Introduction to

E-Commerce
Chapter 1

Victoria Kim, Ph.D.

E-commerce 2021–2022:
Business. Technology. Society.

• Seventeenth Edition
• Global Edition
Learning Objectives
1. Understand why it is important to study e-commerce.
2. Define e-commerce, understand how e-commerce differs from e-
business, identify the primary technological building blocks
underlying e-commerce, and recognize major current themes in e-
commerce.
3. Identify and describe the unique features of e-commerce technology
and discuss their business significance.
4. Describe the major types of e-commerce.
5. Understand the evolution of e-commerce from its early years to today.
6. Describe the major themes underlying the study of e-commerce.
7. Identify the major academic disciplines contributing to e-commerce.
Class Discussion
• Can you pick a few iconic examples of
e-commerce in the two decades
since it began in 1995?
• Amazon, Google, Apple, Facebook
(Meta)
• Any Korean brands?
• How about Uber? Airbnb?
 Uber: The New Face of E-
commerce?
§ Have you used Uber or any other on-demand
service companies?
§ What is the appeal of these companies for users
and providers?
§ Are there any negative consequences to the
increased use of on-demand services like Uber
and Airbnb?
§ How has the Covid-19 pandemic impacted Uber
and other on-demand services?
Specific Features of Uber Business Model
Uber doesn’t’ sell goods.
It has created a smartphone-based platform that enables people who
want a taxi service to find a provider with resources (a personal car
and a driver with available time).
Uber has Internet-based app service Uber doesn’t own taxis and has no
running on cloud servers located maintenance and financing costs
throughout the world. Uber drivers are independent
Drivers musts use their own contractors, so no compensation,
smartphones and call service, which minimum wage requirements, driver
the drivers pay for. training, health insurance and
commercial licensing.

Uber charges prices that vary Uber maintains efficient quality

dynamically with demand. control.
The higher the demand, the Uber relies on user reviews to identify
greater the price of a ride. problematic drivers and passengers.
 E-Commerce in South Korea
§ The Korean e-commerce market has experienced remarkable growth,
solidifying its position as a global powerhouse.
§ When we reflect back to 2015, the total online transactions stood at a mere
$43 billion.
§ In 2022, the market reached an impressive total value of online transactions,
amounting to $177.42 billion, marking a substantial increase from previous
years.
§ Over the course of seven years, the Korean e-commerce market has
witnessed an astounding growth rate of 312%.

https://www.koisra.co.kr/korea-market-insights/south-
korea-e-commerce-market-overview-2023/
 Top Online Purchase Drivers

§ What drives you

to make a
purchase online?
The First Thirty Seconds

• First two decades of e-commerce

ü Just the beginning
ü Rapid growth and change
• Technologies evolve at exponential rates
ü Disruptive business change
ü New opportunities
• Why study e-commerce
ü Understand opportunities and risks
ü Analyze e-commerce ideas, models, issues
 Introduction to E-commerce
§ Use of Internet to transact business
- Includes Web, mobile browsers and apps

§ More formally:
- Digitally enabled
commercial transactions
between and among
organizations and
individuals Text Text Text Text

§ Digital Commerce
 The Difference Between
E-commerce and E-business
E-business:
§ Digital enabling of transactions and processes within a firm, involving
information systems under firm’s control
§ Does not include commercial transactions involving an exchange of value
across organizational boundaries
E-commerce:
§ Involving primarily transactions that cross firm boundaries
 Technological Building Blocks
Underlying E-commerce

World Wide Web

ü HTML
Internet ü Deep Web versus
“surface” Web

Mobile platform
ü Mobile apps
There are about 1.13 billion websites on the
internet in 2023. with only a fraction of these
are actively used and updated. A staggering
82% are inactive, meaning only 200,121,724
of the 1.13 billion websites are actively
maintained and visited (Forbes, Feb 14, 2023)
Class Discussion: Insight on Technology:
Will Apps Make the Web Irrelevant?
• What are the advantages and disadvantages of
A progressive web
apps, compared with websites, for mobile app (PWA) is an app
users? that's built using
• What are the benefits of apps for content web platform
owners and creators? technologies, but
that provides a user
• What are progressive web apps (PWAs) and experience like that
how do they differ from native apps? of a platform-
• Will apps eventually make the Web irrelevant? specific app.
Why or why not?
 Starbucks Case
Starbucks PWA on
mobile and desktop

https://www.simicart.com/blog/progressive-
web-apps-examples/
 Starbucks Case
Starbucks PWA on mobile and desktop
 Starbucks Case
o With its capability to run in offline mode, Starbucks PWA
allows their customers to browse the menu, customize their
orders, and add items to their carts – all without consistent
access to the internet.
o Once online, they can view location-specific pricing and place
their food and drinks order.
o By launching the new ordering PWA, they doubled the number
of web users who place orders each day, with desktop users
now ordering at about the same rate as mobile users (the PWA
is 99.84% smaller than Starbucks’ existing iOS app)
 Spotify Case
Spotify PWA on
mobile and
desktop
 Spotify Case
Spotify PWA on mobile and desktop
 Major Trends in E-commerce
• Business trends include:
• Covid-19 pandemic fuels surge in retail e-commerce,
m-commerce, and certain on-demand services
• Technology trends include:
• Mobile platform and cloud computing
• Big data and Internet of Things
• Societal trends include:
• User-generated content as a method of self-publishing
• Increased concern about impact of social networks
• Concerns about increasing market dominance of big
technology firms
Unique Features of E-commerce Technology
Marketplace extended
Face-to-face service beyond traditional
boundaries

“Like” and “share” Potential market size =

4-billion population

Reduced market
Price and cost
entry costs
transparency, price
and search costs
discrimination
User-generated
Adjusting messasges content and
to people’s interests’ social networks
 Types of E-commerce
• Business-to-Consumer (B2C)
• Business-to-Business (B2B)
• Consumer-to-Consumer (C2C)
• Mobile e-commerce (M-commerce)
• Social e-commerce
• Local e-commerce
Business-to-
Consumer
(B2C)
o Online businesses attempt
to reach individual
consumers
o B2C commerce includes
purchase of
ü retail goods
ü travel, finance, reals
estate and other
services
ü online content
Business-to-
Consumer
(B2C)
o B2C commerce will
continue to grow 10%
annually.
o More information in
Chapters 9-11
Business-to-
Business
(B2B)
o Businesses focus on selling
to other businesses
o Two business models:
ü net marketplaces (e-
distributors,
exchanges)
ü private industrial
networks
o More information in
Chapters 2 and 12
 Consumer-to-Consumer (C2C)
o Consumers sell to each other with the help of an online market
maker (a platform provider).
o Examples:
ü Craiglist
ü eBay
ü Etsy
ü Taobao (China)
ü Facebook Marketplace
ü On-demand services (Uber, Airbnb)

An example of a Korean C2C company?

 Mobile E-
Commerce
(M-Commerce)
o Use of mobile devices to
enable mobile transactions.
o COVID-19: revenues grow
by 32%
o Conversational commerce –
use of chatbots on mobile
messaging apps (WhatsApp,
SnapChat, FB Messenger) as
a vehicle for companies to
engage with consumers
 Social E-Commerce

o Enabled by social networks and

online social relationships
o Still in its relative infancy
o Increasing popularity of social
sign-on (signing onto websites
using your X or FB ID)
o Instagram, YouTube, Pinterest
 Local E-Commerce

o Focused on engaging
the consumer based on
his/her current
geographic location
o Local merchants use a
variety of online
marketing techniques
to drive consumers to
their stores
Although growing
rapidly, mobile, social
and local e-commerce
are still relatively small in
comparison to
“traditional” e-
commerce (B2B)
 Korean Coupang
has launched
“Coupang Biz” in
2021, jumping into
the B2B business
for small-to-
medium sized
businesses
shopping for office
equipment, etc.

Naver Shopping
Live (similar to
traditional TV
home shopping),
WeMakePrice
(!"#), etc.
 Naver Live Commerce:
The New Way of Online Shopping
§ Naver Shopping Live (Live-streaming e-
Commerce) launched in 2020
§ An online shopping platform allowing
retailers and consumers to connect with
each other in real-time
§ Provides an immersive shopping
experience for both retailers and
consumers.
§ For retailers: the opportunity to connect
with potential customers in a unique way Naver Shopping Live has become particularly
§ For consumers: the chance to see popular during the COVID-19 pandemic, as it
products up close and ask questions in offers a convenient and safe way to shop for
real-time. groceries and other essential items.
 Why Is Naver Shopping Live a Game-
Changer for Online Retail in Korea?
ü Real-time interaction
ü Large audience This data can be used to improve the live
ü Influencer marketing stream experience for future viewers and
ü Low fees to identify trends and patterns among
ü A wide range of product categories shoppers.
ü A user-friendly interface
ü Discounts and coupons to viewers
ü Tracking viewer interactions and analyzing data in real-time.
 E-commerce: A Brief History
Precursors
§ Baxter Healthcare modem-based system (1970s) – using a telephone-
based modem that permitted hospitals to reorder supplies from Baxter
§ PC-based remote order entry systems (1980s)
§ Electronic Data Interchange (EDI) standards (1980s) that permitted
firms to exchange commercial documents and conduct digital
commercial transactions across private networks
§ French Minitel (1981) – a French videotext system that combined a
telephone with an 8-inchc screen
E-commerce: A Brief History
Periods in the Development of E-commerce
1995–2000: Invention
• Sale of simple retail goods
• Limited bandwidth and media
• Euphoric visions of
ü Friction-free commerce
ü First-mover advantages
• Dot-com crash of 2000
2001–2006: Consolidation
• Emphasis on business-driven approach
• Traditional large firms expand presence
• Start-up financing shrinks
• More complex products and services sold
• Growth of search engine advertising
• Business web presences expand

2007–Present: Reinvention
• Rapid growth of:
ü Web 2.0, including online social networks
ü Mobile platform
ü Local commerce
ü On-demand service economy
• Entertainment content develops as source of revenues
• Transformation of marketing
 Assessing E-commerce
§ Stunning technological success

§ Early years a mixed business success WEBROOMING

ü Few early dot-coms have survived
ü Online sales growing rapidly

No one foresaw that Google/YouTube and

Facebook/Instagram would dominate the online
advertising marketplace (55% of worldwide digital
advertising revenues).
ROBO
No one anticipated that a pandemic would occur
in early 2020 à broadscale and widespread
changes in consumer shopping behavior, changes O2O
that are likely to persist even once the crisis
passes, à increased growth of retail e-commerce,
particularly from the top 1000 online retailers.
 Assessing E-commerce
§ Many early visions not fulfilled
ü Price dispersion
ü Consumers – less price sensitive than expected
ü Information asymmetry
ü New intermediaries (e-commerce platforms such as Amazon, eBay,
Expedia, etc.
§ Other surprises
ü Fast-follower advantages
ü Start-up costs of doing business online – often no lower than bricks-an-
mortar stores
ü Impact of mobile platform
ü Emergence of on-demand e-commerce (taxis, groceries, laundry, etc.)
 Understanding E-commerce:
Organizing Themes
§ Technology:
ü Development and mastery of digital computing and communications
technology
§ Business:
ü New technologies present businesses with new ways of organizing
production and transacting business
§ Society:
ü Intellectual property, individual privacy, public welfare policy
The Internet and
the Evolution of
Corporate
Computing
Academic Disciplines
Concerned with Technology

• Technical
– Computer science, management science, information systems
• Behavioral
– Information systems research, economics, marketing,
management, finance/accounting, sociology
Careers in E-commerce

• Position: Category specialist in E-commerce Retail Program

• Qualification/Skills

• Preparing for the Interview

• Possible Interview Questions

 E-commerce
Business Strategies
Chapter 2

Victoria Kim, Ph.D.

