E Commerce

Module 3

The Geometry of Virtual Worlds &The Physiology of Human Vision

What is m-commerce?

M-commerce, also known as mobile commerce, is the buying and selling of goods and services via mobile
devices such as smartphones and tablets. Mobile commerce uses wireless networks and mobile apps for
conducting business is referred to as mobile commerce.

Consumers can shop, make transactions and access online services at any time and from any location,
providing unprecedented convenience and accessibility.

Mobile shopping apps like Amazon and eBay, mobile payment apps like PayPal and Apple Pay, food
delivery services like Uber Eats and mobile banking apps are a few examples of m-commerce. Mobile
ticketing, loyalty programmes via mobile wallets, in-app purchases in mobile games and mobile ordering
at restaurants are some other examples.

5 main types of m-commerce

1 - Mobile shopping

This is the most common type, in which customers use their smartphones or tablets to browse mobile-
friendly online stores, compare products and make purchases.

2 - Mobile banking

Customers can manage their accounts, transfer funds and conduct various financial transactions using
mobile banking apps.

3 - Mobile payments

Digital wallets, mobile payment apps and Near Field Communication (NFC) technology enable users to
make contactless payments in stores or online.

4 - Mobile ticketing

Tickets for events, airlines and films, among other things, can be purchased and stored on mobile devices
for easy access.

5 - Mobile coupons and loyalty programs

Mobile apps frequently provide discounts, vouchers and loyalty rewards, thereby improving the overall
shopping experience.

BBA IV SEMESTER
Prof. Hemalatha S Page 1
 E Commerce
Common benefits of mobile commerce

1. Convenience - m-commerce offers unrivalled convenience, allowing customers to shop on the go

and make purchases with a few taps on their devices

2. Personalisation - mobile apps can collect user data and make personalised recommendations,
tailoring the shopping experience to individual preferences

3. Increased sales and revenue - businesses that embrace m-commerce typically see an increase in
sales because mobile platforms attract a larger customer base

4. Enhanced customer engagement - push notifications, offers and real-time updates enable
businesses to engage with their customers via mobile apps

5. Geolocation targeting - businesses that have GPS capabilities can target customers with location-
specific promotions, increasing the chances of conversion

Disadvantages of mobile commerce

1. Security concerns - because mobile devices are vulnerable to security breaches and data theft,
secure transactions are critical

2. Limited screen size - the smaller screen size of mobile devices may make shopping for certain
products or services more difficult

3. Connectivity issues - poor network coverage can result in transaction failures and customer
annoyance

4. Compatibility - because mobile apps may not be compatible with all devices and operating
systems, the customer base may be limited

5. User experience - some mobile apps may have a steep learning curve or be riddled with bugs,
negatively impacting the overall user experience

Over time, content delivery through wireless devices has become faster, more secure and scalable. As a
result, mobile commerce has grown rapidly.

Examples of m-commerce include in-app purchasing; mobile banking virtual marketplace apps, such as
the Amazon mobile app; and digital wallets, such as Apple Pay, Google Pay and Samsung Wallet.

M-commerce vs. e-commerce

Electronic commerce, or e-commerce refers to buying and selling goods and services over the internet. E-
commerce and m-commerce are similar, but they come with a few distinctions from each other, such as
the following:

BBA IV SEMESTER
Prof. Hemalatha S Page 2
 E Commerce

S.No. E-commerce M-commerce

Electronic Commerce in short it is called as Mobile Commerce in short it is called as m-

01. e-commerce. commerce.

In general, e-commerce activities are M-commerce activities are performed with the
performed with the help of desktop help of mobile devices like smartphones, tablets,
02. computers and laptops. PDA’s (Personal Digital Assistant) etc.

03. E-commerce is an older concept. M-commerce is an newer concept.

It is broad term which refers doing shopping

and making payments online with help of
electronic devices like Laptop and It is subcategory of ecommerce which does the
04. computers. same this via mobile devices.

In e-commerce the use of internet is But in case of m-commerce some activities can
05. mandatory be performed without internet also.

E-commerce devices are not easy to carry

and portability point of view it is not so M-commerce devices are easy to carry and
06. good. portability point of view it is good.

07. E-commerce developed in 1970’s. M-commerce developed in 1990’s.

Its reachability is comparatively low than

the m-commerce as it is not so good in Its reachability is more than that of e-commerce
08. portability. only due to the use of mobile devices.

