UNIT 4

Electronic Payment System

Electronic Payment System (e-Payment) is a type of payment
conducted via electronic or online mediums. Online payment
systems eliminate the need for cash or cheque payments. It
is a unique payment method that allows you to conduct
online transactions via digital wallets, bank cards and
internet banking systems.
An e-commerce or electronic payment system enables
transactions over an electronic mode of payment without the
involvement of physical money or cheques at the time of
transaction. Electronic payment techniques are used by e-
commerce enterprises to collect payment for their products
and services. The procedure of conducting business online
has been dramatically changed by the e-commerce payment
systems which have made it simple for both businesses and
customers.

Special features required in payment

systems:-
Flexibility:-Payment systems should be in a position to
accept several forms of payment rather than limiting the
users to a single form of currency.
Trust:-Trust refers to the degree of customers confidence
that their money and personal information will be safe, and
that all parties involved will not act against users’ interests.
Users need to trust that payments will be bot be stolen or
misused.

Traceability:-Traceability indicates how easy it is to trace

money flows and sources of funds that are going through a
payment system and used for purchases. In electronic
payment systems, money can be traced by records that are
kept of payment activity.

Authorization type :- Authorization type is defined as

the form of control over the validity of transactions. The
authorization type can be offline. Offline authorization
means that users of the system can exchange money while
not connected to a network, without a third party mediating
the transaction. Paper cheques are the example of offline
authorization.

Applicability :- Applicability of a payment system is defined

as the extent to which it is accepted for payments at points
of sale, or at online e-commerce sites.
Debit cards and credit cards have high applicability, as one
can pay with them in a variety of places. The applicability of a
payment system may vary from country to country.
Privacy :- This characteristic refers to the desire of users to
protect their privacy, identity and personal information. In
some transactions, the identities of the parties could be
protected by anonym it.

Types of e-payment system:-

E-cash
Electronic cash (also called e-cash or digital-cash) is an
electronic representation of the available money assigned to
someone (a person or a company).Money that is exchanged
electronically over computer or telecommunications
networks.
Digital cash is a system of purchasing cash credits, storing the
credits in your computer or digital wallet, and then spending
them when making electronic purchases over the internet or
in person on a mobile device at the point of sale.
Digital cash allows individuals to make online transactions
using digital currency. It is designed to be a convenient and
secure alternative to traditional payment methods, such as
credit cards or cash.

E-cheques
E-cheques are cheques that are written and processed
electronically. This means that the funds are transferred from
the payer's account to the payee's account through an
electronic network instead of a physical cheque. These
cheques are also known as “digital cheques” or “electronic
cheques”.
The only difference between writing a regular cheque and
writing an e-cheque is that with an e-cheque, you don’t need
to write “Pay to the order of” followed by the name of the
person or company to which you’re sending payment. The
name of the payee is automatically included in the e-cheque
information.

 Faster: E-cheques are processed faster than traditional

paper cheques. This is because there is no need to wait
for the cheque to be physically delivered to the payee.
 More Secure: E-cheques are more secure than
traditional paper cheques because they are processed
through an electronic network. This means that there is
less chance for them to be lost or stolen.
 Easier to Track: E-cheques can be easily tracked
through online banking systems. This makes it easy to
see where the funds are going and who they are being
transferred to.
 Reduces Paper Waste: E-cheques reduce paper
waste because they do not require the use of physical
cheque stock. This means that fewer trees need to be
chopped down in order to produce paper cheques.
  Saves Time and Money: E-cheques save time and
money because they eliminate the need for manual
processing. This means that there is less chance for
human error and that the funds will be transferred more
quickly.

Credit Card
A credit card is a type of credit facility, provided by banks
that allow customers to borrow funds within a pre-approved
credit limit. It enables customers to make purchase
transactions on goods and services. The credit card limit is
determined by the credit card issuer based on factors such as
income and credit score, which also decides the credit limit
The credit card information includes credit card number,
cardholder’s name, expiration date, signature, CVC code, etc.
The best part about a credit card is that it is not linked to a
bank account. So, whenever you swipe your credit card, the
amount is deducted from your credit card limit, not your
bank account. You can use it to pay for food, clothes, take
care of medical expenses, travel expenses, and other lifestyle
products and emergency services.

