Unit I

What is E-Commerce?

E-commerce is also referred to as Electronic commerce or internet commerce. It is the process of selling and
buying goods as well as services via internet. Some popular e-Commerce platforms are Shopify.

There are four types of Ecommerce models - Business to Consumer (B2C), Business to Business (B2B),
Consumer to Consumer (C2C), and Consumer to Business (C2B).

E-commerce can be drawn on many technologies such as mobile commerce, Internet marketing, online
transaction processing, electronic funds transfer, supply chain management, electronic data interchange (EDI),
inventory management systems, and automated data collection systems. It has various benefits and limitations.

E-Commerce has various features, such as -

o Improved sales - E-Commerce gives a large improvement in existing sales volume. Using e-commerce,
we can generate orders and products from anytime, anywhere, without any human intervention.
o Cashless Payment - E-Commerce allows the use of electronic payment. It allows the transaction from
credit cards, debit cards, electronic fund transfer via bank's website, and other electronic payment
methods.
o 24x7 availability - E-Commerce provides 24x7 service availability. It is available anywhere, anytime. It
automates the business of enterprises and their process of providing services to their customers.
o Advertising and Marketing - E-Commerce helps in good marketing management of products and
services. It helps to increase the reach of advertising of products and services of businesses.
o Improvement in communication - E-commerce gives faster, efficient and reliable communication with
customers and partners.

The features of e-commerce are not limited to the above-listed features. There are some features of e-commerce
includes Inventory management and support. It provides better services to its customers.
Advantages of E-commerce

E-commerce is beneficial for organizations, society, and customers. So we can categorize its benefits into three
categories: benefits to consumers, benefits to society, and benefits to organizations.

Advantages to Consumers

There are various benefits of E-commerce to consumers that are listed as follows -

o It is also mentioned in features of e-commerce that it provides 24x7 supports to its consumers. It
provides the facility of placing orders anytime, anywhere, or from any location.
o It provides more options to its customers and gives a faster delivery of products.
o Users can select cheaper and better options via e-commerce as it provides more options to its
customers.
o Before the final purchase of a product, a customer can see the reviews and comments of a particular
product and can also put their reviews and comments about a product.
o It provides the information in an easy way, i.e., the information is not hard to read. A customer can see
the detailed information of a product within some seconds instead of waiting for days.
o Because of e-commerce, the competition between the organization increases, and as a result
organization gives ample discounts to its customers.

Advantages to Society

There are various benefits of E-commerce to society that are listed as follows -

o It is majorly beneficial for reducing air pollution because e-commerce customers do not require to
travel, and as a result, there will be less traffic on the road.
o It provides the facility to rural areas to access services and products that are otherwise unavailable to
them.
o E-commerce is helpful to government in delivering the public services like education and healthcare in a
better way and at a minimal cost.

It is beneficial to society in many ways, as it helps to reduce pollution, and other benefits include saves time,
anytime, anywhere accessibility, and many more.

Advantages of organizations

There are various benefits of E-commerce to organizations that are listed as follows -

o Using e-commerce, paperwork is reduced.

o With minimum investment, organizations can expand their business or market to national and
international levels.
o E-commerce helps to improve the company's brand image.
o It is also helpful to organizations to provide better services to their customers.
o E-commerce digitizes the information that helps to manage the paper-based information, reduce the
cost of creating processes.
 o It helps to increase the productivity of organizations.

So, these are the benefits of e-commerce. Along with the above-mentioned benefits, it also has limitations. Now,
let's see the limitations of using e-commerce.

Disadvantages of E-commerce

The limitations of using e-commerce are mentioned as follows -

o As there is a requirement of the internet to use e-commerce, it is possible that the internet may be slow.
o It does not have any universal standard for reliability and quality.
o There can be compatibility issues.
o Security is another concern of using e-commerce. We have seen security breaches many times where the
customer's information got stolen. Some of the big concerns with customers include identity theft, credit
card theft, etc.
o E-commerce uses a public key that is not secure.
o It is a major drawback in E-commerce that there is a lack of feel or touch of products while purchasing
them online.
o It is inconvenient to use the internet for those people who are living in remote villages, and it is still not
cheaper.
o The cost of the creation and building of an e-commerce application may be very high.
o It is hard to convince traditional users to purchase products online rather than in physical stores.
o Sometimes, there is a risk of purchasing unsatisfactory products via E-commerce.

E-Commerce - Business Models

E-commerce business models can generally be categorized into the following categories.

• Business - to - Business (B2B)

• Business - to - Consumer (B2C)
• Consumer - to - Consumer (C2C)
• Consumer - to - Business (C2B)

Business - to - Business

A website following the B2B business model sells its products to an intermediate buyer who then sells the
product to the final customer. As an example, a wholesaler places an order from a company's website and
after receiving the consignment, sells the endproduct to the final customer who comes to buy the product at
one of its retail outlets.
Business - to - Consumer

A website following the B2C business model sells its products directly to a customer. A customer can view
the products shown on the website. The customer can choose a product and order the same. The website
will then send a notification to the business organization via email and the organization will dispatch the
product/goods to the customer.

Consumer - to - Consumer

A website following the C2C business model helps consumers to sell their assets like residential property,
cars, motorcycles, etc., or rent a room by publishing their information on the website. Website may or may
not charge the consumer for its services. Another consumer may opt to buy the product of the first
customer by viewing the post/advertisement on the website

Consumer - to - Business

In this model, a consumer approaches a website showing multiple business organizations for a particular
service. The consumer places an estimate of amount he/she wants to spend for a particular service. For
example, the comparison of interest rates of personal loan/car loan provided by various banks via websites.
A business organization who fulfills the consumer's requirement within the specified budget, approaches
the customer and provides its services.
 Legal Requirements And Compliances For E-commerce
1. Company or LLP Registration
Every business is required to get registered with the Ministry of Corporate Affairs under the applicable laws.
Such a business shall either be incorporated under the (Indian) Companies Act, 2013 or a foreign company or an
office, branch or an agency outside India and necessarily be owned or controlled by an Indian resident.
2. GST Registration
For a successful establishment of an E-commerce business, GST registration is mandatory. Every E-commerce
business irrespective of its turnover is required to be compulsorily registered under the Central Goods &
Service Tax (CGST) Act.
3. Bank Account
Opening a bank account in the name of the business is a convenient process. In case of a Proprietorship firm, the
first step is to obtain a GST registration in the name of the business in order to open a bank account. An active
bank account is the bare minimum requirement to be able to list a business on an E-commerce marketplace or
to obtain a payment gateway for a proprietary E-commerce website.
4. Payment Gateway
A payment gateway is mandatory for a proprietary E-commerce website to process the payments. It allows the
website to accept payments through credit card(s), debit card(s), net banking, internet banking from multiple
banks. Therefore, one payment gateway is sufficient to accept various forms of online payments. Further, once
the payment is received by the customer by the website, such payment is sent to that respective business’s bank
account through the payment gateway.
In the event, where the business runs through the online marketplaces, the marketplace would accept the
payment through their payment gateway and directly credit such an amount to the bank account of the seller.
Hence, a bank account shall be in place for smooth transactions.
5. Legal Documents
While selling on the internet, it is important to safeguard the business and the promoters by strict adherence to
terms and conditions and the privacy policy of such businesses. In the case of a proprietary E-commerce
website, the terms and conditions, disclaimer and privacy policy would have to be drafted as per the business,
keeping in mind the nature of its activities and products they sell online.
If any business operates through online marketplaces, then the marketplace provides the seller with a legal
document or sellers’ agreement and the seller must abide by the sellers’ agreement. It is important for any
business to go through the sellers’ agreement(s) in detail before the execution as it is the legal binding
agreement between the seller and the marketplace.
Other requirements
There are a few additional requirements such as cyber law due diligence, compliance under the Competition
Laws of India and the laws related to data protection and appointment of a Nodal Officer in case of an
international E-commerce business setup in India which are important to always be complied with.
ENVIRONMENT OF E-COMMERCE

The technology and infrastructure used to develop the E-commerce application is the key to its success.
The hardware and software must be selected in such a way that they can fulfill the needs of the E-commerce
application.
The following figure shows the components involved in E-commerce infrastructure.
1. Hardware:

A Web server hardware platform is one of the major components of the Ecommerce infrastructure on which the
performance of the whole E-commerce application depends.
While selecting Web server hardware, the software that will run on the server of the E-commerce transactions
to be processed must be considered.
The amount of the storage capacity and the computing power required depend on the volume of the E-
commerce transaction to be processed.
If the exact requirements are not known in advance, then the hardware configuration should be highly scalable
so that they can be upgraded to meet the requirements.

2. E - Commerce Softwares
Software is the main component that implements the E-commerce services and functionality. Software for E-
commerce can be categorized in the following two types
Web server software:
Web server software is required in addition to the Web server operating system software.
It is used to implement some extra functionality such as security and identification and retrieval and sending of
Web pages.
Web server software creates a Web log file that identifies things such as the URL of the visitor, the length of the
visit and the search engine and the key words used to find the site.
Web server software includes website development tools such as HTML editor and Web page upload support.

E-commerce softwares:
With the growth of E-commerce, many applications have emerged— for example, the electronic shopping cart
that tracks the items selected for purchase and their costs.

A typical E-commerce software must support the following processes:

Catalog management:

It is required to deliver the customized content to the screen or the GUI used by the customer.
The software used for catalog management combines the different product data formats into a standard format
for viewing, aggregating and interacting catalog data into a central store.
Product configuration:

The Web-based product configuration software allows the user to build the product to their specifications
without the intervention of the salespeople.
For example, Dell Computers and CISCO systems use configuration software to sell build-to-order and network
processes to their customers over the Internet.

Shopping cart
A model known as shopping cart is used by Ecommerce sites to track the items that are selected for purchase;
the shopping cart allows customers to view all the items selected by them.
The customers can add new items and remove the previously selected items from the shopping cart.

Transaction processing:

E-commerce transaction processing is used to process the data received from the. Shopping cart and to calculate
the total cost of the purchase

Ethical Issues in E-Commerce

E-Commerce is a platform where involve exchange of product and services over the internet. This trading
process take the form of ,Online shopping web sites for retail sales direct to consumers, Providing or
participating in online marketplaces, which process third-party business-to-consumer or consumer-to-
consumer sales , Business-to-business buying and selling , Gathering and using demographic data through web
contacts and social media, Business-to-business electronic data interchange , Marketing to prospective and
established customers by e-mail or fax (for example, with newsletters) , Engaging in pre-retail for launching
new products and services , Online financial exchanges for currency exchanges or trading purposes.
For effective complete of E-commerce system process and services , it requires some third parties communities
such online banking platform, electronic data interchange, Mobile platform and internet connections. The idea
of conducting trade over internet has brought some advantage to both producers and consumers these are time
saving as reduce time to travel for shopping malls, Make shopping flexible as one can make orders at their
comfort. Nevertheless, the good things that came with commercialization of e-commerce’s, there are some
adverse effects of ethical issues that precipitate and need to be paying attention for its fullness. These issues are
Online privacy, web spoofing, cyber-squatting, phishing and web tracking.

Web tracking
Every time someone visit the web, the website system retains some trails of the users that can be refer later, this
trails are normal call logs. These logs contains all the records pertains to what the users perform in the site. Logs
as records mean, they can be retrieve or save for later use.
Analysis of log file means turning log data into application service or installing software that can pluck relevant
information from files in-house. Companies track individual’s movement through tracking software and cookie
analysis. Programs such as cookies raise a batch of privacy concerns. The tracking history is stored on your PC’s
hard disk, and any time you revisit a website, the computer knows it. Many smart end users install programs
such as Cookie cutters, Spam Butcher, etc which can provide users some control over the cookies. The battle
between computer end users and web trackers is always going on with a range of application programs. For
example, software such as Privacy Guardian, My Privacy, etc can protect user’s online privacy by erasing
browser’s cache, surfing history and cookies. To detect and remove spyware specially designed programs like
Ad-Aware are present. A data miner application, collects and combines Internet browsing history of users and
sends it to servers. The battle goes on!

Online Privacy
Most Electronic Payment Systems knows the identity of the buyer. So it is necessary to protect the identity of a
buyer who uses Electronic Payment System. A privacy issue related to the employees of company is tracking.
Monitoring systems are installed in many companies to monitor e-mail and other web activities in order to
identify employees who extensively use business hours for non-business activities. The e-commerce activities
performed by a buyer can be tracked by organizations. These activities of monitoring customers raise ethical
issues on how secure and anonymous information are being handle by the e-commerce providers.

Web Spoofing
Web spoofing is an electronic deception relates to the Internet. It occurs when the attacker sets up a fake
website which almost totally same with the original website in order to lure consumers to give their credit card
number or other personal information. For example is the attacker setup a site called www.jumiaa.com using
addiction of later ‘a’ at the end, which many users sometimes type by mistake. Users might find themselves in a
situation that they do not notice they are using a bogus web-site and give their credit card details or other
information.

Cyber-Squatting
Cybersquatting is an activity which a person or firm register, purchase and uses the existing domain name
belong to the well-known organization for the purpose of infringing its trademarks. This type of person or firm,
called cyber-squatters usually infringed the trademarks to extort the payment from original trademark’s owner.
The extortion of payment occur when they offers the prices far greater than they had purchased the
organization’s domain name upon. Some cyber-squatters put up offensive remarks about the person or
company which the domain is meant to represent in an effort to encourage the subject to re-buy their domain
from them.

Privacy Invasion
The privacy invasion occur when the personal details belong to consumers are exposed to the unauthorized
party. These can be seen in the following ways.