In m-commerce location tracking capabilities is

In e-commerce location tracking capabilities so good as mobile apps track and identify user
are limited due to the non-portability of locations with the help of GPS technology, Wi-Fi,
09. devices. and so on.

BBA IV SEMESTER
Prof. Hemalatha S Page 3
 E Commerce

In m-commerce push notification can be

10. E-commerce fails in push notification. achieved.

E-commerce is conducted using desktop or M-commerce is conducted using mobile devices

11. laptop computers. such as smartphones and tablets.

E-commerce typically requires a stable M-commerce allows consumers to shop and

12. internet connection and a computer. make purchases from anywhere

E-commerce transactions typically rely on M-commerce offers a wider range of payment

credit cards and other traditional payment options, including mobile wallets and contactless
13 methods. payments.

Examples of M-commerce includes mobile

Examples of E-commerce includes Amazon, banking like paytm, in-app purchasing Amazon
14. Flipkart, Quikr, Olx websites. mobile app.

Wireless communication or Wireless network

Before talking about wireless medium, we need to talk about the wired medium. Wired network is a
bounded medium where data travels over a path that a wire or cable takes. In modern era of advanced
and enormous no of devices, wired medium of communication imposes a restriction on fluent
communication. There are various problems with wired networks. Consider a situation, you want to
connect to 10 or more devices around you.

You need exact same no of ports to be able to connect to devices, but large no of ports seems to be
impractical but with wireless network, it can be easily done.

As the name suggests, wireless network eliminates needs to be tethered with wire or cable. Convenience
and Mobility becomes its main characteristics. Many different wireless devices can connect to network
easily and seamlessly. As wireless data travel through air, there must be some constraints within which
wireless communication takes place.

These are:

• All wireless devices must follow a common standard i.e., IEEE 802.11

• Wireless coverage must be there where devices are expected to use.

Note –

BBA IV SEMESTER
Prof. Hemalatha S Page 4
 E Commerce
• Wired network comes under IEEE standard 802.3

• wireless network comes under IEEE standard 802.11

IEEE stands for “Institute of Electrical and Electronics Engineers”, is an organization composed of
engineers that issues and manages standards for electrical and electronic devices.

Basics of Wireless Communication:

Wireless communication takes places over free space through RF (radio frequency), one device,
a Transmitter, sends signal to another device, a Receiver. Two devices (transmitter and receiver) must
use same frequency (or channel) to be able to communicate with each other. If a large number of wireless
devices communicate at same time, radio frequency can cause interference with each other. Interference
increases as no of devices increases.

BBA IV SEMESTER
Prof. Hemalatha S Page 5
 E Commerce

Wireless devices share airtime just like wired devices connect to shared media and share common
bandwidth. For effective use of media, all wireless devices operate in half duplex mode to avoid collision
or interference. Before the transmission begins, devices following IEEE 802.11 standard must check
whether channel is available and clear.

Cellular Network

A cellular network is a type of wireless network that is composed of a large number of interconnected
base stations or cell sites that provide coverage to a geographic area. These networks use a system of
interconnected cells to provide mobile communication over a wide area. Each cell is served by a base
station, which consists of a tower and antennas that send and receive radio signals to and from mobile
devices within that cell.

Cellular networks enable mobile communication by dividing a geographic region into small cells, which
are served by individual base stations. As a mobile device moves through the network, it is handed off
from one cell to another, allowing continuous communication without interruption. This handoff process
is seamless and ensures that the user can maintain a connection while on the move.

Cellular networks support various communication services, including voice calls, text messaging, and data
transmission. They are the foundation for mobile phone systems like 2G, 3G, 4G, and 5G, which have
evolved over the years to offer faster data speeds, lower latency, and improved network capacity. These
networks play a crucial role in enabling mobile communication and connectivity for billions of people
worldwide.

Cellular networks offer a number of desirable features:

• More capacity than a single large transmitter, since the same frequency can be used for multiple
links as long as they are in different cells

• Mobile devices use less power than with a single transmitter or satellite since the cell towers are
closer

• Larger coverage area than a single terrestrial transmitter, since additional cell towers can be
added indefinitely and are not limited by the horizon

BBA IV SEMESTER
Prof. Hemalatha S Page 6
 E Commerce
• Capability of utilizing higher frequency signals (and thus more available bandwidth / faster data
rates) that are not able to propagate at long distances

• With data compression and multiplexing, several video (including digital video) and audio
channels may travel through a higher frequency signal on a single wideband carrier

Wireless Spectrum

The wireless spectrum consists of electromagnetic radiation and frequency bands. Respective countries
have their own wireless spectra with ranges up to 300 GHz. The wireless spectrum frequencies used in
communication are regulated by national organizations, which specify which frequency ranges can be
used by whom and for which purpose.

