through
the Automated Clearing House (ACH).
How Electronic Cheques work:
When you receive a paper cheque payment from your customer , you
will run the cheque through an electronic scanner system supplied by
your merchant service provider. This virtual terminal captures the
customer’s banking information and payment amount written on the

25
 cheque. The information is transferred electronically via the Federal
Reserve Bank’s ACH Network, which takes the funds from your
customer’s account & deposits them to yours.
Once the cheque has been processed & approved, the virtual terminal
will instantly print a receipt for the customer to sign & keep.
Benefits of Electronic Cheques:
 Secure and quick settlement of financial obligations.
 Fast cheque processing
 Very low transaction cost.

5. Electronic or Digital Cash

A system that allows a person to pay for goods or services by
transmitting a number from one computer to another.
Like the serial numbers on real dollar bills, the digital cash numbers are
unique. Each one is issued by a bank & represents a specified sum of
money.
Digital Cash combines computerized convenience with security and
privacy that improve upon paper cash. Cash is still the dominant form of
payment as: The consumer still mistrusts the banks. The non-cash
transactions are inefficiently cleared. In addition, due to negative real
interests rates on bank deposits.
Digital cash is based on cryptographic systems called "Digital
Signatures" similar to the signatures used by banks on paper cheques to
authenticate a customer.
Some qualities of cash:
a. Cash is a legal tender i.e. payee is obligatory to take it.
b. It is negotiable i.e. can be given or traded to someone else.
c. It is a bearer instrument i.e. possession is proof of ownership.
d. It can be held & used by anyone, even those without a bank
certificate.
e. It places no risk on part of acceptor.
The following are the limitations of Debit and Credit Cards:
i. They are identification cards owned by the issuer & restricted to one
user i.e. cannot be given away.
ii. They are not legal tender
iii. Their usage requires an account relationship and authorization
system.
Properties of Digital Cash
o Must have a monetary value: It must be backed by cash (currency), bank
authorized credit or a bank certified cashier’s check.
o Must be interoperable or exchangeable: as payment for other digital
cash, paper cash, goods or services, lines of credit, bank notes or
obligations, electronic benefit transfers and the like.
26
 o Must be storable and retrievable: Cash could be stored on a remote
computer’s memory, in smart cards, or on other easily transported
standard or special purpose devices. Remote storage or retrieval would
allow users to exchange digital cash from home or office or while
traveling.

6. Debit Cards
A debit card is a plastic payment card that provides the cardholder
electronic access to his or her bank account at a financial institution.
Types of Debit Card Systems:
 Online Debit or Pin Debit
 Offline Debit or Signature Debit
Online Debit System: Online debit system requires electronic
authorization of every transaction and the debits are reflected in the
user’s account immediately. The transaction may be secured with the
personal identification number (PIN) authentication system.
Offline Debit System: Offline debit system may be subject to a daily
limit. Transactions conducted with offline debit cards, require 2-3 days to
be reflected on user’s account balances.
Advantages of Debit Cards:
 There is no need to carry cash
 It is quick and less complicated than using a cheque.
 It can be used for withdrawals of cash.
 It can be issued to any individual without assessing credit worthiness.
 Its holders can have a record of the transactions in his bank statement
which will enable him to plan and control the expenditure.

7. Electronic Wallet/Purse
A digital/electronic wallet refers to an electronic device that allows an
individual to make electronic commerce transactions. This can include
purchasing items on-line with a computer or using a smartphone to
purchase something at a store.
Increasingly, digital wallets are being made not just for basic financial
transactions but to also authenticate the holder's credentials. For
example, a digital-wallet could potentially verify the age of the buyer to
the store while purchasing alcohol.
It is useful to approach the term "digital wallet" not as a singular
technology but as three major parts: the system (the electronic
infrastructure) and the application (the software that operates on top)
and the device (the individual portion).
An individual’s bank account can also be linked to the digital wallet. They
might also have their driver’s license, health card, loyalty card(s) and

27
 other ID documents stored on the phone. The credentials can be passed
to a merchant’s terminal wirelessly via near field communication (NFC).
Certain sources are speculating that these Smartphone “digital wallets”
will eventually replace physical wallets.
A digital wallet has both a software and information component. The
software provides security and encryption for the personal information
and for the actual transaction.
Typically, digital wallets are stored on the client side and are easily self-
maintained and fully compatible with most e-commerce Web sites. A
server-side digital wallet, also known as a thin wallet, is one that an
organization creates for and about you and maintains on its servers.
Server-side digital wallets are gaining popularity among major retailers
due to the security, efficiency, and added utility it provides to the end-
user, which increases their enjoyment of their overall purchase.

Advantages of Electronic Payment System

 Decreasing Technology cost
The technology used in the networks is decreasing day by day, which is
evident from the fact that computers are now dirt cheap and Internet is
becoming free almost everywhere in the world.
 Reduced operational and processing cost
Due to reduced technology cost the processing cost of various
commerce activities become very less. A very simple reason to prove
this is the fact that in electronic transactions we save both paper and
time.
 Increasing online commerce:
The above two factors have lead many institutions to go online and
many others are following them.
Drawbacks or Risks in Electronic Payment System
Electronic payment is a popular method of making payments globally. It
involves sending money from bank to bank instantly -- regardless of the
distance involved. Such payment systems use Internet technology,
where information is relayed through networked computers from one
bank to another. Electronic payment systems are popular because of
their convenience. However, they also may pose serious risks to
consumers and financial institutions.
 Tax Evasion
Businesses are required by law to provide records of their financial
transactions to the government so that their tax compliance can be
verified. Electronic payment however can frustrate the efforts of tax
collection. Unless a business discloses the various electronic payments

28
 it has made or received over the tax period, the government may not
know the truth, which could cause tax evasion.
 Fraud
Electronic payment systems are prone to fraud. The payment is done
usually after keying in a password and sometimes answering security
questions. There is no way of verifying the true identity of the maker of
the transaction. As long as the password and security questions are
correct, the system assumes you are the right person. If this information
falls into the possession of fraudsters, then they can defraud you of your
money.
 Impulse Buying
Electronic payment systems encourage impulse buying, especially
online. You are likely to make a decision to purchase an item you find on
sale online, even though you had not planned to buy it, just because it
will cost you just a click to buy it through your credit card. Impulse buying
leads to disorganized budgets and is one of the disadvantages of
electronic payment systems.
 Payment Conflict
Payment conflicts often arise because the payments are not done
manually but by an automated system that can cause errors. This is
especially common when payment is done on a regular basis to many
recipients. If you do not check your pay slip at the end of every pay
period, for instance, then you might end up with a conflict due to these
technical glitches, or anomalies.

E-Commerce Notes
Unit-2
Lecture-8
Extranet
 Extranet is an extended intranet that connects multiple intranets through
a secured tunneling internet.
 Extranets act as a link to select individuals outside the company by
allowing them access to the information stored inside the intranet.
 Internet protocols are typically utilized by extranets so as to provide
browser navigation even though the network is situated on a private
server. A username and password system can be configured to sectors
of the content so as to prevent users from accessing information they
have no authorization for.

29
 Extranets combine the privacy and security of intranets with the global reach
of the internet, granting access to outside business partners, suppliers, and
costumers to a controlled portion of the enterprise network. Extranets are
becoming the major platforms for B2B EC replacing or supplementing EDI. They
provide flexibility serving internal and external users.
Extranets generally have the following features:
 The use of Internet technologies and standards. These include the
standardized techniques for transmitting and sharing information and the
methods for encrypting and storing information, otherwise known as the
Internet Protocol, or IP.
 The use of Web browsers. Users access extranet information using a
web browser like Microsoft Internet Explorer, Netscape Navigator or,
more recently, Mozilla’s Firefox. Browser software uses relatively small
amounts of memory and resources on a computer. The great thing about
browsers is that an application written for a browser can be read on
almost any computer without regard to operating system or
manufacturer. That makes an application developed for a browser a
snap to deploy. A browser on a user’s machine is all the software he or
she needs to take full advantage of the extranet application. No messy
and confounding installation disks; fewer clogged hard drives.
 Security. By their very nature, Extranets are embroiled in concerns about
security. To protect the privacy of the information that is being

30
 transmitted, most Extranets use either secure communication lines or
proven security and encryption technologies that have been developed
for the Internet.
 Central Server/Repository. Extranets usually have a central server
where documents or data reside. Members can access this information
from any computer that has Internet access.
While these are the broad attributes shared by most Extranets, Extranets vary
dramatically in their design and implementation. They can be employed in a
wide variety of environments and for very different purposes, like:
 Sharing case information
 Sharing of case-related documents—many Extranets contain
document repositories that can be searched and viewed by both lawyer
and client on-line
 Calendaring—key dates and scheduling of hearings and trials can
be shared on-line
 Providing firm contact information
 Acting as a “work flow engine” for various suppliers
 Providing access to firm resources remotely
 Sharing time and expense information.
Extranet applications Case
An extranet application is a software data application that provides
limited access to your company's internal data by outside users such as
customers and suppliers. The limited access typically includes the ability
to order products and services, check order status, request customer
service and much more.

A properly developed extranet application provides the supply chain

connection needed with customers and suppliers to dramatically lessen
routine and time consuming communications. Doing so frees up
resources to concentrate on customer service and expansion as
opposed to administrative office tasks such as data entry.

Just as intranets provide increased internal collaboration, extranets

provide increased efficiencies between your company and its customers
and/or suppliers. Developing and implementing an extranet application
can provide you the competitive edge to stay ahead of the competition in
the eyes of your customers and a better ability to negotiate prices with
your suppliers.
Potential of Extranet Market
Internets are included in extranets, the forecasted potential of extranets
is frequently combined with that of the intranets. According to a study by

31
Gartner Group, Extranets are expected to be a platform of choice of
more than 80 % of B2B EC. This increasing acceptance is expected to
surpass B2C EC which is also expected to be conducted across
intranets, by about 40 percent. Most of the B2C EC traffic will be done
on the regular internet. However many companies, such as FedEx, will
allow costumer to enter their intranets.

Planning Extranet
If you are considering introducing an intranet or extranet into your business,
you should ensure that it is flexible enough to meet not only your immediate
requirements, but also your needs as your business grows. Make sure your
objectives are clear. Will you restrict access to your site, or will you allow all of
your customers to use it? Do you want to promote flexible working in your
business by catering for your remote workforce? How will you measure the
success of your investment?
Identify the information that will need to be made available in order to meet
your objectives:
 What kind of company information do you need on your intranet?
For example, company policies, news, forms and corporate branding.
 Do you need to make all of your production and sales information
available to your partners via your extranet, or will discrete sub-sections
be sufficient?
 Web server hardware and software. The size of the server will
depend on the number of potential users and whether or not you will
need a lot of bandwidth to support audiovisual content, eg video feeds.
 Computers connected via a local area network - a closed, private
network.
 Firewall software and hardware, which will prevent unauthorized
access from outside your organization.
 A content management system to add and update intranet content.
This might be a good arrangement if your business is just starting up - you can
develop your own intranet once your business has grown and you have more
funds available. Once you have your intranet up and running, you can create
your extranet by giving partners access to the necessary company data via a
log-in page. Identify the support costs that will be required to run the site on a
day-to-day basis. Will you require technical support - if so, at what level? You
should also consider how the content will be managed. Remember that
security is paramount, since any security incident will directly affect not only
you but also your key business partners. You should establish what levels of
security are provided when choosing a technology solution.

32
Advantages/Benefits of Extranet
Ease of set-up, use and maintenance: Extranets should be simple to
set-up, use and maintain. The time it takes to develop a complete and
functioning extranet with a robust Web-standard software solution
amounts to days or weeks, rather than months or years with proprietary
networks solutions. Modifications can also be implemented with little or
no interruption to the extranet’s activities.
Scalability: Extranets require the flexibility to grow to include additional
users or organizations, or to expand to a new hardware server array
without compromising the system's usability or integrity. Solutions written
using non-industry standard format or proprietary architectures can
significantly restrict an extranet's ability to scale to include new users,
applications, servers or other components. Extranet solutions eliminate
the lock-in strategies used by software vendors and allow for greater
extensibility of the extranet to meet the growing and changing demands
of the on-line user community.
Versatility: An extranet should serve fundamental business activities
such as document exchange, collaborative discussion groups, on-line
submission forms, database queries, etc. yet have the ability to be
customized to satisfy a particular business purpose. For example,
companies transferring text or document files have different
requirements than those that transfer movies, video clips, other
multimedia files to be viewed on-line. Some organizations may wish to
sell directly on-line through the extranet and others may wish to only
automate the back office operations. Regardless of the business
objective, extranets require versatility to accommodate a dynamic
company's changing mission, goals and objectives.
Security: Security is perhaps the single most important characteristic
possessed by an extranet that serves multi-organizational interests.
Ensuring that all participant and contributor content is protected within a
secure and accountable framework provides the basis for system
usability and dependability. Although no system is ever 100% secure,
recent advances in security technology provide extranets with security
that exceeds industry standards and protects on-line information and
intellectual property.
Business Models of Extranet Applications
The extranet represents the bridge between the public Internet and the
private corporate intranet. The extranet connects multiple and diverse
organizations on-line, enabling strategic communities of stakeholders
with common interests (communities of interests) to form a tight
business relationship and a strong communication bond, in order to
achieve commerce-oriented objectives. The extranet defines and
supports this extended business enterprise including partners, suppliers

33
and distributors, contractors, customers and others that operate outside
the physical walls of an organization but are nonetheless critical to the
success of business operations. With the Internet providing for public
outreach or communication, and intranets serving internal business
interests, extranets serve the business-critical domain between these
extremes where the majority of business activity occurs.

Fig: Business Model for Extranet

The unification of robust enabling technologies and ubiquitous access

through the Web is resulting in unique and interesting market dynamics
that are changing the way many companies are doing business.
Interactive communities are beginning to emerge that exist solely in
cyberspace, where information travels faster, more cost effectively, and
with greater accuracy when compared to other forms of communication
and information exchange. These interactive communities are the driving
and sustaining force behind the extranet concept, and their insatiable
collective need to access content when, where, and how they want to
see it will continue to push the limits of what is technologically possible.
Extranet solutions built to engage and support these interactive
communities are designed to emphasize and foster customer
relationships. As successful businesses know, the cost of obtaining a
new customer far outweighs the cost of maintaining a current one.
With commerce-enabled extranets, companies are now able to establish
and maintain one-to-one relationships with each of their customers,
members, staff or others at very low cost through the Web, offering a
customized and individualized experience that can be dynamically
generated or modified based upon a user's privileges, preferences, or
usage patterns. Information entered by the user (registration form, on-
line surveys, etc.) can be compiled with statistics and other information
that is captured automatically by the system (searches performed,
products purchased, time spent in each site area, etc.) to provide the
company a complete picture for each and every visitor of the system.
34
This comprehensive user profile offers unprecedented opportunities to
present relevant information, advertising, product and service offerings
and other content to a qualified, targeted interactive user community on
a one-to-one basis.

