Bachelor of Commerce

in Information and Technology

Management
(Year 2)

INFORMATICS 2B

Module Guide

Copyright© 2022
MANCOSA
All rights reserved, no part of this book may be reproduced in any form or by any means, including photocopying machines,
without the written permission of the publisher. Please report all errors and omissions to the following email address:
[email protected]
 Bachelor of Commerce
in Information and Technology Management
(Year 2)
INFORMATICS 2B

Preface.................................................................................................................................................................... 1

Unit 1: The Second Wave of Global E-Commerce .................................................................................................. 9

Unit 2: E-Business Technology Basics ................................................................................................................. 23

Unit 3: Electronic Mail (E-Mail) .............................................................................................................................. 34

Unit 4: E-Business Revenue Models ..................................................................................................................... 43

Unit 5: Selling to Businesses and Consumers Online ........................................................................................... 54

Unit 6: Social networks.......................................................................................................................................... 68

Unit 7: Online Payment Systems .......................................................................................................................... 82

Unit 8: Online Security .......................................................................................................................................... 96

Unit 9: Designing a Web Page using HTML ........................................................................................................ 114

Unit 10: Designing a three-tier web application .................................................................................................. 131

Unit 11: E-Business Law ..................................................................................................................................... 144

Appendices ......................................................................................................................................................... 157

i
 Informatics 2B

Preface
A. Welcome
Dear Student
It is a great pleasure to welcome you to Informatics 2B (INF2B6). To make sure that you share our passion about
this area of study, we encourage you to read this overview thoroughly. Refer to it as often as you need to since it
will certainly be making studying this module a lot easier. The intention of this module is to develop both your
confidence and proficiency in this module.

The field of Informatics is extremely dynamic and challenging. The learning content, activities and self- study
questions contained in this guide will therefore provide you with opportunities to explore the latest developments
in this field and help you to discover the field of Informatics as it is practiced today.

This is a distance-learning module. Since you do not have a tutor standing next to you while you study, you need
to apply self-discipline. You will have the opportunity to collaborate with each other via social media tools. Your
study skills will include self-direction and responsibility. However, you will gain a lot from the experience! These
study skills will contribute to your life skills, which will help you to succeed in all areas of life.

About the Informatics 2B module

Welcome to the MANCOSA Informatics 2B module.
The fast pace at which the technology and the internet are progressing is creating all sorts of opportunities for
business. Since almost the first days of the internet, some people have recognized the potential for doing business
over the internet. Companies like Amazon.com, established in the late 1990’s were early participants in this arena,
and have become global giants in the field of e-commerce.

Today, the internet has proven to be an extremely powerful medium for conducting business than ever before, with
e-business revenue running into hundreds of billions of dollars globally. As a result, more and more traditionally
offline businesses, seeing the success of their online counterparts, are moving into the sphere e-commerce.

As with the internet itself, e-commerce does present many challenges to businesses and customers alike. In a
traditional business transaction, a user walks into a store, views a product, possibly tests it and, if he likes it, pays
at the cashier and takes the product home. As you can imagine, none of these can be done over the internet. As
a result, businesses had to find ways to compensate for this shortcoming.

Unfortunately, the internet, like the real world, is not free from criminals. Just as in the real world criminals devise
more and more complex schemes to steal money from businesses and individuals, so too on the internet criminals
devise many complex and imaginative schemes to cheat people out of their money.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 1

Informatics 2B

There is also the threat of malicious software like Trojans and viruses, and the ever-present threat of hackers.
These and other threats present major challenges for anyone using the internet, but particularly for online
businesses.

In this module you will learn about e-commerce, its opportunities and its threats. You will learn about the challenges
facing e-commerce, and how many businesses around the world are addressing these challenges. You will also
be introduced to the technology – the hardware and software – that forms the backbone of e-commerce.

The module also goes in-depth into online security issues, as well as professional and ethical issues relating to
Information Technology in general, and to e-commerce specifically.

We hope you enjoy the module.

MANCOSA does not own or purport to own, unless explicitly stated otherwise, any intellectual property rights in or
to multimedia used or provided in this module guide. Such multimedia is copyrighted by the respective creators
thereto and used by MANCOSA for educational purposes only. Should you wish to use copyrighted material from
this guide for purposes of your own that extend beyond fair dealing/use, you must obtain permission from the
copyright owner.

B. Module Overview
The module is a 15 credit module at NQF level 6.
The purpose of this module:
To ensure that a learner will have knowledge on the architecture and functioning of the Internet; will be able to
explain how the Internet can be used in applications such as the WWW, e-commerce and e-mail and explain the
roll of network security in the protection of information. To introduce the learner to ethical and professional issues
with relevance to Information Technology.

About this Study Guide

This study guide comprises of 11 units:

Unit 1: Introduction to E-commerce

In this unit you will be introduced to the concept of ecommerce. You will be given a historical perspective,
as well as a glimpse into the present and future of e-commerce.

Unit 2: E-business technology basics

Global e-business is powered by various hardware and software technologies. In this unit you will be
familiarized with some of these technologies.

2 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit 3: Email technologies

One of the most popular uses of the internet is to send and receive emails. In this unit you will learn how
emails and other web services work.
Unit 4: E-business revenue models

Just like offline business, e-business is powered by revenue. However, e-businesses use a wide range of
revenue models, some of which are used in offline businesses, while others are specific to the online world.
In this unit you will learn about the various revenue models adopted by e-businesses globally.

Unit 5: Online business models: B2B and B2C

In this unit you will learn how businesses do businesses with each-other on the internet, as well as how
businesses do businesses with consumers.

Unit 6: Social media and e-commerce

Undoubtedly, social media networks have changed the way we communicate with each other in
fundamental ways. But social media have had a tremendous impact on another critical field: marketing. In
this unit you will learn about the various social media out there, and how they are being used by online and
offline businesses for marketing and customer relations.

Unit 7: Online payment systems

E-business necessitates the transfer of money from and to different parts of the globe. This is a complex
and risky task, considering the open nature of the internet. In this chapter you will learn about the various
systems which have been put into place to facilitate easy transfer of money across the internet, at the same
time minimizing risk.

Unit 8: Online security

Security is an on-going concern for online business. A lapse in online security could cost a company billions
of dollars, as well as its reputation. In this unit you will be familiarized with the various threats to online
businesses, as well as how these are being eliminated.

Unit 9: Web design: designing a web page using HTML

In this unit you will learn how to create a basic Web site using HTML.

Unit 10: Designing and creating a three-tier web-based application

In this unit you will learn to combine your knowledge of databases form the previous module, with your
knowledge from chapter 9 in order to design and create a basic three-tier, database-driven, web-based
application.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 3

Informatics 2B

Unit 11: Ethical and professional issues concerning Information Technology

In this unit we discuss various ethical and professional issues concerning Information Technology in
general, and e-business in particular.

C. Exit Level Outcomes and Associated Assessment Criteria of the Programme

Exit Level Outcomes (ELOs) Associated Assessment Criteria (AACs)

 The structure of data, information and  Structure of data, information and knowledge is
knowledge in an organisational setting reviewed within an organisational setting to
emphasize data processes

 The application of information and knowledge  Information and knowledge management principles
management principles and theories in a variety and theories are applied in a variety of
of organisational settings organisational settings to eliminate disarray

 The application of information and knowledge  Information and knowledge management principles
management principles in the different is applied in different functional units of an
functional units of an enterprise enterprise to maintain consistency

 The architecture, platforms and configuration of  Architecture, platforms and configuration of systems
systems to generate information and knowledge is examined to generate information and knowledge
for decision making for decision making

 Utilisation of information and knowledge  Information and knowledge management is applied

management as a strategic tool for competitive as a strategic tool for competitive advantage to
advantage promote organisational information and knowledge
management skills

 Analysis, evaluation and representation of  Financial, quantitative and functional information

financial, quantitative and functional information and knowledge is analysed, evaluated and
and knowledge for meaningful interpretation presented for meaningful interpretation to establish
organisational information and knowledge
management needs

 Proposal of business solutions through  Business solutions are proposed utilising

information and knowledge management information and knowledge management
techniques techniques to enhance organisational performance

4 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

D. Learning Outcomes and Associated Assessment Criteria of the Module

LEARNING OUTCOMES OF THE MODULE ASSOCIATED ASSESSMENT CRITERIA OF THE MODULE

 Evaluate the roll of the Internet in  Roll of Internet in applications such as WWW, e-
applications such as the WWW, e- commerce and e-mail is evaluated to demonstrate
commerce and e-mail important use of WWW browser

 Give a critical evaluation of security  Security measures in electronic commerce over the
measures in electronic commerce over Internet is critically evaluated to outline the importance
the Internet of e-commerce security

 To develop a web page in a convenient  Development of a web page in HTML is demonstrated to

language such as HTML demonstrate the HTML language in programming

 Design a simple three-tier client/server
system with a web page as user
interface, an object orientated server
and a relational database for executing
electronic commerce transactions over
a network
 Simple three-tier client/server system with a web page
as a user interface, an object orientated server and a
relational database for executing electronic commerce
transactions over a network is designed to exhibit
client/server design

 Explain ethical and professional issues  Ethical and professional issues concerning Information
concerning Information Technology Technology is reviewed and understood to add value
using IT

E. Learning Outcomes of the Units

You will find the Unit Learning Outcomes and the Associated Assessment Standards on the introductory pages of
each Unit in the Module Guide. The Unit Learning Outcomes and Associated Assessment Standards lists an
overview of the areas you must demonstrate knowledge in and the practical skills you must be able to achieve at
the end of each Unit lesson in the Module Guide.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 5

Informatics 2B

F. Notional Learning Hours

Notional Learning Hour Table for the Programme

Learning time
Types of learning activities
%

Lectures/Workshops (face to face, limited or technologically mediated) 15

Tutorials: individual groups of 30 or less 0

Syndicate groups 0

Practical workplace experience (experiential learning/work-based learning etc.) 0

Independent self-study of standard texts and references (study guides, books, journal 27
articles)

Independent self-study of specially prepared materials (case studies, multi-media, etc.) 40

Other: Online 18

TOTAL 100

G. How to Use this Module

This Module Guide was compiled to help you work through your units and textbook for this module, by breaking
your studies into manageable parts. The Module Guide gives you extra theory and explanations where necessary,
and so enables you to get the most from your module.

The purpose of the Module Guide is to allow you the opportunity to integrate the theoretical concepts from the
prescribed textbook and recommended readings. We suggest that you briefly skim read through the entire guide
to get an overview of its contents. At the beginning of each Unit, you will find a list of Learning Outcomes and
Associated Assessment Criteria. This outlines the main points that you should understand when you have
completed the Unit/s. Do not attempt to read and study everything at once. Each study session should be 90
minutes without a break

This module should be studied using the prescribed and recommended textbooks/readings and the relevant
sections of this Module Guide. You must read about the topic that you intend to study in the appropriate section
before you start reading the textbook in detail. Ensure that you make your own notes as you work through both the
textbook and this module. In the event that you do not have the prescribed and recommended textbooks/readings,
you must make use of any other source that deals with the sections in this module. If you want to do further reading,
and want to obtain publications that were used as source documents when we wrote this guide, you should look
at the reference list and the bibliography at the end of the Module Guide. In addition, at the end of each Unit there
may be link to the PowerPoint presentation and other useful reading.

6 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

H. Study Material
The study material for this module includes tutorial letters, programme handbook, this Module Guide, a list of
prescribed and recommended textbooks/readings which may be supplemented by additional readings.

I. Prescribed and Recommended Textbook/Readings

There is at least one prescribed and recommended textbooks/readings allocated for the module.
The prescribed and recommended readings/textbooks presents a tremendous amount of material in a simple,
easy-to-learn format. You should read ahead during your course. Make a point of it to re-read the learning content
in your module textbook. This will increase your retention of important concepts and skills. You may wish to read
more widely than just the Module Guide and the prescribed and recommended textbooks/readings, the
Bibliography and Reference list provides you with additional reading.

The prescribed and recommended textbooks/readings for this module is:

 Gary Schneider E-Business 10th Edition ISBN: 978-1-133-52684-1

J Special Features
In the Module Guide, you will find the following icons together with a description. These are designed to help you
study. It is imperative that you work through them as they also provide guidelines for examination purposes.

Special Feature Icon Explanation

The Learning Outcomes indicate aspects of the particular Unit you have
LEARNING to master.
OUTCOMES

The Associated Assessment Criteria is the evaluation of the students’

ASSOCIATED
understanding which are aligned to the outcomes. The Associated
ASSESSMENT
Assessment Criteria sets the standard for the successful demonstration
CRITERIA
of the understanding of a concept or skill.

A Think Point asks you to stop and think about an issue. Sometimes you

THINK POINT are asked to apply a concept to your own experience or to think of an
example.

You may come across Activities that ask you to carry out specific tasks.
In most cases, there are no right or wrong answers to these activities.
ACTIVITY
The purpose of the activities is to give you an opportunity to apply what
you have learned.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 7

Informatics 2B

At this point, you should read the references supplied. If you are unable

READINGS to acquire the suggested readings, then you are welcome to consult any
current source that deals with the subject.

PRACTICAL Practical Application or Examples will be discussed to enhance

APPLICATION understanding of this module.

OR EXAMPLES

KNOWLEDGE You may come across Knowledge Check Questions at the end of each
CHECK Unit in the form of Knowledge Check Questions (KCQ’s) that will test
QUESTIONS your knowledge. You should refer to the Module Guide or your
textbook(s) for the answers.

You may come across Revision Questions that test your understanding
REVISION
of what you have learned so far. These may be attempted with the aid
QUESTIONS
of your textbooks, journal articles and Module Guide.

Case Studies are included in different sections in this Module Guide.

CASE STUDY This activity provides students with the opportunity to apply theory to
practice.

You may come across links to Videos Activities as well as instructions

VIDEO ACTIVITY on activities to attend to after watching the video.

8 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit
1: The Second Wave of
Global E-Commerce

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 9

Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

1.1 Introduction  Introduce topic areas for the unit

1.2 Electronic Commerce: Into the Third  Understand the early search engines
Wave

1.3 Electronic Commerce and Electronic  Understand the benefits of Electronic commerce
Business

1.4 Categories of Electronic Commerce  Be knowledgeable on the difference between B2C and B2B

1.5 The Development and Growth of  Understand the development and growth of electronic
Electronic Commerce commerce

1.6 Electronic Funds Transfers (EFTs)  Be knowledgeable on EFTs

1.7 The second wave of electronic  Display knowledge on the characteristics of electronic
commerce commerce

1.8 The Third Wave begins  Be knowledgeable on third wave begins

1.9 Business models, Revenue models,  Understand the concepts, activity, transaction and
and Business processes telecommuting

1.10 Summary  Summarise topic areas covered in unit

Prescribed Textbook:
Below is the prescribed reading for specific to this unit;
Gary Schneider E-Business 10th Edition ISBN: 978-1-133-52684-1

10 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

1.1 Introduction
In the late1900s electronic commerce was still emerging as a new way to do business; at that time, most companies
were doing very little buying or selling online. Amazon.com and eBay were established online footholds. Altavista,
HotBot and Lycos and Yahoo! dominated the business of providing search tools for finding information online.

Search engines of the late 1990s provided results based on the number of times a search term appeared on Web
pages. Pages that included the greatest number of occurrences of a user's search term would be more highly
ranked and would thus appear near the top of the search results list. By 1998 two Stanford university students,
had been working on a search engine research project for two years. They developed search algorithms based on
the number of links a particular web page had to and from other highly relevant pages. In 1998, they started a
company called Google.

Google provided users with more relevant results than other search engines and Internet users thus flocked to
Google, which became one of the most popular sites on the Internet. The site’s popularity allowed Google to charge
increasingly higher rates for advertising space on its web pages. Today Google is one of the most successful online
companies in the world.

1.2 Electronic Commerce: Into the Third Wave

Electronic commerce has an interesting history. From humble beginnings in the mid-1900s, electronic commerce
grew rapidly until 2000, when a major downturn occurred. Beginning in 2003, electronic commerce began to show
signs of new life. Companies that had survived the downturn were not only seeing growth in sales again, but many
of them were showing profits. Thus, electronic commerce became a part of the total economy.

The technologies that underlie the future expansion of electronic commerce continued to be developed. Today’s
handheld and mobile devices offer the potential for a third wave in the evolution of online business. In this section
we will look at electronic commerce and its evolution from the first wave into the second wave and we will outline
the prospects for movement into a third wave of development.

1.3 Electronic Commerce and Electronic Business

To many people, the term “electronic commerce” means shopping on the part of the Internet called the World Wide
Web. Electronic business (or e-business), on the other hand, also includes other activities, such as business
trading with other businesses and internal processes that companies use to support their buying, selling, hiring,
planning, and other activities. In this book, the term electronic commerce is used in its broadest sense and includes
all business activities that use Internet technologies. Internet technologies include the Internet, the World Wide
Web and other technologies such as wireless transmissions on mobile telephone networks.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 11

Informatics 2B

1.4 Categories of Electronic Commerce

Categorizing electronic commerce by the types of entities participating in the transaction or business processes is
a useful and commonly accepted way to define online business. The three categories that are most commonly
used are:

 Consumers shopping on the Web, often called business-to-consumer (B2C).

 Transactions conducted between businesses on the Web, often called business-to-business (B2B).

 Transactions and business processes in which companies, governments, and other organizations use
Internet technologies to support selling and purchasing activities.

A company might participate in activities that fall under multiple e-commerce categories. Businesses often have
entire departments devoted to negotiating purchase transactions with their suppliers. These departments are called
supply management or procurement. Thus, B2B electronic commerce is often referred to as e-procurement.

Manufacturing processes can be controlled using Internet technologies within the business. All of these
communication, control, and transaction-related activities have become an important part of electronic commerce.
Some people include these activities in the B2B category.

Some e-commerce terminologies

An activity is a task performed by a worker in the course of doing his/her job.

A transaction is an exchange of value, such as a purchase or a sale. All transactions involve at

least one or more activities. Not all activities result in measurable transactions. Thus, a transaction
always has one or more activities associated with it, but an activity might not be related to a
transaction.

The group of logical, related, and sequential activities and transactions in which businesses engage
are collectively referred to as business processes. Transferring funds, placing orders and shipping
goods to a customer are all types of activities or transactions.

Telecommuting or telework is a term used to describe a situation where employee works from
home via the internet. The employee logs in to the company network through the Internet instead of
travelling to an office.

The following diagram shows the three main categories of electronic commerce. The size of each oval is an
approximate estimation of the sizes of these elements in the real world in terms of dollar volume and number of
transactions. As you can see, B2B electronic commerce is much greater than B2C electronic commerce.

12 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Some researchers define a fourth category of electronic commerce, called consumer-to-consumer (C2C), which
includes individuals who buy and sell items among themselves. In this book, C2C sales are included in the B2C
category because the person selling the item acts much as a business would for purposes of the transaction.
Some researchers also define a category of electronic commerce called business-to-government (or B2G).

1.5 The Development and Growth of Electronic Commerce

Over the thousands of years that people have engaged in commerce with one another they have adopted the tools
and technologies that became available. The Internet has changed the way people buy, sell, hire and organize
business activities in more ways and more rapidly than any other technology in the history of business.

1.6 Electronic Funds Transfers (EFTs)

Although the Web has made online shopping possible for many businesses and individuals, in a broader sense,
electronic commerce has existed for many years. For more than 40 years, banks have been using electronic funds
transfers (EFTs, also called wire transfers), which are electronic transmissions of account exchange information
over private communications' networks.

Electronic Data Interchange (EDI)

Businesses have also been engaging in a type of electronic commerce, known as electronic data interchange.
Electronic data interchange occurs when one business transmits computer-readable data in a standard format to
another business. By creating a set of standard formats for transmitting the information electronically, businesses
were able to reduce errors, avoid printing and mailing costs, and eliminate the need to re-enter the data.

Businesses that engage in EDI with each other are called trading partners. The standard formats used in EDI
contain the same information that businesses have always included in their standard paper invoices, purchase
orders and shipping documents.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 13

Informatics 2B

One problem that EDI pioneers faced was the high cost of implementation. Doing EDI meant buying expensive
computer hardware and software and then either establishing direct network connections to all trading partners or
subscribing to a value-added network. A value-added network (VAN) is an independent firm that offers connection
and transaction-forwarding services to buyers and sellers engaged in EDI.

The Dot-Com boom, bust and rebirth

Between 1997 and 2000, more than 12 000 Internet-related businesses were started with more than 100 billion
dollars of investors’ money. More than 5,000 of these lnternet start-up firms went out of business or were acquired
in the downturn that began in 2000. The media coverage of the "dot-com bust" was extensive.

Despite the many news stories that appeared between 2000 and 2002 proclaiming the death of electronic
commerce, the growth in online B2C sales actually had continued through that period, although at a slower pace
than during the boom years of the late 1900’s. Thus, the “bust” was really more of a slowdown than a collapse.

The 2008-2009 global recession devastated many traditional retailers, particularly in the United States and Europe.
Around the globe, online sales overall continued to grow during that period. In fact, online retail sales in China
exceeded those in the United States for the first time in 2010.

In addition to the growth in the B2C sector, B2B sales online have been increasing steadily for almost two decades.
The dollar total of B2B online sales has been far greater than B2C sales because B2B incorporates EDI, a
technology that accounted for more than $400 billion per year in transactions in 1995, when Internet-based
electronic commerce was just beginning.

1.7 The second wave of electronic commerce

Researchers agree that the second wave of electronic commerce is well under way. This section outlines the
defining characteristics of the first wave of electronic commerce and describes how the second wave is different.
Later you will learn about the third wave that is taking shape.
1. The first wave of electronic commerce was predominantly a U.S. phenomenon. Web pages were primarily
in English, especially on commerce sites. The second wave is characterized by its international scope,
with sellers doing business in many countries and in many languages. Two impediments to the efficient
conduct of global business in the second wave have been:
 Language translation
 Currency conversion
In the second wave, these challenges have been largely overcome via internationalization.

14 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

2. In the first wave, investors were excited about electronic commerce and wanted to participate, no matter
how much it cost or how weak the underlying ideas were. In the second wave, established companies are
using their own internal funds to finance gradual expansion of electronic commerce opportunities. These
measured and carefully considered investments are helping electronic commerce grow more steadily,
though more slowly.

3. The Internet technologies used in the first wave, especially in B2C commerce, were slow and expensive.
Most consumers connected to the Internet using dial-up modems. The increase in broadband connections
in homes is a key element in the B2C component of the second wave.

4. Electronic mail (or e-mail) was used in the first wave as a tool for relatively unstructured communication.
In the second wave, both B2C and B2B sellers began using e-mail as an integral part of their marketing
and customer contact strategies.

5. Online advertising was the main intended revenue source of many failed dot-com businesses in the first
wave. After a two-year dip in online advertising activity and revenues, companies began the second wave
with a renewed interest in making the Internet work as an effective advertising medium.

6. The sale of digital products was fraught with difficulties during the first wave of electronic commerce
because digital piracy was rampant. The second wave is fulfilling the promise of available technology by
supporting the legal distribution of digital products.

7. Web 2.0 is another group of technologies that has emerged to make new businesses possible on the
Web. Web 2.0 includes software that allows users of Web sites to participate in the creation, editing and
distribution of content on a Web site owned and operated by a third party.

8. In the first wave of electronic commerce, companies believed that being the first Web site to offer a product
or service would give them an opportunity to be successful. This strategy is called the first-mover
advantage. However, being first didn’t always lead to success.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 15

Informatics 2B

The following table summarizes the differences between the first wave and the second wave of e-commerce.

E-commerce Characteristic First Wave Second Wave

International character of Dominated by U.S companies Global enterprises in many countries

electronic commerce participating in electronic commerce

Languages Most electronic commerce Many electronic commerce web sites

Web sites in English available in multiple languages

Funding Many new companies started Established companies funding electronic

with outside investor money commerce initiatives with their own capital

Connection technologies Many electronic commerce Rapidly increasing use of broadband

participants used slow internet technologies for internet connections
connections

E-mail contact with customers Unstructured e-mail Customized e-mail strategies now integral
communications with to customer contact
customers

Advertising and electronic Reliance on simple forms of Use of multiple sophisticated advertising
commerce integration online advertising as main approaches and better integration of
revenue source electronic commerce with existing
business processes and strategies

Distribution of digital products Widespread privacy due to New approaches to the sale and
ineffective distribution of digital distribution of digital products
products

First-mover advantage Rely on first-mover advantage Realize that first-mover advantage leads
to ensure success in all types to success only for some companies in
of markets and industries certain specific markets and industries

1.8 The Third Wave begins

Since about 2001, industry analysts have been predicting the emergence of mobile telephone-based commerce
(often called mobile commerce or m-commerce) every year. Mobile commerce is finally taking off with the
increasingly widespread use of mobile phones that allow Internet access and smart phones. Smart phones are
mobile phones that include a Web browser, a full keyboard, and an identifiable operating system that allows users
to run various software packages. These phones are available with usage plans that include very high or even
unlimited data transfers at a fixed monthly rate.

16 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Another technological development was the introduction of tablet computers. These handheld devices are larger
than a smart phone but smaller than a laptop computer. Most tablet computers (and smart phones) can connect
to the Internet through a wireless phone service carrier or a local wireless network. This flexibility is important,
especially if the wireless data plan restricts the amount of data that can be downloaded. The availability of these
devices and the low cost of Internet connectivity have made mobile ecommerce possible on a large scale for the
first time.

One of the most important changes brought about by fully operational handheld devices is that the Internet
becomes truly available everywhere. This constant availability can change buyer behavior in many ways and it
provided new opportunities for online businesses.

In the first two waves, Internet technologies were integrated into B2B transactions and internal business processes
by using bar codes and scanners to track parts, assemblies, inventories, and production status. These tracking
technologies were not well integrated. In the third wave, Radio Frequency Identification (RFID) devices and smart
cards are being combined with biometric technologies, such as fingerprint readers and retina scanners to control
more items and people in a wider variety of situations. These technologies are increasingly integrated with each
other and with communication systems that allow companies to communicate with each other and share
transaction, inventory level, and customer demand information effectively.

The Web 2.0 technologies that enabled the growth in e-commerce in the second wave will play a major role in the
third wave. Social commerce is the use of interpersonal connections online to promote or sell goods and services.
Because a handheld device connected to the Internet can put a user online virtually all the time, social interactions
can be used to advertise, promote, or suggest specific products or services.

Large businesses - both existing businesses and new businesses that had obtained large amounts of capital early
on - dominated the first wave. The second wave saw a major increase in the participation of small businesses
(those with fewer than 200 employees) in the online economy.

Not all of the future of electronic commerce is based on second and third wave developments. Some of the most
successful first-wave companies, such as Amazon.com, eBay, and Yahoo!, continue to grow by offering
increasingly innovative products and services. The third wave of electronic commerce will provide new
opportunities for these businesses, too.

1.9 Business models, Revenue models, and Business processes

A business model is a set of processes that combine to achieve a company's primary goal, which is typically to
yield a profit. In the wake of the dot-com debacle that ended the first wave of electronic commerce, many business
researchers analysed the effectiveness of the "copy a successful business model" approach and began to question

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 17

Informatics 2B

the advisability of focusing great attention on a company's business model. Today, most companies realize that
copying or adapting someone else's business model is neither an easy nor wise road map to success.
Companies and investors do use the idea of a revenue model, which is a specific collection of business processes
used to identify customers, market to those customers, and generate sales to those customers. The revenue model
idea is helpful for classifying revenue-generating activities for communication and analysis purposes.

Focus on specific business processes

In addition to the revenue model grouping of business processes, companies think of the rest of their operations
as specific business processes. Those processes include purchasing raw materials or goods for resale, converting
materials and labour into finished goods, managing transportation and logistics, hiring and training employees,
managing the finances of the business, and many other activities. An important function of this module is to help
you learn how to identify those business processes that firms can accomplish more effectively by using electronic
commerce technologies.

Role of merchandising
Retail merchants have years of traditional commerce experience in creating store environments that help to
convince customers to buy. This combination of store design, layout, and product display knowledge is called
merchandising. In addition, many sales people have developed skills that allow them to identify customer needs
and find products or services that meet those needs. Companies must be able to transfer their merchandising skills
to the Web for their Web sites to be successful.

Product/process suitability to electronic commerce

Products, such as books or CDs, are good candidates for electronic commerce because customers do not need
to experience the physical characteristics of the particular item before they buy it. The advantages of electronic
commerce, including the ability of one site to offer a wider selection of titles than even the largest physical
bookstore, can outweigh the disadvantages of a traditional bookstore-for example, the customer's ability to browse
the pages of the books.

One business process that is especially well-suited to electronic commerce is the selling of commodity items. A
commodity item is a product or service that is hard to distinguish from the same products or services provided by
other sellers; its features have become standardized and well known.

1.10 Summary
 Google, started in 1998, provided users with more relevant search results than other search engines.
 Electronic commerce became a part of the total economy by 2003.