• VLF (Very Low Frequency): 3 kHz to 30 kHz, used for submarine communication.
• LF (Low Frequency): 30 kHz to 300 kHz, used for navigational beacons and maritime
communication.
• MF (Medium Frequency): 300 kHz to 3 MHz, used for AM radio broadcasting and maritime
communications.
• HF (High Frequency): 3 MHz to 30 MHz, used for shortwave radio and aviation communication.
• VHF (Very High Frequency): 30 MHz to 300 MHz, used for FM radio, television broadcasts, and
two-way radio.
• UHF (Ultra High Frequency): 300 MHz to 3 GHz, used for television broadcasting, mobile phones,
and GPS.
• SHF (Super High Frequency): 3 GHz to 30 GHz, used for satellite communication and microwave
links.
• EHF (Extremely High Frequency): 30 GHz to 300 GHz, used for high-frequency microwave and
millimeter-wave communication.

Radio-channel and channel-frequency variation is quite complex because radio propagation

characteristics are a result of both man-made and natural factors. Government entities own frequency
channels, which are divided according to common frequency band characteristics and cause performance
breaks at different frequency levels, where only windows of continuity are available.

The radio frequency (RF) spectrum fuels all wireless communication — from your smartphone, to your
home WiFi. All forms of modern communication work by sending radio signals over invisible airwaves
called spectrum. Whether you recognize it or not, much of our daily lives revolve around the use of these
signals that are imperceptible to the human eye.

Wireless communication is made possible through a portion of the electromagnetic (EM) spectrum that
we call the RF spectrum. The RF spectrum is divided into frequency bands based on how they are used.
These bands make up a small portion of the EM spectrum, and other portions of the EM spectrum include
visible light, X-rays and more. Pictured below are the different frequency bands of the radio frequency
spectrum with some of their uses

BBA IV SEMESTER
Prof. Hemalatha S Page 7
 E Commerce
4 Main mobile commerce technologies

1. SMS

SMS, or text messaging, is familiar to everyone. It is the oldest mobile commerce technology, supporting
two-way interactive messaging. It is so easy to use that anyone can access it no matter what type of mobile
device they are using. With this mobile commerce technology, users will receive one-way push
notifications, such as news, alerts, offers, and other data. In addition, two-way interactive messaging is
also supported, allowing users to message call centers to look up personal information, such as bank
accounts.

2. USSD

USSD is a mobile commerce technology that is only popular in a few markets like parts of Africa, Europe,
Central America, Southeast Asia, and India. Similar to SMS, users appreciate USSD’s ubiquitous availability
and ease of use. It is accessible from almost any phone. However, what USSD does better than SMS is that
it is encrypted so that it can incorporate secure password or mobile PIN protection. Thus, the messages
that users send will not be stored on their mobile devices.

3. WAP/Mobile Web

It is suitable for users who do not use smartphones but still want to use mobile web access services.
Compared to the original WAP standards, WAP 2.0 is a step further, providing them much closer to a
desktop and laptop Web experience. It is a variation of HTML, which most smartphones are supporting
for their users to use. However, WAP does not have access to the features of users’ mobile phones like
every app does.

4. STK

STK stands for SIM Toolkit, which is used by appearing in the menus of mobile devices as a permanent
application through being stored on the Subscriber Identity Module (SIM) card. This mobile commerce
technology uses the SIM to receive requests from the application, then sends the information to give
commands to the mobile device. What makes STK so highly regarded also includes its security capabilities
in the form of identity verification and encryption, making it ideal for financial or mobile commerce
deployments.

Mobile commerce technology’s advantages

1. Increase customer retention

Similar to the purpose of eCommerce in general, mobile commerce technology was born to serve
customers, provide them with a better overall experience, thereby increasing customer retention for
businesses. Evenly, customers now no longer need a desktop computer. It is not only convenient but also
diverse in product types and competitive in price.

BBA IV SEMESTER
Prof. Hemalatha S Page 8
 E Commerce
2. Have good potential for revenue growth

The percentage of mobile commerce in eCommerce sales is increasing day by day and shows no sign of
stopping. Retailers are investing more in mobile commerce technology. Obviously, it’s a gold mine that
needs to be explored.