Smart card
A smart card is a plastic card that contains a microprocessor
and a memory chip or just a memory chip. The
microprocessor card has the ability to add, delete and
manipulate information on the card. A memory-chip card,
such as a phone card, can only add information.

Smart cards can provide personal identification,

authentication, data storage, and application processing.
Applications include identification, financial, public transit,
computer security, schools, and healthcare. Smart cards may
provide strong security authentication for single sign-on
(SSO) within organizations.

smart card examples - ATM cards (debit and credit cards)

ID cards, Passports.

Electronic purse
Electronic purse - it is a mechanism that allows end users to
pay electronically for goods and services. The functions of the
electronic purse is to maintain a pool of value that is
incrementally reduced as transaction performed.
Electronic purse is an electronic system e-commerce, based
on smart card. Electronic purse must ensure the security of
each transaction
Examples of Electronic purse - Apple Pay, Samsung Pay,
Google Pay

E-billing
Electronic billing or e-billing is the process by which bills are
sent and paid electronically. This process enables customers
to receive bills via email, web portal, or even in machine-
readable data formats, facilitating more efficient delivery and
payment.
E-billing is a process used by accounts receivable staff to
invoice customers and receive payments electronically.
Customers can access their e-bills on the company's website,
or the e-bill can be delivered via an email attached with an
electronic document, such as a PDF or XML file.
Any information that appears on a traditional printed invoice
will be on an e-bill. That includes the date the bill was issued,
the amount owed, the date payment is due, the goods or
services that were provided and payment terms. An e-bill
often contains a clickable link to a payment portal, where the
customer can pay electronically using their bank account or
credit card information. E-bills make payment easier and
more convenient for customers, which in turn may result in
faster payment and increased customer satisfaction.

E-MARKETING
E-marketing is a process of planning and executing the
conception, distribution, promotion, and pricing of products
and services in a computerized, networked environment,
such as the Internet and the World Wide Web, to facilitate
exchange and satisfy customer demands. It has two distinct
advantages over traditional marketing. E-marketing provides
customers with more convenience and more competitive
prices, and it enables businesses to reduce operational costs.
As businesses offer e-marketing and online shopping,
customers can get market information from their computers
or cell phones and buy goods or find services without leaving
home twenty-four hours a day and seven days a week (24/7).
They can read ads on the Web or from e-mail, get e-coupons,
view pictures of goods, compare prices, and make purchases
with a few clicks of their mouse, saving the time and money
it would take to shop in person at a brick-and-mortar store.
At the same time, e-businesses can reduce costs in
distribution channels and physical store space and thus pass
the savings on to customers.
E- Customer Relationship Management
An E-CRM (electronic customer relationship management)
platform is a virtual program that lets you store all customer
data in one digital database, giving you better insights to
hone your sales and marketing strategies.
Electronic customer relationship management (E-CRM) is the
application of Internet-based technologies such as emails,
websites, chat rooms, forums and other channels to achieve
CRM objectives.
An effective E-CRM increases the efficiency of the processes
as well as improves the interactions with customers and
enables businesses to customize products and services that
meet the customers’ individual needs.
Electronic customer relationship management is motivated
by easy Internet access through various platforms and
devices such as laptops, mobile devices, desktop PCs and TV
sets. It is not software, however, but rather the utilization of
Web-based technologies to interact, understand and ensure
customer satisfaction.
An effective E-CRM system tracks a customer’s history
through multiple channels in real time, creates and maintains
an analytical database, and optimizes a customer’s relation in
the three aspects of attraction, expansion and maintenance.

The benefits of E-CRM include the following:

the customers’ behaviour with suitable offers

Increased business revenue

E-Supply Chain Management.

E-Supply Chain Management (E-SCM) is the use of digital
technologies to optimize and manage the various activities
involved in a supply chain. This includes everything from
sourcing raw materials to delivering finished products to
customers.
E-SCM utilizes electronic communication and data sharing
between different supply chain partners, such as suppliers,
manufacturers, distributors, and retailers. By leveraging
digital technologies such as cloud computing, big data
analytics, and the internet of things (IOT), E-SCM enables
real-time visibility and collaboration across the supply chain,
improving efficiency, reducing costs, and increasing customer
satisfaction.
-SCM integrates and manages business processes
through its various components.

