Module – IV

E –Commerce and Digital Payments

❖ Definition of E-commerce:
• E-Commerce or Electronics Commerce is a methodology of modern business, which
addresses the requirements of business organizations. It can be broadly defined as
the process of buying or selling of goods or services using an electronic medium such
as the Internet. This tutorial takes adopts a simple and practical approach to explain
the governing principles of e-commerce.

• Examples of E-Commerce: Amazon, Flipkart, eBay, Fiverr, Upwork, Olx, Quik

❖ KEY TAKEAWAYS:
✓ E-commerce is the buying and selling of goods and services over the internet.
✓ It is conducted over computers, tablets, smartphones, and other smart devices.
✓ Almost anything can be purchased through e-commerce today, which makes e-
commerce highly competitive.
✓ It can be a substitute for brick-and-mortar stores, though some businesses choose to
maintain both.
✓ E-commerce operates in several market segments including business-to-business,
business-to-consumer, consumer-to-consumer, and consumer-to-business.

❖ Examples of E-commerce:
✓ In addition to different types of ecommerce, there are also different functional versions
of ecommerce, distinguishable by the relationship of the transaction and the products or
services being sold. The most common examples include:

a) Retail: Retail ecommerce is when a product is sold directly to a customer.

b) Wholesale: Wholesale ecommerce is when products are sold in bulk often to a retail
company who, in turn, sells them to its customers.
c) Physical products: Physical product ecommerce refers to any products that affect
inventory and must be physically shipped.
d) Digital products: Digital product ecommerce refers to products purchased as
downloadable goods—such as books, templates or courses.
e) Drop shipping: Drop shipping ecommerce is when a product is sold by one company
that outsources its manufacturing and shipping to another company.
f) Subscription: Subscription ecommerce is when a customer has a recurring purchase of
a product or service—weekly, monthly, yearly, etc.—that automatically charges them
and replenishes the product.
g) Services: Service ecommerce refers to services purchased and often priced by the time
spent on providing the service.
h) Crowdfunding: Crowdfunding ecommerce is when money is collected as product
capital in advance of a product being available.
i)

1
 ❖ E-Commerce Categories
I. Electronic Markets
✓ It Present a range of offerings available in a market segment so that the purchaser
can compare the prices of the offerings and make a purchase decision. Example:
Airline Booking System
II. Electronic Data Interchange (EDI)
✓ It provides a standardized system
✓ Coding trade transactions
✓ Communicated from one computer to another without the need for printed order
and invoices & delays & errors in paper handling
✓ It is used by organizations that a make a large no. of regular transactions Example:
EDI is used in the large market chains for transactions with their suppliers
III. Internet Commerce
✓ It is use to advertise & make sales of wide range of goods & services.
✓ This application is for both business to business & business to consumer
transactions.
❖ Types of E-Commerce

1) Business-to-Consumer(B2C):
✓ Business-to-consumer is a business strategy that involves selling goods directly to
consumers rather than going through wholesalers, retailers, or other middlemen.
Business-to-consumer is referred to as B2C. The B2C model can be used in any
business transaction where the consumer receives products or services directly, such
as restaurants, retail stores, and hospitals. Amazon, Netflix, and Etsy are examples of
B2C e-commerce stores.

2) Business-to-Business(B2B):
✓ Business-to-business is referred to as B2B. Business-to-business companies produce
goods and services for other businesses and organizations. Examples of B2B
companies are marketing agencies, software as a service (SaaS), and companies that
produce and sell numerous goods.

2
3) Consumer-to-Business(C2B):
✓ Consumer to business is referred to as C2B. In this business model, the consumer
produces value, which is then consumed by businesses. For example, when a customer
writes reviews or gives a valuable suggestion for a new product, this customer adds
value to the company if the company uses that input.
✓
4) Business-to-Government(B2G):
✓ When a company offers its goods and services directly to a government body, this is
known as the business-to-government (B2G) strategy. For example, a private
engineering business sells its engineering services to a country's government to build
a new water and sewer system for the community.
✓
5) Consumer-to-Consumer(C2C):
✓ Consumer-to-consumer is referred to as C2C. C2C e-commerce directly sells products
or services between customers. C2C is frequently made possible through third-party
websites or marketplaces, which handle transactions on behalf of buyers and sellers.
C2C transactions don't involve any type of company. Smaller companies or hobbyists
can offer goods on e-commerce marketplaces without maintaining their web
presence. C2C platforms are beneficial for both buyers and sellers, and the platforms
make money by charging a small cost for each transaction, such as the advertising fee
for products.
❖ Components of E-commerce
1. Online Transactions: E-commerce involves the electronic exchange of money for goods
or services. Transactions can be conducted through various online payment methods,
including credit cards, digital wallets, and other electronic payment systems.
2. Online Marketplaces: E-commerce platforms often host online marketplaces where
businesses and consumers can connect. These platforms facilitate the display, promotion,
and sale of products or services.
3. Digital Marketing: E-commerce heavily relies on digital marketing strategies to attract and
engage customers. Online advertising, social media marketing, and search engine
optimization are commonly used to drive traffic to e-commerce websites.
4. Electronic Data Interchange (EDI): E-commerce systems frequently use electronic data
interchange for the automated exchange of business documents, such as purchase orders
and invoices, between different organizations.
5. Security Measures: Due to the sensitivity of financial transactions and personal
information involved in e-commerce, security measures such as encryption, secure
payment gateways, and authentication protocols are crucial to ensure the safety of online
transactions.
6. Mobile Commerce (M-commerce): With the increasing use of smartphones and mobile
devices, e-commerce has expanded to include mobile commerce. Consumers can make
purchases and conduct transactions through mobile applications and mobile-optimized
websites.
7. Global Reach: E-commerce allows businesses to reach a global audience without the need
for physical store locations. This global reach enhances market potential and provides
customers with access to a wide variety of products and services