18 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

 Electronic commerce (E-Commerce) means shopping on the Web. This also includes other activities such
as business trading with other businesses and internal processes that companies use to support their
buying, selling, hiring, planning, and other activities.
 With wireless transmissions on mobile telephone networks, the World Wide Web has increased use.
 Business-to-consumer (B2C) describes consumers shopping over the Web.
 Business-to-business (B2B) describes one business conducting a transaction with another business on
the Web.
 B2B electronic commerce is often referred to as e-procurement.
 The three main categories of electronic commerce are (1) business processes that support selling and
purchasing activities, (2) B2C e-commerce, and (3) B2B e-commerce.
 A fourth category of electronic commerce is called consumer-to-consumer (C2C) where individuals are
buying and selling amongst themselves.
 Electronic Funds Transfers (EFTs) is the transferring of funds electronically over private communications
networks.
 Electronic Data Interchange (EDI) is a type of electronic commerce where one business transmits
computer-readable data in a standard format to another business.
 A Value-Added network (VAN) is an independent firm that offers connection and transaction-forwarding
services to buyers and sellers engaged in EDI.
 B2B online sales have been greater than B2C sales because B2B incorporated EDI technology.
 Electronic mail (e-mail) was used in the first wave of electronic commerce for unstructured
communication, and B2C and B2B sellers began using e-mail in the second wave as an integral part of
their marketing and customer contact strategies.
 Mobile commerce (m-commerce) is the emergence of mobile telephone-based commerce.
 A business model is a set of processes that combine to achieve a company’s primary goal of yield a profit.

1.11 Review questions

1. In what way did Google differ from the early search engines?
2. What is the difference between B2C and B2B e-commerce? Provide a real-world example of each.
3. What are main benefits of EDI (Electronic Data Interchange)?
4. List five characteristics of electronic commerce, and explain how the first and second waves of e-commerce
differed in the ways that they adopted them.
5. Define the following terms:
a. Activity
b. Transaction
c. Telecommuting

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 19

Informatics 2B

1.12 Answers to Revision Questions and Activities

1. Other search engines provided results based on the number of times a search term appeared on Web pages.
Google’s search engine provided results based on the number of links a particular web page had to and from
other highly relevant pages. In 1998, they started a company called Google.
2. B2C e-commerce refers to the situation where a business sells products or services to consumers. An example
of this is Amazon.com selling books to people.B2B e-commerce refers to businesses do dealings with other
businesses over the internet. An example of this is a retail outlet placing an order for goods via the wholesalers
site, such as Makro.
3. EDI provides a set of standard formats for transmitting information electronically, thereby reducing errors,
avoiding printing and mailing costs, and eliminating the need to re-enter the data.
4. The table follows:

20 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2


E-commerce Characteristic
International character of
electronic commerce
Languages
Funding
Connection technologies
E-mail contact with customers
Advertising and electronic
commerce integration
Distribution of digital products
First-mover advantage
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
First Wave
Dominated by U.S companies
Most electronic commerce Web
sites in English
Many new companies started with
outside investor money
Many electronic commerce
participants used slow internet
connections
Unstructured e-mail
communications with customers
Reliance on simple forms of online
advertising as main revenue
source
Widespread privacy due to
ineffective distribution of digital
products
Rely on first-mover advantage to
ensure success in all types of
markets and industries
Informatics 2B
Second Wave
Global enterprises in many
countries participating in electronic
commerce
Many electronic commerce web
sites available in multiple
languages
Established companies funding
electronic commerce initiatives
with their own capital
Rapidly increasing use of
broadband technologies for
internet connections
Customized e-mail strategies now
integral to customer contact
Use of multiple sophisticated
advertising approaches and better
integration of electronic commerce
with existing business processes
and strategies
New approaches to the sale and
distribution of digital products
Realize that first-mover advantage
leads to success only for some
companies in certain specific
markets and industries
21
Informatics 2B

5. a. An activity is a task performed by a worker in the course of doing his/her job.

b. A transaction is an exchange of value, such as a purchase or a sale. All transactions involve at least one
or more activities. Not all activities result in measurable transactions. Thus, a transaction always has one or
more activities associated with it, but an activity might not be related to a transaction.

c. Telecommuting or telework is a term used to describe a situation where employee works from home via
the internet. The employee logs in to the company network through the Internet instead of travelling to an office.

22 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit
2: E-Business Technology
Basics

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 23

Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

2.1 Introduction  Introduce topic areas for the unit

2.2 Internet  Understand the advantages of the latest technology devices

2.3 Types of networks and network  Differentiate between packet switching and circuit switching
technologies
 Understand the purpose of routers

 Differentiate between a public network and a private network

 Understand the concept encapsulation

2.4 The World Wide Web (WWW)  Display knowledge on a Web browser and its purpose

2.5 Markup  Understand the use of SGML

2.6 Web 2.0  Differentiate between XML and HTML.

 Be knowledgeable on the purpose of Web 2.0.

2.7 Summary  Summarise topic areas covered in unit

24 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

2.1 Introduction
Access to the Internet today has grown from merely using a computer to a vast variety of Internet-capable mobile
devices such as phones and tablets. Internet-capable mobile phones are not always easy to use with the small
screen size and browsing limitations. Internet-capable tablets are more of a convenient and affordable tool.

2.2 Internet
A computer network is any technology that allows people to connect computers to each other. An internet (small
“i”) is a group of computer networks that have been interconnected. One such internet is called the Internet (capital
“i”), and uses a specific set of rules and connects networks all over the world to each other. The part of the Internet
known as the World Wide Web, or simply the Web, is a subset of the computers on the Internet that are connected
to one another in a specific way that makes them and their contents easily accessible to each other.

The Internet came about when the US Department of Defence examined ways to connect computers to each other
and to connect them to their weapons installations distributed all over the world. The computer networks that
existed at that time used leased telephone company lines for their connections. The powerful computers of that
time were large mainframe computers. These telephone company systems established a single connection
between sender and receiver for each telephone call; this connection carried all data along a single path. When
wanting to connect computers at two different locations, the company placed a telephone call to establish the
connection and then connected one computer to each end of that single connection.

The Internet is a global (worldwide) system of interconnected computer networks that use standard internet
protocol suite (often referred to as TCP/IP (Transmission Control Protocol/Internet Protocol) that governs how data
moves through the Internet and how network connections are established and terminated). It is a network of
networks consisting of private, public and other networks that are linked by a broad array of electronic, wireless,
and optical networking technologies. Amongst the extensive range of information resources and services,
infrastructure to support email is one of the Internet’s most used services.

Email was born in 1972, and this method of communication became widely used very quickly. A mailing list is an
email address that forwards any message it receives to any user who has subscribed to the list. Usenet (User’s
News Network) allows anyone who connects to the network to read and post articles on a variety of subjects.
Usenet survives on the Internet today, with more than 1000 different topic areas that are called newsgroups.
Independent networks such as Bitnet which were developed by academics worldwide and researchers in specific
countries other than the US, merged into what we now call the Internet.

As personal computers became more powerful, affordable and available, companies increasingly used them to
construct their own internal networks. These networks included email software that employees could use to send
messages to each other, to communicate with people outside their corporate networks.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 25

Informatics 2B

The need for the Internet grew as more companies opened more NAPs (Network Access Points) in more locations
to sell Internet access rights directly to larger customers and indirectly to smaller firms and individuals through
other companies, called ISPs (Internet Service Providers). Today, there are many types of networks.

2.3 Types of networks and network technologies

Local Area Networks (LAN) are networks of computers that are located close together, such as in the same
building. Wide Area Networks (WAN) are networks of computers that are connected over greater distances.

The combination of telephone lines and the closed switches that connect them to each other is called a circuit.
This circuit forms a single electrical path between caller and receiver. This single path of connected circuits
switched into each other is maintained for the entire length of the call. This type of centrally controlled, single-
connection model is known as circuit switching.

Circuit switching works well for telephone calls, but not for sending data across a large WAN or an interconnected
network like the Internet. The Internet was designed to be resistant to failure. In a circuit-switched network, a failure
in any one of the connected circuits causes the connection to be interrupted and data to be lost. Instead, the
Internet uses a technology called packet switching to move data between two points.

In a packet-switched network, files and email messages are broken down into small pieces called packets that
are labelled electronically with their origins, sequences, and destination addresses. Packets travel from computer
to computer along the interconnected networks until they reach their destinations. Each packet can take a different
path through the interconnected networks, and the packets may arrive out of order. The destination computer
collects the packets and reassembles the original file or email message from the pieces in each packet.

As an individual packet travels from one network to another, the computers through which the packet travels
determine the most efficient route for getting the packet to its destination. Depending on how much traffic is being
handled, the most efficient route changes from second to second. The computers that decide how best to forward
each packet are called routing computers, also referred to as router computers, routers, gateway computers,
because they act as the gateway from a LAN or WAN to the Internet), or border routers, because they are located
at the border between the organization and the Internet.

The program on router computers that determine the best path on which to send each packet contain rules called
routing algorithms. The programs apply their routing algorithms to information they have stored in routing tables
or configuration tables. This information includes lists of connections that lead to particular groups of other
routers, rules that specify which connections to use first, and rules for handling instances of heavy packet traffic
and network congestion.

26 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

The network devices that move packets from one part of a network to another are called hubs, switches, and
bridges. Routers are used to connect networks to other networks. The Internet also has routers that handle packet
traffic along the Internet’s main connecting points. These routers and the telecommunications lines connecting
them are collectively referred to as the Internet backbone. These routers, sometimes called backbone routers.
A public network is any computer network or telecommunications network that is available to the public. The
Internet is one example of a public network. Public networks such as the Internet do not provide much security as
part of their basic structures.

A private network is a leased-line connection between two companies that physically connects their computers
and/or networks to one another. A leased line is a permanent telephone connection between two points. A leased
line is always active, only the two parties that lease the line to create a private network have access to the
connection. However, the cost of the leased lines can be quite expensive.

A virtual private network (VPN) is a connection that uses public networks and their protocols to send in a way
that protects the data as well as a private network would, but at a lower cost. VPN software must be installed on
the computers at both ends of the transmission. The technology that most VPN software uses is called IP
tunnelling or encapsulation.

IP tunnelling creates a private passageway through the public Internet that provides secure transmission from one
computer to another. The passageway is created by VPN software that encrypts the packet content and then
places the encrypted packets inside another packet in a process called encapsulation. The outer packet is called
an IP wrapper. The Web server sends the encapsulated packets to their destinations over the Internet, which is a
public network. The computer that receives the packet unwraps it and decrypts the message using VPN software
that is the same as, or is compatible with, the VPN software used to encrypt and encapsulate the packet at the
sending end. The word “virtual” in VPN implies that although the connection appears to be a permanent connection,
it is actually temporary. The VPN is created, carries out its work over the Internet, and is then terminated.

The term intranet describes an internet that does not extend beyond the organization that created it. Today,
organizations create secure intranets using VPN technologies. An extranet was originally defined as an intranet
that had been extended to include specific entities outside the boundaries of the organization. Extranets were used
to save money and increase efficiency by replacing traditional communication tools such as fax, telephone, and
overnight express document carriers. To maintain security within extranets, almost all organizations that created
them did so by interconnecting private networks.

To finalize, remember “intranet” is used when the internet does not extend beyond the boundaries of a particular
organization; “extranet” is used when the internet extends beyond the boundaries of an organization and includes
networks of other organizations.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 27

Informatics 2B

2.4 The World Wide Web (WWW)

The World Wide Web (WWW) or simply called the Web for short, is a set of the computers on the Internet that are
connected to one another in a specific way that makes them and their contents easily accessible to each other.
Two important ideas that became key technological elements of the Web are hypertext and graphical user
interfaces.

Hypertext came about in the 1960s, when Ted Nelson described a page-linking system that would interconnect
related pages of information, regardless of where in the world they were stored. In 1989, Tim Berners-Lee was
trying to improve the laboratory research document-handling procedures for his employer, proposed a hypertext
development project intended to provide this data-sharing functionality. Eventually, he developed the code for a
hypertext server, a computer that stores files written in HyperText Markup Language, or HTML for short (see
chapter 9), and made it available on the Internet. HTML is the language used for the creation of Web pages. The
hypertext server is connected through the Internet to other computers that can connect to the hypertext server and
read those HTML files. The hypertext servers of today are known as Web servers. HTML is a language that
includes a set of codes (or tags) attached to text. These codes describe the relationships among text elements.

Several different types of software are available to read and view HTML documents. The most notable of these is
a Web browser such as Mozilla Firefox or Microsoft Internet Explorer. A Web browser is a software interface that
lets users read (or browse) HTML documents and move from one HTML document to another though text formatted
with hypertext link tags in each file. A hyperlink, points to another location in the same or another HTML document.

A Web browser presents an HTML document in an easy-to-read format in the browser’s graphical user interface
(GUI). A GUI is a way of presenting program control functions and program output to users and accepting their
input. It uses pictures, icons, and other graphical elements instead of displaying just text. Before 1993, only the
scientific research community had access to this Web system because very few people outside that community
had software that could read HTML documents.

Mosaic, the very first Web browser, became available for personal computers. It was written by a group of
University of Illinois students, and although it may be considered a legacy browser, some Web surfers still use it
today. Mosaic brought about the potential of more competitive browsers such as Netscape Navigator, another web
browser brought about by the Mosaic team and James Clark. Then, Microsoft entered the market with Internet
Explorer, the most widely used Web browser in the world. However, Mozilla Firefox, a descendant of Netscape
Navigator, became Microsoft’s IE main competitor. Google’s Chrome browser is one of the latecomers to the game,
but is quickly taking a chunk of the market share of Explorer and Firefox.

Today, the number of Web sites has grown even more rapidly that the Internet itself. Aside from Web pages
specifically programmed to exist in a permanent form, the Web provides access to customized Web pages that
are created in response to a particular user’s query, such as online searches for a book on Amazon.com. The
28 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

information about the books gets listed from Amazon.com’s database and creates a Web page that is customized
to your search. The Web page that lists your search results never existed before your visit. This store of information
that is available through the Web is called the deep Web.

To make the use of Internet easier for the users, each individual website had its own web address or domain
name. Domain names are sets of words that are assigned to specific IP addresses. A domain name such as
www.sandiego.edu has three parts separated by periods. From the right, the name “edu” indicates that the
computer belongs to an educational institution. The institution, University of San Diego is identified by the name
“sandiego”. The “www” indicates that het computer is running software that makes it a part of the World Wide Web.
Some domain names can contain two or more word groups separated by periods, for example:
www.universityofzululand.ac.za
The rightmost part of a domain name is called a top-level domain (TLD), such as .edu, .com, .org. The “ac” in the
above domain name, means academic institution, and “za” for South Africa.

2.5 Markup
Web pages can include many elements, such as graphics, photographs, sound clips, and even small programs
that run in the Web browser. Each of these elements is stored on the Web server as a separate file. A text markup
language specifies a set of tags that are inserted into the text, these tags provide formatting instructions that a
Web client software can understand.

Web publishers of the 1960s used markup languages to create documents that can be formatted once, stored
electronically, and then printed many times in various layouts, but interpreted differently. An older and complex
text markup language called SGML (Standard Generalized Markup Language) was the original markup language,
which HTML, XML and XHTML have descended from. SGML, adopted by the International Organization for
Standardization (ISO), is a metalanguage, a language used to define other languages, that was used to create
documents that needed to be printed in various formats and was revised frequently. Many organizations make use
of SGML because of their complex document-management requirements. However, SGML is costly to set up and
maintain and requires the use of expensive software tools and is hard to learn, as well as time consuming.

The most commonly used markup language on the Web today is HTML (HyperText Markup Lanugage). HTML
includes tags that define the formatting and styles of text elements. Some of these tags create relationships among
text elements within one document or among several documents. These text elements are called hypertext
elements. HTML is much easier to learn than SGML. Another useful element of HTML is links, interlinked pages
of information residing on sites around the world. A user can traverse the interwoven pages by clicking hyperlinked
text on one page to move to another page in the web of pages. After some time, with the advancement of HTML
came the support for CSS (Cascading Style Sheets). CSS gives Web developers more control over the format of
displayed pages. CSS lets designers define formatting styles that can be applied to multiple Web pages.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 29

Informatics 2B

XML, another descendant of SGML, is used to mark-up information that companies share with each other over the
Internet. XML is also a metalanguage. XML, like HTML, also uses paired start and stop tags, however XML includes
data-management capabilities that HTML cannot provide. While HTML is useful in designing attractive layouts of
text and graphics on a Web page, XML is more useful for conducting electronic commerce (e-commerce) on the
Web. When the need to present large amounts of data on Web pages became important, XML helped in
maintaining Web pages that contained large amounts of data. Web professionals began to consider XML as a list-
formatting alternative to HTML that would more effectively communicate the meaning of data.

XML differs from HTML in two important respects. First, XML is not a markup language with defined tags. It is a
framework within which individuals, companies, and other organizations can create their own sets of tags. Second,
XML tags do not specify how text appears on a Web page; the tags convey the meaning (the semantics) of the
information included within them.

XML files are not intended to be displayed in a Web browser. They are designed to be translated using another
file that contains formatting instructions or to be read by a program. These programs, sometimes called XML
parsers, can format an XML file so it can appear on the screen of a computer, a smart phone, and Internet-capable
mobile phone, or some other device.

The World Wide Web Consortium (W3C), is a not-for-profit organization that maintains standards for the Web;
standards for HTML, XML, XHTML (a reformulation of HTML 4.0), and many others.

2.6 Web 2.0

Web 2.0 describes Web sites that use technology beyond the static pages of earlier web sites. It is a new version
of the World Wide Web; however, it does not refer to an update to any technical specification, but rather to
cumulative changes in the ways software developers and end users use the Web.

Examples of Web 2.0 include social networking sites such as Facebook and Twitter, blogs, wikis, video sharing
sites, hosted services, web applications and mashups.

With Web 2.0, users can do more than just retrieving information; it provides the user with more user-interface,
software and storage facilities, all through their browser. Major features of Web 2.0 include social networking sites,
user-created web sites, self-publishing platforms, tagging and social bookmarking. Some scholars have made the
case that cloud computing is a form of Web 2.0 because cloud computing is simply an implication of computing on
the Internet.

Internet2 is an advanced not-for-profit US network consortium led by members from the research and education
communities, industry, and government. Internet2 became an experimental test bed for new networking
technologies. Interent2 is separate from the original Internet and has achieved bandwidths of 10 Gbps (gigabits
30 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

per second) and more, on parts of its network. In 2009, Internet2 members included over 200 higher education
institutions, over 40 members from industry, over 30 research and education network and connector organizations
and over 50 affiliate members.

Internet2 operates a next generation Internet Protocol and optical network (otherwise known as the Internet2
network) that delivers production network services to meet the high-performance demands of research and
education, and provides a secure network testing and research environment. For example, an organization in
Switzerland can use Internet2 to share data generated by its new particle accelerator with a research network of
70 US universities and every few weeks, each university downloads about two terabytes of data within a four-hour
time period.

In 2001, Time Berners-Lee began a project that has a goal of blending technologies and information into a next-
generation Web, a Semantic Web. This project envisions words on Web pages being tagged (using XML) with
their meanings. The Web would become a huge machine-readable database. To read these XML tags, intelligent
programs called software agents determine the meaning of the words in their contexts.

The development of the Semantic Web is expected to take many years. The first step in this project is to develop
ontologies for specific subjects. Several areas of scientific inquiry have begun developing ontologies that will
become the building blocks of the Semantic Web in their areas.

2.7 Summary
 An internet is a group of computer networks that have been interconnected. Such an internet is call the
Internet, a specific set of rules and connects networks all over the world to each other.
 Email is the most used internet service on any personal, business, and corporate computers.
 Local area networks are networks of computers connected closer together, within a building.
 Wide area networks are networks of computer connected over great distances.
 There are two types of switching networks, circuit and packet switching. While circuit switching works well
for telephone calls, packet switching works best in networks with data files and messages being broken
down into packets.
 Routing computers are the computers that decides how best to forward each packet.
 The network devices that move packets from one part of the network to another are called hubs, switches,
and bridges.
 Routers are used to connect networks to other networks.
 A public network is any computer network or telecommunications network that is available t other public.
 A private network is a leased-line connection between two companies that physically connects their
computers and/or networks to one another.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 31

Informatics 2B

 In encapsulation, the packet content is encrypted and placed within another packet. This is a form of an
information hiding mechanism.
 HTML (HyperText Markup Language) is the language used for the creation of Web pages.
 A text markup language specifies a set of tags that are inserted into the text.
 SGML (Standard Generalized Markup Language) is a language about other languages. Most of the
commonly used markup languages are descended from SGML.
 HTML is much easier to learn than SGML.
 XML (eXtensible Markup Language) is a markup language extended from SGML that defines a set of
rules for encoding documents in a format that is both human-readable and machine-readable. XML marks
up information that companies share with each other over the Internet.
 Web 2.0 describes Web sites that use technology beyond the static pages of earlier web sites. It is a
newer version of the World Wide Web.

2.8 Review Questions

1. List some advantages to the latest Internet technology devices on the market.
2. How is packet switching different and better to circuit switching?
3. What is the purpose of routers?
4. What is the difference between a public network and a private network?
5. Define the term encapsulation?
6. What is a Web browser and what is it used for?
7. List the disadvantages of using SGML.
8. XML differs from HTML in two different ways. What are they?
9. Web 2.0 is a new version of the WWW. Give some examples of Web 2.0.

2.9 Answers to review questions

1. From desktop computers, to laptops, to dual-screen laptops, and various handheld devices, called tablets,
of various sizes, such as iPhone and iPad.
2. In circuit switching, a single path of connected circuits switched into each other is maintained for the length
of the call. This is a centrally controlled, single-connection model. In a packet-switched network, files and
e-mail messages are broken down into small pieces, called packets, that are labelled electronically with
their origins, sequences and destination address. These packets travel from computer to computer along
the interconnected networks until they reach their destinations. Each packet can take a different path
through the interconnected networks, and the packets may arrive out of order. The destination computer
collects the packets and reassembles the original file or e-mail message from the pieces in each packet.
3. Routers are computers that decide how best to forward each packet. They are a gateway from a LAN or
WAN to the internet and they can be located at the border between the organization and the Internet.

32 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

4. A public network is any computer network or telecommunications network that is available to the public. A
private network is a leased-line connection; a permanent telephone connection between two points,
between two companies that physical connects their computers and/or networks to one another.
5. Encapsulation, in terms of networks, is the encrypting of packet contents and then placing that encrypted
packet inside another packet. This outer packet is referred to as an IP wrapper.
6. A Web browser is a software interface that lets users read (or browse) HTML documents and move from
one HTML document to another through text formatted with hypertext link tags in each file.
7. SGML is costly to set up and maintain and requires the use of expensive software tools and is hard to learn,
as well as time consuming.
8. XML is not a markup language with defined tags, while HTML is. It is a framework within which individuals,
companies, and other organizations can create their own sets of tags. XML tags do not specify how text
appears on a Web page; they tags convey the meaning (the semantics) of the information included within
them.
9. Examples of Web 2.0 are social networking sites, such as Facebook; video sharing sites, hosted services,
and web applications.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 33

 Informatics 2B

Unit
3: Electronic Mail (E-Mail)

34 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

3.1 Introduction  Introduce topic areas for the unit

3.2 Web server basics  Understand advantages and disadvantages of email

 Be knowledgeable on methods of avoiding spam emails

3.3 Software for Web Servers  Understand dynamic content

3.4 Website Utility programs  Understand the use of utility programs in creating Web sites

3.5 Web server hardware  Display knowledge on the advantages and disadvantages of
centralised and decentralized architecture

3.6 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 35

Informatics 2B

3.1 Introduction
Email originated in the 1970s on the ARPANET. At the time it was developed for the specific use of weapons
controls systems and the transfer of research files for the US Department of Defence. However, today, email is
greatly and widely used for most general communication functions, far surpassing the telephone, conventional
mail, and fax in volume.

Email conveys messages from one destination to another in a few seconds. Messages can contain plain text, or
they can contain character formatting similar to word processing programs. Attachments like documents (.doc
files), pictures, movies, worksheets, or other information can be sent along with the message itself. Many e-
commerce sites use email to confirm a receipt of customer orders, and the shipment of items ordered. Many online
stores use email to announce specials, sales, or to keep in touch with customers.

Despite its many benefits, one great annoyance of email is the amount of time business people spend on answering
emails today. Aside from the daily spam one receives, the amount of email grows with the work related emails that
business managers have to attend to.

Another irritation brought by emails is computer viruses. While it is normal to receive many emails with attachments,
some of these attachments can be sent at risk to the receiver and when opened, a host program is activated which
may cause damage to the receiver’s computer system. In such cases, a good antivirus protection program is
necessary.

Spam is a major factor in emails today. While many find spam emails quite entertaining, in a working environment
and in businesses, spam is another great annoyance. The increase in spamming, is continually growing by the
year. However, a number of companies and organizations have opted for anti-spam software to reduce the
spamming problem.

As of 2010, spam has been showing a decline since most companies have opted for software that runs on their
email servers to limit the amount of spam that gets through to the computers. There are a number of solutions to
blocking spam mails.
 Users can install a client-based spam-filtering program on their computers. However, most companies
find it less costly to eliminate spam before it is downloaded to user computers.
 Email addresses in companies are usually comprised of an employee’s name and surname, or first letter
of first name and surname, or vice versa. This employee list can be attainable by spammers and can
generate potential email addresses using the names on the list. However, using a series of letters,
numbers and characters (for example, 78gh#[email protected]) to generate an unthinkable email address
will make it less likely for a spammer to send spam mails to your email. However, such a confusing email
address for businesses is probably inappropriate and time consuming.

36 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

 Another way to limit spammers access is to allocate more than one address for each individual.
Spammers use software robots to search the Web for character strings containing ‘@’ character. In such
an instance, should one of the allocated emails has been targeted by a spammer, the user can stop use
of that email and will still have another email address to use.
 Another technique to controlling email exposure is by filtering email messages based on the content.
Some content-filtering techniques look for incoming messages that are known to be spammers, and
deletes these message or relocate them to a separate mailbox for review.
 Another content-filtering technique is called the challenge-response. This is where an automated email
response is sent to the sender with a message (otherwise known as a challenge) asking the sender to
reply (the response). These challenges are designed for human response only meaning it would be
difficult for a computer (a robot) to formulate a response. However, this challenge-response system can
be abused by a perpetrator sending out thousands of emails to recipients using a challenge-response
system and this can be cumbersome to the recipient having to have to reply to all those challenges.
 An advanced content-filter technique called the Bayesian Revision, is a statistical technique in which a
user reviews its messages and indicates to the software which messages are spam and which are not,
till such time the Bayesian filter is able to successfully classify spam messages close to 95% of the time.
The drawback to this technique is that it requires users to update their own filters regularly, and doing this
takes time.
 The US government has passed laws that provide penalties for the sending of spam.

3.2 Web server basics

A Web browser is a Web client software that makes computers work like Web clients on worldwide client/server
networks. Microsoft Internet Explorer and Mozilla Firefox are examples of Web browsers. In client/server networks,
a client computer requests services, such as printing, information retrieval and database access, from the server.
The server then provides the requested resources. Such architectures are used in LANs, WANs and the Web.

The Internet connects many different types of computers and other devices, such as cellphones (Androids,
iPhones, Blackberrys etc.) and tablets (iPads). These devices run their own different operating systems. The fact
that the Internet can connect to these different devices with their different operating systems (Windows, Linux,
Android, Symbian, to name a few) makes the Internet platform neutral. Platform neutrality is the ability a network
has to connect devices using different operating systems.

Dynamic content is information constructed in response to a web client’s request. It can give the user an interactive
experience with the Web site. There are two basic approaches to creating dynamic content:
 One is client-side scripting when software operates on the Web client to change what is displayed on the
Web page in response to the user’s actions (by a mouse click or a keyboard text input).

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 37

Informatics 2B

 The other is server-side scripting where a program running on a Web server creates a web page in
response to a request for specific information from a Web client. For example, a user enters data into a
Web Form in the browser, or a user is logging into their banking account.

3.3 Software for web servers

A computer must have an operating system to run programs. Operating systems are tasked with running programs
allocating computer resources such as memory and disk space to program, providing input and output services to
devices connected to the computer; devices like the keyboard, monitor and printers, and many, many more. Even
before Microsoft created Windows, computers were running an operating system that was called DOS (Disk
Operating System). Today, aside from the increasing the increasing versions of Microsoft Windows, we have also
been presented with UNIX operating systems, such as Linux, an open-source operating system, which is believed
to be a more secure operating system to run Web servers.

There are two most commonly used Web servers in use today: Apache HTTP Server and Microsoft Internet
Information Server (IIS). There are other Web server software products used by online businesses. However, the
most widely used server program is the Apache HTTP Server.

3.4 Web site utility programs:

Aside from the above Web server software, there are a number of utility programs that Web developers use when
creating Web sites.

Finger is a program that runs on UNIX operating systems, allows users to obtain information about other network
users.

Ping (Packet Internet Groper) tests the connectivity between two computers connected to the Internet and
provides data regarding their connection. It also can be used to troubleshoot Internet connections.

Tracert is a utility program that sends data packets to every computer on the path (Internet) between one computer
and another computer, as well as clocks the packets’ round-trip time (RTT).

Telnet is a program that allows a person using one computer to access files and runs programs on a second
computer that is connected to the Internet. It is particularly useful in running older software that does not have a
Web interface.

FTP (File Transfer Protocol) transfers files one at a time or it can transfer many files at once. FTP can also display
remote and local computers’ directories, change the current client’s or server’s active directory and create and
remove local and remote directories.

38 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Search engines and search tools searches a specific site or the entire Web for requested documents. Indexing
programs provides a full-text indexing that generates an index for all documents stored on the server. A most
popular search engine site is Google.

Data analysis software allows web servers to capture visitor information, such as who is visiting the site; how
long the visitor’s Web browser viewed the site; the date and time of each visit; and which pages the visitor viewed.
This data is then placed in a Web log file, which can grow very quickly for popular sites.

