E Commerce

MBA
(DISTANCE MODE)
DBA 1727
E-COMMERCE TECHNOLOGY
AND MANAGEMENT
III SEMESTER
COURSE MATERIAL
Centre for Distance Education

Anna University Chennai
Chennai – 600 025
i
Author
Mr.A.K.Sheik Manz
Mr.A.K.Sheik oor
Manzoor
Lecturer
Department of Management Studies,
Anna University Chennai,
Chennai- 600025
Reviewer
Dr. L. Suganthi
Professor
Department of Management Studies
Anna University Chennai
Chennai - 600 025
Editorial Board
Dr.T
Dr.T.V
.T.V.Geetha
.V.Geetha Dr.H.P
Dr.H.P eer
.H.Peer
eeruu Mohamed
Professor Professor
Department of Computer Science and Engineering Department of Management Studies
Anna University Chennai Anna University Chennai
Chennai - 600 025 Chennai - 600 025
Dr.C
.C.. Chella
Dr.C ppan
Chellappan D rr.A.K
.A.K annan
Professor Professor
Department of Computer Science and Engineering Department of Computer Science and Engineering
Anna University Chennai Anna University Chennai
Chennai - 600 025 Chennai - 600 025
Copyrights Reserved
(For Private Circulation only)
ii
iii
iii
iv
ACKNOWLEDGEMENT
The author has drawn inputs from several sources for the preparation of this course material, to meet the
requirements of the syllabus. The author gracefully acknowledges the following sources:
• Frontiers of electronic commerce by Kolokota Whinston, Pearson Education,inc.

• Electronic commerce and Managerial Perspective by Efraim Turban, Jaelee, David King and H. Michael
Chung, Pearson Education, inc.,
• Introduction to e-Commerce by Jeffrey F.Rayport, Bernard J.Jaworski, Tata Mcgraw hill edition, Second
Edition.
• Electronic Commerce by Gary Schneider, Seventh edition, Thomson Course Technology.
• Legal issues in Electronic Commerce by T.Ramappa, Macmilllan.
• Text book of Enterprise Resource Planning by Mahadeo Jaisual, Ganesh Vanapalli, Macmillan.
• Albrecht, C.D.Dean and J.Hansen 2005.”Market place and Technology Standards for B2B e-Commerce
progress, Challenge, and the State of the Art”, Information & Management.
Inspite of at most care taken to prepare the list of references any omission in the list is only accidental and
not purposeful.
A.K.Sheik Manzoor
Author
v
vi
DBA 1727 E- COMMERCE TECHNOLOGY AND MANAGEMENT
UNIT I –FUNDAMENTAL OF E-COMMERCE
Dividing forces –benefits and limitations of e-commerce- Basics of data mining, data warehousing and network
infrastructure requirements - Overview of IP, TCP, HTML, OLAP and cryptography.
UNIT II – BUSINESS APPLICATIONS IN E-COMMERCE
Retailing in E-commerce –Market research on internet customers – e-commerce for services sector-Advertising
in e-commerce –B2B e-commerce.
UNIT III – E-COMMERCE INFRASTRUCTURE
Intranet, internet & extranet- Structure, Architecture, Applications & Business models.
UNIT IV - E-COMMERCE PAYMENTS AND SECURITY
E-payments and protocols-Security schemes against internet fraud. Principles of e-fund transfer, credit and
debit card usages, E-check and unified payment systems.
UNIT V – LEGAL AND PRIVACY ISSUES IN E-COMMERCE
Legal, ethics and privacy issues –Protection needs and methodology –Consumer protection, Cyber laws, contracts
and warranties, Taxation and Encryption polices.
REFERENCES
1. Efaim Turban etal.’Electronic Commerce –A Managerial Perspective’, Pearson Education Asia, 2002.
2. Kalakota et al, ‘Frontiers of Electronic Commerce’, Addison Welsley, 2001.
3. Sandeep Krishnamurthy,’E-Commerce Management –Text and Cases’, Thomson Learning, 2003
4. Greenstein Firsman,’Electronic Commerce’, Tata McGraw Hill, 1999.
5. Nabil Adam et al,’Electronic Commerce –Technical, Business and Legal Issues’. Prentice Hall.1998.
vii
viii
CONTENT
UNIT I
FUNDAMENTAL OF E-COMMERCE
1.1 INTRODUCTION TO E-COMMERCE 1

1.1.1 Introduction 1
1.1.2 Brief history of e-commerce 1
1.1.3 Definition of e-commerce 2
1.1.4 Classifications of e-commerce applications 4
1.1.5 Types of e-commerce 6
1.1.6 Scope of e-commerce 8
1.1.7 E- commerce in action 9
1.1.8 Architectural framework of e commerce 14
1.1.9 Advantages of E-Commerce 23
1.1.10 Disadvantages of E-Commerce 24
1.2 DRIVING FORCES OF E-COMMERCE 24
1.2.1 Environmental factors that create Business Pressures 25
1.2.2 Critical response activities by Organizations 27
1.2.3 E-Commerce Communities 29
1.2.4 Is e-Commerce the Same as e-Business? 30
1.3 BENEFITS AND LIMITATIONS OF E-COMMERCE 31
1.3.1 The Benefits of EC 31
1.3.2 The Limitations of EC 34
1.4 DATA MINING 35
1.4.1 Introduction to Data Mining 35
1.4.2 The Scope of Data Mining 37
1.4.3 Techniques used in Data Mining 38
1.4.4 How Data Mining Works 38
1.4.5 Profitable Applications 41
1.4.6 Trends that Effect Data Mining 42
1.5 DATE WAREHOUSING 43
1.5.1 What is data warehousing? 43
1.5.2 Definitions 44
ix
1.5.3 Advantages of data warehouse 45
1.5.4 Types of data warehouses: 46
1.5.5 Aspects of data warehouse architecture 47
1.6 NETWORK INFRASTRUCTURE REQUIREMENTS 49
1.6.1 The Existing Network 49
1.6.2 Network Infrastructure Components 50
1.6.3 Planning Your Network Infrastructure Layout 52
1.7 TRANSMISSION CONTROL PROTOCOL/
INTERNET PROTOCOL TCP / IP 55
1.7.1 Introduction to TCP/IP 55
1.7.2 Internet Protocols 56
1.7.3 What is TCP/IP? 57
1.7.4 TCP/IP Services 58
1.7.5 Features of TCP/IP 59
1.7.6 TCP/IP Terminology 60
1.7.7 TCP/IP – Connectionless technology 64
1.8 HYPERTEXT MARKUP LANGUAGE (HTML) 64
1.8.1 Web Based Client / Server 64
1.8.2 Mark up Languages and the Web 66
1.8.3 Hypertext Markup Language (HTML) 66
1.9 OLAP: ON-LINE ANALYTICAL PROCESSING 73
1.9.1 Introduction: 73
1.9.2 What is OLAP? 73
1.9.3 Olap Server 77
1.9.4 Uses of Olap 78
1.9.5 OLAP Benefits 78
1.10 CRYPTOGRAPHY 79
1.10.1 Introduction to Cryptography 79
1.10.2 Cryptographic services 79
1.10.3 Cryptographic primitives 83
1.10.4 Authentication primitives 85
1.10.5 Cryptographic protocols 87
x
UNIT II
BUSINESS APPLICATIONS IN E-COMMERCE
2.1 RETAILING IN E-COMMERCE 93

2.1.1 Electronic Commerce and Retailing 93
2.1.2 E-retailing 94
2.1.3 Difference between Traditional retailing and E-retailing 95
2.1.4 Benefits of E-Retailing 96
2.1.5 Models of E-Retailing 98
2.1.6 Features of E-Retailing 101
2.1.7 Changing Retail Industry Dynamics 101
2.2 INTERNET CONSUMERS AND MARKET RESEARCH 110
2.2.1 What is Internet Marketing 110
2.2.2 Scope of Internet Marketing 111
2.2.3 E-Business issues & internet marketing 113
2.2.4 The Seven Stages of Internet Marketing 114
2.2.5 Customer Relationship Management 120
2.2.6 Benefit from an e-Commerce Sales Strategy 122
2.2.7 Critical success factors for internet marketing executives 123
2.3 E-COMMERCE FOR SERVICE SECTOR 125
2.3.1 E-Services 125
2.3.2 Electronic Commerce and Banking 132
2.3.3. Banking Via Online Services 135
2.4 ADVERTISING AND ONLINE PUBLISHING 140
2.4.1 Advertising and Online Publishing 140
2.4.2 Electronic Commerce and Online Publishing 143
2.5 B2B E-COMMERCE 150
2.5.1 B2B - Business to Business E-Commerce 150
2.5.2 Automated Ecommerce Transactions 152
2.5.3 Characteristics of B2B EC 153
2.5.4 What is B2B Marketing Communications 154
2.5.5 E-Marketplace 155
2.5.6 EDI Standards 157
2.5.7 Business – to – business aucitons 160
2.5.8 Business – to- business services 161
xi
UNIT III
E-COMMERCE INFRASTRUCTURE
3.1 INTERNET 165

3.1.1 What is the Internet 165
3.1.2 Internet Structure 166
3.1.3 The Internet and its Characteristics 167
3.1.4 The Internet Tools and their Characteristics 168
3.1.5 Web based Client/Server 171
3.1.6 Elements of Internet Architecture 173
3.1.7 Common uses of the Internet 177
3.1.8 Marketing 184
3.1.9 Online Internet Business Models 184
3.2 INTRANET 191
3.2.1 What is an Intranet 191
3.2.2 TCP/IP protocol suite 191
3.2.3 The benefits of Intranets 192
3.2.4 Basic intranet structure 195
3.2.5 Internet Architecture 195
3.2.6 Internet/Intranet Applications 200
3.3 EXTRANET 202
3.3.1 What is an Extranet 202
3.3.2 Features of Extranet 203
3.3.3 Industry use 204
3.3.4 Extranet applications 205
3.3.5 Disadvantages 206
3.3.6 E-Commerce Business Models 206
UNIT IV
E-COMMERCE PAYMENTS AND SECURITY
4.1 ELECTRONIC PAYMENTS AND PROTOCOLS 213

4.1.1 Electronic Payment Systems 213
4.1.2 Designing Electronic Payment Systems 216
xii
4.1.3 Secure Electronic Transaction (SET) Protocol 217
4.2 SECURITY SCHEMES AGAINST INTERNET FRAUD 220
4.2.1 Security Issues 220
4.2.2 Security Schemes 221
4.2.3 Creating a Secure System 228
4.2.4 Storing Secure Information 229
4.3 ELECTRONIC FUNDS TRANSFER 231
4.3.1 What is EFT? 231
4.3.2 Where do we find EFT? 231
4.3.3 Advantages of EFT: 231
4.3.4 Electronic Funds Transfers Initiated By Third Parties 232
4.3.5 Online Catalogs 235
4.3.6 Intelligent Agents 236
4.4 CREDIT CARD BASED-ELECTRONIC PAYMENT SYSTEM 237
4.4.1 What is credit card? 237
4.4.2 Secured credit cards 237
4.4.3 Credit cards in ATMs 239
4.4.4 Credit Card payment-online networks 240
4.4.5 Encryption and Credit Cards 241
4.4.6 Advantages and Disadvantage of credit cards 242
4.4.7 Infrastructure for On-Line Credit Card Processing 244
4.4.8 Risks from Mistake and Disputes: Consumer Protection 245
4.5 DEBIT CARD BASED-ELECTRONIC PAYMENT SYSTEM 247
4.5.1 What is a debit card 247
4.5.2 Types of debit card 248
4.5.3 Online and offline debit transactions 249
4.5.4 Advantages and Disadvantages 250
4.6 ELECTRONIC CHECKS 252
4.6.1 E-Checks 252
4.6.2 Benefits of Electronic Checks 252
4.6.3 How do Electronic Check works? 253
4.6.4 Why do we use e-checks? 254
4.6.5 Comparison with other payment instruments 255
4.7 STORED VALUE CARDS AND E-CASH 256
4.7.1 Smart Cards 256
4.7.2 Smart Cards and Electronic Payment Systems 256
xiii
4.7.3 Electronic or Digital Cash 259
4.7.4 Using the Digital Currency 261
4.7.5 Drawback of E-cash 263
4.7.6 Business Issues and Electronic Cash 263
4.7.7 Operational Risk and Electronic Cash 264
4.7.8 Legal Issues and Electronic Cash 265
4.7.9 Electronic Tokens 267
4.7.10 Other Emerging Financial Instruments 268
UNIT V
LEGAL AND PRIVACY ISSUES
IN E-COMMERCE
5.1 LEGAL ASPECTS OF E- COMMERCE 273

5.1.1 Legal issues 273
5.1.2 Copyright and the Internet 276
5.1.3 Issues Related to Jurisdicary 277
5.1.4 Service Provider liability 277
5.1.5 Formation of an Enforceable Online Contract 277
5.2 ETHICAL, SOCIAL, AND POLITICAL ISSUES IN ECOMMERCE 278
5.2.1 Ethics, Social and Political issues 278
5.2.2 Basic Ethical Concepts: Responsibility Accountability, and Liability
Analyzing Ethical Dilemmas 281
5.2.3 Privacy and Information Rights 282
5.3 PROTECTING INTELLECTUAL PROPERTY 285
5.3.1 Intellectual Property Rights 285
5.3.2 Types of Intellectual Property Protection 286
5.4 CYBER LAW, CONTRACTS AND WARRANTIES 291
5.4.1 Cyber law 291
5.4.2 Contracting and Contract Enforcement in EC 292
5.4.3 Warranties on the web 293
5.5. TAXATION AND ENCRYPTION POLICIES 294
5.5.1 Introduction on Taxation 294
5.5.2 Current Law - A Moratorium on Internet Taxes 295
xiv
5.5.3 Taxation of Ecommerce - The Significant Issues 298
5.5.4 The Future for Ecommerce Taxation 301
5.5.5 Encryption policy 301
5.5.6 Customer’s Trust Online 303
5.5.7 Steps to Plan Successful E-Commerce 304
xv
E-COMMERCE TECHNOLOGY AND MANAGEMENT
NOTES
UNIT I
FUNDAMENTAL OF E-COMMERCE
1.1 INTRODUCTION TO E-COMMERCE
1.1.1 Introduction
Two thousand years ago, Roman roads brought trade and commerce to Europe in
an unprecedented manner. A thousand years ago, the spice routes linked the cultures of
East and West. At the dawn of the second millennium, the Internet, the world’s largest
computer network, the network of networks, is making fundamental changes to the lives
of everyone on the planet-changing forever the way business is conducted.
Internet has become an important medium for doing global business based on the
state of the art technology. Global business was conducted in a new way: electronically,
using networks and the Internet. The availability of Internet has led to the development of
E-Commerce (Electronic commerce), in which business transactions take place via
telecommunication networks. E-Commerce has two major aspects: economical and
technological. The stress of this course will show you how to get started in the complex
and exciting world of Electronic Commerce. New standards and new facilities are constantly
emerging and their proper understanding is essential for the success of an operation and
especially for those who are assigned a duty to select, establish, and maintain the necessary
infrastructure.
1.1.2 Brief History Of E-Commerce
The history of E-commerce is a history of how Information Technology has

transformed business processes. Some authors will track back the history of E-commerce
to the invention of the telephone at the end of last century. The Internet was conceived in
1 ANNA UNIVERSITY CHENNAI