3
❖ Elements of E-Commerce security

❖ E-commerce Security:
✓ E-commerce Security basically deals with a set of protocols specially designed for E-
commerce platforms to process electronic transactions with security. E-commerce
Security helps to buy and sell goods over the Internet with full protection and security.
✓ The absence of E-commerce Security leads to the loss of the banking credentials of the
customers, the leaking of private sensitive information of users, phishing
attacks, stealing of money, and frauds related to credit cards.
✓ Electronic payment system which is an essential part of E-commerce Security helps to
operate in a user-friendly manner and avoids difficult documentation procedures and
also saves some cost of transactions.
✓ E-commerce Security enables to provide security to electronic payment systems so that
they can easily process the data and transfer electronic funds with security in an easy
manner.

• Several key elements contribute to the overall security of e-commerce systems:

✓ Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and its successor TLS
are cryptographic protocols that provide secure communication over a computer
network, typically the internet. They encrypt the data exchanged between the user's
browser and the e-commerce server, preventing unauthorized access to sensitive
information such as credit card details.
✓
• Elements of E-commerce security

✓ Encryption: Data encryption is crucial for protecting information during transmission

and storage. Encryption technologies convert sensitive data into unreadable code, and
only authorized parties with the proper decryption key can access the original
information.

✓ Secure Payment Gateways: E-commerce websites should use secure payment gateways
that encrypt and securely process payment information during transactions. Payment
Card Industry Data Security Standard (PCI DSS) compliance is essential for handling credit
card information securely.

✓ Two-Factor Authentication (2FA): Implementing two-factor authentication adds an

extra layer of security by requiring users to provide two forms of identification before
gaining access to an account. This helps prevent unauthorized access, even if login
credentials are compromised.
✓
✓ Firewalls: Firewalls act as a barrier between a trusted internal network and untrusted
external networks, such as the internet. They help monitor and control incoming and
outgoing network traffic, preventing unauthorized access and protecting against
malicious activities.

4
✓ Regular Security Audits and Testing: Conducting regular security audits and penetration
testing helps identify vulnerabilities in the e-commerce system. By identifying and
addressing potential weaknesses, businesses can proactively enhance their security
measures.

✓ User Authentication and Authorization: Implement strong user authentication

processes to verify the identity of users. Additionally, establish proper authorization
controls to ensure that users only have access to the resources and data necessary for
their roles.
✓ Security Updates and Patch Management: Keep all software, including the e-commerce
platform, operating systems, and third-party plugins, up to date with the latest security
patches. Regularly update and patch software to address vulnerabilities and improve
overall security.

✓ Data Backups: Regularly back up critical data to prevent loss in the event of a security
incident, such as a ransomware attack. Implement secure and automated backup
procedures to ensure the availability of data for recovery.

✓ Privacy Policies and Compliance: Clearly communicate privacy policies to users,

detailing how their data will be collected, processed, and protected. Adhere to relevant
data protection regulations and standards, such as the General Data Protection
Regulation (GDPR) or other regional privacy laws.

❖ E-commerce Threats
✓ E-commerce is basically the process of buying and selling commodities and goods over the
Internet. In E-commerce, transactions take place via digital methods via electronic funds
and the processing of online transactions.
✓ Since E-commerce deals with the transfer of money digitally, hackers and attackers use this
as an opportunity to break into E-commerce websites and gain some financial profit from
them.

❖ Types of threats to E-commerce

❖ Tax Evasion: Organizations show the legal paper records of revenue to the IRS. But in
the case of E-commerce shopping, online transactions take place due to which funds get
transferred electronically due to which IRS is not able to count the transactions properly
and there are high chances of tax evasions by these organizations.

❖ Payment conflict: In E-commerce, payment conflicts can arise between users and the
E-commerce platforms. These electronic funds transferring systems might process extra
transactions from the users which will lead to a payment conflict by the users due to
some glitches or errors.