 Learning Objectives
Identify the key
01 03
Describe the major
components of e-
B2B business models.
commerce business models.

Understand key business

02 04
Describe the major B2C
business models. concepts and strategies
applicable to e-commerce.
 Coping with a Pandemic:
Small Businesses Reinvent with E-commerce
Class Discussion
1. Prior to the pandemic, did you physically shop at small
businesses in your community?
2. What steps have small businesses with which you are
familiar taken to continue operating during the pandemic?
3. Do you continue new consumer behaviors instituted during
the pandemic after it was over? For instance, if you ordered
groceries online, do you continue to do so?
 PROBLEMS VS SOLUTIONS
Case 1 Case 2
o Savor Seattle, a food tour Gyms and fitness studios
company, created gift also quickly shifted to
boxes that contained items accommodate new
from its tour vendors. regulations, adding virtual
classes and "at home"
The boxes became so
o
training packages for
successful → donated more
people looking to continue
than $100,000 in sales to
their routines at home.
local nonprofits.
 01
E-commerce
Business Models
E-commerce has become a lifeline
for many businesses of necessity.
 E-commerce Business Models
• Business model
✓ Set of planned activities designed to result in a profit in a
marketplace, taking into account the competitive
environment
• Business plan
✓ Document that describes a firm’s business model
• E-commerce business model
✓ Aims to use and leverage unique qualities of the Internet, the
Web, and the mobile platform
Eight Key Elements of a
Business Model
1. Value proposition
2. Revenue model
3. Market opportunity
4. Competitive environment
5. Competitive advantage
6. Market strategy
7. Organizational development
8. Management team
 VALUE
PROPOSITION
“Why should the customer buy
from you?”
▪ Successful e-commerce value
propositions:
✓ Personalization/customization
✓ Reduction of product search,
price discovery costs
✓ Facilitation of transactions by
managing product delivery
 VALUE
PROPOSITION
“Why should the customer buy
from you?”
▪ Successful e-commerce value
propositions:
✓ Personalization/customization
✓ Reduction of product search,
price discovery costs
✓ Facilitation of transactions by
managing product delivery
REVENUE MODEL
“How will you earn money?”
▪ Major types of revenue models:
✓ Advertising revenue model
✓ Subscription revenue model
o Freemium strategy
✓ Transaction fee revenue model
✓ Sales revenue model
✓ Affiliate revenue model
Korean Example
▪ Coupang employs an affiliate revenue
model to expand its reach and increase
sales.
▪ Through that program, individuals or ▪ An example of a Korean blog
businesses can promote Coupang's using Coupang Partners
products on their websites, blogs, or
▪ https://playcraft.tistory.com/571
social media platforms.
▪ When a user clicks on the affiliate's
referral link and makes a purchase on
Coupang's platform, the affiliate earns
a commission on the sale.
MARKET OPPORTUNITY
“What marketspace do you intend to serve and what is its size?”
✓ Marketspace: Area of actual or potential commercial value in
which company intends to operate
✓ Realistic market opportunity: Defined by revenue potential in
each market niche in which company hopes to compete
▪ Market opportunity typically divided into smaller niches
COMPETITIVE ENVIRONMENT
“Who else occupies your intended marketspace?”
✓ Other companies selling similar products in the same marketspace
✓ Includes both direct and indirect competitors
▪ Influenced by:
✓ Number and size of active competitors
✓ Each competitor’s market share
✓ Competitors’ profitability
✓ Competitors’ pricing
 COMPETITIVE ADVANTAGE
“What special advantages does your firm bring to the
marketspace?”
✓ Is your product superior to or cheaper to produce than your
competitors’?
▪ Important concepts:
✓ Asymmetries
✓ First-mover advantage, complementary resources
✓ Unfair competitive advantage
✓ Leverage
✓ Perfect markets
MARKET STRATEGY
“How do you plan to promote your
products or services to attract your
target audience?”
✓ Details how a company
intends to enter market and
attract customers
✓ Best business concepts will fail
if not properly marketed to
potential customers
EXAMPLE
Twitter, YouTube, and
Pinterest’s social network
marketing strategy that
encourages users to:
✓ post their content for free
✓ build personal profile pages
✓ contact their friends
✓ build a community.
The customer becomes part of
the marketing staff!
ORGANIZATIONAL DEVELOPMENT
▪ “What types of organizational structures within the firm
are necessary to carry out the business plan?”
▪ Describes how firm will organize work
✓ Typically, divided into functional departments (production,
shipping, marketing, customer support, finance, etc.)
✓ As company grows, hiring moves from generalists to
specialists (e.g., one marketing position broken into 7
separate jobs done by 7 individuals)
MANAGEMENT TEAM

“What kind of backgrounds should the company’s leaders have?”

▪ A strong management team:
✓ Can make the business model work
✓ Can give credibility to outside investors
✓ Has market-specific knowledge
✓ Has experience in implementing business plans
 RAISING CAPITAL
▪ “Bootstrapping” ▪ Elevator pitch
▪ Seed capital ▪ Crowdfunding
▪ Traditional sources: o using the Internet to enable
individuals to collectively
✓ Incubators contribute money to support
✓ Angel investors a project)
✓ Venture capital firms o Donor-based (GoFundMe)
✓ Commercial banks o Rewards-based (Kickstarter,
Indiegogo)
✓ Strategic partners o Equity crowdfunding
 CATEGORIZING E-COMMERCE BUSINESS
MODELS: SOME DIFFICULTIES
● Many e-commerce business models and more are invented every day
● No one correct way to categorize ✓ E-tailer (online retailer): B2C
● Here, we categorize according to: ✓ E-distributor: B2B
○ E-commerce sector (e.g., B2B, B2C)
○ E-commerce technology (e.g., m-commerce)
● Similar models appear in different sectors
● Companies may use multiple business models (e.g., Amazon, eBay)
● E-commerce enablers
 AMAZON VS eBAY

Multiple business models: o A market creator in the

o an e-retailer B2C and C2C e-commerce
o content provider sectors using both the
o market creator traditional Internet/Web
o e-commerce and mobile platforms
infrastructure provider o An e-commerce
o Etc. infrastructure provider
 02
MAJOR B2C
BUSINESS MODELS
Online businesses seek to
reach individual consumers.
 MAJOR B2C BUSINESS MODELS

E-TAILER SERVICE
PROVIDER

COMMUNITY MARKET
PROVIDER CREATOR

CONTENT PORTAL TRANS-

PROVIDER ACTION
BROKER
E-TAILER
▪ Online version of traditional retailer
▪ Revenue model: Sales
▪ Variations:
Example: Naver Smart Store
✓ Virtual merchant
https://www.naver.com/
✓ Bricks-and-clicks
✓ Catalog merchant
✓ Manufacturer-direct
▪ Low barriers to entry (total cost of entering a new marketplace)
COMMUNITY PROVIDER
▪ Provide online environment (social network) where like-
minded people with similar interests can transact (buy and
sell goods), share content, and communicate
✓ Examples: Facebook, LinkedIn, Twitter (X), Pinterest
▪ Revenue models:
✓ Typically hybrid, combining advertising, subscriptions,
sales, transaction fees, affiliate fees, and so on
CONTENT PROVIDER Spotify
Financial Times
▪ Digital content on the Web:
CNN
✓ News, music, video, text, artwork
▪ Revenue models:
✓ Use variety of models, including advertising,
subscription; sales of digital goods
Google
✓ Key to success is typically owning the News
content.
▪ Variations: Apple News
✓ Syndication YouTube
✓ Content aggregators (do not own content, but syndicate
and then distribute content produced by others)
PORTAL
▪ Search plus an integrated package of content and services
▪ Revenue models:
✓ Ad placement, referral fees, transaction fees,
subscriptions for premium services
▪ Variations: Including all users of the Internet
✓ Horizontal/general (e.g., Yahoo, AOL, MSN)
✓ Vertical/specialized (vortal) (e.g., Sailnet, Hoursenet)
✓ Search (e.g., Google, Bing) Focused on a particular
subject matter or market
segment
TRANSACTION BROKER
▪ Process online transactions for consumers
✓ Primary value proposition-saving time and money
▪ Revenue model:
✓ Transaction fees
▪ Industries using this model:
✓ Financial services (e.g., stockbrokers)
✓ Travel services (commissions from travel bookings)
✓ Job placement services (listing fees from employers up
front, not when a position is filled)
 MARKET CREATOR
▪ Create digital environment where buyers and sellers can meet
and transact (display & search for products, etc.)
✓ Examples: Priceline, eBay
✓ Revenue model: Transaction fees, fees to merchants for
access
▪ On-demand service companies (sharing economy): platforms
that allow people to sell services
✓ Examples: Uber, Airbnb, Lyft (= service providers)
900 cities, 69 countries 220 countries, 750 mln users
SERVICE PROVIDER Example in Korea:
KAKAO
▪ Online services
✓ Example: Google (Google Maps, Google Docs Gmail, etc.)
✓ Other personal services (online medical bill management,
pension planning, optimal loan and travel recommendations)
▪ Value proposition
✓ Valuable, convenient, time-saving, low-cost alternatives to
traditional service providers
▪ Revenue models:
✓ Sales of services, subscription fees, advertising, sales of
marketing data
 03
B2B BUSINESS MODELS
Businesses sell to other businesses
E-DISTRIBUTOR
▪ Version of retail and wholesale store, MRO (maintenance, repair,
operations) goods, and indirect goods
▪ Owned by one company seeking to serve many customers →
critical mass as a factor
▪ Revenue model: Sales of goods
▪ Examples: W.W. Grainger, Cisco Systems

