Types of Business or E
advertisement
Page 1 E-Business (MBA-218) Business Business can be defined as the organized effort of individuals to produce and sell for a profit, products and services that satisfy society’s needs. (Example of Involved Process by business: Production, Purchases, Sales, Advertisement, Exhibition of Products, Marketing of Products, Sampling of Products etc.) Commerce Commerce is a negotiated exchange of valuable object (Cash, Cheque, Gold, etc) or services between at least two parties and includes all activities that each of the parties undertake the complete the transaction. Example: My Person trades eggs to one of his neighbors in exchange for repairs to his furniture. E- Business Definition 1: E-business in the simple words is the use of internet technologies and computing to implement business transition online to improve customer services operation enhances the market share, attract large number of consumers, streamline supply chain and reach existing & new customers. Definition 2: In general the term E-business means doing any kind of business transaction on the internet with the aid of two integrate component of E-Commerce (EDI & VAN). E-Commerce Definition 1: A part of e-business; the term refers only to the activities involved in buying and selling online, which may include identify suppliers, selecting products or services, making purchases commitments, completing financial transactions, and obtaining services. Definition 2: We will define e-commerce as the use of electronic data transmission to implement or exchange any business activity. Page 2 Example: A buyer sends an electronic purchases order to a seller. The seller then sends and electronic invoice back to the buyer. History of Internet 1969 : The US Department of Defense started the first network among major research centers in US. 1971 : A total of major connection or nodes were established. E-mail was introduced. 1973 : Defense Department started developing various forms of file transfer. 1984 : Domain Name Service (DNS), was introduced. 1986 : US National Service Foundation created Internet-based telephone lines 1987 : The number of hosts (Computer on the Internet) reached 10,000. 1988 : The number of hosts on the Internet became over 60,000. 1989 : Over 100,000 hosts on the Internet were registered. 1991 : The World Wide Web (WWW) was created by CERN in Switzerland. (Conseil European pour la Recherché Nuclearire) 1992 : One million hosts on the Internet were found. 1995 : There were a total of 6.6 million hosts or computer on the Internet. July 1997 : 1.3 million Domain names registered. Dec. 1997 : 22 million servers, 40 million users on the WWW. 2000 : 110 million users and 72 million Domains Names. 2003 : 802.2 million users and 233 hosts. Growth of Internet in India Years Internet Subscribers Internet User 1997 25 45000 1998 250 200000 1999 359 1000000 2000 650 2000000 2001 1130 6668000 2002 1763 10684000 2003 3661 29000000 2004 4403 31723000 2005 6674 52875000 Page 3 60000 50000 40000 Subscribers User 30000 20000 10000 0 1999 2000 2001 Internet 2002 2003 2004 2005 Usage in India History of E-Commerce The term E-Commerce was derived from E-mail means conducting business online with the help of electronic devices like personal computer, phone lines, fax machine, pager etc. IBM was the first company who use the term internationally. During 1970, the introduction of EFT (Electronic Fund Transfer) between banks over secure private network changed financial changed financial market. During the late 1970 & early 1980’s, E-commerce becomes widespread with in companies in the form of electronic messaging technologies: EDI & E-mail. The 1972, IBM used this term as ‘E-business’ and the first successful transaction is held between USA and European union in 1973 with invention of personal computers. E-commerce refers to the paperless exchange of business information using EDI, Electronic bulletin Boards, E-mail and other network based technologies. It not only automates manual processes and paper transaction, but also helps organization move to fully e-environment and change the way they operate. Electronic commerce (e-commerce) has become a buzzword for business over the past few years Page 4 Total E-Commerce Transaction in India Year Total e-commerce transaction 1998-1999 131 crore Rs. 1999-2000 450 crore Rs. 2000-2002 1400 crore Rs. 2006 (Expected) 2300 crore Rs. Difference between E-commerce & E-Business: Internationally both the term can be interchange and having the same concepts i.e. doing business online. However, E-Business is the term is derived from e-Commerce. E-Commerce E-Business 1. Open System. 1. Closed System. 2. Not Secured. 2. Secured. 3. Does not involve the use of EDI. 3. Used EDI. 4. E-Commerce always operates on Internet. 6. Used for small and large transaction. 4. Always operates on intranet or extranet. 5. Involve explicitly business transactions. 6. Used for bulky transaction. 7. amazon.com, bazaar.com are example 7. e-trade.com, e-business.com are 5. Involve all types of commerce. of E-Commerce. example of E-Business. Main Goals of E-Commerce 1. To understand what are the need of consumer, merchants, & organization. 2. How to improve quality & quantity of goods. 3. How to increase speed of services Need for E-Commerce Page 5 E-Commerce Is the business environment in which information for the buying, Selling and transportation of goods and service moves electronically. E-commerce includes any technology that enables a company to do business electronically. Some of the direct benefits of E-Commerce are: Improved Productivity: (Speed of Transactions with accuracy, easier access document and information) Cost Saving: (Check on Duplication of entries, human Error) Streamline Business Process Better Customer Services: Customers can enjoy the convince of shopping at any hour anywhere in the world. Opportunities for New Business Major Affecting Factors of E-Commerce 1. Growth of Internet: (Speed, Subscribers, Electronic Environment) 2. Govt. Policies & Laws: (Security, Computer Crime, Data Protection and Privacy, Telecommunication Laws) 3. Consumer Awareness: (familiar with electronic media) Function of E-Commerce E-Commerce application enables various business functions and transactions to be done electronically:- E-Advertising: - Advertising of Information is currently the largest commercial activities on the web like: a) The organization’s own web site, where information about products and the Organization’s profile can be found. b) Clickable Banners c) E-Commerce portals like: www.yahoo.com d) Newsgroup Page 6 E-Catalogs: - Electronic Catalogs are web pages offering information about the products or services offered by the company. An e-catalog may offer information like: a) Product attributes and characteristics, b) Packaging c) Availabilities, d) Ways of Payment e) Price etc. E-Publishing: - The publication sector was one of the first to invest in new technologies and especially in the Internet. Successful e-commerce efforts in relation to e-publishing are the electronic newspapers and the independent publication through the internet. Some of the services offered by the online publication include the following. a) On-line reading/ browsing: b) On-line Search c) Customized Information Services E-banking: - E-Banking offers remote banking facility electronically. Electronic Banking is also known as cyber banking, on-line banking, virtual banking or home banking. It enables web user to make purchase online and pay for the same using an online banking facility. It is cost-effective, easy and 24-hour available way of doing business. The services offered to customer include: a) Bill Paying b) Electronic Cheque Writing c) Tracking of bank account, credit cards etc. d) Record Keeping E-Traveling Page 7 Shopping Services 1. Shopping Services provided by independent business who send representative to store comparison shop for specific products. A shopping service is hired by contract and will compare competitive prices or prices for the same item in competitive stores, depending on the request and needs of the client. 2. Shopping Service offered to cable television subscriber where consumer can buy products (Usually at discount) that are displayed on a special shopping services channel. 3. Shopping Service offered to subscribers of personal information services for home computer use. For example: A Company provides on-line information to subscribers. Among the many services offered by this company is one called products, Guides, Etc. From which consumers may shop and select purchases right from their own computer terminals. Information Services: Pronounced as separate letters, and short for Information Systems or Information Services. For many companies, Information System or Services is the name of the department responsible for as IT and Management Information System. Information System Support different types of decision at different levels of the organizational hierarchy. Major types of information system include structural databases and information management software that can include the following; Transaction Process System (TPS) Enterprise Collaboration System (ECS) Management Information System (MIS) Decision Support System (DSS) Executive Support System (ESS) Electronic Data Interchange (EDI):EDI is a standard for exchanging business data or document. All trading partners must have to agree to follow some standard for exchange information like (Payment order, Purchases order, invoices, and bills). In EDI the information must move without intervention among trading partners. Page 8 Supply Chain Management (SCM):SCM can be define as an electronic alternative to the traditional paper chain, providing companies with a smarter, faster, more efficient way to get the right product to the right customer at the right time and price. Multimedia Content for E-Commerce Application 1. Multimedia content can be considered both fuel and traffic for e-commerce application. 