5
❖ Financial fraud: Whenever an online transaction or transfer of funds takes place, it
always asks for some pin or passwords to authenticate and allows only the authorized
person to process the transactions. But due to some spyware and viruses used by
attackers, they can also process the transactions of the users by allowing the
unauthorized person, which will lead to causing a financial fraud with the user.

❖ E-wallets: E-wallets are now an essential part of E-commerce platforms. Attack on E-

wallets can lead to the leak of the sensitive banking credentials of the users which can
be used by the attackers for their own profit. Regulators tend to monitor all the activities
related to the financial security of the money of the users.

❖ Phishing: It is one of the most common attacks nowadays on the users, where the
attackers send emails and messages to a large number of users which contain a special
link in it. When the users open that link in their browser, the malware starts downloading
in the background and the attacker gets full control over the financial information about
the users. They make fake websites to make the users believe their website and fill out
their financial credentials.

❖ SQL injections: SQL injections are used by attackers to manipulate the database of
large organizations. Attackers enter malicious code full of malware into the database and
then they search for targeted queries in the database and then they collect all the
sensitive information in the database.

❖ Cross-site scripting (XSS): Hackers target the website of E-commerce companies by

entering malicious code into their codebase. It is a very harmful attack as the control of
the entire website goes into the hands of the attackers. It can enable the attackers to
track the users by using their browsing activity and their cookies. For More details,
please read the what is cross-site scripting XSS article.

❖ Trojans: Attackers make software that may appear to be useful before downloading,
but after downloading the software it installs all the malicious programs on the
computer. It collects data like personal details, address, email, financial credentials and
it may cause data leaks.

❖ Brute force attacks: Hackers draw patterns and use random methods to crack into
someone else’s account as an unauthorized user. It requires the use of multiple
algorithms and permutations and combinations to crack the password of an account by
the attacker.

❖ Bots: The hackers use a large number of bots on E-commerce websites to track the
competitor in the E-commerce industry rankings and his user’s buying policies in order
to scrap the sales and revenue of the competitor. It also decreases the ranking of their
E-commerce website as compared to the competitors due to bad experiences faced by
the users. It results in overall price decreasing and less revenue overall in sales.

6
❖ DDoS attacks: Distributed Denial of Service (DDoS) attacks are most commonly used by
hackers to not allow original legitimate users to access and buy and sell products from
the E-commerce platforms. Hackers use a large number of computers to flood the
number of requests to the server so that at one time the server crashes out.

❖ Skimming: Skimming is a popular method to spread out the malware on the website’s
main pages which are used by a large number of people. It steals and leaks all
information entered by the users on that webpage and all this information goes to the
attacker through skimming.

❖ Middlemen attack: In this type of attack, the attacker can clearly get all the
information in the conversation taking place between the consumer and the E-
commerce platform itself. The attacker sees the conversation between both of them and
uses this as an opportunity to make the user face some vulnerability.

❖ E-Commerce Security best practices

✓ Hackers are always inventing new strategies for stealing data. In addition to protecting
against known threats, there are some general best practices for ecommerce security.
✓ Here we discuss essential best practices that can help businesses maintain security and
trust in their e-commerce operations.

1) Robust Data Encryption

• Data encryption acts as a robust shield against unauthorized access to sensitive
customer information. Enterprises should utilize strong encryption protocols to
safeguard data both at rest and during transit. Encrypting customer details such as
names, addresses, payment information, and passwords ensures that even if a breach
occurs, the stolen data remains indecipherable to attackers. Employing industry-
standard encryption algorithms and regularly updating encryption keys are critical
measures for safeguarding customer data.

2) PCI DSS Compliance

• For businesses handling payment card information, adhering to the Payment Card
Industry Data Security Standard (PCI DSS) is mandatory. PCI DSS provides a
comprehensive framework for securing cardholder data during processing,
transmission, and storage. Compliance with PCI DSS standards ensures a secure
payment processing environment and minimizes the risk of financial fraud or data
breaches.

3) Two-Factor Authentication (2FA)

• Implementing two-factor authentication significantly enhances security by requiring
users to provide an additional form of verification beyond their passwords. By
combining something they know (a password) with something they possess (e.g., a
mobile device), 2FA adds an extra layer of protection against unauthorized access.
This practice mitigates the risks associated with weak passwords or password reuse.

7
4) Regular audits and assessments
• Conducting regular security audits and vulnerability assessments helps identify and
address potential weaknesses in the e-commerce system. Enterprises should
collaborate with cybersecurity experts to review their infrastructure, codebase, and
overall security measures. Identifying and patching vulnerabilities proactively fortifies
the system against potential exploitation and reduces the risk of data breaches.

5) Data minimization and retention policies

• Adopting data minimization principles ensures that businesses collect and retain only
the necessary customer data. Unnecessary data storage creates a larger attack
surface and exposes more sensitive information to potential threats. Implementing a
clear data retention policy helps remove outdated or irrelevant customer data,
reducing potential damage in case of a breach.