Fig: Interaction of consumer community and Organization

Managerial Issues
Management is no longer worries about whether or not to adopt the
intranet/ extranet but is concerned about how to utilize them successfully
for business. Intranets/ Extranets are already two facts of life in many
large corporations. Thus management needs to review it’s own

35
 company’s position in dealing with a verity of issues in installing the
internet/ extranet. The following are the guidelines for managerial issues:
1. Find the business opportunities by utilizing the intranet and
extranet: for example, consider connecting the customer, suppliers and
internal branches that are geographically dispersed.
2. Analyze whether the connectivity requirement suits the intranet
and extranet: it is mainly dependent upon whether the network is
composed of one LAN or multiple LANs. The former is suitable for
internet and the latter for extranet. Individual’s remote access should
also be considered.
3. Plan the most secure economical choice for implementation:
consult the technical persons and outside the company for
implementation. Review the current proprietary or leased network and
determine if it can be replaced by intranet and extranet. It may reduce
costs and widen connectivity for the customers and suppliers.
4. Select the best outsourcers for implementation: compare the
outsourcers who can implement the internet/ extranet. The extranet
solution providers can cultivate new opportunities in this big market.
5. Selling the intranet: corporate intranet can serve as a wonderful pool,
where employees can do many things ranging from taking classes to
updating benefit plans. Too often employees are not using the intranet to
its fullest capacity. Businesses are exploring innovative ways to market
their intranet to their employees. For example some companied are
making presentation to employees, other give prizes, yet other created
an “Intranet Day”.

36
 E-Commerce Notes
Unit-4
Lecture-1
Legal Issues Related to E-Commerce
Implementation of e-commerce involves many legal issues. These
issues can be classified as:-
 Privacy: Privacy means the right to be left alone and the right to be
free of unreasonable personal intrusions.
Information privacy is the “claim of individuals, groups or institutions to
determine for themselves when, and to what extent, information about
them is communicated to others.
Privacy Principles:-
a) Accountability: An organization is responsible for personal information
under its control and shall designate an individual or individuals who are
accountable for organization’s compliance with the following principles.
b) Identifying purpose: The purposes for which personal information is
collected shall be identified by the organization at or before the time the
information is collected.
c) Consent: The knowledge and consent of the individual is required for
the collection, use or disclosure of personal information, except when
inappropriate.
d) Limiting Collection: The collection of personal information shall be
limited to that which is necessary for the purpose identified by the
organization. Information shall be collected by fair and lawful means.
e) Limiting use, disclosure & retention: Personal information shall not
be used or disclosed for purposes other those for which it was collected,
except with the consent of the individual or as required by the law
(Personal information shall be retained only as long as necessary for
fulfillment of those purposes).
f) Accuracy: Personal information shall be as accurate, complete, and up-
to-date as is necessary for the purpose for which it is to be used.
g) Safeguards: Personal information shall be protected by security
safeguards appropriate to the sensitivity of the information.
Protecting Privacy:
Some suggestions to protect your privacy are:-
1. Think before you give out personal information on a site
2. Track the use of your name & information
3. Live without cookies
4. Use encryption
5. Ask your ISP or employer about a privacy policy.

37
 Cookies: Cookies are the piece of information that allows a web-site to
record one’s comings and goings.
Through cookies:
 Websites can ‘remember’ information about users & respond to their
preferences on a particular site, process is transparent to users.
 Websites can maintain information on a particular user across HTTP
connections.
Solutions to Cookies:
As Cookies are stored at client’s side and sends information about client
to server, sometimes it can be dangerous for privacy. Some solutions to
avoid cookies are:-
 Users can delete cookie files stored in their computer.
 Use of anti-cookie software (e.g. cookie cutter).

 Intellectual Property: Intellectual Property is the intangible property

created by individuals or corporations. It is difficult to protect since it is
easy & inexpensive to copy & disseminate digitized information.
Protecting Intellectual Property
 Copyright
 Trade Secret
 Patent

 Indecency: Indecency is any comment, request, suggestion, proposal,

image or other communication that depicts or describes offensive as
measured by contemporary community standards.

 Taxation: Taxation is an issue because e-commerce companies do

not have to collect sales tax on their customer’s purchases. While this is
an advantage to customers, it costs the government very high.

 Gambling: Gambling is an issue because the Internet makes it difficult

to decide where the transaction takes place, and therefore, which
region’s law should regulate that transaction.
Other Legal Issues:
 What are the rules of electronic contracting, and whose jurisdiction
prevails when buyers, brokers and sellers are in different states and/or
countries.
 How can gambling be controlled on the Internet? How can the winner’s
tax be collected?
 Is a digital signature legal?
 The use of multiple networks & trading partners make the documentation
of responsibility difficult. How is such a problem overcome?

38
 Ethical Issues Related to E-Commerce
Ethics is a branch of philosophy that deals with what is considered to be
right and wrong. The spread of e-commerce has created many ethical
situations. e.g. the company monitoring email is very controversial. One
group of people may agree to this & one may disagree. Hence there are
major differences among companies and individuals with respect to what
is right & wrong. There are also differences regarding ethics among
different countries. What is unethical in one culture may be perfectly
acceptable in another.
Ethical issues can be categorized as:-
 Privacy: Collection, storage & dissemination of information about
individuals.
 Property: Ownership & value of information & intellectual property.
 Accuracy: Authenticity, fidelity & accuracy of information collected &
processed.
 Accessibility: Right to access information & payment of fees to access
it.

Other Issues Related to E-Commerce

 Cultural Issues: Use of Internet allows organizations to compete in a
global virtual market space. Consumers from different cultures may
considerably differ in perceptions, beliefs, selection and use of internet
based electronic commerce. To compete in this global market-space,
companies need to understand cultural differences exhibited by
individuals.

 Issues Related to Language: Many governments in Europe have

realized the potential of e-commerce & realized that Europe is seriously
lagging behind the US in terms of applications & customers. One of the
reasons that Europe government has understand is the language. Most
obvious is the fact that Europe is a melting pot of differing languages &
cultures.

 Native Tongue: Just because the language of business is English, it

doesn’t follow that all consumers are happy to use English. Many
consumers would prefer a website be presented in their native tongue &
reflect their culture.

39
 E-Commerce Notes
Unit-4
Lecture-2
Cyber Laws
LAWS OF THE INTERNET & THE WORLD WIDE WEB
The growth of cyberspace has resulted in the development of a new &
highly specialized branch of law called cyber laws.
“Cyber Law is a term which refers to all the legal and regulatory aspects
of Internet and the World Wide Web. Anything concerned with or related
to legal aspects or issues concerning any activity in Cyberspace comes
within the ambit of cyber law”.
Aims of Cyber Laws:
 To facilitate electronic communications by means of reliable electronic
records.
 To minimize the incidence of forged electronic records, intentional and
unintentional alterations of records, and fraud in electronic commerce &
other electronic transactions.
 To promote public confidence in the integrity & reliability of electronic
records, electronic signatures & electronic commerce.
 To establish uniform rules & standards regarding the authentication &
integrity of electronic records.
 To create a legal infrastructure for the use of digital signatures.
Cyber Laws in India
In May 2000, both the houses of the Indian parliament passed the
Information Technology Bill. The Bill received the consent of president in
August, 2000 and came to be known as the Information Technology Act;
2000.It was enacted on 7th June 2000 & was notified in the official
gazette on 17th Oct, 2000. It is applicable to whole of India.
The Information Technology (IT) Act 2000 aims to provide a legal &
regulatory framework for promotion of e-commerce & e-governance.
Some highlights of the Act are listed below:-
Chapter-II: of the Act specifically stipulates that any subscriber may
authenticate an electronic record by affixing his digital signature.
Chapter-IV: of the Act gives a scheme for regulation of Certifying
authorities.
Chapter IX: of the Act talks about penalties & adjudication for various
offenses.
Chapter XI: of the Act talks about various offenses & the said offenses
shall be investigated by a police Officer not below the rank of the Deputy
Superintendent of police.
Salient Provisions of Cyber Laws:
40
 Companies shall now be able to carry out electronic commerce using the
legal infrastructure provided by the Act.
 Digital Signatures have been given legal validity & sanction in the Act.
 Under the IT Act, 2000 it shall now be possible for corporate to have a
statutory remedy in case if anyone breaks into their computer systems or
network & causes damage or copies data.
 The IT Act also addresses the important issues of security, which are so
critical to the success of electronic transactions.
 The Act throws opens the doors for the entry of corporate companies in
the business of being Certifying Authorities for issuing Digital Signatures
& Certificates

Information Technology (IT) Act-2000

The Information Technology Act 2000 aims to provide a legal &
regulatory framework for promotion of e-commerce & e-governance. It
was enacted on 7th June 2000 and was notified in the official gazette on
17th Oct 2000. It is applicable to whole of India.
Major provisions contained in the IT Act 2000 are:-
 Extends to the whole of India
 Electronic Contracts will be legally valid
 Legal recognition of digital signatures.
 Digital signatures to be effected by use of asymmetric crypto system &
hash function.
 Security procedure for electronic records & digital signature.
 Certifying authorities to get license to issue digital signature certificates.
 Various types of computer crimes defined & stringent penalties provided
under the Act.
 Appointment of Adjudicating Officer for holding inquiries under the Act.
 Act to apply for offences committed outside India.
 Power of police officers and other officers to enter into any public place
& search & arrest without warrant.
 Constitution of Cyber Regulations Advisory Committee who will advice
Central Government & Controller.
Civil Offences Stipulated by IT Act, 2000 are:-
 Copy or extract any data, database
 Unauthorized access & downloading files
 Introduction of Virus
 Damage to computer system & computer network
 Disruption of computer, computer network
 Denial to authorized person to access computer

41
 Providing assistance to any person to facilitate unauthorized access to a
computer.
Criminal Offences Stipulated by IT Act 2000 are:-
 Hacking with computer system
 Electronic forgery i.e, affixing of false digital signature, making false
electronic record.
 Electronic forgery for the purpose of cheating
 Electronic forgery for the purpose of harming reputation
 Publication of digital signature certificate for fraudulent purpose
 Publication of information which is obscene in electronic form
 Breach of confidentiality & privacy

Salient Features of the Information Technology Act, 2008

The IT Act, 2008 has been signed by the President of India on February
5, 2009.
Some of the salient features of the Act are as follows:-
 The term “digital signature” has been replaced with “electronic signature”
to make the Act more technology neutral.
 A new section has been inserted to define “communication device” to
mean cell phones, personal digital assistance or combination of both or
any other device used to communicate, send or transmit any text, audio
or image.
 A new section has been added to define “cyber cafe” as any facility from
where the access to the Internet is offered by any person in the ordinary
course of business to the members of the public.
 In view of the increasing threat of terrorism in the country, the new
amendments include an amended section 69 giving power to the state to
issue directions for interception or monitoring of decryption of any
information through any computer resource.
 Section 67 of the old Act is amended to reduce the term of imprisonment
for publishing or transmitting obscene material in electronic form to three
years from five years & increase the fine thereof from Indian Rupees
100,000 to Indian Rupees 500,000.
 Section 79 of the old Act which exempted intermediaries has been
modified to the effect that an intermediary shall not be liable for any third
party information data or communication link made available or hosted
by him if:-
 The function of the intermediary is limited to providing access to a
communication system over which information made available by third
parties is transmitted or temporarily stored or hosted.
 The intermediary does not initiate the transmission.

42
 E-Commerce Notes
Unit-3
Lecture-1
Value Chain
 The value chain is a concept from business management that was first
described and popularized by Michael Porter in his 1985 best seller,
Competitive Advantage: Creating and Sustaining Superior Performance.
 A Value Chain is a chain of activities for a firm operating in a specific
industry.
 Products pass through all activities of the chain in order and at each
activity the product gains some value. The chain of activities gives the
products more added value than the sum of the independent activities
value.
Here we have shown just a basic value chain flow of an Automobile
Industry.

43
 A diamond cutter, as a profession, can be used to illustrate the
difference of cost and the value chain. The cutting activity may have a
low cost, but the activity adds much of the value to the end product,
since a rough diamond is significantly less valuable than a cut diamond.
 The value chain framework quickly made its way to the forefront of
management thought as a powerful analysis tool for strategic planning.
Value chain analysis has also been successfully used in large
Petrochemical Plant Maintenance Organizations to show how Work
Selection, Work Planning, Work Scheduling and finally Work Execution
can (when considered as elements of chains) help drive Lean
approaches to Maintenance.
Porter’s Value Chain Model
The idea of the value chain is based on the process of organization, the
idea of seeing a manufacturing (or service) organization as a system,
made up of subsystems each with inputs, transformation processes and
outputs. Inputs, transformation processes, and outputs involve the
acquisition & consumption of resources- money, labour, materials,
equipment, buildings, land, administration and management. How value
chain activities are carried out determines costs and affects profits.
Most organizations engage in hundreds, even thousands of activities in
the process of converting inputs to outputs. These activities can be
classified generally as either primary or support activities that all
businesses must undertake in some form.
According to Porter (1985), the primary activities are:-
 Inbound Logistics: involve relationships with suppliers and include all
the activities required to receive, store & disseminate inputs.

44
 Operations: are all the activities required to transform inputs into outputs
(products & services).
 Outbound Logistics: include all activities required to collect, store &
distribute the output.
 Marketing & Sales: activities inform buyers about products & services,
induce buyer to purchase them and facilitate their purchase.
 Service: includes all the activities required to keep the product or service
working effectively for the buyer after it is sold and delivered.
Support Activities are:-
 Procurement: is the acquisition of inputs, or resources, for the firm.
 Human Resource Management: consists of all activities involved in
recruiting, hiring, training, developing, compensating and dismissing or
laying off personnel.
 Technological Development: pertains to the equipment, hardware,
software, procedures and technical knowledge brought to bear in the
firm’s transformation of inputs into outputs.
 Infrastructure: Serves the company’s needs & ties its various parts
together, it consists of functions or departments such as accounting,
legal, finance, planning, public affairs, government relations, quality
assurance & general management.

Fig PORTER’S GENERIC VALUE CHAIN

Linked Value Chains

Value chain activities are not isolated from one another. Rather, one
value chain activity often affects the cost or performance of other ones.
Linkages may exist between primary & support activities.
Interrelationships among business units form the basis for a horizontal
strategy. Such business unit interrelationships can be identified by a
value chain analysis.

45
 Inbound Logistic- From Suppliers
Outbound Logistic- From Customers
E-Commerce enhances value chain by providing:-
 Electronic Value Chain: through electronic value chain, e-commerce
enhances business by supporting:
 Reduced time frame
 Changed Cost Structures
 Re-engineered value: Re-engineered value chain, e-commerce
enhances business by supporting:
 Just-in-time Manufacturing
 Quick response supply
 Efficient document processing
 Competitive Advantage: E-Commerce supports a company for gaining
competitive advantage.

MANUFACTURING VALUE CHAIN

E-Commerce Notes
Unit-3
Lecture-2
Competitive Advantage
 A firm is said to possess a competitive advantage over its rivals, if it
sustains profit that exceed the average for its industry.

46
 The goal of much of business strategy is to achieve a sustainable
competitive advantage.
 Michael Porter identified two basic types of Competitive advantage:
 Cost Advantage
 Differentiation Advantage
Cost Advantage: Cost advantage exists when the firm is able to deliver
the same benefits as competitors but at a lower cost.
Differentiation Advantage: Differentiation advantage exists when the
firm is able to deliver benefits that exceed those of competing products.
Cost and differentiation advantages are known as potential advantages
since they describe the firm’s position in the industry as a leader in either
cost or differentiation.
A resource based view emphasizes that a firm utilizes its resources and
capabilities to create a competitive advantage that ultimately results in
superior value creation.
Resources & Capabilities:
According to the resource based view, in order to develop a competitive
advantage the firm must have resources and capabilities that are
superior to those of its competitors.
Resources: are the firm-specific assets useful for creating a cost or
differentiation advantage and that few competitors can acquire easily.
Capabilities: refer to the firm’s ability to utilize its resources effectively.
An example of a capability is the ability to bring a product to market
faster than competitors. The firm’s resources & capabilities together form
its distinctive competencies.