3. Provide a multi-channel experience

Mobile commerce technology allows businesses to advertise and sell products through multi- channel
easier than any other form. It is great for you to implement strategies to put your product on the website
and attract customers to visit it wherever they regularly spend their time.

4. Diversify payment options

The variety of payment options is also its advantage as it can help the customer’s purchase

process go faster. Specifically, about these options, we will explain more clearly below.

Generations of wireless communication

0th Generation:

• Pre-cell phone mobile telephony technology, such as radio telephones some had in cars before
the arrival of cell phones.

• Communication was possible through voice only.

• These mobile telephones were usually mounted in cars or trucks.

1G (1st Generation):

• First-time calling was introduced in mobile systems.

• It used analog signals.

• It used an FDD scheme and typically allocated a bandwidth of 25 Mhz.

• The coverage area was small.

• No roaming support between various operators.

• Low sound quality.

• Speed:- 2.4 kbps.

BBA IV SEMESTER
Prof. Hemalatha S Page 9
 E Commerce

2G (2nd Generation) :

• Shifted from analog to digital.

• It supported voice and SMS both.

• Supported all 4 sectors of the wireless industry namely Digital cellular, Mobile Data, PCS, WLAN,

• Moderate mobile data service.

• 2G WLAN provided a high data rate & large area coverage.

• Speed:- 64 kbps.

2.5G came after 2G which used the concept of GPRS. Streaming was also introduced and mail services
too. Then came 2.75G or EDGE which was faster in providing services than

2.5G. It gave faster internet speed up to 128kbps and also used edge connection.

3G (3rd Generation) :

• The Internet system was improved.

• Better system and capacity.

• Offers high-speed wireless internet.

• The connection used was UMTS and WCMA.

• Speed:- 2mbps.

4G (4th Generation) :

• IP-based protocols.

• LTE (Long term evaluation) was mainly for the internet.

• Vo-LTE (Voice over LTE) is for both voice and the internet.

• Freedom and flexibility to select any desired service with reasonable QoS.

• High usability.

• Supports multimedia service at a low transmission cost.

• HD Quality Streaming.

BBA IV SEMESTER
Prof. Hemalatha S Page 10
 E Commerce
• Speed: -100mbps.

5G (5th Generation): It is yet to come in many countries but here are some notable points about 5G.

• Higher data rates.

• Connectivity will be more fast and more secure,

• Data Latency will be reduced to a great level.

• Massive network capacity.

• It is 30 times faster than 4G.

• There would be more flexibility in the network.

4 Different Types of Mobile Security Threats

Mobile security threats are commonly thought of as a single, all-encompassing threat. But the truth is,
there are four different types of mobile security threats that organizations need to take steps to protect
themselves from:

•Mobile Application Security Threats. Application-based threats happen when people download apps that
look legitimate but actually skim data from their device.

Examples are spyware and malware that steal personal and business information without people realizing
it’s happening.

• Web-Based Mobile Security Threats. Web-based threats are subtle and tend to go unnoticed.
They happen when people visit affected sites that seem fine on the front- end but, in reality, automatically
download malicious content onto devices.

• Mobile Network Security Threats. Network-based threats are especially common and risky
because cybercriminals can steal unencrypted data while people use public WiFi networks.

• Mobile Device Security Threats. Physical threats to mobile devices most commonly refer to the
loss or theft of a device. Because hackers have direct access to the hardware where private data is stored,
this threat is especially dangerous to enterprises.

BBA IV SEMESTER
Prof. Hemalatha S Page 11
 E Commerce
Below are the most common examples of these threats, as well as steps organizations can take to protect
themselves from them.

1. Social Engineering

Social engineering attacks are when bad actors send fake emails (phishing attacks) or text messages
(smishing attacks) to your employees in an effort to trick them into handing over private information like
their passwords or downloading malware onto their devices.

Reports by cybersecurity firm Lookout and Verizon show a 37% increase in enterprise mobile phishing
attacks and that phishing attacks were the top cause of data breaches globally in 2020.

Phishing Attack Countermeasures

The best defense for phishing and other social engineering attacks is to teach employees how to spot
phishing emails and SMS messages that look suspicious and avoid falling prey to them altogether.
Reducing the number of people who have access to sensitive data or systems can also help protect your
organization against social engineering attacks because it reduces the number of access points attackers
have to gain access to critical systems or information.