6) Secure payment gateways

• Selecting reputable and secure payment gateways is crucial for e-commerce
businesses. Utilize well-established payment processors with a strong track record of
security and reliability. These providers should employ advanced fraud detection
mechanisms and follow strict security protocols to protect customer payment
information.

7) Regular employee training

• One of the main causes that lead to data breaches is human errors. Training
employees to recognize and respond to potential security threats is vital in
maintaining a secure e-commerce environment. Regular security awareness training
should educate employees about phishing scams, social engineering attacks, and the
importance of following security protocols.

8) Incident response plan

• Despite taking all precautionary measures, security incidents can still occur. Having a
well-defined incident response plan ensures that the organization can respond
promptly and effectively to mitigate the damage. The plan should include steps for
identifying, containing, eradicating, and recovering from security incidents while also
outlining communication protocols for customers and stakeholders.
• Securing customer data is not only a legal and ethical responsibility but also a critical
component of maintaining trust in an enterprise’s e-commerce operations. By
implementing robust encryption, adhering to compliance standards, enabling two-
factor authentication, conducting regular audits, and fostering a security-aware
culture, businesses can significantly reduce the risk of data breaches and
cyberattacks. Building a secure e-commerce environment not only protects
customers but also enhances a company’s reputation and fosters long-lasting
relationships with its clients.

8
 ❖ Advantages of E Commerce

✓ There are many advantages to e-commerce, including:

1) Increases Sales and Revenue

E-commerce always helps to increase sales and revenue as it widens the market by
reaching out to new customers. It also allows businesses to offer discounts and incentives
that are not possible in a physical store. There are also many opportunities for cross-selling
and up-selling.

2) Reduces Costs
E-commerce also helps reduce business costs as it eliminates the need for a physical store
and sales staff. It also reduces inventory costs and transportation costs. There are also
many opportunities for cost-saving through online auctions and supply chains.

3) Eliminates Geographic Barriers

E-commerce also eliminates geographic barriers, as customers can buy goods and services
from anywhere in the world. This allows businesses to sell to new markets and expand
their customer base. It may also help to reduce the cost of doing business.

4) Improves Customer services

This is because e-commerce allows businesses to offer 24/11 customer service, which is
not possible in a physical store. It also allows customers to compare prices and products
from different retailers easily. Sometimes there are also additional services, such as
customer reviews and ratings, that are not available in a physical store.

5) Increases Efficiency
Efficiency is increased as orders can be placed and processed quickly and easily through
an e-commerce website. This eliminates the need for paperwork and reduces the chances
of human error. It also allows businesses to track inventory levels and sales trends in real-
time.

6) Locating Basics
Finding the products, you need in the offline market is really challenging. At the same
time, we may use a single click to browse an online e-commerce website and purchase
the products we need. Customers have far more convenience with this alternative than
with an offline market.

7) Selling Internationally
• It is a platform where any trader or business may advertise their goods as much as
possible around the globe. Additionally, anybody can purchase the item for
themselves from any location.
• In this, communication between the client and the merchant is simple. E-commerce
functions as a worldwide business model as a result. The businessman may boost the
worth of his product brand by doing this.

9
 8) Cheap
The client and the firm are linked directly through this business strategy. Because of this,
any business or group may offer their goods directly to consumers. The business could
increase its margin in this. The same client can purchase the good or service for less money
online than in a physical store.

❖ Survey of best E-Commerce sites

1. Amazon:

Amazon is one of the most popular e-commerce websites in the world. It offers a vast range of
products, including books, electronics, clothing, and home goods. With its quick delivery service
and easy-to-use website, Amazon has become a go-to for many online shoppers. It also offers a
subscription service, Amazon Prime, which provides exclusive discounts and free shipping on
eligible items.
2. eBay:

eBay is a global online marketplace that connects buyers and sellers from all over the world.
It offers a wide range of products, including electronics, fashion, and home goods. eBay is
known for its auction-style listings, which allow buyers to bid on items and often get them at
a lower price than retail. It also offers a Buy It Now option for those who prefer to purchase
items at a fixed price.
3. Walmart:

Walmart is a well-known retail giant that also has a robust e-commerce website. It offers a
wide range of products, including groceries, electronics, and home goods. Walmart’s website
is easy to navigate and provides a seamless shopping experience. It also offers a pickup
service, where customers can order online and pick up their items in-store.

10
4. Best Buy:

Best Buy is a leading electronics retailer that also has a strong e-commerce presence. It offers
a wide range of products, including computers, TVs, and appliances. Best Buy’s website is
user-friendly and offers a variety of payment options, including financing. It also offers a
pickup service and same-day delivery in select areas.
5. Target

Target is a popular retail chain that also has a strong online presence. It offers a wide range
of products, including clothing, home goods, and groceries. Target’s website is easy to
navigate and offers free two-day shipping on eligible items. It also offers a pickup service and
same-day delivery in select areas.
6. Etsy

Etsy is an online marketplace that specializes in handmade and vintage items. It offers a
unique shopping experience, where customers can purchase one-of-a-kind items from
independent sellers all over the world. Etsy’s website is user-friendly and offers a variety of
payment options. It also offers a gift card service, making it a great option for gift shopping.