Link-Checking utilities checks the links on Web sites. It reports if any URLs are broken, seem broken, or are in
some way incorrect. It can also identify orphan files, a file on the Web that is not linked to any page.

Remote server administration software allows a Web site administrator to control a Web site from any Internet-
connected computer.

3.5 Web server hardware

Web server computers are bigger and faster than your average personal computer. They have more memory,
larger and faster hard disk drives, and faster processors. However, they are also much more expensive that
desktop computers.

The use of a large number of powerful computers requires significant amounts of electrical power to operate. Due
to this, these computers generate a tremendous amount of heat. Efforts to reduce the environmental impact of
large computing installations are called green computing. Google’s server facility is located near the coastline
and is built over granite tunnels drawing in the seawater that Google uses instead of electrical-powered air
condition. Facebook’s Web server facility is located south of the Arctic Circle. Hewlett-Packard uses the cool air
available in the high altitudes of the Rocky Mountains. These are just some of the efforts these corporate
businesses have used to reduce the impact that online businesses have on the planet’s limited energy resources.

Benchmarking is a method of testing. In the case of Web Server performance evaluation, benchmarking is used
to compare the performance of Web server hardware and software combinations to help in making informed
decisions for a system. Factors that can affect server performance are hardware, operating system software, server
software, connection speed, user capacity, and type of Web pages being delivered.

E-commerce Web sites can use many different hardware architectures to divide the work of serving Web pages,
administering databases, and processing transactions. Some e-commerce sites are so large that more than one
computer (hundreds or thousands of server computers) is required to handle their daily Web traffic efficiently. There
are two approaches to resolving the vast amount of server computers: centralized architecture and decentralized
architecture:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 39

Informatics 2B

 In a centralized architecture, a few very large and fast computers are used.
 In a decentralized architecture (otherwise known as distributed architecture), a large number of less-
powerful computers are used to divide the workload amongst them.

Each of these architectures has its benefits and drawbacks, as shown in the following table:

Centralized architecture Decentralized architecture

Requires expensive computers The smaller servers are less expensive than the large
servers in the centralized architecture

Is more sensitive to the effects of technical problems. If one server becomes inoperable, the site can
It is a single point of failure, which can result in the continue to operate.
entire site being down if there is a fault.

While decentralized architecture require additional hubs or switches to connect the servers to each other and to
the Internet, largest decentralized sites use load-balancing systems to assign the workload efficiently and this
system would cost additional money. In a load-balancing system, the traffic that enters the site from the Internet
through the site’s router encounters the load-balancing switch, which then directs the traffic to the Web server best
able to handle the traffic.

3.6 Summary
 Email (Electronic Mail) is a technology very well and frequently used on a daily basis by home users and
businesses alike.
 Responses to emails are quicker than the responses to conventional post mail and faxes.
 Emails are best used when sending attachments, be it business related or sending a CV, over the Internet
in electronic format.
 Emails helps greatly in improving the environment with its paperless technology.
 Greatest annoyance to emails, however, is spamming, which has increased over the past decade and is
now slowly decreasing with anti-spam software.
 Platform neutrality is the ability a network has to connect devices using different operating systems.
 The two basic approaches to creating dynamic content is client-side scripting and server-side scripting.
 A computer cannot run without an operating system. That operating system is what functions all other
programs in the computer.
 Two most commonly used Web servers are Apache HTTP Server and Microsoft Internet Information
Server (IIS).
 A number of Web site utility programs are used in the development of Web sites and provides information
about the network.
 Benchmarking is a test of performance evaluation of hardware and software.

40 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

 Two types of architectures used in Web sites are centralized architecture and decentralized (distributed)
architecture.

3.7 Review questions

1. List the advantages of Email.
2. List the disadvantages of Email.
3. What are some of the ways in which we can avoid spam mails?
4. What is dynamic content?
5. List and define some of the utility programs used in the creating of Web sites.
6. List the advantages and disadvantages of centralized architecture.
7. List the advantages and disadvantages of decentralized architecture.

3.8 Answers to Revision Questions and Activities

Answers to review questions
1. Emails conveys messages from one destination to another in a few seconds. With emails, one can attach
files, documents and pictures. Using emails in e-commerce sites to confirm a receipt of customer orders,
and the shipment of items ordered. Emails also can be used to announce specials, sales, or to just keep
in touch with customers.

2. The greatest disadvantage of email is spam mail. Still a common problem which is still being resolved.
Other disadvantages of email are that some emails comes with attachments that can have a virus
attached to it.

3. To avoid spam mails, users can install a client-based spam-filtering program on their computers; or they
can create complicated, difficult to imagine, email address with a mixture of alphanumeric characters,
uppercase and lowercase, and other characters; and filter email messages based on content.

4. Dynamic content is information constructed in response to a Web client’s request. Dynamic content can
give the user an interactive experience with the Web site.

5. Finger is a program that runs on UNIX operating systems and allows a user to obtain some information
about other network users.

Ping test the connectivity between two computers connected to the Internet.
Tracert sends data packets to every computer on the network path between one computer and another
computer and clocks the packets’ round-trip times.

Telnet is a program that allows a person using one computer to access files and run programs on a
second computer that is connected to the Internet.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 41

Informatics 2B

FTP is the part of the TCP/IP rules that defines the formats used to transfer files between TCP/IP-
connected computers.
Search engines or search tools search either a specific site or the entire Web for requested documents.
An indexing program can provide full-text indexing that generate an index for all documents stored on the
server.

Data Analysis software collects Web data placed in a Web log, data such as who is visiting a Web site,
how long the visitor’s Web browser viewed the site, the date and time of each visit, and which pages the
visitor viewed.
Link-Checking utilities checks the links on sites for dead links.

6. The centralized approach requires expensive computers and is more sensitive to the effects of technical
problems. If one of the few servers becomes inoperable, a large portion of the site’s capability is lost.
Thus, Web sites with centralized architectures must have adequate backup plans. Any server problem,
no matter how small, can threaten the operation of the site.

7. The decentralized architecture spreads that risk over a large number of servers. If one server becomes
inoperable, the site can continue to operate without much degradation in capability. The smaller servers
used in the decentralized architecture are less expensive than the large servers used in the centralized
approach. Most large decentralized sites use load-balancing systems, which cost additional money, to
assign the workload efficiently.

42 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit
4: E-Business Revenue Models

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 43

Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

4.1 Introduction  Introduce topic areas for the unit

4.2 Revenue strategy issues for online  Provide reasons for a business to utilise the revenue models
business
 Understand the purpose of a Web Catalogue Revenue model

 Understand the fee-for-content revenue model

4.3 Creating an effective business  Provide reasons for a business to place their products or
presence online services on a Web site

 Be knowledgeable on the challenges of online advertising as

the sole revenue.

4.4 Using the web to connect with  Analyse the use of a virtual model by a company
customers

4.5 Summary  Summarise topic areas covered in unit

44 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

4.1 Introduction
There are various models that online businesses currently use the generate revenues, that works for both
business-to-consumer (B2C) and business-to-business (B2B) electronic commerce.

The Web Catalogue Revenue Model is a revenue model used to replace or supplement the print catalogues with
information on the Web sites. Back in the late 1800s and the 1900s, before the Internet or computers, the only
way for a business to get sales was to print and distribute sales catalogues of products they sell in their shops. As
time went by, businesses moved from paper-based sales catalogues which reach just a limited number of
customers, to Web-based catalogues on their websites. They realized that in that way their catalogues could reach
potential customers from all over the world.

Instead of making do with the possible customers within the business’s district or area, and distributing their sales
catalogues to limited customers, the Web Catalogue allows the business to reach a greater number of customers
and in so doing, increasing their revenue. With customers being online, and purchasing their products online, this
increases the business revenues to more than the usual mail order catalogues that spread within a town. This
model also allowed major retailers to sell their merchandise at extremely low prices, providing discounts to increase
their current and future sales revenues.

The Fee-for-Content Revenue Model is a model where a company allows access to information owns it owns,
for a fee. Some companies may sell subscriptions to give customers the right to access all or specific parts of the
information and others may sell the rights to access individual items. Many companies combine these two
approaches and sell both subscriptions and individual access rights.

Digital content such as legal, academic research, business, or technical materials all can be available online, as a
subscription. This saves on the high costs of paper, printing and delivery. Today, electronic books, more popularly
called eBooks, can be read on Amazon.com’s Kindle products, Barnes & Noble’s Nook products, and Google’s
eBook store. These eBooks can be read in other physical readers as well, such as computers, tablet devices, and
smart phones. While books are sold individually, magazines and newspapers are sold on a subscription basis.

Like eBooks, audio files such as music MP3’s can also be sold via the internet. However, selling audio files over
the internet has raised a lot of scepticism from recording companies, due to illegal copying and sharing of these
digital products. This has brought about resistance from the recording industry, but online music retailers have
taken steps to minimize pirating. To limit the number of copies that can be made of each audio file, online music
sellers require buyers to download and install software called Digital Rights Management (DRM) software.
However, this does not prevent illegal copying but does make copying more difficult. The DRM also applies to
online digital videos sold or rented. These videos can be downloaded or streamed.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 45

Informatics 2B

Today, music stores such as Amazon MP3, Apple iTunes, and Google Music sell single songs or tracks for a dollar
each and sell albums at varying prices. Subscription plans are also provided by some of these sites, but most of
the sales revenue is generated from the sale of individual songs or digital albums.

The Advertising Revenue Model do not charge subscription fees for content, but charge advertising fees to
companies that wish to advertise on their site. Traditionally, the advertising revenue model was used by television
stations which provided free programming to audiences. Stations like these made their revenue through charging
advertising fees to companies which wished to advertise on their channel. This advertising revenue is what
supports the operations of the network and the creation or purchase of the programs.

There are two major challenges to the use of online advertising as the sole revenue:
1. The first is the fact that there is little consensus on how to measure and charge for site visitor views. Many
websites take multiple measurements, such as number of visitors, number of unique visitors and number
of click-throughs, but they struggle to develop standards for advertising charges.
2. The second challenge is that very few Websites have sufficiently large numbers of visitors to compete
with mass media outlets such as radio or television. However, most successful advertising on the Web
is targeted at specific groups of people. These groups are defined by a set of characteristics that
marketers call demographic information, and includes things such as address, age, gender, income
level, type of job held, hobbies, and religion. Without such information, it would be difficult for Web sites
to determine if it is attracting a specific market segment. The problem is that many visitors are reluctant
to provide because of privacy concerns.

One solution to the second challenge is to increase the amount of specialized information that websites offer, and
to use the advertising-supported revenue model to draw out a specialized audience that certain advertisers want
to reach. There is no need to gather demographic information because anyone drawn to the site will have the
specific set of interests that will make them a prized target for certain advertisers.

As an example of a specialized website, consider the site HowStuffWorks (http://www.howstuffworks.com). Each

set of Web pages on the site attracts visitors with a highly focused interest. This makes HowStuffWorks an
attractive online advertising option for a wide variety of companies because the site has a collection of pages on
a broad range of very specific products and processes that would be attractive to a variety of consumers, each of
whom has a highly focused interest in one or more of them.

There are three strategies of interest for implementing an advertising-supported revenue model:
1. General interest strategy: advertisers pay low rates to reach large numbers of undifferentiated visitors.
2. Specific interest strategy: advertisers pay high rates to reach small numbers of visitors with specific
interest related to the theme of the site.

46 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

3. Collection of specific interests: advertisers pay high rates for ads on specific pages that appeal to visitors
with specific interests related to those pages or sections of the site.

Some companies have been successful using the general interest strategy by operating a Web Portal, which is a
site that people use as launching point to enter the Web, like a doorway to a Web site. A portal almost always
includes a Web directory or search engine as well as other helpful features such as shopping directories, white
pages, yellow pages, company searches, chat rooms, games and file storage services. Examples of such Web
portals are Yahoo!, Google and Ananzi, to name a few.

Advertising-Supported Online Classified Ad Sales sells advertising to cover the costs of converting their print
content to an online format and operating the Web site. While most newspapers and magazines have relied on
subscription and newsstand revenue to supplement their advertising revenue, they have had a more difficult time
in making their online editions generate sufficient revenue. Online classified sites such as Gumtree and Career
Junction and are all advertising-supported sites.

The Advertising-Subscription Mixed Revenue Model has been used for many years by many traditional print
newspapers and magazines where subscribers pay a fee for the publication, but they also accept some level of
advertising by third-party companies, at a cost. These newspapers and magazines use this model for their online
publications as well, in order to make most of their content available online. Examples of advertising-subscription
mixed revenue models are magazines such as PC Magazine, Sports Illustrated and Time Magazine.

The Fee-for-Transaction Revenue Model is where businesses offer services for which they charge a fee that is
based on the number or size of transactions they process, services such as stock trading and online banking.
 Stock Brokerage Firms are one such type of business using the fee-for-transaction model where they
charge customers a commission for each trade executed, but not necessarily for their advice provided.
 The sale of event tickets, events such as concerts, shows, and sporting events, can now be done online.
This made purchasing of event tickets easier than having to try to locate ticket agencies. Such examples
are Computicket.
 Online Banking and Financial Services are another business/service that uses this model. Financial
services is not a physical product and are, therefore, easy to offer on the Web. Online banking has made
banking easier by eliminating the need to follow long queues to do banking. Deposits, transfers and other
transactions can all be done online. One can now even apply for an investment or a bank loan online,
without having to wait for long to meet with a physical banking advisor. All this is done in exchange for a
small fee.
 Travel bookings such as airplane tickets, hotel reservations and car rentals can now be done on the Web.
A visitor wanting to take a holiday can easily do so online.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 47

Informatics 2B

 With online car sales, auto dealers and potential public buyers alike can view the vehicle they want, read
the specs and book a meeting with the manufacturers or other auto dealers for a test drive. The
advertising revenue on these sites will increase due to the visitors’ interests being piqued through a variety
of options.
 Real estate and home loan brokers are other fee-for-transaction businesses that use the Web to solicit
business deals. While there are many real estate agencies and mortgage brokers on the Web, very few
transactions are completed online, however, these Web sites play an important role in bringing buyers
and sellers together.

The Fee-for-Service Revenue Model is a model with a range of companies offering an increasing variety of
services on the Web for which they charge a fee, services such as games and entertainment, financial advice and
professional services of accountants, lawyers and physicians, to name a few.
 Online games generate a significant revenue by allowing site visitors to pay to play premium games by
buying and downloading the games to install on their computers or playing online as well. Some games
can be played free online but cannot be downloaded to play on their computers. Such companies include
MSN Games, Sony Online Entertainment and games sites such as www.gamespot.com. Almost all
game sites include some advertising in their revenue models.
 Professional Services such as physicians, lawyers, accountants and engineers can be allowed to move
their services to the Web, but within permitted laws. These physicians can provide consultation or advice
to their patients, and can allow patients to make appointments online. Accountants can provide services
such as assisting their clients in completing their tax forms correctly before submission.

The Free for Many, Fee for a Few model allows companies to provide a portion of a product for free to all persons,
while selling the full version of the product to whomever really wants it. For example, Microsoft sells their software
products such as Microsoft Office 365 at very high prices, but they provide a trial version of that product for free
for all users to try out. For software developers, there is a product called Visual Studio 2012 that is on sale, but
they also provide a free version called Visual Studio 2012 Express which is free to download for beginner
developers who just want to explore the software and learn. For a professional developer the free trial might not
be sufficient for his or her needs, therefore they would opt to purchase the full version of the software.

4.2 Revenue strategy issues for online business

There are conflicting issues revolving around the use of all the revenue models mentioned above:
 Channel conflict: When a manufacturing company decides to sell their products to the public on their
online store, this can cause a conflict between the manufacturer and retailers who also sell the products
on their online stores. This is also known as cannibalization, because the manufacturer’s website is
incurring sales that should have been incurred by their retail store’s website.

48 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Some of the solutions can be:

 Channel cooperation: This is where the manufacturer keeps its website, but the site refers visitors to its
authorized retailers in the event that they wish to make a purchase.
 Strategic alliance: The manufacturer forms a relationship with their retail stores wherein the retailers are
given space on the manufacturer’s Web site to sell the manufacturer’s products. Another example of
strategic alliance is when the dealership company wishes to join forces with some of the retailer
companies to offer their retailer’s products for sale on their website.

Other strategies include Luxury Goods Strategy; this includes the more exclusive products that the manufacturers
wish not to sell online because they feel its best sold when the customer experiences the product in person. An
example of this is buying a piece of clothing that is generally expensive because of its brand, like Chanel or Tommy.
However, there are some companies that sell their highly exclusive jewellery online with an independent appraisal
certificate of authentication.

Lastly, the Overstock Sales Strategy is where clothing businesses have an overstock of clothing items that will
not sell. These products generally go to the outlet stores to sell off as a clearance sale. An online overstock store
can work well as it reaches more people than a physical store and it updates more frequently than a printed
overstocks catalogue.

4.3 Creating an effective business presence online

Creating an effective Web presence can be critical even for the smallest and newest businesses operating on the
Web. Most businesses do not worry much about the image they project on their Web sites until they have grown
to a significant size. This is actually counter-productive; a better image portrayed on the company’s website will
undoubtedly help boost sales.

When a business creates a physical space in which to conduct its activities, that business must find a location that
will be convenient for its customers, have sufficient floor space and features to allow the selling activity to occur.
Having these things in place will contribute toward the success of the business. In a similar way, having a few
elements in place on the company’s Web site will help to attract visitors to the site, thereby boosting the company’s
Web presence, and possibly sales.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 49

Informatics 2B

The following table outlines the objectives of identifying a Web presence, and the strategies that can help
accomplish them:

Objectives Strategies

Attracting visitors to the Web site. Include links to the Web site (or specific pages) in
marketing emails.

Making the site interesting enough that visitors stay Product reviews, comparison features, advice on how
and explore. to use a product or service.

Convincing visitors to follow the site’s links to obtain Clearly labelled links that include a hint of the
information. information to be obtained by following them.

Creating an impression consistent with the Using established branding elements such as logos,
organization’s desired image. characters used in other advertising media, slogans,
or catchphrases.

Building a trusting relationship with visitors Ensuring the validity and objectivity of information
presented on the site.

Reinforcing positive images that the visitor might Presenting testimonials, information about awards,
already have about the organization. links to external reviews or articles about the
organization or its products and services.

Encouraging visitors to return to the site. Featuring current information about the organization or
its products and services that is regularly updated.

Making a Web presence consistent with Brand Imaging

Coca Cola and Pepsi are two companies that have established powerful brand images in the same
businesses, but they have developed significantly different Web presences. How did they achieve
this?

Read the section entitled Making a Web presence consistent with Brand Imaging on page 165
of the prescribed book.

50 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

4.4 Using the web to connect with customers

There are essentially two ways of identifying and communicating with customers:
1. Personal contact

2. Mass media

3. The Web

In the personal contact model, the company’s representatives individually search for, qualify and contact potential
customers. This approach is sometimes known as prospecting. In the mass media approach, the companies
prepare advertising and promotional materials about their products and/or services and then distribute these
materials to potential customers by broadcasting on television or radio, by printing them in newspapers or
magazines and by posting them on highway billboards or mailing them.

The Web, on the other hand, fits between personal contact and mass media. The Web cannot be described as
mass media, even though large numbers of people use it; nor can it be described as a personal contact medium,
although it can be used for that. The Web occupies a space between the two, thereby providing marketers with the
ability to target an audience that is too small for mass media, and too large for personal contact. This makes the
Web a very powerful marketing tool.

4.5 Summary
 There are many Revenue Models that businesses decide to use:
1. Web Catalogue Revenue Model
2. Fee-for-Content Revenue Model
3. Advertising-Supported Revenue Model
4. Advertising-Supported Online Classified Ad Sales
5. Advertising-Subscription Mixed Revenue Model
6. Fee-for-Transaction Revenue Model
7. Fee-for-Service Revenue Model
8. Free for Many, Fee for a Few.
 The Web Catalogue Revenue Model supplements the print catalogues with information on the Web site.
 There are essentially three modes of communication between a business and its customers:
1. Mass media
2. Personal contact
3. The Web.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 51

Informatics 2B

 The Fee-for-Content Revenue Model is the selling of rights to access information owned.
 The Digital Rights Management (DRM) is a software application used for limiting the number of copies of
downloaded online music/videos.
 The Advertising-Supported Revenue Model is used by broadcasting television/radio stations that
broadcast advertising messages.
1. Three strategies of interest for implementing an advertising-supported revenue model are
General internet strategy
2. Specific interest strategy
3. Collection of specific interests.
 Advertising-Supported Online Classified Ad Sales sells advertising to cover the costs of converting
their print content to an online format and operating the Web site.
 Advertising-Subscription Mixed Revenue Model is a model used by magazines and newspapers
online publications.
 The Fee-for-Transaction Revenue model is where businesses offer services for which they charge a
fee that is based on the number or size of transactions by process; services such as stock brokerage
firms, insurance brokers, online banking and financial services, travel bookings, online auto dealers, real
estate and home loans utilize this model.
 Fee-for-Service Revenue Model is used in a range of companies offering an increasing variety of
services on the Web, such as online games and professional services.
 The Free for Many, Fee for a Few model allows a business to produce and provide digital products for
free to all persons, while selling the full version of the product to whomever wishes to purchase.
 Over the years, businesses have jumped from one model to the next to suit their current needs at the
time. Sticking to one model did not always serve their purposes or benefit them.
 To create an effective online business presence, one must make the site is
o Interesting enough that visitors stay and explore
o Able to convince the visitors to follow the site’s links to obtain information
o Facilitate building trusting relationships with the visitors
o Encourage visitors to return to the site.
 The mass media approach is a one-to-many communication model.
 The personal contact approach is a one-to-one communication model.
 The Web is a many-to-one or many-to-many communication model.

52 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

4.6 Review questions

1. Why would any business or organization want to utilize any of the models mentioned in this text?

2. What is the purpose of a Web Catalogue Revenue Model?

3. Given that using these revenue models to benefit their Web sites, what are the benefits of a business to
have their products/services on the Web site.

4. Why would any company want to have a virtual model on their site?

5. What is the Fee-for-Content revenue Model?

6. What are the two main challenges to online advertising as the sole Revenue?

4.7 Answers to Revision Questions and Activities

Answers to review questions:
1. The use of the Revenue Models as described in the text is so that any business or organization can
increase their sales revenues.

2. The Web catalogue revenue model is a model used to replace or supplement the print catalogues with
information on the Web sites.

3. Having one’s business on a Web site increase a business’s current sales, by selling not just their
customers’ nearby or in the surrounding areas in town, but also to sell their products to more customers
out of town, throughout the world. Visitors/customers viewing the company’s Web site will be opted to
purchase something of interest and will be more than willing to pay online and the company can also
deliver the product(s) to the buyers.

4. Having a virtual model on a business Web site allows the visitor an opportunity to browse and view more
similar products of interest to them and may be opted to purchase more than they had initially decided.
In that way, this increases the business’s sales revenue.

5. The Fee-for-Content Revenue Model is the selling of rights of digital content to access information owned.
The selling of rights in the form of a subscription to customers to access specification information.

6. The Advertising-Supported Revenue Model is used by broadcast network television providing free
programming to an audience along with advertising messages.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 53

 Informatics 2B

Unit
5: Selling to Businesses and
Consumers Online

54 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

5.1 Introduction  Introduce topic areas for the unit

5.2 Web Marketing Strategies  Understand the four P’s of marketing

 Display knowledge on product-based marketing strategy

 customer-based marketing strategy

 Differentiate between product-based marketing strategy and

5.3 The Acquiring, Conversing and  Understand market segmentation

Retaining of Customers
 Be knowledgeable on the categories of market
segmentation

 Differentiate between behavioural segmentation and usage-

based market segmentation

5.4 E-Mail Marketing  Understand email marketing

5.5 Selling to Businesses online  Analyse the five stages of customer loyalty

5.6 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 55

Informatics 2B

5.1 Introduction
This unit focuses on the methods to conduct business online and the associated strategies related to conducting
business online.

5.2 Web Marketing Strategies

Combinations of elements are used by most companies to achieve their goals for selling and promoting their
products and/or services. There are various elements that they consider as their products and/or services. There
are various elements that they consider as their marketing strategy, to use as a tool for conveying their branding
and advertising messages to current and prospective customers.

The Four P’s of Marketing:

The four P’s of marketing are:
1. Product
2. Price
3. Promotion
4. Place
Product is the physical item or service a company is selling such as quality, design, features, characteristics, and
packaging. The customers’ perception of a product’s brand can be as important as the actual characteristics of
the product.

Price is the amount the customer pays for the product. The total cost is subtracted from the benefits that a customer
derives from the product to yield an estimate of the customer value obtained in the transaction.

Promotion includes any means of spreading the word about the product by advertising, public relations, personal
selling, and overall promotion of the product. There are many social media tools used for promoting products and
services.

The issue of place is the need to have products or services available in many different locations. This is also
known as distribution. With Internet, the issue of delivery of digital products such as information, news, software,
music, video and e-books can be delivered almost instantly by having customers downloading these products
immediately after payment is confirmed. The delivery of physical products that needs to be shipped to the
customers has become easier with Internet providing better shipment tracking and inventory control tools.

In a Product-Based Marketing strategy, when creating a marketing strategy, managers must consider both the
nature of their products and the nature of their potential customers. A product-based structure is a logical way to
think of a business, as a great deal of effort, time, and money has been spent on the design and creating those
products and services. A product category structure is dependent on the customers’ needs.

56 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Whereas in a Customer-Based Marketing strategy, a company’s Web site can be designed as, instead of collection
of products, they can build their sites to meet the differing needs of various types of customers. To differentiate or
extract the differing groups of customers, a company can design its Web site around identifying groups of
customers who share common characteristics. Creating a Web site that acknowledges those groups and treats
each differently can make the site more accessible and useful to each group.

Identifying groups of potential customers as in the customer-based marketing strategy is the first step in selling to
those customers. Another important component of any marketing strategy is the selection of communication
media. An online company does not have a physical presence; this limits the chances of face-to-face
communication. One of the main challenges for online businesses is to convince customers to trust them even
though they do not have a physical presence.

The Web provides a communication mode that is an intermediate step between mass media and personal contact.
Using the Web to communicate with potential customers offers many of the advantages of personal contact selling
and many of the cost savings of mass media. Though mass media offers the lowest level of trust, many companies
continue to use it successfully. The cost of mass media (e.g. a television ad) can be spread over the many people
in its large audiences.

Over the years, mass media has been broached with some resistance of the messages it was conveying from
many people. The overuse of superlatives such as “New and improved” has caused mistrust and ignorance from
many people. Mass media advertising campaigns that are successful often rely on the passive nature of the media
consumption experience. That is, people watching television or listening to radio are generally in a passive and
receptive state of mind and would take likely to listening to the advert being shown on television or heard on radio.
However, the active state of a mind of a Web user is more likely to critically evaluate the advertising messages
they see and less likely to accept the content of those messages.

The level of complexity in a product or service is another important factor to consider in media choice. Products
with few characteristics or that are easy to understand can be promoted well using mass media because they will
be short messages. Highly complex products and services are best promoted through personal contact, allowing
the potential customer to ask clarifying questions during the promotional presentation. The Web can be used for
delivering short but focused messages that promote, but can also be used to deliver longer and more complex
messages. The Web can also be used to engage potential customers in a two-way dialog communication similar
to personal contact selling. A carefully designed Web site can give potential customers the ability to choose their
level of interaction. If a visitor still wants more information, the site can offer the opportunity for interactive
communication, such as an online chat, with customer service representatives. The Web provides much very
handy functionality as well, for example, customers can post their thoughts on a Website, to comment or provide
any feedback, to what is commonly called a blog (Web log), an outlet for expressing their political, religious, and
other strongly felt beliefs. The use of a blog gives a business’s online stores a personality and provides their
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 57
Informatics 2B

customers with a reason to visit their Web sites even if they are not shopping. Another way that companies develop
involvement amongst customers is through social media, creating a discussion forum where customers can talk
about their thoughts about new products, promotions, and even advertising campaigns. Social media such as
Facebook and Twitter are two of the most frequently and well known social sites that are used in almost every
business Web site. Google+ is another newer social media that many are still getting familiar with. These social
media’s allow participants to exchange ideas and report news and information updates to each other. Blogs and
social media provide ways for companies to engage in two-way online communications with their customers.

Companies found that there was a decrease in advertising effectiveness that they decided a different approach, to
identify specific portions of their markets and target them with specific advertising messages. This became known
as market segmentation, in which it divides the pool of potential customers into groups or segments. Segments
are defined in terms of characteristics such as age, gender, marital status, income level, and geographic location.
Micromarketing is the practice of targeting very small market segments for specific advertising and promotion
efforts.

There are three categories of variables to identify market segments. One variable is location. This is called
geographic segmentation where companies create different combinations of marketing efforts for each
geographical group of customers, such as grouped by a nation, state (or province), city, or event by neighbourhood.
The second type of segmentation is called demographic segmentation where information about age, gender,
family size, income, education, religion, or ethnicity is used to group customers. The third is called psychographic
segmentation, where customers are grouped by variables such as social class, personality, or their approach to
life.