Net Marketplaces

E-PROCUREMENT
▪ Creates digital markets where
participants transact for indirect goods
✓ B2B service providers, SaaS and
PaaS providers
✓ Achieving scale economies
▪ Revenue model:
✓ Service fees, supply-chain
management, fulfillment services
▪ Example: SAP Ariba
EXAMPLES in KOREA
KOSCOM eProcurement offers an e-
procurement solution that helps
businesses manage their
procurement processes, supplier
relationships, and transactions
electronically.
SK C&C Smart Procurement provides
an e-procurement platform that
enables businesses to streamline
their procurement operations,
automate workflows, and enhance
supplier collaboration.
Net Marketplaces
EXCHANGES
▪ Independently owned vertical digital marketplace for direct inputs
▪ Usually serve in the same industry or sector (steel, polymer, aluminum)
▪ Revenue model: Transaction, commission fees
▪ Create powerful competition between suppliers
▪ Tend to force suppliers into powerful price competition; number of
exchanges has dropped dramatically
▪ Examples: Go2Paper (software solution technology that provides tools for
print and paper orders, and inventory management for print and paper buyers,
printers, and suppliers), Alibaba, IndiaMart
Net Marketplaces
INDUSTRY CONSORTIA
▪ Industry-owned vertical digital marketplace (e.g., automobile,
aerospace, chemical or floral industries) open to select suppliers
▪ More successful than exchanges
▪ Sponsored by powerful, deep-pocketed industry players
▪ Strengthen traditional purchasing behavior rather than seek to
transform it
▪ Revenue model: Transaction, commission fees
▪ Example: SupplyOn owned by Bosch, Continental and Schaeffler;
its customers – BMW, Airbus, etc.
Net Marketplaces
PRIVATE INDUSTRIAL NETWORKS
▪ Referred as private trading exchange or PTX
▪ Digital network used to coordinate among firms engaged in
business together
▪ The network owned by a single large purchasing firm
▪ Participation – by invitation only to trusted long-term suppliers
▪ Typically evolve out of large company’s internal enterprise system
▪ Example: Walmart’s network for suppliers
▪ More details in Chapter 12
 04
HOW E-COMMERCE
CHANGES BUSINESS
Strategy, structure and process
 INDUSTRY STRUCTURE
▪ E-commerce changes industry structure (in some
industries more than others) by changing:
✓ Rivalry among existing competitors
✓ Barriers to entry
✓ Threat of new substitute products
✓ Strength of suppliers
✓ Bargaining power of buyers
▪ Industry structural analysis
 INDUSTRY VALUE CHAINS
▪ Set of activities performed by suppliers, manufacturers,
transporters, distributors, and retailers that transform
raw inputs into final products and services
▪ Internet reduces cost of information and other
transactional costs
▪ Leads to greater operational efficiencies, lowering cost,
prices, adding value for customers
▪ Manufacturers developing direct relationships with
customers, bypassing the cost of distributors and retailers
 FIRM VALUE CHAINS
▪ Activities that a firm engages in to create final products
from raw inputs
▪ Each step adds value
▪ Effect of Internet:
✓ Increases operational efficiency
✓ Enables more differentiated and high-value products
✓ Enables precise coordination of steps in chain
▪ Example: Amazon (providing a much larger inventory of books, at
a lower cost, professional and consumer reviews, information on
buying patterns, etc.  traditional bookstores cannot)
 FIRM VALUE WEBS
▪ Networked business ecosystem
▪ Uses Internet technology to coordinate the value chains of
business partners within an industry
▪ Coordinates a firm’s suppliers with its own production needs
using an Internet-based supply chain management system
▪ Example: Amazon relies on UPS tracking system for
customers (plus other partnerships with hundreds of firms to generate
customers and manage relationships with customers)
 BUSINESS STRATEGY
▪ Plan for achieving superior long-term returns on capital
invested: that is, profit (difference between the price a firm is able to
charge for its products and the cost of producing and distributing goods)
▪ Five generic strategies:
✓ Product/service differentiation (vs. commoditization)
✓ Cost competition
✓ Scope strategy (global rather than local markets)
✓ Focus/market niche (specialization)
✓ Customer intimacy (developing strong ties with customers to
increase switching costs) → Amazon’s one-click shopping
 BUSINESS STRATEGY
▪ Plan for achieving superior long-term returns on capital
invested: that is, profit (difference between the price a firm is able to
charge for its products and the cost of producing and distributing goods)
▪ Five generic strategies:
✓ Product/service differentiation (vs. commoditization)
✓ Cost competition
✓ Scope strategy (global rather than local markets)
✓ Focus/market niche (specialization)
✓ Customer intimacy (developing strong ties with customers to
increase switching costs) → Amazon’s one-click shopping
E-COMMERCE TECHNOLOGY AND
BUSINESS MODEL DISRUPTION
▪ Disruptive technologies
▪ Digital disruption
▪ Sustaining technology
▪ Stages
✓ Disruptors introduce new products of lower quality
✓ Disruptors improve products
✓ New products become superior to existing products
✓ Incumbent companies lose market share
 CAREERS IN
E-COMMERCE
▪ Position: Assistant Manager of E-business
▪ Qualification/Skills
▪ Preparing for the Interview
▪ Possible Interview Questions
THANK
YOU
E-COMMERCE
INFRASTRUCTURE
 Discuss the origins of,
and the key technology
concepts behind, the
Internet. Explain the current
structure of the
Understand how Internet.
the Web works.
Describe how
Internet and web
features and services
Understand the support e-commerce.
impact of mobile
applications.
 CLASS
Discussion
💁🏻‍♀️How has your usage of the
Internet changed as a result of
the pandemic?
💁🏻‍♀️How has the pandemic
highlighted the issues raised by
the “digital divide”?
 01
THE INTERNET:
TECHNOLOGY
BACKGROUND
 How much do you really need to know
about the technology of the Internet?
▪ Depends on your career interests.
▪ A marketing career path, or general managerial business
path, → basics about Internet technology (Chapter 3 & 4)
▪ A technical career path (a web designer, web
infrastructure for businesses, etc.) → start with these
basics and then build from there.
▪ You'll also need to know about the business side of e-
commerce, which you will learn about throughout this
book.
THE INTERNET: TECHNOLOGY BACKGROUND

INTERNET
▪ Interconnected
network of thousands World Wide Web
of networks and
millions of computers
(Web)
▪ Links businesses, ▪ One of the Internet’s most
educational institutions, popular services
government agencies, ▪ Provides access to trillions
and individual of web pages created in
HTML programming
language
 THE EVOLUTION OF THE INTERNET:
1961–PRESENT

More
details in
Table 3.2.
(textbook,
p.151-153)

✓ Creation of ✓ Large institutions ✓ Private corporations take

fundamental provide funding over, expand Internet
building blocks and legitimization backbone and local service
 MAJOR EVENTS
HyperText
Markup
Language

INNOVATION INSTITUTIONALIZATION COMMERCISLIZATION

PHASE PHASE PHASE
1961: Leonard Kleinrock 1976: The first Apple 1995: Jeff Bezos founds
published a paper on computer is released. Amazon; Pierre Omidiar
“packet switching” 1981: The first IBM PC is forms AuctionWeb
networks released. (eBay) 2007: The Apple
1972: Raymond Tomlinson 1989: The concept of WWW iPhone is introduced.
invented email on the based on HTML is born. 2008: Cloud computing
ARPANET system (pre- 1994: The first banner ads 2013: Internet of Things
Internet) → the beginning of e- 2020: COVID-19
commerce
 THE INTERNET: KEY TECH CONCEPTS
In 1995, Internet was defined as network that:
✓ Uses Internet Protocol (IP) addressing scheme
✓ Supports Transmission Control Protocol (TCP)
✓ Provides services to users, in manner similar to
telephone system

Three important concepts:

✓ Packet switching
✓ TCP/IP communications protocol
✓ Client/server computing
 PACKET SWITCHING
▪ A method of slicing digital messages into packets
▪ Sends packets along different communication paths as
they become available
▪ Reassembles packets once they arrive at destination
▪ Uses routers (a special purpose computers using routing
algorithm
▪ Less expensive, wasteful than circuit-switching
▪ The first book on packet switching by Leonard Kleinrock
(1964)
 TCP/IP
● Transmission Control Protocol (TCP)
○ Establishes connections among sending and
receiving Web computers
○ Handles assembly of packets at point of
transmission, and reassembly at receiving end
● Internet Protocol (IP)
○ Provides the Internet’s addressing scheme
○ Responsible for the actual delivery of the packets
 TCP/IP
● Four TCP/IP layers
○ Network interface layer – placing packets on and
receiving them from the network medium
○ Internet layer – addressing, packaging, and routing
messages
○ Transport layer – providing communication with
other protocols
○ Application layer – providing user services or
exchanging data
Figure 3.4 The TCP/IP Architecture and
Protocol Suite
 INTERNET (IP) ADDRESS
Two versions of IP currently in use:
▪ IPv4
• 32-bit number
• Four sets of numbers marked off by periods:
201.61.186.227
✓ Class C address: Network identified by first three
sets, computer identified by last set
▪ IPv6
• 128-bit addresses, able to handle up to 1 quadrillion
addresses (IPv4 can handle only 4 billion)
How TCP/IP and packet switching work together to send data:
 Domain Names, DNS, and URLs
• Domain name
✓ IP address expressed in natural language
• Domain name system (DNS)
✓ Allows numeric IP addresses to be expressed in
natural language
• Uniform resource locator (URL)
✓ Address used by web browser to identify location of
content on the Web
✓ Examples: http://naver.com/ http://samsung.com/
Domain Names, DNS, and URLs
Country Code
Top-Level
Domain
CLIENT/SERVER COMPUTING
THE MOBILE PLATFORM
MOBILE-FIRST DESIGN

https://www.netsolutions.com/insights/what-is-mobile-first-design/#what-is-
the-difference-between-mobile-first-and-responsive-web-d
WHY IS MOBILE-FIRST DESIGN
IMPORTANT?
RESPONSIVE DESIGN
MOBILE-FIRST DESIGN
MOBILE-FIRST DESIGN
MOBILE-FIRST DESIGN
MOBILE-FIRST DESIGN
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service

Hardware and
software services
are provided on
the Internet by
vendors operating
very large server
farms and data
centers.
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service
Google Drive, Dropbox, Apple Cloud (storage of
data, photos, music, etc.)
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service
 THE INTERNET “CLOUD COMPUTING”
MODEL – Hardware & Software As a Service
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS

Simple Mail Transfer

Protocol (SMTP) is an
application used by
mail servers to send,
receive, and relay
outgoing email
between senders and
receivers.
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS

Post Office Protocol 3,

the third version of a
widespread, one-way
client-server protocol in
which email is received
and held on the email
server.
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
Internet Messaging
Access Protocol
- Logging in with
multiple computers and
devices simultaneously.
- Synced and stored on
the server for all
connected devices to
access.
- Mail stored on the
server until the user
permanently deletes it.
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
Internet Messaging
Access Protocol
- Logging in with
multiple computers and
devices simultaneously.
- Synced and stored on
the server for all
connected devices to
access.
- Mail stored on the
server until the user
permanently deletes it.
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
File Transfer Protocol,
one of the original Internet
services; used to
communicate and transfer
files between computers
on a TCP/IP
Teletype network
(Telnet), a network
protocol for bidirectional
communication using a
virtual terminal connection
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
Secure Socket Layers
(SSL) - 1995
Transport Layer Security
(TLS) – 1999 (a more
recent version of SSL)
Both are cryptographic
protocols that encrypt
data and authenticate a
connection when moving
data on the Internet.
OTHER INTERNET PROTOCOLS AND
UTILITY PROGRAMS
Secure Packet InterNet
Groper (Ping): program
allowing you to check the
connection between client
computer and a TCP/IP
network
Tracert: route-tracing utility
that allows you to follow
the path of a message you
send from your client to a
remote computer
 02
INTERNET
INFRASTRUCTURE
& ACCESS
Users work with applications
THE INTERNET BACKBONE
THE INTERNET EXCHANGE POINTS
(IXPs)
TIER 3 INTERNET SERVICE PROVIDERS

Largest
providers in
Korea?
SATELLITE INTERNET
PROVIDERS
 CAMPUS/CORPORATE
AREA NETWORKS (CANs)
MOBILE INTERNET ACCESS
WIRELESS LOCAL AREA NETWORK (WLAN) –
BASED INTERNET ACCESS
OTHER INNOVATIVE INTERNET ACCESS
TECHNOLOGIES:
Drones, Balloons, and White Space
THE INTERNET OF THINGS (IOT)
CLASS DISCUSSION
Insight on Business
The Internet of Everything:
Opportunities and Challenges
QUESTIONS
WHO GOVERNS THE INTERNET?
CLASS DISCUSSION
Insight on Society
Government Regulation and
Surveillance of the Internet
QUESTIONS
 THE WEB
03
 THE WEB
1989–1991: Web invented
✓ Tim Berners-Lee at CERN
✓ HTML, HTTP, web server, web browser
1993: Mosaic web browser w/GUI
✓ Andreessen and others at NCSA
✓ Runs on Windows, Macintosh, or Unix
1994: Netscape Navigator, first commercial
web browser
1995: Microsoft Internet Explorer
HYPERTEXT
MARKUP LANGUAGES
 WEB SERVERS AND WEB CLIENTS
Web server software
✓ Enables a computer to deliver web pages to clients on a network
that request this service by sending an HTTP request
✓ Basic capabilities: Security services, FTP, search engine, data
capture
Web server
✓ May refer to either web server software or physical server
✓ Specialized servers: Database servers, ad servers, and so on
Web client
✓ Any computing device attached to the Internet that is capable of
making HTTP requests and displaying HTML pages
 WEB BROWSERS
Primary purpose is to display web page, but may include
added features
▪ Google’s Chrome: almost 70% of desktop market and
about 65% of mobile market
✓ Open source
▪ Mozilla Firefox: 8% desktop, >1% mobile
✓ Open source
▪ Microsoft Edge: 7% desktop
▪ Internet Explorer: 6% desktop
▪ Apple’s Safari: 4% desktop, 27% mobile
THE INTERNET
AND WEB:
04
THE INTERNET AND WEB:
FEATURES
COMMUNICATION TOOLS
 CLASS DISCUSSION
Insight on Technology
Zoom in the Midst of the Pandemic