11
7. Zappos

Zappos is a leading online retailer that specializes in shoes and apparel. It offers a vast
selection of products, including designer brands and exclusive collections. Zappos is known
for its excellent customer service, with free shipping and free returns on all orders. It also
offers a VIP program, which provides exclusive discounts and early access to sales.
8. Newegg

Newegg is an online retailer that specializes in electronics and computer hardware. It offers a
vast range of products, including gaming laptops, CPUs, and graphics cards. Newegg’s website
is user-friendly and provides a seamless shopping experience. It also offers a subscription
service, Newegg Premier, which provides exclusive discounts and free shipping on eligible
items.

9. ASOS

ASOS is a popular online retailer that specializes in fashion and beauty products. It offers a
vast range of products, including clothing, accessories, and cosmetics. ASOS’s website is easy
to navigate and offers free shipping and returns on eligible orders. It also offers a student
discount and a loyalty program, providing exclusive discounts and early access to sales.

12
10. AliExpress

AliExpress is a global online marketplace that connects buyers and sellers from all over the
world. It offers a vast range of products, including electronics, fashion, and home goods.
AliExpress is known for its competitive prices and often offers free shipping on eligible items.
It also offers a buyer protection program, ensuring customers receive their orders as
described.

11. Overstock

Overstock is an online retailer that offers a wide range of products, including furniture, home
decor, and bedding. It offers high-quality products at competitive prices and often has sales
and discounts throughout the year. Overstock’s website is user-friendly and provides a
seamless shopping experience. It also offers a Club O membership, providing exclusive
discounts and free shipping on eligible items.
12. Wayfair

Wayfair is an online retailer that specializes in home goods and decor. It offers a vast range
of products, including furniture, lighting, and rugs. Wayfair’s website is easy to navigate and

13
provides a seamless shopping experience. It also offers free shipping on orders over a certain
amount and often has sales and discounts throughout the year.
13. Costco

Costco is a membership-based warehouse club that operates a chain of membership-only

warehouse stores. The company was founded in 1976 in San Diego, California, and has since
grown to become one of the largest retailers in the world, with locations in many countries
around the globe. At Costco, members can purchase a wide variety of products in bulk at a
discounted price, ranging from groceries and household items to electronics, appliances, and
furniture. Costco stores are known for their large selection of products and their high-quality
private label brands, which are often sold at lower prices than comparable name-brand
products.
To shop at Costco, customers must purchase an annual membership, which grants them
access to the company’s warehouse stores and online store. Costco has a reputation for
excellent customer service and a generous return policy, which allows customers to return
most products at any time for a full refund.
14. Wish

Wish is an e-commerce platform that allows users to shop for a wide range of products at
discounted prices. The platform was launched in 2010 by Context Logic Inc. and has become
popular due to its low prices and a wide variety of products. Wish operates primarily through
a mobile app, which allows users to browse and purchase products from a wide range of
categories, including fashion, electronics, home goods, beauty products, and more.

15. Chewy

Chewy is an online retailer that specializes in pet supplies and food. It offers a wide range of
products, including dog food, cat litter, and toys. Chewy’s website is user-friendly and
provides a seamless shopping experience. It also offers auto-ship services, ensuring
customers never run out of their pet’s essentials.

14
 Introduction to Digital Payments

❖ Definition of Digital payment:

• Digital payments refer to the electronic transactions conducted over the internet or other
electronic devices. In contrast to traditional cash or check payments, digital payments rely on
various technologies to facilitate secure and efficient money transfers. This modern form of
financial transaction has become increasingly prevalent due to the widespread use of
smartphones, internet connectivity, and the growing digitization of financial services.

Components of Digital payment and Stake Holder

❖ Components of Digital payment:

1) Digital Wallets:
• Digital wallets, also known as e-wallets, store payment card information and other credentials
securely on a mobile device. Users can link their bank accounts, credit cards, or other payment
methods to these wallets, enabling seamless transactions through mobile apps.

2) Mobile Banking:
• Many financial institutions offer mobile banking apps that allow users to manage their accounts,
transfer funds, and make payments directly from their smartphones. Mobile banking has become
an integral part of digital payments, providing convenience and accessibility.

3) Online Banking:
• Traditional online banking allows users to access their accounts through web browsers. It enables
various online transactions such as bill payments, fund transfers, and online purchases. Security
measures like two-factor authentication help ensure the safety of these transactions.