DBA 1727
1969, when the Advanced Research Projects Agency (a Department of Defence

NOTES organization) funded research of computer networking. The Internet could end up like
EDI (Electronic Data Interchange) without the emergence of the World Wide Web in
1990s. EDI (Electronic Data Interchange) is widely viewed as the beginning of E-commerce
if we consider E-Commerce as the networking of business communities and digitalization
of business information.
EDI, which expanded from financial transactions to other transaction processing

and enlarged the participating companies from financial institutions to manufacturers, retailers,
services, and so on. Many other applications followed, ranging from stock trading to travel
reservation systems. Such systems were described as telecommunication applications and
their strategic value was widely recognized. With the commercialization of the Internet in
the early 1990s and its rapid growth to millions of potential customers, the term electronic
commerce was coined, and EC applications expanded rapidly. One reason for the rapid
expansion of the technology was the development of networks, protocols, software, and
specifications. The other reason was the increase in competition and other business
pressures. From 1995 to 1999 we have witnessed many innovative applications ranging
from advertisement to auctions and virtual reality experiences. Almost every medium- and
large-sized organization in the United States already has a Web site many are very extensive;
for example, in 1999 General Motors Corporation offered 18,000 pages of information
that included 98,000 links to its products, services, and dealers.
1.1.3 Definition Of E-Commerce:
Electronic commerce is an emerging model of new selling and merchandising

tools in which buyers are able to participate in all phases of a purchase decision, while
stepping through those processes electronically rather than in a physical store or by phone
(with a physical catalogue). The processes in electronic commerce include enabling a
customer to access product information, select items to purchase, purchase items securely,
and have the purchase settled financially. It is an emerging concept that describes the
process of buying and selling or exchanging of products, services; and information via
computer networks including the Internet.
E-commerce is basically, doing business-as-usual, but across the Internet. You

advertise your products or services on your Web site, as you would in any other media like
newspapers, TV or brochures. Advertising on your Web site can be done in two ways.

• The first is by use of a relatively simple Web site consisting of a few pages whereby
you tell potential customers who you are, what you do, where you are and how
NOTES
they can contact you ( easiest done by giving them your email address).
• The second way of enabling world-wide customers to buy from you is to provide
them with an On-Line Catalogue of your products which they can browse at
their leisure without having to go to your place of business.
On-Line Catalogue:
On-Line Catalogue is that catalogue where people access via the Internet. On-
Line Catalogue is an integral part of website, enabling customers to...
• Browse through stock list, read about an item or service;

• Look at photographs of the products.
• Select which items they want to purchase
• And drop them into a shopping cart as they go along.
• When they have completed their shopping, they go to the
• Check-Out.
The next step is to request the order by filling in their details and method of payment
on a form which is waiting for them at the Check-Out. The form is already partially completed
with a breakdown of the items in their shopping cart, prices inclusive of tax, and shipping
& handling charges, if any. If they choose to pay by credit card, the form includes a place
for them to fill in their credit card number. And then, with one press of a button, they send
the order to you.
Electronic Commerce under different perspectives:
Let’s see how Electronic Commerce (EC) is defined under each perspective.
1. Communications Perspective
EC is the delivery of information, products /services, or payments over the telephone
lines, computer networks or any other electronic means.

DBA 1727
2. Business Process Perspective

NOTES EC is the application of technology toward the automation of business transactions
and work flow.
3. Service Perspective
EC is a tool that addresses the desire of firms, consumers, and management to cut
service costs while improving the quality of goods and increasing the speed of
service delivery.
4. Online Perspective
EC provides the capability of buying and selling products and information on the
internet and other online services.
1.1.4 Classifications of E-Commerce Applications
Electronic Commerce (e-Commerce) is a general concept covering any form of

business transaction or information exchange executed using Information and Communication
Technologies (ICTs). E-Commerce takes place between companies, between companies
and their customers, or between companies and public administrations. Electronic
Commerce includes electronic trading of goods, services and electronic material.
E-Commerce systems include commercial transactions on the Internet but their

scope is much wider than this; they can be classified by application type:
Electronic Markets:
The principle function of an electronic market is to facilitate the search for the
required product or service. Airline booking systems are an example of an electronic market.
Electronic Data Interchange (EDI):
Electronic Data Interchange (EDI) is the electronic exchange of business documents

in a standard, computer processable, universally accepted format between-trading partners.
EDI is quite different from sending electronic mail, messages or sharing files through a
network. In EDI, the computer application of both the sender and the receiver, referred to
as Trading Partners (TPs) have to agree upon the format of the business document which
is sent as a data file over electronic messaging services.

The two key aspects of EDI that distinguish it from other forms of electronic communication,
such as electronic mail, are:
NOTES
1. The information transmitted is directly used by the recipient computer without the
need for human intervention is rarely mentioned but often assumed that EDI refers
to interchange between businesses. It involves two or more organization or parts of
organization communicating business information with each other in a common agreed
format.
2. The repeated keying of identical information in the traditional paper-based business.
Communication creates a number of problems that can be significantly reduced
through the usage of EDI. These problems include: -
• Increased time
• Low accuracy
• High labour charges
• Increased uncertainty.
To take full advantage of EDI’s benefits, a company must computerize its basic
business applications. Trading partners are individual organization that agrees to exchange
EDI transactions. EDI cannot be undertaken unilaterally but requires the cooperation and
active participation of trading partners. Trading partners normally consists of an organization’s
principal suppliers and wholesale customers. Since large retail stores transact business
with a large number of suppliers they were among the early supporters of EDI. In the
manufacturing sector, EDI has enabled the concept of Just-In-Time inventory to be
implemented. JIT reduces inventory and operating capital requirements.
EDI provides for the efficient transaction of recurrent trade exchanges between
commercial organizations. EDI is widely used by, for example, large retail groups and
vehicle assemblers when trading with their suppliers.
Internet Commerce
The Internet (and similar network facilities) can be used for advertising goods and
services and transacting one-off deals. Internet commerce has application for both business-
to-business and business to consumer transactions.

DBA 1727
NOTES
The three categories of E Commerce
1.1.5 Types of e-commerce
There are a number of different types of E-Commerce
• B2B - Business to Business

• B2C - Business to Consumer
• C2B - Consumer to Business
• B2E - Business to Employee
• C2C - Consumer to Consumer

B2B - Business to Business

NOTES
E-commerce has been in use for quite a few years and is more commonly known
as EDI (electronic data interchange). In the past EDI was conducted on a direct link of
some form between the two businesses where as today the most popular connection is the
internet. The two businesses pass information electronically to each other. B2B e-commerce
currently makes up about 94% of all e-commerce transactions.
Typically in the B2B environment, E-Commerce can be used in the following processes:
• Procurement;
• order fulfilment;
• Managing trading-partner relationships.
B2C - Business to Consumer
Business to Consumer e-commerce is relatively new. This is where the consumer

accesses the system of the supplier. It is still a two way function but is usually done solely
through the Internet.
B2C can also relate to receiving information such as share prices, insurance quotes,
on-line newspapers, or weather forecasts. The supplier may be an existing retail outlet
such as a high street store; it has been this type of business that has been successful in using
E-Commerce to deliver services to customers. These businesses may have been slow in
gearing-up for E-Commerce compared to the innovative dot.com start ups, but they usually
have a sound commercial structure as well as in-depth experience of running a business -
something which many dotcoms lacked, causing many to fail.
Example: A home user wishes to purchase some good quality wine. The user accesses the
Internet site http://www.craigs.com.au and follows the links to read a report on the
recommended wines. After reading the tasting notes the user follows the links to place an
order along with delivery and payment details directly into the merchants’ inventory system.
The wine is then dispatched from the supplier’s warehouse and in theory is delivered to the
consumer without delay.

DBA 1727
C2B - Consumer to Business

NOTES
Consumer to Business is a growing arena where the consumer requests a specific
service from the business. Example: Harry is planning a holiday in Darwin. He requires a
flight in the first week of December and is only willing to pay Rs. 250. Harry places a
submission with in a web based C2B facility. Dodgy Brothers Airways accesses the facility
and sees Harry’s submission. Due to it being a slow period, the airline offers Harry a return
fare for Rs. 250.
B2E - Business to Employee
Business to Employee e-commerce is growing in use. This form of E-commerce is

more commonly known as an ‘Intranet’. An intranet is a web site developed to provide
employees of an organisation with information. The intranet is usually access through the
organisations network, it can and is often extended to an Entrant which uses the Internet
but restricts uses by sign on and password.
C2C - Consumer to Consumer
These sites are usually some form of an auction site. The consumer lists items for
sale with a commercial auction site. Other consumers access the site and place bids on the
items. The site then provides a connection between the seller and buyer to complete the
transaction. The site provider usually charges a transaction cost. In reality this site should
be call C2B2C.
B2A is the least developed area of E-Commerce and it relates to the way that
public sector organisations, at both a central and local level, are providing their services
on-line. Also known as e-Government, it has the potential to increase the domestic and
business use of e-Commerce as traditional services are increasingly being delivered over
the Internet. The UK government is committed to ensuring this country is at the forefront
of e-Commerce and it is essential that e-Government plays a significant part in achieving
this objective.
1.1.6 Scope of E-Commerce
• Selling can be focussed to the global customer

• Pre-sales, subcontracts, supply

• Financing and insurance

• Commercial transactions: ordering, delivery, payment
NOTES
• Product service and maintenance
• Co-operative product development
• Distributed co-operative working
• Use of public and private services
• Business-to-administrations (e.g. customs, etc)
• Transport and logistics
• Public procurement
• Automatic trading of digital goods
• Accounting
• Dispute resolution
1.1.7 E- Commerce in Action

DBA 1727
How E-Commerce Works

NOTES
The consumer first moves through the internet to the merchant’s web site. At the
web site, the consumer is briefly given an introduction to the product or services the merchant
offers. It is at this point that the consumer makes the decision to visit the web store by
clicking on a link or button located on the web page (e.g., Buy Now, Shop Online, or an
image of a shopping cart button are common entry points into a web store). After choosing
to visit the web store, the consumer is typically connected to an online transaction server
located somewhere else on the internet which runs software commonly referred to as a
shopping cart application. The shopping cart application has been setup by the merchant
to display all products and services offered, as well as calculate pricing, taxes, shipping
charges, etc.
From there, the consumer decides that he wants to purchase something, so he

enters all pertinent credit card information and a sales order is produced. Depending on
the ecommerce implementation, the sales order can now take two totally different paths
for confirming to the consumer that the order is officially placed.
Scenario 1
The consumer’s credit card information goes directly through a private gateway to
a processing network, where the issuing and acquiring banks complete or deny the
transaction. This generally takes place in no more than 5-7 seconds and the consumer is
then informed that the order was received, the credit card was authorized, and that the
product will ultimately be shipped.
Scenario 2
The consumer’s entire order and credit card information is electronically submitted
back to the merchant’s server (usually via email, FTP, or SSL connection) where the order
can be reviewed first and then approved for credit card authorization through a processing
network. The consumer then receives an email shortly afterwards, confirming the order
being received, the credit card being authorized, and status on when the product will
exactly be shipped.

In both scenarios, the process is transparent to the consumer and appears virtually
the same. However, the first scenario is a more simplistic method of setting up a shopping
NOTES
cart application and does not take into consideration any back office issues that may delay
shipment (i.e., items out of stock, back orders, orders submitted after office hours or
during holidays, etc.). ManageMore’s eCommerce Manager relies on the second scenario
to handle all of its ecommerce orders. This second scenario keeps the consumer accurately
informed throughout the entire ordering process.
Let us assume an ecommerce implementation that uses the second scenario mentioned
above.
There are several basic steps you will need to accomplish before becoming Commerce
enabled.
1. Getting a Merchant Bank Account

2. Web Hosting
3. Web Design Considerations
4. Registering a Domain Name
5. Obtaining a Digital Certificate
Getting a Merchant Bank Account
In order to be able to accept credit cards, you must apply for an account with a
credit card merchant account provider. This can be relatively easy or somewhat difficult,
depending on which country you live in, and the type of business you are running.
When choosing a merchant account provider, the following should also be noted:
1. In order for credit card authorization to be automatic from within ManageMore,

you must ensure that your merchant account provider has credit card processors
that connect with IC Verify™, PC Charge™, or AuthorizeNet™ (i.e.Intellicharge
Interface) software. These products are sold separately from ManageMore and
eliminate the need for merchant terminal devices or separate time consuming steps
to approve credit cards.
2. Your merchant account provider must allow you to handle non-swiped credit card
transactions. This refers to transactions where the customer is not present and only
the credit card number and expiration date are being used for approving the charges.

DBA 1727
3. When choosing a merchant account provider, you should do a little research on the
NOTES company’s reputation, years in business, and company size. Constantly changing to
a new merchant account provider when your old one goes out-of business can be
costly and time consuming.
4. Avoid merchant account providers that ask for a non-refundable fee before you get
approved.
5. Avoid merchant account providers that require 1 or 2 year contract terms. Since
there are so many merchant account providers available, it doesn’t make sense to
lock your company into a commitment for any period of time.
6. Expect merchant account providers to have some form of a sign up fee after being
approved only. These fees can come in the form of an application fee, processing
fee, software fee, etc. Typically expect to pay around $100 to $500 for getting an
account setup to accept credit cards and sometimes electronic checks.
7. You should be able to find a merchant account provider that can offer you discount
credit cards rates ranging from 1.75% to 2.75% and no more than .25 cent per
transaction. If not, contact Intellisoft regarding our merchant account provider
affiliates and the free Intellicharge Interface just for signing up with them.
8. You will need a dedicated phone line or data line for processing credit cards and
electronic checks. Note: If your computer or local area network is already connected
to the internet, a separate data line will not be necessary if you use the Intellicharge
Interface for electronic payment.
Web Hosting
Web hosting is a very important step in this process, as this is how you gain a
presence on the internet in the first place. There are actually two scenarios that can be used
for web hosting. Scenario1 involves setting up and maintaining your own web server,
while Scenario 2 involves farming out all web hosting administration to an ISP.
An Internet Service Provider (ISP) is a company that provides you with internet
access and limited hard drive space on their web servers for hosting your web site.
The following should be noted when searching for an Internet Service Provider:
1. Always try to find an ISP that can provide a local telephone number for you to
connect to the internet.