2. Data Leakage via Malicious Apps

As Dave Jevans, CEO and CTO of Marble Security, explains, “Enterprises face a far greater threat from the
millions of generally available apps on their employees’ devices than from mobile malware.”

That’s because 85% of mobile apps today are largely unsecured. Tom Tovar, CEO of Appdome, says,
“Today, hackers can easily find an unprotected mobile app and use that unprotected app to design larger
attacks or steal data, digital wallets, backend details, and other juicy bits directly from the app.”

For example, when your employees visit Google Play or the App Store to download apps that look innocent
enough, the apps ask for a list of permissions before people are allowed to download them. These
permissions generally require some kind of access to files or folders on the mobile device, and most people
just glance at the list of permissions and agree without reviewing them in great detail.

However, this lack of scrutiny can leave devices and enterprises vulnerable. Even if the app works the way
it’s supposed to, it still has the potential to mine corporate data and send it to a third party, like a
competitor, and expose sensitive product or business information.

BBA IV SEMESTER
Prof. Hemalatha S Page 12
 E Commerce
How to Protect Against Data Leakage

The best way to protect your organization against data leakage through malicious or unsecured
applications is by using mobile application management (MAM) tools. These tools allow IT admins to
manage corporate apps (wipe or control access permissions) on their

employees’ devices without disrupting employees’ personal apps or data.

3. Unsecured Public WiFi

Public WiFi networks are generally less secure than private networks because there’s no way to know who
set the network up, how (or if) it’s secured with encryption, or who is currently accessing it or monitoring
it. And as more companies offer remote work options, the public WiFi networks your employees use to
access your servers (e.g., from coffee shops or cafes) could present a risk to your organization.

For example, cybercriminals often set up WiFi networks that look authentic but are actually a front to
capture data that passes through their system (a “man in the middle” attack). Here's what that looks like:

If this seems far-fetched, it isn’t. Creating fake WiFi hotspots in public spaces with network names that
look completely legit is incredibly simple, and people are very willing to connect, as shown by experiments
run at the Democratic and Republican conventions in 2016 and by an experiment run by a researcher in
2019 from Magic.

How to Reduce Risks Posed By Unsecured Public WiFi

The best way for you to protect your organization against threats over public WiFi networks is by requiring
employees to use a VPN to access company systems or files. This will ensure that their session stays private
and secure, even if they use a public network to access your systems.

4. End-to-End Encryption Gaps

An encryption gap is like a water pipe with a hole in it. While the point where the water enters (your users’
mobile devices) and the point where the water exits the pipe (your systems) might be secure, the hole in
the middle lets bad actors access the water flow in between.

Unencrypted public WiFi networks are one of the most common examples of an encryption gap (and it’s
why they’re a huge risk to organizations). Since the network isn’t secured, it leaves an opening in the
connection for cybercriminals to access the information your employees are sharing between their
devices and your systems.

BBA IV SEMESTER
Prof. Hemalatha S Page 13
 E Commerce
However, WiFi networks aren’t the only thing that poses a threat—any application or service that’s
unencrypted could potentially provide cybercriminals with access to sensitive company information. For
example, any unencrypted mobile messaging apps your employees use to discuss work information could
present an access point for a bad actor.

Solution: Ensure Everything is Encrypted

For any sensitive work information, end-to-end encryption is a must. This includes ensuring any service
providers you work with encrypt their services to prevent unauthorized access, as well as ensuring your
users’ devices and your systems are encrypted as well.

5. Internet of Things (IoT) Devices

The types of mobile devices that access your organization’s systems are branching out from mobile
phones and tablets to include wearable tech (like the Apple Watch) and physical devices (like Google
Home or Alexa). And since many of the latest IoT mobile devices have IP addresses, it means bad actors
can use them to gain access to your organizations’ network over the internet if those devices are
connected to your systems.

Statistically, there are probably more IoT devices connected to your networks than you realize. For
example, 78% of IT leaders from four different countries reported in a study by Infoblox that over 1,000
shadow IoT devices accessed their networks each day.

How to Combat Shadow IoT Threats

Mobile device management (MDM) tools can help you combat shadow IoT threats, as well as identity and
access management (IAM) tools like Auth0. However, IoT/Machine-to-Machine (M2M) security is still in a
bit of a “wild west” phase at the moment. So it’s up to each organization to put the appropriate technical
and policy regulations in place to ensure their systems are secure.