2. Multimedia content is the combination of text audio, video, and graphics in a computer file document. Text Image Graphics Audio Multimedia Numerical Data Hologram Video Animation 3. It is the natural way to communication to the people. 4. The goal of multimedia is to increase the utility of all information through the processing & distribution of new forms such as image, audio, video. 5. Multimedia has come to means the combination of computers, television and telephone capabilities in a single device. Storage Application:Multimedia Servers and Electronic Commerce 1. E-commerce requires robust server to store and distribute large amount of digital content to consumer. 2. These multimedia storage servers are large information warehouse capable of handling various content, ranging from books, newspapers, advertisement catalog, movies and games. 3. These servers serve information upon request must handle, large scale distribution, guarantee security and complete reliability. E-Commerce Framework Page 9 It is clear that e-commerce application will be built on existing infrastructure myriad of computer, communication, network and connection software framing the nascent information superhighway. E-Commerce Application: 1. Supply chain Management 2. On-line Banking 3. Procurement & Purchasing 4. On-line Marketing & Advertisement 5. Home Shopping Figure shows variety of possible e-commerce applications, including both inter organizational & consumer oriented example none of these uses would be possible without each of the building blocks in the infrastructure. Common business services Infrastructure /Security/Authentication/Electronic Payment The messaging & information distribution Infrastructure (EDI, E-mail) Multimedia content & Network Publishing Infrastructure The information superhighway infrastructure (Telecommunication, Cable TV, wireless network, Internet Public Policy legal & Privacy Issues (Cyber Law, IT Act 2000) Technical Standard for edocument s, multimedia & Network Protocols Building Blocks in the information 1. Common business services, for facilitating the buying & selling process. 2. Messaging & Information distribution, as a means of sending & retrieving information. We frequently send & retrieve the information so these are facilities of E-commerce. Page 10 3. Multimedia content & network publishing for creating a product and a means to communication about it. The e-commerce related website has the information about the products and its design. 4. The information superhighway- The very foundation for providing the highway system along which all e-commerce. The Two pillars supporting all e-commerce applications & infrastructure are just a indispensable. 1. Public Policy, to govern such as universal access privacy and information pricing. 2. Technical Standard- To dictate the nature of information publishing, user interface and transport in the interest of compatibilities across the entire network. Information can be access by any type of devices which consumer choose & support any type of Operating System. Difference between E-Commerce & Traditional System S.No. Basis E-Commerce 1 It does not involve data at multi points. With EReduce the data commerce data goes error directly from one to another computer without involving human being. 2 Initial cost of e-commerce is very high as compared to paper process but over a long period of time it is very effective. Reduce Cost 3 Reduce Paper Work 4 Reduce Process Cycle Time Traditional The buyer & Seller create purchases order on their system print it or fare it or mail to receiver. The receiver then reenter the same information on the computer. This will create the error. As time is money, time is directly linked to saving the money. In it there is a repetition of same work at every level. So it involves a lot of time and if the error is arisen that will lead to more wastage money. It requires re-entry of data at each E-Commerce data in the level and requires lot of time. So electronic form makes it the peak time is wasted in reeasy to share it across the entering and printing of the organization. reports. In Traditional System, when the E-commerce reduces the buyer order in a paper format, the processing cycle time of data is re-entered into the seller’s complete cycles as the data computer and then only is entered the system it is processing can take place which simulating process. is a time consuming and full commitment. Page 11 What is required in order to conduct E-Commerce? Number 1-3 below are the components that you will need to conduct E-Commerce, and number 4-5 are optional depending on how you intend to accept payment, 1. You need a commercial website. 2. You need products or services that you plan to sell through your website. 3. You need a shopping cart system or an order form that your customers can use to shop for and purchases what you are selling. 4. If you plan to accept credit cards as payment, you will need a credit card merchant account. 5. If you plan to process credit cards in real time over the web, you will need an online payment gateway. *** Website: It is collection of web pages which are linked each other. *** Shopping Cart: A piece of software that keeps a record of the choices you making during an online buying session. *** Gateway: It is a software program used to connect two networks using different Protocols so that they cam transfer data between the two network. *** Electronic fund Transfer: It is transfer of money between financial institutions over secure private networks. Manufacturers Open Market Direct Transaction Low Transaction Cost Direct Access to Market New Business Electronic Markets Dealers Page 12 Industry’s Perspective Consumers Quick Shopping Variety of Merchandise Financial Market Xccccc Shopping Worldwide at Home Cccc Labour Markets Assets Management Job hunting at home Shopping Mall Consumer’s Perspective Households Resource & Energy Savings Decreasing Unemployment Governments Improving Quality of Life Economic Growth in Developing Countries Enhancing International Free Trade System Electronic Market Enterprises Page 13 Impact on the society Merchant Web Site Online Consumer Internet Private Gateway Online Transaction Server Processing Network Issuing Consumer Bank Acquiring Merchant Bank Institutes Government Merchants Process Marketing Sales erce E- Commerce Entities Page 14 Component of E-Commerce On-Line Shopping Services Bill Payment Inter bank clearing house Real –time financial information (Stock ticker) Consumer Home Investment vehicles (bonds, mutual funds) Bank Server Advances services and home banking Consumer Merchant or Commerce Server Transaction Management Security Return Management Settlement Page 15 Browser: Other Communication Between the bank & customer A View of Internet Payment Process Page 16 Merchant Customer 1 8 Third Party 2 8 Encryption Software Monthly Statement Processor Verify 3 2 8 6 3 2 Credit Card Processor 8 4 3 On-line Credit Card Transaction 2 8 5 Customer Bank 4 3 2 8 Simplified on-line mercantile model 7 2 8 Page 17 What is Electronic Payment System (EPS)? The Electronic fund transfer of money between financial intuitions over secure private network. Making Payments on the internet are essentially electronic version of the traditional payment systems. But in the electronic payment everything is digital and it is designed to handle electronically, no change and/or old currency problems! Electronic Payment System is more sure faster payment systems which serve its customer fast and low cost services. (2) Remittance Request (1) Buy Request Customer with need Payment Institution Merchant (4) Delivery (3) Approval Advantage of Electronic Payment System 1. EPS is not bounded by region boundaries so that fund can transfer anywhere. 2. It is secure method of fund transfer. It provides faster services compare to conventional payment system. 3. It provides services not only to big organization, bank, business transaction but also to users and consumers for online shopping & marketing at very low cost. 4. It provides various way by which a customer can make payment such credit card, digital cash, debit card etc. Issues Involves in EPS Page 18 1. The selection of the mode of EPS which is chosen by consumers in which customer must satisfy for example- E-Cash, E-Cheque, Credit Cards and Debit Cards. 2. In online market, how can we manage the financial risk associated with various payment instrument- Privacy, Frauds and Mistakes as well as other risks like bank 3. What are the step-by-step procedure & institutional arrangements that from the fabric of the electronic payment business process that link consumer and organization? Types of E-Payment System Three categories of EPS: 1) Banking & Financial Payments: Large scale or whole payment (e.g. bank to bank transaction) Small scale or retail payment (e.g. ATM) 2) Retailing Payments: Credit Cards(VISA or Master Cards) Private label credit/debit cards Charges cards(e.g. American Express) 3) Online E-Commerce Payments: E-Cash E-Cheque Digital Token – Based Electronic System In a traditionally system, their deficiency is their assumption that the parties will at some time or other’s physical presence or that will be a sufficient delay in the process for frauds, overdrafts and other undesirables to be identified and corrected. Entirely new forms of financial instruments are also being developed. One such new financial instrument is “Electronic Tokens” in the form of electronic Cash/Cheque. Simply stated, electronic tokens are equivalent to cash that is backed by a bank. Electronic tokens are of three types: 1. Cash or real-time: Transaction are settled with the exchange of electronic Page 19 currency. An example of on-line currency exchange is electronic cash (e-cash). 