▪ What has your experience using Zoom and other

videoconferencing services during the pandemic
been like?
▪ What challenges does Zoom face?
▪ How has Zoom responded to those challenges?
 SEARCH ENGINES
▪ Identify web pages that match queries based on one or
more techniques
✓ Keyword indexes
✓ Page ranking
▪ Also serve as:
✓ Shopping tools
✓ Advertising vehicles (search engine marketing)
✓ Tool within e-commerce sites
▪ Top three providers: Google, Microsoft’s Bing, Verizon
Media (Yahoo)
 DOWNLOADABLE AND STREAMING
MEDIA
▪ Downloads:
✓ Growth in broadband connections enables large media
file downloads
▪ Streaming technologies
✓ Enables music, video, and other large files to be sent to
users in chunks so that the file can play uninterrupted
▪ Podcasting
▪ Explosion of popularity in online video viewing(Instagram,
Twitter, YouTube, Facebook, etc.) → online advertising
 WEB 2.0 APPLICATIONS & SERVICES
▪ Online Social Networks
✓ Services that support communication among networks of
friends, peers
▪ Blogs
✓ Personal web page of chronological entries
✓ Enables web page publishing with no knowledge of H T M L
▪ Wikis
✓ Enables documents to be written collectively and
collaboratively
✓ E.g., Wikipedia
 VR AND AR
▪ Virtual reality (VR)
▪ Immersing users within virtual world
▪ Typically uses head-mounted display (HMD)
▪ Facebook’s Oculus Rift, Samsung’s Gear VR, Google’s Cardboard,
Sony’s PlayStation VR
▪ Augmented reality (AR)
▪ Overlaying virtual objects over the real world, via mobile devices
or HMD s
▪ Nintendo’s Pokémon GO
▪ Apple’s ARKit, Google’s ARCore, Facebook’s Spark AI Studio
▪ Mixed reality (MR)
▪ Enhanced version of AR (Microsoft’s Hololens)
 INTELLIGENT DIGITAL ASSISTANTS
▪ Computer search engine using:
✓ Natural language
✓ Conversational interface, verbal commands
✓ Situational awareness
▪ Can handle requests for appointments, flights, routes, event
scheduling, and more.
✓ Examples:
• Apple’s Siri
• Google Now/Google Assistant
• Amazon Alexa
 MOBILE APPS
▪ Use of mobile apps has exploded
✓ Most popular entertainment media, over T V
✓ Always present shopping tool
✓ Almost all top 100 brands have an app
▪ Platforms
✓ iPhone/iPad (i O S), Android
▪ App marketplaces
✓ Google Play, Apple’s App Store, Amazon’s Appstore
THANKS!
Does anyone have any questions?

CREDITS: This presentation template was

created by Slidesgo, including icons by
Flaticon, and infographics & images by Freepik
 Chapter 4

Building an E-
commerce Presence
Victoria Kim, Ph.D.
Learning Objectives
1. Understand the questions you must ask and answer, and the steps you
should take, in developing an e-commerce presence.
2. Explain the process that should be followed in building an e-commerce
presence.
3. Identify and understand the major considerations involved in choosing web
server and e-commerce merchant server software.
4. Understand the issues involved in choosing the most appropriate hardware
for an e-commerce site.
5. Identify additional tools that can improve website performance.
6. Understand the important considerations involved in developing a mobile
website and building mobile applications.
01
Imagine Your
E-commerce
Presence
What’s the idea?
(The Visioning Process)
What do you hope to accomplish and how do you
hope to accomplish it?
The vision includes:
▪ Mission statement
▪ Target audience
▪ Intended market space
▪ Strategic analysis
▪ Marketing matrix
▪ Development timeline
▪ Preliminary budget
Examples
Where’s the Money?
Business & Revenue Model
❖ Your business model(s)?
✓ Portal, e-tailer, content
provider, market creator,
service provider, community

Revenue Models
provider (see Chapter 2) Subscriptions
❖ Your revenue model(s)?
✓ Advertising, subscriptions, Ad Space
transaction fees, sales, affiliate
revenue Selling unique
photos and gifts
Who and where is the target
audience?
❖ Where can you best reach them?
- Demographics (age, gender, location, income)
- Behavior patterns (lifestyle)
- Consumption patterns (online vs. offline purchasing)
- Digital usage patterns
- Content creation preferences (blogs, social networks, sites like
Pinterest)
- Buyer’s persona (profiles of your typical customer)
 Broad demographic
range
• From 34-year-olds to 65-year-olds
• Mostly middle-aged
• Middle incomes
• Love for motorcycles
• Lifestyle associated with touring the
highways of America
• Many of men ride with women

• Offer a collection of women’s clothing and

several pages devoted to female riders
Broad demographic
range
 Aimed at women
• From 18-year-old to 34-year-old
• Various stages of getting married
• Lifestyles that include shopping online, using
smartphones and tablets, downloading apps, and
using Facebook.
• Technologically hip audience
• Read and contribute to blogs, comment on
forums, and use Pinterest to find ideas for fashion
• A "typical' visitor to The Knot:
• a 28-year-old woman with an engagement ring
• just starting the wedding planning process
• income of $45,000
• lives in the Northeast
• interested in a beach wedding
 What is the Ballpark?
Characterize the marketplace

❖ Size a declining filled with You will multiply your chances of

strong competitors failure

an emerging, growing,
You stand a better chance
Enter and has few competitors

be rewarded handsomely with a profit-

able monopoly on a successful product no
one else thought of (Apple)
a market with no
players, you will either or you will be quickly forgotten because
there isn't a market for your product at this
point in time
 What is the Ballpark?
Characterize the marketplace

❖ Features
• Is the market growing, or receding in size?
• If it's growing, among which age and income groups?
• Is the marketplace shifting from offline to online delivery?
• If so, is the market moving toward traditional websites or the mobile platform?
• Is there a special role for a mobile presence in this market?
• What percentage of your target audience uses a website, smartphone, or tablet?
• What about social networks? What's the buzz on products like yours?
• Are your potential customers talking about the products and services you want to
offer on Facebook, Twitter, Pinterest, Instagram, or blogs?
• How many blogs focus on products like yours?
• How many Twitter posts mention similar offerings?
• How many Facebook Likes (signs of customer engagement) are attached to
products you want to offer?
 What is the Ballpark?
Characterize the marketplace

❖ Structure
• Direct competitors → make a list of the top 5-10 competitors and try to describe
their market share and distinguishing characteristics
• What's the market buzz on your competitors?
• How many unique monthly visitors (UMVs) do they have?
• How many Facebook or Instagram Likes, Twitter (X) followers, and/or Pinterest
followers?
• How are your competitors using social networks and mobile devices as a part of
their online presence?
• Do a search on customer reviews of their products.
• Do your competitors have a special relationship with their suppliers that you may
not have access to? (Exclusive marketing arrangements as an example of a special supplier relationship)
• Are there substitutes for your products and services? (E.g., your site may offer advice to the
community of pet owners, but local pet stores or local groups may be a more trusted source of advice on pets.)
 Where’s the content coming from?
❖ Websites are like books: composed of a lot of pages that have content
ranging from text, to graphics, photos, and videos.
❖ The contents is why your customers visit your site and either
purchase things or look at ads that generate revenue for you.
❖ Two kinds of content:
▪ Static: text and images that do not frequently change (e.g.,
product descriptions, photos, or text)
▪ Dynamic: changes regularly (daily or hourly), can be created by
you, or increasingly, by bloggers and fans of your website and
products.
✓ User-generated content: free, engages your customer fan base, and search
engines are more likely to catalog your site if the content is changing.
Know yourself – SWOT analysis

❖ Need to consider
ways to overcome
your weaknesses
and build on your
strengths
Develop an e-commerce presence map

❖ E-commerce has moved

from desktop-centric
activity to mobile and
tablet-based activity.
❖ Your customers use those
devices at different times
during the day, touching
base with friends, tweeting,
reading a blog, etc.
❖ The marketing activities to
be discussed in Ch. 6-7.
Develop a one-year timeline: Milestones
 How much will this cost?
▪ Too early for a detailed budget
→ preliminary idea of the costs
involved

▪ Simple website: up to $5000

▪ Small startup: $25,000 to
$50,000
▪ Large corporate website:
$100,000+ to millions

▪ The website to be hosted on a

cloud-based server
▪ The cost of hardware, software
and telecommunications has
fallen dramatically in the last
decade.
02
Building an
E-commerce Site:
A Systematic Approach
Building an E-commerce Site
❖ Most important management challenges:
1. Developing a clear understanding of business objectives
2. Knowing how to choose the right technology to achieve
those objectives
❖ Main factors to consider
Planning: The Systems Development Life Cycle

▪ SDLC – Methodology for

understanding business
objectives of a system
and designing an
appropriate solution
▪ Five major steps:
System Analysis/Planning
❖ Business objectives:
▪ Capabilities you want your site to have
❖ System functionalities:
▪ Types of information system capabilities needed to achieve
business objectives
❖ Information requirements:
▪ Information elements that system must produce in order to
achieve business objectives
System Analysis/Planning
Systems Design:
Hardware and Software Platforms

❖ System design specification:

• Description of main components of a system and their
relationship to one another
❖ Two components of system design:
• Logical design
- Data flow diagrams, processing functions, databases
• Physical design
- Actual physical, software components, models, etc.
Figure 4.6. A Logical and Physical
Design for a Simple Website
Building the System:
In-House Versus Outsourcing
❖ Outsourcing: Hiring vendors to provide services involved in
building site
❖ Build own versus outsourcing:
▪ Build your own requires team with diverse skill set; choice of
software tools; both risks and possible benefits
❖ Host own versus outsourcing
▪ Hosting: Hosting company responsible for ensuring site is
accessible 24/7, for monthly fee
▪ Co-location: Firm purchases or leases web server (with
control over its operation), but server is located at vendor’s
facility
Building the System:
In-House Versus Outsourcing
 Building the System:
In-House Versus Outsourcing
❖ Website development tools with a sophisticated content
management system (CMS) plus thousands of widgets and plug-ins
 Building the System:
In-House Versus Outsourcing
❖ If you want more customization than using a pre-bult template can
provide → build the site yourself!
✓ Building “from scratch”, coding it using HYML/HTML5 and CSS (Ch. 3)
and adding interactivity with JavaScript and other programming tools
(pp. 262-266)
✓ Using development tools such as Adobe Dreamweaver CC and
Microsoft Visual Studio for quick creation of web pages and websites.
✓ Using top-of-the-line prepackaged site-building tools such as Sitecore
Commerce or HCL Commerce to create sophisticated e-commerce
presence truly customized to specific needs (enterprise-wide scale)
Naver Business
https://www.navercorp.com/en/service/business
https://globalsellers.coupang.com/what-is-wing/
 Building the System:
In-House Versus Outsourcing

❖ The decision to build a website → a number of risks.