4) Cryptocurrencies:
• Cryptocurrencies, like Bitcoin and Ethereum, operate on blockchain technology and offer a
decentralized and secure way to conduct digital transactions. While not as widely adopted for
everyday transactions, cryptocurrencies have gained popularity as an alternative form of digital
payment.

5) Contactless Payments:
• Contactless payment methods use near-field communication (NFC) technology to enable
transactions by simply tapping or waving a card, smartphone, or wearable device near a
compatible terminal. This method enhances the speed and convenience of payments.

6) Peer-to-Peer (P2P) Transfers:

• P2P payment platforms allow users to transfer funds directly to one another through mobile apps
or online platforms. Examples include Venmo, PayPal, and Cash App, which facilitate quick and
easy person-to-person transactions.
❖ Components of Stake Holder:
• Stakeholders in digital payments include various entities that are involved in the development,
regulation, facilitation, and usage of digital payment systems.
• Here are key stakeholders in the digital payments’ ecosystem:

15
1) Consumers:
• Consumers are the end-users who utilize digital payment methods for transactions. They can
include individuals, businesses, or organizations making payments, purchases, or transfers using
digital platforms and technologies.

2) Merchants:
• Merchants are businesses that accept digital payments for goods and services. They may use
point-of-sale (POS) terminals, e-commerce platforms, or other digital payment interfaces to
receive payments from customers.

3) Payment Service Providers (PSPs):

• PSPs are entities that offer services enabling digital payments. This category includes banks, non-
banking financial institutions, and fintech companies. PSPs provide the infrastructure, technology,
and connectivity that facilitate the transfer of funds between consumers and merchants.

4) Banks and Financial Institutions:

• Traditional banks and financial institutions play a crucial role in the digital payments’ ecosystem.
They provide the backbone infrastructure, security, and regulatory compliance for various digital
payment services.

5) Card Networks:
• Companies like Visa, MasterCard, American Express, and others operate card networks that
connect banks, merchants, and consumers. They facilitate card-based digital transactions,
ensuring interoperability and security.

6) Fintech Companies:
• Fintech (financial technology) companies innovate and develop technologies that enhance digital
payments. This includes mobile wallets, peer-to-peer payment apps, and other financial services
provided through technology-driven platforms.

7) Regulatory Bodies and Governments:

• Regulatory bodies and government agencies set the rules, regulations, and standards that govern
digital payments. They play a vital role in ensuring consumer protection, preventing fraud, and
maintaining the stability of the financial system.

8) Technology Providers:
• Companies providing technology solutions, including software, hardware, and security systems,
contribute to the development and maintenance of digital payment infrastructure. This includes
cybersecurity firms, software developers, and hardware manufacturers.

9) Mobile Network Operators:

• In regions where mobile payments are prevalent, mobile network operators play a significant role.
They enable mobile-based transactions and may provide services such as mobile banking and
mobile wallets.

10) International Organizations:

• Organizations like the International Monetary Fund (IMF) and the World Bank may influence or
support the development of digital payment infrastructure globally, fostering financial inclusion
and economic growth.

16
 11) Consumers' Advocacy Groups:
• These groups focus on representing the interests of consumers in the digital payment space. They
may work to ensure fair practices, privacy protection, and security in digital transactions.

12) Clearinghouses and Settlement Providers:

• Entities responsible for clearing and settling digital transactions. They ensure that funds are
transferred accurately between banks and financial institutions involved in a transaction.

Modes of Digital Payment

✓ Digital payments encompass a variety of modes that leverage electronic devices and online platforms
to facilitate financial transactions. Here are some common modes of digital payments

1) Banking Cards:
✓ Banking cards are the most widely used digital payment system in India. It offers a great set of features
that provides convenience as well as security to the users.
✓ Cards offer the flexibility of making other types of digital payments.
✓ Customers can store card information in the mobile application and pay for the services using the
stored card information.
✓ Banking cards (debit and credit cards) can be used for a variety of digital transactions like PoS
terminals, online transactions, as a payment medium in mobile apps, which provide any kind of
service like grocery, healthcare, rental cab booking, flight tickets, etc.
✓ The most popular cards are issued by service providers like VISA, MASTERCARD, RuPay, etc.

2) UPI (Unified Payment Interface):

✓ UPI is the latest digital payment standard where the user having a bank account can
transfer money to any other bank account using UPI based app. UPI enabled payments
occur throughout the day and all 365 days in a year.
✓ Payment can be done using a Virtual Payment Address (VPA). To use UPI services one
must have a bank account and a mobile number registered with that bank account.
✓ Unified Payments Interface (UPI) is a system that powers multiple bank accounts into a
single mobile application, merging several banking features, seamless fund routing &
merchant payments into one hood.
✓ It also caters to the “Peer to Peer” (P2P) collect request which can be scheduled and paid
as per requirement and convenience.