6. Spyware

Spyware is used to survey or collect data and is most commonly installed on a mobile device when users
click on a malicious advertisement (“malvertisement”) or through scams that trick users into downloading
it unintentionally.

Whether your employees have an iOS or Android device, their devices are targets ripe for data mining
with spyware—which could include your private corporate data if that device is connected to your
systems.

BBA IV SEMESTER
Prof. Hemalatha S Page 14
 E Commerce

How to Protect Against Spyware

Dedicated mobile security apps (like Google’s Play Protect) can help your employees detect and eliminate
spyware that might be installed on their devices and be used to access company data. Ensuring your
employees keep their device operating systems (and applications) up to date also helps ensure that their
devices and your data are protected against the latest spyware threats.

7. Poor Password Habits

A 2020 study by Balbix found that 99% of the people surveyed reused their passwords between work
accounts or between work and personal accounts. Unfortunately, the passwords that employees are
reusing are often weak as well.

For example, a 2019 study by Google found that 59% of the people they surveyed used a name or a
birthday in their password, and 24% admitted to using a password like one of these below:

These bad password habits present a threat to organizations whose employees use their personal devices
to access company systems. Since both personal and work accounts are accessible from the same device
with the same password, it simplifies the work a bad actor has to do in order to breach your systems.

However, these behaviors also provide opportunities for credential-based brute force cyberattacks like
credential stuffing or password spraying because cybercriminals can use weak or stolen credentials to
access sensitive data through company mobile apps.

How to Reduce or Eliminate Mobile Password Threats

The NIST Password Guidelines are widely regarded as the international standard for password best
practices. Following these guidelines—and insisting your employees do the same—will help protect you
against threats from weak or stolen passwords. Password managers can simplify the work required for
your employees to follow these guidelines.

Requiring your employees to use more than one authentication factor (multi-factor authentication or
MFA) to access mobile company applications will also help reduce the risk that a bad actor could gain
access to your systems since they’d need to verify their identity with additional authentication factors in
order to log in.

Finally, implementing password less authentication will help you eliminate password risks altogether. For
example, in the event that a mobile device is stolen or accessed illegally, requiring a facial scan as a primary
(or secondary) authentication factor could still prevent unauthorized access.

BBA IV SEMESTER
Prof. Hemalatha S Page 15
 E Commerce
8. Lost or Stolen Mobile Devices

Lost and stolen devices aren’t a new threat for organizations. But with more people working remotely in
public places like cafes or coffee shops and accessing your systems with a wider range of devices, lost and
stolen devices pose a growing risk to your organization.

How to Protect Against Lost or Stolen Device Threats

First and foremost, you’ll want to ensure employees know what steps to take if they lose their device.
Since most devices come with remote access to delete or transfer information, that should include asking
employees to make sure those services are activated.

9. Out of Date Operating Systems

Like other data security initiatives, mobile security requires continuous work to find and patch
vulnerabilities that bad actors use to gain unauthorized access to your systems and data.

Companies like Apple and Google address a lot of these vulnerabilities with operating system updates. For
example, in 2016, Apple realized it had three zero-day vulnerabilities that left its devices open for spyware
attacks and released a patch to protect users against these vulnerabilities.

However, these patches only protect your organization if your employees keep their devices up to date at
all times. And according to Verizon’s Mobile Security Index Report, operating system updates on 79% of
the mobile devices used by enterprises are left in the hands of employees.

E-business

E-business is short for “electronic business.” As an overarching term, it refers to any method of utilizing
digital information and communication technologies to support or streamline business processes – from
preparation to implementation. However, it can also refer more specifically to the business processes of
online stores or other internet-based companies.

These two slightly different interpretations of the term have led to a problem: a widely accepted, precise
definition of e-business does not yet exist. As a result, it’s interpreted broadly, and is commonly
misunderstood – mainly in relation to e-commerce. Although there is some overlap, e-commerce refers
to trading products and services online, and so is strictly only speaking of one aspect of e-business

HRIS stands for Human Resources Information System. The HRIS is a system that is used to

BBA IV SEMESTER
Prof. Hemalatha S Page 16
 E Commerce
collect and store data on an organization’s employees.

In most cases, an HRIS encompasses the basic functionalities needed for end-to-end Human Resources
Management (HRM). It is a system for recruitment, performance management, learning & development,
and more.

An HRIS is also known as HRIS software. This is a bit confusing as it implies that different systems can have
different software running on them. However, this is not the case. The HRIS is, in essence, an HR software
package.