Advanced Scheduling and Manufacturing

Planning
e-SCM provides the details of manufacturing and supply
processes based on individual customer orders. An
organization can use this information to analyze constraints
throughout a process, such as equipment malfunction and
supply interruptions. The organization can then use this
analysis of constraints to plan advanced scheduling of various
processes. Scheduling helps in managing the manufacturing
process as well as logistics. Demand Forecasting e-SCM
includes a wide variety of statistical tools and business
forecasting techniques. Organizations can use these tools and
techniques to forecast raw materials, labor, capital, and
logistics that will be required to meet any sudden increase in
product demand.

Transportation Planning
e-SCM facilitates the allocation of resources to ensure that
raw materials and finished goods are delivered to the right
people at the right time and in the right place. It ensures that
processes are in line with the planning schedule. It also helps
in comparing various transportation modes available, such as
railways, trucks, and airlines along with their availability. This
will help the organizations in finding the most appropriate
mode of transport for delivering raw materials and products.

Distribution Planning
An organization needs to distribute finished products in
inventories to retailers, wholesalers, and customers as per
the requested orders. e-SCM helps in distribution planning by
integrating various distribution channels, product inventory,
and logistics with demand forecasting, production
scheduling, and transportation planning. This will enable the
organization to distribute the right products through the
right distribution channels on time.

Order Commitment
e-SCM enables organizations to precisely estimate the
delivery dates of suppliers through a comprehensive demand
fulfillment cycle. The organizations can interconnect order
commitment with the rest of the supply chain departments
to ensure accurate delivery of goods and services.

Security issues to E-
commerce:-
The people who buy goods that are the retailers from e-
commerce sites face security problems and lose their money
and data every year. The retailers are aware of the security
threats and the ways to control them depending on the
threat as given below,

 Data steal
The main motive for the hackers is to steal the personal
data of the customers who have logged in or using
particular e-commerce sites. The data is then sold in the
black market for money.
So, e-commerce sites should assure the safety of
customers from any threats.

 Scam
The Attackers send an email or message using the logo and
information like a legitimate site, to reroute the users to
provide some personal information. It is also possible the
virus enters the system via this email using any link.

 Malware Attack
The most common security threat is the malware, virus,
Trojan horse, and ransom attack. Through any unwanted
message or link, the hacker enters the system and installs the
malware in the main system, and transfers all the data to
their site or corrupts the sensitive data.

 Product Return
The Hackers will imitate the customers and pretend to
believe that the product is returned and so the money is
transferred. Some fraudulent request a refund for the good
which not bought. The stolen debit or credit cards will be
used to buy goods and after some time will file a request that
the card is stolen and return the payment.

 Man-in-middle Attack
The hacker places themselves between the user and the e-
commerce site which makes the new connection for the theft
of information and also tracks the user’s activity.

 Bad bots
The bots are an autonomous program that helps to interact
with other systems. So, the hackers send a malicious bot into
the e-commerce website cart page and make the customer
pay ten times the amount.

 Conclusion
The mentioned e-commerce security risks may be
frightening, but there are ways to stop them from affecting
the e-commerce marketplace. While some require
specialized software, others can be implemented with no
additional effort. Beyond safeguarding the online store, the
customers will appreciate that their personal information and
data are kept private.

Types of Threats (risk) in E- Commerce:-

E-commerce attacks can come in many forms that can
interrupt your ecommerce platform and your customers’
accounts and data. Earning the trust of your customers
requires a consistent (regular, constant) awareness of the
new types of fraud and cyber attacks to help you ensure that
solutions are in place across your sales funnel.

1. Financial fraud
Financial fraud takes various types. It involves hackers
gaining access to your customer's personal information or
payment information, then selling that information on the
black market. It also involves fraudsters
using stolen credit card information to make illegal purchases
from your e-commerce store

2. Phishing
A fraud SMS, social media message, voice mail, or other
message asks the receiver to update their account details,
change their password, or tell them their account has been
close. The message includes a link used to steal the victim's
personal information.
Customers are the target in a phishing scam, where a
fraudster sends messages or emails to you with the goal of
obtaining their private information. These messages may
contain logos, URLs, and other information that appears to
be legal, but those are illegal. They'll ask customers to verify
their account by logging in and then use the information to
steal personal data.