3) E-Wallets
✓ E-wallets are another popular payment option. Here the users can add money to their virtual wallet
using debit or credit cards and use the money added in the wallet to perform digital transactions.
✓ Some of the most popular mobile wallets are Paytm, Mobi Kwik, PhonePe, etc.
✓ An E-wallet needs to be linked with the individual’s bank account to make payments.
✓ E-wallet has mainly two components, software and information. The software component stores
personal information and provides security and encryption of the data.
✓ The information component is a database of details provided by the user which includes their name,
shipping address, payment method, amount to be paid, credit or debit card details, etc.

17
4) USSD (Unstructured Supplementary Service Data)
✓ USSD is another popular digital payment method. It can be used for carrying out cashless transactions
using mobile, without the need of installing any banking app.
✓ The good thing about USSD is that it works without the requirement of mobile data. The main aim of
this digital payment service is to include those sections of people of the society who are not included
in the mainstream.
✓ The striking feature of the USSD is that it can be availed in many languages
✓ *99# is a USSD based digital payment and banking service. Customers can avail this
service by dialling *99#, a “Common number across all Telecom Service Providers
(TSPs)” on their mobile phone and transact through an interactive menu displayed on the
mobile screen.
✓ *99# service is currently offered by almost all leading banks & all GSM service providers
and can be accessed in 13 different languages including Hindi & English.
✓ Key services offered under *99# service include:
• Interbank account to account fund transfer
• Balance enquiry
• Mini statement besides host of other services

5) AEPS (Aadhaar enabled payment system):

✓ AEPS can be used for all the following banking transactions such as balance enquiries,
cash withdrawal, cash deposit, Aadhaar to Aadhaar fund transfers. All such transactions
are carried out through a banking correspondent which is based on Aadhaar verification.
✓ AePS allows you to do six types of transactions, the inputs required for a customer to do
a transaction Bank Name, Aadhaar Number, Fingerprint captured during enrolment.
Banking Services Offered by AEPS
• Cash Deposit
• Cash Withdrawal
• Balance Enquiry
• Mini Statement
• Aadhaar to Aadhaar Fund Transfer
• Authentication
• BHIM Aadhaar Pay

Digital payments related common frauds and preventive

measures

❖ Digital payment related common frauds

✓ With the emergence of the internet, there is a significant rise in digital payments. Most of
the customers, across the globe, are probably online. More people are opting to shop
online for items like clothes, furniture, cosmetics, shoes, fast-food, etc. that typically would
have been purchased in-store.
✓ Digital payment fraud is any form of the fake or fraudulent transaction completed by a
hacker or cyber-criminal. With the advancement of technology, Cyber Crime is also
increasing.
✓ Identity theft – This is not a new thing, since it also happens outside cyberspace. Typically,
this type of fraud entails a cybercriminal stealing your personal information by spoofing
your system. In order to perform illegal online payment transactions, the hacker then uses
your data. Since the cybercriminal has all the essential details, they can bypass restrictions
and firewalls on fraud detection.

18
✓ Phishing – You would have come across numerous email subscriptions and websites that
persuade you to opt for updates and notifications. In most cases, these sources would ask
you to provide certain personal information, including your credit card details. If the email
is not from a reliable source, your data will be compromised and used to carry out fraud
e-commerce transactions. This is known as a phishing attack.

✓ Merchant Identity Fraud – This involves a fraudster that builds a platform quite similar to
that of the merchant account. The attacker then proceeds and imposes fake payments and
fees on stolen credit cards. This whole operation is carried out in a quick way before the
cardholders realize they are being cheated.

✓ Pagejacking – At times, e-commerce websites are hacked by criminals who direct the
customers to an unsecured network. This untrusted site can contain malware that can
break webpage security systems and steal the customer’s funds.

✓ Stock market fraud–With the advancement in technology and everything at our fingertips,
there has been a rise in stock market scams too. Unknowingly, the investors are exposed
to the immense risk of a criminal who uses their personal data and investment for illegal
trades, leaving investors at a loss.

❖ Preventive measures
✓ E-commerce firms have already begun to raise awareness regarding internet corrupt
practices. Even though it is difficult to eradicate cybercriminals entirely, you can take
certain measures to prevent internet fraud.
• Use a certified payment processor
• Be updated with recent trends in digital payment fraud
• Use tested antivirus software that runs regular checks
• Encrypt the transactions and emails containing confidential information
• Regularly change your login and passwords
• Regularly update network security systems
• Depending on the severity of the case, you can also seek legal opinion for guidance
and expert advice.

RBI guidelines on Digital Payments

❖ Security Measures:
✓ RBI emphasizes robust security measures to protect digital transactions from fraud and
unauthorized access.
✓ Guidelines often include multi-factor authentication, secure encryption, and periodic
security audits for payment service providers.
✓ Example: Implementation of multi-factor authentication, where a user needs to provide
two or more forms of identification, such as a password and a unique code sent to their
mobile device.