The HRIS can either run on the company’s own technical infrastructure, or, more common nowadays, be
cloud-based. This means that the HR software is running outside of the company’s premises, making it
much easier to update.

Other commonly used names are HRIS system and HRMS, or Human Resources Management system.
These are all different words for the same thing. Collectively, these systems are also called Human Capital
Management systems, or HCM. In this article, we will use the terms HRIS and HRIS systems
interchangeably.

The 16 most common HRMS modules

HRMS module 1: HR database

Not so much a feature as a foundation for all the rest, an HRMS stores your employee records. This can
be as basic as name, address, telephone number, and job role, right up to a complete work record,
including performance management assessments and training undertaken.

This may be the most straightforward feature of your HRMS but in a sense, it’s also the most critical in
that it stores personal information (possibly including bank details for payroll purposes) and the question
of the system’s data security is fundamental.

HRMS module 2: Recruitment

A recruitment module should handle all your internal form-filling and authorization processes; allow
managers +/or HR to post advertisements and supporting documentation online, and offer applicant
tracking, and even initial sifting. There may also be functionality to build talent pools which can then be
‘trawled’ for suitable candidates when a vacancy becomes available.

Of all HR technology, recruitment modules have embraced social media to the greatest extent – for
example, compatibility with LinkedIn and other platforms is increasingly found as standard – and social
capabilities are a key topic when questioning vendors.

HRMS module 3: Onboarding

Once you have your new hires, they need to be guided through your

BBA IV SEMESTER
Prof. Hemalatha S Page 17
 E Commerce
organization’s onboarding and induction procedures. This process can benefit from automation,
significantly reducing the burden on both managers and the HR team: newnrecruits can be ‘introduced’
to the necessary people and to the organization itself; there may be automatic notifications to relevant
departments for issues such as building access, user accounts, security passes, etc.

In an ideal system, the onboarding functions also interface with the performance and talent management
modules.

Common onboarding module features include:

• Pre-first day preparation

• Easy (and paperless) set up of accurate employee records

• Provision of essential information about the company and key personnel

• Gamified learning

• Automatic scheduling of essential meetings

• Compliance with legislative mandates

• Goal-setting as a basis for the probationary period

HRMS module 4: Performance management

Automating the appraisal process, recording and tracking objectives and targets, this module should
incorporate your competence framework, job standards, and/or other relevant systems.

Common performance management module features include:

• Setting and managing personal performance goals

• Links to a competency framework

• Scheduling of appraisal and review meetings

• 360 performance feedback

• ‘In the moment’ feedback tools

• Big Data gathering for a broader picture of individual performance

• Links to talent management and succession planning functions

BBA IV SEMESTER
Prof. Hemalatha S Page 18
 E Commerce
HRMS module 5: Benefits administration

Benefits management is all about providing timely information and aiding employees to make the right
choice for their circumstances. This module should manage and monitor employee benefits, healthcare,
pension/welfare packages, tracking enrolment options, and any financial implications.

Common benefits administration module features include:

• Online open enrolment

• Automated communication of enrolment options and information

• Plan comparison tool to aid employee choices, including costs and contribution breakdowns

• Automatic event management of the benefits life cycle

• Legislative compliance for your territory

HRMS module 6: Workforce management

Primarily a scheduling function, this module should link closely to (and is often combined with) time and
attendance and leave management. Similarly, real-time functionality may involve linkages to other
business intelligence systems such as ERP and CRM to match workforce deployment to shifting needs.

Common workforce management module features include:

• Scheduling and shift management

• Workflow monitoring

• Management dashboard with real-time data and metrics

HRMS module 7: Time and attendance

Alongside payroll, this is probably one of the longest-standing automated HR functions: the time clock.
These days, such systems often incorporate biometric identification to avoid ‘buddy punching’ practices
and will link directly to (or be an integral part of) the workforce management module, with information
links to your payroll and accounting software.

Common time and attendance module features include:

• Employment attendance tracking

• Time clock management

• Biometric systems

• Functionality for remote and mobile workers

BBA IV SEMESTER
Prof. Hemalatha S Page 19
 E Commerce
• Legislative compliance (e.g. minimum mandated rest breaks)

HRMS module 8: Absence and leave management

Again, often linked to the time and attendance and workforce management functions, your leave
management module is an automated way to allocate, book, approve, track and monitor any absence
from the workplace. It may be for vacations, compassionate reasons, illness, parental leave, or even jury
duty. Request and approval processes should be streamlined and the outcomes incorporated into team
calendars where appropriate.