Model of Competitive Advantage

47
Value Creation: The firm creates value by performing a series of
activities that Porter identified as the value chain. Superior value is
created through lower costs or superior benefits to the customers.
The Principle of Competitive Advantage --
Success is based on inventing an offering that addresses a real scarcity
in the world, charging a price for it, and inventing a way of making it
available that is cheap enough to leave a high margin.
Elements of Competitive Advantage –
Uniqueness - finding unique opportunities and solutions is about
imagination, insight, foresight, and the courage to pursue it. Unique is
new, different, but most important of all, untested and unproven. By the
time a unique solution is validated as profitable, it is no longer unique for
the next company. Also, if it is a unique business model or business
capability, it is likely unapproachable, in the short-term, by competitors.
Strategic Focus - Strategic focus comes from marrying distinctive
competency and purpose to form a superior value proposition. Strategic
focus is about developing a longer view of competitive advantage with a
combination of purpose, competency, and value proposition. This
creates an internal environment that has the confidence and implicit
support to continue to perfect and develop that focus through creating
stronger competencies and further perfecting the value proposition.
Strategic Intent/Vision/BHAGs - Strategic intent challenges and guides
the organization to achieve the unachievable by having a clear focus on
outlandish objectives which require the development of new capabilities
to achieve.
Innovation - Innovation is inventiveness put into profitable practice. In
an evolving economy, the business organization must innovate at a rate
that meets or exceeds its environment in order to sustain a competitive
advantage.
Continual Innovation - Making innovation as an ongoing process on all
fronts.
Democratic Principles - Democratic principles are needed to fully
engage the active participation of diverse thinkers from across the
organization. Broad and diverse participation improves innovation.
Strategic Management as a self-improving learning process - Strategic
management must become, amongst other things, a learning and self-
improvement process for the organization.
Dynamic Capabilities - Sustainable competitive advantage is ultimately
based on dynamic capabilities, the capability to produce and utilize new
capabilities on a continuous basis.

48
 E-Commerce Notes
Unit-3
Lecture-3
Porter’s Five Forces Model:
Michael Porter described a concept that has become known as the “five
forces model”. This concept involves a relationship between competitors
within an industry, potential competitors, suppliers, buyers & alternative
solutions to the problem being addressed.

 Threat of Potential Entrants: The threat of new entrants relates to

the ease with which a new company or a company in a different product
area can enter a given trade sector. Barrier to entry into a particular
market include the need for capital, knowledge and skills. The barriers
to entry for e.g. to the vehicle assembly sector are massive; to start
building cars there is the need to develop a new model range, build a car
assembly plant, contract a large number of component suppliers and
sign up a dealer network. Getting into business in building personal
computers is, in contrast, much easier; the components are readily
available and there is not the same need for investment in product
development or large scale production facilities before the company
makes a start.

 Threat of Substitution: Substitution is a threat to existing players

where a new product becomes available that supplies the same function
as the existing product or service. The classic examples are the (partial)
49
 substitution of natural fibres such as cotton and wool by synthetic fibres
or the replacement of glass bottles by a plastic alternative in some
sectors of the packaging industry. Existing players can protect
themselves by keeping their product up-to-date.

 Bargaining power of Buyers: For a business to be profitable the cost

of producing and distributing its product has to be less than the price it
can fetch in the market place. Where there are a number of competitors
in the market or a surplus of supply the buyer is in a strong position to
bargain for a low price and for other favorable conditions of trade.

 Bargaining power of Suppliers: The organization, while trying to get

an adequate price from its buyers, will be looking to get favorable terms
from its own suppliers at the next stage along the value chain. The
organization’s ability to get a good deal is the mirror image of its position
with its buyers. If the supply is plentiful and/or there are several suppliers
it should get a good price. If the product is scarce or the number of
suppliers that are able to meet its need is limited then the supplier is in a
more favorable position.

 Competition between existing players: The final force is the

completion between existing players in the market. The competition is to
get the buyers and to trade at a price that produces an acceptable profit.
That competition is won on the basis of the generic competitive
advantage of cost or differentiation. The competitive position of each
organization is determined by the deal it is able to make with the
suppliers.
Important Points of Value Chain:
1. The Organization need to establish which of its inter organizational
relationships add to its competitive advantage & which fail to achieve
appropriate levels of quality & price.
2. The Linkages in the value system have to be managed.
3. The Physical Linkage involves good handling, transport & warehousing
4. Value chain must be clear & understandable.
5. The essential stages of a value chain are: Pre-sale, Execution,
settlement & after-sales.

E-Commerce Notes
Unit-3
Lecture-4
Business Process Reengineering (BPR)

50
  Business Process Re-engineering is the fundamental rethinking and
radical re-design of business processes to achieve dramatic
improvements in critical contemporary measures of performance such as
cost, quality, service and speed.
 BPR means not only change but dramatic change & dramatic
improvements.
 BPR involves the overhaul of organizational structures, management
systems, job descriptions, performance measurements, skill
development, training and most importantly the use of information
technology.BPR impacts every aspect of how the organization runs its
business.
 Change on this scale can cause results ranging from enviable success to
complete breakdown & failure.
 A successful BPR can result in dramatic performance improvements,
increase in profits, better business practices, enormous cost reductions,
dramatic improvements in productivity & so on.

Different Phases of BPR

 Begin Organizational Change
 Building the reengineering organization
 Identifying BPR opportunities
 Understanding the existing process
 Re-engineering the process
 Blueprint the new business system
 Perform the transformation
1. Begin Organizational Change:
 Assess the current state of organization.
 Explain the need for change.
 Illustrate the desired state.
 Create a communication campaign for change.
2. Building the reengineering organization:
 Establish a BPR organizational structure.
 Establish the roles for performing BPR.
 Choose the personnel who will reengineer.
3. Identifying BPR opportunities:
 Identifying the high level process.
 Gather performance metrics within & outside industry.
 Prioritize selected process.
 Consult with customers for their desires.
4. Understanding the existing process:

51
  Model the current process.
 Understand how technology is currently used.
 Understand how information is currently used.
5. Reengineer the process:
 Question current operating assumptions.
 Evaluate the impact of new technologies.
 Consider the perspective of stakeholders.
6. Blueprint the new business system:
 Define the new flow of work.
 Model the new process steps.
 Model the new information requirements.
 Describe the new technology specifications.
7. Perform the transformation:
 Develop a migration strategy.
 Reallocate workforce.
 Educate staff about the new process.
 Implement in an iterative fashion.

Challenges in BPR
 Unfortunately, all BPR projects are not as successful as those described.
 Most of the BPR projects will fall short of expectations.
 Companies that begin BPR projects face many of the following
challenges:-
 Resistance from employees.
 Changing the traditional ways of doing things.
 Time Requirements (BPR is a lengthy process, almost always taking two
or more years to complete).
 High cost of BPR.
 Manpower reduction (BPR often results in employees being laid off).

Maximizing Chances for BPR Success

The guidelines that will help in maximizing chances for success in a BPR
effort are:-
 Realize that not every company needs to re-invent.
 Expect strenuous resistance & manage it properly.
 Get top management support.
 Communicate with employees to prevent rumors & misunderstandings.
 Create an atmosphere of trust & co-operation.
 Change the way employees are evaluated & rewarded to motivate them
to support the system.

52
 Staff the project with the best people & provide them with resources they
need.
 Make sure the employees are adequately trained on how to use the new
system.
 Go for small success at first. Go for more dramatic projects once you
have gained some experience in BPR.

E-Commerce Notes
Unit-3
Lecture-5
Business Process Management (BPM)
 Business Process Management has been referred to as a “holistic
management” approach to aligning an organization’s business
processes with the wants and needs of clients.
 BPM uses a systematic approach in an attempt to continuously improve
business effectiveness and efficiency while striving for innovation,
flexibility and integration with technology
 As a managerial approach BPM sees processes as strategic assets of an
organization that must be understood, managed & improved to deliver
value added products & services to clients.
 BPM is the discipline of modeling, automating, managing, monitoring and
optimizing business processes to increase profitability.
Business Process
A business process is a set activities required to accomplish a common
goal. The activities may be performed by people or systems and are
completed either sequentially or simultaneously. It is best to think of a
business process as the way that work should be performed.
BPM Life Cycle
BPM is a discipline consisting of 5 phases:-
 Model
 Automate
 Execute
 Monitor
 Optimize
1. Model: The first phase of BPM is to create a model. e.g. a globe is a
model of the planet earth. During model phase, we begin by creating a
high level diagram of the process. Initially, the goal to gather just enough

53
 detail to understand conceptually how the process works and the main
steps involved without being distracted by the fine detail of how it will be
implemented.
2. Automate: During the Automate phase, the model is expanded to
create the specific set of instructions, form details and rules needed to
run the process. It is at this point where discussion about how to
specifically implement the processes is made. e.g. while a globe is a
model of the earth, a map provides the detailed directions between two
cities & helps you decide which route to travel.
3. Execute: The Execute phase of BPM consists of interpreting the
instructions created during the Automate phase to manage the flow of
work from the beginning of the phase until its completion. Within BPM
software, the workflow engine is responsible for creating tasks and
automatically directing them to the right people or systems based on the
process rules much like the way a GPS system provides you with step-
by-step driving instructions to your destination.
4. Monitor: The monitor phase is where process performance is
measured, tracked & reviewed for potential improvements. e.g.
identifying that travel time has increased by 30% might cause you to test
an alternative route to avoid the new traffic signals.
5. Optimize: During the optimize phase, managers use data and lessons
learned from manage phase as a foundation to change the process.
Optimization may include such things as enhancing the data collection
forms, adding or removing tasks, automating steps that were previously
completed manually or modifying the reports generated. The goal of the
optimize phase is to identify changes that will improve the process.

E-Commerce Notes
Unit-3
Lecture-6
Customer Relationship Management (CRM)
 CRM is a widely implemented strategy for managing a company’s
interactions with customers, clients & sales prospects. It involves using
technology to organize, automate & synchronize business processes.
 The overall goal is to find, attract and win new clients, nurture & retain
those the company already has & reduce the costs of marketing and
client service.

54
 CRM is an iterative process that turns customer information into positive
customer relationship.
 Some of the leading vendors of CRM systems are Siebel Systems,
Oracle, and People Soft.

Process of CRM
Goals of CRM
 Provide better customer service.
 Make call centers more efficient.
 Increase sales.
 Simplify marketing & Sales processes.
 Discovering new customers
 Increase the quality of Information.
 Improve customer retention.
Three Fundamental Components of CRM
 Operational: Automation of basic business processes (marketing,
sales, service).
 Analytical: Analysis of customer data & behavior using business
intelligence.
 Collaborative: Communicating with clients.
Functions of CRM
 Identify factors important to clients.
 Promote a customer oriented philosophy.
 Adopt customer based measures.
 Provide successful customer support.
 Handle customer complaints.
 Track all aspects of Sales.

55
 Uses of CRM
 Providing on-line access to product information & technical assistance
around the clock.
 Identifying what customer’s value & devising appropriate service
strategies for each customer.
 Providing mechanisms for managing & scheduling follow-up sales calls.
 Tracking all contacts with a customer.
 Identifying potential problems before they occur.
 Providing a user-friendly mechanism for registering customer complaints.
 Providing a mechanism for handling problems & complaints.
 Providing a mechanism for correcting service deficiencies.
 Storing customer interests in order to target customers selectively.
 Providing mechanics for managing & scheduling maintenance, repair &
ongoing support.

Application Components in CRM systems

CRM supports critical Marketing processes including the
following:-
 Technology enabled selling
 Marketing Resource Management
 Segment and List Management
 Call Center Management
 Campaign Management
 Field Service Management
 Trade Promotion Management
 Lead Management
56
 Marketing Analysis

E-Commerce Notes
Unit-3
Lecture-7
Supply Chain
 A supply chain is a system of organizations, people, technology,
activities, information and resources involved in moving a product or
service from supplier to customer.
 Supply chain activities transform natural resources, raw materials and
components into a finished product that is delivered to the end customer.
 In sophisticated supply chain systems, used products may re-enter the
supply chain at any point where residual value is recyclable.
Supply Chain Management(SCM)
 Supply Chain Management is the oversight of materials, information &
finances as they move in a process from supplier to manufacturer to
wholesaler to retailer to consumer.
 SCM involves coordinating & integrating these flows both within &
among companies.
 SCM enables collaboration, planning, execution & coordination of the
entire supply chain, empowering companies to adopt their supply chain
processes to an ever changing competitive environment.
 With better synchronization across the entire supply chain, the business
partners achieve the following major benefits:-
 Lower Inventories & therefore lower financing costs
 Shorter receivable cycles
 Optimal use of production resources & costly workforces
 Faster response to market changes
 Greater satisfaction & loyalty among customers
 Greater profitability
 The military was one of the first organizations to recognize supply
chains & to manage them during World War II.
 The SCM systems have become more efficient & intelligent with the use
of computers, artificial intelligence & other advancements in the field of
information technology.
 SCM solution transform traditional supply chains from linear, sequential
steps into an adaptive supply chain network in which communities of
customer-centric, demand driven companies share knowledge,

57
 intelligently adapt to changing market conditions & proactively respond
to shorter, less predictable life cycles.
 Today almost all organizations-military, manufacturing, service
industries, retailers & so on use SCM systems to improve their efficiency
& effectiveness.
Advantages of Supply Chain Management
 Supply Chain Planning & Collaboration: Supply chain planning
functionality enables you to maximize return on assets & ensures a
profitable match of supply & demand.
 Supply Chain Execution: SCM enables you to carry out supply chain
planning & generate high efficiency at the lowest possible cost.
 Supply Chain Visibility Design & Analytics: SCM gives you network-
wide visibility across your extended supply chain to perform strategic as
well as day-to-day planning.
 Business Benefits: SCM can help you transform linear supply chain into
an adaptive network with the following benefits:-
 Faster response to changes in supply & demand.
 Increased customer satisfaction.
 Compliance with regulatory requirements
 Improved Cash flow
 High margins
 Greater synchronization with business priorities

Just In Time (JIT)

 JIT means to produce goods and services when needed, not too early
and not too late. It is time based and often has quality and efficiency
targets.
 It is a Japanese production management philosophy since 1970s, which
allows having the right items of the right quantity & quality, in the right
place and at right time. This is hand to mouth approach to production.
The primary goal of JIT is to achieve zero inventories within the
organization as well as throughout the entire supply chain.
 The JIT system uses the PULL method of scheduling material flow.
 A JIT system aims to make goods available just-in-time, and these cab
be parts, products or sub-assemblies and achieve some of the following
benefits:-
 Increased Flexibility
 Parts Reduction
 Increased Quality
 Simplicity of System
To achieve the aims of JIT a disciplined approach is needed which
incorporates three principles applied to the organization:-
 Elimination of Waste
58
 Total Quality Management
 Total Employee Involvement
Elimination of Waste: Waste elimination is basically removal of any
activity that is not value-added, but first it has to be identified. These
activities don’t increase product value and are costly to the company.
Examples of non-value added activities include traditional production
methods, i.e, inspection of parts, holding stock inventories, time etc.
Waste can be eliminated from these activities by removal of defects and
by not over producing hence, make-to-order.
Total Quality Management: TQM eliminates waste by eliminating
defects. In a JIT environment, the aim is to prevent defects from
occurring and this is achieved by detecting problems at their source. The
whole organization is involved in the process, right from the stages of
manufacturing, product development and purchasing. Manufacturing
uses statistical process control (SPC) and in-process testing (to allow
detection at source), while product development ensures that new
products can be manufactured to specification. Purchasing makes sure
that the parts that are bought are of required quality.
Total Employee Involvement: Total employee involvement has
management providing the leadership which result in employees wanting
to be involved in the processes. Opportunity is provided through
education & training & work teams.
Benefits of JIT
 Increased Flexibility: A flexible workforce means that the operators must
be multi-skilled which is done through training. The worker should be
free to move from low demand to high demand areas.
 Parts reduction: JIT continuously seeks to reduce inventory levels of raw
materials, work in progress and finished goods. Lower inventory means
less space & less chance of the product being obsolete, damaged or
spoiled.
 Increased Quality: When operating a JIT system, disruption has a major
impact, so quality problems need to be eliminated. Benchmarking
Quality Function Deployment and service design can be used for service
operations. Since employees need to learn the value of providing defect
free services.
 Simplicity of System: Product mix or volume changes as planned by the
Master Production Schedule (MPS) can be accomplished by adjusting
the no. of cards in the system. Production orders are prioritized by the
cards on a post. Production orders for parts that are running low are
moved in front of parts that have more supply.
Potential Pitfalls of JIT
 Many companies fail to understand what JIT is and what it can mean to
them because they fail to implement it properly. Most importantly, they

59
 need to be aware of the tasks, resources, time scale and costs. For this,
the system will need the full backing of the top management.
 The JIT will also fail, if an adequate education programme is not provided.
If careful planning of process & control improvements are not strictly
followed, they will result in JIT not been realized. The planning stage will
require dedication & time and may also require the assistance of an
external consultant(s).
PUSH & PULL System of Production
The term PUSH and PULL are used to describe two different systems
for moving work through a production process.
In traditional environments, a PUSH system is used. When work is
finished at a work station, the output is pushed to the next station or in
the case of final production it is pushed on to the final inventory.
Conversely, in a PULL system-each work station pulls the output from
the preceding station as it is needed; the output of final operation is
pulled by the customer demand or the master schedule. Thus in a PULL
system, work moves on in response to demand from the next stage in
the process, whereas in a PUSH system, work moves on as it is
completed without regard to the next station’s readiness for the work.
Consequently work may pile up at workstations that fall behind schedule
because failure or the detection of a problem of quality.
Built-To-Order (BTO)
 Built-to-order and sometimes referred to as make-to-order (MTO), is a
production approach where products are not built until a confirmed order
for products is received.
 This approach is considered good for highly configured products e.g.
bicycles, computer servers, or for products where holding inventories is
very expensive e.g. aircraft

E-Commerce Notes
Unit-3
Lecture-8
Call Centre
A call centre or call center is a centralized office used for the purpose
of receiving or transmitting a large volume of requests by telephone.
Inbound call centre is operated by a company to administer incoming
product support or information inquiries from consumers.