2. Choose an ISP that is known for having few interruptions of service.

3. Choose an ISP that is known for good technical support and has knowledgeable
NOTES
people familiar with ecommerce sites.
4. Choose an ISP that consistently has fast connection speeds.
5. As with any company you do business with, make sure the ISP is reputable.
The online transaction providers that offer the actual web store itself can sometimes
be hosted by your same ISP or may require a completely different provider, referred to as
a Commerce Service Provider (CSP). Many small businesses tend to choose CSP’s for
creating a web store because it gives them the flexibility of choosing a provider that offers
competitive pricing and the best shopping cart application for their needs. Online transaction
providers will usually provide one shopping cart solution they feel is better than the many
others that exist and differ by price, appearance, layout, functionality, and ease of use.
The following should be noted when dealing with shopping cart applications:
1. Online transaction providers will either sell or rent you the use of an online shopping
cart application for your business. Be forewarned that purchasing an online shopping
cart application is very expensive. Most businesses will rent these online web store
programs rather than committing to such a steep investment.
2. Rental pricing for the use of shopping cart programs vary depending on number of
transactions generated a month, number of products listed on the shopping cart
application, and the sophistication of the shopping cart application itself.
3. There are a lot of online transaction providers out there, and they all have varying
packages. Deciding on a provider’s package that fits your needs is perhaps the
most important aspect.
Web Design Considerations
With little knowledge of HTML and a lot of patience, you can probably create
your own corporate web site with the help of products like Microsoft FrontPage™ or
DreamWeaver™. However, when adding a web store to your web site, you may want to
seek the help of professional web designers to make the look and feel of your web store
consistent with the rest of your corporate web site. Most shopping cart applications, like
SoftCart by Mercantec, allow its templates to be modified just for this purpose. In many
cases, the same ISP or CSP you choose can provide web design and consultation.

DBA 1727
Registering a Domain Name

NOTES
Domain names are the names for computers on the Internet that correspond to IP
(Internet protocol) numbers to route information to addresses on the Internet network.
Domain names serve as a convenient way of locating information and people on the Internet.
In layman terms, will it be important to you, for customers to find your web site by typing
“123.123.456.456” or by typing something simple to remember like “www.mybiz.com?”
Registering a domain name is one of the most important decisions you can make for your
online identity. Your domain name says who you are to your clients, your peers - the whole
world. The basics for registering a domain name are:
Contact a domain name registrar on the internet to register for a domain name.
There are many to choose from, just do a web search on “domain name registrar” to get
you started.
2. Select a unique domain name you would like others to use for finding your web site.
Obtaining a Digital Certificate
A digital certificate, also known as a SSL Server Certificate, enables SSL (Secure
Socket Layer encryption) on the web server. SSL protects communications so you can
take credit card orders securely and ensure that hackers cannot eavesdrop on you. Any
ecommerce company that provides you with an online web store will require you to have
SSL before you can use their services. Thankfully, for most people obtaining a digital
certificate is not a problem. For a minimal fee, one can usually use the certificate owned by
the web hosting company where your page resides. If you are a larger company, however,
you may want to get your own digital certificate.
1.1.8 Architectural Framework of E Commerce
A framework is intended to define and create tools that integrate the information
found in today’s closed systems and allows the development of e-commerce applications.
It is important to understand that the aim of the architectural frame-work itself is not to
build new database management systems, data repository, computer languages, software
agent based transaction monitors, or communication protocols. Rather, the architecture
should focus on synthesizing the diverse resources already in place in corporations to

facilitate the integration of data and software for better applications. The electronic
commerce application architecture consists of six layers of functionality, or services:
NOTES
1) applications;
2) brokerage services, data or transaction management;
3) interface, and; support layers”
4) secure messaging, security and electronic document interchange;
5) middle ware and structured document interchange; and
6) network infrastructure and basic communications services (see Table. 1.1.8 a).
These layers co-operate to provide a seamless transition between today’s computing

resources and those of tomorrow by transparently integrating information access and
exchange within the context of the chosen application. As seen in Fig., electronic commerce
applications are based on several elegant technologies. But only when they are integrated
do they provide uniquely powerful solutions.
In the ensuing discussion of each of these layers, we will not elaborate on the
various aspects of the network infrastructure that transports information. These were
discussed extensively earlier and will not be addressed here. We begin our discussion with
the application level services.
Table 1.1.8a Electronic Commerce: A conceptual framework

DBA 1727
1.1.8.1 Electronic Commerce Application Services

NOTES
The application services layer of e-commerce will be comprised of existing and
future applications built on the innate architecture. Three distinct classes of electronic
commerce application can be distinguished: customer to business, business-to-business,
and intra organization
Consumer-to-Business Transactions
We call this category marketplace transaction. In a marketplace transaction,

customers learn about products differently through electronic publishing, buy them differently
using electronic cash and secure payment systems, and have them delivered differently.
Also, how customers allocate their loyalty may also be different. In light of this, the
organization itself has to adapt to a world where the traditional concepts of brand
Differentiation no longer hold-where “quality” has a new meaning, where “content”

may not be equated to “product,” Where “distribution” may not automatically mean “physical
Transport.” In this new environment, brand equity can rapidly evaporate forcing
firms to develop new ways of doing business
Business-to Business Transactions
We call this category market-link transaction. Here, businesses, governments, and

other organizations depend on computer - to-computer communication as a fast, an
economical, and a dependable way to conduct business’ transactions. Small companies
are also beginning to see the benefits of adopting the same methods. Business-to-business
transactions include the use of EDI and electronic mail for purchasing goods and services,
buying information and consulting services, submitting requests for proposals, and receiving
proposals. Examine this scenario.
The current accounts payable process occurs through the exchange of paper
documents. Each year the trading partners exchange millions of invoices, checks, purchase
orders, financial reports, and other transactions. Most of the documents are in electronic
form at their point of origin but are printed and key-entered at the point of receipt. The
current manual process of printing, mailing is costly, time consuming, and error-prone.

Given this situation and faced with the need to reduce costs, small businesses are looking
toward electronic commerce as a possible savior.
NOTES
Intra-organizational Transactions
We call this category market-driven transactions. A company becomes market

driven by dispersing throughout the firm information about its customers and competitors;
by spreading strategic and tactical decision making so that all units can participate; and by
continuously monitoring their customer commitment by making improved customer
satisfaction an ongoing objective. To maintain the relationships that are critical to delivering
superior customer value, management must pay close attention to service, both before and
after sales. In essence, a market-driven business develops a comprehensive understanding
of its customers’ business and how customers in the immediate and downstream markets
perceive value.
Three major components of market-driven transactions are
• customer orientation through product and service

• customization; cross-functional coordination through enterprise
• integration; and advertising, marketing, and customer service.
1.1.8.2 Information Brokerage and Management
The information brokerage and management layer provides service integration

through the notion of information brokerages, the development of which is necessitated by
the increasing information resource fragmentation. We use the notion of information brokerage
to represent an intermediary who provides service integration between customers and
information providers, given some constraint such as a low price, fast service, or profit
maximization for a client. Information brokers, for example, are rapidly becoming necessary
in dealing with the voluminous amounts of information on the networks. As on-line databases
migrate to consumer information utilities, consumers and information professionals will
have to keep up with the knowledge, and owner-ship of all these systems.
Most professionals have enough trouble keeping track of files of 1 interest on one
or two database services. With all the complexity associated with large numbers of on-line
databases and service bureaus, if it is impossible to expect humans to do the searching. It

DBA 1727
will have to be software programs-information brokers or software agents, to use the

NOTES more popular term-that act on the searcher’s behalf. Information brokerage does more
than just searching. It addresses the issue of adding value to the information that is retrieved.
For instance, in foreign exchange trading, information is retrieved about the latest currency
exchange rates in order to hedge currency holdings to minimize risk and maximize profit.
In other words, the act of retrieving the information is the input to other transactions. With
multiple transactions being the norm in the real world, service integration becomes critical.
Taking the same foreign exchange example further, service integration allows one to link
the hedging program (offered on a time-sharing basis by a third party) with the search
program (could be another vendor) that finds the currency rates from the cheapest on-line
service to automatically send trades to the bank or financial services company. In effect, a
personalized automated trading system can be created without having to go to any financial
institution. This is just one example of how information brokerages can add value.
Another aspect of the brokerage function is the support for data management and
traditional transaction services. Brokerages may provide tools to accomplish more
sophisticated, time-delayed updates or future compensating transactions. These tools include
software agents, distributed query generator, the distributed transaction generator, and the
declarative resource constraint base which describes a business’s rules and-environment
information. At the heart of this layer lies the work-flow scripting environment built on a
software agent model that coordinates work and data flow among support services.
As pointed out earlier, software agents are used to implement information

brokerages. Software agents are mobile programs that have been called “healthy viruses,”
“digital butlers/” and “intelligent agents.” Agents are encapsulations of users’ instruction
that perform all kinds of tasks in electronic market places spread across networks.
Information brokerages dispatch agents capable of information resource gathering,
negotiating deals, and performing transactions. The agents are intelligent because they
have contingency plans of action. They examine themselves and their environment and if
necessary change from their original course of action to an alternative plan.
For example, suppose you send an agent to an on-line store with a request to
order a bouquet of roses for Rs. 25 or less. If the shop offers roses starting at Rs. 30, your
agent can either choose a different bouquet or find a different store by consulting an online
“Yellow Pages” directory, depending on prior instructions. Although the notion of software
agents sounds very seductive, it will take a while to solve the problems of interregna

communication, interoperable agents, and other headaches that come with distributed
computing and net-working. To some critics, the prospect of a single-agent language like
NOTES
Telescript as a world standard is disturbing. They worry that agents sound a bit too much
like computer viruses, which instead of running errands may run amok. Vendors such as
General Magic go to great lengths to explain the precautions it has taken to make this
impossible: the limits placed on the power of agents, the “self-destruct” mechanism built
into their codes. Yet until electronic commerce services are up and running on a large scale,
it is impossible to know how well software agents will work.
1.1.8.3 Interface and Support Services
The third layer, interface and support services will provide interfaces for electronic
commerce applications such as interactive catalogs and will sup-port directory services-
functions necessary for information search and access. These two concepts are very
different.
Interactive catalogs are the customized interface to consumer applications such

as home shopping. An interactive catalog is an extension of the paper-based catalog and
incorporates additional features such as sophisticated graphics and video to make the
advertising more attractive. Directories, on the other hand, operate behind the scenes and
attempt to organize the enormous amount of information and transactions generated to
facilitate electronic commerce. Directory services databases make data from any server
appear as a local file. A classic example of a directory is the telephone White Pages, which
allows us to locate people and telephone numbers. In the case of electronic commerce,
directories would play an important role in information management functions. For instance,
take the case of buying an airline ticket with several stopovers with the caveat that the time
between layovers be minimized. This search would require several queries to various on-
line directories to-find empty seats on various airlines and then the avail-ability of seats
would; be coordinated with the amount of time spent in the air-port terminals.
The primary difference between the two is that unlike interactive catalogs, which
deal with people, directory support services interact directly with soft-ware applications.
For this reason, they need not have the multimedia glitter and jazz generally associated
with interactive catalogs. From a computing perspective, we can expect that there will be
no one common user interface that will glaze the surface of all electronic commerce
applications, but graphics and object manipulation will definitely dominate. Tool developers

DBA 1727
and designers might incorporate common tools for interface building, but the shape of
NOTES catalogs or directories will depend on the users’ desires and functional requirements.
1.1.8.4 Secure Messaging and Structured Document Interchange Services
The importance of the fourth layer, secured messaging, is clear. Everyone in business
knows that electronic messaging is a critical business issue. Consider a familiar business
scenario:
You hand over an urgent fax Monday and find out Tuesday that it’s still sitting on
your fax operator’s desk. What happened?
The line was busy and he thought he’d try again later. Or, the number was wrong,
but he forgot to let you know. Or you’re in London and you need to send a spreadsheet
that details a marketing plan for a product introduction strategy to a co-worker in New
York. This must be done today, not tomorrow when the courier service would deliver.
There is a solution to these common and frustrating problems. It’s called Integrated
Messaging: a group of computer services that through the use of a network send, receive,
and combine messages, faxes, and large data files. Some better-known examples are
electronic mail, enhanced fax, and electronic data interchange.
Broadly defined, messaging is the software that sits between the network
infrastructure and the clients or electronic commerce applications, masking the peculiarities
of the environment. Others define messaging as a frame-work for the total implementation
of portable applications, divorcing you from the architectural primitives of your system. In
general, messaging products are not applications that solve problems; they are more enablers
of the applications that solve problems. Messaging services offer solutions for
communicating non formatted (unstructured) data-letters, memos, and reports as weft as-
formatted (structured) data such as purchase orders, shipping notices, and invoices.
Unstructured messaging consists of fax, e-mail, and form-based systems like Lotus Notes.
Structured documents messaging consist of the automated inter-change of standardized
and approved messages between computer applications, via telecommunications lines.
Examples of structured document messaging include EDI. Messaging is gaining momentum
in electronic commerce and seems to have many advantages. It supports both synchronous
(immediate) and asynchronous (delayed) message delivery and processing. With
asynchronous messaging, when a message is sent, work continues (software doesn’t wait
for a response).This allows the transfer of messages through store-and-forward methods.