• The personal information of consumers being transmit may be intercepted by anyone other than the
person whom it is intended. Protecting the privacy of communication is a great challenge, due to the
very nature of the online medium, an open network of digital telecommunications. It is technically and
economically impossible to patch all the holes through which unauthorized intruders may gain access.
• Malicious programs delivered quietly via web pages could reveal credit card numbers, usernames, and
passwords that are frequently stored in special files called cookies. Because the internet is stateless and
cannot remember a response from one web page view to another, cookies help solve the problem of
remembering customer order information or usernames or passwords.

Email Spamming & phishing

E-mail spamming involved unsolicited commercial e-mail (UCE) sent or broadcast unwanted advertisement or
correspondence over the Internet. The use of e-mail spammers meant to lure consumers to enter their personal
information on fake website using e-mail, forged to look like it is from authorized organization such as bank.
The content of e-mail often directs the consumers to the fake website in order to lure them to fill their personal
information such as credit card or bank account’s details. This technique is called phishing. And these illegal
process easily compromised the user's right and expose to danger.

Intellectual Property Theft and Copyright Trolls

The basic cut-and-paste allows anyone with Internet access to directly copy the original works of another. Text,
photos, music, artwork and ideas routinely move from the creators to the copiers, with no permission for use
granted or sought. The victim of this theft only has recourse if he's registered a copyright and then wants to
spend the time and trouble to write demand letters and threaten lawsuits. At the other end of the ethical
spectrum, "copyright trolls" buy the rights to movies, books and music, threaten mass lawsuits against
thousands of people found to be downloading the material and demand a quick settlement from each of them.
 What is Electronic Data Interchange (EDI)?

Electronic Data Interchange (EDI) is the electronic interchange of business information using a standardized
format; a process which allows one company to send information to another company electronically rather than
with paper. Business entities conducting business electronically are called trading partners.

Many business documents can be exchanged using EDI, but the two most common are purchase orders and
invoices. At a minimum, EDI replaces the mail preparation and handling associated with traditional business
communication. However, the real power of EDI is that it standardizes the information communicated in
business documents, which makes possible a "paperless" exchange.

The traditional invoice illustrates what this can mean. Most companies create invoices using a computer system,
print a paper copy of the invoice and mail it to the customer. Upon receipt, the customer frequently marks up
the invoice and enters it into its own computer system. The entire process is nothing more than the transfer of
information from the seller's computer to the customer's computer. EDI makes it possible to minimize or even
eliminate the manual steps involved in this transfer.

The process improvements that EDI offers are significant and can be dramatic. For example, consider the
difference between the traditional paper purchase order and its electronic counterpart:

A Traditional Document Exchange of a Purchase An EDI Document Exchange of a Purchase Order

Order

This process normally takes between three and five days. This process normally occurs overnight and can take
less than an hour.

•Buyer makes a buying decision, creates the purchase order•Buyer makes a buying decision, creates the purchase
and prints it. order but does not print it.
•Buyer mails the purchase order to the supplier. •EDI software creates an electronic version of the
•Supplier receives the purchase order and enters it into thepurchase order and transmits it automatically to the
order entry system. supplier.
•Buyer calls supplier to determine if purchase order has•Supplier's order entry system receives the purchase
been received, or supplier mails buyer an acknowledgmentorder and updates the system immediately on
of the order. receipt.
•Supplier's order entry system creates an
acknowledgment an transmits it back to confirm
receipt.
 Value Chain
The idea of a value chain was pioneered by American academic Michael Porter in his 1985 book Competitive
Advantage: Creating and Sustaining Superior Performance. He used the idea to show how companies add value
to their raw materials to produce products that are eventually sold to the public. 1

The concept of the value chain comes from a business management perspective. Value chain managers look
for opportunities to add value to the business. They may look for ways to cut back on shortages, prepare
product plans, and work with others in the chain to add value to the customer.

There are five steps in the value chain process. They give a company the ability to create value exceeding the
cost of providing its goods or services to customers. Maximizing the activities in any one of the five steps
allows a company to have a competitive advantage over competitors in its industry. The five steps or activities
are:

1. Inbound Logistics: Receiving, warehousing, and inventory control.

2. Operations: Value-creating activities that transform inputs into products, such as assembly and
manufacturing.
3. Outbound Logistics: Activities required to get a finished product to a customer. These include
warehousing, inventory management, order fulfillment, and shipping.
4. Marketing and Sales: Activities associated with getting a buyer to purchase a product.
5. Service: Activities that maintain and enhance a product's value, such as customer support and
warranty service.

In order to help streamline the five primary steps, Porter says the value chain also requires a series of support
activities. These include procurement, technology development, human resource management, and
infrastructure.2

A profitable value chain requires connections between what consumers demand and what a company
produces. Simply put, the connection or sequence in the value chain originates from the customer's request,
moves through the value chain process, and finally ends at the finished product. Value chains place a great
amount of focus on things such as product testing, innovation, research and development, and marketing.

Supply Chain
The supply chain comprises the flow of all information, products, materials, and funds between different stages
of creating and selling a product to the end user. The concept of the supply chain comes from an operational
management perspective. Every step in the process—including creating a good or service, manufacturing it,
transporting it to a place of sale, and selling it—is part of a company's supply chain.

The supply chain includes all functions involved in receiving and filling a customer request. These functions
include:

• Product development
• Marketing
• Operations
• Distribution
• Finance
• Customer service
Supply chain management is an important process for most companies and involves many links at large
corporations. For this reason, supply chain management requires a lot of skill and expertise to maintain.

The main stakeholders in value chains are shareholders and investors, while supply chain partners are crucial
stakeholders in the supply chain.

While many people believe logistics—or the transportation of goods—to be synonymous with the supply
chain, it is only one part of the equation. The supply chain involves the coordination of how and when products
are manufactured along with how they are transported.

The primary concerns of supply chain management are the cost of materials and effective product delivery.
Proper supply chain management can reduce consumer costs and increase profits for the manufacturer.
 Unit II
E-Commerce - Payment Systems
E-commerce sites use electronic payment, where electronic payment refers to paperless monetary transactions.
Electronic payment has revolutionized the business processing by reducing the paperwork, transaction costs,
and labor cost. Being user friendly and less time-consuming than manual processing, it helps business
organization to expand its market reach/expansion. Listed below are some of the modes of electronic payments
−

• Credit Card
• Debit Card
• Smart Card
• E-Money
• Electronic Fund Transfer (EFT)

Credit Card
Payment using credit card is one of most common mode of electronic payment. Credit card is small plastic card
with a unique number attached with an account. It has also a magnetic strip embedded in it which is used to
read credit card via card readers. When a customer purchases a product via credit card, credit card issuer bank
pays on behalf of the customer and customer has a certain time period after which he/she can pay the credit
card bill. It is usually credit card monthly payment cycle. Following are the actors in the credit card system.

• The card holder − Customer

• The merchant − seller of product who can accept credit card payments.
• The card issuer bank − card holder's bank
• The acquirer bank − the merchant's bank
• The card brand − for example , visa or Mastercard.

Credit Card Payment Proces

Step Description

Step 1 Bank issues and activates a credit card to the customer on his/her
request.

Step 2 The customer presents the credit card information to the merchant site
or to the merchant from whom he/she wants to purchase a
product/service.

Step 3 Merchant validates the customer's identity by asking for approval from
the card brand company.

Step 4 Card brand company authenticates the credit card and pays the
transaction by credit. Merchant keeps the sales slip.

Step 5 Merchant submits the sales slip to acquirer banks and gets the service
charges paid to him/her.
Step 6 Acquirer bank requests the card brand company to clear the credit
amount and gets the payment.

Step 6 Now the card brand company asks to clear the amount from the issuer
bank and the amount gets transferred to the card brand company.

Debit Card
Debit card, like credit card, is a small plastic card with a unique number mapped with the bank account number.
It is required to have a bank account before getting a debit card from the bank. The major difference between a
debit card and a credit card is that in case of payment through debit card, the amount gets deducted from the
card's bank account immediately and there should be sufficient balance in the bank account for the transaction
to get completed; whereas in case of a credit card transaction, there is no such compulsion.

Debit cards free the customer to carry cash and cheques. Even merchants accept a debit card readily. Having a
restriction on the amount that can be withdrawn in a day using a debit card helps the customer to keep a check
on his/her spending. A debit card (also known as a gift card) is a plastic card which provides an alternative
payment method to cash when making purchases. Physically the card is an ISO 7810 card like a credit card;
however, its functionality is more similar to writing a cheque as the funds are withdrawn directly from either the
cardholder’s bank account (often referred to as a check card), or from the remaining balance on the card.
Depending on the store or merchant, the customer may swipe or insert their card into the terminal, or they may
hand it to the merchant who will do so. The transaction is authorized and processed and the customer verifies
the transaction either by entering a PIN or, occasionally, by signing a sales receipt.
In some countries the debit card is multipurpose, acting as the ATM card for withdrawing cash and as a check
guarantee card. Merchants can also offer “cashback”/ ”cashout” facilities to customers, where a customer can
withdraw cash along with their purchase.

The use of debit cards has become wide-spread in many countries and has overtaken the check, and in some
instances cash transactions by volume. Like credit cards, debit cards are used widely for telephone and Internet
purchases.
Smart Card
Smart card is again similar to a credit card or a debit card in appearance, but it has a small microprocessor chip
embedded in it. It has the capacity to store a customer’s work-related and/or personal information. Smart cards
are also used to store money and the amount gets deducted after every transaction. A smart card, chip card, or
integrated circuit card (ICC) is any pocket-sized card with embedded integrated circuits. Smart cards are made of
plastic, generally polyvinyl chloride, but sometimes polyethylene terephthalate based polyesters, acrylonitrile
butadiene styrene or polycarbonate.

Smart cards can provide identification, authentication, data storage and application processing. Smart cards may
provide strong security authentication for single sign-on (SSO) within large organizations

Types of smart cards:

Contact smart cards

Contact smart cards have a contact area of approximately 1 square centimeter (0.16 sq in), comprising several
gold-plated contact pads. These pads provide electrical connectivity when inserted into a reader,[8] which is
used as a communications medium between the smart card and a host (e.g., a computer, a point of sale terminal)
or a mobile telephone. Cards do not contain batteries; power is supplied by the card reader

Contactless smart cards

A second card type is the contactless smart card, in which the card communicates with and is powered by the
reader through RF induction technology. These cards require only proximity to an antenna to communicate. Like
smart cards with contacts, contactless cards do not have an internal power source. Instead, they use an inductor
'to capture some of the incident radio-frequency interrogation signal, rectify it, and use it to power the card's
electronics

Example of widely used contactless smart cards are London's Oyster card, Hong Kong's Octopus card, Tokyo's
Suica and Pasmo cards used for public transportation

Smart Cards and Electronic Commerce:

Smart cards are turning out to be a fundamental piece of the transformation of retailing into electronic
commerce. The impressive growth of the Internet is making electronic shopping at least a real possibility, if not a
habit, among computer users. However, the business model used in current electronic commerce applications
still cannot enjoy the full potential of the electronic medium. Moreover, concerns about the reliability of an
invisible counterpart and about the safety of the Internet for credit card information increase the wariness and
thereby limit the use of the electronic shopping on the part of customers.
Of the estimated 360 billion payments that took place in the United States in 1995, approximately 300 billion
could not have taken place using the existing electronic media. Such transactions involved micro-payments p; i.e.
payments for less than $10 p; which are virtually outside of the electronic arena for lack of a payment method
compatible with such low amounts. Credit cards or checks are simply too expensive to use for micro-payments,
and the e-cash currently being experimented on the World Wide Web does not seem to have the characteristics
to appeal to shoppers. For this reason, smart cards could be a fundamental building block of widespread use of
electronic commerce, since they are an instrument to pay at a low cost for transactions involving small amounts
of money.

Another big advantage of smart cards for electronic commerce is their use for the customization of services. It is
already possible to purchase tailored services on the World Wide Web p; MyYahoo and FireFly are well known
examples. However, in order for the service supplier to deliver the customized service, the user has to provide
each supplier with her profile p; a boring and time consuming activity. A smart card can contain a non-encrypted
profile of the bearer, so that the user can get customized services even without previous contacts with the
supplier.

Smart cards can only be accessed using a PIN that every customer is assigned with. Smart cards are secure, as
they store information in encrypted format and are less expensive/provides faster processing. Mondex and Visa
Cash cards are examples of smart cards.

E-Money
E-Money transactions refer to situation where payment is done over the network and the amount gets
transferred from one financial body to another financial body without any involvement of a middleman. E-
money transactions are faster, convenient, and saves a lot of time.
Online payments done via credit cards, debit cards, or smart cards are examples of emoney transactions.
Another popular example is e-cash. In case of e-cash, both customer and merchant have to sign up with the bank
or company issuing e-cash.

Electronic Credit Cards

Electronic credit cards are almost exactly the same size as regular credit cards, and they use similar magnetic
stripes (depending on the card you have, some may also have EMV and NFC chips). The difference? Electronic
credit cards allow you to add multiple cards onto a single device that looks and acts like a credit card. Then, when
you’re ready to pay, you choose which credit card account you’d like to use.
They Do More Than You’d Expect
You can store more than just payment cards on an electronic credit card—including loyalty cards, gym passes
and gift cards. Apps also play a big role. They let you view your cards, add new ones and provide additional
security options—like mobile alerts if you leave your card behind.

Acceptance Isn’t Quite Guaranteed

Because they use magnetic stripes and chips similar to normal credit cards, they're accepted at most of the same
places. But because the technology is still new and acceptance is not universal, you’ll want to carry a backup card,
just in case.