60
 Outbound call centers are operated for telemarketing, solicitation of
charitable or political donations, debt collection and market research.
In addition to a call centre, collective handling of letter, fax, live support
software, and e-mail at one location is known as a contact centre.
Premise-based Call Centre Technology historically, call centers have
been built onPBX (Private Branch Exchange) equipment that is owned
and hosted by the call centre operator. The PBX might provide functions
such as Automatic Call Distribution, Interactive Voice Response,
and skills-based routing. The call centre operator would be responsible
for the maintenance of the equipment and necessary software upgrades
as released by the vendor.
Virtual Call Centre Technology With the advent of the Software as a
servicetechnology delivery model, the virtual call centre has emerged. In
a virtual call centre model, the call centers operator does not own,
operate or host the equipment that the call centre runs on. Instead, they
subscribe to a service for a monthly or annual fee with a service provider
that hosts the call centre telephony equipment in their own data centre.
Such a vendor may host many call centers on their equipment.

Call Centre Operations

Call Centre Functions

 Workforce management (forecasting, call center scheduling)
 Real-time operational management
 Quality management
 Call center training
 Process review and optimization

61
 Performance reporting and call center analytics
 Call center technology tools and workflows
 Human resources (recruiting and general support)
 Information technology
Contact Center Components
There are four main components that make up a contact center. These
components are:
 Telecommunication Network
 Hardware
 Software
 Infrastructure
Telecommunication Network
A telecommunication network is essential to connect a caller with a
contact center employee. Generally, the following elements are needed
to establish a telecommunication network:
 Public Switched Telephone Network (PSTN)
 Router
 Long Distance Carrier (LDC)
 Ethernet Switch
 Modem
 Server
Contact Center Hardware
The hardware needed for a contact center includes a local area network
(LAN), an automatic call distributor (ACD), agent desktops, computer
technology integration (CTI), web integration, and a predictive dialer. A
predictive dialer enables contact centers to handle hundreds of calls
simultaneously.
Contact Center Software
Important software components include customer relationship
management (CRM) solutions, technical support solutions, and
telemarketing solutions. These solutions help contact center employees
manage customers, resolve and manage technical issues, and provide a
means for marketing. Software is essential to interact with the hardware
and telecommunication network.
Contact Center Infrastructure
All contact centers have different infrastructures. Implementing a contact
center that provides a return-on-investment (ROI) is a task that is not
always easy to achieve without the right infrastructure. Businesses that
need help building or creating a contact center may want to consider
seeking professional consulting services.
Criticism and performance
62
Criticisms of call centers generally follow a number of common
themes, from both callers and call centre staff.
From callers, common criticisms include:
 Operators working from a script
 Non-expert operators (call screening)
 Incompetent or untrained operators incapable of processing
customers' requests effectively[18]
 Obsequious behavior by operators (e.g., relentless use of "sir,"
"ma'am" and "I'd be more than happy to assist you")
 Overseas location, with language and accent problems
 Touch tone menu systems and automated queuing systems
 Excessive waiting times to be connected to an operator
 Complaints that departments of companies do not engage in
communication with one another
 Deceit over location of call centre
 Requiring the caller to repeat the same information multiple times
Common criticisms from staff include:
 Close scrutiny by management (e.g. frequent random call
monitoring)
 Low compensation (pay and bonuses)
 Restrictive working practices (some operators are required to
follow a pre-written script)
 High stress: a common problem associated with front-end jobs
where employees deal directly with customers
 Repetitive job task
 Poor working conditions (e.g. poor facilities, poor maintenance and
cleaning, cramped working conditions, management interference, lack of
privacy and noisy)
 Impaired vision and hearing problems
 Rude and abusive customers

63
 E-Commerce Notes
Unit-1
Lecture-1
Introduction to Commerce
• Commerce is basically an economic activity involving trading or the
buying and selling of goods.
For e.g. a customer enters a book shop, examines the books, select a
book and pays for it. To fulfill the customer requirement, the book shop
needs to carry out other commercial transactions and business functions
such as managing the supply chain, providing logistic support, handling
payments etc.
As we enter the electronic age, an obvious question is whether these
commercial transactions and business functions can be carried out
electronically.
In general, this means that no paperwork is involved, nor is any physical
contact necessary. This often referred to as electronic commerce (e-
commerce).
The earliest example of e-commerce is electronic funds transfer. This
allows financial institutions to transfer funds between one another in a
secure and efficient manner.
Later, electronic data interchange (EDI) was introduced to facilitate
inter-business transactions.
E-Commerce
• “E-Commerce or Electronic Commerce, a subset of E-Business, is the
purchasing, selling and exchanging of goods and services over
computer networks (such as Internet) through which transactions are
performed”.
• “E-Commerce can be defined as a modern business methodology that
addresses the needs of organizations, merchants and consumers to cut
costs while improving the quality of goods and services and increasing
the speed of service delivery by using Internet”.
• E-Commerce takes place between companies, between companies and
their customers, or between companies and public administration.
FEW EXAMPLES OF E-Commerce are:
• Amazon.com, an online bookstore started in 1995 grew its revenue to
more than 600$ million in 1998.
• Microsoft Expedia, an integrated online travel transaction site helps to
choose a flight, buy an airline ticket, book a hotel, rent a car etc. in only
a few minutes.
E-Commerce vs Traditional Commerce
• E- Commerce is about the sale and purchase of goods or services by
electronic means, particularly over the internet. In a pure e-commerce

64
 system, transactions take place via electronic means. In this case, you
will access a cyber bookstore and download a digital book from a server
computer.
• In a physical or traditional commerce system, transactions take place via
contact between humans usually in a physical outlet such as a
bookstore.
For e.g. if you want to buy a book, you will go to a physical bookstore
and buy the physical book from a salesman.
• E-Commerce is more suitable for standard goods, intangible goods;
whereas traditional commerce is more suitable for non standard goods,
perishable goods, and expensive goods.
• Complex products such as cars are better served by integrating e-
commerce and physical commerce.
Difference between Traditional Commerce and E-commerce

65
 E-Business
• “E-Business is the conduct of business on the Internet, not only buying
and selling but also servicing customers and collaborating with business
partners”.

66
• E-Business means connecting critical business systems directly to
customers, vendors and suppliers- via the Internet, Extranet and
Intranets.
• Therefore it means using electronic information to boost performance
and create value by forming new relationships between and among
businesses and customers.
• One of the first to use the term was IBM, in October 1997, when it
launched a campaign built around e-business.
E-Business enables organizations to accomplish the following
goals:-
• Reach new markets.
• Create new products or services.
• Build customer loyalty
• Make the best use of existing and emerging technologies.
• Achieve market leadership and competitive advantage.
• Enrich human capital.

Advantages of E-Commerce to Customers

• Reduced Prices:- Costs of products are reduced since the stages along
the value chain are decreased. For instance, intermediaries can be
eliminated by the company directly selling to the customers instead of
distributing through a retail store.
• 24-Hour Access:- Online businesses never sleep as opposed to brick
and mortar businesses. E-Commerce allows people to carry out
businesses without the barriers of time.
67
• Global Marketplace:- Consumers can stop anywhere in the world.
Currently according to World Trade Organization (WTO) there are no
custom duties put on products bought and traded globally electronically.
This also provides wide selection of products and services to
consumers.
• More Choices:- Provides consumers with more choices. For e.g. before
making any purchase, customer can study about all the major brands
and features of any item. It also provides consumers with less expensive
products and services by allowing them to shop in many places.
Advantages of E-Commerce to Businesses
• Increased potential market share:- The internet enables businesses to
have access to international markets thereby increasing their market
share. Companies can also achieve greater economies of scale.
• Low cost Advertising:- Advertising on the internet costs less than
advertising on print or television depending on the extent of
advertisement.Advertising on the internet itself is less costly since there
is less cost associated with it in terms of printing and limited television
spots.
• Low barriers to Entries:- Anyone can start up a company on the
internet. Start-up costs are a lot lower for companies since there is less
need for money for capital.
• Strategic Benefits:- The Strategic benefits of making a business e-
commerce enabled is that it helps reduce the delivery time, labour cost
and the cost incurred in document preparation, data entry, error
detection etc.
Disadvantages of E-Commerce
• Hidden Costs:- Although buying online is convenient, the cost of this
convenience is not always clear at the front end. For e.g. on-line
purchases are often accompanied by high shipping and re-stocking fees,
a lack of warranty coverage and unacceptable delivery times. In fact, too
many e-commerce companies have developed a reputation of
overcharging for shipping and handling.
• Lack of Security:- One of the main roadblocks to the wide acceptance
of e-commerce by businesses and consumers alike is the perceived lack
of adequate security for on-line transactions.
For e.g. Consumers are growing increasingly worried about providing
credit card information over the Internet.
During the past few years, the press has been filled with reports about
hackers breaking into e-business and stealing credit card information.
• Lack of Privacy:- Customers also worry about the privacy implications of
data gathered by organizations of all types and sizes. Even at the
simplest data level, sales information is stored in databases connected

68
 to web servers, thus exposing the information to cyber criminals.
Because data gathering on the web is so easy, databases routinely
contain information about customer purchasing habits, credit information
and so on. In many cases, companies sell customer database
information to marketing companies. In turn, the marketing companies
engage in massive e-mail campaigns to attract new customers. It
doesn’t take long for the customer’s email box to be filled with unwanted
email (also known as Spam).
• Network Unreliability:- Although the Internet is designed to overcome
the single point of failure problem, there have been several well-
publicized incidents of network failures during the past few years.
Network reliability problems may be generated by such factors as:-
 Equipment failure in the network connection provider.
 Accidental problems caused by nature-such as lightning, floods,
earthquakes that affect communication lines.
 Long response time due to increased network traffic or inadequate
bandwidth.
• Low Service Levels:- Another common complaint about doing business
online is the low level of customer service that online companies tend to
provide. Although technology has automated business transactions to a

large extent, there remains a real need for the human touch. Therefore
e-commerce websites must provide:-
 A pleasant and problem free pre-ordering and ordering experience. The
website design is an important interface.
 Readily available easily used feedback options.
 Quick complaint resolution.
 Timely and low-cost shipping delivery to customers.
Scope of E-Commerce
• E-Commerce is a general concept covering any form of business
transaction or information exchange executed using information and
communication technologies ((ICT’s).
• It includes electronic trading of goods, services and electronic material.
It takes place between companies, between companies and their
customers or between companies and public administrations.

69
• Electronic Markets:-
An electronic market is the use of information and communication
technology to present a range of offerings available in a market
segment so that the purchaser can compare the prices of the offerings
and make a purchase decision
e.g. Airline Booking System
• Electronic Data Interchange:-
 It provides a standardized system for coding trade transactions so that
they can be communicated from one computer to another without the
need for printed orders and invoices & delays & errors in paper handling.
 It is used by organizations that make a large no. of regular transactions.
e.g. EDI is used in the large supermarket chains for transactions with
their suppliers.
• Internet Commerce:-
 Information and communications technologies can be used to advertise &
make sales of wide range of goods & services.
 This application is both for business to business & business to consumer
transactions.
e.g. The purchase of goods that are then delivered by post or the
booking of tickets that can be picked up by the clients

E-Commerce Notes
Unit-1
Lecture-2
Types of E-Commerce/ E-Commerce Market Models
• There are five types of E-Commerce:-
 Business To Business (B2B)
 Business To Consumer (B2C)
 Consumer To Business (C2B)
 Consumer To Consumer (C2C)
 Business To Government (B2G)
Business To Business (B2B):- Business to Business or B2B refers to
e-commerce activities between businesses. An E-Commerce company
70
can be dealing with suppliers or distributers or agents. These
transactions are usually carried out through Electronic Data Interchange
(EDI). EDI is an automated format of exchanging information between
businesses over private networks.
For e.g. manufacturers and wholesalers are B2B Companies.
By processing payments electronically, companies are able to lower the
number of clerical errors and increase the speed of processing invoices,
which result in lowered transaction fees.
In general, B2Bs require higher security needs than B2Cs.
With the help of B2B E-commerce, companies are able to improve the
efficiency of several common business functions, including supplier
management, inventory management and payment management.
Business To Customer (B2C):- Business to Customer or B2C refers to
E-Commerce activities that are focused on consumers rather than on
businesses.
For instance, a book retailer would be a B2C company such as
Amazon.com. Other examples could also be purchasing services from
an insurance company, conducting on-line banking and employing travel
services.
Customer To Business (C2B):-
Customer to Business or C2B refers to E-Commerce activities which use
reverse pricing models where the customer determines the prices of the
product or services.
In this case, the focus shifts from selling to buying. There is an increased
emphasis on customer empowerment.
In this type of E-Commerce, consumers get a choice of a wide variety of
commodities and services, along with the opportunity to specify the
range of prices they can afford or are willing to pay for a particular item,
service or commodity.
Customer To Customer (C2C):-
Customer to Customer or C2C refers to E-commerce activities, which
use an auction style model. This model consists of a person-to-person
transaction that completely excludes businesses from the equation.
Customers are also a part of the business and C2C enables customers
to directly deal with each other.
An example of this is peer auction giant ebay.
Business To Government (B2G):- It is a new trend in E-Commerce.
This type of E-Commerce is used by the government departments to
directly reach to the citizens by setting up the websites.
These websites have government policies, rules and regulations related
to the respective departments.