Customer behaviour can be segmented as well. For example, a person can be hungry in the morning, but late for
work, that person might drive through a fast-food restaurant or grab a quick cup of coffee at the train station. Lunch
might be a sandwich ordered and delivered to the office, or it could require a nice restaurant if a client needs to be
entertained. Dinner could be at a restaurant with friends, take-out food from a neighbourhood Chinese restaurant,
or a delivered pizza. This one person requires different combinations of products and services depending on the
occasion. The creation of separation experiences for customers based on their behaviour is called behavioural
segmentation. When these experienced are based on things that happen at a specific time or occasion,
behavioural segmentation can be referred to as occasion segmentation. In the same way, a Web site design
can include elements that appeal to different behavioural segments that meet the needs of visitors who arrive in
different behavioural modes. A particular person might visit a particular Web site at different times with different
needs and will want an interaction that meets those needs on each visit. Customizing visitor experiences to match
the site usage behaviour patterns of each visitor or type of visitor is called usage-based market segmentation.
One set of categories that marketers use today includes browsers, buyers, and shoppers.

58 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Some visitors to a company’s Web site are just surfing or browsing. Web sites intending to appeal to potential
customers who are just browsing must offer them something that will pique their interest. The site should include
words that are likely to job the memories of visitors and remind them of something they want to buy on the site.
These trigger words will prompt a visitor to stay and investigate the products or services offered on the site.
Visitors who arrive in buyer mode are ready to make a purchase immediately. The best thing a Web site can offer
a buyer is a direct route into the purchase transaction, to the Checkout page. One such shopping cart convenience
is Amazon.com’s 1-Click feature.

Visitors’ arriving to the Web site in shopper mode wants to know what items are on offer that they might be
interested in. The shopper will want to know information like comparison tools, product reviews, lists of features,
sort products by brand, and/or price.

However, a person visiting a Web site one day as a browser can return the later as a shopper or a buyer. Visitors
do not retain their behavioural categories from one visit to the next.
While these three visitor categories are considered the most, there are six behaviour-based categories to consider:
 Simplifiers: users who like convenience. They are attracted by sites that make doing business easier,
faster, or otherwise more efficient than is possible in the physical world.
 Surfers: users who uses the Web to find information, explore new ideas, and shop. They like to be
entertained, and they spend far more time on the Web than other people.
 Bargainers: users who are in search of a good deal. They enjoy searching for the best price or shipping
terms and are willing to visit many sites to do that.
 Connectors: uses the Web to stay in touch with other people. They are intensive users of chat rooms,
instant messaging services, social networking sites, electronic greeting card sites, and Web-based e-
mail.
 Routiners: users who returns to the same sites over and over again. They use the Web to obtain news,
stock quotes, and other financial information.
 Sportsters: similar to routiners, but they tend to spend time on sports and entertainment sites rather than
news and financial information sites.

One goal of marketing is to create strong relationships between a company and its customers. One-to-one
marketing and usage-based segmentation helps to strengthen companies’ relationships with their customers. A
five-stage model of customer loyalty that is typical of these models are:
 Awareness – customers who recognize the name of the company or one of its products. They know that
the company or product exists, but have not had any interaction with the company.
 Exploration – potential customers learn more about the company or its products. The potential customer
might visit the company’s Web site to learn more, and the two parties will often communicate by telephone
or e-mail.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 59

Informatics 2B

 Familiarity – customers who have completed several transactions and are aware of the company’s
policies regarding returns, credits, and pricing flexibility.
 Commitment – customers develop a fierce loyalty or strong preference for the product or brands of that
company, after experiencing a considerable number of highly satisfactory encounters with a company.
 Separation – over time, the conditions that made the relationship valuable might change. The customer
might be severely disappointed by changes in the level of service provided by the company or product
quality. In this instance, it is best to move customers into the commitment stage as rapidly as possible
and keep them there as long as possible.

This model shows the increase in intensity of the relationship as the customer moves through the first four stages,
but declines on the fifth stage due to termination. However, not all customers go through the full five stages, some
stop at a stage and continue the relationship at that level of intensity or terminate the relationship at that point.
Analysing how customers’ behaviour changes as they move through the five stages can yield information about
how they interact with the company and its products in each stage. These five stages mentioned above are
sometimes called the customer life cycle. Using these stages to create groups of customers that are in each
stage is called life-cycle segmentation.

5.3 The Acquiring, Conversing and Retaining of Customers

The first step is to acquire new visitors. The benefits of acquiring new visitors to a Web site are different for Web
businesses with different revenue models. In the case of an advertising-supported site, they are interested in
attracting as many visitors as possible to the site and keeping them at the site as long as possible. This allows
more advertising messages to more visitors in order for the site to earn a profit. A Web catalogue site charges a
fee for services or supported by subscriptions and attracting visitors to the site in the first step in the process of
turning visitors into customers. The acquisition cost of a Web site is the total amount of money a site spends on
average to draw one visitor to the site.

The second step is to convert those visitors into customers. This step is called conversion. For an advertising-
supported site, conversion happens when a visitor registers at the site or a registered visitor returns to a site several
times. Other conversions occur when the site visitor buys a good or service or subscribes to the site’s content.
The conversion cost is the total amount of money that a site spends, on average, to induce one visitor to make a
purchase, sign up for a subscription or register.

Retained customers are customers who return to the site one or more times after making their first purchase or
first few purchases. The costs of inducing customers to return to a Web site and buy again are called retention
costs.

60 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

The funnel model of customer acquisition, conversion, and retention is used as a conceptual tool to understand
the overall nature of a marketing strategy.

There are various types of advertising campaigns. Print ads that should include the company’s URL. Banner ads
are the dominant advertising format to use on the Web, they are small rectangular object on a Web page that
displays a stationary or moving graphic which will include a hyperlink to the advertiser’s Web site. Text ads are
short promotional messages that do not use any graphic elements. Other Web Ad formats are (1) pop-up ads, (2)
pop-behind ads, (3) interstitial ads, and (4) rich media ads or active ads. Other modes of advertising in recent
years come from the use of mobile apps that includes mobile ads that displays messages from advertisers, other
than from the seller of the app. Some Web sites offer advertisers the opportunity to sponsor all or parts of their
sites; these are called site sponsorships that give advertisers a chance to promote their products, services or
brands in a more subtle way than by placing banner or pop-up ads on the sites.

5.4 E-Mail Marketing

Many businesses like to send e-mails to their customers and potential customers to announce new products, new
product features, or sales on existing products. However, some companies are faced with legal action after
sending out mass emails. One such reason is spam, unsolicited commercial emails or bulk mail. In considering
sending market-related emails to potential customers, it is advisable to get the approval before sending out emails
that will include marketing or promotion messages.

Once such marketing strategy called permission marketing is the practice of sending e-mail messages to people
who request information on a particular topic or about a specific product, this is referred to as opt-in e-mail.

Another means of email advertising is by combining email content, such as articles and news stories related to the
business that the customer has subscribed to, with the advertising content as well. This reduces the issue of spam
and gives the customer an option to read the email as well as click on links to view the products advertised, or just
read the article on the email. Some companies offer e-mail management services, where larger companies can
outsource their e-mail processing operations to an e-mail processing service provider.

The key elements of a brand are (1) differentiation, (2) relevance, and (3) perceived value. Product differentiation
is the first condition that must be met to create a product or a service brand. This product must be clearly
distinguished from all others in the market. The second element of branding is relevance. Relevance is the degree
to which the product offers utility to a potential customer. The third branding component is perceived value, this is
a key element in creating a brand that has value. Perceived value refers to the customer’s perceived value of the
product.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 61

Informatics 2B

5.5 Selling to Businesses online

An important characteristic of purchasing, logistics, and support activities is flexibility. A purchasing or logistics
strategy that works one year, may not work the next. A few purchasing and logistics terms to consider are:
1. Outsourcing
2. Offshoring
3. impact sourcing

Outsourcing is the use of other organizations to perform specific activities. Offshoring is when the outsourcing is
done by organizations in other countries. Offshoring that is done by or through not-for-profit organizations who
use the business activity to support training or charitable activities in less developed parts of the world are known
as impact sourcing or smart sourcing.

Procurement is the acquisition of goods or services that is favourable and is procured at the best possible cost to
meet the needs of the purchaser. Procurement is not the same as purchasing. While purchasing only involves:
1. Identifying and evaluating vendors,
2. Selecting specific products
3. Placing of orders
4. Resolving any issues arising after receiving the ordered goods or services, procurement includes
functions of purchasing as well as functions of tendering, acquisitions, storage, and disposals.

Tendering, where the purchasing staffs identifies qualified vendors and asking them to prepare bids that described
what they would supply and how much they would charge and select the lowest bid that would meet the quality
standards for the component. Acquisition is the acquiring of the goods, taking into consideration the quality of the
goods, the quality of the delivery service and the reputation of the supplier. Storage is to house the goods being
acquired in bulk for daily purposes, or as and when convenient. Disposals for goods that are no longer in use and
can be auctioned off or given to the needy organization.

The objective of logistics is to provide the right goods in the right quantities in the right place at the right time.
Businesses need to ensure that the products they sell to customers are delivered on time and that the raw materials
they buy from vendors and use to create their products arrive when needed. In other words, logistics has to do
with delivery service. The activities involved in logistics include:
1. Managing the inbound movements of materials and supplies
2. The outbound movements of finished goods and services
3. Receiving
4. Warehousing
5. Controlling inventory
6. Scheduling and controlling vehicles
7. Distributing finished goods
62 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

The Web and the Internet provides an increasing number of opportunities to manage these activities better as they
lower transaction costs and provides constant connectivity between firms engaged in logistics management.
Activities that support all of a business’s processes include:
1. Finance and administration tasks
2. The operation of human resources
3. Technology development activities.

The Network Model of Economic Organization in Purchasing is a common trend of today. In a network
organization, more businesses are providing new tools to their Procurement departments to negotiate with supplies
with the possibility of forming strategic alliances. In such a network model of economic organizations, a buying
firm might enter into an alliance with a supplier to develop new technology that will reduce overall product costs;
the technology development might be done by a third firm using research conducted by a fourth firm. Such a trend
can work very efficiently on the Web.

Electronic Data Interchange is a computer-to-computer transfer of business information between two businesses
that uses a standard format of some kind. These two business exchanging information are known as trading
partners. The exchange of information between B2B transactions are invoices, purchase orders, requests for
quotations, bills of lading, and receiving reports accounts.

The implementation of EDI is complicated even in a fairly simple business situation. To make a purchase using
the paper-based system, the buyer and vendor do not use any integrated software for their internal business
processes, rather their information processing is produced with paper document that must be delivered to the
department handling the next step. Information transfer between the buyer and vendor is also paper based and
can be delivered by mail, courier, or fax.

With the EDI purchasing process, there is no mail service but rather a data communications of an EDI network and
the flow of paper are replaced with computers running EDI translation software. The advantages of the EDI process
to the paper-based process are that EDI reduces paper flow and streamlines the interchange of information among
departments within a company and between companies. The key elements that alter the process are the EDI
network (instead of the mail service) that connects the two companies and the two EDI translator computers that
handle the conversion of data from the formats used internally by the buyer and the vendor to standard EDI
transaction sets.

There are two basic approaches to implementing the EDI network and EDI translation processes. One way is the
direct connection EDI where each on-site EDI translator computers are connected directly to each other using
leased telephone lines. While with an indirect connection EDI, the second way, an EDI transaction set is sent to
the a trading partner through a VAN (Value Added Network) customer which connects to the VAN using a
dedicated or dial-up telephone line and then forwards the EDI-formatted message to the VAN. The VAN logs the
message and delivers it to the trading partner’s mailbox on the VAN computer.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 63

Informatics 2B

The VAN has a few advantages:

 Users need to support only the VAN’s one communications protocol instead of many possible protocols
used by trading partners.
 The VAN can provide translation between different transaction sets used by trading partners.
 The VAN can perform automatic compliance checking to ensure that the transaction set is in the specified
EDI format.
 The VAN records message activity in an audit log.

However, one great disadvantage to VAN is its cost. VANs used to use leased telephone lines to connect to their
customers. However, now, with the use of Internet, the cost of using a VAN has decreased, somewhat.

Many companies use strategic alliances, partnerships and long-term contracts to create relationships with other
companies in the supply chains for the products that they manufacture or sell. These relationships (1) with
suppliers helping their customers develop new products, (2) specify product features, (3) refine product
specifications, and (4) identify needed product improvements. When companies integrate their supply
management and logistics activities across multiple participants in a particular product’s supply chain, the job of
managing that integration is called supply chain management. Their ultimate goal is to achieve a higher-quality
or lower-cost product at the end of the chain. Businesses engaged in supply chain management work to establish
long-term relationships with a small number of very capable suppliers. These suppliers (tier-one suppliers)
develop long-term relationships with a larger number of suppliers (tier-two suppliers) that provide components
and raw materials to them, manage relationships with the next level of suppliers (tier-three suppliers) that
provides them (tier-two suppliers) with components and raw materials.

With the uses of Internet and a Supply Chain management-related software, members of the supply chain can
review past performance, monitor current performance, and predict when and how much of certain products need
to be produced. The advantages of using Internet technologies in supply chain management are:
 Share information about changes in customer demand
 Receive rapid notification of product design changes and adjustments
 Provide specifications and drawings more efficiently
 Increase the speed of processing transactions
 Reduce the cost of handling transactions
 Reduce errors in entering transaction data
 Share information about defect rates and types
The disadvantage of using Internet technologies in supply chain management, however, is the cost of the
technologies. However, the advantages listed above provide value that greatly exceeds the cost of implementing
and maintaining the technologies.

64 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

5.6 Summary
 The four P’s of marketing are Product, Price, Promotion and Place.
 The Product-Based Marketing strategy is a strategy that businesses think in terms of the products and
services they sell.
 The Customer-Based Marketing strategy is a strategy that businesses think in terms of the differing needs
of the various types of customers.
 The first step in selling to customers on the Web is to identify groups of potential customers.
 Communicating with potential customers over the Web offers many advantages of personal contact selling
and many of the cost savings of mass media.
 Social media is a general terms used for Web sites such as Facebook and Twitter and is a great benefit as
an online communication technology.
 After identifying potential customers, the next step is to target those specific customers in different ways at
different times.
 There are three types of visitor modes (1) browsing mode, (2) buying mode, and (3) shopping mode.
 Electronic commerce improves business processes such as purchasing and logistics primary activities and
all of the processes related to their support activities.
 Purchasing activities includes identifying and evaluating vendors, selecting specific products, placing orders
and resolving any issues that arise after receiving the ordered goods or services.
 The activities of supply chain are to design, produce, promote, market, deliver, and support each individual
component of that product or service.
 Procurement includes all purchasing activities, plus the monitoring of all elements of purchase transactions,
as well as managing and developing relationships with key suppliers.

5.7 Review Questions:

1. List and define the four P’s of marketing.
2. What is the Product-Based Marketing strategy?
3. How is it different from the Customer-Based Marketing strategy?
4. What is market segmentation?
5. What are the differences between the three categories of market segmentation?
6. What are the differences between behavioural segmentation and usage-based market segmentation?
7. List and define the five stages of customer loyalty?
8. What are the three different ways to arrange for other Web sites to display the company’s banner ads?
9. Define the key elements of a brand.
10. What are the advantages and disadvantages to e-mail marketing?
11. Differentiate between outsourcing, offshoring and impact sourcing?
12. What is EDI and how does it benefit the supply chain management of today?

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 65

Informatics 2B

5.8 Answers to Revision Questions and Activities

Answers to review questions
1. The four P’s of Marketing is Product, Price, Promotion and Place. Product is the physical item or service
that a company is selling. Price is the amount the customer pays for the product. Promotion includes
any means of spreading the word about the product. Place is the need to have products or services
available in many different locations.

2. The product-based marketing strategy is a logical way to think of business because companies spend a
great deal of effort, time, and money to design and create those products and services.

3. A Customer-Based marketing strategy is to build a web site that meets the differing needs of various
types of customers.

4. Market segmentation divides the pool of potential customers into groups or segments of different
customer characteristics, such as agent, gender, marital status, income level and geographic location.

5. Geographic segmentation divides customers based on their geographical location. Demographic

segmentation divides customers based on their religious beliefs, ethnicity, age, gender, family size,
income, or education. Psychographic segmentation divides customers based on their social class,
personality or approach to life.

6. Behavioural segmentation is the dividing of customers based on their behaviour. Usage-based market
segmentation is the dividing of customers based on experiences to match the site usage behaviour
patterns of each visitor or type of visitor.

7. In the awareness stage, a customer recognizes the name of the company or one of its products. In the
exploration stage, a potential customer learns more about the company or its products. In the familiarity
stage, customers have completed several transactions and are aware of the company’s policies regarding
returns, credits, and pricing flexibility. In the commitment stage, customers develop a fierce loyalty or
strong preference for the products or brands of that company. In the separation stage, the customer
might be severely disappointed by changes in the level of service (either as provided by the company or
as perceived by the customer) or product quality.

8. The first is to use a banner exchange network, which coordinates sharing so other sites will run one
company’s add while the company’s site runs other exchange members’ ads. The second way is to find
Web sites that appeal to one of the company’s market segments and then pay those sites to carry the
ads. The third way is to use a banner advertising network, to broker the carrying of their ads between
advertisers and Web sites.

66 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

9. The three key elements of a brand are differentiation, relevance and perceived value. Differentiation or
product differentiation is the first condition in which a product must be distinguished from all others in the
market. The second element is relevance, the degree to which the product offers utility to a potential
customer. The third element is perceived value, which is the customers’ perceived value of a product.

10. The advantages of email marketing are (1) that you can target a great amount of customers and potential
customers through the Web, (2) there is cost savings in email marketing as opposed to paper-based
marketing, (3) businesses can also announce new products, new product features or sales on existing
products. The disadvantages of email marketing are (1) to customers, they may have not requested to
receive such emails, (2) to the companies, they can be faced with legal action by sending out mass emails.

11. Outsourcing is when a company gives specific activities to other organizations to perform. Offshoring is
when a company gives specific activities to other organizations in other countries. Impact sourcing is
when offshoring is done by or through not-for-profit organizations that use the business activity to support
training or charitable activities in less developed parts of the world.

12. EDI (Electronic Data Interchange) is the exchange of data in specific standard formats. With EDI, the EDI
network replaces the old mailing service, and the EDI translator computers handle the conversion of data
from the formats used internally by the buyer and the vendor to standard EDI transaction sets.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 67

 Informatics 2B

Unit
6: Social networks

68 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

6.1 Introduction  Introduce topic areas for the unit

6.2 Virtual Communities  Understand the concept of virtual community

6.3 Early Web Communities  Display knowledge on a web chat room

6.4 Social Networking Emerges  Provide a definition and examples of a social networking
site

6.5 Web Logs (Blogs)  Define LinkedIn and discuss how it differs from other
social networking sites

6.6 Social networking Web sites for  Be knowledgeable on an idea-based social network
shoppers

6.7 Virtual Learning Networks  Explain the use of social networking in education

6.8 Microlending Sites  Analyse how a social network generates revenue for a
business

6.9 Mobile commerce  Have an understanding of mobile commerce and auction

basics
6.10 Auction Basics

6.11 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 69

Informatics 2B

6.1 Introduction
In unit 4, you learned how businesses use the web to create online identities to reach customers, sell products and
services. In chapter 5, you learned how businesses and individuals use the web to purchase goods, and work with
their suppliers more effectively. In this chapter, you will learn how companies are using the web to do things they
have never done before: the web makes it possible for people to form online communities that are not limited by
geography. Individuals and companies can meet online and discuss issues, share information and develop
valuable relationships.

The Internet reduces transaction costs in value chains and offers efficient means of communication. Combining
the Internet's transaction cost-reduction potential with its role as a facilitator of communication among people has
led companies to develop new ways of making money on the Web by serving as relationships facilitator.

6.2 Virtual Communities

A virtual community, also called Web community or online community, is a gathering place for people and
businesses that does not have a physical existence. Virtual communities began online even before the Internet
was in general use. Bulletin Board Systems (BBS) were computers that allowed users to connect through
modems to read and post messages in a common area, or electronic bulletin board. Many BBS were free, while
others charged a monthly membership fee. Other discussion board services that followed were provided by
Compuserv, Prodigy and Genie. These companies generated income by charging a monthly fee and selling
advertising. Usenet groups were another early type of virtual community. It was a set of interconnected computers
to store information on specific topics.

Today, Web chat rooms and sites devoted to specific topics or the general exchange of information, photos, or
videos form virtual communities. This social interaction can lead to relationships similar to those that occur in
physical communities.

6.3 Early Web Communities

One of the first Web communities was WELL (whole earth ‘lectronic link), which predates the Web. It began in
1985 as a series of BBS dialogues. Members of WELL paid a monthly fee to participate in its forums and
conferences.

As the Web emerged in the mid-1990’s, its potential for creating new virtual communities was quickly exploited. In
1995, Beverly Hills Internet opened a virtual community site that featured two Webcams. Members were given
free space on the site to create their own web pages. The Webcams never did attract much traffic. As the site
grew, it changed its name to GeoCities and earned revenue by selling advertising that appeared on members'
Web pages and pop-up pages that opened whenever visitors accessed a member's site. Geocities grew rapidly
and was purchased in 1999 by Yahoo! for $5 billion. Yahoo! operated the site for ten years before closing it in
2009.
70 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

Tripod was founded in 1995 in Massachusetts and offered its participants free Web page space, chat rooms, news
and weather updates, and health information pages. Tripod sold advertising on its main pages and on participants'
Web pages. Theglobe.com also began in 1995 as a class project at Cornel University. The site included bulletin
boards, chat rooms, discussion areas, and personal ads. Theglobe.com sold advertising to support the site's
operation.

6.4 Social Networking Emerges

These Web sites, designed to facilitate interactions among people are called social networking sites. A social
networking site is a Web site that allows individuals to create and publish a profile, create a list of other users with
whom they share a connection (or connections), control that list, and monitor similar lists made by other users.
One of the first sites, Six Degrees, started in 1997. Six Degrees was based on the idea that no more than six
persons separated anyone in the world from any other person. This site was unable to generate sufficient revenue
to continue operations and closed in 2000.

More successful social networking sites followed later. Friendster, founded by Jonathan Abrams in 2002, was the
first Web site to include most of the features found today in all social networking sites. Not long afterwards,
Friendster faced competition from new U.S. social networking sites such as MySpace, Tribe.net and, of course,
Facebook. In Asia, local language social networking sites such as GREE and mixi in Japan and QQ.com and
Renren in China eroded Friendster's early successes. Orkut (named after the Google employee who developed
the site in 2004) never really caught on in the United States, but became the top social networking site in Brazil
and India.

LinkedIn, devoted to facilitating business contacts, was founded in 2003 and allows users to create a list of trusted
business contacts. Users then invite others to participate in several forms of relationships on the site, each is
designed to help them either find jobs, find employees, or develop connections to business opportunities. LinkedIn
has become the most popular business-focused social networking site in the world.

Other social networking sites have been successful in their own way. Some sites have developed specific features
for example, YouTube (now owned by Google) popularized the inclusion of videos in social networking sites, and
has become a popular social networking site for younger Web users. Twitter offers users a way to send short
messages to other uses who sign up to follow their messages (called tweets). In 2001-Google introduced Google+,
a new social networking site to compete with Facebook, which it identified as its primary competition.

The following diagram shows the emergence of social media sites through the years:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 71

Informatics 2B

The general idea behind all of these sites is that people are invited to join by existing members who think they
would be valuable additions to the community. The site provides a directory that lists members' locations, interests,
and qualities; however, the directory does not disclose the name or contact information of members. A member
can offer to communicate with any other member, but the communication does not occur until the intended recipient
approves the contact (usually after reviewing the sender's directory information).

The expansion of social networking sites into all corners of the world continues as we enter into the third wave of
electronic commerce. In 2008, Google moved orkut's headquarters to Brazil to acknowledge the location of its
primary audience. Successful social networking sites in local languages have emerged in many countries, such as
Germany (Xing), the Netherlands (Hyves), Russia (Kontakte and Odnsktassniki), and Spain (Tuenti).

6.5 Web Logs (Blogs)

Web logs, or blogs, are Web sites that contain commentary on current events or specific issues written by
individuals. Many blogs invite visitors to add comments, which the blog owner may or may not edit. Because blog
sites encourage interaction among people interested in a particular topic, they are considered a form of a social
networking site. Sites such as twitter are considered to be micro blogs because they function as a very informal
blog site with entries (messages or tweets) that are limited to 140 characters in length.

Most of the early blogs were focused on technology topics or on topics about which people have strong beliefs (eg.
for political or religious issues). These sites allowed people to discuss issues, plan strategies, and even arrange
in-person meetings called meetups. By the 2008 U.S elections, all of the major candidates were using blogs,
microblogs, and social networking activities as essential tools for communicating their messages, organizing
volunteers and raising money.

After seeing the success of blogs, microblogs, and social networks as political networking tools, many retailers
embraced these tools as a way to engage Web site visitors who were not ready to buy from the site, but who were
interested in the products or services offered. Marketing and supply chain managers also saw the benefits of these
social networking activities in enhancing their B2B relationships. Companies included blogs to discuss uses and
technical specifications issues regarding the products or services offered for sale.

72 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

CNN was a pioneer in including information from blogs and microblogs in its television newscasts. Other
broadcasters and newspapers now incorporate blogs and social networking features in their Web sites.
Newspapers of all sizes would rather run a blog with reader contributions tied into microblogs and social networking
sites than pay reporters to write stories about events or issues that would interest only a small segment of their
readership. This trend towards having readers help write online news is called participatory journalism. Blogs
can become a business in themselves if they can generate financial support through fees or advertising.

6.6 Social networking Web sites for shoppers

The practice of bringing buyers and sellers together in a social network to facilitate retail sales is called social
shopping. One of the first of these was craigslist, created in 1995 by a WELL member Craig NewMark. The Etsy
Web site provides a marketplace for people who want to sell handmade items. The sense of community is so
strong that a separate site, We Love Etsy, exists to provide a place for Etsy buyers and sellers to share information.
Idea Based Social Networking

Other Web sites create communities based on the connections between ideas. These more abstract communities
are called idea-based virtual communities and the people who participate in them are said to be engaging in
idea-based networking. The del.icio.us site calls itself a "social bookmarks manager." Individuals place Web
page bookmarks with word tags that describe the Web page in a community-accessible location on the site.
Another idea-based virtual community that uses shared tags is 43Things.

6.7 Virtual Learning Networks

Another form of social network is the virtual learning network. Many colleges and universities now offer courses
that use distance learning platforms such as Blackboard for student-instructor interaction. These distance learning
platforms include tools such as bulletin boards, chat rooms, and drawing boards that allow students to interact with
their instructors and each other in ways that are similar to the interactions that might occur in a physical classroom
setting.

Some open-source software projects are devoted to the development of virtual learning communities, including
Moodle, Sakai and uPortal. Open source software is developed by a community of programmers who make the
software available for download at no cost. Other programmers then use the software, work with it, and improve it.
Those programmers can submit their improved versions of the software back to the community. Open source
software is an early and successful example of a virtual community. You can learn more about open-source
software at Open Source Initiative Web site.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 73

Informatics 2B

Revenue Models for Social Networking Site

By the late 1990s, virtual communities were selling advertising to generate revenue. Search engine sites and Web
directories were also selling advertising to generate revenue. Beginning in 1998, a wave of purchases and mergers
occurred among these sites. The new sites that emerged still used an advertising-only revenue-generation model.

Advertising-Supported Social Networking Sites

Visitors spend a greater amount of time at portal sites than they do at most other types of Web sites, which is
attractive to advertisers. Smaller social networking sites that have a more specialized appeal can draw enough
visitors to generate significant amounts of advertising revenue, especially compared to the costs of running such
a site.

Sites that have higher numbers of visitors can charge more for advertising on the site. You also learned that
stickiness (a Web site's ability to keep visitors on the site and attract repeat visitors) is also an important element
of a site’s attractiveness to advertisers. One rough measure of stickiness is how long each user spends at the site.

Owner Millions of unique visitors Average time per unique visitor

per month (H:MM)

Google 379 3:43

Microsoft 316 2:20

Facebook 301 6:21

Yahoo! 235 2:30

Wikimedia 156 0:13

eBay 134 1:16

InteractiveCorp 132 0:11

Amazon.com 129 0:27

Apple Computer 117 1:58

AOL, Inc. 103 3:31

Reproduced from Schneider

Because social networking sites often ask their members to provide demographic information about themselves,
the potential for targeted marketing on these types of sites is very high. High visitor counts can yield high advertising
rates for these sites. Web sites with high degrees of stickiness (which were usually Web portals) could obtain up-
front cash payments from advertisers. In recent years, all types of social networking sites have negotiated
advertising deals that include a percentage of sales generated from sales leads on their sites.

74 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Mixed-revenue and fee-for-service social networking sites

Although most social networking sites use advertising to support their operations, some do charge a fee for some
services. For example, the Yahoo! Web portal offers most of its services free (supported by advertising), but it does
sell some of its social networking features, such as its All-Star Games package. Yahoo! also sells other features,
such as more space to store messages and attached files, as part of its premium e-mail service. These fees help
support the operation of the social networking elements of the site.

Yahoo! uses a strategy called monetizing eyeballs or monetizing visitors. Other social networking sites that use
a mixed-revenue model are the financial information sites, The Motley Fool and TheStreet.com. These sites offer
investment advice, stock quotes, and financial planning help. Some of the information is provided at no cost,
additional information is available to subscribers who pay no fee but even more information is available to
subscribers who agree to pay a fee.