❖ The complexity of features such as shopping carts, credit
card authentication and processing, inventory management,
and order processing
❖ High costs of modification: a $4,000 package can easily
become a $40,000 to $60,000 development project
 Building the System:
Host Your Own Versus Outsourcing
❖ Outsource hosting and pay a company to host their website → ensuring the site
is "live," or accessible 24 hours a day, for a monthly fee, no staffing needs.
❖ A co-location agreement → purchasing or leasing a web server (and has total
control over its operation) but locating the server in a vendor’s physical facility.
Testing the System

Unit testing System testing Acceptance testing

Involves testing the Involves testing the site verifies that the business
site's program as a whole, in the same objectives of the system as
modules one at a time way a typical user would originally conceived are in fact
when using the site working.

A/B testing (split testing) Multivariate testing

involves showing two versions
(A and B) of a web page or
website to different users to
see which one performs better.
involves identifying specific
elements, creating versions for
each element, and then creating a
unique combination of each
element and version to test
 Implementation, Maintenance, and
Optimization
▪ System’s unpredictable break downs
▪ Need for maintenance → continual checking, testing & repair
▪ Maintenance costs: Similar to development costs
▪ A $40K e-commerce site may require $40K annually to
upkeep
▪ Need for benchmarking (a process in which the site is compared
with those of competitors in terms of response speed, quality layout
and design)
▪ Keeping the site current on pricing and promotions
▪ A Web is a competitive environment where you can rapidly
frustrate and lose customers with a dysfunctional site.
 Naver Smartstore (EXAMPLE)

▪ Thanksgiving Holidays delivery schedule

▪ Apples Giftset
https://smartstore.naver.com/plusflower/products/2658857970?NaPm=ct%3Dlmxihl94%7
Cci%3Df07d06fc500c94d2a1db9eb5e2cbfe07b5cfa048%7Ctr%3Dslsl%7Csn%3D654943%7
Chk%3De205561cf7d5295ee8c81abaad7d3088198e2595

▪ Beef Giftset
https://smartstore.naver.com/hanunara/products/6473812575?NaPm=ct%3Dlmxin53k%7C
ci%3De618861c5f5023d551c2c51caa6c04e2e944f57a%7Ctr%3Dslsl%7Csn%3D5386394%7
Chk%3De5e6d6c84e659cb04697fcb720a1b36d0657a0db
 Factors in Website Optimization
• A small firm using WordPress → no need to worry about hard-ware,
software, and website optimizing techniques (everything is provided).
• An in-house website → need to consider these issues.
 Alternative Web Development
Methodologies
▪ Prototyping
▪ Agile development (breaking down a large project into smaller
subprojects → iteration and continuous feedback)
▪ Scrum
▪ DevOps (development & operations)
▪ Component-based development
▪ Web services
▪ Service-oriented architecture (SOA)
▪ Microservices
03
Choosing Software
Simple vs. Multi-Tiered Website
Architecture
▪ System architecture
✓ Arrangement of software, machinery, and tasks in an
information system needed to achieve a specific functionality
▪ Two-tier architecture
✓ Web server and database server
▪ Multi-tier architecture
✓ Web application servers
✓ Backend, legacy databases
Typically employs sevral physical
computers, each running some of
the softwatre applications
 Web Server Software
All e-commerce sites require basic web server software to answer
requests from customers for HTML and XML pages

Apache
✓ Leading web server software
✓ Works with UNIX, Linux operating systems
✓ Reliable, stable, part of open software community

Microsoft’s Internet Information Server (IIS)

✓ Second major web server software
✓ Windows-based
✓ Integrated, easy-to-use
 Table 4.4 Basic Functionality Provided by
Web Servers
Functionality Description
Processing of HTTP requests Receive and respond to client requests for HTML pages
Security services (Secure Verify username and password; process certificates and
Sockets Layer)/Transport Layer private/public key information required for credit card
Security processing and other secure information
File Transfer Protocol Permits transfer of very large files from server to server
Search engine Indexing of site content; keyword search capability
Data capture Log file of all visits, time, duration, and referral source
E-mail Ability to send, receive, and store e-mail messages
Site management tools Calculate and display key site statistics, such as unique
visitors, page requests, and origin of requests; check
links on pages
 Site Management Tools
Basic tools included in all web servers
✓ Verify that links on pages are still valid
✓ Identify orphan files (not linked to any pages)
Third-party software for advanced management
✓ Monitor customer purchases
✓ Marketing campaign effectiveness
✓ Keep track of hit counts and other statistics
✓ Example: Webtrends Analytics 10
 Dynamic Page Generation Tools
▪ Dynamic HTML (DHTML): used to change a way a web page
looks but does not generate a unique web page
▪ Dynamic page generation:
✓ Contents stored in database and fetched when needed to
create a unique web page
▪ Advantages
✓ Lowers menu costs
✓ Permits easy online market segmentation
✓ Enables cost-free price discrimination
✓ Enables content management system (CMS)
 Dynamic HTML
CSS - Cascading Style
Sheet is a style sheet
language used to
design and layout the
webpage.
JavaScript is a
programming
language used to
create interaction
between webpages
and the user.

HTML is the standard

markup language for
documents designed to be
displayed in a web browser.
It defines the meaning and
structure of web content.
 Dynamic HTML
▪ Dynamic page generation also enables the use of a content
management system (CMS) used to create and manage web
content.
▪ A wide range of commercial CMSs available:
➢ Top-end enterprise systems
✓ OpenText, IBM, Adobe, and Oracle, to mid-market
systems by Sitecore, PaperThin, and Episerver,
✓ Hosted software as a service (SaaS) versions by Acquia,
Clickability (Upland), and Crownpeak.
➢ Open source content management systems
✓ WordPress, Joomla, Drupal, OpenCms, and others.
 Web Application Servers
▪ Provide specific business functionality required for a website
▪ Type of middleware
✓ Isolate business applications from Web servers and
databases
▪ Single-function applications being replaced by integrated
software tools that combine all functionality needed for e-
commerce site
 E-commerce Merchant Server Software
▪ Provides basic functionality for sales
• Online catalog
✓ List of products available on website
• Shopping cart
✓ Allows shoppers to set aside, review, edit selections, and
then make purchase
• Credit card processing
✓ Typically works in conjunction with shopping cart
✓ Verifies card and puts through credit to company’s
account at checkout
 Merchant Server Software Packages
(E-Commerce Software Platforms)
▪ Instead of building your site from a collection of disparate
software applications → purchase a merchant server software
package (an e-commerce software platform → easier, faster, and
generally more cost-effective.
▪ Integrated environment providing most or all of the functionality
and capabilities you will need to develop a sophisticated,
customer-centric site.
✓ Built-in shopping cart
✓ Display merchandise,
✓ Order management
✓ Credit card transactions
 Merchant Server Software Packages
(E-Commerce Software Platforms)
▪ Different options for different-sized businesses:
✓ Small and medium-sized businesses: Shopify; Bigcommerce,
Vendio, open-source solutions
✓ Mid-range: HCL Commerce; Sitecore Experience Commerce
✓ High-end: SAP Hybris Commerce, Oracle ATG Web
Commerce, Magento
▪ Many now also available as cloud-based SaaS solutions.
 Merchant Server Software Packages
(E-Commerce Software Platforms)
Key factors in selecting a package
• Functionality
• Support for different business models, including m-commerce
• Business process modeling tools
• Visual site management and reporting
• Performance and scalability
• Connectivity to existing business systems
• Compliance with standards
• Global and multicultural capability
• Local sales tax and shipping rules
Naver SmartStore
Merchant Dashboard

Daily sales
Naver SmartStore
Merchant Dashboard
shipping preparation today's settlement
in delivery
settlement scheduled
delivery completed
Coupang Wing Dashboard
Coupang Wing
Coupang Wing Dashboard
Coupang Wing Dashboard
Coupang Wing Dashboard
Coupang Wing Dashboard

https://globalsellers.coupang.com/seller-university/your-first-coupang-order/
 Example (Coupang)
▪ Search keyword: HAND CREAM
▪ https://www.coupang.com/np/search?q=hand%20cream&channel
=auto
E-Merchant, catalog, item winner, etc.

▪ https://www.coupang.com/vp/products/6806257?itemId=548112
633&vendorItemId=4385049232&pickType=COU_PICK&q=hand+cr
eam&itemsCount=36&searchId=cdcae0583542459993698a66d94
e4fdb&rank=1&isAddedCart=
04
Choosing Hardware
 Choosing Hardware

▪ Hardware platform:
✓ Underlying computing equipment needed for e-
commerce functionality
▪ Objective:
✓ Enough platform capacity to meet peak demand
without wasting money
▪ Important to understand the factors that affect speed,
capacity, and scalability of a site
Right-Sizing Your Hardware Platform:
The Demand Side
▪ Customer demand:
✓ Most important factor affecting speed of site
▪ Factors in overall demand:
✓ Number of simultaneous users in peak periods
✓ Nature of customer requests (user profile)
✓ Type of content (dynamic versus static Web pages)
✓ Required security
✓ Number of items in inventory
✓ Number of page requests
✓ Speed of legacy applications
 ▪ In (a), user-experienced delay rises gracefully
until an inflection point is reached, and then delay
rises exponentially to an unacceptable level.
▪ In (b), the transaction rate rises gracefully until
the number of users rapidly escalates the
transaction rate, and at a certain inflection point,
the transaction rate starts declining as the
system slows down or crashes.

Degradation in web server performance

occurs as the number of users
(connections) increases, and as the
system's resources (processors, disk
drives) become more utilized.
Right-Sizing Your Hardware Platform:
The Demand Side
▪ Scalability:
• Ability of site to increase in size as demand warrants
▪ Ways to scale hardware:
• Vertically
✓ Increase processing power of individual components
• Horizontally
✓ Employ multiple computers to share workload
• Improve processing architecture
• Outsource hosting, use content delivery network
 Table 4.9 Improving the Processing
Architecture of Your Site
Technique
Use a faster computer
Create a cluster of computers
Use appliance servers
Segment workload
Batch requests
Manage connections
Aggregate user data
Cache
Application
Deploy edge servers, presentation servers, data servers, etc.
Use computers in parallel to balance loads.
Use special-purpose computers optimized for their task.
Segment incoming work to specialized computers.
Combine related requests for data into groups, process as
group.
Reduce connections between processes and computers to a
minimum.
Aggregate user data from legacy applications in single data
pools.
Store frequently used data in cache rather than on the disk.
 Table 4.8 Vertical and Horizontal
Scaling Techniques
Architecture Improvement
Separate static content from
dynamic content
Cache static content
Cache database lookup tables
Consolidate business logic on
dedicated servers
Optimize A S P code
Optimize the database schema
Description
Use specialized servers for each type of workload.
Increase R A M to the gigabyte range and store
static content in R A M.
Use cache tables used to look up database
records.
Put shopping cart, credit card processing, and
other C P U-intensive activity on dedicated servers.
Examine your code to ensure it is operating
efficiently.
Examine your database search times and take
steps to reduce access times.
05
Other E-commerce
Site Tools
Website design: Basic business
considerations
• Enabling customers to find and buy what they need
• Ability to track customers who come, leave and return to your
site to be able to greet return customers (“Hi, Sarah, welcome
back!”), to personalize and customize their experience
• Important! There is a risk of losing your customer forever!
• List of the most common complaints about websites
• List of factors in successful e-commerce site design
Tools for search engine optimization