71
 Any citizen may interact with these websites to know the various details.
This helps the people to know the facts without going to the respective
departments.
This also saves time of the employees as well as the citizens.
History of E-Commerce
• The history of Ecommerce seems rather short but its journey started over
40 years ago in hushed science labs
• In the 1960s, very early on in the history of Ecommerce, its purpose was
to exchange long distance electronic data. In these early days of
Ecommerce, users consisted of only very large companies, such as
banks and military departments, who used it for command control
communication purposes. This was called EDI, and was used for
electronic data interchange.
• Originally, electronic commerce was identified as the facilitation of
commercial transactions electronically, using technology such as
Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT).
These were both introduced in the late 1970s, allowing businesses to
send commercial documents like purchase orders or invoices
electronically.
• The growth and acceptance of credit cards, automated teller machines
(ATM) and telephone banking in the 1980s were also forms of electronic
commerce
• In 1982 Transmission Control Protocol and Internet Protocol known as
TCP & IP was developed. This was the first system to send information
in small packets along different routes using packet switching
technology, like today's Internet! As opposed to sending the information
streaming down one route
• Beginning in the 1990s, electronic commerce would include enterprise
resource planning systems (ERP), data mining and data warehousing
• In 1995, with the introduction of online payment methods, two companies
that we all know of today took their first steps into the world of
Ecommerce. Today Amazon and ebay are both amongst the most
successful companies on the Internet

72
 Functions of E-Commerce
• Marketing:- One of the areas it impacts particularly is direct marketing.
In the past this was mainly door-to-door, home parties (like the
Tupperware parties) and mail orders using catalogues or leaflets. This
moved to telemarketing and TV selling with the advance in television
technology and finally developed into e-marketing.
• Human Resource Management:- Issues of on-line recruiting, home
working and ‘entrepreneurs’ working on a project by project basis
replacing permanent employees.
• Business law and ethics:- The different legal and ethical issues that
have arisen as a result of a global ‘virtual’ market. Issues such as
copyright laws, privacy of customer information etc.
• Management Information System:- Analysis, design and
implementation of e-business systems within an organization ; issues of
integration of front-end and back-end systems.
• Product Operations and Management:- The impact of on-line
processing has led to reduced cycle time. It takes seconds to deliver
digitized products and services electronically; similarly the time for
processing orders can be reduced by more than 90 percent from days to
minutes.

73
• Finance and Accounting:- On-line banking ; issues of transaction costs
; accounting and auditing implications where ‘intangible’ assets and
human capital must be tangibly valued in an increasing knowledge
based economy.
• Economy:- The impact of E-commerce on local and global economies;
understanding the concepts of a digital and knowledge based economy
and how this fits into economic theory.

E-Commerce Applications
• E-Marketing
• E-Advertising
• E-Banking
• E-Learning
• Mobile Commerce
• Online Shopping
• Entertainment

• E-Marketing:-
 E-Marketing also known as Internet Marketing, Online Marketing, Web
Marketing.
 It is the marketing of products or services over the internet.
 It is consider to be broad in scope because not refers to marketing on the
internet but also done in Email and wireless media.
 E-Marketing ties together the creative and technical aspects of the
internet, including design development, advertising and sales.
 Internet marketing is associated with several business models i.e., B2C,
B2B, C2C.
 Internet marketing is inexpensive when examine the ratio of cost to the
reach of the target.

• E-Advertising:-
 It is also known as online advertising it is a form of promotion that uses
internet and World Wide Web to deliver marketing messages to attracts
customers.
Example: Banner ads, Social network advertising, online classified
advertising etc.
 The growth of these particular media attracts the attention of advertisers
as a more productive source to bring in consumers.

• E-Banking:-
 Means any user with a personal computer and browser can get
connected to his banks, website to perform any of the banking functions.

74
 In internet banking system the bank has a centralized data base i.e.,
web-enabled.
 Best example for E-Banking is ATM.
 An ATM is an electronic fund transfer terminal capable of handling cash
deposits, transfer, Balance enquiries, cash withdrawals, and pay bills.
• SERVICES THROUGH E-BANKING:
 Bill Payment Service
 Fund Transfer
 Investing through Internet Banking
 Shopping

• E-Learning:-
 E-Learning comprises all forms of electronically supported learning and
teaching.
 E-Learning applications and processes include web-based learning,
computer-based learning.
 Content is delivered via. The internet, intranet/extranet, audio, or video
tape, satellite TV.
 E-Learning is naturally suited to distance and flexible learning, but can
also be used conjunction with face-to-face teaching.
 E-Learning can also refer to the educational website such as those
offering learning scenarios worst and interactive exercises for children.
 A learning management system (LMS) is software used for delivering,
tracking, and managing training /education.

• Mobile Commerce:-
 Mobile Commerce also known as M-Commerce, is the ability to conduct,
commerce as a mobile device, such as mobile phone.
 Banks and other financial institutions use mobile commerce to allow their
customers to access account information and make transactions, such
as purchasing, withdrawals etc.,
 Using a mobile browser customers can shop online without having to be
at their personal computer.
• SERVICES ARE:
1. Mobile ticketing
2. Mobile contract purchase and delivery mainly consumes of the sale of
ring tones, wallpapers and games of mobile phones.
3. Local base services
• Local discount offers
• Local weather
4. Information services
• News
• Sports, Scores

75
 • Online Shopping:-
 Online shopping is the process whereby consumers directly buy goods or
services from a sell in real time, without intermediary services over the
internet.
 An online shop, e-shop, e-store, internet shop web shop, web store,
online store, or virtual shop evokes the physical analogy of buying
products or services in a shopping center.
 In order to shop online, one must be able to have access to a computer,
a bank account and debit card.
 Online shoppers commonly use credit card to make payments , however
some systems enable users to create accounts and pay by alternative
means ,such as
• Cheque.
• Debit cards.
• Gift cards
 Online stores are usually available 24 hours a day

• Entertainment:-
 The conventional media that have been used for entertainment are
1. Books/magazines.
2. Radio.
3. Television/films.
4. Video games.
Online books /newspapers, online radio, online television, online firms,
and online games are common place in internet where we can entertain.
 Online social networking websites are one of the biggest sources of E-
entertainment for today’s tech-savvy generation.

E-Commerce Notes
Unit-1
Lecture-3
E-Commerce Trade Cycle
• E-Commerce can be applied to all, or different phases of the trade cycle.
• The trade cycle varies depending on:-
 The nature of the organization (or individuals) involved.
 The nature and type of goods or services being exchanged.
 The frequency of trade between the partners to the exchange process.
• The trade cycle has to support:-

76
 Finding goods or services appropriate to the requirement and agreeing
the terms of trade often referred to as search and negotiation.
 Placing the order, taking delivery and making payment i.e., execution &
settlement of transaction.
 After sales activity such as warrantee, service etc.
 There are numerous categories of trade cycles depending on the factors
outlined above and, for many transactions, further complicated by the
complexities of international trade.
• Three generic trade cycles can be identified:-
1. Regular, repeat transactions between commercial trading partners
(Repeat Trade Cycle).
2. Irregular Transactions between commercial trading partners where
execution and settlement are separated (Credit Transactions)
3. Irregular transactions in once-off trading relationships where execution
and settlement are typically combined (Cash Transactions)

• Electronic Markets:-
 It increases the efficiency of the market.
 It reduces the search cost for the buyer and makes it more likely that
buyer will continue the search until the best buy is found.
 It exists in financial markets & they are also used in airline booking
system.
 It is irregular transaction trade.

77
 • Electronic Data Interchange:-
 It is used for regular repeat transactions.
 It takes quite a lot of work to set up systems.
 Mature use of EDI allows for a change in the nature of the product or
service.
e.g. Applications are sending test results from the pathology laboratory
to the hospital or dispatching exam results from exam boards to school.

• Internet Commerce:-
 The first stage
• Advertising appropriate goods and services.
• Internet sites offer only information & any further steps down the trade
cycle are conducted on the telephone.
 The Second stage
• An increasing no. of sites offer facilities to execute & settle the
transaction.
• Delivery may be electronic or by home delivery depending on the goods
and services.
 The final stage

78
• After-sales service.
• On-line support & On-Line services.

Tools & Technologies for E-Commerce

• Electronic data interchange (EDI)
• Bar codes
• Electronic mail
• Internet
• World Wide Web
• Product data exchange
• Electronic forms
• Electronic Data Interchange (EDI)
 EDI is the computer-to-computer exchange of structured business
information in a standard electronic format. Information stored on one
computer is translated by software programs into standard EDI format
for transmission to one or more trading partners. The trading partners’
computers, in turn, translate the information using software programs
into a form they can understand.
• Bar Codes
 Bar codes are used for automatic product identification by a computer.
They are a rectangular pattern of lines of varying widths and spaces.
Specific characters (e.g. numbers 0-9) are assigned unique patterns,
thus creating a "font" which computers can recognize based on light
reflected from a laser.
 The most obvious example of bar codes is on consumer products such
as packaged foods. These codes allow the products to be scanned at
the checkout counter. As the product is identified the price is entered in
the cash register, while internal systems such as inventory and
accounting are automatically updated.
• Electronic Mail
 Messages composed by an individual and sent in digital form to other
recipients via the Internet.
• Internet

79
 The Internet is a global network of millions of diverse computers and
computer networks. These networks can all "talk" to each other because
they have agreed to use a common communications protocol called
TCP/IP. The Internet is a tool for communications between people and
businesses. The network is growing very, very fast and as more and
more people are gaining access to the Internet, it is becoming more and
more useful.
• World Wide Web
 The World Wide Web is a collection of documents written and encoded
with the Hypertext Markup Language (HTML). With the aid of a relatively
small piece of software (called a "browser"), a user can ask for these
documents and display them on the user’s local computer, although the
document can be on a computer on a totally different network elsewhere
in the world.
 HTML documents can contain many different kinds of information such
as text, pictures, video, sound, and pointers, which take users
immediately to other web pages.
 It is this ability to jump from site to site that gave rise to the term "World
Wide Web." Browsing the Web (or "surfing the Net") can be a fascinating
activity, especially to people new to the Internet. The World Wide Web is
by far the most heavily used application on the Internet.
• Product Data Exchange
 Product data refers to any data that is needed to describe a product.
Sometimes that data is in graphical form, as in the case of pictures,
drawings and CAD files. In other cases the data may be character based
(numbers and letters), as in the case of specifications, bills of material,
manufacturing instructions, engineering change notices and test results.
 Product data exchange differs from other types of business
communications in two important ways.
 First, because graphics are involved users must contend with large
computer files and with problems of compatibility between software
applications. (The difficulty of exchanging CAD files from one system to
another is legendary).
 Second, version control very quickly gets very complicated. Product
designs, even late in the development cycle, are subject to a great deal
of change, and because manufacturing processes are involved, even
small product changes can have major consequences for getting a
product into production.
• Electronic Forms
 Electronic form is a technology that combines the familiarity of paper
forms with the power of storing information in digital form. Imagine an
ordinary paper form, a piece of paper with lines, boxes, check-off lists,
and places for signatures. To the user an electronic form is simply a

80
 digital analogue of such a paper form, an image, which looks like a form
but which appears on a computer screen and is filled out via mouse, and
keyboard.
 Behind the screen, however, lie numerous functions that paper and
pencil cannot provide. Those extra functions come about because the
data from electronic forms are captured in digital form, thus allowing
storage in data bases, automatic information routing, and integration into
other applications.
Framework of E-Commerce
• This framework, first developed by Kalakota and Whinston, Professors of
Information Systems and prolific authors on the subject, takes a holistic
view and identifies the different components of business and technology
that make up e-commerce. Using the analogy of the architecture of a
building illustrated in Fig., they explain how the different components fit
and interact together, emphasizing the relative importance of each
component.

• Kalakota and Whinston use the analogy of a traditional transportation

company to describe the complexity of the network and how the different
components that make up the technology infrastructure are interlinked.
 The network infrastructure is like the network of roads that are
interconnected and are of different widths, lengths and quality – for
example, the Internet, local area networks, intranets. Network
infrastructures also take different forms such as telephone wires, cables,
wireless technology (such as satellite or cellular technology).
 The publishing infrastructure (including the WWW, Web servers) can be
seen as the infrastructure of vehicles and warehouses, which store and
transport electronic data and multimedia content along the network.

81
 Multimedia content is created using tools such as HTML and JAVA. This
content can be very different with varying degrees of complexity similar
to different vehicles travelling on the roads. For example, text only, or
more complex is an application, such as a computer game, containing
audio, video, graphics and a programme.
 Messaging and information distribution infrastructure are the engines and
fuel, which transport the data around the network. Once the multimedia
content is created, there has to be a means of sending and retrieving
this information, for example by EDI, e-mail, Hyper Text Transfer
Protocol.
 Once content and data can be created, displayed and transmitted,
supporting business services are necessary for facilitating the buying,
selling and other transactions safely and reliably. For example, smart
cards, authentication, electronic payment, directories/catalogues.
• The next components which facilitate and enable e-commerce and which
are built on the foundations of technology are:
 Public policy, regulations and laws that govern issues such as universal
access, privacy, electronic contracts and the terms and conditions that
govern e-commerce.
 Universal agreement of technical standards dictate the format in which
electronic data is transferred over networks and is received across user

interfaces, and the format in which it is stored. This is necessary so that

data can travel seamlessly across different networks, where information
and data can be accessed by a whole range of hardware and software
such as computers, palmtops, and different kinds of browsers and
document readers.
 The interaction of people and organizations to manage and coordinate
the applications, infrastructures and businesses are all necessary to
make e-commerce work.
 All these elements interact together to produce the most visible
manifestation of e-commerce. These applications include on-line
banking and financial trading; recruitment; procurement and purchasing;
marketing and advertising; auctions; shopping are just a few examples.
 This is a particularly useful framework for managers to understand the
importance of technology and business, both within the organization and
external to it, in the planning and development of any e-commerce or e-
business solution.

82
 E-Commerce Notes
Unit-1
Lecture-4
Electronic Data Interchange (EDI)
• Electronic data interchange (EDI) is the process used by organizations
in order to transmit the data between organizations by electronic means.
It is used to transfer electronic documents or business data from one
computer system to another computer system, i.e. from one trading
partner to another trading partner without human intervention.