19
❖ Customer Protection:
✓ Guidelines focus on safeguarding the interests of digital payment users.
✓ Clear dispute resolution mechanisms are encouraged to address issues related to
unauthorized transactions and ensure timely resolution.
✓ Example: if a user reports a fraudulent transaction, the money should be refunded
promptly.

❖ Interoperability:
✓ RBI promotes interoperability among different digital payment systems to enhance the
ease of use for customers.
✓ This includes initiatives to facilitate seamless fund transfers across different payment
platforms.
✓ Example: Allowing users to transfer funds between different digital wallets or banks
without facing interoperability issues, enhancing the overall user experience

❖ KYC (Know Your Customer) Norms:

✓ RBI mandates strict adherence to KYC norms to verify the identity of users.
✓ Guidelines may specify the types and depth of information required for different
categories of users.
✓ Example: Requiring users to submit official documents like Aadhar card or PAN card
for verification before using certain digital payment services.

❖ AML (Anti-Money Laundering) and CFT (Combating the Financing of Terrorism):

✓ Stringent measures are in place to prevent digital payment platforms from being misused
for money laundering or terrorist financing
✓ Regular monitoring and reporting of suspicious transactions are expected.
✓ Example: Monitoring transactions for unusual patterns or high amounts and reporting
such activities to the authorities

❖ Data Privacy and Protection:

✓ Guidelines stress the importance of protecting the privacy of customer data.
✓ Payment service providers are often required to implement data encryption, storage,
and sharing practices in line with data protection regulations.
✓ Example: Implementing end-to-end encryption to ensure that sensitive information,
such as credit card details, is securely transmitted and stored.

❖ Innovation and Competition:

✓ While ensuring security, RBI encourages innovation and healthy competition in the digital
payments space.
✓ Guidelines may outline the process for the introduction of new technologies and services.
✓ Example: Allowing the introduction of new payment technologies like UPI (Unified
✓ Payments Interface) that facilitate instant fund transfers between banks, promoting
innovation in the payments landscape.

20
❖ Compliance and Reporting:
✓ Clear directives are given regarding the compliance requirements for payment service
providers.
✓ Reporting mechanisms are established to ensure that the RBI stays informed about the
state of the digital payment’s ecosystem.
✓ Example: Requiring companies to submit regular reports on their adherence to security
protocols and financial regulations to ensure a transparent and accountable digital
payments ecosystem

Customer protection in unauthorized banking transactions

❖ Immediate Reporting: Swiftly report any unauthorized transactions to your bank through
their designated channels, such as customer service hotlines or online portals.

❖ Providing Details: When reporting, furnish the bank with comprehensive information,
including the date, time, and amount of the unauthorized transaction. The more details
you provide, the better the bank can investigate.

❖ Bank's Dispute Resolution Process: Understand and adhere to your bank's specific dispute
resolution process. This may involve completing a dispute form or providing additional
documentation to support your claim.

❖ Regulatory Guidelines: Familiarize yourself with the regulations and guidelines set by
financial authorities in your region. These entities often have frameworks in place to
protect customers in case of unauthorized transactions.

❖ Two-Factor Authentication: Enable two-factor authentication for an additional layer of

security. This can provide an extra step to verify your identity during online
transactions.

❖ Educate Yourself: Stay informed about your bank's policies and procedures related to
unauthorized transactions. Be aware of any changes in these policies and update yourself
regularly.

❖ Consumer Rights: Understand your consumer rights in case of unauthorized

transactions. This knowledge will empower you to assert your rights and navigate the
resolution process effectively.

Relevant provisions of payment settlement Act,2007

✓ The Payment and Settlement Systems Act, 2007 is an Indian law that regulates payment
systems and facilitates the supervision of payment systems in the country. Some relevant
provisions include.

21
❖ Definition of Payment System: The Act defines a payment system and includes electronic
funds transfer, credit card operations, and other similar activities.
❖ Regulation of Payment Systems: The Act empowers the Reserve Bank of India (RBI) to
regulate and supervise payment systems in India.
❖ Licensing of Payment Systems: The Act establishes a framework for the licensing of
payment systems, ensuring that entities operating such systems comply with prescribed
standards and guidelines.
❖ Obligations of Payment System Operators: Payment system operators are mandated to
adhere to the prescribed standards of technology, security, and risk management. They
must also furnish information related to their operations to the RBI.
❖ Settlement Finality: The Act provides for the finality of settlement, meaning that once a
settlement is made, it is irrevocable and cannot be challenged.
❖ Offenses and Penalties: The Act specifies offenses related to payment and settlement
systems, along with corresponding penalties. Unauthorized operation of a payment
system and failure to comply with RBI regulations are examples of offenses.
❖ Consumer Protection: Provisions related to consumer protection are included to
safeguard the interests of users of payment systems.
❖ Powers of RBI: The Act outlines the various powers of the RBI in overseeing payment
and settlement systems, including issuing directives and conducting inspections

22