Batteries Are Included—and Required

Electronic credit cards run on batteries, which will eventually die. Some can be recharged. Other cards have to be
replaced about every 2 years when the battery is used up.
 Like All Technology, They’re Evolving
Adding multiple cards onto one is a convenient way to declutter your wallet, but there are others—like a mobile
wallet. Plus, payment technology is constantly changing, so there's the possibility for new options to pop up in
the future.
Marketing on the web

“E-commerce marketing pertains to activities that guide shoppers through the conversion funnel.”

E-commerce marketing enables the following:

1.
o Creating awareness about your e-commerce store
o Driving traffic to the store
o Converting visitors into paying customers

Benefits of online marketing

A key benefit of using online channels for marketing a business or product is the ability to measure the impact of
any given channel, as well as how visitors acquired through different channels interact with a website or landing
page experience. Of the visitors that convert into paying customers, further analysis can be done to determine
which channels are most effective at acquiring valuable customers.

Analytics for web or mobile app experiences can help determine the following:

• Which online marketing channels are the most cost-effective at acquiring customers, based on the conversion
rate of visitors to customers, and the cost of those visitors.
• Which channels are effective at acquiring and driving higher lifetime value for customers — such as email
marketing, which drives repeat purchases to prior customers.
• Which cohorts of customers exhibit strong engagement behavior and high potential for upsells — such as
software or mobile apps, which expect to sell more products to customers with high engagement.

Online marketing tools

There are a number of tools that can be used to build and maintain a robust online marketing program:

• Email marketing
• Social media marketing
• Search engine optimization (SEO)
• Display advertising like LinkedIn ads or Google Display Network
• Search engine marketing (SEM)
• Online events & webinars
• A/B testing & website optimization
• Content marketing
• Video marketing
• Marketing analytics like Google Analytics
• Marketing automation
• Customer relationship management (CRM)
• Content management system (CMS)
• Pay-per-click (PPC) advertising like Google Ads
• Affiliate marketing
 Examples of online marketing

Some examples of online marketing campaigns include:

• Canon advertises for search keywords related to "photography" on Google, Yahoo, and Bing search engines to
market their cameras to a relevant audience to drive traffic to a specific webpage.
• Whole Foods collects email addresses on their website to create email lists that can be used to advertise new
products, sales, and events in their stores.
• Dove creates video advertisements and shares them with their audience on Facebook, Twitter, and other social
media platforms to promote favorable conversation about their brand and products.
• Bite Beauty partners with influencers to promote a new lipstick to their target audience of high-quality, beauty
enthusiasts.

Although online marketing creates many opportunities for businesses to grow their presence via the internet and
build their audiences, there are also inherent challenges with these methods of marketing. First, the marketing
can become impersonal, due to the virtual nature of message and content delivery to a desired audience.
Marketers must inform their strategy for online marketing with a strong understanding of their customer’s needs
and preferences. Techniques like surveys, user testing and in-person conversations can be used to understand
the overall user experience.

Online marketing can also be crowded and competitive. Although the opportunities to provide goods and
services in both local and far-reaching markets is empowering, the competition can be significant. Companies
investing in online marketing may find visitors’ attention is difficult to capture due to the number of business
also marketing their products and services online. Marketers must develop a balance of building a unique value
proposition (UVP) and brand voice as they test and build marketing campaigns on various channels.

Marketing Strategy

Running an e-commerce store is a high-octane activity. There are plenty of tasks to be done at any given time,
and automation is a basic requirement.

Representation of the Steps to Create Your E-Commerce Marketing Strategy

In this section, we will look at nine e-commerce marketing strategies that will help you reach your goals.
1. Search Engine Optimization (SEO)

Ranking organically on the search engine result pages (SERP) requires you to have a sound SEO strategy. Here
are a few considerations to help your store rank higher up on search engines:

o Make your website mobile-friendly.

o Optimize page load time (Google PageSpeed Insights).
o Run an SEO audit (Ubersuggest)
o Perform thorough keyword research and identify keywords that you want to rank for (Google
Keyword Planner).
o List all product, category, and blog posts and pages. Correlate target keywords and keyword
phrases to each post and page and place them strategically in on-page elements such as the
title, URL, header tags, text, alt text, anchor link, and so on.
o Strengthen your local SEO game by creating your Google My Business profile.
o Fix technical SEO errors such as duplicate pages. Seek help from an SEO expert if necessary.
o Setup your website on Google Search Console.

Other Recommended SEO Tools

o SEMrush
o Moz Keyword Explorer
o Site Explorer by Ahrefs

2. Content Marketing

We will expand on the concept of on-page SEO in this section. Content marketing for e-commerce websites goes
beyond its conventional meaning and includes product, category, and cart pages. Copywriting is an essential
component of e-commerce marketing as it contributes to effectively driving conversions.

Let’s look at the different areas where you can implement content marketing:

o Product pages: Headline, product description, high-res images, and demo videos.
o Blog Section: Create content around your niche that is valuable and informative to your prospects
and customers. Example: blog posts, downloadable content, infographics, checklists, etc.
o Rich Media: There is a lot of space for storytelling for e-commerce stories. Try out
videos, podcasts, or other interactive media to create content.

Top Content Marketing Tools

o Feedly
o Buzzsumo
o Google Trends
o Grammarly

3. Email Marketing
 You can significantly amp up your conversion rates if you use email marketing wisely. No matter how many
‘Email is dead’ articles surface occasionally, email is not losing its prominence in e-commerce marketing.

You can boost your list building efforts through smart marketing tactics. For example, get your website visitors
to sign-up for your email list by enticing them with downloadable content or by strategically placing lead
generation tools (header bars, pop-ups, etc.).

Once they sign-up to your list or provide their email address during checkout, you can initiate the appropriate
email sequence. Here are a few examples of emails that you can send:

o A welcome sequence (drip email campaign) to new subscribers

o Transactional emails to keep buyers updated on their purchase (including an order confirmation,
receipts/invoices, shipment, delivery confirmation, and returns/exchange emails)
o Promotional emails occasionally to promote upselling or cross-selling opportunities

Top Email Marketing Tools

1.
Mailchimp
o
ConvertKit
o
ActiveCampaign
o
GetResponse
o
4. Social Media Marketing

E-commerce is one of the industries that benefit tremendously from social media. The reason is the user intent
while scrolling social media, plus the product ads are not always perceived as an intrusion.

Social media is ideal for e-commerce also because it is a visual medium and thus makes it is easy to persuade
people through images and videos.

Apart from the generous use of social ads to reach your target audience, the rise of social commerce such
as Instagram Shopping is going to facilitate your e-commerce marketing efforts in the future.

Top Social Media Tools

o HootSuite
o Sprout Social
o AdEspresso
o Buffer

5. Paid Advertising

Once you have peaked your reach through organic ways, your e-commerce store revenue becomes a function of
the money you spend in ads. That’s why almost every successful online store invests heavily in paid ads (search
ads, social media ads, native ads, etc.) that target each stage of the buyer’s journey.

Here is how you can begin with your paid advertising efforts:

o Invest in search ads and Google Shopping ads to target the awareness stage
o Target people who visited your site but didn’t complete the purchase through remarketing ads
o Expand your target audience through lookalike audience ads
6. Influencer Marketing
People are influenced by people they trust. Users would rather trust a celebrity or an expert in their niche than a
brand, that’s why e-commerce stores are now investing in influencer marketing.

In influencer marketing, you collaborate with celebrities or users with a significant fan following to act as brand
ambassadors. You provide them with the content guidelines as the aim is not to sound too pushy about your
products. Once they share the content on their social media accounts, you evaluate the performance.

Top Influencer Marketing Tools

o Followerwonk
o Kred
o HypeAuditor

7. Conversion Rate Optimization (CRO)

The conversion rate is perhaps the most important metric for any e-commerce store. It is the number of visitors
converted per hundred visitors. Here are four ways that can improve the conversion rate of e-commerce stores:

1. Recommendation Engine: Recommendation engines personalize the shopping experience by

suggesting products to visitors based on their purchase and website browsing history.
2. Cart Abandonment: Cart abandonment software sends reminder emails to shoppers who left the
website without completing the purchase. E-commerce platforms such as BigCommerce offer this
feature as a part of their product.
3. Lead Generation: These tools help you guide shoppers through the conversion funnel via exit intent
pop-ups, opt-in forms, and social proof notifications.

Top CRO Tools

o Sumo
o OptinMonster
o TrustPulse

8. Customer Service and Support

Online stores face occasional hiccups in the logistics, inviting angry customers concerned about their orders. To
tackle this effectively, e-commerce stores need to have a prompt customer service department in place.

Shoppers should be able to communicate with you through the phone, emails, or live chat. In addition to
traditional mediums, e-commerce stores need to experiment with conversational AI so that they can
communicate with shoppers in real-time via digital assistants, messenger apps, and chatbots.

Top Customer Service and Support Tools

o Zendesk
o Freshdesk
o Intercom

9. Marketing Analytics

One of the crucial aspects of CRO is testing various elements of your website. Additionally, tracking the store
performance helps you evaluate the impact of these changes.
Having analytics tools in place will help you track all these aspects. Quantitative analytics tools measure
quantitative data, such as visits, conversions, page views, bounce rate, etc.

On the other hand, qualitative analytics tool uses heatmaps, user session recordings, and funnel visualization to
run A/B tests and understand the qualitative performance of the website.

Top Marketing Analytics Tools

o Google Analytics
o Hotjar
o Optimizely
o Crazy Egg

Web Advertising

Generally speaking, web advertising is any form of Internet-based marketing. When we say any form, we mean
anytime your company participates on the web. Because remember, marketing doesn’t just happen when you’re
paying for it or actively pursuing it. This means web advertising includes: email campaigns, social media activity,
your website, and your blog.

But typically, when web advertising is discussed, people are referring to methods such as Pay-Per-Click (PPC)
and display advertising. Both of these campaigns are typically used in conjunction with Social Media or search
engines, such as Google and Microsoft’s Bing.

These powerhouses dominate search, especially Google. As of January 2016, nearly 64 percent of all desktop
searches were performed through a Google site, reported comScore. (Bing sites were used for roughly 21 percent
of all desktop searches and Yahoo sites, which are supplied by Bing, were used for roughly 12 percent.)

Long story short, Google is the leader of the search world.

By properly utilizing PPC and display advertising, your business can maximize its marketing budget, capture new
leads, and increase sales.

Why is This Type of Web Advertising Popular?

When someone searches Google or Bing, they are actively looking for a solution. They’re usually in the mindset to
buy or act now. In comparison, social media users are more interested in socializing with friends and seeing what
the world is doing. (Note: This is a general comparison of search engine and social media users.)

PPC advertising is effective 'cuz when users search, they're actively looking for a solution.Click to Tweet

What’s Pay-Per-Click?

As the name would suggest, with PPC ads, you only pay when someone clicks. This tool can be used throughout
the Internet. This includes embedding ads into blogs, websites, and email campaigns. PPC campaigns are
regularly seen as text ads on search engines.
When used as search engine advertising, a PPC ad is only displayed when a user searches for a predetermined
keyword or keywords. The ad can then be displayed above the search engine’s organic results, as seen in the
screenshot below.

Text ads are shown at the top and side of a Search session. (see image above).

PPC ads are also integrated around organic listings on mobile search apps and devices.

What’s Display Advertising?

Simply put, display advertising refers to image, audio, or video ads placed on a website - whether manually, or
inserted via ad software. (These ad placements are provided by Google, Bing, Facebook, Twitter or any of the
other myriad third-party companies that offer media buying).

Display Advertising can be purchased in many ways varying from pay-per-click, cost-per-impression (like a
billboard on a highway), or even cost-per-app downloaded.

There are a variety of ways to determine the location of ads and their impressions (where they appear). One of
the most effective is retargeting.

M-commerce

M-commerce is growing, roaring, and not showing any signs of slowing down. Actually, it is expected that the
majority of purchases will be made using mobile devices in the coming few years. Given that, many businesses
have already moved to the smartphone platform to boost their revenues, opening paths for M-Commerce.
It is no hidden fact that almost everyone has a smartphone these days for ease of use, entertainment, education,
and shopping etc. This has made our lives a lot easier. We can do many things on just the click of a button.
Apps like Google Pay and Apple Pay have revolutionized the way we make payments. It does have its fair share of
drawbacks but still, it is a good option to go after and it’s improving with each passing day. M-commerce can be
used by businesses to improve their customer base and increase their revenue.
M-Commerce, short for Mobile Commerce, is a branch of commerce that deals with the digital transactions made
from the smartphone. It doesn’t require physical contact between two people for sending or receiving the money.
In other words, we can say that M-commerce (mobile commerce) is the buying and selling of goods and services
through wireless handheld devices such as smartphones and tablets. As a form of e-commerce, m-commerce
enables users to access online shopping platforms without needing to use a desktop computer.
Examples of M-commerce –

• In-app purchasing
• Mobile banking
• Virtual marketplace apps like the Amazon mobile app or a digital wallet such as Apple Pay, Android Pay,
and Samsung Pay.
• Mobile ticketing

According to Wikipedia, the term mobile commerce was originally coined in 1997 by Kevin Duffey at the launch
of the Global Mobile Commerce Forum, to mean “the delivery of electronic commerce capabilities directly into
the consumer’s hand, anywhere, via wireless technology.”

Types of M-Commerce
M-commerce can be categorized by function as either mobile shopping, mobile banking or mobile payments.
Mobile shopping allows for a customer to purchase a product from a mobile device, using an application such as
Amazon, or over a web app.
A subcategory of mobile shopping is app commerce, which is a transaction that takes place over a native app.
Mobile banking includes any handheld technology that enables customers to conduct transactions.
This is typically done through a secure, dedicated app provided by the banking institution. Mobile payments
enable users to buy products using a mobile device. Digital wallets, such as Apple Pay, allow a customer to buy a
product without needing to swipe a card or pay with physical cash.