▪ Search engine placement

• Metatags, keywords, titles, page contents
• Generic keyword (“car”), more specific (“British sports
car”), long-tail keyword (“1968 re Jaguar XKE convertible”)
• Identify market niches
• Offer expertise
• Get linked up (build a blog, a FB page, etc.)
• Buy ads (paid search engine keywords and ads → observe the number of
visits produced by each keyword string)
• Local e-commerce (use keywords that connote your location)
Tools for Interactivity and Active Content
▪ Java, JSP, and JavaScript (including Node.js)
○ JavaScript-based tools: React, Vue, Angular JS, D3, jQuery and
Ajax)
○ Typescript
▪ ASP (Active Server Pages)/ASP.NET
▪ ColdFusion
▪ PHP, Ruby on Rails (Ruby, RoR, or Rails), Django
▪ Other design elements:
○ Widgets, mashups
Personalization Tools
▪ Personalization: ability to treat people based on personal
qualities and prior history with site
✓ Website personalization alters site based on who is viewing it
▪ Customization: ability to change the product to better fit
the needs of the customer
✓ E-commerce customization focuses on generating personalized
product recommendations
▪ Cookies a basic method to achieve personalization
▪ Other more sophisticated tools available
The Information Policy Set
▪ Privacy policy
✓ Set of public statements declaring how site will treat
customers’ personal information that is gathered by site
▪ Accessibility rules
✓ Set of design objectives that ensure users with disabilities
can effectively access site
Insight on Society:
Designing for Accessibility

1. Why might some merchants be reluctant to

make their websites accessible to users with
disabilities?
2. How can websites be made more accessible?
3. Should all websites be required by law to
provide “equivalent alternatives” for visual
and sound content?
4. What additional accessibility problems do
mobile devices pose?
06
Developing a Mobile
Website and Building
Mobile Applications
Types of m-commerce software
▪ Mobile website
✓ Responsive Web design
▪ Mobile Web app
▪ Native app
▪ Hybrid app
✓ Runs inside native container
✓ App distribution
✓ Based on HTML5, CSS, JavaScript
Planning and Building a Mobile Presence

▪ Identify business objectives, system functionality, and

information requirements
▪ Choice:
✓ Mobile website or mobile Web app
• Less expensive
✓ Native app
• Can use device hardware, available offline
 Mobile Presence Design Considerations
▪ Platform constraints
○ Graphics, file sizes
▪ Mobile first design
○ Desktop website design after mobile design
▪ Responsive web design (RWD)
○ CSS site adjusts layout of site according to device screen
resolutions
▪ Adaptive web design (AWD)
○ Server delivers different templates or versions of site optimized for
device
 Cross-Platform Mobile App
Development Tools
▪ Objective C, Java
▪ Low cost, open-source alternatives
✓ Flutter
✓ React Native
✓ Appery.io
✓ Codiqa
✓ Swiftic
✓ PhoneGap
✓ Axway Appcelerator
 Mobile Presence: Performance and
Cost Considerations
▪ Objective Mobile First Design
✓ Most efficient
▪ Mobile website
✓ Resizing existing website for mobile access is least
expensive
▪ Mobile web app
✓ Can utilize browser API
▪ Native app
✓ Most expensive; requires more programming
 Thanks!
Any questions?

CREDITS: This presentation template was created by Slidesgo, and includes

icons by Flaticon, and infographics & images by Freepik
 E-Commerce
Security &
Payment Systems
Chapter 5
SLIDESMANIA.COM

Victoria Kim
 Learning Objectives

1. Understand the scope of e-commerce crime and security problems, the key
dimensions of e-commerce security, and the tension between security and other
values.
2. Identify the key security threats in the e-commerce environment.
3. Describe how technology helps secure Internet communications channels and
protect networks, servers, and clients.
4. Appreciate the importance of policies, procedures, and laws in creating security.
5. Identify the major e-commerce payment systems in use today.
6. Describe the features and functionality of electronic billing presentment and
payment systems.
SLIDESMANIA.COM
 Ransomware:
The New Business of Hostage-taking

Class Discussion
● How do cybercriminals use phishing in ransomware
attacks?
● Why have ransomware attacks escalated recently?
● What damage can be done by ransomware attacks?
● What steps should be taken to avoid ransomware
attacks?
SLIDESMANIA.COM
 Ransomware:
The New Business of Hostage-taking

▪ December 2019: the entire IT system of the University of Maastricht fell

victim to a ransomware called Clop. The source was traced to a laptop 
someone had clicked on a link from a phishing e-mail → cybercriminals gained
access to the university's systems.

▪ The University paid to the criminals 30 bitcoins (197,000 euro)  Was it a

good decision? After all, it’s Dutch taxpayers money (state budget)…

Experts’ advice: never pay the ransom money (cybercriminals often don’t give
SLIDESMANIA.COM

the key even after having been paid)

 Ransomware attacks 2022 statistics
SLIDESMANIA.COM
 Ransomware attacks 2022 statistics
SLIDESMANIA.COM
 10 Nations With The Most Dangerous Hackers
in The World
The nations where you may discover
hackers that have mastered the art of
getting past the online security
measures put in place by businesses.

#1 China #6 Brazil
#2 USA #7 Romania
#3 Turkey #8 India
#4 Russia #9 Italy
SLIDESMANIA.COM

#5 Taiwan #10 Hungary

https://www.linkedin.com/pulse/10-nations-most-dangerous-hackers-world-crawsec/ https://blog.cyberproof.com/blog/which-countries-are-most-dangerous
 South Korea Cybersecurity Statistics

https://www.comparitech.com/blog/information-
security/korea-cybersecurity-statistics/
SLIDESMANIA.COM
 South Korea Cybersecurity Statistics

https://www.comparitech.com/blog/information-
security/korea-cybersecurity-statistics/
SLIDESMANIA.COM
SLIDESMANIA.COM
 1. The E-commerce Security Environment
SLIDESMANIA.COM
 Introduction

▪ For law-abiding citizens - the Internet as the promise of

a huge and convenient global marketplace, providing
access to people, goods, services, and businesses world-
wide, all at a bargain price.
▪ For criminals, the Internet has created entirely new and
lucrative ways to steal from the more than 2.3 billion
online consumers worldwide in 2020.
From products and services, to cash, to information – it's
SLIDESMANIA.COM

all there for the taking on the Internet.

 Introduction

▪ It is less risky to steal online.

▪ Instead of robbing a bank in person →
robbing people remotely and almost
anonymously.
▪ Instead of stealing a CD at a local
record store → downloading the same
music for free and almost without risk
SLIDESMANIA.COM

from the Internet

 The Scope of the Problem
▪ Overall size of and losses due to cybercrime unclear
▪ Cybercrime becoming a more significant problem for both organizations and
consumers.
▪ Bot networks, DDoS attacks, Trojans, phishing, ransomware, data theft, identity
fraud, credit card fraud, spyware, security breaches in social networks – examples
of the threats that are making daily headlines.
▪ A joint study by McAfee and Center for Strategic and International Studies: Global
economic impact of cybercrime and cyberespionage between $455 to $600 billion
▪ Reports by security product providers indicate increasing cybercrime
SLIDESMANIA.COM

▪ Online credit card fraud as one of the most high-profile forms

 The Underground Economy Marketplace
▪ Information stolen on the Internet not
always used by criminals themselves →
selling the information to others on the so-
called underground or shadow economy
market, the Dark Web or the Darknet.
▪ Data is currency to cybercriminals and has a
"street value" that can be monetized.
▪ Several thousand known underground
economy marketplaces around the world
SLIDESMANIA.COM

that sell stolen information, malware, such

as exploit kits, access to botnets, and more.
 ▪ Cybercrime against e-
commerce sites is
dynamic and changing all
the time → new daily
risks
▪ Significant and growing
amount of losses to
businesses
▪ E-commerce sites must
prepare for ever-
changing variety of
criminal assaults, and
keep current in the latest
SLIDESMANIA.COM

security techniques
 What Is Good E-commerce Security?

▪ To achieve highest degree of security

▪ What is your prime risk as a
✓ New technologies
consumer?
✓ You don’t get what you ✓ Organizational policies and procedures
paid for. ✓ Industry standards and government laws
▪ What is your prime risk as a ▪ Other factors
merchant (seller)? ✓ Time value of money
✓ You don’t get paid for
✓ Cost of security versus potential loss
what you sell.
✓ Security often breaks at weakest link
SLIDESMANIA.COM
 What Is Good E-commerce Security?
SLIDESMANIA.COM
 Dimensions of E-Commerce Security
Ability to ensure that information being
displayed on the website, transmitted or
received hasn’t been altered by an
unauthorized party

Ability to ensure that e-commerce

participants do not deny (i.e., repudiate)
their online actions.

Ability to identify the identity of a person or

entity with whom you are dealing on the
Internet

Ability to ensure that messages and data

are available only to those who are
authorized to view them

Ability to control the use of information a

customer provides about himself or herself
to an e-commerce merchant
SLIDESMANIA.COM

Ability ensure that an e-commerce site

continues to function as intended.
 Tension Between Security & Other Values
▪ Security vs. Ease of Use
✓ The more security
Not enough
measures added, the Too much
security can put
more difficult a site is to security might
you out of
harm profitability.
use, and the slower it business.
becomes.
▪ Possible solution – to adjust security settings to the user's preferences.
▪ When consumers find authentication at websites easy, they purchased 10% - 20%
more (Hasham et al., 2016).
SLIDESMANIA.COM

▪ Almost 75% of consumers say that they would prefer additional security, even if they
required additional steps to be able to access accounts (IBM Security, 2018).
 2. Security Threats in the E-commerce
Environment
SLIDESMANIA.COM
 Security Threats in the E-commerce Environment
● Three key points of vulnerability in e-commerce environment

Client Server

Communications
pipeline
SLIDESMANIA.COM
 Security Threats in the E-commerce Environment
Figure 5.2
A Typical E-
commerce
Transaction
with a consumer
using a credit with a consumer using a credit card to purchase a product

card to purchase
a product
SLIDESMANIA.COM
 unauthorized acquisition of or access to
Customer Data by an unauthorized person

A code injection technique that

might destroy your database

a code injection technique that might destroy your database.