2. Debit or prepaid: User pay in advance for the privilege of getting information. Examples of prepaid payment mechanism are stored in smart card and electronic purses that store electronic money. 3. Credit or postpaid: The server authenticates the customers and verifies with the bank and funds are adequate before purchases. Examples of postpaid mechanism are credit/debit cards and electronic Cheque. Certificate Authority Certificates Authority is issued to companies and organizations that are accessible via the internet. They are issued for certain period of time and are used as a guarantee of the security of a web site. Digital Certificate Digital certificate is defined as a method to verify electronically for authenticity. The digital certificate equivalent of positive identification, such as a driver’s license. Issued by various certificate authorities, digital certificates are used to prove that a website, or a visitor to a website, is the entity or person they claim to be: An electronic credential issued by a certification authority to establish the identity of an organization when doing business on the internet. Contents of digital certificate It includes Holder’s Name, organization, address. The name of certificate authority. Public key of the holders for cryptographic use. Time limit, these certificates are issued for 6 month to a year long. Digital certificate identification number. Electronic Cash Page 20 Electronic cash is a form of electronic payment system which is based on encryption; it means it is a secure payment system. Security of e-cash is measures by digital signature. It uses a pair of key for locking & unlocking fund. Locking key is used for encoding of a message into a cipher text. The encoding key is kept private and the decoding key is made public. By supplying all customers (buyers & sellers) with its public key, a bank enables customers to decode any message or (currency) encoded with banks private key. Purchasing E-Cash from Currency Servers or e-mint The purchase of e-cash from an on-line currency server (or bank) involves two steps. 1. Establishment of an account 2. Maintaining enough money in the account to back the purchases. E-mint 2. Transfer Money 7. Credit Merchant a/c Consumer’s Bank 3. Send E-Cash 6. Return ECash 1. Request to obtain cash 4. Send E-Cash Consumer Merchant’s Bank Merchant 5. Delivers Goods Working of E-Cash The e-cash transaction take place in three district and independent phases as discussed below: Page 21 Phase- 1: Obtaining Electronic cash: 1. The consumer requests his/her bank to transfer money to the e-mint to obtain ecash. 2. The consumer bank transfers money from the consumer’s a/c to the e-mint. 3. The e-mint sends e-cash to the consumer. The consumer servers his/her cash. Phase- 1: Purchasing with Electronic cash: 4. The consumers select the goods and transfer the e-cash to the merchant. 5. The merchant provides the goods to the consumer. Phase- 3: Redeeming Cash by the Merchant: 6. The merchant may sent the e-cash to its bank and the bank in turn redeems the money from the e-mint. 7. The e-mint transfer money to the merchant’s bank for crediting the merchant’s a/c. Properties of E-Cash Following four properties 1) Monetary value: (E-cash created by one bank and accepted by others) 2) Interoperability: (Exchangeable as payment for other e-cash, paper cash, goods, services. ) 3) Retrieval & Storage 4) Security: (E-cash should not be easy to copy) Advantage Best suited for small transactions. Authentication is not an issue who pay’s is not important as long as a merchant gets his payment. Operational risk associated with e-cash 1. The time over which given money is valid. 2. How much can be stored on and transferred by electronic money. 3. The no. exchange that can take place before a money needs to redeposit with a bank or financial institutional. 4. The number of such transactions that can be made during a given period of time. Electronic Cheque: Page 22 Electronic Cheque has all the same features as a paper Cheque. It functions as a message to the sender’s bank to transfer funds, the message is given to the receiver, who in turn endorses the Cheque and presents it to the bank to obtain funds. Consumer’s Bank Merchant’s Bank 6. Forward Cheque 8. Account Update 7. Forward Cheque 5. Forward to bank 3. Validate Cheques Clearing House Consumer Browser 1. Access and Browser 2. Select goods pay e-Cheque Merchant System 4. Close Transaction Working of E-Cheque Phase-1: Purchasing Goods 1. The consumer accesses the merchant server and the merchant server presents its goods to the consumer. 2. The consumer selects the goods and purchase them by sending an electronic Cheque to the merchant. 3. The merchant may validate the electronic Cheque with its bank for payment authorization. 4. Assuming the Cheque is validated the merchant closes the transaction with the consumer. Phase-2: Depositing Cheque at the merchant’s bank: 1. The merchant electronically forwards the Cheque to the bank. 2. The merchant bank forwards the e-Cheque for clearing house for cashing. 3. The clearing house with the consumer bank, clears the Cheque and transfers money to the merchants bank, which updates the merchant account. Smart Card: Page 23 Smart cards are credit and debit cards and other card products enhanced with microprocessor, capable of holding more information than the traditional magnetic stripe. Most of these methods are known as stored value cards or electronic purse system. Units of prepayment or currency value are electronically stored on an IC chip imbedded in these cards. Smart cards are basically of two types: Relationship-based smart credit card and electronic purse. Electronic purse, which replace money, are also known as debit cards and electronic money. Relationship-based smart credit card: A relationship-based smart card is an enhancement of existing card services and/or the addition of new services that a financial institution delivers to its customers via a chip-based card or other device. These new services may include access to multiple financial accounts, balance inquiry and other information cardholder may want to store on their card. Working :( Access multiple accounts, such as credit, debit, investments or stored value for e-cash, on one card or electronic devices) Electronic Purse and debit cards: E-Purse is wallet size smart card embraced with programmable microchip that store monitory value in form of money. The electronic purse works in the following manner. After the purse is loaded with money, at an ATM or through the use of an inexpensive special telephone, it can be used to pay for example Candy in a vending machine equipped with a card reader. The vending machine is authentic and there is enough money available for a chocolate bar. Credit Card: The credit card transaction simply requires that the consumer have a valid credit card number and expiry date when placing an order. This information has been provided through standard internet option like e-mail/sms. In credit cards may used a long with a personal information number (PIN). The pin is a secret code that the consumer must enter while using the credit card online. As such, it prevents misuse of the card in case it is stolen. Working of Credit Card: Phase:1 Purchases of goods: transaction starting from 1-4. Phase:2 Settlement of transaction from 5-6. Phase:3 Consumer update of credit card bill in the transaction number. Page 24 6. Forward receipt and obtain payments Card Issuer Merchant’s Bank 3. Request and obtain credit authorization Consumer (Browser) 1. Access Home page 2. Select goods, make credit card payment 4. Close Transaction Working of Credit Card: 5. Provide credit and receipt Merchant Page 25 Merchant Customer 1 8 Third Party 2 8 Encryption Software Processor Monthly Statement 4 3 2 8 3 2 8 6 3 2 Credit Card Processor 8 5 4 3 E-Security 2 A security threat is define as a circumstances, condition, or event to cause economic hardship to data or network resources in8the form of destruction, disclosure, and Customer Bank modification of data, denial of services and/or fraud & waste. In addition, organization must be concerned with the inherent security threats associated with business over the web such as: 1. Unauthorized user access 2. Tampering and eavesdropping 7 2 8 Page 26 To overcome this strong network security solution is essential which can transparently and automatically control the access of corporate intranets or extranets. The solution must provide identification and authentication of users, encryption of all traffic from the application to the user, and access control to all information. E-Security can be divided into two parts: 1) Client-server network security 2) Data & transaction security Client-server network security: Client server security ensure that only authorized users can access to information resources. a) Physical Security: When unauthorized user gain physical access to computer b) Software Security: When program/software is comprised into doing thing they should not. c) Inconsistent Usage: When administrator assembles combination of Hardware & Software such that the system is seriously flowed from a security point of view. To reduce these security threats, various protection methods are used. Protection-also called authorization or access control. Protection methods are:1) Trust-based security 2) Security through 3) Passwords Schemes 4) Biometric System A) Trust-based security: Trust based security means to trust everyone & do nothing extra for protection and there is not access restriction on any kind of data access. All users work in a network can shared information, this approach assume that no any user make an expensive break as detection of files or modification of data or unauthorized access of data Now a days this approach do not work, it used in past. B) Security through Obscurity: Any network can be secure as long as nobody outside its management group