Another advantage of messaging is that it is not associated with any particular

communication protocol. No pre-processing is necessary, although there is an increasing
NOTES
need for programs to interpret the message. Messaging is well suited for both client server
and peer-to-peer computing models. In distributed systems, the messages are treated as
“objects” that pass between systems.
Messaging is central to work-group computing that is changing the way businesses

operate. The ability to access the right information at the right time across diverse work
groups is a challenge. Today, with the messaging tools, people can communicate and work
together more effectively-no matter where they are located. When an employee sends an
electronic mail form, the information travels along with the form. So one person can start
the form, mail it to the next person, fill it in/ sign it, mail it to the next, and so on. This is
known as message-enabled work-flow solutions.
The main disadvantages of messaging are the new types of applications it enables-
which appear to be more complex, especially to traditional programmers and the jungle of
standards it involves. Because of the lack of standards, there is often no interoperability
between different messaging vendors leading to islands of messaging. Also, security, privacy,
and confidentiality through data encryption and authentication techniques are important
issues that need to be resolved for ensuring the legality of the message-based transactions
themselves.
1.1.8.5 Middleware Services
Middleware is a relatively new concept that emerged only recently. Like so many
other innovations, it came into being out of necessity. Users in the 1970s, when vendors,
delivered homogeneous systems that worked, didn’t have a need for middleware3&heR
conditions changed-along with the hardware and the software the organizations couldn’t
cope: The tools were inadequate, the backlog was enormous, and the pressure was
overwhelming. And, the users were dissatisfied. Something was needed to solve all the
interface, translation, transformation, and interpretation problems that were driving
application developers crazy. With the growth of networks, client-server technology, and
all other forms of communicating between/among unlike platforms, the problems of get-
ting all the pieces to work together grew from formidable to horrendous. As the cry for
distributed computing spread, users demanded interaction between dissimilar systems,
networks that permitted shared resources and applications that could be accessed by

DBA 1727
multiple software programs. In simple terms, middleware is the ultimate mediator between
NOTES diverse software pro-grams that enables them talk to one another.
Another reason for middleware is the computing shift from application centric to
data centric. That is, remote data controls all of the applications in the network instead of
applications controlling data. To achieve data-centric computing, middleware services focus
on three elements: transparency, transaction security and management, and distributed
object management and services.
Transparency
Transparency implies that users should be unaware that they are accessing multiple
systems. Transparency is essential for dealing with higher-level issues than physical media
and interconnection that the underlying network infrastructure is in charge of. The ideal
picture is one of a “virtual” network: a collection of workgroup, departmental, enterprise,
and inter enterprise LANs that appears to the end user or client application to be a seamless
and easily accessed whole.
Transparency is accomplished using middleware that facilitates a distributed

computing environment. This gives users and applications transparent access to data,
computation, and other resources across collections of multi-vendor, heterogeneous
systems. The strategic architectures of every major system vendor are now based on
some form of middleware. The key to realizing the theoretical benefit of such architecture
is transparency. Users need not spend their time trying to understand where something is.
Nor should application developers have to code into their applications the exact locations
of resources over the network. The goal is for the applications to send a request to the
middleware layer, which then satisfies the request any way it can, using remote information.
Transaction Security and Management
Support for transaction processing (TP) is fundamental to success in the electronic

commerce market. Security and management are essential to all layers in the electronic
commerce model. At the transaction security level, two broad general categories of security
services exist: authentication and authorization.
Transaction integrity must be a given for businesses that cannot afford any loss or
inconsistency in data. Some commercial sites have had gigantic centralized TP systems
running for years. For electronic commerce, middleware provides the qualities expected in

a standard TP sys-tem: the so-called ACID properties (atomicity, consistency, isolation,

and durability).
NOTES
Distributed Object Management and Services
Object orientation is proving fundamental to the proliferation of network-based

applications for the following reasons: It is too hard to write a net-work-based application
without either extensive developer retraining or a technology that camouflages the intricacies
of the network. Objects are defined as the combination of data and instructions acting on
the data. Objects are an evolution of the more traditional programming concept of functions
and procedures. A natural instance of an object in electronic commerce is a document. A
document carries data and often carries instructions about the actions to be performed on
the data. Today, the term object is being used interchangeably with document resulting in a
new form of computing called document oriented computing. Here, the trend is to move
away from single data-type documents such as text, pictures, or video toward integrated
documents known as com-pound document architectures.
The best example of this approach is an active document. If you create a new
document that is an integration of the spreadsheet, word processor, and presentation
package, what you’ll see in the next generation of operating systems is that as you scroll
through your document, the tool bar will automatically change from a spreadsheet too bar,
to a word processing tool bar, to a presentation package tool bar. These applications will
also be able to access and retrieve data from any file in the computing network.
Last but not the least is the Network Infrastructure, which will be dealt in this unit
later.
1.1.9 Advantages of E-Commerce
• Electronic Commerce can increase sales and decrease costs.

• Advertising done well on the web can get even a small firm’s promotional
message out to potential customers in every country in the world.
• Businesses can use electronic commerce to identify new suppliers and business
partners.
• Electronic Commerce increases the speed and accuracy with which businesses
can exchange information, which reduces costs on both sides of transactions.

DBA 1727
• E-Commerce provides buyers with a wider range of choices than traditional

NOTES commerce because buyers can consider many different products and services
from a wider variety of sellers.
• Electronic payments of tax refunds, public retirement and welfare support
cost less to issue and arrive securely and quickly when transmitted over the
Internet.
1.1.10 Disadvantages of E-Commerce
• Some business processes such as perishable foods and high-cost, unique

items such as custom-designed jewelry might be impossible to inspect
adequately from a remote location.
• Costs, which are a function of technology, can change dramatically even during
short-lived electronic commerce implementation projects because the
technologies are changing so rapidly.
• Many firms have trouble recruiting and retaining employees with the
technological, design and business process skills needed to create an effective
electronic commerce presence.
• Firms facing difficulty of integrating existing databases and transaction-
processing software designed for traditional commerce into the software that
enables electronic commerce.
• Companies that offer software design and consulting services to tie existing
systems into new online business systems can be expensive.
• Consumers are fearful of sending their credit card numbers over the Internet
and having online merchants. Consumers are simply resistant to change and
are uncomfortable viewing merchandise on a computer screen rather than in
person.
1.2 DRIVING FORCES OF E-COMMERCE
E-Commerce is becoming popular, it is worthwhile to examine today’s business

environment so let us understand the pressures it creates on organizations and the responses
used by organizations.

1.2.1 Environmental factors that create Business Pressures:

NOTES
Market, economical, societal and technological factors are creating a highly
competitive business environment in which consumers are the focal point. These factors
change quickly, sometimes in an unpredictable manner and therefore companies need to
react frequently not only in the traditional actions such as lowering cost and closing
unprofitable facilities but also innovative activities such as customizing products, creating
new products or providing superb customer service.
Economic Forces
One of the most evident benefits of e-commerce is economic efficiency resulting

from the reduction in communications costs, low-cost technological infrastructure, speedier
and more economic electronic transactions with suppliers, lower global information sharing
and advertising costs, and cheaper customer service alternatives.
Categories of Economic Forces
• Lower marketing costs: marketing on the Internet maybe cheaper and can
reach a wider crowd than the normal marketing medium.
• Lower sales costs: increase in the customer volume do not need an increase
in staff as the sales function is housed in the computer and has virtually unlimited
accessibility
• Lower ordering processing cost: online ordering can be automated with
checks to ensure that orders are correct before accepting, thus reducing errors
and the cost of correcting them.
• New sales opportunities: the website is accessible all the time and reaches
the global audience which is not possible with traditional storefront.
Economic integration is either external or internal. External integration refers to the

electronic networking of corporations, suppliers, customers/clients, and independent
contractors into one community communicating in a virtual environment (with the Internet
as medium). Internal integration, on the other hand, is the networking of the various
departments within a corporation, and of business operations and processes. This allows
critical business information to be stored in a digital form that can be retrieved instantly and
transmitted electronically. Internal integration is best exemplified by corporate intranets.

DBA 1727
Among the companies with efficient corporate intranets are Procter and Gamble, IBM,
NOTES Nestle and Intel. EG. SESAMi.NET: Linking Asian Markets through B2B Hubs
SESAMi.NET is Asia’s largest B2B e-hub, a virtual exchange integrating and connecting
businesses (small, medium or large) to trading partners, e-marketplaces and internal
enterprise systems for the purpose of sourcing out supplies, buying and selling goods and
services online in real time. The e-hub serves as the centre for management of content and
the processing of business transactions with support services such as financial clearance
and information services.
It is strategically and dynamically linked to the Global Trading Web (GTW), the
world’s largest network of trading communities on the Internet. Because of this very important
link, SESAMi reaches an extensive network of regional, vertical and industry-specific
interoperable B2B e-markets across the globe.
Market Forces
Corporations are encouraged to use e-commerce in marketing and promotion to

capture international markets, both big and small. The Internet is likewise used as a medium
for enhanced customer service and support. It is a lot easier for companies to provide their
target consumers with more detailed product and service information using the Internet.
Strong competition between organizations, extremely low labor cost in some

countries, frequent and significant changes in markets and increased power of consumers
are the reasons to create market forces.
Technology Forces
The development of information and communications technology (ICT) is a key

factor in the growth of ecommerce. For instance, technological advances in digitizing
content, compression and the promotion of open systems technology have paved the way
for the convergence of communication services into one single platform. This in turn has
made communication more efficient, faster, easier, and more economical as the need to set
up separate networks for telephone services, television broadcast, cable television, and
Internet access is eliminated. From the standpoint of firms/ businesses and consumers,
having only one information provider means lower communications costs.

Moreover, the principle of universal access can be made more achievable with
convergence. At present the high costs of installing landlines in sparsely populated rural
NOTES
areas is incentive to telecommunications companies to install telephones in these areas.
Installing landlines in rural areas can become more attractive to the private sector if revenues
from these landlines are not limited to local and long distance telephone charges, but also
include cable TV and Internet charges. This development will ensure affordable access to
information even by those in rural areas and will spare the government the trouble and cost
of installing expensive landlines
Societal and environmental forces
To understand the role of E-commerce in today’s organizations, it becomes necessary to

review the factors that create societal and environmental forces.
• Changing nature of workforce

• Government deregulations
• Shrinking government subsidies
• Increased importance of ethical and legal issues
• Increased social responsibility of organizations
• Rapid political changes
1.2.2 Critical response activities by Organizations:
A response can be a reaction to a pressure already in existence, or it can be an

initiative that will defend an organization against future pressures. It can also be an activity
that exploits an opportunity created by changing conditions.
Organizations’ major responses are divided into five categories: strategic systems
for competitive advantage, continuous improvement efforts, business process reengineering
(BPR), business alliances and EC. These several responses can be interrelated and E-
commerce can also facilitate the other categories. The four categories are described below.
Strategic Systems
Strategic systems provide organizations with strategic advantages, thus enabling

them to increase their market share, better negotiate with their suppliers, or prevent

DBA 1727
competitors from entering into their territory. There is a variety of EC supported strategic
NOTES systems. An example is FedEx’s overnight delivery system and the company’s ability to
track the status of every individual package anywhere in the system. Most of FedEx’s
competitors have already mimicked the system. So FedEx moved the system to the Internet.
However, the competitors quickly followed and now FedEx is introducing new activities.
Continuous Improvement Efforts
In order to improve the company’s productivity and quality, many companies

continuously conduct innovative programs. The efforts taken by companies for continuous
improvement are
Improved productivity
Improved decision making
Managing Information
Change in management
Customer service Innovation and
Creativity.
For example, Dell Computer takes its orders electronically and improved moves
them via Enterprise Resources Planning software (from SAP Corp.) into the just-in-time
assembly operation. Intel is taking its products’ consumption in 11 of its largest customers,
using its extranets, almost in real time, and determining production schedules and deliveries
accordingly.
Business Process Reengineering (BPR)
Business Process Reengineering refers to a major innovation in the organization’s

structure and the way it conducts business. Information technology and especially EC play
a major role in BPR. Electronic Commerce provides flexibility in manufacturing, permits
faster delivery to customers and supports rapid and paperless transactions among suppliers,
manufacturers and retailers.
The major areas in which E-Commerce supports BPR are
• Reducing cycle time and time to market: Reducing the business process time
(cycle time) is extremely important for increasing productivity and competitiveness.
Similarly, reducing the time from the inception of an idea until its implementation—

time to market—is important because those who can be first on the market with a
product, or who can provide customers with a service faster than competitors,
NOTES
enjoy a distinct competitive advantage.
• Empowerment of employees and collaborative work: Empowerment is related
to the concept of self-directed teams. Management delegates authority to teams
who can execute the work faster and with fewer delays. Information Technology
allows the decentralization of decision making and authority but simultaneously
supports a centralized control. For example, the Internet and the intranets enable
empowered employees to access data, information and knowledge they need for
making quick decisions.
• Knowledge management: Employees can access organizational know-how via
their company’s intranet. Some knowledge bases are open to the public for a fee
over the Internet, generating income.
• Customer-focused approach: Companies are becoming increasingly customer
oriented. This can be done in part by changing manufacturing processes from
mass production to mass customization. In mass production, a company produces
a large quantity of identical items. In mass customization, items are produced in a
large quantity but are customized to fit the desires of each customer. Electronic
commerce is an ideal facilitator of mass customization.
Business alliances
Many companies realize that alliances with other companies, even competitors
can be beneficial. There are several types of alliances, such as sharing resources, establishing
permanent supplier-company relationships and creating joint research efforts. One of the
most interesting types is the temporary joint venture, in which companies form a special
organization for a specific, limited-time mission.
1.2.3 E-Commerce Communities
What it is that will drive e-commerce in the future? — in a word, it’s community.
We certainly have the technology to build great business-to-consumer and business-to-
business ecommerce applications into our business models. And, yes, attributes such as
viable application design, integration with business processes, and overall performance
matter.