Small graphic data that recognize user activity, such as

if and how often a user has visited a website.
SLIDESMANIA.COM
 Malicious Code
▪ Malware - any type of code that causes harm to a
computer system or network
▪ Includes viruses, worms, Trojan horses, ransomware,
bots, logic bomb, and other malicious programs
▪ Often delivered in the form of a malicious attachment
to an e-mail or embedded as a link in the e-mail
▪ Placed in innocent-looking Microsoft Word or Excel
documents → lead directly to a malicious code
download or websites that include malicious code.
▪ Exploits (malicious codes) and exploit kits (collection of
SLIDESMANIA.COM

exploits bundled together and rented or sold as a commercial

product)
 Malicious Code

▪ Embedding malicious code in the online advertising chain – malvertising –

including via Google and other ad networks.
SLIDESMANIA.COM
Malicious Code
SLIDESMANIA.COM
 ▪ One of the largest malvertising infections
occurred at Yahoo where more than 6.9
million daily visitors were exposed to
malicious pop-up ads.
▪ Another high-profile attack involved ads
distributed via multiple ad networks to
the New York Times, BBC, NFL, and
AOL websites that hijacked computers
when clicked, encrypted user data, and
demanded ransomware.
SLIDESMANIA.COM
SLIDESMANIA.COM
 Other Malicious Codes

▪ Drive-by downloads - malware that comes

with a downloaded file that a user
intentionally or unintentionally requests
▪ Adobe Flash Player often used for online
advertisements → was abandoned in
favor of HTML5 (2020)
▪ Mozilla Firefox, Apple's Safari, and
Google's Chrome browser all now block
Flash advertisements from autoplaying.
SLIDESMANIA.COM

▪ Amazon also stopped accepting Flash

ads.
 Other Malicious Codes

▪ Viruses - a computer program that has the ability to replicate or

make copies of itself, and spread to other files
▪ Worms - often combined with a virus, designed to spread from
computer to computer
▪ The Slammer as the most notorious warm (2003)
✓ crashed Bank of America cash machines
✓ affected cash registers at supermarkets in Atlanta, where staff
could not dispense cash to frustrated buyers
✓ took down most Internet connections in South Korea, causing a
SLIDESMANIA.COM

dip in the stock market there

 Other Malicious Codes

▪ Ransomware locks your computer or files to stop you from

accessing them and demands that you pay a fine.
▪ WannaCry (2017) infected more than 230,000 computers in over
150 countries, including computers in Britain's National Health
Service, Telefónica (Spain's telecommunications system), FedEx, and
Deutsche Bahn (Germany's main rail system) → demanded a ransom
payment in Bitcoins
▪ The code used in WannaCry had similarities to that previously used
by a hacking group linked North Korea.
SLIDESMANIA.COM
 Other Malicious Codes
▪ Trojan horses - appears to be benign, but then does something other than
expected; not itself a virus because it does not replicate, but is often a way for
viruses or other malicious code such as bots or rootkits (a program whose aim is to
subvert control of the computer's operating system) to be introduced into a
computer system.
▪ Backdoors - feature of viruses, worms, and Trojans that allows an attacker to
remotely access a compromised computer
▪ Bots – can be covertly installed on a computer when connected to the Internet.
Once installed, the bot responds to external commands sent by the attacker.
▪ Botnets - collection of captured bot computers used for malicious activities
SLIDESMANIA.COM

(sending spam, stealing info from computers, storing network traffic for later
analysis)
SLIDESMANIA.COM
 Potentially Unwanted Programs

▪ PUP – a program that installs itself on a computer, typically without the user's
informed consent
▪ PCProtect – an example of a PUP
▪ Browser parasites
✓ Monitor and change user’s browser

▪ Adware
✓ Used to call pop-up ads

▪ Spyware
✓ Tracks users’ keystrokes, e-mails, IMs, etc., and even takes screenshots
SLIDESMANIA.COM

to capture passwords and other confidential data

 Phishing

▪ “Nigerian Letter Scam” - a scheme in which a sender offers a commission to

someone—generally via email—to help transfer a large sum of money.
SLIDESMANIA.COM
 Phishing

▪ Any deceptive, online attempt by a third party to

obtain confidential information for financial gain
▪ Tactics
▪ Social engineering Business e-mail
▪ E-mail scams and BEC phishing compromise -
variation of a
▪ Spear phishing “Nigerian letter”
▪ Used for identity fraud and theft scam in which an
attacker poses as a
high-level employee
relies on human curiosity, greed, of a company and
gullibility, and fear in order to trick requests that
SLIDESMANIA.COM

people into taking an action that will another employee

result in the downloading of malware. transfer funds to a
fraudulent account
Phishing
SLIDESMANIA.COM
 Hacking, Cybervandalism, and Hacktivism
▪ Hacking
✓ Hacker - an individual who intends to gain
unauthorized access to a computer system
✓ Cracker - within the hacking community, a hacker
with criminal intent
✓ Goals: cybervandalism, data breaches

▪ Cybervandalism
✓ Disrupting, defacing, destroying Web site
✓ Zoombombing in 2020 – hackers taking
advantage of Zoom security weaknesses, invading
SLIDESMANIA.COM

Zoom meetings and broadcasting racial slurs and

other disruptive content to meeting participants.
 Hacking, Cybervandalism, and Hacktivism

Not always
true
SLIDESMANIA.COM
 Hacking, Cybervandalism, and Hacktivism
▪ Hacktivists typically attack governments, organizations, and even individuals
for political purposes - cybervandalism, distributed denial of service attacks,
data thefts, and doxing (gathering and exposing personal information of
public figures, typically from e-mails, social network posts, etc.).
▪ Often strongly believe that information should be free, so sharing previously
secret information is part of their mission.
▪ Wikileaks as one of the most well-known hacktivist organizations, which
released documents and e-mails of the U.S. Department of State, U.S.
▪ Tiger teams / bug bounty hunters - used by corporate security departments
to test their own security measures
SLIDESMANIA.COM

▪ Apple, Microsoft, and Intel pay monetary bounties to hackers who discover
bugs in their software and hardware. How much? ☺
 Hacking, Cybervandalism, and Hacktivism
SLIDESMANIA.COM
 Data Breaches
▪ Organization loses control over corporate information to outsiders
▪ Over 1,470 breaches in 2019, 17% increase over 2018
▪ Data breaches - an enabler for credential stuffing attacks (via botnets)
▪ Yahoo as the most notorious (exposing the identity of every single user
of Yahoo’s e-mail service – 3 bln people)
▪ Leading causes
✓ Hacking
✓ Unauthorized access
✓ Employee error/negligence
SLIDESMANIA.COM
Data Breaches
SLIDESMANIA.COM
Data Breaches
SLIDESMANIA.COM
 Credit Card Fraud/Theft
▪ One of most feared occurrences, despite federal law limits on liability
▪ Hacking and looting of corporate servers as primary cause
▪ More risk with international orders in e-commerce. If an international
customer places an order → later disputes it → online merchants have no
way to verify that the package was actually delivered and that the credit
card holder is the person who placed the order → most online merchants will
not process international orders.
▪ Central security issue: establishing customer’s identity
✓ E-signatures in B2B contracting
✓ Multi-factor authentication
SLIDESMANIA.COM

✓ Fingerprint identification
 Identity Fraud
▪ Unauthorized use of another person’s
personal data for illegal financial
benefit
✓ Social security number
✓ Driver’s license
✓ Credit card numbers
✓ Usernames/passwords

▪ Use data to obtain loans, make

purchases (mobile phones, etc.)
2019: Almost 13 million U.S. consumers
SLIDESMANIA.COM

▪
suffered identity fraud
 Spoofing, Pharming, & Spam Websites
▪ Spoofing - Attempting to hide one’s true identity by using someone else’s
e-mail or IP address
SLIDESMANIA.COM
 Spoofing, Pharming, & Spam Websites

▪ Pharming
✓ Automatically
redirecting a URL
to a different
address, to benefit
the hacker
SLIDESMANIA.COM
 Spoofing, Pharming, & Spam Websites

▪ Spam (junk)
websites or link
farms
✓ Offer collection of
advertisements
for other sites,
which may
contain malicious
code
SLIDESMANIA.COM
 Sniffing and Man-in-The-Middle Attacks
Secretly listening to
▪ Sniffer a conversation

✓ Eavesdropping program monitoring information traveling over networks

✓ Can identify network trouble spots
✓ Can be used by criminals to steal proprietary information
▪ E-mail wiretaps
✓ Recording e-mails at the mail server level
▪ Man-in-the-middle (MitM) attack
✓ Attacker intercepts and changes communication between two parties
who believe they are communicating directly
SLIDESMANIA.COM
 DoS and DDoS Attacks

▪ Denial of service (DoS) attack

✓ Flooding website with pings and page request
✓ Overwhelm and can shut down site’s web servers
✓ Often accompanied by blackmail attempts
✓ Botnets
▪ Distributed Denial of Service (DDoS) attack
✓ Uses hundreds or thousands of computers to attack target network
✓ Can use devices from Internet of Things, mobile devices
▪ DDoS smokescreening
SLIDESMANIA.COM

✓ Attackers using DDoS as a distraction while inserting malware/viruses

 DoS and DDoS Attacks
SLIDESMANIA.COM
 Insider Attacks

▪ Biggest financial threat to businesses

comes from insider embezzlement.
▪ Bank employees steal far more money
than bank robbers.
▪ The same is true for e-commerce sites.
▪ Employee access to privileged
information
▪ Poor security procedures
▪ Insiders more likely to be source of
cyberattacks than outsiders
SLIDESMANIA.COM
 Insider Attacks
SLIDESMANIA.COM
 Poorly Designed Software
▪ Increase in complexity of and demand for software has led to increase in
flaws and vulnerabilities
▪ SQL injection attacks
✓ take advantage of poorly coded web application software that fails to
properly validate or filter data entered by a user on a web page
▪ Zero-day vulnerability
✓ software vulnerability that has been previously unreported and for which no
patch yet exists
▪ Heartbleed bug; Shellshock (BashBug); FREAK
SLIDESMANIA.COM
 Social Network Security Issues

▪ Social networks as a rich and rewarding environment for:

✓ Viruses, site takeovers, identity fraud, malware-loaded apps, click
hijacking, phishing, spam
▪ 2020 Twitter hack used social engineering to take control of dozens of
prominent accounts and post a Bitcoin scam
▪ Manual sharing scams
✓ Sharing of files that link to malicious sites
▪ Fake offerings, fake Like buttons, and fake apps
SLIDESMANIA.COM
 Think Your Smartphone Is Secure?

Class Discussion
- What types of threats do smartphones face?
- Are there any vulnerabilities specific to mobile devices?
- What qualities of apps make them a vulnerable security point in
smartphone use?
- Are apps more or less likely to be subject to threats than traditional
PC software programs?
SLIDESMANIA.COM
 Mobile Platform Security Issues
▪ Little public awareness of mobile device vulnerabilities
▪ 2018: Symantec blocked over 10,500 mobile apps per day
▪ Vishing - verbal messages to call a certain number and, for example, donate
money to starving children in Haiti.
▪ Smishing attacks exploit SMS/text messages
▪ SMS spoofing - luring mobile users to a malicious
website by sending a text that appears to be from a
legitimate organization in the From field, and
suggesting the receiver click on a malicious URL
hyperlink to update an account or obtain a gift card.
▪ Madware - innocent-looking apps that contain adware that launches pop-up ads
SLIDESMANIA.COM

and text messages on your mobile device

SLIDESMANIA.COM
 Other Security Issues
Cloud Security Issue
▪ DDoS attacks
▪ Infrastructure scanning
▪ Lower-tech phishing attacks
yield passwords and access
▪ Use of cloud storage to
connect linked accounts
▪ Lack of encryption and strong
security procedures
SLIDESMANIA.COM
IoT Security Issues
▪ Challenging environment to protect
▪ Vast quantity of interconnected
links
▪ Near identical devices with long
service lives
▪ Many devices have no upgrade
features
▪ Little visibility into workings, data, or
security
tab05_04.jpg
SLIDESMANIA.COM
 3. Technology Solutions
SLIDESMANIA.COM
 Technology Solutions

▪ Protecting Internet
communications
✓ Encryption
▪ Securing channels of
communication
✓ SSL, TLS, VPNs, Wi-Fi
▪ Protecting networks
✓ Firewalls, proxy servers,
IDS, IPS
▪ Protecting servers and clients
SLIDESMANIA.COM

✓ OS security, anti-virus
software
 Encryption

Encryption
▪ Transforms data into cipher (key) text readable only by sender and receiver
▪ Secures stored information and information transmission
▪ Provides 4 of 6 key dimensions of e-commerce security:
✓ Message integrity
✓ Nonrepudiation
✓ Authentication
✓ Confidentiality
SLIDESMANIA.COM
 Symmetric Key Cryptography