M-Commerce is a vast field which doesn’t end at buying a commodity online- it includes all the behaviors related
to checking any stuff online from your smartphone.
The different types of Mobile Commerce are-
1. Browsing for stuff online on your mobile – This type deals with surfing for stuff online like looking for
Groceries, Daily essentials, and electronics. We’re talking about dedicated apps, optimized websites, or even
social media platforms like Facebook or Instagram that allow in-app purchases or linking to online stores.
2. Purchasing app-delivery stuff (Food delivery or e-commerce apps) – This type deals with the services related
to ordering things like food, cab pickup, and others.
3. Mobile banking – Mobile banking is the method that involves accessing the features of the bank using online
methods. The transactions are made from specific apps designed by apps, though some financial services
companies are now experimenting with chatbots or messaging apps to deliver customer service.
4. Mobile App payments(Google Pay or PayPal) – This type primarily focuses on making payment transactions
through apps. The user is required to register their credit or debit card and then use it whenever they want.
5. Purchasing or renting digital content (Netflix, Spotify, etc) on a mobile device – This involves buying or renting
online services like Music Streaming, Video Streaming, or commodity-based on a rent basis.
6. Mobile person-to-person payments(Venmo or Xoom) – This type involves sending money from one person to
another, be it for buying stuff or sending it to someone in need. This type of transaction can be made by sending
money to someone’s number or to their bank account directly.

Applications of Mobile Commerce-

Mobile commerce has entered into all spheres of our daily lives like- finance, retail, telecommunication,
healthcare, information technology, sales and services. Need for M-commerce has increased multi-fold in recent
times because of the ease of functioning and accessibility they offer.
Some of the applications of mobile commerce are-
1. M-Commerce for finance
2. M-Commerce for Retail and After sale Services
3. M-commerce & Mobile ticketing
4. M-commerce & Mobile marketing
5. M-commerce for mobile entertainment
6. M-commerce for hotel reservations
7. M-commerce for Healthcare & Medicine
8. M-commerce for Information
9. M-commerce for Gaming
10. M-commerce for Intra-office communication

Advantages of M-Commerce are-

1. Increases the amount of customer retention by being easily accessible to them

2. Wider variety of commodities and services
3. More options for selecting the product
4. Convenient for the consumer to compare the pricing, product reviews, and making purchases without the
use of a computer.
5. Multiple options for payments like the credit card and debit card payments,
6. Better user experience

Disadvantages of M-Commerce
Disadvantages of M-Commerce are-

1. The technology required to set up M-commerce at the moment is very expensive. The initial cost to begin
a business is very high.
2. In developing countries, the network signal is not very good and the providers are not capable of
providing good speed. Due to this, it is not suitable for data transfer.
3. There is a risk of security- Although it is quite safe these days, there is always a chance of data leaking
and intrusions.
4. A poorly designed app can lead to lesser number of purchases because of customer dissatisfaction.
5. Mobile payment is still not available across many locations in the world.

Future scope of M-Commerce

M-Commerce is rapidly expanding in today’s time. Everyone is busy and they don’t have the time or energy to go
to the market and buy stuff for them. Instead, they prefer ordering from their home itself. The biggest trend for
M-Commerce is its market share/ growth. M-Commerce spending in 2018 was calculated at $501 Billion and it is
expected to grow more to $740 Billion by 2023.
Case Study On E-Commerce In Passenger Air Transport

e-Commerce in passenger air transport Chapter 5: Case study e-Commerce in passenger air transport Airline.
Booking Sys. Telephone. Travel Agent. Web. Chapter 5: Case study e-
Commerce in passenger air transport Presentation on theme: "Chapter 5: Case study e-
Commerce in passenger air transport"— Presentation transcript Study on airport | 5 Case study: Brazil 33 Table
5.1 Commercial Service airports with highest number of passengers in 2015 . This report includes
10 case studies on airport ownership and management and ground handling for the non-EU countries in scope
Essay about Ecommerce n passenger transport - 3534 Words case study: e-commerce in passenger transport.
Summary Passenger air transport was one of the early users of e-commerce, in this case electronic markets. E-
commerce at Yunnan Lucky Air | Passengers into Yunnan Province, 2007 Yet Lucky Air’s executives had to decide
what was right for their company, customers, and market. If they chose the wrong expansion strategy or missed
the mark with e-commerce, then the company’s luck might run out forever. Passenger Aviation in China.
Manual on the • the filing of tariffs for monitoring or approval; (Formats developed by ICAO which may be used
by national air transport authorities for the filing of airline passenger tariffs can be found in Appendix 2 of the
manual.) The market reserves of the passenger AIR General description of
the passenger AIR transport market in moldova. Over the last decade, air transport has become a more accessible
way to travel. Study | For Passengers For the passenger § Minimising transport cost § Travelling in ‘good’
conditions. EMTA – Study on e-ticketing in public transport. 4. 1. Authority’s decision: the authority decides, and
the operator has no formal role or only has the right to be consulted. Air Passenger Rights -
Documents Case Study e-Commerce in passenger air transport. Philippines Air Pass Car Annual 2010 Passenger.
Future outlook of passenger air transport in open 2. Valeo air conditioning cabin air filter for passenger cars
LCVs trucks & coaches 2014 catalogue 955658. Air Transportation Air transportation plays a signicant role in the
movement of passengers and cargo between countries, and this chapter 02163. Some of the air transportation
cases will be appropriate for your courses, and the students will enjoy them. Suggested Outlines for a One-
Semester Course.
Commercial Air Transport
Asia Pacific Commercial Air Transport: Current and Future Economic Benefits. PREPARED FOR. The
following case studies demonstrate some of these direct benefits for passengers in more detail. 7.1 Overall Asia
Pacific. ELECTRONIC | 1.1.3 E-commerce and Financial Performance The study analyzed the impact of e-
commerce using Return on assets and Net income as the dependant variables while the web passenger numbers
Interchange EFT-Electronic Funds Transfer FY-Financial year IATA-International Air Transport Association ICT-
Information Communication Air Service Liberalization In all cases studied, it was apparent that,
depending on the size and development of the economies, there was substantial incremental passenger traffic
and economic growth after air service 9 Atlanta Chamber of Commerce. 10 Annual Report, 2005
International Air Transport Association. INTERNATIONAL AIR PASSENGER Since 1976, these
regional air transport studies have covered both passenger and freight transport, with particular
emphasis on trends and developments during the most recent five-year period for which information is available.
Journal of Air Transport Management , 8, 19-28 | Total Passengers Journal of Air Transport Studies, volume 2,
Issue 2, 2011. Park, J.W. (2007), Passenger perceptions of service quality: Korean and Australian case studies,
Journal of Air Transport Management, 13, 238-242. Beyond | Illustrative case studies from Europe e-
commerce on shopping journeys. Table 3.3 Example summary table for case study candidates. The
International Air Transport Association (IATA, 2007) predicts a further 600 to 700 million new passengers in the
next five years. Air transport, passengers carried from The World Bank: Data Air transport, passengers carried.
International Civil Aviation Organization, Civil Aviation Statistics of the World and ICAO staff
estimates. Air transport, registered carrier departures worldwide. Air transport, freight (million ton-
km). AIR TRANSPORT Commercial AIR transport services. Services offered include heavy
commercial air transport MRO, and may include military aircraft. In 1995, the European Commission issued
a study on options for the funding of CRS booking and submitted to public debate. The Management
of Passenger Tariffs (2005/06) - Ethiopian scal year 1997 Table 4.6 The National Transport Master
Plan Study Passenger Vehicular Fleet Forecasts Table 4.7 Review Study: Passenger Vehicle Fleet Forecasts Table
4.8 Annual Growth of Road Transport Passenger Trafc & Pax-Kms (2005-2008) Airport | 4
More passenger choice Case studies are another source of information on passenger switching. Behrens C. and E.
Pels (2011), “Intermodal competi-tion in the London–Paris passenger market: High-Speed Rail
and air transport”, Journal of Urban Economics, Volume 71, Issue 3, pp. 278-288. Conditions
of passenger transport – Orangeways Conditions of passenger transport FOR ORANGEWAYS INTERNATIONAL
SERVICES. In such case, the passenger shall cater for continuing his/her journey – at his/her own expense –, and
is not entitled to a fare refund.

U .s. intercity passenger transportation policy

The Air Commerce Act placed responsibility in the Department of Commerce to foster air As if to bear out
Hosmer's analysis, a study in 1966 indicated that rail costs per passenger for a 45 percent Certainly, subsidy
to passenger transport would not be allowed to piggyback, so to speak, upon AIR Transport services in APEC:
impact of regulation on trade and The impact of liberalising air transport services in APEC. Case study:
International air cargo and passenger price fixing cartel. The New Zealand Commerce Commission, one of the
latest competition authorities to start prosecutions in the case, has since the end of 2008
initiated Passenger AIR transportation contract Passenger AIR transportation contract. International flight legs.
require them. b) "Air carrier” or “airline” means the airline that transports or promises
to transport the passenger and/or his/her baggage based on this contract or who carries out any other service
related Handbook of This investi-gation resulted in the passage of the Air Commerce Act, which became Cargo
operators have routes and schedules that are different from operators that focus on transporting passengers.
CVISN Safety Information Exchange for Commercial Vehicles in Connecticut: A Case Study. Study on Consumer
Protection Booz&Co Study on Consumer Protection against Prepared for European Commission DG We examine
the impact of strong competition and external factors on passenger air transport within the Being an island state,
its travellers are more dependent on air transport than is the case in most EU Advice for passengers
using air transport Case studies. Useful links. News and events. This page will help you understand that when
travelling by air: Which organisations are responsible for passenger health and. Where to get useful guidance and
advice on a range of other passenger related issues. Ground services for air freight: Opportunities in e-
commerce I will come to that subject later, because during the conference it became clear that air freight industry
is having an existential crisis that is affecting the e-commerce in more than one way. Cargo: The
hidden passenger. AIR OPS AIR Operations commercial AIR transport. (Aeroplanes and Helicopters). B13
Stowage of passenger baggage (cabin luggage) • Recognise proper storage (size, weight and number) •
Familiarise and recognise safety risks (case study). Planning The introduction of
commercial passenger air service in the late 1920s resulted in the need to develop certain
basic passenger processing policies.
 Unit III

What is e-Governance?

Electronic governance or e-governance is adopted by countries across the world. In a fast-growing and demanding
economy like India, e-governance has become essential. The rapid growth of digitalisation has led to many
governments across the globe to introduce and incorporate technology into governmental processes. Electronic
governance or e-governance can be defined as the usage of Information and Communication Technology (ICT) by the
government to provide and facilitate government services, exchange of information, communication transactions and
integration of various standalone systems and services.

In other words, it is the use of technology to perform government activities and achieve the objectives of
governance. Through e-governance, government services are made available to citizens and businesses in a
convenient, efficient and transparent manner. Examples of e-governance include Digital India initiative, National
Portal of India, Prime Minister of India portal, Aadhaar, filing and payment of taxes online, digital land management
systems, Common Entrance Test etc.
E-governance, expands to electronic governance, is the integration of Information and Communication Technology
(ICT) in all the processes, with the aim of enhancing government ability to address the needs of the general public.
The basic purpose of e-governance is to simplify processes for all, i.e. government, citizens, businesses, etc. at
National, State and local levels.

In short, it is the use of electronic means, to promote good governance. It connotes the implementation of
information technology in the government processes and functions so as to cause simple, moral, accountable and
transparent governance. It entails the access and delivery of government services, dissemination of information,
communication in a quick and efficient manner.

Benefits of E-governance

Reduced corruption

High transparency

Increased convenience

Growth in GDP

Direct participation of constituents

Reduction in overall cost.

Expanded reach of government

Through e-governance, the government plans to raise the coverage and quality of information and services
provided to the general public, by the use of ICT in an easy, economical and effective manner. The process is
 extremely complicated which requires, the proper arrangement of hardware, software, networking and indeed re-
engineering of all the processes to facilitate better delivery of services.

Types of Interactions in E-Governance

G2G (Government to Government): When the exchange of information and services is within the periphery of the
government, is termed as G2G interaction. This can be both horizontal, i.e. among various government entities and
vertical, i.e. between national, state and local government entities and within different levels of the entity.

G2C (Government to Citizen): The interaction amidst the government and general public is G2C interaction. Here an
interface is set up between government and citizens, which enables citizens to get access to wide variety of public
services. The citizens has the freedom to share their views and grievances on government policies anytime,
anywhere.

G2B (Government to Business): In this case, the e-governance helps the business class to interact with the
government seamlessly. It aims at eliminating red-tapism, saving time, cost and establish transparency in the
business environment, while interacting with government.

G2E (Government to Employees): The government of any country is the biggest employer and so it also deals with
employees on a regular basis, as other employers do. ICT helps in making the interaction between government and
employees fast and efficient, along with raising their level of satisfaction by providing perquisites and add-on
benefits.

E-governance can only be possible if the government is ready for it. It is not a one day task, and so the government
has to make plans and implement them before switching to it. Some of the measures include Investment in
telecommunication infrastructure, budget resources, ensure security, monitor assessment, internet connectivity
speed, promote awareness among public regarding the importance, support from all government departments and
so forth

E-governance has a great role to play, that improves and supports all tasks performed by the government
department and agencies, because it simplifies the task on the one hand and increases the quality of work on the
other.

Objectives of e-Governance

The objectives of e-governance can be listed down as given below:

• To support and simplify governance for government, citizens, and businesses.

• To make government administration more transparent and accountable while addressing the society’s
needs and expectations through efficient public services and effective interaction between the people,
businesses, and government.

• To reduce corruption in the government.