DBA 1727
A successful community strategy must embrace the idea of moving the one-on-
NOTES one communication that occurs offline into the virtual world of e-commerce. Such a strategy
currently requires multiple technical approaches. However, we believe community solutions
will soon become more integrated and far-reaching.
The tools that form online communities include discussion or forum software, chat
functions, instant messaging, two-way mailing lists, online collaboration tools, audio, video,
and more. You may choose to invest slowly at first and increase your community commitment
over time.
Online conversation with business partners will also give net positive results. A
private discussion area or secured online meetings can go a long way toward building
stronger relationships between companies. This will also serve to potentially drive new
business opportunities for both parties. Building community has to be at the heart of any
successful ecommerce strategy.
1.2.4 Is e-Commerce the Same as e-Business?
While some use e-commerce and e-business interchangeably, they are distinct
concepts. In e-commerce, information and communications technology (ICT) is used in
inter-business or inter-organizational transactions (transactions between and among firms/
organizations) and in business-to-consumer transactions (transactions between firms/
organizations and individuals).
In e-business, on the other hand, ICT is used to enhance one’s business. It includes
any process that a business organization (either a for-profit, governmental or non-profit
entity) conducts over a computer-mediated network. A more comprehensive definition of
e-business is: “The transformation of an organization’s processes to deliver additional
customer value through the application of technologies, philosophies and computing paradigm
of the new economy.”
Three primary processes are enhanced in e-business:
1. Production processes, which include procurement, ordering and replenishment

of stocks; processing of payments; electronic links with suppliers; and production
control processes, among others;

2. Customer-focused processes, which include promotional and marketing efforts,

selling over the Internet, processing of customers’ purchase orders and payments,
NOTES
and customer support, among others; and
3. Internal management processes, which include employee services, training,
internal information-sharing, videoconferencing, and recruiting. Electronic
applications enhance information flow between production and sales forces to
improve sales force productivity. Workgroup communications and electronic
publishing of internal business information are likewise made more efficient.
The Internet economy pertains to all economic activities using electronic networks
as a medium for commerce or those activities involved in both building the networks linked
to the Internet and the purchase of application services such as the provision of enabling
hardware and software and network equipment for Web-based/online retail and shopping
malls (or “e-malls”).
1.3 BENEFITS AND LIMITATIONS OF E-COMMERCE
Few innovations in human history encompass as many potential benefits as EC

does. The global nature of the technology, low cost, opportunity to reach hundreds of
millions of people (projected within 10 years), interactive nature, variety of possibilities,
and resourcefulness and rapid growth of the supporting infrastructures (especially the Web)
result in many potential benefits to organizations, individuals, and society. These benefits
are just starting to materialize, but they will increase significantly as EC expands.
1.3.1 The Benefits of EC
• The new markets could be accessed through the online and extending the
service offerings to customers globally.
• Internet shrinks the globe and broaden current geographical parameters to
operate globally
• Marketing and promotional campaigns can be done globally at the reduced
cost.
• Retaining the customer and the customer services could be improved
drastically.
• Strengthen relationships with customers and suppliers ?
• Streamline business processes and administrative functions

DBA 1727
• No added sales staff

NOTES • A catalogue which is quickly and easily updateable. This means that when
prices or stocks are changed, you don’t have to have hundreds or thousands
of obsolete catalogues lying around. You don’t have to wait for the printer to
deliver the catalogue before the new prices can come into effect.
• The facility to advertise daily, weekly or monthly ‘specials’ and sales, or
any special discounts - and they can be changed within minutes, when and
if necessary.
• You can also add a marketing message which highlights your strengths, such
as the range and quality of your products or services - or anything else you
want to tell your customers.
1.3.1.1. Benefits to Organizations
• Electronic commerce expands the marketplace to national and international

markets. With minimal capital outlay, a company can easily and quickly locate
more customers, the best suppliers, and the most suitable business partners
worldwide.
• Electronic commerce decreases the cost of creating, processing, distributing,
storing, and retrieving paper-based information. For example, by introducing
an electronic procurement system, companies can cut the purchasing
administrative costs by as much as 85 percent.
• Ability for creating highly specialized businesses. For example, dog toys which
can be purchased only in pet shops or department and discount stores in the
physical world, are sold now in a specialized www.dogtoys.com
• Electronic commerce allows reduced inventories and overhead by facilitating
“pull”-type supply chain management. In a pull-type system the process starts
from customer orders and uses just-in-time manufacturing.
• Electronic commerce reduces the time between the outlay of capital and the
receipt of products and services.
• Electronic commerce initiates business processes reengineering projects. By
changing processes, productivity of salespeople, knowledge workers, and
administrators can increase by 100 percent or more.
• Electronic commerce lowers telecommunications cost-the Internet is much
cheaper than VANs.

• Other benefits include improved image, improved customer service, newfound

business partners, simplified processes, compressed cycle and delivery time,
NOTES
increased productivity, eliminating paper, expediting access to information,
reduced transportation costs, and increased flexibility.
1.3.1.2 Benefits to Consumers
• Electronic commerce enables customers to shop or do other transactions 24

hours a day, all year round, from almost any location.
• Electronic commerce provides customers with more choices; they can select.
Electronic commerce frequently provides customers with less expensive
products and services by allowing them to shop in many places and conduct
quick comparisons.
• In some cases, especially with digitized products, EC allows quick delivery.
• Customers can receive relevant and detailed information in seconds, rather
than days or weeks.
• Electronic commerce makes it possible to participate in virtual auctions.
• Electronic commerce allows customers to interact with other customers in
electronic communities and exchange ideas as well as compare experiences.
• Electronic commerce facilitates competition, which results in substantial
discounts.
1.3.1.3 Benefits to Society
• Electronic commerce enables more individuals to work at home and to do

less travelling for shopping, resulting in less traffic on the roads and lower air
pollution.
• Electronic commerce allows some merchandise to be sold at lower prices, so
less affluent people can buy more and increase their standard of living.
• Electronic commerce enables people in Third World countries and rural areas
to enjoy products and services that otherwise are not available to them.
• Electronic commerce facilitates delivery of public services, such as health
care, education, and distribution of government social services at a reduced
cost and/or improved quality. Health-care services, for example, can reach
patients in rural areas.

DBA 1727
1.3.2 The Limitations of EC

NOTES
The limitations of EC can be grouped into technical and non-technical categories.
1.3.2.1 Technical Limitations of EC
• There is a lack of system security, reliability, standards, and some communication

protocols.
• Insufficient telecommunication bandwidth.
• The software development tools are still evolving and changing rapidly.
• It is difficult to integrate the Internet and EC software with some existing
applications and databases.
• Vendors may need special Web servers and other infrastructures, in
addition to the network servers.
• Some EC software might not fit some hardware, or may be incompatible with
some operating systems or other components.
1.3.2.2 Non-technical Limitations
Of the many non-technical limitations that slow the spread of EC, the following are
the major ones.
• Cost and justification: The cost of developing EC in-house can be very

high, and mistakes due to lack of experience may result in delays. There are
many opportunities for outsourcing, but where and how to do it is not a simple
issue. Furthermore, to justify the system one must deal with some intangible
benefits (such as improved customer service and the value of advertisement),
which are difficult to quantify.
• Security and privacy: These issues are especially important in the B2C area,
especially security issues which are perceived to be more serious than they
really are when appropriate encryption is used. Privacy measures are constantly
improved. Yet, the customers perceive these issues as very important, and,
the EC industry has a very long and difficult task of convincing customers that
online transactions and privacy are, in fact, very secure.
• Lack of trust and user resistance: Customers do not trust an unknown
faceless seller (sometimes they do not trust even known ones), paperless

transactions, and electronic money. So switching from physical to virtual

stores may be difficult.
NOTES
• Other limiting factor:. Lack of touch and feel online. Some customers like
to touch items such as clothes and like to know exactly what they are buying.
• Many legal issues are as yet unresolved, and government regulations and
standards are not refined enough for many circumstances.
• Electronic commerce, as a discipline, is still evolving and changing rapidly.
Many people are looking for a stable area before they enter into it.
• There are not enough support services. For example, copyright clearance
centres for EC transactions do not exist, and high-quality evaluators, or qualified
EC tax experts, are rare.
• In most applications there are not yet enough sellers and buyers for profitable
EC operations.
• Electronic commerce could result in a breakdown of human relationships.
• Accessibility to the Internet is still expensive and/or inconvenient for many
potential customers. (With Web TV, cell telephone access, kiosks, and constant
media attention, the critical mass will eventually develop.) Despite these
limitations, rapid progress in EC is taking place. For example, the number of
people in the United States who buy and sell stocks electronically increased
from 300,000 at the beginning of 1996 to about 10 million in fall 1999. As
experience accumulates and technology improves, the ratio of EC benefits to
costs will increase, resulting in a greater rate of EC adoption. The potential
benefits may not be convincing enough reasons to start EC activities
1.4 DATA MINING
1.4.1 Introduction to Data Mining
Data mining, the extraction of hidden predictive information from large

databases, is a powerful new technology with great potential to help companies focus on
the most important information in their data warehouses. Data mining tools predict future
trends and behaviours, allowing businesses to make proactive, knowledge-driven decisions.
The automated, prospective analyses offered by data mining move beyond the analyses of
past events provided by retrospective tools typical of decision support systems. Data
mining tools can answer business questions that traditionally were too time-consuming to
resolve. They scour databases for hidden patterns, finding predictive information that experts
may miss because it lies outside their expectations.
DBA 1727
Most companies already collect and refine massive quantities of data. Data mining
NOTES techniques can be implemented rapidly on existing software and hardware platforms to
enhance the value of existing information resources, and can be integrated with new products
and systems as they are brought on-line.
1.4.1.1. What is Data Mining?
Data mining is the semi-automatic discovery of patterns, associations, changes,

anomalies, rules, and statistically significant structures and events in data. That is, data
mining attempts to extract knowledge from data.
Data mining differs from traditional statistics in several ways: formal statistical
inference is assumption driven in the sense that a hypothesis is formed and validated against
the data. Data mining in contrast is discovery driven in the sense that patterns and hypothesis
are automatically extracted from data. Said another way, data mining is data driven, while
statistics is human driven. The branch of statistics that data mining resembles most is
exploratory data analysis, although this field, like most of the rest of statistics, has been
focused on data sets far smaller than most that are the target of data mining researchers.
Data mining also differs from traditional statistics in that sometimes the goal is to
extract qualitative models which can easily be translated into logical rules or visual
representations; in this sense data mining is human centered and is sometimes coupled with
human-computer interfaces research.
Data mining is a step in the data mining process, which is an interactive, semi-
automated process which begins with raw data. Results of the data mining process may be
insights, rules, or predictive models.
The field of data mining draws upon several roots, including statistics, machine
learning, databases, and high performance computing.
Here, we are primarily concerned with large data sets, massive data sets, and
distributed data sets. By large, we mean data sets which are too large to fit into the memory
of a single workstation. By massive, we mean data sets which are too large to fit onto the
disks of a single workstation or a small cluster of workstations. Instead, massive clusters
or tertiary storage such as tape are required. By distributed, we mean data sets which are
geographically distributed.

The focus on large data sets is not a just an engineering challenge; it is an essential
feature of induction of expressive representations from raw data. It is only by analyzing
NOTES
large data sets that we can produce accurate logical descriptions that can be translated
automatically into powerful predictive mechanisms. Otherwise, statistical and machine
learning principles suggest the need for substantial user input (specifying meta-knowledge
necessary to acquire highly predictive models from small data sets).
1.4.2 The Scope of Data Mining
Data mining derives its name from the similarities between searching for valuable
business information in a large database — for example, finding linked products in gigabytes
of store scanner data — and mining a mountain for a vein of valuable ore. Both processes
require either shifting through an immense amount of material, or intelligently probing it to
find exactly where the value resides. Given databases of sufficient size and quality, data
mining technology can generate new business opportunities by providing these capabilities:
• Automated prediction of trends and behaviours. Data mining automates

the process of finding predictive information in large databases. A typical
example of a predictive problem is targeted marketing. Data mining uses data
on past promotional mailings to identify the targets most likely to maximize
return on investment in future mailings. Other predictive problems include
forecasting bankruptcy and other forms of default, and identifying segments
of a population likely to respond similarly to given events.
• Automated discovery of previously unknown patterns. Data mining tools
sweep through databases and identify previously hidden patterns in one step.
An example of pattern discovery is the analysis of retail sales data to identify
seemingly unrelated products that are often purchased together. Other pattern
discovery problems include detecting fraudulent credit card transactions and
identifying anomalous data that could represent data entry keying errors.
• Data mining techniques can yield the benefits of automation on existing software
and hardware platforms, and can be implemented on new systems as existing
platforms are upgraded and new products developed. When data mining tools
are implemented on high performance parallel processing systems, they can
analyze massive databases in minutes. Faster processing means that users
can automatically experiment with more models to understand complex data.
High speed makes it practical for users to analyze huge quantities of data.
Larger databases, in turn, yield improved predictions.

DBA 1727
1.4.3 Techniques used in Data Mining

NOTES
The most commonly used techniques in data mining are:
• Artificial neural networks: Non-linear predictive models that learn through

training and resemble biological neural networks in structure.
• Decision trees: Tree-shaped structures that represent sets of decisions. These
decisions generate rules for the classification of a dataset. Specific decision
tree methods include Classification and Regression Trees (CART) and Chi
Square Automatic Interaction Detection (CHAID) .
• Genetic algorithms: Optimization techniques that use processes such as
genetic combination, mutation, and natural selection in a design based on the
concepts of evolution.
• Nearest neighbour method: A technique that classifies each record in a
dataset based on a combination of the classes of the k record(s) most similar
to it in a historical dataset (where k ³ 1). Sometimes called the k-nearest
neighbour technique.
• Rule induction: The extraction of useful if-then rules from data based on
statistical significance.
Many of these technologies have been in use for more than a decade in specialized
analysis tools that work with relatively small volumes of data. These capabilities are now
evolving to integrate directly with industry-standard data warehouse and OLAP platforms.
1.4.4 How Data Mining Works
The technique that is used to perform these feats in data mining is called modeling.
Modeling is simply the act of building a model in one situation where you know the answer
and then applying it to another situation that you don’t. For instance, if you were looking
for a sunken Spanish galleon on the high seas the first thing you might do is to research the
times when Spanish treasure had been found by others in the past. You might note that
these ships often tend to be found off the coast of Bermuda and that there are certain
characteristics to the ocean currents, and certain routes that have likely been taken by the
ship’s captains in that era. You note these similarities and build a model that includes the
characteristics that are common to the locations of these sunken treasures. With these
models in hand you sail off looking for treasure where your model indicates it most likely

might be given a similar situation in the past. Hopefully, if you’ve got a good model, you
find your treasure.
NOTES
This act of model building is thus something that people have been doing for a long
time, certainly before the advent of computers or data mining technology. What happens
on computers, however, is not much different than the way people build models. Computers
are loaded up with lots of information about a variety of situations where an answer is
known and then the data mining software on the computer must run through that data and
distil the characteristics of the data that should go into the model. Once the model is built it
can then be used in similar situations where you don’t know the answer.
For example, say that you are the director of marketing for a telecommunications
company and you’d like to acquire some new long distance phone customers. You could
just randomly go out and mail coupons to the general population - just as you could randomly
sail the seas looking for sunken treasure. In neither case would you achieve the results you
desired and of course you have the opportunity to do much better than random - you
could use your business experience stored in your database to build a model.
As the marketing director you have access to a lot of information about all of your
customers: their age, sex, credit history and long distance calling usage. The good news is
that you also have a lot of information about your prospective customers: their age, sex,
credit history etc. Your problem is that you don’t know the long distance calling usage of
these prospects (since they are most likely now customers of your competition). You’d
like to concentrate on those prospects who have large amounts of long distance usage.
You can accomplish this by building a model. Table 1.4.4.(a) illustrates the data used for
building a model for new customer prospecting in a data warehouse.
Table 1.4.4.(a) - Data Mining for Prospecting

DBA 1727
The goal in prospecting is to make some calculated guesses about the information
NOTES in the lower right hand quadrant based on the model that we build going from Customer
General Information to Customer Proprietary Information.
Test marketing is an excellent source of data for this kind of modeling. Mining the
results of a test market representing a broad but relatively small sample of prospects can
provide a foundation for identifying good prospects in the overall market. Table 1.4.4.(b)
shows another common scenario for building models: predict what is going to happen in
the future.
Table 1.4.4.(b) - Data Mining for Predictions
If someone told you that he had a model that could predict customer usage how
would you know if he really had a good model? The first thing you might try would be to
ask him to apply his model to your customer base - where you already knew the answer.
With data mining, the best way to accomplish this is by setting aside some of your data in
a vault to isolate it from the mining process. Once the mining is complete, the results can be
tested against the data held in the vault to confirm the model’s validity. If the model works,
its observations should hold for the vaulted data.