• Here, are two major parties i.e. Customer & Merchant,

• Customer firstly order for the required product. Trading party then give
confirmation, Delivery note, Invoice & Acknowledgements for the product
status. At the end, customer pays for the product.
• Here, We have shown the basic overview but EDI is somewhat complex.
EDI is used by organizations for transactions that occur on regular basis
to a predefined format.
• Organizations that send or receive documents between each other are
referred to as "trading partners" in EDI terminology. The trading partners
agree on the specific information to be transmitted and how it should be
used.
• EDI is also known as paperless trading.
• EDI is basically-
• “The transfer of structured data, by agreed message standards,
from one computer system to another, by electronic means.”
 EDI has four elements, each of them essential to an EDI system:
• Structured Data: EDI transactions are composed of codes, & short
pieces of text. Each Element with a strictly defined purpose. Fore.g An
order has codes for the customer & product & values such as quantity
ordered.
83
• Agreed Message Standards: The EDI transaction has to have a
standard format. The standard is not just agreed between the trading
partners but is a general standard agreed at national or international
level. A purchase order will be one of a number of agreed message
standards.
• From one computer system to another: The EDI message sent is
between two computer applications. There is no requirement for people
to read the message or re-key it into a computer system. For e.g. The
message is directly between the customer’s purchasing system & the
supplier’s order processing system.
• By electronic means: Usually this is by data communications but the
physical transfer of magnetic tape or floppy disc would be within the
definition of EDI. Often networks specifically designed for EDI will be
used.
Main Features of EDI:
• EDI’s use structured formatted messages that are based on agreed
standards - in this way the messages can be read by any system that
understands the rules they are governed by. However, this is not always
as simple as it seems, as there are also the provision of EDI translation
software packages.
• Required to set up an interface between the company computer and the
EDI sent/received document.
• EDI provides a relatively fast delivery of electronic documents from
sender to receiver.
• EDI provides direct communication between applications, rather than
between computers.
• EDI includes data management and networking capabilities, data
processing, the efficient capture of data into electronic form, the
processing and retention of data, controlled access to it, and efficient
and reliable data transmission between remote sites.
Benefits of EDI:
• Reduced paperwork: Even when paper documents are maintained in
parallel with EDI exchange, e.g. printed shipping manifests, electronic
exchange and the use of data from that exchange reduces the handling
costs of sorting, distributing, organizing, and searching paper
documents.
• Cost cutting: The use of EDI can cut costs. These include the costs of
stationary & postage but these will probably be fully matched by the
costs of running the EDI service.EDI and similar technologies allow a
company to take advantage of the benefits of storing and manipulating
data electronically without the cost of manual entry.
• Reduced Errors: Another advantage of EDI is reduced errors, such as
shipping and billing errors, because EDI eliminates the need to rekey

84
 documents on the destination side. Keying an information into the
computer system is a source of errors & keying paper orders into order
processing system is no exception.EDI eliminates this source of errors.
On the down side, there is no order entry clerk who might have spotted
errors made by the customer- the customer will get what the customer
asked for.
• Faster Response: With paper orders it would be several days before the
customer was informed of any supply difficulty, such as the product is
out of stock. With EDI the customer can be informed straight way giving
time for an alternative product to be ordered or an alternative supplier to
be used.
• Improved funds transmission: Due to this increased efficiency of non-
paper accounts, cash flow will improve as electric fund transmission is
able to begin much earlier than previously.
• Improved Shipping Service: Shipping is also improved as EDI provides
quick and efficient information as it relies on barcode information to
communicate. It is able to track inventory and eliminates the incidence of
lost packages due to their isolation from the larger shipping order. EDI
greatly improves accuracy of data as it is all automated.
• EDI payment: Payment can also be made by EDI. The EDI payment
system can also generate an EDI payment advice that can be
electronically matched against the relevant invoices, again avoiding
query & delay.
EDI System

Difference between EDI & Email:

• EDI sounds similar to electronic mail (email), but is actually quite
different. While email allow for free unstructured test messages to be
sent from one computer to another (or multiple) computers, EDI supports
structured business messages to be transmitted between partners.
Previously these would have been hard copy documents or printed

85
 business documents. So rather than having documents pass from
person to person, they go from computer to computer.
EDI: THE NUTS AND BOLTS
EDI Standards:
• At the heart of any EDI application is the EDI standard. The essence of
EDI is the coding & structuring of the data into a common & generally
accepted format.
• Documents sent via EDI can serve as input for a receiving a company's
business application because they are formatted according to standards
that stipulate where certain information should be located, such as
where net total amount should appear on an invoice.
• These standards also define how individual pieces of information should
be represented. For example, in the standards for an electronics industry
purchase order, there are specific codes defined to identify the type of
product or service being requested, e.g. PN (company part number), BY
(buyers part number), VP (vendors part number), PW (part drawing), etc.

E-Commerce Notes
Unit-1
Lecture-5
Components of EDI
1. Application service
2. Translation service
3. Communication service

86
1. Application Services :-
It provides the link between application and EDI. It allows you to send documents
from an EDI system. The set of callable routine is used to transfer document from
the business application into EDI document, destination can be either intra-company
or to the external companies.

2. Translation service:-
Converts the outgoing documents from an internal format file to an agreed external
format. Translates internal document from external format to EDI internal format file.

87
3. Communication service:-
The communication service sends and receives transmission files to and from the
trading partners either directly or by using party service called a valued added
network (VAN).

File Types
EDI creates following files as a document passes through the system:
1. Internal format file (IFF):-
It contains single document for single trading partner.
2. External format file (EFF):-
It contains same data as the internal format file translated into the appropriate
standard document format.
3. Transmission file:-
It contains one or more document for the same trading partner. Documents of same
format are packed into functional groups. The functional groups going to one trading
partner are packaged into an interchanged set.

EDI software
1. Translators:-
Every EDI sender and receiver should have EDI translator. It varies based on the
computer on which it is going to reside. The computer may be a micro computer or a
midrange or a mainframe. Translator reads the fixed length file and generates valid
EDI standard and maintains control information.
2. Application link software:-
Application link software is used to collect information from the business application
and then it formats into fixed length computer file and passes it onto translators.
Types of EDI standards:
• Proprietary standard - EDI standard developed for a specific company or industry.
This is also called a non-public or private standard.
• Public standard - EDI standard developed for use across one or more industries.

88
 EDIFACT
• Electronic Data Interchange for Administration, Commerce, and Transport is the
international set of EDI standards
• Became a UN standard in 1987
• Maintenance and further development is the responsibility of the United Nations
Centre for Trade Facilitation and Electronic Business (UN/CEFACT)
• Includes syntax rules and implementation guidelines, message design guidelines,
data elements, code sets, and other definitions
• Used for business-to-business (B2B) communication rather than business-to-
consumer (B2C)
• Allows multi-country and multi-industry exchange
The four pillars of EDIFACT

• Syntax
• Rules for the definition of a message structure
• Data elements
• Smallest data unit
• Include codes & the values for items such as date & address code
• Segments
• Groups of related data elements
• Messages
• Ordered sequence of segments
• Defines a business transaction

• United Nations/Electronic Data Interchange For Administration, Commerce and

Transport (UN/EDIFACT) is the international EDI standard developed under
the United Nations.

EDIFACT Structure Chart

89
• For EDIFACT each document type is referred to as a message. For trade
purposes the documents include order, dispatch advice, invoice, payment
order & remittance advice. Other sectors include their own documentation
requirements, sectors using EDIFACT include:
• Transport
• Customs
• Finance
• Construction
• Statistics
• Insurance
• Tourism
• Healthcare
• Social Administration
• Public Administration

EDIFACT subsets

E-Commerce Notes
Unit-1
Lecture-6
EDI Layered Architecture

90
 EDI Semantic layer:-
 Describes the business application
 Procurement example
• Requests for quotes
• Price quotes
• Purchase orders
• Acknowledgments
• Invoices
 Specific to company & software used
EDI Standard Layer:-
 Specifies business form structure so that information can be exchanged it
also influence the content at application layer.
 The most competing standards are:
• American National Standards Institute(ANSI)X12
• EDIFACT developed by UN/ECE, Working Party for the Facilitation of
International Trade Procedures
EDI Transport Layer:-
 It corresponds with non electronic activity of sending business from one
company to another company.
 It can send via postal service, registered and certified mail & email etc.
 Generally, EDI transport layer chooses email as the carrier service.

EDI Physical Layer:-

 It describes physical devices which are involved in transaction.
 Dial-up lines, Internet, Value-Added Networks etc.

91
 EDI in India
EC/EDI Council of India:
Chairman: Secretary Department of Commerce
Secretariat: EC/EDI Division Department of Commerce
Udyog Bhawan, New Delhi - 110011
EC/EDI council is the apex body consisting of all the key government
departments and representatives of trade and industry. It is responsible
for laying down the policy frame work and direction for:-
• promotion and propagation of EDI and Electronic Commerce.
• creating awareness and education among the potential EC/EDI
functionaries and users
• streamlining procedures and practices attending to legal issues
• human resource development
• any other issue connected with EDI and Electronic Commerce
India EDIFACT Committee:
Chairman: Additional Secretary Department of Commerce
Secretariat: EC/EDI Division Department of Commerce
Udyog Bhawan, New Delhi - 110011
The India EDIFACT Committee (IEC) is responsible for formulatin
standards, streamlining the procedures in line with UN/EDIFACT and
maintain liaison with UN/EDIFACT bodies.
To address all the information needed on different sectors and its
interface with UN/EDIFACT standards following Message Development
Groups are working –
 Ports Message Development Group under Indian Ports Association (IPA)
 Airports Message Development Group under Airports Authority of India
(AAI)
 Financial Message Development Group under Indian Banks Association
(IBA)
 Customs Message Development Group under Central Board of Excise &
Custom (CBEC)
 Private Sector Message Development Group under Federation of Indian
Export Organisations (FIEO)
 Working Group: The working group is responsible for motivating various
functionaries in the government and ensure scheduled implementation
of program.
 Technical Assessment Group: The Technical Assessment Group is
responsible for assessing the messages developed by the various
agencies for structure and syntax conformance, to review the
Implementation Guidelines prepared by various agencies for the
respective messages developed by them and to prepare and circulate
the EDIFACT Message Directory.

92
 Chairman : Senior Technical Director, NIC Department of Commerce
Secretariat : EC/EDI Division Department of Commerce Udyog Bhawan,
New Delhi - 110011
Education and Awareness: The Department of Commerce has
identified key areas where immediate attention was required such as
user awareness and human resource development. For creating
awareness in respect of EC/EDI, four organizations have been identified
namely Federation of Indian Export Organizations (FIEO), All Indian
Management Association (AIMA), National Informatics Centre (NIC) and
Indian Institute of Foreign Trade(IIFT). The course contents for
awareness and training programmes have been structured and
programmes for various level of management have been devised. This
Ministry also organizes EDICON (An international conference and
exhibition on Trade Facilitation (TF/EC/EDI) every year along with
special session for CEOs of top Indian companies.
VAN Service Providers: Department of Telecom has already licensed
a number of operators for Value Added Network (VAN) services.
National Informatics Centre (NIC) and Videsh Sanchar Nigam
Limited(VSNL) are the two major companies/organizations providing
high speed information highway for EC/EDI services within the country
and connectivity to foreign networks. A number of other companies also
recognized the emerging EC/EDI market and approached the
Department of Telecommunications, which is the licensing authority for
(VAN) Value Added Network operations in India. Companies such as
Global Electronic Commerce Services Ltd., Mahindra Network Services,
Satyam Infosys, CMC Ltd., Manipal Control Data Electronic Commerce
Systems etc.., have started EC/EDI services.
Co-ordinated EC/EDI implementation project
 To facilitate international trade a co-ordinated EC/EDI implementation
project is underway in following departments/organisations :
– Customs
– Directorate General of Foreign Trade (DGFT)
– Apparel Export Promotion Council/Cotton & Textile Export Promotion
Council etc.
– Port Trusts
– Airport Authority of India (AAI)
– Container Corporation of India (CONCOR)
– Reserve Bank of India (RBI)
– Scheduled Banks
– Airlines
– Indian Railways
– CHA/Freight Forwarders
– Export Promotion Organization

93
 EDI IMPLEMENTATION
• The First Technical element of the EDI system is the EDI software. It is a
complete suite of software for creating, transmitting, receiving, managing
and tracking EDI documents. It contains the tools needed to fine-tune
EDI invoicing, from EDI document editing, to document review, to
document selection.
• The system design is comprehensive and can convert invoices, returns,
change notices, statements, purchase orders, and title catalogues into
the EDI format.
• If pens & things is to send an order from its production control system to
packaging solutions it needs to code that order into the agreed EDI
standard &’squirt’ it into the chosen VADS. To pickup the order at the
other end, packaging solutions has a similar need to extract the data
from the network & to decode the data from EDI message into its order
processing system. The coding/Decoding of EDI messages & interfacing
with VADS in normally achieved using EDI software as shown in Fig.
Sending an order using EDI software

• Technically EDI comes down to imports/exports to/from your system and

some data communication. It is good practice to keep this import/export
as simple as possible, and to concentrate on the impact of EDI on your
system and organization. You will want ONE import/export in your
system (for each information flow).You don't want to handle all the EDI
details in the import/export module, like you don't want to handle the
logic of printer drivers in your application.

E-Commerce Notes
Unit-1
Lecture-7
EDI Enabled Procurement Process
PROCUREMENT
94
 Procurement is the process whereby companies purchase goods and
services from various suppliers. These include everything from indirect
goods like light bulbs, uniforms, toilet paper, and office supplies, to the
direct goods used for manufacturing products.
 Procurement also involves the purchase of temporary labor, energy,
vehicle leases, and more. Companies negotiate discount contracts for
some goods and services, and buy others on the spot. Procurement can
be an important part of a company's overall strategy for reducing costs.
 Historically, the individuals or departments responsible for purchasing a
company's goods and services relied on various methods for doing so.
The most basic included placing orders via telephone, fax, or mail.
E-PROCUREMENT
 Electronic procurement methods, generally referred to as e-procurement,
potentially enable the procurement process to unfold in a faster, more
efficient manner, and with fewer errors. These methods include
electronic data interchange (EDI), online marketplaces or e-
marketplaces, and various blends of the two.
 EDI deals more with the way information is communicated during
procurement than it does with the act of linking buyers and suppliers.
 By definition, EDI is the electronic exchange of business information—
purchase orders, invoices, bills of lading, inventory data, and various
types of confirmations—between organizations or trading partners in
standardized formats.
 EDI also is used within individual organizations to transfer data between
different divisions or departments, such as finance, purchasing, and
shipping. Two characteristics set EDI apart from other ways of
exchanging information.
 First, EDI only involves business-to-business transactions; individual
consumers do not directly use EDI to purchase goods or services.
 Secondly, EDI involves transactions between computers or databases,
not individuals. Therefore, individuals sending e-mail messages or
sharing files over a network does not constitute EDI.
 EDI can occur point-to-point, where organizations communicate directly
with one another over a private network; via the Internet (also known as
open EDI); and most commonly, via value-added networks (VANs),
which function like telephone lines by allowing for the transfer of
information.
 In the early 2000s, although many companies still relied on VANs, the
Internet was playing a larger role in EDI. It is possible for companies to
translate the files used during EDI and send them to another company's
computer system over the Internet, via e-mail, or file transfer protocol
(FTP).