is allowed to find out any thing about its operational details. Hiding account password in binary files or script so that “nobody will ever find them”. But its usefulness is minimal in the UNIX world. Where users are free to move around the file system, have a great understanding of programming techniques. They can easily guess at the bits of knowledge considered confidential. These bypass the whole basis of STO and make this method of security useless. Page 27 C) Password Schemes: One security is password schemes. However it can also break when we use some common words or names for password. The simplest method used by most hackers is dictionary comparison. Comparing a list of encryption user passwords against a dictionary of encryption common words. This schemes often works because users tend to chose relatively simple or familiar words as passwords as passwords. As a solution we use mixed-case passwords containing at least one non alphanumeric character & changing passwords every 60 to 90 days We can also include one time passwords, smart card randomized tokens. D) Biometric System: Biometric system involve some identical aspects which related to human body such as compare the finger prints, palm prints and voice recognition. Biometric Systems are very expensive to implement. Biometric System use one to one relationship and one to many relationships. Data & Message Security: Transaction securities have two parts: I) Data Security II) Message Security Data Security: Data securities suffer from packet sniffing. Sniffing attack begin when a computer is compromised to sharing some data or program. Cracker starts to install packet sniff into data that monitors the networks sniffer program to attack on network traffic, telnet, FTP. Session that legitimate user initiate to gain access to another system. The session contains the login ID, password and user no. of the person logging into other machines, all this necessary information a sniffer needs to login into machine. Message Security: Threats to message security fall into three categories a) Confidentiality b) Integrity c) Authentication/Identification a) Message Confidentiality: Confidentiality is important for user sensitive data such as credit card number. This requirement will be amplified when other kinds of data such as employee records, government files and social security number, begin traversing the nature. b) Message Integrity: Content of transaction must be unmodified during transport. Page 28 It must be clear that number one has added, delete or modified any part of the the message. Error detection codes or checksum, sequence no., and encryption techniques are methods to enhance information integrity. Sequence number prevents recording, loss or replaying of message by an attacker. Encryption technique such as digital signature can detect modification of a message. C) Message Sender authentication/identification For e-commerce, it is important that clients authenticate themselves to servers that servers authenticate to clients, that both authenticate to each other. Authentication in e-commerce basically requires the users to prove his or her identify for each requested service. Third-party authenticate services must exist within a distribution network environment where a sender can not be trusted to identification itself correctly to a receiver. Client-Server Security Threats: These threats can be divided into two major categories. 1) Threats to client 2) Threats to server Threats to client 1) Client threats mostly arise from malicious data or code, Malicious code refers to viruses, worms, Trojan horses and deviant. Virus: A code segment that replicate by attaching copies of itself to existing executable (EXE files). The new copy of the viruses is executed when users executes the host programs some viruses displaying a text string or delete all files on the hard disk on a particular date. Trojan Horse: A program that performs a desired task but also includes unexpected functions. Example: Editing program for multi-user system. This program could be modified to randomly delete one of the user’s file. WORM: A self replicating program that a self continued & does not require a host program. Clients must scan for malicious data & executable program fragment that are transferred from the server to the client. Page 29 Threat to servers Threat to server consist unauthorized modification of source data. Unauthorized eavesdropping Modification of incoming data packets. Eavesdropping: Hackers can use electronic eavesdropping to trap user names & unencrypted password sent over that network. It is difficult to delete that some one is eavesdropping encryption can prevent eavesdropping from obtaining data traveling over unsecured network. Denial of Services: It is two types. 1) Service Overloading 2) Messaging Overloading Service Overloading: One can easily overload a www server by writing a small loop that sends requests continually for a particular file for example: A home page. Message Overloading: Occurs when some one sends a very large file to a message box every few minutes. The message box rapidly grows in size & begins to occupy all space on the disk and increase the no. of receiving process on the recipients’ machine & causing a disk crash. Packet Replay: Refer to the recording & retransmission of message packets in the network. Hacker could replay legitimate authentication sequences message to gain access to a secure system. Packet Modification: Integrity threat, involve modifying a message packet or destroyed the message packet. IP Spoofing: A technique where an attackers attempts to gain unauthorized access through a false source address to make it appear as though communication have originated in a part of the network with high privileges. Some Security threats & Solutions Threats Security Data intercepted, Encryption read or modified illicitly False identify with Authentication an intension of fraud Unauthorized user Firewall on one network gains access to another Function Technology Encoder data to Symmetric and prevent tempering Asymmetric encryption Identity verification Digital signature of both sender & receiver Filter and prevents Firewalls: certain traffic from Virtual private nets entering the network or server Page 30 Encryption as the basis for data & messaging security: Encryption is a cryptography technology to scramble (encrypted) the data with a key so that no one can make sense of it while its being transmitted. When data reaches its destination, the information is unscramble (decrypted) using same or different key. Cryptography: The terms used commonly in a cryptography system are as follows: Intruder: Intruder is a person who is not authorized to access the information or th network. Plain Text: Intelligible message that is to be converted into unintelligible message (Encrypted message). Cipher Text: Message in an encrypted form. Example: (Encrypt Form) Plain Text Algorithm Cipher Text (Decrypt Form) Algorithm Plain Text Goods Next Two Word Iqqfu Previous Two word Goods Sales Previous One Word rzkdr Next One word Sales Encryption: Process of converting plain text to cipher text. Decryption: Process of converting cipher text to plain text. Algorithm: A cryptography algorithm is a mathematical function. Key: String of digits. There are two type of cryptography or methods of encryption Secret key or symmetric key Public key or asymmetric key Page 31 Secret key: In this scheme, both the sender and recipient possess the same key to encrypt and decrypt the data. Original Message Encrypted Message Secret Key Encrypt Internet Encrypted Message Original Message Secret Key Decrypt Example: DES: (Data Encryption Standard) For example message A encrypts a message with secret key & e-mails the encrypted message to B on receiving the message, B checks the header to identify the sender & takes out the duplicate of the secret key, B then uses the secret key to decrypt the message. Shared key techniques suffer from the problem of key distributions since shared keys must be securely distributed to each pair of communicating parties. The i) Generation ii) Transmission & iii) storage of keys is called key management. In a business environment where a company deals with 1000 of on-line customers, it is impractical to assume that key management will be flawless. Drawbacks Both parties must agree upon a shared secret key. If there are “n” correspondent one have to keep track of n-different secret keys. If the same key is used by more than one correspondent, common key holders can read each other’s mail. Symmetric encryption schemes are also subjected to authenticity problems. Because, sender & recipient have same secret key identity of originator or recipient can not be proved. Both can encrypted or decrypted the message. Page 32 Public Key Cryptography This scheme operates on double key called pair key one of which is used to encrypt the message and only the other one in the pair is used decrypt. This can viewed as two parts, one part of the key pair, called private key known only by the designated by the owner, the other part, called the public key, is published widely but still associated with owner. Original Message Public Key Encrypt Encrypted Message (Cipher Text) Internet Original Message Encrypted Message Private Key Decrypt (Cipher Text) Schematic diagram of Asymmetric Encryption Encrypting & decrypting Data encrypted with public key can only be decrypted with private key. Data encrypted with private key can only be decrypted with public key. Strong points of this scheme The key can be used in two different ways: 1. Message confidentiality can be proved: The sender uses the recipients public key to encrypt a message, so that only the private key holder can decrypt the message, non other. Page 33 2. Authenticity of the message originator can be proved: The receiver uses his private key to encrypt a message, to which only the sender has access. 