1.4.5 Profitable Applications

NOTES
A wide range of companies have deployed successful applications of data mining.
While early adopters of this technology have tended to be in information-intensive industries
such as financial services and direct mail marketing, the technology is applicable to any
company looking to leverage a large data warehouse to better manage their customer
relationships. Two critical factors for success with data mining are: a large, well-integrated
data warehouse and a well-defined understanding of the business process within which
data mining is to be applied (such as customer prospecting, retention, campaign management,
and so on).
Some successful application areas include:
• A pharmaceutical company can analyze its recent sales force activity and their
results to improve targeting of high-value physicians and determine which
marketing activities will have the greatest impact in the next few months. The
data needs to include competitor market activity as well as information about
the local health care systems. The results can be distributed to the sales force
via a wide-area network that enables the representatives to review the
recommendations from the perspective of the key attributes in the decision
process. The ongoing, dynamic analysis of the data warehouse allows best
practices from throughout the organization to be applied in specific sales
situations.
• A credit card company can leverage its vast warehouse of customer transaction
data to identify customers most likely to be interested in a new credit product.
Using a small test mailing, the attributes of customers with an affinity for the
product can be identified. Recent projects have indicated more than a 20-
fold decrease in costs for targeted mailing campaigns over conventional
approaches.
• A diversified transportation company with a large direct sales force can apply
data mining to identify the best prospects for its services. Using data mining to
analyze its own customer experience, this company can build a unique
segmentation identifying the attributes of high-value prospects. Applying this
segmentation to a general business database such as those provided by Dun
& Bradstreet can yield a prioritized list of prospects by region.
• A large consumer package goods company can apply data mining to improve
its sales process to retailers. Data from consumer panels, shipments, and

DBA 1727
competitor activity can be applied to understand the reasons for brand and
NOTES store switching. Through this analysis, the manufacturer can select promotional
strategies that best reach their target customer segments.
• Each of these examples has a clear common ground. They leverage the
knowledge about customers implicit in a data warehouse to reduce costs and
improve the value of customer relationships. These organizations can now
focus their efforts on the most important (profitable) customers and prospects,
and design targeted marketing strategies to best reach them.
1.4.6 Trends that Effect Data Mining
In this section, we describe five external trends which promise to have a fundamental
impact on data mining.
Data Trends.
Perhaps the most fundamental external trend is the explosion of digital data during
the past two decades. During this period, the amount of data probably has grown between
six to ten orders of magnitude. Much of this data is accessible via networks. On the other
hand, during this same period the number of scientists, engineers, and other analysts available
to analyze this data has remained relatively constant. For example, the number of new
Ph.D.’s in statistics graduating each year has remained relatively constant during this period.
Only one conclusion is possible: either most of the data is destined to be write-only, or
techniques, such as data mining, must be developed, which can automate, in part, the
analysis of this data, filter irrelevant information, and extract meaningful knowledge.
Hardware Trends.
Data mining requires numerically and statistically intensive computations on large

data sets. The increasing memory and processing speed of workstations enables the mining
of data sets using current algorithms and techniques that were too large to be mined just a
few years ago. In addition, the commoditization of high performance computing through
SMP workstations and high performance workstation clusters enables attacking data mining
problems that were accessible using only the largest supercomputers of a few years ago.

Network Trends.
NOTES
The next generation internet (NGI) will connect sites at OC-3 (155 MBits/sec)
speeds and higher. This is over 100 times faster than the connectivity provided by current
networks. With this type of connectivity, it becomes possible to correlate distributed data
sets using current algorithms and techniques. In addition, new protocols, algorithms, and
languages are being developed to facilitate distributed data mining using current and next
generation networks.
Scientific Computing Trends.
As mentioned above, scientists and engineers today view simulation as a third

mode of science. Data mining and knowledge discovery serves an important role linking
the three modes of science: theory, experiment and simulation, especially for those cases in
which the experiment or simulation results in large data sets.
Business Trends.
Today businesses must be more profitable, react quicker, and offer higher quality
services than ever before, and do it all using fewer people and at lower cost. With these
types of expectations and constraints, data mining becomes a fundamental technology,
enabling businesses to more accurately predict opportunities and risks generated by their
customers and their customers’ transactions.
1.5 DATE WAREHOUSING
1.5.1 What Is Data Warehousing?
The primary concept of data warehousing is that the data stored for business
analysis can most effectively be accessed by separating it from the data in the operational
systems. A data warehouse is a collection of computer-based information that is critical to
successful execution of enterprise initiatives. A data warehouse is more than an archive for
corporate data and more than a new way of accessing corporate data. A data warehouse
is a subject-oriented repository designed with enterprise-wide access in mind. It provides
tools to satisfy the information needs of the employees organizational levels-not just for
complex data queries, but as general facility for getting quick, accurate and often insightful

DBA 1727
information. A data warehouse is designed so that its users can recognize the information
NOTES they want and access that information using simple tools.
One of the principal reasons for developing a data warehouse is to integrate

operational data from various sources into a single and consistent architecture that supports
analysis and decision-making within the enterprise. Operational systems create, update
and delete production data that feed the data warehouse. A data warehouse is analogous
to a physical warehouse. Operational systems create data ‘parts’ that are loaded into the
warehouse. Some of those parts are summarised into information ‘components’ and are
stored in the warehouse. Data warehouse users make requests and are delivered information
‘products’ that are created from the components and parts stored in the warehouse. A
data warehouse is typically a blending of technologies, including relational and
multidimensional databases, client/ server architecture, extraction / transformation programs,
graphical user interfaces, and more.
1.5.2 Definitions
Data Warehouse:
The term Data Warehouse was coined by Bill Inmon in 1990, which he defined in
the following way: “A warehouse is a subject-oriented, integrated, time-variant and non-
volatile collection of data in support of management’s decision making process”. He defined
the terms in the sentence as follows:
Subject Oriented:
Data that gives information about a particular subject instead of about a company’s
ongoing operations.
Integrated:
Data that is gathered into the data warehouse from a variety of sources and merged
into a coherent whole.
Time-variant:
All data in the data warehouse is identified with a particular time period.

Non-volatile
NOTES
Data is stable in a data warehouse. More data is added but data is never removed.
This enables management to gain a consistent picture of the business.
This definition remains reasonably accurate almost ten years later. However, a
single-subject data warehouse is typically referred to as a data mart, while data warehouses
are generally enterprise in scope. Also, data warehouses can be volatile. Due to the large
amount of storage required for a data warehouse, (multi-terabyte data warehouses are not
uncommon), only a certain number of periods of history are kept in the warehouse. For
instance, if three years of data are decided on and loaded into the warehouse, every month
the oldest month will be “rolled off” the database, and the newest month added.
Ralph Kimball provided a much simpler definition of a data warehouse. A data

warehouse is “a copy o f transaction data specifically structured for query and analysis”.
This definition provides less insight and depth than Mr. Inmon’s, but is no less accurate.
Data warehousing is essentially what you need to do in order to create a data warehouse,
and what you do with it. It is the process of creating, populating, and then querying a data
warehouse and can involve a number of discrete technologies such as:
1.5.3 ADVANTAGES OF DATA WAREHOUSE
Implementing a Data warehouse provides significant benefits many tangible, some

intangible.
• More cost effective decision making - A Data Warehouse allows reduction of

staff and computer resources required to support queries and reports against
operational and production databases. This typically offers significant savings.
Having a Data Warehouse also eliminates the resource drain on production systems
when executing long - running, complex queries and reports.
• Better enterprise intelligence - Increased quality and flexibility of enterprise

analysis arises from the multi - tired data structures of a Data Warehouse that
supports data ranging from detailed transactional level to high - level summary
information. Guaranteed data accuracy and reliability result from ensuring that a
Data Warehouse contains only ‘trusted’ data.

DBA 1727
• Enhanced customer service - An enterprise can maintain better customer

NOTES relationships by correlating all customer data via a single Data Warehouse
architecture.
• Business reengineering - Allowing unlimited analysis of enterprise information
often provides insights into enterprise processes that may yield breakthrough ideas
for reengineering those processes. Just defining the requirements for Data
Warehouse, results in better enterprise goals and measure. Knowing what
information is important to an enterprise will provide direction and priority for
reengineering efforts.
• Information systems reengineering - A Data Warehouse that is based upon
enterprise- wide data requirements provides a cost - effective means of establishing
both data standardization and operational system interoperability. Data Warehouse
development can be an effective first step in reengineering the enterprise’s legacy
systems.
1.5.4 Types of Data warehouses:
The term data warehouse is currently being used to describe a number of different
facilities each with diverse characteristics.
Physical data warehouse: This is an actual, physical database into which all the corporate
data for the data warehouse are gathered, along with schemas (information about data)
and the processing logic used to organize, package and pre-process the data for end user
access.
Logical data warehouse: This contains all the metadata, business rules and processing
logic required scrub, organize, package, and pre-process the data. In addition, it contains
the information required to find and access the actual data, wherever it actually resides.
Data library: This is a subset of the enterprise wide data warehouse. Typically, it performs
the role of departmental, regional, or functional data warehouse. As part of the data
warehouse process, the organization builds a series of data libraries over time and eventually
links them via an enterprise wide logical data warehouse.
Decision support systems (DSSs): These systems are not data warehouses but
applications that make use of the data warehouse. They are also called executive information
systems (EIS)

1.5.5 Aspects of Data Warehouse Architecture

NOTES
This list of aspects of architecture that the data warehouse decision maker will
have to deal with themselves. There are many other architecture issues that affect the data
warehouse, e.g., network topology, but these have to be made with all of an organization’s
systems in mind (and with people other than the data warehouse team being the main
decision makers.)
Data consistency architecture
This is the choice of what data sources, dimensions, business rules, semantics, and
metrics an organization chooses to put into common usage. It is also the equally important
choice of what data sources, dimensions, business rules, semantics, and metrics an
organization chooses not to put into common usage. This is by far the hardest aspect of
architecture to implement and maintain because it involves organizational politics. However,
determining this architecture has more to do with determining the place of the data warehouse
in your business than any other architectural decision. In my opinion, the decisions involved
in determining this architecture should drive all other architectural decisions.
Reporting data store and staging data store architecture
The main reasons we store data in a data warehousing systems are so they can be:
1) reported against,
2) cleaned up, and (sometimes)
3) transported

DBA 1727
Data modeling architecture

NOTES
This is the choice of whether you wish to use demoralized, normalized, object-
oriented, proprietary multidimensional, etc. data models. As you may guess, it makes perfect
sense for an organization to use a variety of models.
Tool architecture
This is your choice of the tools you are going to use for reporting and for what I call
infrastructure.
Processing tiers architecture
This is your choice of what physical platforms will do what pieces of the concurrent
processing that takes place when using a data warehouse. This can range from an
architecture as simple as host-based reporting to one as complicated.
Security architecture
If you need to restrict access down to the row or field level, you will probably
have to use some other means to accomplish this other than the usual security mechanisms
at your organization. Note that while security may not be technically difficult to implement,
it can cause political consternation.
In the long run, decisions on data consistency architecture will probably have much
more influence on the return of investment in the data warehouse than any other architectural
decisions. To get the most return from a data warehouse (or any other system), business
practices have to change in conjunction with or as a result of the system implementation.
Conscious determination of data consistency architecture is almost always a prerequisite
to using a data warehouse to effect business practice change.

1.6 NETWORK INFRASTRUCTURE REQUIREMENTS

NOTES
The network infrastructure is the underlying foundation of the system. It forms the
services that create the operating makeup of your network. In a Communications Services
deployment, determining your network infrastructure from the project goals ensures that
you will have an architecture that can scale and grow.
1.6.1 The Existing Network
We need to understand our existing network infrastructure to determine how well

it can meet the needs of our deployment goals. By examining our existing infrastructure, we
identify if we need to upgrade existing network components or purchase new network
components. We should build up a complete map of the existing network by covering
these areas:
1. Physical communication links, such as cable length, grade, and so forth

2. Communication links, such as analog, ISDN, VPN, T3, and so forth, and available
bandwidth and latency between sites
3. Server information, including:
• Host names
• IP addresses
• Domain Name System (DNS) server for domain membership
4. Locations of devices on your network, including:
• Hubs
• Switches
• Modems
• Routers and bridges
• Proxy servers
5. Number of users at each site, including mobile users

DBA 1727
After completing this inventory, you need to review that information in conjunction
NOTES with your project goals to determine what changes are required so that you can successfully
deliver the deployment.
1.6.2 Network Infrastructure Components
The following common network infrastructure components have a direct impact

upon the success of your deployment:
• Routers and switches

• Firewalls
• Load balancers
• Storage Area Network (SAN)
• DNS
Routers and Switches
Routers connect networks of your infrastructure, enabling systems to communicate.

You need to ensure that the routers have spare capacity after the deployment to cope with
projected growth and usage.
In a similar vein, switches connect systems within a network. Routers or switches

running at capacity tend to induce escalating bottlenecks, which result in significantly longer
times for clients to submit messages to servers on different networks. In such cases, the
lack of foresight or expenditure to upgrade the router or switch could have a personnel
productivity impact far greater than the cost.
Firewalls
Firewalls sit between a router and application servers to provide access control.
Firewalls were originally used to protect a trusted network (yours) from the untrusted
network (the Internet). These days, it is becoming more common to protect application
servers on their own (trusted, isolated) network from the untrusted networks (your network
and the Internet).
Router configurations add to the collective firewall capability by screening the data
presented to the firewall. Router configurations can potentially block undesired services

(such as NFS, NIS, and so forth) and use packet-level filtering to block traffic from untrusted
hosts or networks.
NOTES
In addition, when installing a Sun server in an environment that is exposed to the

Internet, or any untrusted network, reduce the Solaris software installation to the minimum
number of packages necessary to support the applications to be hosted. Achieving
minimization in services, libraries, and applications helps increase security by reducing the
number of subsystems that must be maintained. The Solaris™ Security Toolkit provides a
flexible and extensible mechanism to minimize, harden, and secure Solaris systems.
Load Balancers
Use load balancers to distribute overall load on your Web or application servers,
or to distribute demand according to the kind of task to be performed. If, for example, you
have a variety of dedicated applications and hence different application servers, you might
use load balancers according to the kind of application the user requests.
If you have multiple data centers, you should consider geographic load balancing.
Geographic load balancing distributes load according to demand, site capacity, and closest
location to the user. If one center should go down, the geographic load balancer provides
failover ability.
For load balancers on Web farms, place the hardware load balancers in front of
the servers and behind routers because they direct routed traffic to appropriate servers.
Software load balancing solutions reside on the Web servers themselves. With software
solutions, one of the servers typically acts a traffic scheduler.
A load balancing solution is able to read headers and contents of incoming packets.
This enables you to balance load by the kind of information within the packet, including the
user and the type of request. A load balancing solution that reads packet headers enables
you to identify privileged users and to direct requests to servers handling specific tasks.
Storage Area Networks (SANs)
Understanding the data requirements of the storage system is necessary for a

successful deployment. Increasingly, SANs are being deployed so that the storage is

DBA 1727
independent of the servers used in conjunction with it. Deploying SANs can represent a
NOTES decrease in the time to recover from a non-functional server as the machine can be replaced
without having to relocate the storage drives.
Use these questions to evaluate if your deployment storage requirements would

be best served through a SAN:
• Are reads or writes more prevalent?