▪ Sender and receiver use same digital key to

encrypt and decrypt message
▪ Requires different set of keys for each
transaction
▪ Strength of encryption: Length of binary key
▪ Data Encryption Standard (DES)
▪ Advanced Encryption Standard (AES)
▪ Other standards use keys with up to 2,048
bits
SLIDESMANIA.COM
 Public Key Cryptography

▪ Uses two mathematically related digital keys

✓ Public key (widely disseminated)
✓ Private key (kept secret by owner)
▪ Both keys used to encrypt and decrypt message
▪ Once key used to encrypt message,
same key cannot be used to decrypt
message
▪ Sender uses recipient’s public key
to encrypt message; recipient uses
private key to decrypt it
SLIDESMANIA.COM
 Public Key Cryptography
SLIDESMANIA.COM
 Public Key Cryptography
SLIDESMANIA.COM
 Public Key Cryptography Using Digital Signatures and Hash Digests

▪ Sender applies a mathematical algorithm (hash function) to a message and

then encrypts the message and hash result with recipient’s public key
▪ Sender then encrypts the message and hash result with sender’s private key-
creating digital signature-for authenticity, nonrepudiation
▪ Recipient first uses sender’s public key to authenticate message and then the
recipient’s private key to decrypt the hash result and message
SLIDESMANIA.COM
 Public Key Cryptography Using Digital Signatures and Hash Digests
SLIDESMANIA.COM
 Public Key Cryptography Using Digital Signatures and Hash Digests
SLIDESMANIA.COM
 Digital Envelopes

▪ Address weaknesses of:

- Public key cryptography
✓ Computationally slow, decreased
transmission speed, increased
processing time
- Symmetric key cryptography
✓ Insecure transmission lines
▪ Use symmetric key cryptography to encrypt
document
▪ Use public key cryptography to encrypt and
send symmetric key
SLIDESMANIA.COM
 Digital Envelopes
Figure 5.8
Public Key
Cryptography:
Creating a Digital
Envelope
SLIDESMANIA.COM
 Digital Certificates and PKI

▪ Public Key
Digital certificate includes:
Cryptography:
✓ Name of subject/company
Creating a Digital
✓ Subject’s public key
Envelope
✓ Digital certificate serial number
✓ Expiration date, issuance date
✓ Digital signature of certification authority
(CA)
Public Key Infrastructure (PKI):
✓ CAs and digital certificate procedures
✓ Pretty Good Privacy (PGP) – email public
SLIDESMANIA.COM

key encryption software tool

 Digital Certificates and PKI

▪ Public Key
Cryptography:
Creating a Digital
Envelope
SLIDESMANIA.COM
 Are Biometrics the Solution for
E-commerce Security?

Class Discussion
- What are biometrics?
- How can the use of biometrics make e-commerce more
secure?
- What are some of the potential dangers in using biometrics?
SLIDESMANIA.COM
 Digital Certificates and PKI

▪ Fingerprint
Public KeySecurity Token or BioSeal
in Cryptography:
South Korea:
Creating a Digital
Envelope
SLIDESMANIA.COM
 Digital Certificates and PKI
▪ Used in Public Procurement Service run under the Ministry of
▪ Public Key
Economy and Finance in South Korea: https://www.pps.go.kr/eng/index.do
Cryptography:
Creating a Digital
▪ Public procurement – the process by which public authorities,
Envelope
such as government departments or local authorities, purchase
work, goods or services from companies.
https://www.pps.go.kr/eng/index.do

✓ Ministry of Defense
✓ Korea Gas
✓ Korea Electric Power Corporation
✓ Incheon International Airport Corporation
SLIDESMANIA.COM

✓ K-water
 Limitations of PKI

▪▪ Public Key
Doesn’t protect storage of private key
Cryptography:
✓ PKI not effective against insiders,
Creating a Digital
employees
Envelope
✓ Protection of private keys by individuals
may be haphazard
▪ No guarantee that verifying computer of
https://www.pps.go.kr/eng/index.do

merchant is secure
▪ CAs are unregulated, self-selecting
organizations
SLIDESMANIA.COM
 Securing Channels of Communication

▪▪ Public
SecureKey
Sockets Layer (SSL)/Transport Layer Security (TLS)
Cryptography:
✓ Establishes secure, negotiated client-server session
Creating a Digital
▪ Virtual Private Network (VPN)
Envelope
✓ Allows remote users to securely access internal network via the Internet
▪ Wireless (Wi-Fi) networks https://www.pps.go.kr/eng/index.do
✓ WPA2
✓ WPA3
SLIDESMANIA.COM
 Protecting Networks
▪▪ Firewall
Secure Sockets Layer
✓ Hardware or software
(SSL)/Transport that uses
Layer Security security
(TLS)
✓ policy to filtersecure,
Establishes packets
negotiated
• Packet filters
client-server session
• Application gateways
▪ Virtual Private Network (VPN)
✓ Next-generation firewalls
✓ Allows remote users to securely
▪ Proxy servers (proxies)
https://www.pps.go.kr/eng/index.do

access internal network via the

✓ Software servers that handle all
Internet
communications from or sent to the
▪ Wireless (Wi-Fi) networks
Internet
✓ WPA2
▪ Intrusion
✓ WPA3detection systems (IDS)
SLIDESMANIA.COM

▪ Intrusion prevention systems (IPS)

 Protecting Servers and Clients

▪ Operating system and application software security enhancements

✓ Upgrades, patches
▪ Anti-virus software
✓ Easiest and least expensive way to prevent threats to system integrity
✓ Requires daily updates
SLIDESMANIA.COM
 4. Management Policies, Business
Procedures, and Public Laws
SLIDESMANIA.COM
 Management Policies, Business Procedures, and Public Laws
▪ Worldwide, companies spend
more than $124 billion on security
hardware, software, services
▪ Managing risk includes:
✓ Technology
✓ Effective management policies
✓ Public laws and active
enforcement
SLIDESMANIA.COM
A Security Plan: Management Policies
▪ Risk assessment
▪ Security policy
▪ Implementation plan
✓ Security organization
✓ Access controls
✓ Authentication procedures,
including biometrics
✓ Authorization policies, authorization
management systems
▪ Security audit
 The Role of Laws and Public Policy

▪ Laws that give authorities tools for identifying, tracing, prosecuting

cybercriminals:
✓ USA Patriot Act
✓ Homeland Security Act
▪ Private and private-public cooperation
✓ US-CERT
✓ CERT Coordination Center
▪ Government policies and controls on encryption software
✓ Organization for Economic Cooperation and eDevelopment (OECD), G7,
European Council, Wassenar Arrangement
SLIDESMANIA.COM
 5. E-commerce Payment Systems
SLIDESMANIA.COM
 E-commerce Payment Systems

▪ In U.S., credit (30%) and debit (42%)

cards as primary online payment methods
✓ Other countries - different systems

▪ Online credit card purchasing cycle

▪ Credit card e-commerce enablers
▪ Limitations of online credit card payment
✓ Security, merchant risk
✓ Cost
✓ Social equity
SLIDESMANIA.COM
 E-commerce Payment Systems
SLIDESMANIA.COM
 Alternative Online Payment Systems

▪ Online stored value systems:

✓ Based on value stored in a consumer’s
bank, checking, or credit card account
✓ Example: PayPal

▪ Other alternatives:
✓ Amazon Pay
✓ Meta Pay
✓ Visa Checkout, Mastercard’s MasterPass
SLIDESMANIA.COM
 Alternative Online Payment Methods in Europe
SLIDESMANIA.COM

https://www.flagshipadvisorypartners.com/the-
rise-of-alternative-payment-methods-in-europe
 Alternative Online Payment Methods in Europe
SLIDESMANIA.COM

https://www.flagshipadvisorypartners.com/the-
rise-of-alternative-payment-methods-in-europe
 Payment Systems in South Korea
SLIDESMANIA.COM

https://en.komoju.com/blog/payment-method/south-korea/
 Payment Systems in South Korea

▪ The most Prominent Digital Wallets in South Korea:

✓ KakaoPay (51%)
✓ Naver Pay (30%)
▪ The other two most common digital wallets:
✓ Toss (15%) and Payco (4%)
SLIDESMANIA.COM
 Payment Systems in South Korea

Most used mobile payments by brand in South Korea as of June 2023

SLIDESMANIA.COM

Source: Statista
 Payment Systems in South Korea

▪ Example of Naver Shopping:

▪ Payment options:
Payment options
N Pay Money
SLIDESMANIA.COM
 Payment Systems in South Korea

▪ Example of Naver Shopping:

▪ Payment options:

Easy bank transer Easy credit card payment

SLIDESMANIA.COM
 Payment Systems in South Korea

▪ Example of Naver Shopping:

▪ Payment options:

Easy credit card payment

Other simple options

Credit Mobile Buy now,

cards phone pay later
SLIDESMANIA.COM
 Mobile Payment Systems

▪ Use of mobile phones as payment devices

✓ Established in Europe and Asia
✓ Expanding in United States
▪ Near field communication (NFC) and Quick Response (QR) codes
▪ Different types of mobile wallets
✓ Universal proximity mobile wallet apps, such as Apple Pay, Google
Pay, Samsung Pay
✓ Branded store proximity wallet apps, offered by Walmart, Target,
Starbucks, others
SLIDESMANIA.COM

✓ P2P mobile payment apps, such as Zelle, Venmo, Square Cash

 Mobile Payment Systems
SLIDESMANIA.COM
 Blockchain
Enables organizations to create and verify transactions nearly
instantaneously without a central authority, using a distributed P2P
database (distributed ledger)
▪ Benefits:
✓ Reduces costs of verifying users, validating transactions, and risks of
storing and processing transaction information
✓ Transactions cannot be altered retroactively and therefore are more
secure
▪ Foundation technology for cryptocurrencies and supply chain
SLIDESMANIA.COM

management, as well as potential applications in financial services and

healthcare industries
 Mobile Payment Systems
SLIDESMANIA.COM
 Cryptocurrencies
▪ Use blockchain technology and cryptography to create a purely digital
medium of exchange
▪ Bitcoin the most prominent example
✓ Created by a mysterious figure or group known only by a
pseudonym Satoshi Nakamoto in response to the world financial
crisis in the late 2000s
✓ Fully decentralized  no one controls it
▪ Seems to have a capacity for secure and fast transactions
▪ However, has major issues with theft and fraud
▪ Value of Bitcoins have widely fluctuated
SLIDESMANIA.COM
 Cryptocurrencies
SLIDESMANIA.COM
 ▪ Some
governments
have banned
Bitcoin
SLIDESMANIA.COM
 Cryptocurrencies
Other
cryptocurrencies
(altcoins)
include
Ethereum/Ether,
Ripple, Litecoin
Monero and
Dogecoin
SLIDESMANIA.COM
 Cryptocurrencies
▪ Initial coin offerings (ICOs) being used by some startups
to raise capital
SLIDESMANIA.COM
 6. Electronic Billing Presentment
& Payment
SLIDESMANIA.COM
 Electronic Billing Presentment & Payment
(EBPP)
▪ Online payment systems for monthly
bills
▪ Four EBPP business models:
✓ Online banking model (most widely
used)
✓ Biller-direct (bills sent via email)
✓ Mobile (making payments via apps)
✓ Consolidator (a third-party making
one-stop bill payment)
SLIDESMANIA.COM

▪ All models are supported by EBPP

infrastructure providers
 Thank you!
Any questions?
SLIDESMANIA.COM