3. Easy to distribute public key: Public key of the pair can be easily distributed. Person “X” Original Message Person “Y’s” Public Key Encrypt Encrypted Message (Cipher Text) Internet Encrypted Message Person “Y’s” Private Key Decrypt Original Message (Cipher Text) Person “Y” Page 34 Firewalls: The term firewall is a method of placing a device a computer or a router-between the network and the internet to control and monitor all traffic between the outside world & the local network. A firewall system is usually located at a gateway point such as a site’s connection to the internet. A firewall is simply a barrier between two networks-in most cases an internal network often called the trusted network and case an external network called untrusted. Firewalls examine incoming & outgoing packets according to a set of policies defined by administrator either let them through or block them. Internet 40,000 networks-no. of hackers? Enterprises LAN Or WAN Firewall by pass should not be allowed Firewall Policy: Firewall generally implement one of two basic design policies. 1) Premises Approach 2) Restrictive Approach Page 35 Permissive Approach: Allows all the services to pass the site by default, with the exception of those services that the network services access policy has identified as disallowed. Restrictive Approach: A firewall that implement the second policy denies all services by default, but then passes those services that have been identified as allowed. The first policy is desirable, since it offers more a venues for getting around the firewall. Second policy follows the classic access model used in all areas of information security. Certain service, such as FTP, Archie & RPC are difficult to filter, for this reason, they may be better accommodated by a firewall that implements the first policy. The second policy is stronger and safer, but it is more restrictive for users. Types of Firewall: Two types of firewalls A) Static Firewall B) Dynamic Firewall Static Firewall: Static firewalls are generally pre-configured and they allow or deny the access from the outside world by default. Default allows the inbound traffic, in such a mechanism only the specified user will be denied access to the network of the enterprises. In the default deny policy, only the specific users who display their authentication are permitted to access the network. Dynamic Firewall: The dynamic firewall uses allow and denial of services policy at the network on the time basis. Some service on the network may be allowed and other may be denied for a specific time interval. The configuration of such firewall is slightly more complex. Now a day’s firewall can be implementing in two ways:1) IP packet screening routers. 2) Proxy Application Gateways. 1) IP packet screening routers: This is a traffic routing service placed between the network service provider’s router & the internal network. The firewall router filters incoming packets to permit or deny IP Packets based on several screening rules. It examines the source & destination addresses & port of incoming TCP & UDP packet & denies or allows packets to enter based on a set of predefined rules. Page 36 Packet filter are inexpensive but relatively complex process. It usually requires precise knowledge of network, transport and sometime even application protocols. Another problem with is packet filters is that they are susceptible to IP spoofing; A tricky hackers can gain access to a corporate network by changing IP address in packet headers to ones that are acceptable. Public Internet IP Packet screening router Sample Screening Rules: Protocols (TCP, UDP) Source IP address (Domain.edu) Target TCP port 80 (WWW only) Secure firewall with IP packet screening router Proxy Application Gateways: A proxy server application gateway is a special server that typically runs on a firewall machine. Instead of directly talking to external WWW servers, each request from the client would be routed to a proxy on the firewalls that is defined by the users. The proxy waits for a request from inside the firewall, forwards the request to the remote server outside the firewall, forwards the request to the remote server outside the firewall reads the response & then returns it to the client. Page 37 Public Internet Web HTTP Server Secure subnet inside the firewall security perimeter FTP Server Proxy server on the firewall machine that connect to the external internet Client inside the Firewall Gopher Server Telnet Server USENET news Server Digital Signature: E-Commerce business transactions for authentication the digital signature are used. The authentications refer the legal, financial & other document related issues. Digital Signature is just like hand written signature which determined presence & absence of authentications. The digital signature consist of two parts 1. Signature in the document: Signer authentication 2. Document Authentication Signer Authentication: A signature should indicate who signed a document, message or record and should be difficult for another person to produce without authorization. Document Authentication: A signature should identify what is signed. Sender can not remove the content of messages after signing it. The receiver can not do any change in the message. Hash Function: It is a formula that converts a message of a given length into a string of digits called a message digest. (Hash function Message digest) Working: X sends the message to Y Encrypt With sender’s private key X Sender Digital Signature Y Receiver Page 38 1. Sender generates a message. 2. Sender creates a “Message digest” of the message by using Hash Function. 3. Sender attaches the digital signature to the end of the message. 4. Sender encrypts both message & signature with receiver’s public key. 5. Receiver decrypts entire message with own private key. 6. Receiver calculates the message digest using hash function. (Receiver uses the same hash function as that of sender used, which was agreed upon before hand) Advantage: Unauthorized persons can access to the public key of X person, but can not have his hash function, which makes the digital signature authentic. Page 39 Types of E-Commerce or E-Commerce Transaction Model Business to Consumer (B to C) Business to Business (B to B) Consumer to Business (C to B) Consumer to Consumer (C to C) Business to Consumer: B2C, E-Commerce offers consumers the capabilities to browse, select and buy merchandise online from a wider verity of sellers and at better prices. The B2C of electronic commerce transaction is ideally suited for the following type’s merchandise. Goods that can be easily transformed into digital format, such as book, music, clips and videos and software packages. Items that follow standard specification like printer. Ribbon, ink cartridge etc. Highly rated branded items or items with return security: such as Compaq computers, e-gadgets Sony etc. Items sold in packet that can not be opened even in physical stores e.g. Kodak film rolls. Item that can be experienced online, such as music, videos etc. Example: http:\\ www.dell.com , http:\\ www.mustafa.com.sg How does B2C Work? 1. 2. 3. 4. 5. 6. Customer identifies a need Searches for the product or services Selects a vendor and negotiates a price Receives the products or services Makes Payment Gets services and warranty claims Business to Business: B2B, electronic commerce facilitates inter-organizational interaction and transaction. This type of E-commerce requires two or more business entities interacting with each other directing, or through intermediary. Application of B2B: 1. 2. 3. 4. 5. Inventory Management Channel Management Distribution Management Order fulfillment & delivery Payment Management Page 40 The B2B electronic commerce can be following type: i) Supplier oriented ii) Buyer oriented iii) Intermediary oriented Supplier oriented: A supplier sets up the electronic market place. Number of customer/buyer business interacts with the supplier at its electronic commerce marketplace. Typically, it is done by a dominant supplier in the domain of products its supplies. Buyer oriented: In buyer oriented electronic commerce, major businesses with high volume purchases capacity create an electronic commerce marketplace for purchases and gaining by starting a site on their own. The online e-commerce marketplace is used by the buyer for placing request for quotations and carrying out the entire purchases process. Intermediately oriented: In buyer oriented e-commerce, in the business to business context, a third party set up the electronic commerce marketplace and attracts both the buyer and seller businesses to interact with each other. The buyers and seller, both benefits from the increased option in terms of pricing, quality, availability and delivery of goods. Raw Material Producer Manufacturer Distributor Retailer Consumer B2C B2B Relation between B2B and B2C models. Summary of E-Business Transaction Models Model B2C Description Sells products or services directly to consumers. Example amazon.com, autobytel.com, eDiets.com, pets.com, B2G Sells products or services to other businesses or bring multiple buyer & seller together in a central marketplace. Business selling to local, state and federal agencies. C2C Consumer sell directly to other consumers ebay.com, inforocket.com, baazee.com C2B Consumers fix price on their own, which businesses accept or decline. priceline.com B2B metalsite.com, verticalnet.com, shop2gether.com igov.com Page 41 Consumer to Consumer (C2C) C2C e-business model, consumers sell directly to other consumers via online classified advertisements and auctions or by selling personal services or expertise online. infoRocket.com, one of the first question and answer marketplaces, is driven by a person to person auctions format. Consumer to Business (C2B) The C2B model can be described as a form of e-commerce where, the