Fee-Based Social Networking

An early attempt to monetize social networking by charging a fee for a specific service was the Google Answers
site. Google Answers gave people a place to ask questions that were then answered by an expert (called a Google
Answers Researcher) for a fee. Similar services operated by Yahoo! (Yahoo! Answers) and Amazon (Askville)
allow volunteers to answer questions, but provide no opportunity for researchers to earn fees. These services do
generate advertising revenue for the sites, however.

After Google closed its service, a number of the people who had been Google Researchers joined together and
started a similar service on the site Uclue. Researchers earn 75 percent of the total fee paid to Uclue.

6.8 Microlending Sites

Microlending is the practice of lending very small amounts of money to people who are starting or operating small
businesses, especially in developing countries. A key element of microlending is working within a social network
of borrowers. The borrowers provide support for each other and an element of pressure to ensure the loans are
repaid by each member of the group. Kiva and MicroPlace are examples of social networking sites that bring
together many small investors who lend money to groups and individuals all over the world who need loans to start
or continue their small business ventures. Lenders can review the loan requests and agree to fund part (or all) of
the loan amount using the Kiva Web site.

Internal Social Networking

A large number of organizations have built internal Web sites that provide opportunities for online interaction among
employees. These sites include important information for employees, and run on the intranets. Organizations have
saved amounts of money by replacing the printing and distribution of paper memos, newsletters, and other
correspondence with a Web site. Internal social networking pages also provide easy access to employee

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 75

Informatics 2B

handbooks, newsletters, and employee benefits information. Internal social networking Web site can become a
good way of fostering working relationships among employees who are dispersed over a wide geographic area.
Many companies are adding wireless connectivity to their internal community sites and are using this technology
to extend the reach of the site to employees who are traveling, meeting with customers or suppliers, or
telecommuting. The use of mobile technology is becoming an important part of almost every social networking
business strategy as people use their mobile phones to do everything from taking photos that they will post on
Facebook to send tweets to their followers on Twitter.

6.9 Mobile commerce

Virtually all phones sold today include short messaging services (SMS), which allow users to send short text
messages to each other. However, two developments coincided in the U.S in 2008 that made these phones more
viable as devices for browsing the Web. First, high-speed mobile telephone networks grew dramatically in
availability, and second, manufacturers began offering a wide variety of smart phones that include a Web browser
(and a screen large enough to make it usable), an operating system, and the ability to run applications on that
operating system. In this section, you will learn about the impact of this confluence of technologies on the potential
for online business using these devices, called mobile commerce (m-commerce).

Mobile Operating Systems

NTT DoCoMo, which is the largest phone company in Japan, pioneered mobile commerce in 2000 with its i-mode
service. Starting with the sale of games and other programs that run on the phones, NTT DoCoMo has been a
leader in expanding mobile commerce, including online shopping and payments. These smart phones such as
Apple iPhone, the Palm Pre, several Blackberry models, and phones that use Android operating system opened
the door for serious U.S mobile commerce the first time.

Some smart phones and wireless PDAs display Web pages using the Wireless Application Protocol (WAP).
WAP allows web pages formatted in HTML to be displayed on devices with small screens, such as mobile phones.
Another approach is to display a normal Web page on the device. The iPhone was one of the first devices to
include touch screen controls that make viewing and navigating a normal web page easy to do on a small handheld
device. A third approach is to design Web sites to match specific smart phones. The most common third-party
operating systems are Android, Windows Phone, and Symbian. The most popular and fastest growing third-
party operating system is Android, which was developed by Google. Android is open source which allows smart
phone manufacturers to use it at no cost.

Most carriers will void the warranty on a phone if the user has modified the operating system in any way, although
some users with technical skills do so. Modifying Apple iPhone's operating system is called jailbreaking the phone.
Modifying an Android ‘s operating system is called rooting the phone.

76 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Mobile Apps
Apple allowed independent developers to create apps and sell them through their Apps for iPhone store.
BlackBerry and Palm have followed Apple's lead and now have app stores of their own (Blackberry App World and
Palm Pre Applications). The open source Android and Symbian phones also have software developers creating
apps for them (Android Market and SymbiamGear).

A number of apps do nothing more than provide a quick gateway to a company's Web site. Some mobile app
sellers include an advertising element in their revenue models. These apps include mobile ads that display
messages from advertisers. Some apps include advertising that appears on a part of the screen or as a separate
screen that must be clicked through to get to the app. The advertising space on mobile apps is sold in the same
way that banner advertising is sold. Most app development is done by trained programmers; however, there are
tools such as Swebapps and App Inventor that provide a point-and-click interface for building simple apps.

Tablet Devices
Tablet devices can be connected to the Internet through a wireless phone carrier's service or through a local
wireless network. Most tablet devices can use both access modes and can switch between them. Apple's iPad
tablet devices run the company's proprietary iOS operating system. Most other manufacturers' tablet devices run
the Android operating system. Because tablet devices' screens are larger, they are more likely to be used than
smart phones to buy consumer products (most purchases completed on smart phones are for digital products such
as music, videos, or apps).

Mobile Payment Apps

Since 2004, NTT DoCoMo has been selling mobile phones that function as credit cards. Although the individual
applications on DoCoMo phones are not overwhelming, their combined capabilities generate a significant amount
of business. Mobile phone apps allow them to be used to make payments. In countries where few people have
credit cards, the convenience of using a mobile phones for payments has been very attractive as payment devices.

Online auctions
In many ways, online auctions provide a business opportunity that is perfect for the Web. An auction site can
charge both buyers and sellers to participate, and it can sell advertising on its pages. One of the Internet's strengths
is that it can bring together people who share narrow interests but are geographically dispersed. Online auctions
can capitalize on that ability by either catering to a narrow interest or providing a general auction site that has
sections devoted to specific interests.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 77

Informatics 2B

6.10 Auction Basics

In an auction, a seller offers an item or items for sale, but does not establish a price. This is called "putting an item
up for bid" or "putting an item on the (auction) block. Potential buyers are given information about the item or some
opportunity to examine it; they then offer bids, which are the prices they are willing to pay for the item. The potential
buyers, or bidders, each have developed private valuations, or amounts they are willing to pay for the item. The
whole auction process is managed by an auctioneer. In some auctions, people employed by the seller or the
auctioneer can make bids on behalf of the seller. These people are called shill bidders. Shill bidders can artificially
inflate the price of an item and may be prohibited from bidding by the rules of a particular auction.

Online Auctions and Related Businesses

The online auction business is changing rapidly as it grows. Three broad categories of auction Web sites have
emerged:
1. General consumer auctions
2. Specialty consumer auctions
3. Business-to-business auctions
Analysts believe that a more appropriate term for the electronic commerce that occurs in general consumer
auctions is consumer-to-consumer.

General Consumer Auctions

The most successful consumer auction Web site today is eBay. Sellers and buyers must register with eBay and
agree to the site's basic terms of doing business. Sellers pay eBay a listing fee and a sliding percentage of the
final selling price. The eBay English auction allows the seller to set a reserve price. It also allows sellers to specify
that an auction be made private. In an eBay private auction, the site never discloses bidders' identities and the
prices they bid. At the conclusion of the auction, eBay notifies only the seller and the highest bidder. All eBay
auctions have a minimum bid increment, the amount by which one bid must exceed the previous bid, which is
about 3 percent of the bid amount.

To attract sellers who frequently offer items or who continually offer large numbers of items, eBay offers a platform
called eBay stores within its auction site. At a very low cost, sellers can establish eBay stores that show items for
sale as well as items being auctioned.

Competition in General Consumer Auctions

eBay has been so successful because it was the first major Web auction site for consumers that did not cater to a
specific audience and because it advertises widely. Because one of the major determinants of Web auction site
success is attracting enough buyers and sellers to create markets in many different items, some Web sites that
already have a large number of visitors entered the general consumer auction business. Yahoo! created an
auction site patterned after eBay. Yahoo! had some early success in attracting large numbers of auction
participants in part because it offered its auction service to sellers at no charge.

78 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Amazon.com also added a general consumer auction to its list of products and services. Unlike eBay, which was
profitable from the start, Amazon took seven years to earn its first small profits from all of its businesses. One way
that Amazon attempted to compete with eBay was through its "Auctions Guarantee.”

Specialty Consumer Auctions

A number of firms have decided to identify special-interest market targets and create specialized Web auction sites
that meet the needs of those market segments. JustBeads.com is one example of an auction site that caters to
buyers and sellers who are geographically dispersed but share highly focused interests. Other specialty consumer
auction sites include Cigarbid.com and Winbid.com. They gain advantage by identifying a strong market segment
with readily identifiable products that are desired by people with relatively high levels of disposable income. Cigars
and wine meet those requirements. These specialized consumer auctions occupy profitable niches, which allows
them to coexist successfully with large general consumer sites, such as eBay.

Business-to-Business Auctions
Business-to-business online auctions evolved to meet a specific existing need. Many manufacturing companies
periodically need to dispose of unusable or excess inventory. Depending on its size, a firm typically uses one of
two methods to distribute excess inventory. Large companies sometimes have liquidation specialists who find
buyers for these unusable inventory items. Smaller businesses often sell their unusable and excess inventory to
liquidation brokers, which are firms that find buyers for these items.

Business-to-Business Reverse Auctions

Businesses have created various types of electronic marketplaces to conduct business-to-business (B2B)
transactions. Many of these marketplaces include auctions and reverse auctions. In industries where a high degree
of competition exists among suppliers, however, reverse auctions can be an efficient way to conduct and manage
the price bidding that would occur in that market.

6.11 Summary
 A virtual community, also called Web community or online community, is a gathering place for people
and businesses that does not have a physical existence.

 Web sites which are designed to facilitate interactions among people are called social networking sites.

 Web logs, or blogs, are Web sites that contain commentary on current events or specific issues written by
individuals.

 Micro blogs function as a very informal blog site with entries (messages or tweets) that are limited to 140
characters in length.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 79

Informatics 2B

 After seeing the success of blogs, microblogs, and social networks as political networking tools, many retailers
embraced these tools as a way to engage potential customers.

 Marketing and supply chain managers also saw the benefits of these social networking activities in enhancing
their B2B relationships.

 Participatory journalism is where readers help to write online news.

 The practice of bringing buyers and sellers together in a social network to facilitate retail sales is called social
shopping.

 A virtual learning network is a social network which is focused on education.

 Social networking site utilize various revenue models such as:

o Advertising

o Fee-for-service

o Mixed revenue

 Mobile commerce is the use of mobile devices such as smart phones and tablet PC’s to buy and sell goods
and services online.

 Online auction sites are sites where individuals and businesses put up products to be sold via auctions which
are similar to online auctions.

 Three broad categories of auction Web sites have emerged:

o General consumer auctions: these are general consumer auctions that do not cater to a specific
audience; they sell just about anything, and appeal to a very wide market.

o Specialty consumer auctions: these are online auctions which identify special-interest market targets and
conduct specialized Web auctions that meet the needs of those market segments.

o Business-to-business auctions: these are auctions where businesses put up items for sale to other
businesses. A typical scenario where this is useful is where a manufacturer has an excess of certain
product, and wishes to liquidate it. The excess products are put on auction, and businesses which are
interested may bid for it.

6.12 Review questions

1. Explain what a virtual community is.

2. What is a web chat room?

3. What is a social networking site? Provide 3 examples of social networking sites

4. What is LinkedIn, and how does it differ from other social networking sites?

80 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

5. What is idea-based social networking? Provide an example of an idea-based social networking site.

6. How is social networking being used for education?

7. Like any business, a social network has to generate revenue in order to be sustainable. Discuss the revenue
models that social networks utilize.

6.13 Answers to Revision Questions and activities

Answers to review questions
1. A virtual community, also called Web community or online community, is a gathering place for people and
businesses that does not have a physical existence.

2. A web chat room is a web site where people with similar interests come together to chat and exchange ideas
via instant messaging, audio and video chatting.

3. Web sites which are designed to facilitate interactions among people are called social networking sites.
Examples of social networking sites are: Google+, Facebook and LinkedIn.

4. LinkedIn is a social networking site for professionals and business people. It provides professionals and
business to network with others for the sake of forging business relationships or to find good jobs. LinkedIn is
different than other social networking sites in that it's designed solely for the purpose of professional networking.

5. Web sites that create communities based on the connections between ideas are called idea-based social
networks. An example of this is del.icio.us.

6. Many distance learning colleges and educational institutes provide distance learning platforms which include
tools such as bulletin boards, chat rooms, and drawing boards that allow students to interact with their
instructors and each other in ways that are similar to the interactions that might occur in a physical classroom
setting. This has proved extremely successful in providing education to learners in remote areas.

7. Social networking site utilize various revenue models such as:

a. Advertising: advertisers pay a fee to have their banner adverts appear on the social network’s pages.

b. Fee-for-service: some social networks provide some basic services for free, but charge a fee for their advanced
services.

c. Mixed revenue: this is a combination of the above two models, where sites display adverts for revenue but also
charge a fee for services.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 81

 Informatics 2B

Unit
7: Online Payment Systems

82 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

7.1 Introduction  Introduce topic areas for the unit

7.2 Online payment basics  Understand micropayments

 Display knowledge on the payment methods

 Understand the benefits of payment cards

7.3 Mobile banking  Be knowledgeable on electronic cash

 Understand digital wallets and its convenience to its users

7.4 Criminal activity and payment  Understand Phishing and be able to apply countermeasures
systems: Phishing and identity theft

7.5 Phishing attacks

7.6 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 83

Informatics 2B

7.1 Introduction
In 1991, a teenager named Max Levchin emigrated from the Ukraine to the United States. Settling in Chicago,
Levchin had a burning interest in cryptography. Growing up in a Soviet police state convinced him that the ability
to send coded messages that could not be read or intercepted was both important and useful. He majored in
computer science at the University of lllinois and spent many hours at the school's Center for Supercomputing,
pursuing his passion for making and breaking codes. When he graduated in 1998, he wanted to follow the American
dream of turning his knowledge into money, so he headed for the heart of the computer industry in Palo Alto,
California. Levchin's plan to build the ultimate transmission encryption scheme never did pan out, but he managed
to turn his knowledge into a successful business. As cofounder and chief technical officer of Paypal, an online
payment processing company that you will learn about in this chapter, Levchin used his expertise in cryptography
and computer security to protect the firm from losses that could destroy it.

PayPal, founded in 1999, operates a service that lets people exchange money over the Internet. PayPal
immediately carved itself a niche as the most popular payment system for processing auction payments on eBay.
People can also use PayPal to send money to anyone who has an e-mail address, and a growing number of online
stores accept PayPal in addition to (or instead of) credit cards. A number of charities accept donations through
PayPal as well. These uses of Paypal transferring money from one individual to another and as an alternative to
paying by credit card at online stores-have grown rapidly in recent years. PayPal charges very small fees to
business users and no fees at all to individuals, so its profit margins are small. However, it earns these small profit
margins on a very large number of transactions.

One major concern for PayPal is that a single, well-organized, large-scale fraud attack could put the company out
of business. Levchin's contribution to the company's success was his development of payment surveillance
software that continually monitors Paypal transactions. The software searches millions of transactions as they
occur every day and looks for patterns that might indicate fraud. The software notifies PayPal managers
immediately when it finds something suspicious.

The software has worked well. About 1.13 percent of online credit card transactions are fraudulent' a rate that is
much higher than the 0.70 percent experienced in physical stores. Paypal has kept its fraud rate below 0.50
percent. Because PayPal has kept its fraud rate so low, it can charge lower transaction fees than its competitors
and still make a profit. Paypal’s attention to fraud control has given it a competitive advantage over other payment
processors (such as banks) and has allowed it to prosper in a very competitive business

7.2 Online payment basics

An important function of electronic commerce sites is the handling of payments over the Internet. Most electronic
commerce involves the exchange of some form of money for goods or services. As you learned earlier, many
payment transactions between B2B companies are made using electronic funds transfers (EFTs). In this chapter,

84 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

you will learn about a number of online payment alternatives that are available to businesses and individual
consumers for B2C transactions. Online payments vary in both their size and how they are processed.

Micropayments and Small Payments

Internet payments for items costing from a few cents to approximately a dollar are called micropayments.
Micropayment champions see many applications for such small transactions, such as paying 5 cents for an article
reprint or 25 cents for a complicated literature search. However, micropayments have not been implemented very
well on the Web yet. Another barrier to micropayments is a matter of human psychology. Researchers have found
in a number of studies that many people prefer to buy small-value items by making regular fixed-amount payments
rather than by making small payments in varying amounts, even when the small varying payments would cost less
money overall. A good example of this behavior is the preference most mobile telephone users have for fixed
monthly payment plans over charges based on minutes used. The comfort of knowing the exact amount of the
monthly bill is more important to many people than getting the lowest price on the minutes used.

Online payment methods

Cash and cheques are awkward or difficult to use online, so the majority of online payments (worldwide) are made
using credit or debit cards (about 85 percent of the total) with alternative payment systems (predominantly PayPal)
accounting for most of the remainder. Most industry analysts expect that the use of credit and debit cards will
decrease as the use of alternative payment systems grows.

Online payment systems for consumer electronic commerce are still evolving. A number of proposals and
implementations of payment systems currently compete for dominance. Regardless of format, electronic payments
are far cheaper than mailing paper cheques. Electronic payments can be convenient for customers and can save
companies money.

Online businesses must offer their customers payment options that are safe, convenient, and widely accepted.
The key is to determine which choices work the best for the company and its customers.

Payment Cards
Businesspeople often use the term payment card as a general term to describe all types of plastic cards that
consumers (and many businesses) use to make purchases. The main categories of payment cards are credit
cards, debit cards, charge cards, prepaid cards, and gift cards.

A credit card, such as a Visa or MasterCard, has a spending limit based on the user's credit history; a user can
pay off the entire credit card balance or pay a minimum amount each billing period. Credit card issuers charge
interest on any unpaid balance. Many consumers already have credit cards, or are at least familiar with how they
work. Credit cards are widely accepted by merchants around the world and provide assurances for both the
consumer and the merchant.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 85

Informatics 2B

A debit card looks like a credit card, but it works quite differently. Instead of charging purchases against a credit
line, a debit card removes the amount of the sale from the cardholder's bank account and transfers it to the seller's
bank account. Debit cards are also called electronic funds transfer at point of sale (DFTPOS) cards.

A charge card, offered by companies such as American Express, carries no spending limit, and the entire amount
charged to the card is due at the end of the billing period. Charge cards do not involve lines of credit and do not
accumulate interest charges.

Some retailers offer cards that can be redeemed by anyone for future purchases. These prepaid cards are
sometimes used by people who do not want to be tempted by a credit card to purchase more than they can afford.
They can also be used to make small purchases that would be expensive for a merchant to process as credit card
sales. More often, they are given to third parties as gifts. Prepaid cards sold with the intention that they be given
as gifts are called gift cards.

Advantages and Disadvantages of Payment Cards

Payment cards have several features that make them a popular choice for both consumers and merchants in online
and offline transactions. For merchants, payment cards provide fraud protection. When a merchant accepts
payment cards for online payment or for orders placed over the telephone, the merchant can authenticate and
authorize purchases using an interchange network. An interchange network is a set of connections between
banks that issue credit cards, the associations that own the credit cards (such as MasterCard or Visa), and
merchants' banks.

Perhaps the greatest advantage of using payment cards is their worldwide acceptance. Payment cards can be
used anywhere in the world, and the currency conversion, if needed, is handled by the card issuer. For online
transactions, payment cards are particularly advantageous. When a consumer reaches the electronic checkout,
he or she enters the payment card number and his or her shipping and billing information in the appropriate fields
to complete the transaction. The consumer does not need any special hardware or software to complete the
transaction.

Payment cards have one significant disadvantage for merchants when compared to cash. Payment card service
companies charge merchants per-transaction fees and monthly processing, fees. These fees can add up, but
merchants view them as a cost of doing business.

Payment cards provide built-in security for merchants because merchants have a higher assurance that they will
be paid through the companies that issue payment cards than through the sometimes slow direct invoicing process.
To process payment card transactions, a merchant must first set up a merchant account. The series of steps in a
payment card transaction is usually transparent to the consumer.

86 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Payment Acceptance and Processing

Most people are familiar with the use of payment cards. In a physical store, the customer or a sales clerk runs the
card through the online payment card terminal and the card account is charged immediately. In this type of in-
person transaction, customers walk out of the store with purchases in their possession, so charging and shipment
occur nearly simultaneously. Online stores and mail order stores in the United States must ship merchandise within
30 days of charging a payment card. Because the penalties for violating this law can be significant, most online
and mail order merchants do not charge payment card accounts until they ship merchandise.

Processing a payment card transaction online involves two general processes, the acceptance of payment and
clearing the transaction. Payment acceptance includes the steps necessary to determine that the card is valid and
that the transaction will not exceed any credit limit that might exist for the card. Clearing the transaction includes
all of the steps needed to move the funds from the card holder's bank account into the merchant's bank account.
This section outlines the rather detailed steps involved in both of these processes

Open and closed loop systems

In some payment card systems, the card issuer pays the merchants that accept the card directly and does not use
an intermediary, such as a bank or clearinghouse system. These types of arrangements are called closed loop
systems because no other institution is involved in the transaction.

Open loop systems add additional payment processing intermediaries to the structure of a closed loop system.

Merchant accounts
An acquiring bank is a bank that does business with sellers (both Internet and non-Internet) that want to accept
payment cards. To process payment cards for Internet transactions, an online merchant must set up a merchant
account with an acquiring bank.

One type of merchant account is similar to a regular business cheque account; the merchant's acquiring bank
collects credit card receipts on behalf of the merchant from the payment card issuing bank and credits their value,
net of processing fees, to the merchant's account. More commonly, a merchant account is set up to operate as a
credit line rather than as a cheque account. That is, the acquiring bank makes what is essentially a non-interest
bearing loan to the merchant in the amount of the net credit card receipts each day. As the acquiring bank collects
the proceeds of the transactions from the issuing bank, the acquiring bank reduces the balance of the non-interest
bearing loan to the merchant.

Processing payment card transactions

Processing payment card transactions that might be from a debit card or a credit card, that might need open loop
or closed loop processing, or that might even involve the ACH directly is a complex task. Large online businesses

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 87

Informatics 2B

have entire departments of highly skilled employees who build and maintain the systems needed to accomplish
this work.

Midsized online businesses often purchase software (separately or as part of an electronic commerce software
package) that handles the processing, but they must hire skilled employees to manage the system.

Small online businesses often do not have the resources to manage this function in-house, even with purchased
software. They generally rely on a service provider either to assist them in processing payment card transactions
or to handle the entire function for them. These service providers are called payment processing service providers
or payment processors and are usually grouped into two general types:
1. Front-end processors: A front-end processor obtains authorization for the transaction by sending the
transaction's details to the interchange network and storing a record of the approval or denial (a process
which usually takes less than a second). Front-end processors (or the hardware and software that they
use to obtain transaction approvals) are often called payment gateways.
2. Back-end processors: A back-end processor takes the transactions from the front-end processor and
coordinates information flows through the interchange network to settle the transactions. The back-end
processor handles chargebacks and any other reconciliation items through the interchange network and
the acquiring and issuing banks, including the ACH transfers.

Electronic Cash
Although credit cards dominate online payments today, electronic cash shows promise for the future. Electronic
cash (also called e-cash or digital cash) is a general term that describes any value storage and exchange system
created by a private (nongovernmental) entity that does not use paper documents or coins and that can serve as
a substitute for government-issued physical currency. Because electronic cash is issued by private entities, there
is a need for common standards among all electronic cash issuers so that one issuer's electronic cash can be
accepted by another issuer. This need has not yet been met. Each issuer has its own standards, and electronic
cash is not universally accepted, as is government-issued physical currency.

Electronic cash has another factor in its favor: Most of the world's population does not have credit cards. In the
United States, adults who cannot obtain credit cards because they do not earn enough or have past debt problems
and children over the age of 13 but under the age of 18 would benefit from the availability of electronic cash.
Outside the United States, few people hold credit cards because they have traditionally made their purchases in
cash. For them, electronic cash is a more logical next step than credit cards. Despite the many failures of electronic
cash, the idea refuses to die.

Privacy and Security of Electronic Cash

Concerns about electronic payment methods include privacy and security, independence, portability, and
convenience. Consumers want to know whether transactions are vulnerable and whether the electronic currency
can be copied, reused, or forged. Two characteristics of physical currency are important to have in any electronic

88 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

cash implementation. First, it must be impossible to spend electronic cash more than once, just as with traditional
currency. Second, electronic cash should be anonymous, just as currency is. Anonymous electronic cash is
electronic cash that, like bills and coins, cannot be traced back to the person who spent it. The electronic cash
transaction must occur between the two parties only, and the recipient must know that the electronic currency is
not counterfeit or being used in two different transactions at the same time. Perhaps the most important
characteristic of cash is convenience. If electronic cash requires special hardware or software, it is not convenient
for people to use. Chances are good that people will not adopt an electronic cash system that is difficult to use.

Holding Electronic Cash: Online and Offline Cash

Electronic cash can be held in online storage or offline storage. Online cash storage means that the consumer
does not personally possess electronic cash. Instead, a trusted third party, such as an online bank, coordinates all
transfers of electronic cash and holds the consumers' cash accounts. In an online storage system, the merchant
must contact the consumer's bank to receive payment for a purchase. This helps prevent fraud by confirming that
the consumer's cash is valid.

Offline cash storage is similar to money kept in a wallet. The customer holds the electronic cash and no other party
is involved in the transaction. Protection against fraud is still a concern, so either hardware or software must be
used to prevent fraudulent spending or double spending. Double spending is spending a particular piece of
electronic cash twice by submitting the same electronic currency to two different vendors. When the electronic
currency reaches the bank for clearance a second time, it is too late to prevent the fraudulent act.

Advantages and Disadvantages of Electronic Cash

Electronic cash transactions can be more efficient (and therefore less costly) than other methods, and that
efficiency should foster more business, which eventually means lower prices for consumers. Transferring electronic
cash on the Internet costs less than processing credit card transactions. Conventional money exchange systems
require banks, bank branches, clerks, automated teller machines, and an electronic transaction system to manage,
transfer, and dispense cash. Operating this conventional money exchange system is expensive.

Electronic cash transfers occur on the Internet, which is an existing infrastructure that uses existing computer
systems. No distribution method or human oversight is required. Thus, the additional costs that users of electronic
cash must incur are nearly zero. Merchants can pay other merchants in a business-to-business relationship, and
consumers can pay each other. Electronic cash does not require that one party obtain an authorization, as is
required with credit card transactions.

Electronic cash does have disadvantages, however, and they are significant. Using electronic cash provides no
audit trail; that is, electronic cash is just like real cash in that it cannot be easily traced. Because true electronic
cash is not traceable, another problem arises: money laundering. Money laundering is a technique used by

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 89

Informatics 2B

criminals to convert money that they have obtained illegally into cash that they can spend without having it identified
as the proceeds of an illegal activity.

The lack of success seen by electronic cash initiatives in the United States can be blamed in part on the need that
most of these systems had to be installed into consumers' Web browsers. Also, there were a number of competing
technologies and no common standards were developed for all electronic cash systems. Without standards, each
electronic cash alternative required its own installation and procedures, none of which were interoperable.
Interoperable software runs transparently on a variety of hardware configurations and on different software
systems.

Digital Wallets
As consumers are becoming more enthusiastic about online shopping, they have begun to tire of repeatedly
entering detailed shipping and payment information each time they make online purchases. Filling out forms ranks
high on online customers' lists of gripes about online shopping. To address these concerns, many electronic
commerce sites include a feature that allows a customer to store their name, address, and credit card information
on the site. However, consumers must enter their information at each site with which they want to do business. A
digital wallet (sometimes called an electronic wallet or an e-wallet), serving a function similar to a physical wallet,
is an electronic device or software that holds credit card numbers, electronic cash, owner identification, and owner
contact information and provides that information at an electronic commerce site's checkout counter. Digital wallets
give consumers the benefit of entering their information just once, instead of having to enter their information at
every site with which they want to do business. Some industry observers and privacy rights activist groups are
concerned about digital wallets because they give the company that issues the digital wallet access to a great deal
of information about the individual using the wallet.

Software-Only Digital Wallets

Digital wallets that are software-based fall into two categories, depending on where they are stored. A server-side
digital wallet stores a customer's information on a remote server belonging to a particular merchant or wallet
publisher. The main weakness of server-side digital wallets is that a security breach could reveal thousands of
users' personal information to unauthorized parties'. Typically, server-side digital wallets employ strong security
measures that minimize the possibility of unauthorized disclosure.

A client-side digital wallet stores a consumer's information on his or her own computer. A disadvantage of client-
side wallets is that they are not portable. For example, a client-side wallet is not available when a purchase is made
from a computer other than the computer on which the wallet resides. In a client-side digital wallet, the sensitive
information (such as credit card numbers) is stored on the user's computer instead of the wallet provider' central
server. This removes the risk that an attack on a client-side digital wallet vendor's server could reveal the sensitive
information.

90 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Hardware-Based Digital Wallet

The increasing prevalence of smart phones has made them candidates to become hardware-based digital wallets
that can store the owner's identity credentials (such as a driver's license, medical insurance card, store loyalty
cards, and other identifying documents). The smart phone can transmit portions of this identity information
command using its Bluetooth or wireless transmission capability to nearby terminals. Near field communication
(NFC) technology, which allows for contactless data transmission over short distances, can also be used if the
smart phone is equipped with a chip similar to those that have been used on payment cards (such as MasterCard's
PayPass card) for a number of years.