• To ensure speedy administration of services and information.

• To reduce difficulties for business, provide immediate information and enable digital communication by e-
business.

While e-governance provides the advantages of convenience, efficiency and transparency, it also has problems
associated with it. They are as follows:

• Lack of computer literacy: India is still a developing country and a vast majority of the citizens lack
computer literacy which hinders the effectiveness of e-governance.

• Lack of accessibility to the internet or even computers in some parts of the country is a disadvantage to e-
governance.

• e-Governance results in a loss of human interaction. As the system becomes more mechanised, lesser
interaction takes place among people.

• It gives rise to the risk of personal data theft and leakage.

• e-Governance leads to a lax administration. The service provider can easily provide excuses for not
providing the service on technical grounds such as “server is down” or “internet is not working”, etc.

e-Governance in the Indian context

e-Governance in India is a recently developed concept. The launch of National Satellite-Based Computer
Network (NICENET) in 1987 and subsequent launch of the District Information System of the National
Informatics Centre (DISNIC) programme to computerise all district offices in the country for which free
hardware and software was offered to the State Governments provided the requisite impetus for e-governance.

e-Governance thereafter developed with the growth of technology. Today, there are a large number of e-
Governance initiatives, both at the Union and State levels. In 2006, the National e-Governance Plan (NeGP)
was formulated by the Department of Electronics and Information Technology and Department of
Administrative Reforms and Public Grievances that aims at making all government services accessible to the
common man, ensure efficiency, transparency and reliability of such services at affordable costs to realise the
basic needs of the common man.

The NeGP has enabled many e-governance initiatives like:

• Digital India was launched in 2015 to empower the country digitally. Its main components are:

• Developing a secure and stable digital infrastructure

• Delivering government services digitally

 • Achieving universal digital literacy

Aadhaar is a unique identification number issued by UIDAI that serves as proof of identity and address on
the basis of biometric data. It is being used to provide many benefits to the members of the society. One
can e-sign documents using Aadhar.

myGov.in is a national citizen engagement platform where people can share ideas and be involved with
matters of policy and governance.

UMANG is a Unified Mobile Application which provides access to central and state government services
including Aadhar, Digital Locker, PAN, Employee Provident Fund services, etc.

Digital Locker helps citizens digitally store important documents like mark sheets, PAN, Aadhar, and
degree certificates. This reduces the need for physical documents and facilitates easy sharing of
documents.

PayGov facilitates online payments to all public and private banks.

Mobile Seva aims at providing government services through mobile phones and tablets. The m-App store
has over 200 live applications which can be used to access various government services.

Computerisation of Land Records ensures that landowners get digital and updated copies of documents
relating to their property.

In addition to the above, State level e-governance initiatives include:

• E-Seva (Andhra Pradesh) facilitates payment of utility bills, issuance of certificates, licenses and permits.

• Khajane Project (Karnataka) digitalized the treasury system of the state.

• FRIENDS (Kerala) is a single-window facility to pay taxes and other financial dues to the State
government.

• Lokvani Project (Uttar Pradesh) is a single-window solution relating to the handling of grievances, land
record maintenance and providing a mixture of essential services.

e-Governance Portal of India

The Indian e-governance portal is https://nceg.gov.in. On this portal, one can get comprehensive information
regarding the National Conference on e-Governance and reports on earlier conferences.

Additionally, the portal provides links to the following important pages:

• Digital India

• National Portal of India: It is developed to provide access to information and services being provided by
the government

• PM India Website: provides information relating to the Prime Minister’s Office.

• United Nations e-governance website

Issue in e-governance

• There are large numbers of potential barriers in the implementation of e-Governance. Some hindrance
in the path of implementation, like security, unequal access to the computer technology by the citizen,
high initial cost for setting up the e government solutions and resistance to change. Challenges identified
as trust, resistance to change, digital divide, cost and privacy and security concerns.

• Trust
Trust can be defined along two dimensions: as an assessment of a current situation, or as an innate
personality traitor predisposition. The implementation of public administration functions via e-
government requires the presence of two levels of trust. The first is that the user must be confident,
comfortable and trusting of the tool or technology with which they will interact. The second dimension
of trust pertains to trust of the government.

There has to be a balance between ensuring that a system prevents fraudulent transactions and the
burden that extensive checks can take place on people who are honest.

Recently, confidential information on military veterans was compromised when a computer containing
their personal information was lost. This type of incident can erode trust and user confidence in
government systems. Trust, along with financial security, are two critical factors limiting the adoption of
e-government services.

• Resistance to change

The innovation diffusion theory states that over time an innovation will diffuse through a population,
and the rate of adoption will vary between those who adopt early, referred to as early adopters and to
those who adopt the innovation much later, referred to as ―laggards.

The resistant to change phenomenon can explain much of the hesitation that occurs on the part of
constituents in moving from a paper based to a Web-based system for interacting with government.

Citizens, employees and businesses can all have their biases with respect to how transactions should be
processed. However, government entities and public policy administrators cannot ignore the changes
that occur as a result of the implementation of information and communication technology (ICT
Education about the value of the new systems is one step toward reducing some of the existing
resistance. It can also be particularly useful for a leader or manager, to buy into the new system at an
early stage in the adoption process

• Digital Divide

The digital divide refers to the separation that exists between individuals, communities, and businesses
that have access to information technology and those that do not have such access.
Social, economic, infrastructural and ethno-linguistic indicators provide explanations for the presence
of the digital divide.
 Economic poverty is closely related to limited information technology resources

An individual living below poverty line does not afford a computer for himself to harness the benefits of
e-government and other online services. As the digital divide narrows, broader adoption of e-
government in the public domain becomes possible. Economic poverty is not the only cause of digital
divide. It can also be caused by the lack of awareness among the people. Even some of the economic
stable people don’t know about the scope of e -governance.

Awareness can only help to bring users to that service delivery channel once. It cannot guarantee
sustained use of the system unless the system is also designed in such a way as to deliver satisfactory
outcome. Procedures need to be simplified to deliver concrete benefits and clear guidelines provided to
encourage their use by the actual end users and reduce user’s dependence
on middlemen/intermediaries

• Cost

Cost is one of the most important prohibiting factor that comes in the path of e-governance
implementation particularly in the developing countries like India where most of the people living
below the poverty line. Elected officers and politician don’t seem to be interested in implementing e-
governance

• Privacy and Security

There will be three basic levels of access exists for e-government stakeholders: no access to a Web
service; limited access to a Web-service or full-access to a Web service, however when personal
sensitive data exists the formation of the security access policy is a much more complex process with
legal consideration. With the implementation of e-government projects, effective measures must
be taken to protect sensitive personal information. A lack of clear security standards and protocols can
limit the development of projects that contain sensitive information such as income, medical history.

e-Governance
▪ e-Governance can be defined as the application of information and communication technology (ICT) for
providing government services, exchange of information, transactions, integration of previously existing
services and information portals.
▪ The “e” in e-Governance stands for ‘electronic’
Origin
▪ e-Governance originated in India during the 1970s with a focus on in-house government applications in the
areas of defence, economic monitoring, planning and deployment of ICT to manage data intensive functions
related to elections, census, tax administration etc.
Initial Steps Taken
▪ The establishment of the Department of Electronics in 1970 was the first major step towards e-
governance in India as it brought ‘information’ and its communication to focus.
▪ National Informatics Centre (NIC) established in 1977, launched the District Information
System program to computerize all district offices in the country
▪ The main thrust for e-governance was provided by the launching of NICNET in 1987 – the national
satellite-based computer network.
Objectives
▪ Better service delivery to citizens.
▪ Ushering in transparency and accountability.
▪ Empowering people through information.
▪ Improve efficiency within Government i.e between centre-state or inter-states.
▪ Improve interface with business and industry.
Pillars of e-Governance
▪ People
▪ Process
▪ Technology
▪ Resources
Types of Interaction in e-Governance
▪ G2G i.e. Government to Government
▪ G2C i.e. Government to Citizen
▪ G2B i.e. Government to Business
▪ G2E i.e. Government to Employees

Initiatives Taken for e-Governance in India

S.No. Program Details

1. Bhoomi Project Bhoomi is a self-sustainable e-Governance project for the

(Karnataka): Online computerized delivery of 20 million rural land records to 6.7
Delivery of Land Records million farmers of Karnataka.

2. KHAJANE (Karnataka): ▪ ‘Government-to-Government (G2G) e-Governance initiative

End-to-end automation of of the Karnataka State Government.
Government Treasury ▪ It has been implemented mainly to eliminate systemic
deficiencies in the manual treasury system and for the
System
efficient management of state finances.

3. e-Seva (Andhra Pradesh) ▪ Designed to provide ‘Government to Citizen’ and ‘e-Business

to Citizen’ services.
▪ All the services are delivered online to consumers /citizens
by connecting them to the respective government
departments and providing online information at the point
of service delivery.
o The project has become very popular among the
citizens especially for the payment of utility bills.

4. e-Courts ▪ Launched by the Department of Justice, Ministry of Law and

Justice.
▪ The Mission Mode Project (MMP) aims at utilizing
technology for improved provisioning of judicial services to
citizens.

5. e-District ▪ Launched by the Department of Information Technology.

▪ The MMP aims at delivery of high volume, citizen-centric
services at the District level such as the issue of birth/death
certificate, income and caste certificates, old age and widow
pension, etc.
 6. MCA21 ▪ Launched by the Ministry of Corporate Affairs.
▪ The project aims to provide electronic services to the
Companies registered under the Companies Act.
o Various online facilities offered includes allocation and
change of name, incorporation, online payment of
registration charges, change in address of registered
office, viewing of public records and other related
services.

7. e-Office ▪ Launched by the Department of Administrative Reforms &

Public Grievances.
▪ The MMP aims at significantly improving the operational
efficiency of the Government by transitioning to a "Less
Paper Office".

Advantages of e-Governance

• Improves delivery and efficiency of government services

• Improved government interactions with business and industry
• Citizen empowerment through access to information
• More efficient government management
• Less corruption in the administration
• Increased transparency in administration
• Greater convenience to citizens and businesses
• Cost reductions and revenue growth
• Increased legitimacy of government
• Flattens organisational structure (less hierarchic)
• Reduces paperwork and red-tapism in the administrative process which results in better planning and
coordination between different levels of government
• Improved relations between the public authorities and civil society
• Re-structuring of administrative processes

Critical - Flow Model

Underlying Principle

The model is based on disseminating/ channeling information of critical value (which by its very nature would
not be disclosed by those involved in bad governance) to the targeted audience (such as the media, opposition
parties) or into the wider public domain through the use of ICT and convergent media.

This model requires a foresight to:

• understand the "use value" of a particular information set,

• how to obtain such information,
• how it could be used strategically, and finally
• targeting it to users to whom the availability of such information would make a difference.

The strength of this model is that ICT makes the concept of 'distance' and 'time' redundant when information is
hosted on a a digital network, and this could be used advantageously-- by instantly transferring the critical
information to its strategic user group located anywhere or by making it freely available in the wider public
domain.
E-Governance Models- Broadcasting

• Broadcasting model is based on mass dissemination of governance-related information which is already

available in the public domain into the wider public domain using ICTs.

• This raises awareness among the citizens about ongoing governance processes and government services that
are available to them and how they can benefit from them

• The application of this model using appropriate technologies, could reduce the "information failure situations"
where citizens are unaware of new and existing services being provided by the government.

Applications:
• Putting governmental laws and legislations online
• Making available the names, contact addresses, emails, mobile numbers of local/ regional/ national
government officials online.
• Make available information such as governmental plans, budgets, expenditures, and performance reports
online.

• Putting key judicial decisions of value to general citizens and creating precedence for future actions online. viz.
key environmental decisions, state vs. citizen decisions, etc.
Comparative Analysis Model

Underlying Principle

Comparative Knowledge Model is one of the least-used but a highly significant model for developing country
which is now gradually gaining acceptance. The model can be used for empowering people by matching cases of
bad governance with those of good governance, and then analyzing the different aspects of bad governance and
its impact on the people.

The model is based on using ICT to explore information available in the public or private domain and comparing
it with the known information sets. The outcome is strategic learnings and arguments, for instance, if a given
amount of money can build '5' schools in village 'A' then why does the same amount of money build only '2'
schools in village 'B'?

Essentially, the model continuously assimilates Best Practices in the areas of governance and then uses them as
benchmark to evaluate other governance practices. It then uses the result to advocate positive changes or to
influence 'public' opinion on these governance practices. The comparison could be made over a time scale to get
a snapshot of the past and present situation or could be used to compare the effectiveness of an intervention by
comparing two similar situations.

The strength of this model lies in the infinite capacity of digital networks to store varied information and
retrieve and transmit it instantly across all geographical and hierarchal barriers.

Applications/ Possible Projects

This model could be applied in the following possible ways:

• To learn from past policies and actions and derive learning lessons for future policy-making.
• To evaluate the effectiveness of the current policies and identify key learnings in terms of strengths and
flaws in the policies.
 • To effectively establish conditions of Precedence, especially in the case of Judicial or legal decision-
making (example for resolving patent-related disputes, public goods ownership rights), and use it to
influence/ advocate future decision-making.
• To enable informed decision-making at all levels by enhancing the background knowledge and also
providing a rationale for action.
• To evaluate the performance and track-record of a particular decision-maker/ decision-making body.

Broadcasting / Wider-Dissemination Model

Underlying Principle

The model is based on dissemination / broadcasting of useful governance information which is in the public
domain into the wider public domain through the use of ICT and convergent media.