95
 Because it is an open network and access is not terribly expensive, using
the Internet for EDI can be more cost effective for companies with limited
means.
 It has the potential to provide them with access to large companies who
continue to rely on large, traditional EDI systems.
 The low cost associated with open EDI also means that more companies
are likely to participate. This is important because the level of value for
participants often increases along with their number.
E-procurement tools and applications:
Some e-procurement tools and applications include:
 Electronic systems to support traditional procurement
 EDI (electronic data interchange)
 ERP systems
 Internet as a support or complement to traditional procurement
 Electronic mail (e-mail)
 Web enabled EDI
 Extensible markup language (XML)
 World wide web (www)
 Internet tools and platforms that replace traditional procurement
EDI (Electronic Data Interchange)
 EDI is an application whereby electronic messages can be exchanged
between computer programs of two separate organizations. Some
features of EDI include:
 Messages are exchanged in groups, known as batches.
 Messages can automatically be sent, transmitted and stored between
computers without retyping or keying data.
 EDI has to be implemented by each pair of organizations (sender and
receiver) who wish to use it. This means that the implementation costs of
EDI are relatively high.
 EDI is mostly used where the messages exchanged concern such
matters as orders, confirmations, transport information and invoicing.
 EDI traditionally runs on so-called, “Value Added Networks”, which are
closed networks (unlike open networks like the Internet).
The figure below illustrates the categories of electronic communication
exchange between people and computers:-

96
 Internet tools and platforms that replace traditional
procurement: Some internet tools and platforms that replace traditional
procurement include:
 E-sourcing
 E-tendering
 E- auctioning
 E-ordering and web-based ERP
 E-informing
 E-Sourcing: E-sourcing supports the specification phase; it can be used
to pre-qualify suppliers and also identifies suppliers that can be used in
the selection phase. For suppliers the benefit is: “marketing” and for the
buying organizations the benefit is facilitating the sourcing of suppliers.
The UN Global Market Place (UNGM www.ungm.org) is an example of
an E-sourcing tool.
 E-tendering: E-tendering supports the selection stage and acts as a
communication platform between the procuring organization and
suppliers. It covers the complete tendering process from REOI via
ITB/RFP to contracting, usually including support for the analysis and
assessment activities; it does not include closing the deal with a supplier
but facilitates a large part of the tactical procurement process. It results
in equal treatment of suppliers; transparent selection process; reduction
in (legal) errors; clear audit trial; more efficiency in the tactical
procurement process and improved time management of tendering
procedures. Some UN organizations such as UNDP-IAPSO and UNHCR
have used E-tendering in the formulation of long-term agreements for
vehicles, tents, motorcycles and pharmaceuticals through an in-house
developed tendering portal.
 E-auctioning: E-auctioning supports the contract stage. It enables the
closing of a deal with a supplier if parties agree on price. They operate
with an upward or downward price mechanism e.g. e-auctioning with

97
 upward price mechanism for the selling organization and e-reverse
auctioning with a downward price mechanism for the buying
organization. They can be made in accordance with traditional ITB/RFP.
They are internet based using open or closed systems.
 E-ordering and web-based ERP: E-ordering and web-based ERP is the
process of creating and approving procurement requisitions, placing
purchase orders, as well as receiving goods and services ordered, by
using software systems based on the Internet.
 E-informing: E-informing is not directly associated with a stage in the
procurement process; it is the process of gathering and distributing
procurement information both from and to internal and external parties
using Internet technology.
E-procurement in the procurement cycle: The figure below shows the
six forms of e-procurement plotted in the procurement process

Each of these forms can be explained as follows:

 E-sourcing supports the specification phase; it identifies suppliers that
can be used in the selection phase.
 E-tendering supports the selection phase; it facilitates the REOI and
ITB/RFP activities, usually including support for the analysis and
assessment activities.
 E-reverse auctioning supports the contract phase; it enables closing a
deal with a supplier;
 E-ordering and web-based ERP is the process of creating and approving
procurement requisitions, placing purchase orders, as well as receiving
goods and services ordered, by using a software system based on the
Internet.

98
 E-informing is not directly associated with a phase in the procurement
process; it is the process of gathering and distributing procurement
information both from and to internal and external parties using Internet
technology.
E-procurement strategy – costs, benefits and risks
The following costs and benefits as identified by de Boer, Harink et al.
(2002), can be influenced by e-procurement:
 The cost of expenditure on goods/services related directly to the
production/service delivery.
 The cost of non-production of goods and services.
 The cost of operational procurement activities – e.g., requisitioning,
ordering, expediting and administrative support.
 The cost of tactical procurement activities – e.g., formulating
specifications, selecting suppliers, negotiating with suppliers,
contracting, disposals etc.
 The costs of strategic procurement activities – e.g., spend analysis,
transaction analysis, market analysis, planning, developing procurement
policies etc.
 Internal benefits arising from investments in particular inter-organizational
relationships.
 The contribution of investments in particular inter-organizational
relationships to revenues.
 These costs and benefits should be assessed in relation to each e-
procurement tool. While it is usually assumed that e-procurement will
automatically deliver benefits, the actual benefits will depend on many
factors including: cost of required investment, ability to convert
associated savings to cash, nature of the procurement process being
automated, particular supply market and the extent to which the
organization supports its implementation

E-Commerce Notes
Unit-1
Lecture-8
Web Based E-Commerce
• Only a few years ago, businesses encountered major difficulties in
delivering online information and applications even to their own
employees, especially across geographically dispersed areas and to
remote users. Today, businesses can easily deliver information to

99
 employees, customers, partners, and the public at large, regardless of
location. Many observers point to the Web as the catalyst for this
change.
• While many of us use the Internet on a daily basis, few of us have a clear
understanding of its basic operation. From a physical standpoint, the
Internet is a network of thousands of interconnected networks.
Included among the interconnected networks are:
(1) The interconnected backbones that have international reach;
(2) A multitude of access/delivery sub networks and
(3) Thousands of private and institutional networks connecting various
organizational servers and containing much of the information of
interest.
• The backbones are run by the network service providers
(NSPs), including companies like MCI, Sprint, UUNET/MIS, PSINet, and
BBN Planet. Each backbone can handle over 300 terabytes per month.
• The delivery sub networks are provided by the local and
regional Internet Service Providers (ISPs). The ISPs exchange data
with the NSPs at thenetwork access points (NAPs). Pacific Bell NAP
(San Francisco) and Ameritech NAP (Chicago) are examples of these
exchange points (Minoli and Minoli 1998).
The following Fig. shows a high-level view of the interconnections
among the ISPs, NAPs, and the backbones

• When a user issues a request on the Internet from his or her computer,
the request will likely traverse an ISP network, move over one or more of
the backbones, and across another ISP network to the computer
containing the information of interest.
• The response to the request will follow a similar sort of path. For any
given request and associated response, there is no preset route. In fact,

100
 the request and response are each broken into packets, and the packets
can follow different paths.
• The paths traversed by the packets are determined by special computers
called routers. The routers have updateable maps of the networks on
the Internet that enable them to determine the paths for the packets.
Cisco (www.cisco.com) is the premier provider of high speed routers.

Choosing the right format for Website

Essential Characteristics of a Good Business Site:
1. Easy Navigation is a must-have on any website. Visitors should be
able to easily find the information they are looking for, and fast. Think
about your own experience. How many times have you been to a
website, took a few seconds to look around, couldn’t figure out what the
purpose of the website was, and just left? Put important information on
multiple pages, clearly label links, and organize your site. Put yourself in
a visitor’s shoes and try to think about what information they would want
and where they would look for it.
2. A Call to Action takes the purpose of your site to the next level. For
example, if you want to use your site to drive sales, encourage people to
check out your web store by placing links to the store’s page in eye
catching places, or maybe even offer them a discount. Or is your goal to
build relationships with your customers? Try giving them an incentive to
become a member on your site or to sign up for a free newsletter. Giving
freebies is a great way to get a visitor’s attention and to get them to take
action according to your purpose.
3. Attractive Design is a no brainer. Visitors won’t bother with your site
if they can’t make heads or tails of it. Make sure your site includes a
great header that captures a user’s attention and some eye-catching
graphics. Don’t overdo it, though! Having too many graphics or
animations may distract the visitor from your content. You also don’t
want your site to seem too uncoordinated and “overdone”. Another
design note: make sure your content is easy to read. Visitors get turned
off when the font colors and size are too hard to read. Make sure that
when you write your content, you format it for readability, too. Make use
of line breaks, bold words, and bullet points to make sure your visitors
can skim through easily.
4. Sticky Content is the meat of your website. The content on your web
pages determines the quality of your website. So what do we mean by
“sticky content”? This is a phrase that describes great content that gets
visitors to spend more time on the website or gets them to return. So
how do you get your content to become “sticky”? You want to make sure
that the content on your site holds value for your visitors. Try to provide
useful information or interesting points of view. Plainly stated, if you have

101
 genuinely interesting and valuable information on your site, people will
value your site and come back again.
5. Credibility is the key to doing business online. The internet can be a
dangerous place full of scams, viruses, and shady dealings. A visitor will
not do business with you if they do not feel that they can trust your site.
So how do some sites seem more credible than others? For the most
part, along with site design, it is the attention to detail. Scammers are
often looking for a quick buck, so they do they put very little effort into
their sites. There are small signs that visitors look for when they
determine credibility. Some of these signs include a unique domain
name (ex: www.thisbiz.com), an email address that coincides with that
domain name (ex: [email protected]), and maybe even a toll free
number. All of these things show that the business is invested in what it
does, and makes the visitor feel more comfortable about doing business
with it. You can obtain all of these credibility boosters easily through
Webs!
6. Mobility is becoming more and more essential as time goes on.
Some experts say that mobile internet browsing will be bigger than
desktop internet browsing by as soon as 2015. Mobile browsing and
mobile online shopping are some of the biggest online trends, so
needless to say, it is important to be ahead of the curve and have a
website that can be easily accessed on a mobile device. Its okay if you
don’t have the know-how to do this because Webs has a Mobile App
that makes it easy: just activate it on the app page, make a few design
selections and you are good to go. Our mobile app was just updated
with a bunch of new features, making it a must-have on any site.
Web Store and Horizontal /Vertical portals
 A Web Portal is a website which works as a single source for different
information on a particular domain. It is a useful access point which
helps the users to go easily from one page to another while navigating
for information which they are in search of.
 Web Portal gives a list of information arranged well for the accessing
purpose of the users. Placing the right amount of keywords in the pages
at the right positions also can make a difference to your website traffic.
Ultimately what matters in content development is to understand and
provide what customers search for the most online.
 Portals have information stored which links to various topics like
business, new, finances, travel, entertainment, shopping and so on. The
popular portals on the internet are Yahoo!, AOL and Google. These
portals can be termed as personal portals, as it stores the history data,
emails and profile information of the user.
 High resolution images and big files of videos may be required to attract
people but it’ll be of no use if the page takes long time to load. An ideal
102
 portal depends mainly on search and navigation, notification,
personalization, task management, work flow and collaboration.
Enterprise portal development can be divided into two divisions –
 Horizontal Enterprise Portals or Mega Portals or HEPs
 Vertical Portals or Vertical Enterprise Portals or VEPs.
Horizontal Enterprise Portals (HEPs)
A Horizontal Portal is a website that is public and helps to give its users
all the necessary services they are in need of. Examples of horizontal
portals or HEPs are NetCenter and MyExcite. Horizontal Enterprise
Portals include chat groups, horoscopes, weather, stock prices, news
and shopping.
These send requests to users for making their page the first page one
sees while using the web. These personalizes the page one sees by
selecting the city one chooses for knowing the weather, selecting the
new sources and stocks one likes to be displayed on the page and alter
the web page appearance.
Thus one is able to build multiple stock portfolios and see the updated
valuations very often. It has to be noted that if one access HEP from
another computer, it loses all the personalization characteristics.
HEPs does not give any kind of information related to any organizations,
as they are not connected to any data sources of any organization other
than their own. It delivers access to all the web information one needs
on one’s own organization.
Vertical Enterprise Portals (VEPs)
Vertical Enterprise Portals or VEPs deliver information related to any
organization. A Vertical Enterprise Portal is an enterprise portal which is
used in a specific department for particular business functions like
accounting, customer service or e-commerce. When a user logs to a
VEP, a customized portal page is produced. This is linked to the user
who is logged on to.

E-Commerce Notes
Unit-1
Lecture-9
Steps in setting up Business on Internet
1. Create a great site: This is No. 1 for a reason. You have to have a
great-looking, intuitive, easy-to-navigate site if you are going to be taken
seriously by potential e-customers. Your site must look professional.

103
 Pictures and content must load quickly. There can be no dead links.
Have a robust "About" page.
The good news is that it is easy and affordable to create a great site –
look for online hosts that have pre-made templates you can customize.
Web surfers who come to your site will judge it in about three seconds.
That's all you've got. You better impress them the moment they hit it.
2. Pick your products: You should try to find the right product at the
right price, he will make a profit. Where do you find great, inexpensive
products? It depends on what you plan to sell. It may be a matter of
spending weekends picking up some good, cheap stuff. If you want a
more formal arrangement, there are wholesalers and distributors for
almost any product you need.
3. Have an online catalog or store: When you shop online, there is
usually a catalog of products to choose from: Tiny pictures with product
descriptions. That is what you have to do. Happily, you do not have to
create this from scratch. Your e-commerce site host (see below) will
offer a store creation tool, with point-and-click ways to add products,
pictures, and descriptions.
4. Have the ability to process payments: This issue is two-fold: The
financial ability to process credit card payments comes when you have a
merchant account. Search for that term online. The physical ability to
process such payments is, again, something your host will offer. Search
for "online merchant services" or "E-commerce hosting."
5. Market and promote your site: All these steps are important, but this
one may be a little more important. People have to find your site. No
matter how nice it looks or how cool your products, if no one knows
about the site, it is a waste of time, money, and effort.
Master search engine optimization (SEO) techniques. Engage in viral
marketing. Tweet. Have a Facebook fan page. Try pay-per-click.
Advertise.
6. Fulfillment: You have to deliver what you sell, on budget and on time.
Don't forget to add the cost of shipping to your prices.
7. After-sales support: How will you handle returns? What should you
upsell? Support is the difference between a one-time sale and creating a
customer for life.
What is a Domain Name?
 A domain name is a unique name for a web site, like w3schools.com.
 Domain names must be registered. When domain names are registered,
they are added to a large domain name register. In addition, information
about the web site, including the IP address, is stored on a DNS server.
 DNS stands for Domain Name System. A DNS server is responsible for
informing all other computers on the Internet about the domain name
and the web site address.
104
 Registering a Domain
Domains can be registered from domain name registration companies.
These companies provide interfaces to search for available domain
names, and they offer a variety of domain name extensions that can be
registered at the same time.
Choosing a Domain Name
 Choosing a domain name is a major step for any individual or
organization.
 New domain name extensions and creative thinking still offer thousands
of excellent domain names!
 When choosing a name, it is important to consider the purpose of a
domain name, which is to provide an easy way to reach your web site.
The best domains have the following characteristics:
 Short - People don't like to type! A short domain name is easier to type,
read, and remember.
 Meaningful - A short domain is nothing without meaning, 34i4nh.com is
not easy to enter or to remember. Select a domain that relates to your
site in a way that people will understand.
 Clear - Clarity is important when selecting a domain name. Avoid a name
that is difficult to spell or pronounce.
 Exposure - Names that are short and easy to remember are an asset. In
addition to visitors, also consider search engines. Search engines index
your site and rank it for relevance against terms people search for. In
order to maximize your sites exposure, consider including a relevant
search term in your domain. Of course, only consider this if it still
maintains a short, clear and meaningful domain name.
Sub Domains
 Most people are unaware that they use sub domains daily. The famous
"www" of the World Wide Web is an example of a sub domain. Sub
domains can be created on a DNS server, and they don't need to be
registered with a domain name registrar, of course, the original domain
name needs to be registered before a sub domain could be created.
 Examples of sub domains used on the internet are
http://store.apple.com and http://support.microsoft.com.
 Sub domains can be requested from your web hosting provider.
False Domain Names - Directory Listings
 Some providers will offer you a name under their own name,
like: www.theircompany.com/yourcompany/ This is not a real domain
name, it is a directory - and you should try to avoid it.
 Directory domains are not desirable, especially for companies.

105
 Typically, directory domains are used for personal web sites and free
web sites provided by an ISP, you may have
seenwww.theircompany.com/~username as an address.
 Competition in domain name registration has resulted in a dramatic
decrease in pricing, so domain sharing is not common, since it is
possible to register a domain name for only $15 per year.
Expired Domains
 Another source for domain registrations is expired domains.
 When you register a domain, think of it as a rental, assuming there are
no legal or trademark issues with the domain name, you are free to use
it as long as you continue to pay the yearly fee (you can now register in
advance as many as 10 years). Some people register domains as
speculators, hoping that they can later sell them, while others may have
planned to use a domain and never had the time. The result is that
domains that were previously registered become available again.
Use Your Domain Name
 After you have chosen and registered your own domain name, make
sure you use it on all your web pages, and on all your correspondence,
like e-mail and traditional mail.
 It is important to let other people be aware of your domain name, and to
inform your partners and customers about your web site.