Stored-value cards
Today, most people carry a number of plastic cards-credit cards, debit cards, charge cards, driver's license, health
insurance card, employee or student identification card, and, others. Most of these cards can store information
electronically using either a magnetic strip or a microchip that is embedded into the card.

Magnetic strip cards

Most magnetic strip cards hold value that can be recharged by inserting them into the appropriate machines,
inserting currency into the machine, and withdrawing the card; the card's strip stores the increased cash value.
Magnetic strip cards are passive; that is, they cannot send or receive information, nor can they increment or
decrement the value of cash stored on the card. The processing must be done on a device into which the card is
inserted.

Smart cards
A smart card is a plastic card with an embedded microchip that can store information. Smart cards are also called
stored-value cards. A smart card can store more than 100 times the amount of information that a magnetic strip
plastic card can store. Smart cards are safer than magnetic strip credit cards because the information stored on a
smart card can be encrypted.

Internet technologies and the Banking industry

The largest dollar volume of payments in the world today are still made using paper cheques. These paper cheques
are processed through the international banking system. The other major payment forms in use today also involve
banks in one way or another. This section outlines how Internet technologies are providing new tools and creating
new threats for the banking industry.

Cheque processing
In the past, cheques were processed physically by banks and clearinghouses. When a person wrote a cheque to
pay for an item at a retail store, the retailer would deposit the cheque in its bank account. The retailer's bank would
then send the paper cheque to a clearing house, which would manage the transfer of funds from the consumer's

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 91

Informatics 2B

bank to the retailer's account. The paper cheque would then be transported to the consumer's bank, which might
then send the cancelled cheque to the consumer.

In recent years, many banks have stopped sending cancelled cheques to their consumer account holders to save
postage instead providing access to PDF images of processed cheques to account folders. Despite these savings,
the cost of transporting tons of paper cheques around the country has grown each year. In addition to the
transportation costs, another disadvantage of using paper cheques is the delay that occurs between the time that
a person writes a cheque and the time that cheque clears the person's bank.

7.3 Mobile banking

In recent years, banks have begun to explore the potential of mobile commerce in their businesses. In 2009, a
number of banks launched sites that allow customers using smart phones to obtain their bank balance, view their
account statement, or find a nearby ATM. These sites are specifically designed for the smaller screen size of smart
phones and make interacting with the bank easier than using a smart phone's Web browser to view the bank's
regular site Many banks' future plans include offering smart phone apps that bank customers can use to transact
all types of banking business, including the option of taking a picture of a cheque with the smart phone's camera
and depositing it into their bank accounts electronically. Some vendors offer a tiny credit card reader that can be
attached to a smart phone. When this device is combined with an app that runs on the smart phone, the combined
hardware becomes a highly portable payment processing terminal.

7.4 Criminal activity and payment systems: Phishing and identity theft
Online payment systems offer criminals and criminal enterprises an attractive arena in which to operate. The
average consumers who engage in online payment transactions are easy prey for expert criminals. The large
amounts of money involved make online payment systems tempting targets.

7.5 Phishing attacks

The basic structure of a phishing attack is fairly simple. The attacker sends e-mail messages to a large number of
recipients who might have an account at the targeted Web site. The e-mail message tells the recipient that his or
her account has been compromised and it is necessary for the recipient to log into the account to correct the
matter. The e-mail message includes a link that appears to be a link to the login page of the Web site. However,
the link actually leads the recipient to the phishing attack perpetrator's Web site, which is disguised to look like the
targeted Web site. The unsuspecting recipient enters his or her login name and password, which the perpetrator
captures and then uses to access the recipient's account. Once inside the victim's account, the perpetrator can
access personal information, make purchases, or withdraw funds at will.

When the e-mails used in a phishing expedition are carefully designed to target a particular person or organization,
the exploit is called spear phishing. The spear phishing perpetrator must do considerable research on the

92 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

intended recipient, but by obtaining detailed personal information and using it in the e-mail, the perpetrator can
greatly increase the chances that the victim will open the e-mail and click the link to the phishing Web site. Spear
phishers have launched attacks against employees of specific companies that include jargon and acronyms that
are frequently used in the company or its industry. By using familiar language and terms, the spear phisher gains
the victim's trust and is more likely to convince the victim to click the phishing link.

Using phishing attacks for identity theft

Many perpetrators of phishing attacks are individuals working alone. However, the large amounts of illegal revenue
that can be generated by combining phishing attacks with identity theft have drawn the attention of highly structured
groups of criminals whose members possess a variety of specialized skills.

Organized crime, also called racketeering, can be defined as unlawful activities conducted by a highly organized,
disciplined association for profit. The associations that engage in organized crime are often differentiated from less
organized groups such as gangs and from organized groups that conduct unlawful activities for political purposes,
such as terrorist organizations. Organized crime associations have traditionally engaged in criminal activities such
as drug trafficking, gambling, money laundering, prostitution, pornography production and distribution, extortion,
truck hijacking, fraud, theft, and insider trading. Often these activities are carried out simultaneously with legitimate
business activities, which provide cover for the illegal activities.

Identity theft is a criminal act in which the perpetrator gathers personal information about a victim and then uses
that information to obtain credit. After establishing credit accounts, the perpetrator runs up charges on the accounts
and then disappears.

Phishing attack countermeasures

Several groups are working on ways to improve the Internet's mail transport protocols so that spam senders can
be identified. Because spam is a key element of phishing attacks, any protocol change that improves e-mail
recipients, ability to identify the source of an e-mail message will also help to reduce the threat of phishing attacks.

The most important step that companies can take today, however, is to educate their Web site users. Most online
banking sites continually warn their customers that the site never sends e-mails that ask for account information
or that ask the recipient to log in to their Web site and make changes to his or her account information.

Many companies, especially those that operate financial Web sites, have contracted with consulting firms that
specialize in anti-phishing work. These consultants monitor the Web for new Web sites that use the company's
name or logo and move quickly to shut down those sites.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 93

Informatics 2B

7.6 Summary
 An important function of electronic commerce sites is the handling of payments over the Internet.
 Internet payments for items costing from a few cents to approximately a dollar are called micropayments.
 Cash and cheques are awkward or difficult to use online, so the about 85% of online payments are made
using credit or debit cards with alternative payment systems (predominantly PayPal) accounting for most of
the remainder.
 Businesspeople often use the term payment card as a general term to describe all types of plastic cards
that consumers (and many businesses) use to make purchases.
 A credit card has a spending limit based on the user's credit history; a user can pay off the entire credit
card balance or pay a minimum amount each billing period.
 A debit card removes the amount of the sale from the cardholder's bank account and transfers it to the
seller's bank account.
 A charge card carries no spending limit, and the entire amount charged to the card is due at the end of the
billing period. Charge cards do not involve lines of credit and do not accumulate interest charges.
 In some payment card systems, the card issuer pays the merchants that accept the card directly and does
not use an intermediary, such as a bank or clearinghouse system. These types of arrangements are called
closed loop systems because no other institution is involved in the transaction.
 Open loop systems add additional payment processing intermediaries to the structure of a closed loop
system. To process payment cards for Internet transactions, an online merchant must set up a merchant
account with an acquiring bank.
 Electronic cash (also called e-cash or digital cash) is a general term that describes any value storage and
exchange system created by a private (nongovernmental) entity that does not use paper documents or
coins and that can serve as a substitute for government-issued physical currency.
 A digital wallet is an electronic device or software that holds credit card numbers, electronic cash, owner
identification, and owner contact information and provides that information at an electronic commerce site's
checkout counter.
 Digital wallets may be software-only or hardware-based
 Internet technologies are providing new tools banking industry, such as mobile banking.
 Online payment systems offer criminals and criminal enterprises an attractive arena in which to operate.
Criminals using various methods such as phishing attacks to swindle unsuspecting individuals and
businesses out of their money.

7.7 Review questions

1. What is a micropayment?
2. Name three online payment methods
3. List four advantages of using payment cards.
4. List the advantages and disadvantages of electronic cash.

94 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

5. What are digital wallets, and what convenience do they offer to consumers?
6. What is phishing, and how is it carried out?

7.8 Answers to Revision Questions and Activities

Answers to review questions
1. Internet payments for items costing from a few cents to approximately a dollar are called micropayments.
2. Payment cards, electronic cash and digital wallets.
3. Advantages of payment cards:
a. For merchants, payment cards provide fraud protection via an interchange network.
b. Worldwide acceptance.
c. Currency conversion, if needed, is handled by the card issuer.
d. The consumer does not need any special hardware or software to complete the transaction.
4. Advantages and Disadvantages of Electronic Cash Advantages:
a. Electronic cash transactions can be more efficient
b. Transferring electronic cash on the Internet costs less than processing credit card transactions.
c. No distribution method or human oversight is required
d. Electronic cash does not require that one party obtain an authorization, as is required with credit
card transactions.
Disadvantages:
a. Electronic cash provides no audit trail; that is, electronic cash is just like real cash in that it cannot
be easily traced.
b. Because true electronic cash is not traceable, another problem arises: money laundering.
c. There are a number of competing technologies and no common standards were developed for
all electronic cash systems.
5. A digital wallet is an electronic device or software that holds credit card numbers, electronic cash, owner
identification, and owner contact information and provides that information at an electronic commerce
site's checkout counter. Digital wallets give consumers the benefit of entering their information just once,
instead of having to enter their information at every site with which they want to do business.
6. The attacker sends e-mail messages to a large number of recipients who might have an account at the
targeted Web site. The e-mail message tells the recipient that his or her account has been compromised
and it is necessary for the recipient to log into the account to correct the matter. The e-mail message
includes a link that appears to be a link to the login page of the Web site. However, the link actually leads
the recipient to the phishing attack perpetrator's Web site, which is disguised to look like the targeted Web
site. The unsuspecting recipient enters his or her login name and password, which the perpetrator
captures and then uses to access the recipient's account. Once inside the victim's account, the perpetrator
can access personal information, make purchases, or withdraw funds at will.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 95

 Informatics 2B

Unit
8: Online Security

96 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

8.1 Introduction  Introduce topic areas for the unit

8.2 Online security issues overview  Understand main elements in computer security

8.3 Computer Security and Risk  Display knowledge on cookies

Management

8.4 Elements of Computer Security  Understand three main elements of computer security

8.5 Establishing a security policy  Be knowledgeable on the five step process in creating a
security policy

8.6 Security for client computers  Understand the existence of a zombie computer

8.7 Physical security for clients  Display knowledge on threats affecting mobile devices and
solutions to these threats

8.8 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 97

Informatics 2B

8.1 Introduction
Large business and government Web sites are constantly under attack by a variety of potential intruders, ranging
from computer-savvy high school students to highly trained espionage workers employed by competing businesses
or other governments. The software that potential attackers use to scan computers is widely available; therefore,
government agencies, companies, organizations, and even individuals can expect that their computers are
scanned frequently as well.

In this unit, you will learn how companies and governments protect themselves from attacks that are intended to
shut down their Web sites or gain entry to data stored or transmitted in the course of their operational activities.
Because the threats are constantly changing, and because the attackers are highly motivated and, in many cases,
highly trained, the challenges are constant and dynamic.

8.2 Online security issues overview

In the early days of the Internet, one of its most popular uses was email. Despite email's popularity, business users
of email have been concerned about security issues. For example, a business rival might intercept email messages
for competitive gain. Today, the stakes are much higher. In addition to email, people all over the world use the
Internet and the Web for shopping and conducting, all types of financial transactions. A common worry of Web
shoppers is that their credit card numbers might be stolen as they travel across the Internet.

Origins of security on interconnected computer systems

When businesses began using computers, they adopted many of the military's security methods. They established
security by using physical controls over access to computers. Alarmed doors and windows, guards, security
badges to admit people to sensitive areas, and surveillance cameras were the tools used to secure computers.
Back then, interactions between people and computers were limited to the terminals of large mainframe computers.
Both the population of computer users and the number of ways those users access computing resources have
increased tremendously. Security tools and methods have evolved and are used today to protect computers and
the electronic assets they store.

8.3 Computer Security and Risk Management Computer security

Computer Security is the protection of assets from unauthorized access, use, alteration, or destruction. There
are two general types of security: physical and logical. Physical security includes tangible protection devices,
such as alarms, guards, fireproof doors, security fences, safes or vaults, and bombproof buildings. Protection of
assets using nonphysical means is called logical security. Any act or object that poses a danger to computer
assets is known as a threat. A countermeasure is a procedure that recognizes, reduces, or eliminates a threat.
The extent and expense of countermeasures can vary, depending on the importance of the asset at risk.

98 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

An eavesdropper is a person or device that can listen in on and copy Internet transmissions. People who write
programs or manipulate technologies to obtain unauthorized access to computers and networks are called crackers
or hackers. A cracker is a technologically skilled person who uses their skills to obtain unauthorized entry into
computers or network systems-usually with the intent of stealing information or damaging the information, the
system's software, or even the system's hardware. The term hacker was used to describe a dedicated programmer
who enjoyed writing complex code that tested the limits of technology. The term hacker is still used in a positive
way by computer professionals. To implement a good security scheme, organizations must identify risks, determine
how to protect threatened assets, and calculate how much to spend to protect those assets.

8.4 Elements of Computer Security

Computer security is generally considered to include three main elements: secrecy, integrity, and necessity (also
known as denial of service).
 Secrecy refers to protecting against unauthorized data disclosure and ensuring the authenticity of the
data source.
 Integrity refers to preventing unauthorized data modification.
 Necessity refers to preventing data delays or denials (removal).

8.5 Establishing a Security Policy

Any organization concerned about protecting, its electronic commerce assets should have a security policy in
place. A security policy is a written statement describing which assets to protect and why they are being protected,
who is responsible for that protection, and which behaviors are acceptable and which are not. The policy primarily
addresses physical security, network security, access authorizations, virus protection, and disaster recovery. The
policy develops over time and is a living document that the company management and security personnel must
review and update at regular intervals.

Most organizations follow a five-step process when creating a security policy. These steps include:
1. Determine which assets must be protected from which threats.
2. Determine who should have access to various parts of the system or specific information assets.
3. Identify resources available or needed to protect the information assets while ensuring access by those
who need it.
4. Using the information gathered in the first three steps, the organization develops a written security policy.
5. Following the written policy, the organization commits resources to building or buying software, hardware,
and physical barriers that implement the security policy.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 99

Informatics 2B

A comprehensive plan for security should protect a system's privacy, integrity, and availability (necessity) and
authenticate users. When these goals are used to create a security policy for an electronic commerce operation,
they should be selected to satisfy the list of requirements shown in the following table:

Secrecy Prevent unauthorized persons from reading messages and business plans, obtaining
credit card numbers, and deriving other confidential information

Integrity Enclose information in a digital envelope so that the computer can automatically detect
messages that have been altered in transit.

Availability Provide delivery assurance for each message segment so that messages or message
segments cannot be lost undetectably.

Key management Provide secure distribution and management of keys needed to provide secure
communications.

Non-repudiation Provide undeniable, end-to-end proof of each message's origin and recipient.

Authentication Securely identify clients and servers with digital signatures and certificates

A good security policy should address the following:

 Authentication: Who is trying to access the site?
 Access control: Who is allowed to log on to and access the site?
 Secrecy: Who is permitted to view selected information?
 Data integrity: Who is allowed to change data?
 Audit: Who or what causes specific events to occur, and when?

8.6 Security for Client Computers

Client computers must be protected from threats that originate in software and data that are downloaded to the
client computer from the Internet. Active content delivered over the Internet in dynamic Web pages can be harmful.
Another threat to client computers can arise when a malevolent server site masquerades as a legitimate Web site.
Users and their client computers can be duped into revealing information to those Web sites. This section explains
these threats, describes how they work, and outlines some protection mechanisms that can prevent or reduce the
threats they pose to client computers.

Cookies and Web bugs

The Internet provides a type of connection between Web clients and servers called a stateless connection. In a
stateless connection, each transmission of information is independent; that is, no continuous connection is
maintained between a client computer and a server on the Internet. Cookies allow Web servers to maintain
continuing open sessions with Web clients. An open session is necessary to do a number of things that are
important in online business activity.

100 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

There are two ways of categorizing cookies: by time duration and by source. The two kinds of time-duration cookie
categories include session cookies, which exist until the Web client ends the connection (or "session"), and
persistent cookies, which remain on the client computer indefinitely. Electronic commerce sites use both kinds of
cookies.

Another way of categorizing cookies is by their source. Cookies can be placed on the client computer by the Web
server site, in which case they are called first-party cookies, or they can be placed by a different Web site, in which
case they are called third-party cookies.

The most complete way for Web site visitors to protect themselves from revealing private information or being
tracked by cookies is to disable cookies entirely. The problem with this approach is that useful cookies are blocked
along with the others, requiring visitors to enter information each time they revisit a Web site. The full resources of
some sites are not available to visitors unless their browsers are set to allow cookies.

Some advertisers send images (from their third-party servers) that are included on Web pages but are too small
to be visible. A Web bug, is a tiny graphic that a third-party Web site places on another site's Web page. When a
site visitor loads the Web page, the Web bug is delivered by the third-party site, which can then place a cookie on
the visitor's computer. A Web bug's only purpose is to provide a way for a third-party Web site (the identity of which
is unknown to the visitor) to place cookies from that third-party’s site on the visitor's computer.

Active Content
In the early days, Web pages could do little more than display content and provide links to related pages with
additional information. The use of active content has changed this. Active content refers to programs that are
embedded transparently in Web pages and that cause some action to occur. For example, active content can
display moving graphics, download and play audio, or implement Web-based spreadsheet programs. Active
content is used in electronic commerce to place items into a shopping cart and compute a total invoice amount,
including sales tax, handling, and shipping costs. Developers use active content because it extends the
functionality of HTML and moves some data processing chores from the busy server machine to the user's client
computer. Unfortunately, because active content elements are programs that run on the client computer, active
content can damage the client computer. Thus, active content can pose a threat to the security of client computers.

Because active content modules are embedded in Web pages, they can be completely invisible when you visit a
page containing them. Crackers intent on doing mischief to client computers can embed malicious active content
in these seemingly innocuous Web pages. This delivery technique is called a Trojan horse. A Trojan horse is a
program hidden inside another program or Web page that masks its true purpose. The Trojan horse could snoop
around a client computer and send back private information to a cooperating, Web server - a secrecy violation.
The program could alter or erase information on a client computer - an integrity violation.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 101

Informatics 2B

Zombies are equally threatening. A zombie is a Trojan horse that secretly takes over another computer for the
purpose of launching attacks on other computers. The computers running the zombie are also sometimes called
zombies. When a Trojan horse (or other type of virus) has taken over a large number of computers, which are thus
made them into zombies, the person who planted the virus can take control of all the computers and form a botnet
(short for robotic network, also called a zombie farm when the computers in the network are zombies) that can act
as an attacking unit, sending spam or launching denial-of-service attacks against specific Web sites.

Java Applets
Java is a programming language developed by Sun Microsystems that is used widely and feature in Web pages
to provide active content. The Web server sends the Java applets along with Web pages requested by the Web
client. In most cases, the Java applet's operation will be visible to the site visitor; however, it is possible for a Java
applet to perform functions that would not be noticed by the site visitor (such as reading, writing, or erasing files
on the site visitor's computer). The client computer then runs the programs within its Web browser. Java can also
run outside the confines of a Web browser. Java is platform independent; that is, it can run on many different
computers.

Once downloaded, embedded Java code can run on a client's computer and damage the computer, run a Trojan
horse, or turn the computer into a zombie.

To counter this threat, the Java sandbox security model was developed. The Java sandbox confines Java applet
actions to a set of rules defined by the security model. These rules apply to all untrusted Java applets. Untrusted
Java applets are those that have not been established as secure. When Java applets are run within the constraints
of the sandbox, they do not have full access to the client computer.

JavaScript
JavaScript is a scripting language developed by Netscape to enable Web page designers to build active content.
Despite the similar-sounding names, JavaScript is based only loosely on Sun's Java programming language.
Supported by popular Web browsers, JavaScript shares many of the structures of the full Java language. When a
user downloads a Web page with embedded JavaScript code, it executes on the user's (client) computer.

Like other active content vehicles, JavaScript can be used for attacks by executing, code that destroys the client's
hard disk, discloses the e-mail stored in client mailboxes, or sends sensitive information to the attacker's Web
server. JavaScript code can also record the URLs of Web pages a user visits and capture information entered into
Web forms.

ActiveX Controls
An ActiveX control is an object that contains programs and properties that Web designers place on Web pages to
perform particular tasks. ActiveX components can be constructed using many different programming languages,
but the most common are C++ and Visual Basic. Unlike Java or JavaScript code, ActiveX controls run only on
computers with Windows operating systems.
102 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

When a Windows-based Web browser downloads a Web page containing an embedded ActiveX control, the
control is executed on the client computer. The security danger with ActiveX controls is that once they are
downloaded, they execute like any other program on a client computer. They have full access to all system
resources, including operating system code.

Graphics and Plug-ins

Graphics, browser plug-ins, and e-mail attachments can harbor executable content. Some graphics file formats
have been designed specifically to contain instructions on how to render a graphic. That means that any Web page
containing such a graphic could be a threat because the code embedded in the graphic could cause harm to a
client computer. Similarly, browser plug-ins, which are programs that enhance the capabilities of browsers handle
Web content that a browser cannot handle. Plug-ins are normally beneficial and perform tasks for a browser, such
as playing audio clips, displaying movies, or animating graphics.

Plug-ins can also pose security threats to a client computer. Users download these plug-in programs and install
them so their browsers can display content that cannot be included in HTML tags.

Viruses, Worms, and Antivirus Software

There are potential dangers lurking in e-mail attachments. E-mail attachments provide a convenient way to send
non-text information over a text-only system-electronic mail. Attachments can contain word-processing files,
spreadsheets, databases, images, or virtually any other information you can imagine. Most programs, including
Web browser e-mail programs, display attachments by automatically executing an associated program. Although
this activity itself does not cause damage, Word and Excel macro viruses inside the loaded files can damage a
client computer and reveal confidential information when those files are opened.

A virus is software that attaches itself to another program and can cause damage when the host program is
activated. A worm is a type of virus that replicates itself on the computers that it infects. Worms can spread quickly
through the Internet. A macro virus is a type of virus that is coded as a small program, called a macro, and is
embedded in a file.

Antivirus software detects viruses and worms and either deletes them or isolates them on the client computer so
they cannot run. Antivirus software is only effective if the antivirus data files are kept current. The data files contain
virus-identifying information that is used to detect viruses on a client computer. Because new viruses appear
regularly, users must be vigilant and update their antivirus data files regularly so that the newest viruses are
recognized and eliminated.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 103

Informatics 2B

Digital Certificates
One way to control threats from active content is to use digital certificates. A digital certificate or digital ID is an
attachment to an e-mail message or a program embedded in a Web page that verifies that the sender or Web site
is who or what it claims to be. In addition, the digital certificate contains a means to send an encrypted message-
encoded.

A digital certificate for software is an assurance that the software was created by a specific company. The certificate
does not attest to the quality of the software, just to the identity of the company that published it.
A digital certificate includes six main elements, including:
 certificate owner's identifying information, such as name, organization, address, and so on
 Certificate owner's public encryption key
 Dates between which the certificate is valid
 Serial number of the certificate
 Name of the certificate issuer
 Digital signature of the certificate issuer

Steganography
The term steganography describes the process of hiding information (a command, for example) within another
piece of information. This information can be used for malicious purposes. Frequently, computer files contain
redundant or insignificant information that can be replaced with other information. This other information resides in
the background and is undetectable by anyone without the correct decoding software. Steganography provides a
way of hiding an encrypted file within another file so that a casual observer cannot detect that there is anything of
importance in the container file. In this two-step process, encrypting the file protects it from being read, and
steganography makes it invisible.

8.7 Physical Security for Clients

Physical security was a major concern for large computers that ran important business functions such as payroll
or billing; however, as networks (including intranets and the Internet) have made it possible to control important
business functions from client computers, concerns about physical security for client computers have become
greater. Physical security measures used today are the same as those used in the early days of computing, with
some interesting new technologies being implemented as well.

Devices that read fingerprints are now available for personal computers. These devices are affordable and provide
much stronger protection than traditional password approaches. Companies can also use other biometric security
devices that are more accurate and, of course, cost more. A biometric security device is one that uses an
element of a person's biological makeup to perform the identification. These devices include writing pads that
detect the form and pressure of a person writing a signature, eye scanners that read the pattern of blood vessels
in a person's retina or the color levels in a person's iris, and scanners that read the palm of a person's hand (rather
than just one fingerprint) or that read the pattern of veins on the back of a person's hand
104 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

Client Security for Mobile Devices

As more people use mobile devices to access the Internet, concern for the security of these devices increases
proportionally. Security issues related to mobile client devices can be simple, such as the physical threat of losing
a phone or tablet device. They can also be more complex, such as an attack by a Trojan horse, a virus, or an app
that shares your personal information.

The first step to take in securing a mobile device is to set up a password for access to the phone. Almost all mobile
devices include software that allows the owner to initiate a remote wipe if the device is stolen. A remote wipe clears
all of the personal data stored on the device. Web sites that contain malware can infect mobile devices just as
easily as they can client computers. Text messages and e-mails with attached viruses and Trojan horses can infect
smart phones and tablet devices also. Thus, an increasing number of users are installing antivirus software on
their mobile devices. Apps that contain malware or that collect information from the mobile device and forward it
to perpetrators are called rogue apps.

Communication channel security

The Internet serves as the electronic connection between buyers (in most cases, clients) and sellers (in most
cases, servers). The most important thin$ to remember as you learn about communication channel security is that
the Internet was not designed to be secure. Although the Internet has its roots in a military network, that network
was not designed to include any significant security features It was designed to provide redundancy in case one
or more communications lines were cut.

Today, the Internet remains largely unchanged from its original, insecure state. Message packets on the Internet
travel an unplanned path from a source node to a destination node. Any message traveling on the Internet is
subject to secrecy, integrity, and necessity threats. This section describes these problems in more detail and
outlines several solutions for those problems.

Secrecy Threats
Secrecy is the security threat that is most frequently mentioned in articles and the popular media. Closely linked
to secrecy is privacy. Secrecy and privacy, though similar, are different issues. Secrecy is the prevention of
unauthorized information disclosure. Privacy is the protection of individual rights to nondisclosure. Secrecy is a
technical issue requiring, sophisticated physical and logical mechanisms, whereas privacy protection is a legal
matter.

Integrity threats
An integrity threat, also known as active wiretapping, exists when an unauthorized party can alter a message
stream of information. Unlike secrecy threats, where a viewer simply sees information he or she should not, integrity
threats can cause a change in the actions a person or corporation takes because a mission-critical transmission
has been altered.
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 105
Informatics 2B

Cybervandalism is an example of an integrity violation. Cybervandalism is the electronic defacing of an existing

Web site's page. The electronic equivalent of destroying property or placing graffiti on objects, cybervandalism
occurs whenever someone replaces a Web site's regular content with his or her own content.

Masquerading or spoofing-pretending to be someone you are not, or representing a Web site as an original
when it is a fake-is one means of disrupting Web sites. Domain name servers (DNSs) are the computers on the
Internet that maintain directories that link domain names to IP addresses Perpetrators can use a security hole in
the software that runs on some of these computers to substitute the addresses of their Web sites in place of the
real ones to spoof Web site visitors.

Necessity threats
The purpose of a necessity threat, which usually occurs as a delay, denial, or denial-of-service (DoS) attach, is to
disrupt normal computer processing, or deny processing entirely. A computer that has experienced a necessity
threat slows processing to an intolerably slow speed.

Attackers can use the botnets to launch a simultaneous attack on a Web site (or a number of Web sites) from all
of the computers in the botnet. This form of attack is called a distributed denial-of-service (DDoS) attack. DDoS
attacks can remove information altogether, or delete information from a transmission or file.

Threats to the physical security of internet communications channels

The Internet was designed from its inception to withstand attacks on its physical communication links. The
Internet's packet-based network design precludes it from being shut down by an attack on a single communications
link on that network. However, an individual user's Internet service can be interrupted by destruction of that user's
link to the Internet. Few individual users have multiple connections to an ISP. However, larger companies and
organizations (and ISPs themselves) often do have more than one link to the main backbone of the Internet.
Typically, each link is purchased from a different network access provider. If one link becomes overloaded or
unavailable, the service provider can switch traffic to another network access provider's link to keep the company,
organization, or ISP (and its customers) connected to the Internet.

Threats to wireless networks

Networks can use wireless access points (WAPs) to provide network connections to computers and other mobile
devices within arrange of several hundred feet. If not protected, a wireless network allows anyone within that range
to log in and have access to any resources connected to that network. Such resources might include any data
stored on any computer connected to the network, networked printers, messages sent on the network, and, if the
network is connected to the Internet, free access to the Internet. The security of the connection depends on the
Wireless Encryption Protocol (WEP), which is a set of rules for encrypting transmissions from the wireless devices
to the WAPs.

106 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

In some cities that have large concentrations of wireless networks, attackers drive around in cars using their
wireless-equipped laptop computers to search for accessible networks. These attackers are called wardrivers.
When wardrivers find an open network (or a WAP that has a common default login and password), they sometimes
place a chalk mark on the building so that other attackers will know that an easily entered wireless network is
nearby. This practice is called warchalking. Some warchalkers have even created Web sites that include maps of
wireless access locations in major cities around the world. Companies can avoid becoming targets by simply
turning on WEP in their access points and changing the logins and passwords to something other than the
manufacturers' default settings.