The strength of the model rests upon the fact that a more informed citizenry is better able to judge the
functioning of existing governance mechanisms and make an informed opinion about them. As a consequence,
they become more empowered to exercise their Rights and Responsibilities. (see the background discussions on
Information and Governance in the Concept page)

The widespread application of this model corrects "information failure situations" by providing people with the
relevant information relating to the governance sphere to make an informed opinion and impact governance
processes.

Further, the use of ICT opens up an alternative channel for people to access information as well as validate
existing information from different sources.

Applications

This model could be applied in the following possible ways:

• Putting Governmental Laws and Legislations online.
• Making available the names, contact addresses, emails, fax numbers of local/ regional/ national
government officials online.
• Make available information pertaining to Governmental Plans, Budgets, Expenditures, and Performances
online.
• Putting key Judicial decisions which are of value to general citizens and create a precedence for future
actions online. viz. key Environmental Decisions, State vs. Citizen decisions etc.
Interactive-Service Model (G2C2G)

Underlying Principle

Interactive-Service model is a consolidation of the earlier presented digital governance models and opens up
avenues for direct participation of individuals in the governance processes. Fundamentally, ICT have the
potential to bring in every individual in a digital network and enable interactive (two-way) flow of information
amongt them. The potential of ICT for the governance is fully leveraged in this model and leads and can bring
lead to greater objectivity and transparency in decision-making processes.

Under this model, the various services offered by the Government become directly available to its citizens in an
interactive manner. It does so by opening up an interactive Government to Consumer to Government
(G2C2G) channel in various aspects of governance, such as election of government officials (e-ballots); online
grievance-redressal; sharing of concerns and providing expertise; opinion polls on public issues etc.

Applications
This model could be applied in the following possible ways:

• To establish an interactive communication channels with key policy-makers and members of Planning
Commissions.
• To conduct electronic ballots for the election of government officials and other office bearers.
• To conduct public debates / opinion polls on issues of wider concern before formulation of policies and
legislative frameworks.
• Filing of grievances, feedback and reports by citizens with the concerned governmental body.
• Establishing decentralised forms of governance.
• Performing governance functions online such as revenue collection, filing of taxes, governmental
procurement, payment transfer etc.
 Unit IV
E-readiness

The e-readiness of a country refers to the ability of a state to utilize information and communication technology
(ICT) for sustainable welfare and development. It is measured by the extent and quality of ICT infrastructure, e-
skills, and relevant regulations. E-readiness has become an essential tool for countries, governments, citizens, and
organizations as the world turns into an open global market. It also supports international socio-economic
development by transforming the traditional methods of relaying information into more efficient contemporary
methods. The economic structure of the modern world is dependent on the technological aspect of the country
and, therefore, governments and institutions continuously invest in innovative ways to alter or maintain the
swiftness with even better technologies.

E-Readiness Ranking

European countries lead the world in e-government rankings while Asia and the Americas share the middle
spot. African countries continue to struggle with Sub-Saharan Africa performing poorly. According to a report
by the International Telecommunication Union, South Korea, Denmark, and Iceland take the top three spots on
the ICT Development Index Ranking. Asian countries such as Hong Kong, Singapore, Malaysia, and the
Philippines import and export the most ICT goods. In regards to the ICT service export sector, Ghana holds the
largest share at 78%.

E-Readiness Assessments Tools

E-readiness assessments vary in their goals and strategies. They are designed to evaluate individual and
organizational capabilities to access opportunities offered by the electronic world. E-readiness is classified
according to social and economic perspective and measured by e-society assessment tools and e-economy
assessment tools respectively. However, the two categories are not mutually exclusive and depend on each other
for effective collection of data. The models employ different assessment methodologies such as statistical
methods, questionnaires, and historical analysis. Some of the organizations that conduct the e-readiness
assessments include the Economist Intelligence Unit, Centre for International Development Harvard University,
USAID, the World Bank, and the United Nations.

E-Government Readiness
E-Government has received significant attention as digital technologies transcend private businesses and serve as
a basic source of transformation in government functions. One most notable project is the United Nations Public
Administration Network (UNPAN) that assesses the e-Government readiness of the 192 member nations
according to a quantitative composite index involving website assessment, telecommunication infrastructure, and
human resource endowment.
 Organizational readiness assessment: Organizations, particularly Government organizations,
are typically structured in a top down bureaucratic style, forcing customers to develop knowledge of the structure
to be able to seek services . The bureaucracy nature of governments , long process delay, complex procedures,
duplicate of work and efforts, duplicate of documents and data and process redundancy are also holds. In addition
to that, inherited hate of dealing with governments creates barriers between constituents and governments. It is
not enough to automate government business processes but also it is important to create a revolutionary business
environment (i.e. a comprehensive Business Process Re-Engineering.

Competency readiness: Competency readiness means the existence of qualified personnel in the public sector,
those valuable resources could be permanent public servant, outsourced resources, contract negotiation skills,
change management, relationship management, contract administration skills and project management. For the
long run, the government has to think about preserving all kinds of required skills as a public servant, or as
external entities from the private sector. Technology readiness: Technology readiness involves all necessary
technologies to enable the e-initiative that includes hardware, software, communication and networks
infrastructure, Internet penetration, software application, legacy systems and the current organization’s
technology and electronic systems.

Legal readiness: E-government readiness goes beyond Organizational, Governance and leadership, Customer,
Competency and Technology issues. It involves the canonical form of the government performance. The legal part
of e-government is very important, where the new procedures and other government activities have to be
formally regulated. The implementation of BPR, organizational change, leadership and governance reform and the
new channels of services, has to be legally issued. This includes laws, bylaws, directives and all other regularity
issues that concern government service delivery. The legal umbrella is the safety valve for all government
activities. Each organization that wishes to implement e-initiative has to do a separate legal assessment for its
case. . The legal issues include many parts; the most important parts among these are:

* Legality of conducting business electronic transactions.

* Legality of electronic documents exchanging.

* Legality of sharing of application data across organizational boundaries.

* Liability assignment for Internet transactions.

* Legality of electronic payments.

* Legality of notifications, management, physical services delivery and contracts.

E-Commerce Framework
The term e-commerce framework is related to software frameworks for e-commerce applications. They offer an
environment for building e-commerce applications quickly.
E-Commerce frameworks are flexible enough to adapt them to your specific requirements. As result, they are
suitable for building virtually all kinds of online shops and e-commerce related (web) applications like the Aimeos
e-commerce framework does.
An e-commerce framework must
 • allow replacing all parts of the framework code
• forbid changes in the framework code itself
• contain bootstrap code to start the application
• be extensible by user-written code
E-Commerce frameworks should

• define the general program flow

• consist of reusable components
• be organized in functional domains
Examples of e-commerce frameworks are

• Aimeos (Laravel, Symfony, TYPO3, SlimPHP, Flow)

• Spryker (Symfony only)
• Sylius (Symfony only)
They provide an overall structure for e-commerce related applications. Furthermore, they implement the general
program flow e.g. how the checkout process works. Contrary to monolithic shop systems, existing program flow
can not only be extended but completely changed according to your needs.

Evolution of e-commerce systems

Since the beginning of (internet) e-commerce around 1995, a lot has changed on the technology side. The first
generation of e-commerce systems evolved from existing ERP and related systems. This was followed by the 2.
generation of standalone shop systems between 2004 and 2008. E-commerce frameworks are the latest
generation of e-commerce systems and started around 2012.
Hybris, the shop system owned by SAP is one of the representatives of the 1. generation. It’s strongly connected to
the SAP ERP system and Hybris is mainly a shop front-end for SAP. Customer relationship (CRM) and content
management (CMS) tools are available in the ERP system but very limited.
The Magento shop system represents the 2. generation of standalone e-commerce systems. They usually contain
CRM and CMS and some other functionality but also only at a very basic level. They might be enough for the
smallest shops but are unusable for shop owners who run for real profits.
Aimeos is one of the few real e-commerce frameworks that are currently available. These 3rd generation systems
excel in their own domain: Present and sell products. For all other e-commerce related tasks, they connect to
specialized systems and exchange data in both ways. Thus, shop owners can choose the best systems for their
needs.

E-Commerce framework architecture

E-commerce frameworks must be based on a strong architectural model. Usually, they make heavy use of
interfaces and design patterns like

• Dependency Injection (make components independent of used object implementation)

• Factories (create objects at a central place that instantiates the actual implementation)
• Decorators (dynamically add functionality to existing objects)
• Publish/Subscribe model (notify listening objects about changes instead of polling for updates)
A “design pattern” is re-usable solution that solves similar software design problems in an elegant way. They
require programming language templates which enforce public class methods and their signatures called
“interfaces”.
The basic requirement are independent, side-effect free components that form the building blocks. One or more
components care about the functionality of a business “domain”. Such a domain can be the HTML front-end, a
JSON REST API and the administration interface.
 Issues TO E-COMMERCE:

There are five biggest barriers to e-commerce-

 Search Engine Rankings

The difficult to rank high in search engines is the leading barriers facing the majority
of e-commerce websites, especially newer ones.

Using descriptive and relevant page titles, descriptions and URLs are some of the
easiest things you can do to influence your rankings, according to goggle

 Web Design

In an e-commerce study conducted by Peer1, more than three-fourth said that website
design impacts customers brand perception leading to higher conversation rates.

High performance e-commerce websites have a clean and uncluttered appearance, are
fast, provide great content and make it easy for visitors to shop.

 Mobile browser Compatibility

Whilst sales of desktop PCs are dropping, those of smart phones and tablets are
increasing.

More consumers are using mobile devices as their preferred web browser.

Since more visitors will be shopping online from mobile devices, e- commerce
websites need to ensure cross-platform compatibility across all web browsers.

 Slower website performance

A website that takes a long time to load its pages can lead to a high bounce rate and
lead to lower search engine ranking.

There are a variety of factors that can impede website performance including hosting
service, database response, coding, images and video, to name a few.

 Shopping Cart/Purchasing

How easy or difficult it is for someone to make a purchase and checkout online can
affect conversation and shopping cart abandonment rates.
 DATA WAREHOUSING AND DATA MINING
"A data warehouse is a subject-oriented, integrated, time-variant and non-volatile collection of data in
support of management's decision making process" . Data from large number of homogeneous and/or
heterogeneous sources are being accumulated to form data warehouse. It provides convenient and effective
platform with help of online analytical processing (OLAP) to run queries over consolidated data which is
extracted from multiples data sources. A centralized repository is maintained to improve user access where
large amount of data is archived for analysis purpose.

Data Mining is analysis tool used to extract knowledge from vast amount of data for effective decision
making. Mathematical and statistical concepts are used to uncover patterns, trends and relationships
among the huge repository of data stored in a data warehouse .

NEED OF DATA WAREHOUSING AND MINING IN E-GOVERNANCE

There are some technical issues in the implementation of e-Governance which need to be taken into
consideration. Some technical issues are :

• Technical infrastructure for e-governance

• Collection, handling and managing huge volume of data

• Analysis of the data for effective and correct decision making

• Online support to all departments of Government organizations

• Extraction of unknown relevant and interesting patterns (i.e. knowledge) from the huge volume of data
collected

• Presentation of meaningful patterns for timely decision making process

Large amount of data is being accumulated by the governments over the years. To use such data for
effective decision-making, a data warehouse need to be constructed over this enormous historical data.
Number of queries that require complex analysis of data can be effectively handled by decision-makers. It
also helps government in making decisions that have huge impact on citizens. The decision makers are also
provided with strategic intelligence to have

better view of overall situation. This significantly assists the government in taking accurate decisions within
minimum time frame without depending on their IT staff.

Data mining approach extracts new and hidden interesting patterns (i.e. knowledge) from this large volume
of data sets. The e-governance administrators can use this discovered knowledge to improve the quality of
service. The decision involving activity in e-governance is mainly focused on the available funds,
experiences from past and ground report.

The government institutions are now analyzing large amount of current and historical data to identify new
and useful patterns from the large dataset. The area of focus includes:
 1) Data warehousing,

2) On-line Analytical Processing (OLAP), and

3) Data Mining

E-GOVERNANCE USING DATA WAREHOUSING AND DATA MINING

Data Mining is the tool to discover previously unknown useful patterns from large heterogeneous
databases. As historical data need to be accumulated from distinct sources to have better analysis and with
prices of storage devices becoming drastically cheaper, the concept of data warehousing came into
existence. If there is no centralized repository of accurate data, application of data mining tools is almost
impossible .

There is wide disparity in allocation of resources in various government departments. The resources may
be allocated additionally in one department while there may be acute shortage in other department. The
reason behind this is non- availability of any facility to transfer information from one department to other.
It is also possible that if various government departments are computerized, the information available in
one department might not be beneficial to other departments as it may be possible that the information
available is in dissimilar formats in heterogeneous database systems on diverse platforms. There are two
approaches in designing Data Warehouse – Top down and bottom up approach. Information that starts
from top is divided to generate information for lower levels (Top down approach), while information that
begins from grass root level combined to generate information for higher levels (Bottom up approach). This
technique provides an ideal domain of ‘e-Governance’ framework using Data Warehouse and Data Mining
applications [3][25].

Mining E-Governance Data Warehouse

Data warehouse is used for collecting, storing and analyzing the data to assist the decision making process.
Data mining can be applied to any kind of information repository like data warehouses, different types of
database systems, World Wide Web, flat files etc. [16][17].

Therefore, data warehousing and data mining are best suited for number of applications based on e-
Governance in G2B (Government to Business), G2C (Government to Citizen) and G2G (Government to
Government) environment. In order to have effective implementation there should be solid Data
Warehouse on data collected from heterogeneous reliable sources [5][7][15]. The subcategories of e-
government are described in Table 1.