Web Authoring Tools

Web authoring tools are used to create web content, and cover a wide
range of software programs. The programs include word processors,
desktop publishing programs, webpage builders, website management
systems and HTML editors. Any software program that can be used to
create content that can be uploaded and viewed on the Internet or
intranet network systems is considered a web authoring tool.
 Word Processors
Word processors such as Microsoft Word, WordPerfect or OpenOffice
Writer are some of the most basic types of web authoring tools available.
Word processors contain an option that allows users to create web
pages from text documents. Users type in content using a keyboard and
the processors convert the documents into standard HTML markup and
save the document as a .txt file. The .txt file can be uploaded directly
onto a server to create a quick and easy web page.
 Desktop Publishing
Desktop publishing programs can be used to create hard copy content,
such as magazines or newspapers, or used as a web authoring tool. The
programs feature word processors to create instantly written web

106
 content combined with advanced web authoring options, such as page
layout and style elements.
Desktop publishing programs create virtual pages of web content that
can be linked together. Users can add multimedia to the pages, such as
video, graphics or audio files. The programs convert the pages to HTML
and CSS sheets that can be uploaded to the Internet.
 Website Management Systems and Webpage Builders
Website management systems, or hosting sites, are systems that allow
users to upload and manage their web pages. These systems usually
offer their users many web-authoring tool options to create and maintain
their web pages. Tools can include webpage builders, shopping
systems, audio/visual editors and domain options.
Many web hosting sites offer their customers free webpage builders that
help them to create web pages or entire websites. The builders
incorporate many web authoring tools, including word processing,
graphic editing, templates and layout schemes. Webpage builders have
two main editing options: HTML or a non-HTML interface. Users who
have limited HTML knowledge can use the non-HTML interface to drop
and drag items to create layouts and use the text option to type in
content.
 HTML Editors
HTML editing programs are some of the most powerful web authoring
tools, and are mainly used by professionals to create commercial web
pages. Most HTML editors are similar to web-page builders in offering
users HTML or non-HTML interfaces. The non-HTML interface allows
the user to see how the web page will look when it is uploaded to the
Internet. HTML editors can be used to create basic HTML markup like a
word processor, or can create more advanced language, such as CSS,
JavaScript or XML. Most of the work is performed using a built-in text
editor.
The text editors feature an array of functions besides basic content
input, such as linking, spell check, accessibility features and code
formatting. Text editors create the HTML markup as the user is working
with the editor, which allows for faster editing of visual layout.
HTML editors feature HTML validation checkers that will run through a
web page and check for markup errors and accessibility validation
issues. Most of the other web authoring tools don't offer this option; web
authors only become aware of a problem after the web page is on the
Internet.

Website hosting considerations-own versus rented server

Should You Own Your Servers or rent Servers?

107
• Technology buyers today have more choices than ever before. Hardware
and software can be purchased, leased or rented. Software can
deployed "on-premise" or accessed "on demand" using cloud computing
offerings, where you pay a monthly fee for software access. Each of
these options have their place.
• In spite of the trend toward cloud computing, many companies are still
buying servers and software to run their business. In fact, most
businesses will deploy one or more servers in-house for needs which
are not effectively met by in-cloud services.
• Before you go out and buy your own servers, consider your options. A
server purchase requires an upfront investment, but over the course of
several years, you may meet your business objectives much more
effectively by buying servers and software vs. using cloud computing or
co-location (data center rented server space) options
• When you use cloud computing, you're also usually limited to standard
options. Extensive software customizations are normally installed on
your own server. For example, if you want store documents among your
team "in the cloud" using Microsoft Share Point Online that's easy. But if
you want to customize SharePoint extensively, or use it as your external
website, a traditional on premise SharePoint implementation is going to
be the right choice for you.
• Is your best option to own servers? After you look at the functionality you
require, be sure to take into consideration these hidden expenses of
owning servers in-house so that you can create an apples-to-apples
comparison with your technology decisions
 Server maintenance. No one has yet invented a "set it and forget it"
server. Servers require regular updates and maintenance to keep up
with changes in technology and to respond to malware threats. The
operating system and software applications running on the server also
require updates.
 Server administration. Who is going to run your updates and regularly
perform maintenance on your servers? Here you have several options.
You can hire an in-house IT administrator. You can hire an IT consultant.
Or you can hire a managed service provider who will take care of the
routine work for a set monthly price. The option you choose should be
based on your IT workload.
 Server rent. Part of your office rent goes toward providing a secure
location for your server. Because servers consume increased energy,
sometimes they require a dedicated room with temperature control. You
don't want your employees to freeze just to keep your servers cool.
Contact your hardware provider about estimated energy consumption
costs.

108
 Server backups and redundancy. A server contains your company's
most valuable information. When your server is located in your office,
you have to take extra steps to protect your data from being damaged or
destroyed. This commonly means creating off-site backups and testing
to make sure that the recovery process works. Some companies also
invest in server redundancy, so that if one server crashes, the other one
immediately takes over.
 Server utilization. Companies typically buy more server than they
currently need so they have room for growth. A little extra capacity is
necessary, but too much will cost you. Develop a hardware plan so that
you don't overbuy up front. Instead, scale up as needed. If your servers
don't have enough to do, you're wasting capacity and paying for
something that you don't use or need.
 Beyond the costs of the hardware itself, be sure to factor in how equipped
you are to respond readily to server needs. When email or other critical
business applications go down, someone needs to be available to
diagnose and fix the problem. It's wonderful to have a wealth of options.
Just be aware of the price tag and capabilities that come with each
option.

Online Promotion tools & techniques

Online Promotional Tools
• Feedback Forms
• Bookmarking Content
• Daily Give-Away,
• Coupon
• Contests Surveys
• Awards/Testimonials
• Online Chat
• Tours
 Feedback Forms - What better way to find out what people think of your
company than to solicit their opinion. Using customer feedback you can
improve your site and provide better service to your customers. Using
feedback forms also shows your customers that you are interested in
what they have to say, and provides an opportunity to build relationships
with them. For instance, you may send out an email thanking a particular
customer for bringing an issue to your attention and follow-up with a
coupon to show your appreciation. The disadvantage with a feedback
form is the type of information people provide or the questions they may
ask. If customers cannot find answers on your site, they may resort to
using the feedback form. To receive targeted feedback, it is useful to
develop an online form for customers to complete that leads them
through the feedback process.

109
 Content - Content is a strong driver for encouraging repeat visits by
customers, particularly when it is fresh, timely, and gives customers a
reason to visit regularly. For example, perhaps you have a ‘Tip of the
Day’ or a regular visit by an ‘expert’ well-known in your field of business
who provides online advice. Content that is useful for your visitors and
will enable them to leave with new knowledge will attract them to your
site, and encourage them to check back regularly.
 Daily Give-Away/Coupons/Contests - Sites that offer regular
promotions such as a ‘give-away’, coupons and contests are in a solid
position to capture a regular audience. While the promotion acts as the
driver that attracts customers to visit initially, it provides an opportunity to
showcase new products and services, and deliver important news about
your company. For instance, you may initiate a ‘give-away’ that is a
printer, but also take the opportunity to tell your customers about a
printer sale next week. Your promotional tool has not only lured
customers to your site, but it has also increased the likelihood of getting
a sale. Offering various promotions also enables you to obtain customer
information that you can use in future marketing campaigns.
 Bookmarking - A good way to encourage customers to visit your site is
to ask them to bookmark it. Through bookmarking, they have easy
access to your site and do not have to remember your site’s exact URL
to visit. Bookmarking a site is particularly beneficial for web surfers who
like to follow links. It enables them to go back and take a more in-depth
look at what you have to offer when they need to.
 Surveys - Surveys provide an effective avenue through which to gather
important customer data that will help you to improve your business and
plan for the future. To encourage visitors to complete the survey, you
can provide an incentive such as an opportunity to win a prize.
 Awards/Testimonials - Including awards and testimonials on your site
will provide credibility to your business. They will also provide a
foundation for you to build rapport and trust with your customers, who
will be more willing to visit a site they can trust.
 Online Chat - Online chat mechanisms provide a forum where customers
can come together and share their experiences with each other and you.
This interactive tool allows you direct access to customer opinions where
you can gauge trends and determine their views on the industry.
 Tours - Online tours provide you with an opportunity to showcase
particular products and services, and highlight their key benefits. For
instance, you may have a CRM product that you would like to promote.
What better way to show how it works than to provide a tour of the
product - making what could be a potentially complex product look
simple and easy to use.
Online and Offline Promotional Techniques

110
 Article Submissions
 Newsletters Press Releases
 Banner
 Advertising
 Sponsorships Link Strategies
 News Groups
 Email
 Marketing
 Search Engine Optimization
 Affiliate Marketing
 Web Site Promotion Services
 Collateral Material
 Trade Shows /Launch Events
 Banner Advertising - If you want to increase your company’s brand
awareness, implementing a banner ad campaign is an effective
advertising method. Banner ads are an effective direct marketing tool
that can increase site traffic if they are creative and include a call-to-
action. Advertise on sites that your customers would visit, and ensure
you provide the best possible offer you can.
 Link Strategies - Linking strategies provide an effective way for
customers to learn about your company through other sites related to
your subject. The key to developing an effective link program is to
identify sites that are not direct competitors but have a similar target
market as you. It is also necessary to find a balance between the
amount of traffic that exits your site through a link and the number of
people who visit your site through a link on another site. Building links
from other sites to your site also increases your site’s relevancy to
search engines.

E-Commerce Notes
Unit-1
Lecture-10
Web Traffic Analysis
• Web analytics is the measurement, collection, analysis and reporting
of internet data for purposes of understanding and optimizing web
usage.

111
• Web analytics is not just a tool for measuring web traffic but can be used
as a tool for business and market research, and to assess and improve
the effectiveness of a web site.
• Web analytics applications can also help companies measure the results
of traditional print or broadcast advertising campaigns. It helps one to
estimate how traffic to a website changes after the launch of a new
advertising campaign. Web analytics provides information about the
number of visitors to a website and the number of page views. It helps
gauge traffic and popularity trends which is useful for market research.
There are two categories of web analytics; off-site and on-site web
analytics
 Off-site web analytics: refers to web measurement and analysis
regardless of whether you own or maintain a website. It includes the
measurement of a website's potential audience (opportunity), share of
voice (visibility), and buzz (comments) that is happening on the Internet
as a whole.
 On-site web analytics: measure a visitor's behavior once on your
website. This includes its drivers and conversions; for example, the
degree to which differentlanding pages are associated with online
purchases. On-site web analytics measures the performance of your
website in a commercial context. This data is typically compared
against key performance indicators for performance, and used to
improve a web site or marketing campaign's audience
response.Google Analytics is the most widely-used on-site web analytics
service; although new tools are emerging that provide additional layers
of information, includingheat maps and session replay.
Web server logfile analysis:
Web servers record some of their transactions in a logfile. It was soon
realized that these logfiles could be read by a program to provide data
on the popularity of the website. Thus arose web log analysis software.
Two units of measure were introduced in the mid-1990s to gauge more
accurately the amount of human activity on web servers. These
were page views and visits(or sessions). A page view was defined as a
request made to the web server for a page, as opposed to a graphic,
while a visit was defined as a sequence of requests from a uniquely
identified client that expired after a certain amount of inactivity, usually
30 minutes. The page views and visits are still commonly displayed
metrics, but are now considered rather rudimentary.
The emergence of search engine spiders and robots in the late 1990s,
along with web proxies and dynamically assigned IP addresses for large
companies and ISPs, made it more difficult to identify unique human
visitors to a website. Log analyzers responded by tracking visits by
cookies, and by ignoring requests from known spiders.

112
 Security of transactions on Web
Secure online transaction models
• -The simplest method of doing direct business online on Internet is to set
up a secure world wide web server then create content pages and
program forms to take orders.
Secure web server:
A secure web server must by definition support some type of security
protocol. The two most important are secure hypertext transfer protocol
(S-HTTP) and secure sockets layer (SSL), which was initially developed
by Netscape and offered to the Internet community as a proposed
standard in 1995. However, one of their primary advantages is their
relative unobtrusiveness to the consumer using an SSL or S-HTTP
enabled browser.
Secure server purchasing
• The consumer browses through graphical and textual descriptions of the
merchants' products selects a purchase and usually clicks on a button
that says "buy now" to make a purchase. If consumer is using a secure
browser supported by secure server, that button will produce a form on
consumer's screen which the consumer must complete. Delivery and
payment information has been provided the product will be delivered. If
the customer is using a browser that is not secure or that uses a protocol
not supported by the server, then some other method must be employed
to consummate the transaction. Delivery information represents name,
address, delivery address, email address and any other information
necessary to deliver the product.
If product is a physical item, then a physical destination, preferred
shipper and telephone number may be necessary. If product is a digital
item, then it may be transmitted directly to consumer via the browser by
e-mail or through some other application such as file transfer.
Secure server selling
First the merchant needs to publish product offerings on Internet with
secure server. Servers are available that support SSL, S-HTTP and
both. Because the Internet is an open network based strictly on proper
and widespread implementation of standards, it doesn't make sense for
merchants to limit their potential customers by using only one standard.
• The merchant must go beyond merely setting up the server. As with mail
orders there must be a mechanism for processing the information
contained on an order form. Most often the merchant will use interfaces
of some type to automate transactions. Companies selling physical
products over Internet use email confirmations and shipping notices to
keep customers up to date on status of orders and all merchants can
use network applications to notify their internal organization of orders.
Digital Certificates
113
• A digital certificate is a digital form of identification, much like a passport
or driver's license. A digital certificate is a digital credential that provides
information about the identity of an entity as well as other supporting
information. A digital certificate is issued by an authority, referred to as a
certification authority (CA). Because a digital certificate is issued by a
certification authority, that authority guarantees the validity of the
information in the certificate. Also, a digital certificate is valid for only a
specific period of time.
• Digital certificates provide support for public key cryptography because
digital certificates contain the public key of the entity identified in the
certificate. Because the certificate matches a public key to a particular
individual, and that certificate's authenticity is guaranteed by the issuer,
the digital certificate provides a solution to the problem of how to find a
user's public key and know that it is valid.
• These problems are solved by a user obtaining another user's public key
from the digital certificate. The user knows it is valid because a trusted
certification authority has issued the certificate.
• In addition, digital certificates rely on public key cryptography for their
own authentication. When a digital certificate is issued, the issuing
certification authority signs the certificate with its own private key. To
validate the authenticity of a digital certificate, a user can obtain that
certification authority's public key and use it against the certificate to
determine if it was signed by the certification authority.
International standards
• The S/MIME standard specifies that digital certificates used for S/MIME
conform to the International Telecommunications Union (ITU) X.509
standard. S/MIME version 3 specifically requires that digital certificates
conform to version 3 of X.509. Because S/MIME relies on an
established, recognized standard for the structure of digital certificates,
the S/MIME standard builds on that standard's growth and thus
increases its acceptance.
• The X.509 standard specifies that digital certificates contain standardized
information. Specifically, X.509 version 3 certificates contain the
following fields:
 Version number The version of the X.509 standard to which the
certificate conforms.
 Serial number A number that uniquely identifies the certificate and is
issued by the certification authority.
 Certificate algorithm identifier The names of the specific public key
algorithms that the certification authority has used to sign the digital
certificate.
 Issuer name The identity of the certification authority who actually
issued the certificate.
114
 Validity period The period of time for which a digital certificate is valid.
 Subject name The name of the owner of the digital certificate.
 Subject public key information The public key that is associated with
the owner of the digital certificate and the specific public key algorithms
associated with the public key s valid and contains both a start date and
an expiration date.
 Issuer unique identifier Information that can be used to uniquely
identify the issuer of the digital certificate.
 Subject unique identifier Information that can be used to uniquely
identify the owner of the digital certificate.
 Extensions Additional information that is related to the use and
handling of the certificate.
 Certification authority's digital signature The actual digital signature
made with the certification authority's private key using the algorithm
specified in the certificate algorithm identifier field.

115