Encryption solutions
Encryption is the coding of information by using a mathematically based program and a secret key to produce a
string of characters that is unintelligible. Encrypting information travelling over a network safeguards the
information, even if the communication channel is compromised, and the information falls into the wrong hands.

Security for server computers

The server is the third link in the client-Internet-server electronic commerce path between the user and a Web
server. Servers have vulnerabilities that can be exploited by anyone determined to cause destruction or acquire
information illegally. One entry point is the Web server and its software. Other entry points include back-end
programs containing data, such as a database and the server on which it runs. Although no system is completely
safe web server administrator's job is to make sure that security policies are documented and considered in every
part of the electronic commerce operation.

Web server threats

Web server software is designed to deliver web pages by responding to HTTP requests. A web server can
compromise secrecy if it allows automatic directory listings. The secrecy violation occurs when the contents of a
server’s folder names are revealed to a Web browser.

One of the most sensitive files on a Web server is the file that holds Web server username-password pairs. An
intruder who can access and read that file can enter privileged areas masquerading as a legitimate user. To reduce
this risk, most Web servers store user authentication information in encrypted files.

Database threats
Electronic commerce systems store user data and retrieve product information from databases connected to the
Web server. Besides storing product information, databases connected to the Web contain valuable and private
information that could damage a company irreparably if disclosed or altered. Most database management systems
include security features that rely on usernames and passwords. Once a user is authenticated, specific parts of
the database become available to that user. However, some databases either store username/password pairs in
an unencrypted table, or they fail to enforce security at all and rely on the Web server to enforce security. If
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 107
Informatics 2B

unauthorized users obtain user authentication information, they can masquerade as legitimate database users and
reveal or download confidential and potentially valuable information. Trojan horse programs hidden within the
database system can also reveal information by changing the access rights of various user groups. A Trojan horse
can even remove access controls within a database, giving all users complete access to the data-including
intruders.

Other Programming Threats

Web server threats can arise from programs executed by the server. Java or C++ programs that are passed to
Web servers by a client, or that reside on a server, frequently make use of a buffer. A buffer is an area of memory
set aside to hold data read from a file or database. A buffer is necessary whenever any input or output operation
takes place because a computer can process file information much faster than the information can be read from
input devices or written to output devices. Programs filling buffers can malfunction and overfill the buffer, spilling
the excess data outside the designated buffer memory area. This is called a buffer overrun or buffer overflow
error. Usually, this occurs because the program contains an error or bug that causes the overflow. Sometimes,
however, the buffer overflow is intentional. The Internet worm of 1988 was such a program. It caused an overflow
condition that eventually consumed all resources until the affected computer could no longer function.

A similar attack, one in which excessive data is sent to a server, can occur on mail servers. Called a mail bomb,
the attack occurs when hundreds or even thousands of people each send a message to a particular address. The
attack might be launched by a large team of well-organized hackers, but more likely the attack is launched by one
or a few hackers who have gained control over others' computers using a Trojan horse virus or some other method
of turning those computers into zombies. The accumulated mail received by the target of the mail bomb exceeds
the allowed e-mail size limit and can cause e-mail systems to malfunction.

Threats to the Physical Security of Web Servers

Web servers and the computers that are networked closely to them, such as the database servers and application
servers used to supply content and transaction-processing capabilities to electronic commerce Web sites, must be
protected from physical harm. For many companies, these computers have become repositories of important data.
They have also become important parts of the revenue-generating function in many businesses. As key physical
resources, these computers and related equipment warrant high levels of protection against threats to their physical
security.

Many companies use commerce service providers (CSPs) to host their Web sites. The security that CSPs maintain
over their physical premises is, in many cases, stronger than the security that a company could provide for
computers maintained at its own location.

Companies can take specific steps to protect their Web servers. Many companies maintain backup copies of their
servers' contents at a remote location.

108 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Some companies rely on their service providers to help with Web server security. Commerce service providers
often include Web server security as an add-on service. Other companies hire smaller, specialized security service
providers to handle security.

Access Control and Authentication

Access control and authentication refers to controlling who and what has access to the web server. Most people
who work with web servers in electronic commerce environments do not sit at a keyboard connected to the server.
Instead, they access the server from a client computer. Recall that authentication is verification of the identity of
the entity requesting access to the computer. Just as users can authenticate servers with which they are interacting,
servers can authenticate individual users. When a server requires positive identification of a user, it requests that
the client send a certificate.

The server can authenticate a user in several ways.

1. First, if the server cannot decrypt the user's digital signature contained in the certificate using the
user's public key, then the certificate did not come from the true owner. Otherwise, the server is
certain that the certificate came from the owner. This procedure prevents the use of fraudulent
certificates to gain entry to a secure server.
2. Second, the server checks the timestamp on the certificate to ensure that the certificate has not
expired. A server will reject an expired certificate and provide no further service.
3. Third, a server can use a callback system in which the server software checks a user's client
computer name and address against a list of authorized usernames and assigned client computer
addresses before "calling back" to establish a connection. Callback systems work especially well in
an intranet where usernames and client computers are controlled closely and assigned
systematically. On the Internet, callback systems can be more difficult to implement, particularly if
client users are mobile and work from different locations. Certificates issued by trusted CAs play a
central role in authenticating client computers and their users because they provide irrefutable
evidence of identity.

Usernames and passwords can also provide some element of protection. To authenticate users using passwords
and usernames, the server must acquire and store a database containing users' passwords and usernames. Many
web server systems store usernames and passwords in a file. Large electronic commerce sites usually keep
username/password combinations in a separate database with built-in security features.

Web servers often provide access control list security to restrict file access to selected users. An access control
list (ACL) is a list or database of files and other resources and the usernames of people who can access the files
and other resources. Each file has its own access control list. When a client computer requests Web server access
to a file or document that has been configured to require an access check, the Web server checks the resource's
ACL file to determine if the user is allowed to access that file. This system is especially convenient to restrict access
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 109
Informatics 2B

of files on an intranet server so that individuals can only access selected files on a need-to-know basis. The Web
server can exercise fine control over resources by further subdividing file access into the activities of read, write,
or execute.

Firewalls
A firewall is software or a hardware-software combination that is installed in a network to control the packet traffic
moving through it. Most organizations place a firewall at the Internet entry point of their networks. The firewall
provides a defense between a network and the Internet or between a network and any other network that could
pose a threat.

Firewalls all operate on the following principles:

 All traffic from inside to outside and from outside to inside the network must pass through it.
 Only authorized traffic, as defined by the local security policy, is allowed to pass through it.
 The firewall itself is immune to penetration.

Those networks inside the firewall are often called trusted, whereas networks outside the firewall are called
untrusted. Acting as a filter, firewalls permit selected messages to flow into and out of the protected network.

Large organizations that have multiple sites and many locations must install a firewall at each location that has an
external connection to the Internet.

Firewalls are classified into the following categories:

 Packet filter - Packet-filter firewalls examine all data flowing back and forth between the trusted network
(within the firewall) and the Internet. Packet filtering examines the source and destination addresses and
ports of incoming packets and denies or permits entrance to the packets based on a pre-programmed
set of rules.
 Gateway server - Gateway servers are firewalls that filter traffic based on the application requested.
 Proxy server - Proxy server firewalls are firewalls that communicate with the Internet on the privacy
network's behalf. When a browser is configured to use a proxy server firewall, the firewall passes the
browser request to the Internet. When the Internet sends back a response, the proxy server relays it back
to the browser. Proxy servers are also used to serve as a huge cache for Web pages.

Organizations that promote internet security

Following the occurrence of the Internet Worm of 1988, a number of organizations were formed to share information
about threats to computer systems. These organizations are devoted to the principle that sharing information about
attacks and defenses for those attacks can help everyone create better computer security. Some of the
organizations began at universities; others were launched by government agencies. In this section, you will learn
about some of these organizations and their resources.

110 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

CERT
In 1988, a group of researchers met to study the infamous Internet Worm attack soon alter it occurred. They wanted
to understand how worms worked and how to prevent damage from future attacks of this type. The National
Computer Security Center, part of the National Security Agency, initiated a series of meetings to figure out how to
respond to future security breaks that might affect thousands of people. Soon after those meetings, the U.S.
government created the Computer Emergency Response Team and housed it at Carnegie Mellon University in
Pittsburgh.

Today, CERT responds to thousands of security incidents each year and provides a wealth of information to help
Internet users and companies become more knowledgeable about security risks. CERT posts alerts to inform the
Internet community about security events, and it is regarded as a primary authoritative source for information about
virus’s worms, and other types of attacks.

Other Organizations
CERT is the most prominent of these organizations and has formed relationships, such as the lnternet Security
Alliance, with other industry associations. However, CERT is not the only computer security resource. In 1989, one
year after CERT was formed, a cooperative research and educational organization called the Systems
Administrator, Audit, Network, and Security Institute was launched. Now known as the SANS Institute, this
organization includes thousands of members who work in computer security consulting firms and information
technology departments of companies as auditors, systems administrators, and network administrators.

The Center for Internet Security is a not-for-profit cooperative organization devoted to helping companies that
operate electronic commerce Web sites reduce the risk of disruptions from technical failures or deliberate attacks
on their computer systems. It also provides information to auditors who review such systems and to insurance
companies that provide coverage for companies who operate such systems.

Computer Forensics and Ethical Hacking

A small number of specialized consulting firms engage in the unlikely enterprise of breaking into servers and client
computers at the request of the organizations that own those computers. Called computer forensics experts or
ethical hackers, these computer sleuths are hired to probe PCs and locate information that can be used in legal
proceedings. The field of computer forensics is responsible for the collection, preservation, and analysis of
computer-related evidence. Ethical hackers are often hired by companies to test their computer security
safeguards. They are also hired by law enforcement agencies investigating crimes and by law firms undertaking
investigations on behalf of their client.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 111

Informatics 2B

8.8 Summary
 Companies, governments and individuals need to protect themselves from attacks that are intended to
shut down their Web sites or gain entry to data stored or transmitted in the course of their operational
activities.
 Because the threats are constantly changing, and because the attackers are highly motivated and, in
many cases, highly trained, the challenges are constant and dynamic.
 Computer security is generally considered to include three main elements: secrecy, integrity, and
necessity (also known as denial of service).
o Secrecy refers to protecting against unauthorized data disclosure and ensuring the authenticity
of the data source.
o Integrity refers to preventing unauthorized data modification.
o Necessity refers to preventing data delays or denials (removal).
 Any organization concerned about protecting, its electronic commerce assets should have a security
policy in place. A security policy is a written statement describing which assets to protect and why they
are being protected, who is responsible for that protection, and which behaviors are acceptable and which
are not.
 There are essentially three links in the client-Internet-server electronic commerce path between the user
and a Web server:
o The client computer
o The communication channel
o The server computer
 Each link is prone to threats, and needs to be protected.
 Client computers face threats in the form of cookies, web bugs, malicious active content, malicious Java
applets and Javascripts, viruses and worms.
 Communication channels face threats in the form of secrecy threats, integrity threats and threat to
wireless networks.
 Servers face threats in the form of database threats, threats from malicious programs and physical threats

8.9 Review questions

1. What are the three main elements that need to be included in computer security?
2. Most organizations follow a five-step process when creating a security policy. List the steps.
3. What questions should a good security policy address?
4. What is a cookie, and how can cookies be used for malicious intents?
5. What is a zombie computer?
6. What possible threats could mobile devices face? What solutions can be provided for the possible threats to
mobile devices?

112 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

8.10 Answers to Revision Questions and activates

Answers to review questions
1. Computer security is generally considered to include three main elements: secrecy, integrity, and necessity
(also known as denial of service).
a. Secrecy refers to protecting against unauthorized data disclosure and ensuring the authenticity of the
data source.
b. Integrity refers to preventing unauthorized data modification.
c. Necessity refers to preventing data delays or denials (removal).
2. Most organizations follow a five-step process when creating a security policy. These steps include:
a. Determine which assets must be protected from which threats.
b. Determine who should have access to various parts of the system or specific information assets.
c. Identify resources available or needed to protect the information assets while ensuring access by those
who need it.
d. Using the information gathered in the first three steps, the organization develops a written security policy.
e. Following the written policy, the organization commits resources to building or buying software,
hardware, and physical barriers that implement the security policy.
3. A good security policy should address the following questions:
a. Authentication: Who is trying to access the site?
b. Access control: Who is allowed to log on to and access the site?
c. Secrecy: Who is permitted to view selected information?
d. Data integrity: Who is allowed to change data?
e. Audit: Who or what causes specific events to occur, and when?
4. A cookie is a data file that is stored onto a client computer by a server. Cookies can be used by criminals to
track client keystrokes and behavior.
5. A zombie computer is one which has software installed on it that allows it to be remotely controlled by a
malicious person.
6. Security issues related to mobile client devices can be simple, such as the physical threat of losing a phone
or tablet device. They can also be more complex, such as an attack by a Trojan horse, a virus, or an app that
shares your personal information.
a. Set up a password for access to the phone.
b. Install software that allows the owner to initiate a remote wipe if the device is stolen.
c. Install antivirus software on mobile devices.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 113

 Informatics 2B

Unit
9: Designing a Web Page
using HTML

114 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

9.1 Introduction  Introduce topic areas for the unit

9.2 Web site design considerations  Understand web site design considerations

9.3 Meeting the needs of Web site  Display knowledge on needs of web site visitors
visitors

9.4 Web site design

9.5 Customer-centric web site design  Understand customer-centric web site design

9.6 Creating a Web site  Demonstrate the creation of a basic website using HTML

9.7 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 115

Informatics 2B

9.1 Introduction
This unit covers the design considerations one must consider when designing web sites for a business. Basics
on creating a website using HTML is explained.

9.2 Web site design considerations

How is the Web Different?
At the beginning when the Web came to be known to the greater general population, businesses usually only
started out with creating a Web site conveying basic information about their business, what they do, their purpose,
what they sell (products/services) and their contact details which may have included an email address. Since
businesses were still becoming familiar with the Web and email services, visitors’ emails were not always answered
promptly or in most cases, never. Sometimes, the email links didn’t link to any email at all!

Now, aside from being able to sell their products online through online sales and emailing updates, companies can
also engage in a two-way communication (videoconferencing) with their customers in order to retain their
customers and not lose them to competitors.

9.3 Meeting the Needs of Web Site Visitors

Every visitor to a company’s Web site is a potential customer or partner to that company. The vast majority of
these visitors do not show up at a Web site accidentally; they either found the company website by doing a search,
or they clicked on an advertising link which was of interest to them, they were referred there by someone.
There are various motivations for a visitor to visit a Web site:
 Learning about products or services that the company offers.
 Buying products or services that the company offers.
 Obtaining information about warranty, service, or repair policies for products they purchased.
 Obtaining general information about the company or organization.
 Obtaining financial information for making an investment or credit-granting decisions.
 Identifying the people who manage the company or organization.
 Obtaining contact information for a person or department in the organization.
 Following a link to the site while searching for information about a related product, service, or topic.

Company Web designers need to take these challenges into consideration when creating the Web site for the
company. Along with these challenges, technology issues can also arise. Other challenges include:
 Visitors connecting to the Internet through a variety of communication channels providing different
bandwidths and data transmission speeds
 Visitors using different Web browsers
 Visitors running different browser versions.
 Visitors using different types of devices with varying screen sizes(computers, mobile phones, smart
phones, television sets, and even game consoles);
116 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

9.4 Web Site design

A major design consideration when building a web page is the use of colour and images. Proper use of colours
and images enhance the look and feel of a site significantly, but incorrect use can easily achieve the opposite
effect.

Other important issues are the use of streaming audio or video clips. Whereas these also significantly enhance the
use experience on the site, there may be many users who cannot view them due to bandwidth limitations, etc. As
a result, the visitor must have the option to adjust their connection settings or have the option to disconnect the
streaming options.

Some Web site designers love to use Flash as their creative design tool. While Flash is a great animated graphic
software, it is limited when it comes to creating a Web site fully created by Flash, since Flash files can be large
and do not work on Apple’s iPhone and iPad products. Developers should instead use HTML5, which is much
more light-weight than Flash, and is supported by all major browsers.

When providing file downloads on the site, the developer should be mindful to provide the files in various formats,
in order to cater for various software platforms.
From a usability perspective, business Web sites need to:
1. Offer easily accessible facts about the organization
2. Allow visitors to experience the site in different ways and at different levels
3. Provide visitors with a meaningful, two-way (interactive) communication link with the organization
4. Sustain visitor attention and encourage return visitors
5. Offer easily accessible information about products and services and how to use them.

9.5 Customer-Centric Web Site Design

An important part of a successful electronic business operation is a Web site that meets the needs of potential
customers. What a business needs to aim for is a customer-centric approach to Web site design; that is, a Web
site that is intended to meet the specific needs of customers, not just Web site visitors. The following are guidelines
for building customer-centric sites:
 Design the site around how visitors will navigate the links, not around the company’s organization
structure.
 Allow visitors to access information quickly.
 Avoid using inflated marketing statements in product or service descriptions. Avoid using business jargon
and terms that visitors might not understand.
 Build the site to work for visitors who are using the oldest browser software on the oldest computer
connected through the lowest bandwidth connection – event if this means creating multiple versions of
Web pages.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 117

Informatics 2B

 Be consistent in use of design features and colours.

 Make sure that navigation controls are clearly labelled or otherwise recognizable.
 Test text visibility on a range of monitor sizes; text can become too small to read on a small monitor and
so large it shows jagged edges on a large monitor.
 Check to make sure that colour combinations do not impair viewing clarity for colour-blind visitors.

Some additional guidelines to follow when designing Web sites for mobile device users:
 Text should be extremely concise; there is no space for excess wording on a mobile device screen.
 Navigation must be clear, intuitive, and easy to see.
 The set of available functions should be limited to those likely to be used by site visitors in a mobile setting
(the page can include links to the more complete, non-mobile version of the site).
 Creating a dedicated Web site for mobile users is almost always essential because the needs of mobile
users are so different from those of other users.
 Conduct usability tests by having potential site users navigate several version of the site.

Using these guidelines when creating a Web site can help make visitors’ Web experiences more efficient, effective,
and memorable. Usability is an important element of creating an effective Web presence.

9.6 Creating a Web site

Websites are created using a special markup language called HTML, which stands for Hyper Text Markup
Language. HTML was first introduced in the early 1990’s and has gone through various versions, from the very
first version, HTML+, through the most recent, HTML5. Today, the user interface of almost every website, web
application, and an increasing number of mobile applications for devices like iPhones, BlackBerrys and Androids,
are built using HTML.

So, what exactly is HTML? HTML consists of a series of short codes typed into a text file by the site developer.
These short codes are called HTML tags. HTML tags are basically instructions to the browser on how to render
the web page. How this works is that when a user requests a web page on the internet, the server sends to the
user’s computer a set of instructions in HTML on how to build the site – very much like a recipe – and the browser
then follows these instructions and the renders the site for the user to view. Writing your own HTML entails using
tags correctly to create your vision. You can use anything from a rudimentary text-editor like Notepad to a powerful
graphical editor like Adobe Dreamweaver to create HTML pages. In this chapter you will learn how to create a
basic website using HTML.

118 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Creating your first HTML web page

1. To begin, go to the Documents folder on our computer and create a new folder called My Website.
2. Next, open Notepad. Notepad opens a new, blank text document. Save this document as index.html to the My
Website folder. You should now see your file in the folder like this:

The index.html file is the “entry point” for your website. When a user navigates to your site, the server looks for
and run the index.html file by default.
3. Type in the following code, exactly as is, into the file (do not type in the line numbers):

The code explained:

Line 1: This line is known as the Doctype declaration. It signals to the browser that the file being viewed is an
HTML document.
Line 2: The <html> tag signifies the start of the page. The <html> open tag has a partner close tag </html> (notice
the difference: the close tag has a forward slash “/” before the word “html”) which is on line 11. All the other tags
are included within these two tags.
Line 3: The <head> tag signifies the start of the head section of the page. The head of the page contains
information about the page, such as the title of the page which will be displayed at the top of the browser window,
links to style sheets, links to external Javascript files, etc. The <head> tag has a partner </head> closing tag.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 119

Informatics 2B

Line 4: The title of the page goes between the <title> tags. You may type in whatever you wish between the <title>
and </title> tags. As mentioned earlier, this will be displayed at the top of the browser window, in the information
bar.
Line 7: The body of the page begins here. Everything between the two body tags defines the actual looks of the
page.
Line 8: The <h1> tag is a heading tag. Any text appearing within the <h1> and </h1> tags will be displayed in a
large, bold text. There are six sizes of headings, denoted with the tags <h1> to <h6>.
Displaying your page in a browser
To display your page in a browser such as Google Chrome, Mozilla Firefox, Safari or Internet Explorer, simply
double-click on the index.html file in the folder. You should see the following displayed in your browser:

As you can see from the above output, only the text between the <h1> tags is displayed, without the tags
themselves.
Now make the following changes to the index.html file:

The code explained:

Line 4: Notice that we changed the title of the page.
Line 9: The <p> is known as the paragraph tag. Any text within the <p> and </p> tags will be displayed as normal
paragraph text. You can have as many paragraphs as you require in your page.

Once you have completed typing in the above code, save your work and refresh your browser. Note that there is
no need to reopen the file in the browser – it is already open; all that’s needed is to refresh the page in the browser
by pressing the “refresh” button or pressing the F5 buttons.

120 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

You should see the following:

Adding images to your page

In this section you will learn how to liven up your page by adding images. In order to insert an image, you first need
to have an image.
Open the My Website folder and within it, create a new subfolder called images:

Next, you need to find some images to place into the images folder. You may us a sample image from the
Pictures\Sample Pictures folder. Select a sample image such as Desert.jpg, copy it and paste it into the images
folder. Now that you have an image in the images folder, you can insert it into your web page.
Add the following line to your code, after the second paragraph:

Your code should now look like this:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 121

Informatics 2B

Notice that the new code is on line 11.

The code explained

As you may have realized, the img tag is used to insert images into your page. Take now of the following:
 The <img tag, unlike the previous tags you’ve seen, has additional attributes inside it, namely src and
width.
 The src attribute indicates the source of the image – in other words, where is the image to be found? In
this case, the image is in the images folder. After the folder name, the name of the actual image appears.
In this case the image is called Desert.jpg. Notice that we include the extension file name (.jpg) as well.
This is necessary. If you leave it out, no image will be displayed.
 The width attribute sets the width, in pixels, of the image on screen. You can also set a height attribute.
 Notice that the img tag does not have a closing </img> tag like the other tags you’ve seen. It simply closes
with a />
Check your work, save it and refresh your browser. If you see something similar to the following, then well done!

Now change the width of the image by changing the width=”100” attribute to width=”200”. The image will be
increased in size proportionately.

122 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Inserting a table into your web page

Another useful element to add to a web page is a table. Tables are useful for displaying data in a neat, convenient
grid.

Not surprisingly, you insert a table into a web page using the <table> tag. Insert the following code into your file,
immediately after line 11:

The code explained

Line 13: The <table> tag has one attribute, border=”1”, which indicates that the table should have a border with a
1 pixel width. The matching </table> tag is on line 30.

Line 14: The <tr> tag indicates the start of a row. The matching close tag is on line 17.

Line 15: Each row must have one or more columns, which are indicated by the <td> and </td> tags. You will
always place text within <td> tags.

As you can see, the table will have 4 rows, and each row will have 2 columns. If your code is correctly typed in,
you should see the following:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 123

Informatics 2B

If this is what you see, then well done!

Inserting a hyperlink into your page
Hyperlinks are what make web pages unique from normal, static pages like the type you will find in a book.
Hyperlinks are the words, images or other elements which appear on the screen which, if you click on them, you
will be directed to another page. In this section we will insert two types of hyperlinks onto our page: text hyperlinks
and image hyperlinks.

Inserting a text hyperlink

A hyper link is indicated by the <a> or “anchor” tag. The anchor tag requires one attribute: the href attribute, which
indicates the destination – that is, which page will open up if the hyperlink is clicked. The following line will insert a
hyperlink into a page which links to Google:

The code explained

The href attribute of the above hyperlink indicates that the Google page will open up when the hyperlink is clicked.
Notice how we’ve used the full web address including the http:// part of the address. This is necessary.

Between the open anchor tag and the close anchor tag is
the text “Click here to go to Google”. This is the text which will appear on your page as a hyperlink. Type in the
above line after the closing tag for the table (</table>). Save your work, and refresh the browser window. You
should see the following:

124 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

To test the hyperlink, click on it and see if it opens up the Google page.

Inserting an image hyperlink

An image hyperlink is an ordinary image on your page, but links to another page when you click on it. Inserting an
image hyperlink is almost identical to inserting a text hyperlink, with one major difference: instead of inserting text
between the anchor tags, you insert an image. Take a look at the code below:

Line 32 shows a standard text hyperlink as you’ve seen in the previous section. Line 33 shows an image hyperlink.
Can you see the difference? The difference between the two lines of code is the grey-out area – the text “Click
here to go to Google” has been replaced with an img tag.

Type out the code above exactly as shown, save the file and refresh your browser window. You should see the
following:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 125

Informatics 2B

Now there are two images on the page, but there is a huge difference between them: the second one is a hyperlink.
Clicking on it will take the user to the Google home page.

Taking things forward

The preceding discussion is by no means a complete discussion of HTML; there is a whole lot more to cover as
far as HTML goes, but that is out of the scope of this course. The intention of this chapter was to serve as an
introduction to HTML in order to broaden your understanding of web technologies. As mentioned at the beginning
of this chapter

Should you wish to study web design in more detail, there are many good books and courses out there that will
help you master HTML.

9.7 Summary
 Websites are created using HTML, which stands for Hyper Text Markup Language.
 The most recent version of HTML is HTML 5
 Many smartphone apps are also built using HTML 5
 HTML consists of a series of tags typed into a text file.
 HTML tags are instructions to the browser on how to render the web page.
 The <html> tag signifies the start of the page.
 The <title> tags contain the title of the page that appears at the top of the browser window.
 The <body> tags contain all the visible elements of the page.

126 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

 The <h1> tags are used to display headings.

 The <p> tag is used to display paragraph text.
 The <img> tag is used to display images. The <img> tag has a mandatory attribute src=”” which indicates
the source of the image.
 The anchor tag <a> is used to add hyperlinks to your page. The href attribute indicates where the hyperlink
will link to, while the text between the <a> and </a> tags contains the hyperlink text to be displayed on
the page.
 Images can also be hyperlink, by inserting an image tag between the anchor tags rather than text.

9.8 Review questions

Develop a website called “Shopper’s Paradise” which is a basic ecommerce catalogue site. The home page of the
site should display a few items as hyperlinks in an HTML table, as shown in the following image:

When the user clicks on any item, another page opens up which shows more details about the item, for example:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 127

Informatics 2B

9.9 Answers to Revision Questions and Activities

Answers to review questions

The index.html file will look like this:

128 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 129

Informatics 2B

Each of the product pages will look like this:

130 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit
10: Designing a Three-Tier
Web Application

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 131

Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

10.1 Introduction  Introduce topic areas for the unit

10.2 Three-tier application  Understand three-tier architecture

10.3 Benefits of the three-tier architecture  Understand the benefit of three-tier architecture

10.4 Designing three-tier application  Display knowledge on the purpose of each layer in three-tier
architecture

10.5 Installing a web server on your  Examine ways of installing a web server on a computer
computer

10.6 Summary  Summarise topic areas covered in unit

132 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

10.1 Introduction
In this unit you are going to learn about the concept of a three-tier software application, and you are going to
learn to design and create a three-tier web-based application.

10.2 Three-tier application

A three-tier application is part of a family of applications known as multi-tier applications. A three-tier application is
one which is separated into three sections, each of which performs a specific function; each layer is independent
of the others, but they all work together to perform the overall functions of the application. A three-tier application
will typically contain the following layers:
1. The presentation layer
2. The logic layer
3. Data layer

These layers are illustrated in the following diagram:

 Tier 1 - the presentation layer: this is the part of the app that the users see and interact with in their
browser windows. It is here that the user views products and makes purchases.
 Tier 2 - the logic layer: This is the part of the app that handles all processing. When the user clicks on a
hyperlink or a button on the front end of the app, it triggers a request. This request is passed to the
application, which knows how to handle the request.
 Tier 3 - the data layer: This is where the data management functions of the app take place; data is stored,
edited and sorted at this layer.

To get a better understanding of the three-tier software architecture, think about a fast food outlet: when you enter
the outlet, you see the reception area, which is usually beautiful and colourful, with menus, posters and other
promotional materials. You as the customer will interact with the staff in this area to place your order, etc. This is
analogous to the front end of the app.

Next comes the kitchen. The kitchen is where the orders are processed and the food is prepared. The clients of
the outlet cannot normally see the kitchen. The kitchen is like the logic layer of the application.