The various steps involved for implementing e-governance includes :

Parties of Dominant Characteristics Definition Example

communication
Government-to- Communication, E-administration Establishing and using
Government (G2G) coordination, standardization a common data
of warehouse
information and services
Government-to- Communication, transparency, E-government Government
Citizen (G2C) accountability, effectiveness, organization Web Sites,
efficiency, standardization of e-mail communication
information and services, between citizens and
productivity government
 officials

Government-to- Communication, collaboration, E-government, E- Posting government

Business (G2B) commerce Commerce, E- bids on the Web,
collaboration e-procurement,
e-partnerships
Government-to- Civil Communication, E-governance Electronic
Society Organization coordination, transparency, communication and
(G2SC) accountability coordination
efforts after a disaster
Citizen-to- Citizen Communication, coordination, E-governance Electronic discussion
(C2C) transparency, accountability, groups on civic issues
grassroots
organization

a) Phase I: The e-governance is made available online i.e providing relevant information to the people (G2C
& G2B). Earlier government websites were quite similar to brochure or leaflet but there is paradigm shifts
as more and more information is made available on web. The major advantage is that government
information is publicly accessible; processes are described and become more transparent, which improves
democracy and service.

b) Phase II: It involves the communication between policy makers and the public (G2C & G2B). Public can
get their queries solved via e-mail, use search engines, and download forms and documents. The
applications can be processed online at very fast rate. Internally LANs, intranets and e-mail are used to
communicate and exchange data by various government departments (G2G).

c) Phase III: The complexity of transactions increases in third phase. Complete transactions can be
performed at the leisure of house. Extending/renewal of licenses, application for visa and passports filing
property tax, filing income tax, and online voting are common examples. This phase handles complex
queries by use of security and personalization issues. E.g. digital signatures will be mandatory to have legal
transfer of services. The government has also made e-procurement compulsory for all procurements above
Rs 5,000/-.

d) Phase IV: The major goal is to provide single counter by integrating all information systems. The
employees in various government departments have to work in the coordinated manner to have cost
savings, efficiency and most importantly highest customer satisfaction.

Need for Data Warehousing and Data Mining (DWDM) in e-Governance

The use of DWDM technologies will assist decision makers to reach important conclusion that can play
important role in any ‘e-Governance’ initiative [1][9][16]. The need of DWDM in e-governance includes:

• Provision of integrated data from diverse platforms for better implementation of strategies at state or
national level.

• To minimize piracy of data as storage requirement is reduced.

• To increase operational effectiveness as various employees work in coordinated manner.

• To increase transparency at highest level as relevant information will be available on web.

• To have better understanding of requirements of citizens.

• To have faster access of data for effective decision making.

Integration of Data Warehousing and Data Mining with e-Governance

The advantages of integrating DWDM with ‘e-Governance’ are:

• There is no requirement to deal with heterogeneous databases.

• Officers will be able to derive the output at multiple levels of granularity.

• There is no requirement to use complex tools to derive information from vast amount of data.

• In depth analysis of data is possible to have solution to complex queries.

• There is mass reduction of dependence on IT staff.

• Strong tool towards corruption free India.

 Unit V:
E-Government systems security
Security of What?
Security of What? This is a major question when we talk about E- governance security. Security is all about
protecting the Infor- mation and Communication Technology (ICT) assets of an organi-zation.

Fig.1- Security Layers

The ICT assets themselves can be of a wide variety including the following:
Data, Information, Knowledge Resources, Programs, Hard- ware, Networks
Above we mention some ICT assets which are very important for security perspective of E-governance. This is a
very important re- sponsibility of E-governance administrators to protect these assets. Security against What?
There are various threats to security of our ICT system, and we can’t define or declare them exactly, it may
come from various sources and in various forms. So it is very necessary for e- governance administrator to
identify these threats. In this section we firstly give some sources of threats and then some types of threats
which affect to E-governance.
Sources of Threat
The sources of threat can be internal or it can be external to the government body. There are various internal
sources of threat like- the employees who work on the E-governance project, customers of the E-governance
projects they may attempt to access the data- bases for their personal financial profit. When we talk about
exter- nal sources it may be Professional hackers, Criminal organizations, various Intelligence agencies or
Investigation agencies.
Types of Threat
Threats may include unauthorized access, modification, and de- struction of data. The threats may be of
different types varying from time to time because technology changes frequently. The attacks on security of e-
governance system can be in different forms in- cluding- Defacing of web sites, Hacking, Cracking, Damage to
criti- cal database and applications, Network security check list, DSA, Viruses and Malwares etc. the damage of
ICT assets need not always be a result of such malicious attacks as mentioned previ- ously. It may be some kind
of natural or environmental disasters etc.
Security Management
The above facts lead us to conclusion that the security of the e- governance system has to be managed
systematically in three levels, this model is explained with the help of this figure

Fig.2- E-governance Security Environment

 Security at User Level
Security at user level is a very important issue. We can classify user level security management in three
Parts

Identity Management
The main purpose of this is to create unique digital identity or cre- dential to all legal users by providing a
unique user name and password, to create and manage ICT systems which ensure that the digital identities
are secure.
Access Management System
In this level the unique credentials which are provided to the user at identity level are matched to identify the
user, that he/she is actual- ly the authentic person.
Interaction Management System
Interaction management is a most comprehensive and complex phase. It includes assurance of the Integrity,
Confidentiality and Non-repudiation principles of a comprehensive security.
In user level, we can use various tools such as digital identity to- ken, public key infrastructure (PKI), digital
signature, asymmetric key cryptography etc. to provide or enhance the security at the user level.
Security at Transport Level
In this level we consider about e-governance security in two as- pects which are security within LAN and
WAN, and the second one is Security over the Internet. This security level is classified
into two systems, i.e. Secure Communication System and Crypto- graphic System.

Fig.4- Security at Transport level

The data and information reaches through user to ICT assets or vice-versa, and when the data is in between
these two i.e. in trans- missision medium which can be either LAN, WAN, or any wireless or any other medium
whatever, then we need a higher security. For this e-governance administrator use various tools or techniques
like creating a Virtual Private Network (VPN), installing Firewalls, using higher and complex Encryption or
decryption techniques etc.
Security at ICT Assets level
ICT assets are the most precious for any organization or institution, so to secure this level we have two broad
categories of security treatment i.e. Physical security and Electronic security.

Fig.5-

Physical Security
 Fig.3-Security at user level

It is used to protect the data against physical damages or losses like- natural disasters etc. to protect data in
this security level we take some steps such as- security level of data centers are highly secured by using
biometric-controlled system, in data centers pro- vision of dust-proof environment, fire protection
systems, security alarms, CCTV monitoring of data center etc. automated backup system. By using some
basic instructions we easily secure the data physically.
Electronic Security
to give the protection against digital threats we want to use elec- tronic security. We have various electronic
security tools, and we can manage them in two categories

Fig.6- Categories of Electronic Security

Anti-virus System
When we discuss about digital threats the first thing in our mind is virus, which affects our ICT assets in
various ways such as- slowing down of the system, occupy disk space, corrupt our valuable data or storage
medium etc. it is also known as malware, worms and Trojan horses. there are “over 1,122,311 known viruses
active in the world as of 2008[2]”.
Firewalls
“A system designed to prevent unauthorized access to or from a private network[3]”. A firewall is a security
device that can be hard- ware or software that is mainly use for to separate a secure area from a less secure
area and to control communications between the two. We have several firewall techniques such as Packet
filter, Application gateway, Circuit-level gateway, Proxy server. There are many different brands of software
firewalls, some of them are- ZoneAlarm, BlackICE and Kerio etc.

Fig.7- Firewall in an Enterprise

Security Standards-
The standard for information security was set by the BS 7799, be- ing its popularity it was adopted by ISO as
ISO 17799 and its se- quel BS 7799-2 that prescribes the specification for Information Security Management.
“The ISO 27001 standard was published in October 2005, essentially replacing the old BS 7799-2 standard. It is
the specification for an Information Security Management Sys- tem [4]”. “ISO 17799 defines 127 security
controls structured under 10 major headings to enable the information security manager to identify the
particular safeguards that are appropriate to there spe- cific area of responsibility [5]”.
 Fig.8-Major Security Areas

Security Architecture
The security architecture of E-governance is a high level document that set the security goals of e-governance
project and describe the procedure that need to be followed by all the e-governance hierar- chy such as users,
businesses, operators etc. Appropriate legal framework is absolutely essential for the systematic and
sustained growth of e-governance.

Fig.9- E-governance Security Architecture

Security Concern In E-Commerce

1. Financial frauds
Ever since the first online businesses entered the world of the internet, financial fraudsters have been giving
businesses a headache. There are various kinds of financial frauds prevalent in the e-commerce industry, but we
are going to discuss the two most common of them.

a. Credit Card Fraud

It happens when a cybercriminal uses stolen credit card data to buy products on your e-commerce store. Usually,
in such cases, the shipping and billing addresses vary. You can detect and curb such activities on your store by
installing an AVS – Address Verification System.

Another form of credit card fraud is when the fraudster steals your personal details and identity to enable them to
get a new credit card.

b. Fake Return & Refund Fraud

The bad players perform unauthorized transactions and clear the trail, causing businesses great losses. Some
hackers also engage in refund frauds, where they file fake requests for returns.

2. Phishing
Several e-commerce shops have received reports of their customers receiving messages or emails from hackers
masquerading to be the legitimate store owners. Such fraudsters present fake copies of your website pages or
another reputable website to trick the users into believing them. For example, see this image below. A seemingly
harmless and authentic email from PayPal asking to provide details.
Phishing Example

3. Spamming
Some bad players can send infected links via email or social media inboxes. They can also leave these links in their
comments or messages on blog posts and contact forms. Once you click on such links, they will direct you to their
spam websites, where you may end up being a victim.

Mass-mailed malware infection can quickly morph into a much more serious problem

says Brian Krebs, data security expert.

Apart from lowering your website security, spamming also reduces its speed and severely affects performance.

4. DoS & DDoS Attacks

Many e-commerce websites have incurred losses due to disruptions in their website and overall sales because
of DDoS (Distributed Denial of Service) attacks. What happens is that your servers receive a deluge of requests
from many untraceable IP addresses causing it to crash and making unavailable to your store visitors.
 Source:

5. Malware
Hackers may design a malicious software and install on your IT and computer systems without your knowledge.
These malicious programs include spyware, viruses, trojan, and ransomware.

The systems of your customers, admins, and other users might have Trojan Horses downloaded on them. These
programs can easily swipe any sensitive data that might be present on the infected systems and may also infect
your website.

6. Exploitation of Known Vulnerabilities

Attackers are on the lookout for certain vulnerabilities that might be existing in your e-commerce store.
Often an e-commerce store is vulnerable to SQL injection (SQLi) and Cross-site Scripting (XSS).
Let’s take a quick look at these vulnerabilities:

a. SQL Injection
It is a malicious technique where a hacker attacks your query submission forms to be able to access your backend
database. They corrupt your database with an infectious code, collect data, and later wipe out the trail.

b. Cross-Site Scripting (XSS)

The attackers can plant a malicious JavaScript snippet on your e-commerce store to target your online visitors and
customers. Such codes can access your customers’ cookies and compute. You can implement the Content Security
Policy (CSP) to prevent such attacks.

7. Bots
Some attackers develop special bots that can scrape your website to get information about inventory and prices.
Such hackers, usually your competitors, can then use the data to lower or modify the prices in their websites in an
attempt to lower your sales and revenue.
8. Brute force
The online environment also has players who can use brute force to attack your admin panel and crack your
password. These fraudulent programs connect to your website and try out thousands of combinations in an
attempt to obtain you site’s passwords. Always ensure to use strong, complex passwords that are hard to guess.
Additionally, always change your passwords frequently.

9. Man in The Middle (MITM)

A hacker may listen in on the communication taking place between your e-commerce store and a user. Walgreens
Pharmacy Store experienced such an incident. If the user is connected to a vulnerable Wi-Fi or network, such
attackers can take advantage of that.

Source: Netsparker

10. e-Skimming

E-skimming involves infecting a website’s checkout pages with malicious software. The intention is to steal the
clients’ personal and payment details.