3. Spamming
Spamming is the activity of sending advertisement messages
by email to people who do not want to receive them.
Spamming is the use of messaging systems to send multiple
spam messages to large numbers of user for the purpose of
commercial advertising, or repeatedly sending the same
message to the same user.
In an attempt to obtain personal information—or to affect
your website's performance—spammers may leave infected
links in their comments or messages on your website, such as
on blog posts or contact forms. If you click on the links, they
can take you to a spam website that exposes you to malware.

4. Malware
Malware attacks are any type of malicious software designed
to cause harm or damage to a computer, server, client or
computer network and/or infrastructure without end-user
knowledge.
Malware refers to malicious programs such as spyware,
viruses, trojan horses, and ransomware. Hackers install it on
your computer system and spread it to your customers and
administrators, where it might swipe sensitive data on their
systems and from your website.

5. Bad bots
People are generally aware that bots are all over the
Internet, obtaining information about our habits and
behaviours. Your competition, however, could use bots to
gather information about your inventory and prices. They
then use that information to change their prices. Or hackers
can send malicious bots to e- commerce checkout pages to
buy large amounts of a product and scalp it for up to 10
times the list price.

6. Distributed denial of service (DDoS) attacks

Distributed denial of service attacks happens when your
servers receive an overwhelming amount of requests from
various IP addresses—usually untraceable—that cause your
server to crash. That means your e- commerce store isn't
available to visitors, which interrupts your sales.

7. Fake return and refund fraud

Fraudsters can obtain money from you by committing fake
returns and refund fraud in many ways. Some use a stolen
credit card to purchase merchandise, then claim that the
card is closed and request a refund to another card. Others
use counterfeit receipts to request refunds for items they
haven't purchased.

8. Man-in-the-middle attacks
With technology evolving, so are hackers' schemes. Man-in-
the-middle attacks allow the hacker to listen in on the
communications of e-commerce website users. These users
are tricked into using a public wireless network, enabling
hackers to access their devices and see their browsing
history. They can also access credit card information,
passwords, and usernames.

Security tools and risk management approach:-

Security is of utmost importance in the world of e-
commerce. Protecting your customers’ data and
ensuring their transactions are secure is essential. Investing
in cyber security also guarantees that your business complies
with the latest regulations.
You must have the right security tools to manage and protect
consumer data. Here are some of the must-have security
tools for any e-commerce business:

1) Antivirus Software
Antivirus software scans your system for malicious software
and blocks any threats. Once it detects a threat, it will alert
you and take the necessary steps to remove it.
It’s essential to have an antivirus installed on all computers
used in the business and on any mobile devices that access
the network. This is because malicious software can spread
quickly, and you don’t want to risk your customers’ data.
When choosing antivirus software, you must ensure that it is
up-to-date and provides the latest protection. Software
developers add more layers of security when they update
their software, so remember to keep up with the latest
versions.

2) Firewalls
Firewalls are another essential security tool for any e-
commerce business. They act as a barrier between your
network and the outside world, blocking malicious traffic
from entering your system. Firewalls can be either hardware
or software, but the ideal configuration is to have both. This
will ensure maximum protection for your network and
customers’ data.
This type of security tool is also helpful for allowing remote
access to a private network through secure authentication
certificates. Many businesses use this type of access to
manage their networks remotely.

3) Encryption Software
Encryption software protects sensitive data, such as credit
card numbers and passwords. It works by scrambling the
data so that it cannot be read or understood by anyone who
does not have the encryption key. This ensures that even if
someone were to gain access to your system, they would not
be able to read the data.
Encryption software is also useful for protecting data in
transit, such as when it is sent over the Internet. This ensures
that the data remains secure even when it is being
transmitted from one computer to another.
When choosing encryption software, make sure that it meets
the latest security standards and provides strong encryption
algorithms. You should also ensure that the software is
regularly updated with new features and security patches.

4) Biometrics
Another tech trend in the world of cyber security is
biometrics. Biometrics uses a person’s physical
characteristics to verify their identity and authenticity. These
include your eyes, voice, or behavioral characteristics.
Biometric data is perhaps one of the most reliable ways to
confirm a person’s legitimacy since it can’t be replicated or
forged easily.
Biometric authentication systems are becoming more
popular in e-commerce. You can use this system to verify the
identity of customers and employees and protect sensitive
data. Common biometric authentication systems include
fingerprint scanners, iris scanners, and facial recognition
software.