When the cooks need ingredients to prepare the food, they fetch it the store room. The store room is where all the
raw materials are stored. The store room is analogous to the data layer.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 133

Informatics 2B

Now let’s see how the tiers work together:

1. Assume a user wants to see all the products in the shop that are manufactured by, for example, Samsung.
To do this, she will do a filter/search on the site. The instant she clicks the “Submit” button, a request is
sent to the server, where the logic layer of the app resides. (Fast food worker takes an order and passes
it to the kitchen)
2. The logic layer accepts the request and interprets it. It determines that in order to provide the information
that the user requires, it will need some data from the database. It then prepares a query which will be
handed to the database which resides in the data layer. (The chef makes a list of all the things he will
require from the store room)
3. The database receives the query and runs it. The query effectively brings back all the Samsung products
in the store and sends it back to the logic layer. What it sends back is raw data. (The store room manager
provides all the ingredients to the chef, as per the chef’s list)
4. The logic layer then works on the raw data to make it meaningful for the user. In certain cases there may
be calculations to be done, such as totalling and calculating averages, etc. In this case, however there is
no additional calculation to be done. All that is required is to make the raw data presentable and readable
for the user. The logic layer handles this by converting the raw data into HTML code. The HTML is then
sent to the presentation layer. (Chef prepares the food)
5. Finally, at the presentation layer, the user’s browser receives the HTML code from the server, and uses
it to render the web page. The user then sees an HTML table with all the Samsung products listed. (Order
is served to the client)

This process is illustrated in the following diagram:

134 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

10.3 Benefits of the three-tier architecture

The benefit of the three-tier application architecture is that it provides a model by which developers can create
flexible and reusable applications. By separating an application into tiers, developers have the option of modifying
a specific layer without affecting the others or reworking the entire application. To understand this think about the
fast food outlet. When the owners of the outlet wish to change its appearance, all it needs to do is to change the
front area; there is no need to interfere with the kitchen or the store room. Similarly, if there is a need to make
changes to the kitchen or the store room, it need not affect the reception area.

The three-tier architecture provides the same benefits to the software developers – if one part of the app, such as
the front end, needs to change, it does not need to affect the processing tier or the database.

10.4 Designing a three-tier web-based application

In this section we will create a three-tier web-based application using a popular web language called PHP. PHP,
which is a server-side scripting language, is one of the most popular languages on the web due to its ease of use.
Because PHP is a server-side language, it cannot run on a standard computer – it needs to run on a web server.
In order to develop PHP web apps on a local machine, developers install a web server simulator software on their
machines. There are many such simulators, but the preferred one among developers, and the one we are going
to use in this chapter is called WAMP (Note: WAMP is for Windows machines. If you own a Mac or a Linux machine,
please contact the lecturer for information on setting up a web server.)

10.5 Installing a web server on your computer

Navigate to the WAMP website: http://www.wampserver.com/en/

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 135

Informatics 2B

Click on the DOWNLOAD link in the top menu. You will see the following:

Based on whether your PC is running Windows 32 Bit 64 Bit, click on either:

Or

Simply follow the instructions, and the installer file for WAMP will download. The download is about 27 megabytes.

Once the installer file is downloaded, double-click it and follow the instructions to install. Do not change any of the
default settings.

After installation is complete, you should see the following icon on your desktop:

136 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Double-click this icon to start the WAMP server. If the server has started successfully, you should see the following
icon, in green, in the system tray:

This signifies that the server is running. You can now test the server. Open your browser, and type in the following
address in the address bar:

http://localhost

You should see the WampServer home page as shown below.

Next, click on Start → Computer, and then navigate to your local hard disk. In the root folder you should see a
folder called WAMP. This is your WAMP installation folder.

Open the WAMP folder. Here, you will see a folder called www. Open it. This folder will serve as your web server.

In the next few subsections we will create each of the three layers of out three-tier web application.

Creating the data tier

Inside the www folder, create a new folder called eShop and open it.

Create a new text file called install.php and open it in Notepad. This script will contain code to create our database
and the necessary tables, and to populate those tables with data. Type in the following code into install.php:

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 137

Informatics 2B

The above PHP code creates a new database called eshop. The above script continues as shown below:

The above code creates a table called product in the eshop database. The product table contains 4 columns:

 id: this is an auto-increment field which also serves as the primary key
 name: name of the product. It stores text, so the type is VARCHAR.
 description: a short description of the product.
 price: this is of type DOUBLE, and stores the price of the product

138 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

The above lines of code populate the product table with four products. Notice the repeating pattern in the code:

 Line 26: Create a query

 Line 28: Run the query
 Line 31: Create a query
 Line 33: Run the query

And so forth.

The above code provides a feedback message if everything goes well, and then closes the database connection.

Next, you will need to run the above script. To do this, type the following address into your browser address bar:

http://localhost/eShop/install.php

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 139

Informatics 2B

Creating the logic tier

Next, create a text file called functions.php and type in the following code:

The above code creates a connection to the eshop database.

The above code creates a query to bring back all the products from the product table. The query is then run, and
the results are stored in a variable called $result.

The database connection is then closed, and the result set is sent to the front end.

Creating the presentation layer

The last part that we will create is the presentation layer. Create a text file called index.php in the eShop folder
and open it in Notepad. The index.php file will contain the following code:

140 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

The code in index.php will look familiar to you: it is almost identical to the index.html file from the previous chapter.
The major difference is in lines 14 and 15:

 Line 14: Here we call the function getProducts()which lives in functions.php. As you saw in the previous
section, getProducts()brings back all the products from the database and sends it to the front end.
 Line 15: In this line there are actually two significant things taking place:
o We begin a loop to iterate through the results from the database, row by row.
o Each row from the database is converted into an array. We will then access the elements in the
array in lines 18, 19 and 20.

Now run the app. Type in the following address into your browser address bar:

http://localhost/eShop/

There is no need to type in the name of the index.php file; the server will look for it by default.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 141

Informatics 2B

The output of your app should look like the following:

The output looks similar to the output of index.html from the previous chapter. However, there is one critical
difference: the information in the HMTL table above is coming from the database, and the table is being dynamically
generated by our app.

10.6 Summary
 A three-tier application is one which is separated into three sections, each of which performs a specific
function.
 A three-tier application will typically contain the following layers:
o The presentation layer
o The logic layer
o Data layer
 The presentation layer is the part of the app that the users see and interact with in their browser windows.
It is here that the user views products and makes purchases.
 The logic layer is the part of the app that handles all processing. When the user clicks on a hyperlink or
a button on the front end of the app, it triggers a request. This request is passed to the application, which
knows how to handle the request.
 The data layer is where the data management functions of the app take place; data is stored, edited and
sorted at this layer.
 The main benefit of the three-tier application architecture is that it provides a model by which developers
can create flexible and reusable applications.
10.7 Review questions
1. Describe what a three-tier software architecture is.
2. What is the purpose of the presentation layer?

142 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

3. What is the purpose of the logic layer?

4. What is the purpose of the data layer?
5. What is the major benefit of the three-tier architecture?

10.8 Answers to review questions

1. A three-tier application is one which is separated into three sections, each of which performs a specific
function.

2. The main function of the presentation layer is to present the various functionality of the app, as well as its
output, in a way that the user can understand.
3. The logic layer coordinates the app, processes commands, makes logical decisions and evaluations, and
performs calculations. It also moves and processes data between the two surrounding layers.
4. In the data layer data is stored and retrieved from a database or file system. The data is then passed to
the logic tier for processing, and then eventually back to the user via the UI.
5. The benefit of the three-tier application architecture is that it provides a model by which developers can
create flexible and reusable applications. By separating an application into tiers, developers have the
option of modifying a specific layer without affecting the others or reworking the entire application.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 143

 Informatics 2B

Unit
11: E-Business Law

144 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Unit Learning Outcomes

CONTENT LIST LEARNING OUTCOMES

11.1 Introduction  Introduce topic areas for the unit

11.2 The Legal Environment of Electronic  Understand ways contracts are conducted over the Internet
Commerce
 Be knowledgeable on elements of a contract

 Differentiate between click-wrap and web-wrap contract

11.3 Borders and jurisdiction  Display knowledge on jurisdiction and its application to the

11.4 Jurisdiction on the Internet Internet

11.5 Jurisdiction in international

commerce

11.6 Conflict of laws  Understand conflict of laws

11.7 New Types of Crime Online  Identify and examine new types of crime online

11.8 Summary  Summarise topic areas covered in unit

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 145

Informatics 2B

11.1 Introduction
In this unit you will learn about legal and ethical issues relating to the internet in general, and to e-commerce in
particular. You will also learn how many Web businesses can run afoul of laws and regulations if they are not
aware of international e-commerce legislation. As companies move more of their operations online, they find
themselves subject to unfamiliar laws and different ethical frameworks much more rapidly than when they operated
in familiar physical domains.

11.2 The Legal Environment of Electronic Commerce

Businesses that operate on the Web must comply with the same laws and regulations that govern the operations
of all businesses. If they do not, they face the same penalties including fines, reparation payments, court-imposed
dissolution, and even jail time for officers and owners-that any business faces.

In this chapter you will learn about the issues of borders, jurisdiction, and Web site content and how these factors
affect a company's ability to conduct electronic commerce. You will also learn about legal and ethical issues that
arise when the Web is used in the commission of crimes, terrorist acts, and even the conduct of war.

11.3 Borders and jurisdiction

Territorial borders in the physical world serve a useful purpose in traditional commerce. They mark the range of
culture and reach of applicable laws very clearly. When people travel across international borders, they are made
aware of the transition in many ways. The geographic boundaries on culture are logical; for most of our history,
slow methods of transportation and conflicts among various nations have prevented people from travelling great
distances to learn about other cultures. Both restrictions have changed in recent years, however, and now people
can travel easily from one country to another within many geographic regions. Legal scholars define the
relationship between geographic boundaries and legal boundaries in terms of four elements: power, effects,
legitimacy and notice.
1. Power: control over space, people and objects. In order for a law to be enforced, there needs to be
jurisdiction over the people on whom it is enforced. For example, the United States cannot enforce a
copyright law on a citizen of Japan who does not own any asset in the United States.
2. Effects: the effects of the law are stronger on people and things that are closer. For example, the areas
close to police stations are generally safer than those further away.
3. Legitimacy: the right to create and enforce laws is dependent on the mandate of those people subject to
the laws. In other words, the people living in an area are the ultimate source of legitimate legal authority.
4. Notice: people must know about a law to obey it. Physical boundaries serve to demarcate areas with
different laws. A person entering the borders of another country, for example, will be aware that the laws
in that country will be different.

146 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

11.4 Jurisdiction on the Internet

The tasks of defining, establishing, and asserting jurisdiction are much more difficult on the Internet than they are
in the physical world, mainly because traditional geographic boundaries do not exist. Governments that want to
enforce laws regarding business conducted on the Internet must establish jurisdiction over that conduct. A contract
is a promise or set of promises between two or more legal entities - people or corporations - that provides for an
exchange of value (goods, services, or money) between or among them. If either party to a contract does not
comply with the terms of the contract, the other party can sue for failure to comply, which is called breach of
contract.

Jurisdiction on the internet

Read the section entitled “Jurisdiction on the Internet” on page 308 of the prescribed book. Ensure
that you have a sound understanding of the concepts of Subject-matter jurisdiction, Personal
jurisdiction and Jurisdiction in international commerce.

11.5 Jurisdiction in international commerce

Jurisdiction issues that arise in international business are even more complex than the rules governing personal
jurisdiction across international borders. The exercise of jurisdiction across international borders is governed by
treaties between the countries engaged in the dispute.

Jurisdictional issues are complex and change rapidly. Any business that intends to conduct business online with
customers or vendors in other countries should consult an attorney who is well versed in issues of international
jurisdiction. However, there are a number of resources online that can be useful to non-lawyers who want to do
preliminary investigation of a legal topic such as jurisdiction.

11.6 Conflict of laws

In the United States, business is governed by federal laws, state laws, and local laws. Sometimes, these laws
address the same issues in different ways. Lawyers call this situation a conflict of laws. Because online businesses
usually serve broad markets that span many localities and many states, they generally look to federal laws for
guidance. On occasion, this can lead to problems with state and local laws.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 147

Informatics 2B

Contracting and contract enforcement in electronic commerce

Any contract includes three essential elements.
1. An offer: this is a commitment with certain terms made to another party, such as a declaration or
willingness to buy or sell a product or service.
2. An acceptance: this is a free expression of willingness to take an offer, including all of its stated terms.
3. Consideration: is the agreed-upon exchange of something valuable, such as money, property or future
services.
When a party accepts an offer based on the exchange of valuable goods or services, a contract has been created.
An implied contract can also be confirmed by two or more parties that act as if a contract exists, even if no
contract has been written and signed.

Creating contracts: Offers and acceptances

Every kind of agreement or exchange between parties, no matter how simple, is a type of contract. Contracts are
a key element of traditional business practice, and they are equally important on the Internet. Offers and
acceptances can occur when parties exchange email messages, engage in electronic data interchange (EDI), or
fill out forms on Web pages. These Internet communications can be combined with traditional methods of forming
contracts, such as the exchange of paper documents, faxes, and verbal agreements made over the telephone or
in person. The basic elements of a consumer's contract to buy goods are the same whether the transaction is
completed in person or online. Only the form of the offer and acceptance are different in the two environments.
The substance of the offer, acceptance, and the completed contract are the same.

Click-wrap and Web-wrap contract acceptances

Most software sold today (either on CD or downloaded from the Internet) includes a contract that the user must
accept before installing, the software. These contracts, called end-user license agreements (EULAs), often appear
in a dialog box as part of the software installation process. When the user clicks the "Agree" button, the contract is
deemed to be signed.

Years ago, when most software was sold in boxes that were encased in plastic shrinkwrap, EULA’s were included
on the box with a statement indicating that the buyer accepted the conditions of the EULA by removing the shrink-
wrap from the box. This action was called a shrink-wrap acceptance. Today, a web site user can agree to that
site's EULA or its terms and conditions by clicking a button on the web site (called a click-wrap acceptance) or by
simply using the Web site (called a Web-wrap acceptance or browser-wrap acceptance).

Creating written contracts on the web

In general, contracts are valid even if they are not in writing or signed. However, certain categories of contracts
are not enforceable unless the terms are put into writing and accepted by both parties. Firms conducting
international electronic commerce do not need to worry about the signed writing requirement in most cases. The
main treaty that governs international sales of goods, Article 11 of the United Nations Convention on Contracts for
the International Sale of Goods (CISG), requires neither a writing nor a signature to create a legally binding
acceptance.
148 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2
 Informatics 2B

Implied warranties and warranty disclaimers on the web

Most firms conducting electronic commerce have little trouble fulfilling the requirements needed to create
enforceable, legally binding contracts on the web. One area that deserves attention, however, is the issue of
warranties. Any contract for the sale of goods includes implied warranties. An implied warranty is a promise to
which the seller can be held even though the seller did not make an explicit statement of that promise.

Sellers can avoid some implied warranty liability by making a warranty disclaimer. A warranty disclaimer is a
statement declaring that the seller will not honor some or all implied warranties. Any warranty disclaimer must be
conspicuously made in writing, which means it must be easily noticed in the body of the written agreement. On a
Web page, sellers can meet this requirement by putting the warranty disclaimer in larger type, a bold font, or a
contrasting color. To be legally effective, the warranty disclaimer must be stated obviously and must be easy for
a buyer to find on the Web site.

Authority to form contracts

A contract is formed when an offer is accepted for consideration. Problems can arise when the acceptance is
issued by an imposter or someone who does not have the authority to bind the company to a contract. In electronic
commerce, the online nature of acceptances can make it relatively easy for identity forgers to pose as others.
Fortunately, the Internet technology that makes forged identities so easy to create also provides the means to
avoid being deceived by a forged identity. Companies and individuals can use digital signatures to establish identity
in online transactions. If the contract is for any significant amount, the parties should require each other to use
digital signatures to avoid identity problems.

Terms of service agreements

Many Web sites have stated rules that site visitors must follow, although most visitors are not aware of these rules.
If you examine the home page of a Web site, you will often find a link to a page titled “Terms of Service," "Conditions
of Use," "User Agreement," or something similar. If you follow that link, you will find a page full of detailed rules
and regulations, most of which are intended to limit the Web site owner's liability for what you might do with
information you obtain from the site. These contracts are often called terms of service (ToS) agreements even
when they appear under a different title. In most cases, a site visitor is held to the terms of service even if that
visitor has not read the text or clicked a button to indicate agreement with the terms. The visitor is bound to the
agreement by simply using the site, which is an example of the Web-wrap or (browser-wrap) acceptance you
learned about earlier.

Use and protection of intellectual property in online business

Online businesses must be careful with their use of intellectual property. Intellectual property is a general term
that includes all products of the human mind. These products can be tangible or intangible. Intellectual property
rights include the protections afforded to individuals and companies by governments through patents, and through
registration of trademarks and service marks. Depending on where they live, individuals may have a right of
publicity, which is a limited right to control others' commercial use of an individual's name, image, likeness, or
identifying aspect of identity.
MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 149
Informatics 2B

Copyright issues
A copyright is a right granted by a government to the author or creator of a literary or artistic work. The right is
for the specific length of time provided in the copyright law and gives the author or creator the sole and exclusive
right to print, publish, or sell the work. Creations that can be copyrighted include virtually all forms of artistic or
intellectual expression-books, music, artworks, and computer software.

In the past, many countries (including the United States) required the creator of a work to register that work to
obtain copyright protection. U.S. law still allows registration, but registration is no longer required. A work that does
not include the words "copyright" or "copyrighted," or the copyright symbol ©, but was created after 1989, is
copyrighted automatically by virtue of the copyright law unless the creator specifically released the work into the
public domain.

Patent issues
A patent is an exclusive right granted by the government to an individual to make, use, and sell an invention. In
the United States, patents on inventions protect the inventor's rights for 20 years. An inventor may decide to patent
the design of an invention instead of the invention itself, in which case the patent protects the design for 14 years.
To be patentable, an invention must be genuine, novel, useful, and not obvious given the current state of
technology.

Trademark issues
A trademark is a distinctive mark, device, motto, or implement that a company affixes to the goods it produces for
identification purposes. A service mark is similar to a trademark, but it is used to identify services provided. In the
United States, trademarks and service marks can be registered with state governments, the federal government,
or both. The name (or a part of that name) that a business uses to identify itself is called a trade name. Trade
names are not protected by trademark laws unless the business name is the same as the product (or service)
name. They are protected, however, under common law. Common law is the law established by the history of
court decisions that has accumulated over many years. The other main part of British and U.S. law, called statutory
law, arises when elected legislative bodies pass laws, which are also called statutes.

Domain names and intellectual property issues

Considerable controversy has arisen about intellectual property rights and Internet domain names.
Cybersquatting is the practice of registering a domain name that is the trademark of another person or company
in the hopes that the owner will pay huge amounts of money to acquire the URL. In addition, successful
cybersquatters can attract many site visitors and, consequently, charge high advertising rates. A related problem,
called name changing, also called typosquatting, occurs when someone registers purposely misspelled
variations of well-known domain names. These variants sometimes lure consumers who make typographical errors
when entering an URL.

150 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Another example of domain name abuse is name stealing. Name stealing occurs when someone other than a
domain name's owner changes the ownership of the domain name. A domain name ownership change occurs
when owner information maintained by a public domain registrar is changed in the registrar's database to reflect a
new owner's name and business address. Once the domain name ownership is changed, the name stealer can
manipulate the site, post graffiti on it, or redirect online customers to other sites - perhaps to sites selling competing
products. The main purpose of name stealing is to harass the site owner because the ownership change can be
reversed quickly when the theft is discovered; however, name stealing can cut off a business from its Web site for
several days.

Protecting intellectual property online

Several methods can be used to protect copyrighted digital works online, but they only provide partial protection.
One technique uses a digital watermark, which is a digital code or stream embedded undetectably in a digital
image or audio file. The digital watermark can be encrypted to protect its contents, or simply hidden among the
digital information that makes up the image or recording.

Defamation
A defamatory statement is a statement that is false and that injures the reputation of another person or company.
If the statement injures the reputation of a product or service instead of a person, it is called product disparagement.
In some countries, even a true and honest comparison of products may give rise to product disparagement.
Because the difference between justifiable criticism and defamation can be hard to determine, commercial Web
sites should consider the specific laws in their jurisdiction (and consider consulting a lawyer) before making
negative, evaluative statements about other persons or products.

Deceptive trade practices

The ease with which Web site designers can edit graphics, audio, and video files allows them to do many creative
and interesting things. Manipulations of existing pictures, sounds, and video clips can be very entertaining. If the
objects being manipulated are trademarked, however, these manipulations can constitute infringement of the
trademark holder’s rights. Fictional characters can be trademarked or protected. Many personal Web pages include
unauthorized use of cartoon characters and scanned photographs of celebrities; often, these images are altered
in some way.

Online crime, terrorism and warfare

The Internet has opened up many possibilities for people to communicate, no matter where in the world they live.
The Internet has also opened doors for businesses to reach new markets and create opportunities for economic
growth. However, some people have found the Internet to be a useful tool for perpetrating crimes, conducting
terrorism, and even waging war.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 151

Informatics 2B

Online crime: Jurisdiction issues

Crime on the Web includes online versions of crimes that have been undertaken for in the physical world, including
theft, stalking, distribution of pornography, and other crimes, such as commandeering one computer to launch
attacks on other computers are new.
Law enforcement agencies have difficulty combating many types of online crime. The first obstacle they face is the
issue of jurisdiction.

11.7 New Types of Crime Online

Although the Internet made new types of business possible, the dark side of technological progress is that the
Internet also made new types of crime possible. With these new types of crime, law enforcement officers often
face difficulties when trying to apply laws that were written before the Internet became prevalent to criminal action
carried out on the Internet.

Cyberbullying
The Internet can amplify the effects of acts that, in the physical world, can be dealt with locally. For example, school
playgrounds have long been the realm of bullying. Students who engaged in bullying were dealt with by school
officials; only in extreme cases were such cases referred to law enforcement officials. Today, young people can
use technology to harass, humiliate, threaten, and embarrass each other. These acts are called cyberbullying.
Cyberbullying can include threats, sexual remarks, or pejorative comments transmitted on the Internet or posted
on Web sites (social networking sites are often used for such postings). The perpetrator might also pose as the
victim and post statements or media, such as photos or videos (often edited to cast the victim in an unfavourable
light that are intended to damage the victim's reputation. Because the Internet increases both the intensity and
reach of these attacks, they are much more likely to draw the attention of law enforcement officials than bullying
activities in the physical world. Unfortunately, laws have not kept up with technology and many forms of stalking
and cyberbullying are difficult to prosecute under criminal statutes.

Sexting
The practice of sending sexually explicit messages or photos using a mobile phone is called sexting. Sexting is a
crime in many jurisdictions, even if the message is sent to a friend or acquaintance. A number of celebrities have
been embarrassed by sexting activity.

Data theft
An increasing number of companies have reported attempts by competitors and others to infiltrate their computer
systems with the intent of stealing data or creating disruptions in their operations. Smaller companies are easier
targets because they do not have strong security in place, but larger organizations are not immune to these attacks.

152 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Online Warfare and Terrorism

Many Internet security experts believe that we are at the dawn of a new age of terrorism and warfare that could be
carried out or coordinated through the Internet. A considerable number of Web sites currently exist that openly
support or are operated by hate groups and terrorist organizations. Web sites that contain detailed instructions for
creating biological weapons and other poisons, discussion boards that help terrorist groups recruit members online,
and sites that offer downloadable terrorist training films now number in the thousands.

Ethical Issues
Companies using Web sites to conduct electronic commerce should adhere to the same ethical standards that
other businesses follow. If they do not, they will suffer the same consequences that other companies suffer: the
damaged reputation and long-term loss of trust that can result in loss of business. In general, advertising or
promotion on the Web should include only true statements and should omit any information that could mislead
potential customers or wrongly influence their impressions of a product or service. Even true statements have been
held to be misleading when the ad omits important related facts. Any comparisons to other products should be
supported by verifiable information.

Ethics and Online Business Practices

Online businesses are finding that ethical issues are important to consider when they are making policy decisions.

Privacy rights and obligations

The issue of online privacy is continuing to evolve as the Internet and the Web grow in importance as tools of
communication and commerce.

Communications with children

An additional set of privacy considerations arises when Web sites attract children and engage in some form of
communication with those children. Adults who interact with Web sites can read privacy statements and make
informed decisions about whether to communicate personal information to the site. The communication of private
information (such as credit card numbers, shipping addresses, and so on) is a key element in the conduct of
electronic commerce.

The laws of most countries and most sets of ethics consider children to be less capable than adults in evaluating
information sharing and transaction risks. Thus, we have laws in the physical world that prevent or limit children's
ability to sign contracts, get married, drive motor vehicles, and enter certain physical spaces (such as bars, casinos
and racetracks). Children are considered to be less able (or unable) to make informed decisions about the risks of
certain activities. Similarly, many people are concerned about children's ability to read and evaluate privacy
statements and then consent to providing, personal information to Web sites.

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 153

Informatics 2B

11.8 Summary
 Businesses that operate on the Web must comply with the same laws and regulations that govern the
operations of all businesses.
 Legal scholars define the relationship between geographic boundaries and legal boundaries in terms of
four elements: power, effects, legitimacy and notice.
1. Power: control over space, people and objects.
2. Effects: stronger on people and things that are closer. In the physical world, the effects of
3. Legitimacy: mandate of those people subject to the laws.
4. Notice: people must know about a law to obey it.
 On the internet, the traditional geographic boundaries do not exist, making it difficult to define, establish,
and assert jurisdiction.
 A contract is a promise or set of promises between two or more legal entities, which may be people or
corporations that provides for an exchange of value (goods, services, or money) between or among them.
 If either party to a contract does not comply with the terms of the contract, the other party can sue for
failure to comply, which is called breach of contract.
 The term conflict of laws refers to a situation where the same laws are addressed differently by multiple
legal bodies, all of whom have jurisdiction.
 Legally, the basic elements of a consumer's contract to buy goods are the same whether the transaction
is completed in person or online.
 Certain categories of contracts are not enforceable unless the terms are put into writing and accepted by
both parties.
 Firms conducting international electronic commerce do not need to worry about the signed writing
requirement in most cases.
 The main treaty that governs international sales of goods, Article 11 of the United Nations Convention on
Contracts for the International Sale of Goods (CISG), requires neither a writing nor a signature to create
a legally binding acceptance.
 Any contract for the sale of goods includes implied warranties. Sellers can avoid some implied warranty
liability by making a warranty disclaimer.
 Many Web sites have stated rules that site visitors must follow, generally entitled “Terms of Service,"
"Conditions of Use," "User Agreement," or something similar.
 Intellectual property is a general term that includes all products of the human mind, whether tangible or
intangible.
 A copyright is a right granted by a government to the author or creator of a literary or artistic work.
 A patent is an exclusive right granted by the government to an individual to make, use, and sell an
invention.
 A trademark is a distinctive mark, device, motto, or implement that a company affixes to the goods it
produces for identification purposes.

154 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

 A service mark is similar to a trademark, but it is used to identify services provided.

 Cybersquatting is the practice of registering a domain name that is the trademark of another person or
company in the hopes that the owner will pay huge amounts of money to acquire the URL.
 Name stealing occurs when someone other than a domain name's owner changes the ownership of the
domain name.
 Several methods can be used to protect copyrighted digital works online, but they only provide partial
protection.
 One technique uses a digital watermark, which is a digital code or stream embedded undetectably in a
digital image or audio file.
 The Internet has opened doors for businesses to reach new markets and create opportunities for
economic growth. However, some people have found the Internet to be a useful tool for perpetrating
crimes, conducting terrorism, and even waging war.
 Law enforcement agencies have difficulty combating many types of online crime. The first obstacle they
face is the issue of jurisdiction.
 The Internet has made new types of crime possible, such as: cyberbullying, sexting, data theft and online
warfare and terrorism.
 Companies using Web sites to conduct electronic commerce should adhere to the same ethical standards
that other businesses follow.
 If they do not, they will suffer the same consequences that other companies suffer: the damaged
reputation and long-term loss of trust that can result in loss of business.
 Online businesses are finding that he following ethical issues are important to consider when they are
making policy decisions:
 Privacy rights and obligations
 Communications with children

11.9 Review questions

1. In which ways are contracts entered into over the internet?
2. What is the meaning of the word jurisdiction as it applies to the internet?
3. Explain what the term “conflicts of laws” refers to, and describe how conflicts of laws can take place more
easily on the internet than in the physical world.
4. List and explain the three essential elements of a contract?
5. Define the terms click-wrap contract and web-wrap contract.
6. Why do online companies need to be extra cautious when dealing with children?

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 155

Informatics 2B

11.10 Answers to review questions

1. Contracts can be entered into when parties exchange email messages, engage in electronic data
interchange (EDI), or fill out forms on Web pages.
2. The ability of a government to exert control over a person or corporation who is running a specific Web
site or online business, is called jurisdiction.
3. The term conflict of laws refers to a situation where the same laws are addressed differently by multiple
legal bodies, all of whom have jurisdiction. On the internet, people can access a Web site from any part
of the world. There may be certain things about the Web site which are legal in the country of the Web
site’s origin and internationally, but illegal in the visitor’s country specifically. This constitutes a conflict of
laws.
4. Any contract includes three essential elements.
a. An offer: this is a commitment with certain terms made to another party, such as a declaration
or willingness to buy or sell a product or service.
b. An acceptance: this is a free expression of willingness to take an offer, including all of its stated
terms.
c. Consideration: is the agreed-upon exchange of something valuable, such as money, property or
future services.
5. A web site user can agree to a site's EULA or its terms and conditions by clicking a button on the web
site. This is called a click-wrap acceptance. The user can also accept by simply using the Web site – this
is called a Web-wrap acceptance.
6. Children are considered to be less able or unable to make informed decisions about the risks of certain
activities such as providing personal information to Web sites.

156 MANCOSA Bachelor of Commerce in Information and Technology Management Year 2

 Informatics 2B

Appendices

MANCOSA Bachelor of Commerce in Information and Technology Management Year 2 157