Are you an e-commerce business person? Don’t downplay the seriousness of these e-commerce security threats.
 Server Security
1. Constantly Upgrade the Software and the Operating System
Constantly Upgrade the Software and the Operating System
In server security, staying up to date on all software and operating system-related security fixes is essential.
Server systems and software technologies are so complicated that some of the security vulnerabilities they carry
can easily go unnoticed.
Because of this, security vulnerabilities commonly exist in both old and freshly updated software versions. Also,
hackers always try to develop new and innovative ways to gain unauthorized entries into a system.
Fortunately, vendors and cybersecurity experts are constantly working to ensure that their software and
operating systems are as secure as possible. Once they discover a security loophole, they will typically move
quickly to have the loophole fixed.
Once that's done, they will release a more secure and upgraded version of their operating system or software.
For your server's security, you should immediately install the update once the vendor has tested and released it
on the market.
Even though most vendors act speedily to address security vulnerabilities, there is always a gap between the
time the security vulnerability is discovered, the time it takes to fix it, and the time it takes you to install the new
update.
This gap can give hackers an upper hand since they can easily breach your servers before you make the update.
To keep this gap as small as possible, always remain vigilant and aware of any new developments as far as your
servers' security is concerned. You should also be mindful of the immediate measures you can take to ensure that
you are not affected by the vulnerable software.
For instance, uninstalling the software could be an essential thing to do. Lastly, you should install the new update
right away once it has been released. Installing the secure operating system and software version can help
reduce your vulnerability.
2. Configure Your Computer to File Backups
Configure Your Computer to File Backups
You should always keep a file backup and have a restoration strategy. You never know when a hacker will
succeed in breaching your servers.
When such a breach happens, a backup file could be your savior.
Regularly backing up your data allows you to restore all the information resources that your server held before
the data breach took place.
Therefore, for the sake of your data, you should ensure that you regularly undertake the data backup.
When developing a backup plan, make sure that you do a thorough analysis of the following:
• the cost of the backup plan,
• its efficiency and speed,
• the effort required to restore your data after a data breach,
• the speed of the backup process, and
• the amount of disc space that you need to store the data.
You also should carefully consider the location where you store your backup files.
You can choose to keep the files either locally or on on the cloud, which is a safer approach.
3. Set up Access Limitations to Your Computers files
Access Limitations to Your Computers files
Most operating systems will give users the option to specify access privileges. For the safety of your servers, I
advise that you be as restrictive as possible.
A user can specify access privileges to directories, networks, files, and other server elements. Access controls can
reduce both deliberate and unintended server security breaches.
For instance, limiting read access can help you protect confidential and private information. Similarly, restricting
who can modify files and data will help maintain the integrity of the files.
Not all employees should be given access to all the resources of your organization. Applying the principle of the
least privilege is an excellent move in securing your servers.
Those who have no business with server resources or do not need them to fulfill their job requirements should
not have access to those resources. Some of the worst data breaches have been organized and executed by people
within the organization who had access to crucial data and information.
A 2019 Insider Threat Report by Verizon places careless and malicious workers as the top actors in insider
cybersecurity threats. Limiting access, therefore, can help protect your servers from insider attacks.
4. Install SSL Certificates
Install SSL Certificates
Secure Socket Layer certificates are security protocols that guard the communication between two systems over
the internet.
The Secure Socket Layer is a crucial element of server security. You need to ensure that any communication or
data transfers between your server and clients' browsers or other servers are encrypted.
SSL certificates scramble data in transit so that sensitive and confidential information such as health details,
credit card details, and financial records remain secure. A hacker who succeeds in accessing the data cannot
decipher its meaning.
Only the intended recipient who has the right key to decrypt the information will understand its meaning.
Apart from just encrypting the communication between your servers and other parties, SSL certificates also play
a critical role in user authentication.
SSL certificates can authenticate different systems to their particular owners. The certificate, therefore, helps
establish your authority. To strengthen your security, you should get and install an SSL certificate.
5. Use Virtual Private Networks (Private Networking)
Use Virtual Private Networks (Private Networking)
Private networks are based on Internet Protocol address space. A VPN is said to be private because no Internet
Protocol packets addressed are transmitted via a public network.
A VPN will allow you to create a connection between different computer devices located in different places. It lets
you to carry out operations on your servers in a secure manner.
You can exchange information with other servers on the same account without compromises from outside. To
ensure that your server is safe, you should set up a Virtual Private Network.
6. Server Password Security
Server Password Security
When it comes to server security, make sure you use password best practices. The first step is to develop clear
password policies and rules that all members using the server should follow.
You should enforce minimum character length for passwords, set password complexity guidelines, enable
session timeout for inactivity, and use a multiple-factor authentication strategy.
It's also useful to have a clear password expiration policy. Passwords should only be allowed to last a few weeks
or months. It's best to encourage all users to implement safe password storage to avoid passwords landing in
unsafe hands.
7. Use Firewall Protection
Use Firewall Protection
Firewalls are a must-have to ensure that your servers are safe. They filter incoming and outgoing traffic to allow
only specific services and lockout unsafe ones.
There are a few different classifications of firewalls. The first group deals with the public services that anyone on
the internet anonymously accesses. The second is the private services that a select group of authorized accounts
can access. The last is the internal services that require no exposure to the outside world.
You should restrict access to these services depending on which group fits the situation. You should configure
your server to refuse all accesses except those that are mandatory to your servers.
 Secure Communication Channels
Communication channels can be thought of as the means of transmission of information between devices and
users on a network. The rate at which mobile technologies have been adopted in recent years has led to much
greater intercommunication between device types. The standard by which these devices connect to one
another is called unified information and communications systems, and is widely seen as a good thing for ease
of use and setup for many different classes of devices.

The problem with this standard is that it also opens up more opportunities for attackers to exploit security
weaknesses within popular technologies such as:

• Voice
• Multimedia collaboration
• Remote access
• Data communications
• Virtualized networks
We will take a look at each of these attack vectors and see what precautions need to be taken in order to
secure devices on your network. Understanding these concepts will help you to prepare for your CISSP exam,
as these topics are covered in Domain 4.3 of the exam outline documentation. If you are sitting for your exam
after 15 April 2018, your exam objectives can be found here.

Voice
Voice communication covers many different technologies, which means that you will need to be familiar with
systems such as:

• PBX (private branch exchange)

• POTS (plain old telephone system)
• VoIP (Voice over Internet Protocol)
Learning about voice technologies is essential because it is still one of the most costly services that companies
incur, so being able to effectively manage, investigate, and administer is really important. If outside users are
able to use your voice services fraudulently, your company may be liable if crimes are committed with your
services. International toll fraud is also costly, and can come about from unsecured phone systems.

Multimedia collaboration
Multimedia collaboration includes applications such as instant messaging programs, video conferencing, and
other real-time collaboration tools. These tools reinforce the notion of convergence technologies because they
are able to carry voice, data, text, and video all in a single application over the Internet instead of over separate
networks. You will need to understand the risks associated with:

• VoIP—This includes session controls and signalling protocols that relate to the notification and setup of calls.
Candidates must also be familiar with codec software that converts audio and video into digital frames as well
as open VoIP protocols such as H.323 and SIP (session initiated protocol). Understanding how SIP provides
integrity protection with MD5 hash functions and encryption such as TLS is also important for the CISSP exam.
VoIP security must also be understood.
• Remote Meeting Technology—This technology allows users to collaborate by sharing control of remote
desktops, file sharing, chat functions, voice, and video. These technologies are vulnerable to unauthorized
participation, eavesdropping, spying, data leakage, and communications interception. To prevent this,
 mitigating technologies must be employed, such as firewall restrictions, data encryption, authentication
security measures, computer management policies, and user awareness training.
• Instant Messaging and Chat—Initially introduced as text-based communication, many of these applications
now include voice, video, file sharing, and remote control. Understanding that instant messaging (IM)
technologies can be peer-peer or client-server relationships and all of the threat vectors that are associated
with IM and chat is also important. These threats include malware distribution and social engineering.
• Content Distribution Network—A CDN is a system of interconnected machines that provide large-scale
services such as internet service providers (ISPs) and network operations. CDNs serve end users with high-
speed connections and high availability. You need to understand concepts such as hybrid models (peer-to-peer
and server-to-client connections), as well as the corresponding threat vectors, such as unauthorized
bandwidth usage, P2P malware attacks, malicious executable files, and unauthorized system access.
Remote access
Remote access was originally designed with dial-up systems in mind, allowing home-based users and traveling
users the ability to access the internal network from a dial-up modem connection. This technology reduces the
cost of a dedicated leased line, and was seen as a more affordable method for letting people connect to the
system while out of the office. The RAS server would then authenticate the user based on the credentials that
they entered and users would be able to access the corporate network with them. VPN and tunneling protocols
must be firmly understood, and examples of these are:

• Remote Access Services

• Dial-up and RAS
• Old Dial-up Remote Protocol
• Authentication Protocols such as CHAP, PAP, EAP.
• Modern VPN protocols: PPTP, L2TP/IPSec SSL/TLS SSTP, Modern Authentication Protocols (VPN) MSCHAP
v2 and EAP.
• Point-to-Point Protocol
• Microsoft Remote Desktop Protocol (RDP) Remember that it uses port 3389
• Secure Shell (SSH) Remember that it uses port 22 and that it is more secure than Telnet. Telnet transmits
passwords in plain text and is therefore not secure.
Data communications
Candidates must be familiar with the following secure communications protocols:

• SSL (Secure Socket Layer)

• TLS (Transport Layer Security)
• swIPe (Swipe IP Security Protocol)
• S-RPC (Secure Remote Procedure Call)
• SET (Secure Electronic Transaction)
• PAP (Password Authentication Protocol)
• CHAP (Challenge Handshake Authentication Protocol)
• EAP (Extensible Authentication Protocol)
Virtualized networks
A virtualized network, also known as a software-defined network (SDN), is a collaboration of software and
hardware to create a network that is bound and controlled by the software component. A virtualized network
 is a collection of ports on a managed switch that are configured via software, allowing changes to be made to
the network layer without the need to change any physical components of the network. This means that the
connections of the local area network can be changed via the application. Components that you will need to be
familiar with are:

• Virtual Switches: Remember that they have existed within hypervisors for a long time but now they are able
to link hypervisors together. SDNs are flexible and elastic, and they can be configured remotely to effect
network wide changes to traffic. They are centrally managed and are interoperable with many different
protocols. They are dynamic and can be automatically provisioned and configured.
• Virtualized Network Storage: Also known as software defined storage, SDS is storage management software
that can make off-the-shelf hardware like NAS units behave like SAN equipment.
• Virtualized Networks Segmentation: Also known as private virtual local area networks (PVLANs), these
systems add extra features to VLANs, but virtually. This allows for the creation of private groups within your
network, and can also provide features such as port isolation and enhanced routing features. A primary PVLAN
is just a VLAN that has been segmented into smaller groups, while a secondary PVLAN exists only inside of a
Primary PVLAN, has specific VLAN IDs, and has a physical switch associated with the behaviour of each packet
with a VLAN ID.

Security for Client Computers

The use of computers across businesses of all types has created vulnerabilities for those businesses in the
individual client computer. A client computer is a computing device that connects to a network in one of
several ways, but the term typically describes a laptop or workstation computer. Because client computers are
connected to networks of other computers, if an attacker or a virus gains control of an networked computer, it
can be used as a launching pad to attack any or all of the devices on the network. While the user is the weakest
link in any security scenario, there are several things that can be implemented to protect the workstation and
the entire network.
Physical Security
Users should lock their workstations when they walk away, even for a minute. That is all it takes for a
malicious co-worker to send out an email in the user’s name, or surf a website that downloads a virus or some
other software unknown to the perpetrator. At the end of the day, lock the room if possible, to protect the
computer from intruders who gain access to the building. Physical security is the first line of defense for client
computers. Users who work from home should log off while they are going to be away from home for an
extended period of time. A laptop should never be left on a car seat or hotel room.
Authentication
Every client computer should require a user to log in before using it. Whether the credentials are local to the
computer or stored on an authentication server, nobody should be able to use a computer without logging in
first. This stops everyone who is not an authorized user on the computer or the network from using a client
machine for mischievous purposes.
Anti-malware Software
The abundance of malware in the form of viruses, worms, Trojan horses and more requires the use of anti-
malware software on every client machine. If one machine becomes infected, all machines on the network will
become infected. Viruses and worms spread extremely fast, and it only takes a few minutes to infect every
machine on the network, even if there are thousands of them. Large companies should deploy enterprise
versions of an anti-malware product on all its client computers. Samller companies of a hundred computers or
less may decide to deploy one of the many free offerings available, but should use the same software on all
client computers.
Secure Protocols
Where possible, users of client computers should only connect with other computers and servers using secure
protocols. One of these is HTTPS, or Secure HTTP, which creates a secure connection to Web sites. Another is
Secure FTP, or file transfer protocol, which encrypts user ID and password information, unlike native FTP.
Rather than using Telnet to connect to a remote computer, users should use Secure Shell, which adds security
to the remote connection.
Firewall
The last line of defense for a client computer is a personal firewall installed on the machine. While an Internet
firewall at the organization’s Internet connection is the first line of defense, the personal firewall protects the
client from attacks that get through, as well as attacks that originate from within the corporate network. Both
Windows and most Linux distributions have a client firewall included, and Windows’ firewall is preconfigured
for default protection.
E-Seva
it is a short form of 'electronic seva' which means 'electronic service'
it is a form of e-government aimed at providing speedier and efficient public services including issue of all the
citizen related certificates,receiving all sorts of utility bills,redressing grievances,etc

A key component of e-governance is to provide governments with a citizen-friendly face. Naturally, G2C
(government-to-citizens) is an important element of all e-governance projects. FirstGov in the US, e-Envoy of the
UK, e-Taiwan, e-Citizen in Singapore, e-Korea, e-Malaysia, Victoria Online in Australia and Government Online in
Canada are award-winning G2C services in the world.
Closer home, e-Seva in Andhra Pradesh, Friends in Kerala, Sukhmani centres in Punjab, the Lok-Mitra project in
Rajasthan, Coimbatore-Online in Tamil Nadu and BangaloreOne in Karnataka are some of the pioneering G2C
initiatives in India.
e-Seva is, perhaps, the best example and one of the earliest attempts to take the benefits of e-governance to
citizens. Pione-ered by the then IT secretary in Andhra Pradesh, J Satyanarayana, currently CEO of the National
Institute of Smart Governance, and driven by the then chief minister, Chandrababu Naidu, e-Seva started as the
TWINS project to provide multiple citizen-facing services of the government under one umbrella. Instead of
citizens having to go from one department to another, multiple government services are provided under a single
window. It is particularly of value to less-affluent and less-influential people, who do not enjoy the luxury of
servants or peons who can spend time standing in queues.
e-Seva has several innovations to its credit. The people interface issue has been well addressed and the effects of
re-engineering are there for all to see. The ambience is good, the place is clean, less noisy and there is an air-
conditioned environment, uncluttered by dilapidated furniture. There is access to drinking water, facilities like
ATM, internet kiosks and phonesthings one does not normally associate with government departments in India.
The services are offered at dozens of centres, each with several counters, in a public-private-partnership model.
The computers, printers and internet access are provided by the private operator, who is paid a fixed service
charge for transactions completed at e-Seva counters, with the government providing the data.