• Do you need high I/O rate storage? Is striping the best option?
• Do you need high uptime? Is mirroring the best option?
• How is the data to be backed up? When is it going to be backed up?
Domain Name System (DNS)
Servers which make heavy usage of DNS queries should be equipped with a local
caching DNS server to reduce lookup latency as well as network traffic.
When determining your requirements, consider allocating host names for functions
such as mailstore, mail-relay-in, mail-relay-out, and so forth. You should consider this
policy even if the host names all are currently hosted on one machine. With services
configured in such a way, relocation of the services to alternate hardware significantly
reduces the impacts of the change.
1.6.3 Planning Your Network Infrastructure Layout
In deriving your infrastructure topology, you need to consider the following topics:
• DMZ
• Intranet
• Internal network
• Proxies
• Firewall Configuration
• Mobile users
Demilitarized Zone (DMZ)
These days, most company networks are configured for a DMZ. The DMZ
separates the corporate network from the Internet. The DMZ is a tightly secured area into

which you place servers providing Internet services and facilities (for example, web servers).
These machines are hardened to withstand the attacks they might face. To limit exposure in
NOTES
case of a security breach from such attacks, these servers typically contain no information
about the internal network. For example, the name server facilities only include the server
and the routers to the Internet.
Progressively, DMZ implementations have moved the segment behind the firewall
as firewall security and facilities have increased in robustness. However, the DMZ still
remains segmented from the internal networks. You should continue to locate all machines
hosting Web servers, FTP servers, mail servers, and external DNS on a DMZ segment.
A simpler network design might only define separate DMZ segments for Internet
services, VPN access, and remote access. However, security issues exist with VPN and
remote access traffic. You need to separate appropriate connections of these types from
the rest of the network.
The firewall providing the DMZ segmentation should allow only inbound packets
destined to the corresponding service ports and hosts offering the services within the DMZ.
Also, limit outbound initiated traffic to the Internet to those machines requiring access to
the Internet to carry out the service they are providing (for example, DNS and mail). You
might want to segment an inbound-only DMZ and an outbound-only DMZ, with respect
to the type of connection requests. However, given the potential of a denial-of-service
attack interrupting DNS or email, consider creating separate inbound and outbound servers
to provide these services. Should an email-based Trojan horse or worm get out of control
and overrun your outbound mail server, inbound email can still be received. Apply the
same approach to DNS servers.
Intranet
The DMZ provides a network segment for hosts that offer services to the Internet.
This design protects your internal hosts, as they do not reside on the same segment as
hosts that could be compromised by an external attack. Internally, you also have similar
services to offer (Web, mail, file serving, internal DNS, and so on) that are meant solely for
internal users. Just as the Internet services are segmented, so too, are the internal services.
Separation of services in this manner also permits tighter controls to be placed on the
router filtering.

DBA 1727
Just as you separate the Internet-facing services into the DMZ for security, your
NOTES private internal services should reside in their own internal DMZ. In addition, just as multiple
DMZs can be beneficial—depending on your services and your network’s size—multiple
intranets might also be helpful.
The firewall rules providing the segmentation should be configured similarly to the
rules used for the DMZ’s firewall. Inbound traffic should come solely from machines relaying
information from the DMZ (such as inbound email being passed to internal mail servers)
and machines residing on the internal network.
Internal Network
The segments that remain make up your internal network segments. These segments
house users’ machines or departmental workstations. These machines request information
from hosts residing on the intranet. Development, lab, and test network segments are also
included in this list. Use a firewall between each internal network segment to filter traffic to
provide additional security between departments. Identify the type of internal network
traffic and services used on each of these segments to determine if an internal firewall
would be beneficial.
Machines on internal networks should not communicate directly with machines on

the Internet. Preferably, these machines avoid direct communication with machines in the
DMZ. Ultimately, the services they require should reside on hosts in the intranet. A host on
the intranet can in turn communicate with a host in the DMZ to complete a service (such as
outbound email or DNS). This indirect communication is acceptable.
Proxies
Only the machines directly communicating with machines on the Internet should
reside in the DMZ. If users require Internet access, though, this creates a problem based
on your previous topology decisions. In this situation, proxies become helpful. Place a
proxy on an internal network segment, or, better yet, an intranet segment. A machine
requiring access to the Internet can pass its request onto the proxy, which in turn makes the
request on the machine’s behalf. This relay out to the Internet helps shield the machine
from any potential danger it might encounter.

Because the proxy communicates directly with machines on the Internet, it should
reside in the DMZ. However, this conflicts with the desire to prevent internal machines
NOTES
from directly communicating with DMZ machines. To keep this communication indirect,
use a double proxy system. A second proxy residing in the intranet passes connection
requests of the internal machines to the proxy in the DMZ, which in turn makes the actual
connection out on the Internet.
Firewall Configuration
In addition to the typical packet-filtering features, most firewalls provide features

to prevent IP spoofing. Use IP-spoofing protection whenever possible.
For instance, if there is only one entry point into your network from the Internet
and a packet is received from the Internet with a source address of one of your internal
machines, it was likely spoofed. Based on your network’s topology, the only packets
containing a source IP address from your internal machines should come from within the
network itself, not from the Internet. By preventing IP spoofing, this possibility is eliminated,
and the potential for bypassing IP address-based authorization and the other firewall-
filtering rules is reduced. Use the same IP-spoofing protection on any internal firewall as
well.
Mobile Users
When you have remote or mobile users, pay attention to how you will provide
them access to the facilities. Will there be any facilities they cannot access? What kind of
security policies do you need to address? Will you require SSL for authentication? Also,
examine whether your mobile user population is stable or is expected to increase over
time.
1.7 TRANSMISSION CONTROL PROTOCOL/INTERNET PROTOCOL

TCP / IP
1.7.1 Introduction to TCP/IP:
The realization that stand - alone computers made no sense made the network
possible. When there were too many of them, people realized that stand - alone networks

DBA 1727
made little sense either, and that they also needed to talk to one another. This was the
NOTES problem confronting the US Government and the academic community in the late 60s.
Everything they had was heterogeneous-computers, networks, operating systems and
networking software. Connecting these networks was either impossible or done using
expensive proprietary network devices. Something had to be done.
Rather than surrender to the monopoly of vendors, the US Department of Defence

(DOD) initiated work on a project with a simple objective: develop a set of standard rules
(Protocols) which could be used by all machines and networks to communicate. The
solution had to be vendor - neutral, independent of the hardware or the operating system,
and even the geographical location. The solution they found was TCP/IP/. It became so
successful that both the Internet and the World Wide Web adopted it is their protocol.
TCP and IP were developed to connect a number different networks designed by

different vendors into a network of networks (the “Internet”). It was initially successful
because it delivered a few basic services that everyone needs (file transfer, electronic mail,
remote logon) across a very large number of client and server systems. Several computers
in a small department can use TCP/IP (along with other protocols) on a single LAN. The
IP component provides routing from the department to the enterprise network, then to
regional networks, and finally to the global Internet. On the battlefield a communications
network will sustain damage, so the DOD designed TCP/IP to be robust and automatically
recover from any node or phone line failure. This design allows the construction of very
large networks with less central management. However, because of the automatic recovery,
network problems can go undiagnosed and uncorrected for long periods of time.
1.7.2 Internet Protocols:
A protocol is a set of rules that determines how two computers communicate with
one another over a network. The protocols around which the Internet was designed
embody a series of design principles.
• Interoperable-the system supports computers and software from different

vendors. For EC, this means that the customers or businesses are not required
to buy specific systems in order to conduct business.
• Layered-the collection of Internet protocols works in layers with each layer
building on the layers at lower levels. This layered architecture is shown in

• Simple-each of the layers in the architecture provides only a few functions or

operations. This means that application programmers are hidden from the
NOTES
complexities of the underlying hardware.
• End-to end- the Internet is based on end-to-end protocols. This means that
the interpretation of the data happens at the application layer(i.e the sending
and the receiving side) and not at the network layers. It is much like the post
office. The job of the post office is to deliver the mail, only the sender and the
receiver are concerned about its contents.
1.7.3 What is TCP/IP?
TCP/IP is a set of protocols developed to allow cooperating computers to share

resources across a network. It was developed by a community of researchers centered
around the ARPAnet. Certainly the ARPAnet is the best- known TCP/IP network.
The most accurate name for the set of protocols are describing is the “Internet
protocol suite”. TCP and IP are two of the protocols in this suite. Because TCP and IP are
the best known of the protocols, it has become common to use the term TCP/IP or IP/
TCP to refer to the whole family.

DBA 1727
TCP/IP is a family of protocols. A few provide “low- level” functions needed for many
NOTES applications. These include IP, TCP, and UDP.
• IP - is responsible for moving packet of data from node to node. IP forwards

each packet based on a four byte destination address (the IP number). The
Internet authorities assign ranges of numbers to different organizations. The
organizations assign groups of their numbers to departments. IP operates on
gateway machines that move data from department to organization to region
and then around the world.
• TCP - is responsible for verifying the correct delivery of data from client to
server. Data can be lost in the intermediate network. TCP adds support to
detect errors or lost data and to trigger retransmission until the data is correctly
and completely received.
• UDP (User Datagram Protocol) is a simple transport-layer protocol. It does
not provide the same features as TCP, and is thus considered “unreliable.”
Again, although this is unsuitable for some applications, it does have much
more applicability in other applications than the more reliable and robust TCP.
One of the things that makes UDP nice is its simplicity. Because it doesn’t
need to keep track of the sequence of packets, whether they ever made it to
their destination, etc., it has lower overhead than TCP. This is another reason
why it’s more suited to streaming-data applications: there’s less screwing around
that needs to be done with making sure all the packets are there, in the right
order, and that sort of thing.
Others are protocols for doing specific tasks, e.g. transferring files between
computers, sending mail, or finding out who is logged in on another computer.
1.7.4 TCP/IP Services
Initially TCP/IP was used mostly between minicomputers or mainframes. These

machines had their own disks, and generally were self- contained. Thus the most important
“traditional” TCP/IP services are:
• File transfer.
The file transfer protocol (FTP) allows a user on any computer to get files from
another computer, or to send files to another computer. Security is handled by
requiring the user to specify a user name and password for the other computer.

• Remote login
The network terminal protocol (TELNET) allows a user to log in on any other
NOTES
computer on the network. You start a remote session by specifying a computer to
connect to. From that time until you finish the session, anything you type is sent to
the other computer. Note that you are really still talking to your own computer. But
the telnet program effectively makes your computer invisible while it is running. Every
character you type is sent directly to the other system. Generally, the connection to
the remote computer behaves much like a dialup connection. That is, the remote
system will ask you to log in and give a password, in whatever manner it would
normally ask a user who had just dialed it up.
• Computer mail.
This allows you to send messages to users on other computers. Originally, people
tended to use only one or two specific computers. They would maintain “mail files”
on those machines. The computer mail system is simply a way for you to add a
message to another user’s mail file. There are some problems with this in an
environment where microcomputers are used. The most serious is that a micro is not
well suited to receive computer mail.
When you send mail, the mail software expects to be able to open a connection to
the addressee’s computer, in order to send the mail. If this is a microcomputer, it may be
turned off, or it may be running an application other than the mail system. For this reason,
mail is normally handled by a larger system, where it is practical to have a mail server
running all the time. Microcomputer mail software then becomes a user interface that
retrieves mail from the mail server.
1.7.5 Features Of Tcp/Ip
A protocol is a set of rules that have to use by two or more machines to talk to one
another. These rules are independent of the applications that have no idea of what is going
on at the two ends of the communication channel. The goals of TCP/IP were set by the US
Department of Defence, and today, they are its inherent features:
• Independence of vendor, type of machine and network - This was necessary

to finally break the monopoly of vendors who claimed that their product alone
will save the world.

DBA 1727
• Failure recovery - Being originally meant for the defence network, it should
NOTES be able to divert data immediately through other routes if one or more parts of
the network went down.
• Facility to connect new sub networks without significant disruption of services
• High error rate handling - The transmission, irrespective of the distance
travelled, must be 100% reliable, with facilities for full error control.
• Enable reliable transmission of files, remote login and remote execution of
commands.
TCP/IP originally began by the development of a collection of programs (the

DARPA set) that enabled computers to talk among themselves. Later, Berkeley developed
an entire suite of tools that are today known as the r – utilities because all their command
names are prefixed with an “r. Some of the most important application available in the TCP
/ IP family are:
• ftp and rep for file transfer

• telnet and rlogin for logging in to remote machines
• rsh (rcmd in SCO UNIX) for executing a command in a remote machine
without logging in
• The Network File System (NFS) which lets one machine treat the file system
of a remote machine as its own
• The electronic mail service using the Simple Mail Transport Protocol (SMTP),
Post Office Protocol (POP) and the mail, pine and elm mailers
• Remote printing which allows people to access printers on remote computers
as if they were connected locally
• The Hyper Text Transport Protocol (HTTP) of the World Wide Web which
browsers like Netscape use to fetch HTML documents
• The point – to – Point Protocol (PPP) which makes all these facilities available
through a telephone line
1.7.6 TCP/IP Terminology
The Internet standards use a specific set of terms when referring to network elements
and concepts related to TCP/IP networking. These terms provide a foundation for
subsequent chapters illustrates the components of an IP network.
\

NOTES
Elements of an IP network
Common terms and concepts in TCP/IP are defined as follows:
• Node Any device, including routers and hosts, which runs an implementation
of IP.
• Router A node that can forward IP packets not explicitly addressed to itself.
On an IPv6 network, a router also typically advertises its presence and host
configuration information.
• Host A node that cannot forward IP packets not explicitly addressed to
itself (a non-router). A host is typically the source and the destination of IP
traffic. A host silently discards traffic that it receives but that is not explicitly
addressed to itself.
• Upper-layer protocol A protocol above IP that uses IP as its transport.
Examples include Internet layer protocols such as the Internet Control Message
Protocol (ICMP) and Transport layer protocols such as the Transmission
Control Protocol (TCP) and User Datagram Protocol (UDP).
• LAN segment A portion of a subnet consisting of a single medium that is
bounded by bridges.
• Subnet One or more LAN segments that are bounded by routers and use
the same IP address prefix. Other terms for subnet are network segment and
link.
• Network Two or more subnets connected by routers. Another term for
network is internet work.
DBA 1727
• Air A node connected to the same subnet as another node.