transaction, originated by the customer has a set of requirement specifications and specific price for merchandise. Mobile Commerce Mobile Commerce stands for electronic commerce made through mobile devices. M-commerce is defining by following ways “M-commerce is the use of mobile devices to communicate inform, manage & entertain using text and data via a connection to public & private network” (by Lehman brother) “Business to consumer transaction conducted from a mobile device” (by J.P. Morgan) “Mobile commerce refers to any transaction with monetary value that is conducted via a mobile telecommunications network” (by Durlacher) MobileInfo.com: Define m-commerce as “any electronic transaction of information interaction conducted using mobile device and mobile networks (wireless or switched public network) that leads to transfer or real or perceived value in exchange for information, services or goods” Typical Example of m-commerce: 1) Purchasing airline tickets 2) Purchasing movie tickets 3) Restaurant booking and reservation 4) Hotel booking & reservation M-Commerce is currently mainly used for the sale of mobile phone, ring tones and games as well as video and audio content, including full length music tracks. Page 42 Other services include the sending of information such as cricket scores via SMS. Currently the main payment methods used to enable m-commerce: Premium-rate calling numbers. Charging to the mobile telephone user’s bills or Deducting from their calling credit either directly or via reverse-charged SMS. Separating Mobile Commerce form E-commerce Technology E-Commerce M-Commerce Device Personal Computer Cellular phones, pagers Operating System Windows, Unix, Linux Pocket PC, Palm OS. Presentation Standard HTML HTML, WML, i-mode Ms Internet Explorer, Netscape Navigator. TCP/IP & Fixed wire line Internet Nokia Browser, Ms Mobile Explorer GSM, GSM/GPRS, TDMA, CDMA Browser Possessor Network Mobile Computing Framework 1. Wireless delivery technology and switching methods (Cellular, radio, paging, satellite and wireless LAN) 2. Mobile information access devices (Laptop, notebook, other portable computers and mobile phones) 3. Mobile data internetworking standard & equipment (No any interruption in between Bridge or Tunnels) 4. Mobile computing-based business application (Inventory & Package tracking and retail point of sale) (Most frequently mentioned include mail-enabled application & Information or data services to mobile users.) ) Application of M-Commerce Page 43 1. Goods: There can be two type of domain like business to business and business to Consumer. For example a vendor can sale to consumer or to another vendor. 2. Service: Again services can be business to business and business to consumer. For example a company can provide services directly to consumer or to another company. 3. Information: Information services can be paid to consumers or to other companies. The second aspect is advertising. Business to Business Business to Consumer Goods Shopping Vending Trading Services Information Gaming and Gambling PaidInformation Procurement Trading Ticketing E-Cash Banking Discount and Loyalty Schemes Limitations of Mobile-Commerce 1. Lack of consumer awareness about mobile commerce. Advertising Page 44 2. M-commerce operating system and platform (other software) is not as easy as well as desktop software’s. 3. Weak processor 4. Limited memory 5. Tiny screens and poor resolutions 6. Typically to enter data entry. Security Issues Pertaining to Mobile Commerce 1. To make the radio path as secure as the fixed network, this implies obscurity and confidentiality to protect against eavesdropping. 2. To have strong authentication to protect the operator against billing fraud. 3. To prevent operators from compromising each other’s security, whether unintentionally or because of competitive pressures. On the other hand, a security process must not: Significantly add to the delay of the initial call set up. Allow for increased error rates, or error broadcast. Add unnecessary complexity to the rest of the system. Be-cost ineffective. Page 45 Wireless Application: A Wireless is software that runs on a wireless device that exchanges content over a wireless network. The actual wireless applications are distinguish from one another based on the wireless devices, network, and application families. This can be summarized as: Web Phones: The most common device is the internet ready cellular phone, which call a web phone. Most web phones work only when they have a network connection. Newer advanced web phones can run application. Wireless Handles: Another common devices, the wireless handheld, such as a Palm, can also message and use a Micro browser. Two way Pagers: A device used often in business is the pager. The most popular is the two way pager because it lets you receive and send a message as well as use micro browser. Voice Portals: A recent advance is the voice portal, which lets you have a conversation with an information service by using a kind of telephone or mobile phone. Communication Appliance: Such electronic devices are fitted with wireless technology that can participate in the Internet. Example includes wireless cameras, watches, radio, pens and many other devices. WAP (Wireless Application Protocol): WAP provides web contents to small-area display devices in mobile phones. The service providers format contents in the WAP format. WAP was invented and is driven by WAP Farum- a group originally formed by Nokia, Ericssin, Motorola and phone.com in 1997. WAP is a group specification that offers a standard method to access Internet based content and services from wireless devices such as mobile phones etc. Wireless Technologies Time Division Multiple Access (TDMA): TDMA is a digital transport that divides the frequency range allotted to it into a series of channels. Each channel is divided into time slots. Each conversion within that channel gets a time slot; hence the term “division” in the name. GSM- (Global System for Mobile Communication):- GSM is one of the most popular mobile communication standards. It is the first digital cellular system to be used commercially. GSM Communication uses cellular networks. C1 C2 C5 C3 C6 C4 C7 Mobile communication using a cellular network Page 46 GSM is a second generation (2G) communication standard. GSM provide integrated services for voice and data. GSM cell phones require SIM (Subscriber Identity Module) cards for their operation. SIM is a smart card that identifies the user terminal by inserting the SIM card into the terminal, the user can have access to all the subscribed services without SIM card, the terminal do not work. The three kinds of services delivered by a GSM system are teleservices, supplementary services and bearer services. Teleservices Telephone/FAX Voice full 13 kbps SMS up to 160 Character MMS-GIF, JPG Video Text Access Supplementary Services Call Forward Caller line ID Call hold Call Waiting Call Charge Advice Bearer Services Full Duplex Synchronous & asynchronous General Packet Radio Services (GPRS): GPRS is a speed enhanced data transmission services designed for GSM system. GPRS is a packet oriented service for mobile stations data transmission and their access to the internet. Code Division Multiple Access (CDMA): CDMA is used as multiplexing method in many mobile telephony system. CDMA is an air link interface coding scheme, where in multiple subscribers are granted access to the same radio frequency source by assigning subscriber’s transmitted and received signals a spectrum- spreading code. A code transmitter assigns a unique code to each wireless connection and then broadcasts its data out on the channel simultaneously with all other connections. The receiver is able to decode each conversation by deciphering the unique code assigned to each connection. Page 47 E-Commerce & Banking Electronic Banking also known as electronic fund transfer (EFT), use computer and electronic technology as a substitute for checks on paper transactions. Electronic banking provides any time; anywhere access to cash through an automated teller machine (ATM) or direct deposit of e-Cheque into your saving accounts. Now, In current scenario, technology is changing between banks and their consumers. In particular technology innovations have enabled the following capabilities: 1. 2. 3. 4. Online delivery of bank brochures and marketing information. Electronic Access to bank statements Abilities to request the transfer of funds between accounts. Electronic bill payment and presentations. These online capabilities increase the facilities and speed of retail banking. What is Mobile Banking? Mobile Banking is a service that allows you to do banking transactions on your mobile phone without making a call, using the SMS facility. How is this different from making a call on my mobile phone or using Phone Banking? The difference between making a call on your mobile and sending a text message are as follow: You are not required to dial a number; you send a text message i.e. a coded message to the SMS Centre of your Cellular Service Provider. Bank does not charge anything for this service. However, the cellular service provider may charge a nominal charge for the SMS facility. In Mobile banking, you actually see your banking transaction on your mobile phone screen as opposed to hearing a message through the phone. How does mobile banking work? Mobile banking works on the “Text Message Facility” also called the SMS that is available on mobile phones. This facility allows you to send a Short Text Message from your mobile phone instead of making a phone call. All you need to do is type out a short text message on your mobile phone and send it out to a pre-designated number. The response is sent to you as SMS message, all in the matter of a few seconds. Page 48 This message travels from your mobile phone to the SMS Centre of the Cellular Services