5) Access Management
When handling sensitive data, it’s important to have a system
that controls who has access to it. Access management works
by assigning roles and privileges to each user. This allows you
to control who can view, modify, or delete data. It also helps
to ensure that only authorized personnel have access to
sensitive information.
As a result, you may want to consider implementing an
access management system for your e-commerce business.
This will help you protect your data and ensure that only
authorized personnel can access it.

6) Digital Certificates
Digital certificates are another important security tool for any
e-commerce business. They are used to verify the identity of
a website or server and ensure that the data is secure. When
customers visit your website, they can check the digital
certificate to make sure that it is valid and that their data is
secure.
Digital certificates utilize Public Key Infrastructure (PKI),
which enables secure e-commerce and Internet-based
communication. They’re issued by a Certificate Authority (CA)
and contain information about the owner, such as their
name, address, and public key. This information is used to
verify the owner’s identity for secure communication.7

7) Secure Payment Processors

Lastly, you must also ensure that your payment processor is
secure. Payment processors are responsible for processing
customer payments and transferring funds to the merchant.
As such, they must be secure and reliable.
Look for payment processors that use strong encryption
algorithms and have a good reputation in the industry. You
should also ensure that they comply with the latest security
standards, such as PCI DSS (Payment Card Industry Data
Security Standard). Additionally, with the rise of
cryptocurrency, you may want to consider accepting
payments in digital currencies such as Bitcoin.
Cyber law
Cyber Law also called IT Law is the law regarding Information-
technology including computers and the internet. It is related
to legal informatics and supervises the digital circulation of
information, software, information security, and e-
commerce.
IT law does not consist of a separate area of law rather it
encloses aspects of contract, intellectual property, privacy,
and data protection laws. Intellectual property is a key
element of IT law. The area of software license is
controversial and still evolving in Europe and elsewhere.

Area of Cyber Law:

Cyber laws contain different types of purposes. Some laws
create rules for how individuals and companies may use
computers and the internet while some laws protect people
from becoming the victims of crime through unscrupulous
activite on the internet. The major areas of cyber law include:

1. Fraud:
Consumers depend on cyber laws to protect them from
online fraud. Laws are made to prevent identity theft, credit
card theft, and other financial crimes that happen online. A
person who commits identity theft may face confederate or
state criminal charges. They might also encounter a civil
action brought by a victim. Cyber lawyers work to both
defend and prosecute against allegations of fraud using the
internet.

2. Copyright:
The internet has made copyright violations easier. In the
early days of online communication, copyright violations
were too easy. Both companies and individuals need lawyers
to bring an action to impose copyright protections. Copyright
violation is an area of cyber law that protects the rights of
individuals and companies to profit from their creative
works.

3. Defamation:
Several personnel uses the internet to speak their mind.
When people use the internet to say things that are not true,
it can cross the line into defamation. Defamation laws are
civil laws that save individuals from fake public statements
that can harm a business or someone’s reputation. When
people use the internet to make statements that violate civil
laws, that is called Defamation law.

4. Harassment and Stalking:

Sometimes online statements can violate criminal laws that
forbid harassment and stalking. When a person makes
threatening statements again and again about someone else
online, there is a violation of both civil and criminal laws.

5. Freedom of Speech:
Freedom of speech is an important area of cyber law. Even
though cyber laws forbid certain behaviours online, freedom
of speech laws also allows people to speak their minds. Cyber
lawyers must advise their clients on the limits of free speech
including laws that prohibit obscenity

6. Trade Secrets:
Companies doing business online often depend on cyber laws
to protect their trade secrets. For example, Google and other
online search engines spend lots of time developing the
algorithms that produce search results. They also spend a
great deal of time developing other features like maps,
intelligent assistance, and flight search services to name a
few. Cyber laws help these companies to take legal action as
necessary to protect their trade secrets.

7. Contracts and Employment Law:

Every time you click a button that says you agree to the
terms and conditions of using a website, you have used cyber
law. There are terms and conditions for every website that
are somehow related to privacy concerns.

Business ethics
There are about 12 ethical principles: honesty, fairness,
leadership, integrity, compassion, respect, responsibility,
loyalty, law-abiding, transparency, and environmental
concerns.