Common absence and leave management module features include:

• Self-service leave requests

• Integration with workforce management (scheduling) and time and attendance functions

• ‘Account management’, tracking accrued vacation time and usage.

• Metrics and analytics, including absence levels and trends

HRMS module 9: Learning and development

Often using the outcomes of the performance management process as a starting point, this module may
produce individual training plans for staff, deal with bookings (for training courses and other learning
options), and manage the follow-on evaluation and feedback process, while tracking training expenditure
against budget allocations.

HRMS module 10: Talent management

Focusing on identifying individuals with potential, this module should assist with setting up talent
pipelines to ensure your organization avoids critical skills and experience shortages that might impact
performance. Links to recruitment, learning and development, and performance management should be
seamless.

Common talent management module features include:

• Alignment with organizational strategic business goals

• Identification of career paths and individual career planning

• Integration with key recruitment campaigns

• Reward benchmarking (internal and external)

HRMS module 11: Succession planning

BBA IV SEMESTER
Prof. Hemalatha S Page 20
 E Commerce
Linked to talent management, succession planning is all about having a structured process to put the right
employees into specific career paths leading to specific job roles and positions. The goal is to ensure that
your business-critical roles and responsibilities are always filled.

Essentially, you’re futureproofing the workforce and the right HRMS can further that goal.

HRMS module 12: HR analytics

Often incorporated as functions within other modules, HR analytics provide reporting capabilities
(frequently in the form of libraries of HR metrics and benchmarks) assessing and analysing the data
gathered and stored with the HRMS (and other business systems) to provide strategic and predictive
insights that can be used to guide the business strategy of the organization.

HRMS module 13: Payroll

A basic payroll function will calculate and pay salaries for each employee, withhold the appropriate taxes
and deductions, and organize either the printing and delivery of paychecks or payment via direct deposit
into employee bank accounts.

Traditionally, automated payroll was usually handled by a separate, dedicated piece of software.
However, it’s increasingly common to see payroll functionality bundled up in your HRMS.

A clear benefit is that the essential employee data necessary when running your payroll is probably
already stored by the HRMS (personal identification, banking details, a record of hours worked, etc.) Other
benefits of HRMS-based payroll are data security and accuracy, less likelihood of errors, legislative
compliance, and having all your people- related automation accessible via a single portal or access point.

HRMS module 14: Employee wellness

Over the last few years, employee wellness has become an increasing priority for many organizations and
their HR departments; arguably all the more so in light of a global pandemic. What this means is wellness
and fitness programs, information initiatives, and incentivizing health practices such as exercise and a
better diet. After all, a healthier workforce is present and much more likely to be operating efficiently and
productively.

An HRMS can be used to manage and track engagement with such initiatives, set wellness goals, and
disseminate key information and health prompts. There’s also the option of implementing wellness-
related rewards and benefits as part of your overall compensation package.

HRMS module 15: Multi-territory workforce management

Consistency is important in HR in terms of policies, systems, processes, and how they are applied across
the workforce. This becomes a more complicated proposition when your organization is spread across
multiple countries or territories. Every time you cross a border, the employment legislation and
regulations change. Maybe not to a great degree, but there is change, even if only in payroll management
terms.

BBA IV SEMESTER
Prof. Hemalatha S Page 21
 E Commerce
If all your employees are tidily homed within a single set of national boundaries, you can skip this section.
But with the increase in home and remote working and virtual teams, more and more businesses have
multinational workforces.

Unless you want a separate HRMS for each territory (which would undermine the most essential
advantage of using an HRMS in the first place!) you need a system that can handle multiple tax regimes,
varying labor regulations (e.g. differences in working hours limits) and differences in compliance reporting
requirements.

HRMS module 16: Employee self-service

On a final note, not so much a distinct module as an underpinning (and essential) feature, these days no
HRMS is complete without employee self-service. In fact, it’s pretty much a must-have if you want the
impact and benefits of your HRMS to go any further than the HR department and boardroom.

It may be as simple as each employee being able to submit requests for paid time off. Or go as far as a full
HR portal with an individualized dashboard for each worker, giving them access to a variety of HR services,
from selecting benefits options to booking (and virtually attending) the latest training and development.

BBA IV SEMESTER
Prof. Hemalatha S Page 22