Provider, and there it travels to the bank’s system s. The information is retrieved and sent back to you mobile phone via SMS Centre, all in a matter of a few seconds. What is the Company ID in the Bill Pay message? Company ID consists of 4 alphanumeric character, which are predetermined by the company and help identify the bill. Your Phone is now your bank! When you dial in to Phone banking, a voice prompt will guide you through the various transactions. You may also a talk phone banker, who will provide you with the required assistance. Avail of the following services via phone banking Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates What can I do using Net banking? Manage you Demat Account Create fixed deposits online. Check your account balance Enquire on the Cheque status Order a Cheque book / Account Statement Stop payment Loan related enquires Transfer funds between banks Pay your bills Report loss of your ATM/ Debit Card Enquires about latest interest/Exchange rates Page 49 Changing Dynamic in the Banking Industry By using the electronic banking technology, banks have increased profitability. In the past, the banking industry was chiefly concerned with assets quality and capitalization, but now a day this is not enough. Bank need to find new ways to increase revenue in a “mature market” for most traditional banking services, a through understanding of this competitive environment is needed before banks can determine their online strategy. Find different factors contribute to the new competitive Changing consumer desires driven by online commerce Optimization of branch networks in order to reduce costs. Changing demographics trends and potential new consumer markets New online economic products Changing Consumer needs Now a day Consumers like fast financial process with secured environment so that they want e-services like: Online account related information Online download account statement Online transfer funds between account to account Online Payment of bills & dues Online purchasing & selling online other services Consumer Oriented Service Consumer Life-Style Needs Entertainment Financial Services and information Complementary Multimedia Services Movies on demand, video cataloging, interactive ads, Multi-user games, online discussion Home banking, Financial service, Financial news Essential Services Home shopping, Electronic catalogs Education and Training Video conferencing, on-line database Page 50 Home Banking Management Home banking services are often categorized as basic, intermediate, and advanced. Basic Services are related to personal finance: checking and savings account statement reporting, round the clock banking with ATM fund transfer, bill payment, account reconciliation, Stop payment request. Intermediate services include a growing collection of home financial management services, which include household budgeting, update stock values and tax return preparation. Advanced Services include stock and mutual fund brokerage or trading services, currency trading, and credit & debit card management. Management Issues in online banking According to dynamic changing in banking industry, bank’s management has resourcefulness and vision to connect the technology and give consumers with new services & products on their satisfactory. Banks must deliver high quality products at the consumer’s convenience with high tech personal and affordable services. Management has to balance the five key values that increasingly drive consumer’s banking decisions: Simplicity, Customized Services, Convenience, Quality & Price Online banking will realize its full potential when the following key elements fall into place: 1. The development of any interesting portfolio of product and services that are attractive to consumer and sufficiently differentiated form competitors. 2. The creation of online financial supply chains to manage the shift from banks as goalkeeper models to banks as gateways. 3. The emergence of low-cost interactive access terminals for the home as well as affordable interactive home information services. 4. The identification of new market segments with unused needs such as the willingness to pay for the convenience of remote banking. 5. The development of effective back-office systems that can support sophisticated retail interface. Page 51 E-Commerce & Retailing: Retailing includes all the activities involved in selling goods as services directly to final consumer for personal, non business use. A retailer or retail store is any business enterprises whose sale volume comes primarily from retailing. Any organization selling to final consumer. Whether it is a manufacturer, whole seller or retailer is doing retailing. It does not matter how the goods or services are sold (By person, mail, telephone, vending machine or Internet) or where they are sold (in a store, on the sheet, or in the consumer’s home). Almost every retailer is re-evaluating every aspects of its operation from customer services to advertisement, merchandise to store design and logistics to order fulfillment. Further more, reaching to the pressure of retailers, supplier and assessing technology based solutions to drive down costs (Labour, delivery and production) and become more efficient producers of goods. Means e-commerce provide a gateway for retails business, now a days supermarkets, Big Bazaar etc, are providing you a commercial website for retail selling. Example: www.futurebazaar.com, www.giftmate.com Online Mercantile Models Online channels such as online services and the web are also impacting traditional retail business models. In traditional model, the consumer went to the store and located the product. In the online model, the retailer seeks out the consumer. The success of catalog retailers demonstrates that a significant portion of customer has embraced the reverse model: the retail going to the customer. Retailers need to consider the following in developing a business model: 1. Product/Content Issues: What kinds of products are suited for online retailing? 2. Software Interface Issues: What kind of futures will constitute an effective interface? What features make it easy to find and select items for online purchases? 3. Process Issues: What are the specific steps in the shopping process from a consumer’s perspective? What kind of processes should companies develop to fulfill orders efficiently? 4. Pricing Issues: How much will consumers be willing to pay for convenience? 5. Payment Issues: What payment methods would consumers use for online purchases? Management Challenges in on-line retailing: Page 52 1. Pay Attention to Product Description 2. Streamline Site Architecture 3. Consider Shopping Search 1.) Pay Attention to Product Descriptions Most medium to large retailers will have a database of products, with product descriptions that are substantially the same between products, or even between competitors who sell products from the same manufacturer. Search engines are not likely to index multiple pages with very similar content, and without something else to differentiate a page from competitors, ranking for that product name will be difficult, McGee said. In fact, it's not likely that retailers want to rank for their exact product names, as found in the product database. Most searchers are not entering a query for "Izod solid crested pique polo," but will instead search for "Izod polo shirt," which would be a better phrase to optimize a page for, he said. "Product databases are not optimized for searchers. It's not hard to convince a client that when we show them how many searches are being done for general terms, like 'polo shirt,' and how few are being done for the specific brand name in the database," McGee said. 2.) Streamline Site Architecture Another challenge for some retailers is the lack of a text-based navigation system, which leaves search engine spiders unable to access many of the products on a site. While all sites should have a search box on their site, it cannot be the only way to navigate the site, McGee said. "At the very least, they need to have a directory or sitemap. But since many users like to browse instead of search for specific products, they should consider adding navigation to product category pages as well," he said. That's not to downplay the value of a well optimized site search. On a large-scale ecommerce site, visitors will head for the site search box about half the time, by some accounts. In addition, many SEO experts agree that generating reports from site search can show the retailer searcher intent and help optimizing pages for certain keywords, both for internal site search and for external search engines. In addition to on-site SEO, retailers should follow the same strategies as other sites to get inbound links to their sites -- such as by providing informational content worth linking to. This can be done with specific sections of the retailer’s site, new mini-sites Page 53 or blogs. Retailers should also consider tagging their product images with relevant keywords and making them available to spiders to they'll be found in image searches. 3.) Consider Shopping Search Another tactic to increase traffic and inbound links is to take advantage of shopping search engines. By showing up in the many places shopping search engines display their results, retailers are increasing their exposure. And since many retailers are currently not taking advantage of these listings, this exposure will give those retailers that do a competitive advantage, if only for a short time. The top five shopping search engines each had more than 20 million unique visitors in December 2006, according to comScore and self-reported numbers. Yahoo Shopping, and CNET topped 30 million unique visitors, followed by Price Grabber, Shopping.com and Shopzilla. NextTag and MSN Shopping added a combined 24 million more unique visitors, bringing the total unique visitors to the top 7 shopping search engines to 163 million last month. Electronic Data Interchange: EDI is defined as the inter-process communication (Computer Application to Computer Application) of business information in a standardized electronic form. Page 54 In short, EDI communicate information pertinent (Appropriate) for business transactions between the computer systems of companies, government organization, small business and banks. Using EDI, trading partners establish computer to computer links that enable then to exchange information electronically. EDI enables retailers and venders to place orders and pay bills electronically, reducing time & the expense of paperwork. The primary advantage of EDI to business is a considerable reduction in transaction costs by improving the speed & efficiency of filling orders. EDI can be used to electronically transmit documents such as purchases orders, invoice, shipping notice, receiving advices, and other standard business correspondence between trading partners. EDI may be most easily understood as the replacement of paper-based purchases order with electronic equivalent. Essential of EDI are 1) 2) 3) 4) An electronic transmission medium (VAN, Internet) Structured formatted message based on agreed standards Relatively fast delivery Direct communication between application Benefits of EDI Two categories of benefits 1) Direct Benefits 2) Strategic Benefits Direct Benefits: 1.) Since the transfer of information form computer to computer is automatically, there is no need to re-send again and again, data is only entered at the source. 2.) Cost of processing EDI documents is much smaller than that of processing paper documents. 3.) Customer service is improved. The quick transfer of business document & marked decrease in error allow orders to be fulfilled faster. 4.) Information is managed more effectively. 5.) There is improved job satisfaction among data entry. 6.) EDI can also reduce postage bills. In short, EDI reduce operating costs, administrative errors and delivery delays. Strategic Benefits: 1.) Customer relations are improved through better quality & speed of service. 2.) Competitive edge is maintained & enhanced. Page 55 3.) Reduction in product costs can be achieved. 4.) Business relations with trading partners are improved. 5.) More accurate sales forecasting & business planning is possible due to information availability at the right place at the right time. E-mail versus EDI E-mail EDI 1. Structure of E-mail is simple & easiest The structure of EDI is more complex. way of sending & receiving mail via an comparing e-mail. network communication 2. Either at the sending end or at the There is typically no human involvement in receiving end, the data are composed by, the processing of the information, as the reply by or interpreted by humans interface has software to software 3. EDI must follow the some EDI standard In e-mail there is no need of any specific without EDI standards transact between standard to which users have to follow. trading parties not take place. 4. The message is compared by a human The interchange is composed by one and/or a replay is composed by a human software for interpretation by another and/or interpreted by a human software. 5. It is not provided much security features EDI provides security aspects to its a the EDI documents provides customers by providing some legal issues. 6. 7. To use this features of internet the users have not need any complex information. They use it by only receiver & self email ID address. No any third party verification no any legal aspects, no any authentication are needed to the user for sending the data or receiving the data. EDI is based on four layer architecture & at each layer there is variety of services provided. EDI provides security, authority on data. Architecture of EDI: The architecture of EDI is divided into four layers. 1) Application Layer 2) Standard Translation Layer 3) Transport Layer confidentially, Page 56 4) Physical Layer Application Layer First layer of EDI defines the business applications that are used by EDI. This layer of EDI translates business application into request for quotation, purchases orders, acknowledgment & invoices. For every company this layer is specific & also for the software that company uses. By this layer of EDI the companies form are change into more specific format & then it may be send to various partners of the companies. The trading partners of the company have a several software applications to handle all forms aspects. To achieve all above activities the company must follow the EDI standards. Examples of EDI Standard are XIZ, ANSI, and EDIFACT etc. If the sender & receivers of company want to exchange some files then requires a compatible standards of EDI. Standard Translation Layer This layer of EDI architecture defines the structure of business form & some content, which are related with the application layer. This layer of EDI has no mean without application layer so we can say that EDI applications & standard are interlinked. For Ex. – EDIFACT, ANSI X12 business form standards. Transport Layer This layer correspondent closely with the non-electronic activity of sending a business form from one company A to company B. The business form could be sent via regular postal services, registered mail or private carrier. EDI documents are exchanged rapidly over electronic networks using the existing e-mail program & infrastructure. EDI document transport is more complex then simply e-mail message or sharing files through a network, a modem, or a bulletin board. EDI documents are more structured than e-mail. Physical Layer This layer defined the component communication path for EDI data transaction. Page 57 What ate the structure of e-commerce supported EDI in which information can be build & what are the communications established over which EDI data transfer from one consumer to another consumer. Information /Data Information /Data Internal format Conversion Internal format Conversion EDI Translator EDI Translator EDI envelope for document messaging EDI envelope for document messaging Modem Internet & VAN How EDI works How EDI works Modem Page 58 1. Preparation of Electronic Documents: The first step in the sequence of EDI is the collection of information and data. In the case of companies who already use computer to issue their documents like purchases orders, they may already have some sort of database which stores those information then they can start with the next step described below. 2. Outbound Translation: The next step is to translate the electronic file or database into a standard format according to the specification of the corresponding document. The resulting data file should contain a series of structured transactions related to the purchases order for example. If more than one company is involved in the particular transaction, individual files should be produced for each of them. 3. Communication: Then the computer should connect and transmit through (VAN) automatically, those data files to the prearranged. The VAN should then process each file and route to the appropriate electronic mailboxes according to the destination set in the file. 4. Inbound Translation: The destination of company should be able to retrieve the file from their electronic mailboxes in a constant period, and then reverse the process by translating the file from the standard format into the specific format required by the company application software. 5. Processing the electronic documents: The internal application system of the destination of company can process the received documents now. All the resulted documents corresponding to the received transaction should use the same process or steps to transmit back to the transaction originator. The whole cycle of the electronic data interchange can then be completed. EDI Standards: The need of defining standard is clear in order to assuring the success of EDI. It is because the EDI relies on the use of standard structure and interpretation of electronic business transaction to perform the interchange of data between all trading partners, so errors can be reduced in the transmission of data regardless the computer system involved. There are two major standard widely used today which defined the syntactical requirement for a wide variety of EDI transaction types. Virtually, almost any business needs can be addressed within those standards. They are briefly described in below. 1) ANSI ASC X12 Standard 2) United Nations EDITFACT Standard ANSI ASC X12 Standard: In 1979, The American National Standard Institute (ANSI) chartered a new committee called the Accredited Standards Committee (ASC) X12 to develop uniform standards for cross-industry electronic communications. It provide Page 59 guideline and rules for EDI on how the data should be structured, what documents should be transmitted electronically. The X12 standard defines a set of documents, which is referred as transaction sets, for a wide range of business transaction forms. Each transaction set is given a numeric code which is similar to the way in most of paper forms where forms numbers are assigned. Example: Transaction Set 850 810 Document Title Purchases Order Invoice Specification No. X12.1 X12.2 United Nations EDIFACT Standards: Many Companies are required to participate in the international market and exchange electronic data over different countries. Obviously, there is a need to extent the EDI in a global basis. With the concerns of this, general authority of UN/EDI. The EDIFACT (Administrations, Commerce, and Transport) standards development is responsible by two groups of organizations. The syntax and the data dictionary are done by the international Standard Organization (ISO). Financial EDI (FEDI): FEDI is typically setup between banks and their corporate customers allow the bank receive payment authorizations from payer