NOTES • Interface The representation of a physical or logical attachment of a node
to a subnet. An example of a physical interface is a network adapter.
• Address An identifier that can be used as the source or destination of IP
packets and that is assigned at the Internet layer to an interface or set of
interfaces.
• Packet The protocol data unit (PDU) that exists at the Internet layer and
comprises an IP header and payload.
In a network, a computer is known as a host, sometimes a node, and every such

host has a hostname. This name is unique throughout the network. Each machine is fitted
with a network interface card that is connected by wire to the corresponding cards in other
machines. All communication between hosts normally takes place through these network
interfaces only.
Every TCP/IP network has an address that is used by external networks to direct
their messages. Every host in the network has an address as well, and the combination of
these two addresses forms the complete network address of the host. For instance, 192.168
(or strictly speaking, 192.168.0.0) could be the address of a network, and a host within
the network could have the host address of 45.67. In that case, 192.168.45.67 represents
the complete network address of the host. This address has to be unique not only within
the network, but also to all connected networks. And, if the network is hooked up to the
Internet, it has to be unique throughout the world.
When two or more networks are connected together, and uses the TCP/IP protocol
for communication, we have an internet, popularly known as an intranet, which is the super
– network of all networks. A local internet or intranet may easily be connected to the
Internet which also uses the same protocol. Now many installations have several kinds of
computers, including microcomputers, workstations, minicomputers, and mainframes. These
computers are likely to be configured to perform specialized tasks. Although people are
still likely to work with one specific computer, that computer will call on other systems on
the net for specialized services. This has led to the “server/client” model of network services.
A server is a system that provides a specific service for the rest of the network. A client is
another system that uses that service. (Note that the server and client need not be on
different computers. They could be different programs running on the same computer.)
Here are the kinds of servers typically present in a modern computer setup. Note that
these computer services can all be provided within the framework of TCP/IP.

• network file systems. A network file system provides the illusion that disks
or other devices from one system are directly connected to other systems.
NOTES
There is no need to use a special network utility to access a file on another
system. Your computer simply thinks it has some extra disk drives. These
extra “virtual” drives refer to the other system’s disks. This capability is useful
for several different purposes. It lets you put large disks on a few computers,
but still give others access to the disk space. Aside from the obvious economic
benefits, this allows people working on several computers to share common
files. It makes system maintenance and backup easier, because you don’t
have to worry about updating and backing up copies on lots of different
machines. A number of vendors now offer high-performance diskless
computers. These computers have no disk drives at all. They are entirely
dependent upon disks attached to common “file servers”.
• remote printing. This allows you to access printers on other computers as if
they were directly attached to yours. (The most commonly used protocol is
the remote lineprinter protocol from Berkeley Unix)
• remote execution. This is useful when you can do most of your work on a
small computer, but a few tasks require the resources of a larger system.
There are a number of different kinds of remote execution. Some operate on
a command by command basis. That is, you request that a specific command
or set of commands should run on some specific computer. However there
are also “remote procedure call” systems that allow a program to call a
subroutine that will run on another computer.
• name servers. In large installations, there are a number of different collections
of names that have to be managed. This includes users and their passwords,
names and network addresses for computers, and accounts. It becomes very
tedious to keep this data up to date on all of the computers. Thus the databases
are kept on a small number of systems. Other systems access the data over
the network.
• terminal servers. Many installations no longer connect terminals directly to
computers. Instead they connect them to terminal servers. A terminal server is
simply a small computer that only knows how to run telnet (or some other
protocol to do remote login). If your terminal is connected to one of these,
you simply type the name of a computer, and you are connected to it. Generally
it is possible to have active connections to more than one computer at the
same time. The terminal server will have provisions to switch between

DBA 1727
connections rapidly, and to notify you when output is waiting for another
NOTES connection.
• network-oriented window systems. Until recently, high-performance
graphics programs had to execute on a computer that had a bit-mapped
graphics screen directly attached to it. Network window systems allow a
program to use a display on a different computer. Full-scale network window
systems provide an interface that lets you distribute jobs to the systems that
are best suited to handle them, but still give you a single graphically-based
user interface.
1.7.7 TCP/IP – Connectionless technology:
TCP/IP is built on “connectionless” technology. Information is transferred as a

sequence of “datagrams”. A datagram is a collection of data that is sent as a single message.
Each of these datagrams is sent through the network individually. There are provisions to
open connections (i.e. to start a conversation that will continue for some time). However at
some level, information from those connections is broken up into datagrams, and those
datagrams are treated by the network as completely separate. For example, suppose you
want to transfer a 15000 octet file. Most networks can’t handle a 15000 octet datagram.
So the protocols will break this up into something like 30 500-octet datagrams. Each of
these datagrams will be sent to the other end. At that point, they will be put back together
into the 15000-octet file. However while those datagrams are in transit, the network doesn’t
know that there is any connection between them. It is perfectly possible that datagram 14
will actually arrive before datagram 13. It is also possible that somewhere in the network,
an error will occur, and some datagram won’t get through at all. In that case, that datagram
has to be sent again.
1.8 HYPERTEXT MARKUP LANGUAGE (HTML)
1.8.1 Web Based Client / Server
Over the past three or four years, the World Wide Web (WWW) has come to
dominate the traffic on the Internet. The vast majority of EC applications are Web based.
In such applications, the clients are called Web browsers and the servers are simply called
Web servers. Like other client/server applications, Web browsers and servers need as
way

1) to locate each other so they can send requests and responses back and forth and
2) to communicate with one another.
NOTES
To fulfil these needs, a new addressing scheme – the URL - and a new protocol –
the Hypertext Transport Protocol (HTTP) were introduced.
1.8.1.1 Universal Resource Locator (URL)
Universal Resource Locators (URLs) are ubiquitous, appearing on the Web, in

print, on billboards, on television, and anywhere else a company can advertise. We are all
familiar with “www .anywhere.com”. This is the default syntax for a URL. The complete
syntax for an “absolute” URL is access – method: // server –name [: port]/directory/file,
where the access – method can be http, ftp, gopher, or telnet. In the case of a URL like
www.ge.com, for example, the access – method (http), port (80), directory, and file (e.g.,
home page.htm) take default values, as opposed to the following example where all the
values are explicitly specified: http://info.cern.ch:80/hypertext/Data Sources/
Geographical.html. What this URL represents is the Web page “Geographical.html” on the
server “info.cern.ch” stored in the directory “Data Sources”.
1.8.1.2 Hypertext Transfer Protocol (HTTP)
Hypertext Transfer Protocol (HTTP) is the set of rules, or protocol that governs
the transfer of hypertext between two or more computers. The World Wide Web
encompasses the universe of information that is available via HTTP.
Hypertext is text that is specially coded using a standard system called Hypertext
Markup Language (HTML). The HTML codes are used to create links. These links can
be textual or graphic and when clicked on, can “link” the user to another resource such as
other HTML documents, text files, graphics, animation and sound.
HTTP is based on client/server principle. HTTP allows the client to establish a

connection with the server and make a request. The server request identifies the resource
that the client is interested in and tells the server what “action” to take on the resource.
When a user selects a hypertext link, the client program on their computer uses
HTTP to contact the server, identify a resource, and ask the server to respond with an

DBA 1727
action. The server accepts the request, and then uses HTTP to respond to or perform the
NOTES action.
HTTP also provides access to other Internet protocols like File Transfer Protocol
(FTP), Simple Mail Transfer Protocol (SMTP), Network News Transfer Protocol (NNTP),
WAIS, Gopher, Telnet, etc.
1.8.2 Mark Uplanguages and The Web
Web pages can include many elements, such as graphics, photographs, sound
clips, and even small programs that run in the web browser. Each of these elements is
stored on the Web server as a separate file. The most important parts of a Web page,
however, are the structure of the page and the text that makes up the main part of the page.
The page structure and text are stored in a text file that is formatted, of marked up, using a
text mark up language. A text mark up language specifies a set of tags that are inserted into
the text. These mark up tags, also called tags, provide formatting instructions that Web
client software can understand. The Web client software uses those instructions as it renders
the text and page elements contained in the other files into the Web page that appears on
the screen of the client computer.
The markup language most commonly used on the web is HTML, which is a
subset of a much older and far more complex text markup language called Standard
Generalized Markup Language (SGML). HTML, XML and XHTML have descended
from the original SGML specification. SGML was used for many years by the publishing
industry to create documents that needed to be printed in various formats and they were
revised frequently. In addition to its role as a markup language, SGML is a meta language,
which is a language that can be used to define other languages. Another markup language
that was derived from SGML for use on the Web is Extensible Markup Language
(XML), which is increasingly used to mark up information that companies share with each
other over the Internet
1.8.3 Hypertext Markup Language (Html)
A web page is created using HTML. HTML stands for Hypertext Markup
Language. HTML is a special kind of text document that is used by Web browsers to
present text and graphics.HTML consists of standardized codes or ‘tags’ that are used to
define the structure of information on a web page.

The text includes markup tags such as <p> to indicate the start of a paragraph,
and </p> to indicate the end of a paragraph. HTML documents are often referred to as
NOTES
“Web pages”. The browser retrieves Web pages from Web servers that thanks to the
Internet can be pretty much anywhere in World.
HTML is standardized and portable. A document that has been prepared using
HTML markup “tags” can be viewed using variety of web browsers such as Netscape,
Lynx etc... A browser interprets the tags in an HTML file and presents the file as a formatted
readable web page.
1.8.3.1 HTML Tags:
HTML tags are used to define areas of document as having certain characteristics.
The tags used in HTML usually consist of a code in between two “wickets”. These codes
are called container tags because the formatting described by the tag affects only the text
contained between the tags.
• start with a title

• add headings and paragraphs
• add emphasis to your text
• add images
• add links to other pages
• use various kinds of lists
Start with a title
Every HTML document needs a title. Here is what you need to type:
<title>My first HTML document</title>
Change the text from “My first HTML document” to suit your own needs. The title
text is preceded by the start tag <title> and ends with the matching end tag </title>. The
title should be placed at the beginning of your document.
To try this out, type the above into a text editor and save the file as “test.html”, then
view the file in a web browser. If the file extension is “.html” or “.htm” then the browser will
recognize it as HTML. Most browsers show the title in the window caption bar. With just

DBA 1727
a title, the browser will show a blank page. Don’t worry. The next section will show how
NOTES to add displayable content.
Add headings and paragraphs
If you have used Microsoft Word, you will be familiar with the built in styles for
headings of differing importance. In HTML there are six levels of headings. H1 is the most
important; H2 is slightly less important, and so on down to H6, the least important.
Here is how to add an important heading:
<h1>An important heading</h1>

and here is a slightly less important heading:
<h2>A slightly less important heading</h2>

Each paragraph you write should start with a <p> tag. The </p> is optional, unlike the end
tags for elements like headings. For example:
<p>This is the first paragraph.</p>
<p>This is the second paragraph.</p>
Adding a bit of emphasis

You can emphasize one or more words with the <em> tag, for instance:
This is a really <em>interesting</em> topic!
Adding interest to your pages with images
Images can be used to make your Web pages distinctive and greatly help to get
your message across. The simple way to add an image is using the <img> tag. Let’s assume
you have an image file called “peter.jpg” in the same folder/directory as your HTML file. It
is 200 pixels wide by 150 pixels high.
<img src=”peter.jpg” width=”200" height=”150">
The src attribute names the image file. The width and height aren’t strictly necessary
but help to speed the display of your Web page. Something is still missing! People who

can’t see the image need a description they can read in its absence. You can add a short
description as follows:
NOTES
<img src=”peter.jpg” width=”200" height=”150"

alt=”My friend Peter”>
The alt attribute is used to give the short description, in this case “My friend Peter”.
For complex images, you may need to also give a longer description. Assuming this has
been written in the file “peter.html”, you can add one as follows using the longdesc attribute:
<img src=”peter.jpg” width=”200" height=”150"

alt=”My friend Peter” longdesc=”peter.html”>
You can create images in a number of ways, for instance with a digital camera, by
scanning an image in, or creating one with a painting or drawing program. Most browsers
understand GIF and JPEG image formats, newer browsers also understand the PNG
image format. To avoid long delays while the image is downloaded over the network, you
should avoid using large image files.
Generally speaking, JPEG is best for photographs and other smoothly varying
images, while GIF and PNG are good for graphics art involving flat areas of color, lines
and text. All three formats support options for progressive rendering where a crude version
of the image is sent first and progressively refined.
Adding links to other pages
What makes the Web so effective is the ability to define links from one page to
another, and to follow links at the click of a button. A single click can take you right across
the world!
Links are defined with the <a> tag. Lets define a link to the page defined in the file
“peter.html” in the same folder/directory as the HTML file you are editing:
This a link to <a href=”peter.html”>Peter’s page</a>.
The text between the <a> and the </a> is used as the caption for the link. It is
common for the caption to be in blue underlined text.

DBA 1727
If the file you are linking to is in a parent folder/directory, you need to put “../” in
NOTES front of it, for instance:
<a href=”../mary.html”>Mary’s page</a>
If the file you are linking to is in a subdirectory, you need to put the name of the
subdirectory followed by a “/” in front of it, for instance:
<a href=”friends/sue.html”>Sue’s page</a>
The use of relative paths allows you to link to a file by walking up and down the
tree of directories as needed, for instance:
<a href=”../college/friends/john.html”>John’s page</a>
Which first looks in the parent directory for another directory called “college”, and
then at a subdirectory of that named “friends” for a file called “john.html”.
To link to a page on another Web site you need to give the full Web address
(commonly called a URL), for instance to link to www.w3.org you need to write:
This is a link to <a href=”http://www.w3.org/”>W3C</a>.
You can turn an image into a hypertext link, for example, the following allows you
to click on the company logo to get to the home page:
<a href=”/”><img src=”logo.gif” alt=”home page”></a>

This uses “/” to refer to the root of the directory tree, i.e. the home page.
Three kinds of lists
HTML supports three kinds of lists. The first kind is a bulletted list, often called an
unordered list. It uses the <ul> and <li> tags, for instance:
<ul>
<li>the first list item</li>
<li>the second list item</li>
<li>the third list item</li>
</ul>

Note that you always need to end the list with the </ul> end tag, but that the </li>
is optional and can be left off. The second kind of list is a numbered list, often called an
NOTES
ordered list. It uses the <ol> and <li> tags. For instance:
<ol>
<li>the second list item</li>
<li>the third list item</li>
</ol>
Like bulletted lists, you always need to end the list with the </ol> end tag, but the </li> end
tag is optional and can be left off.
The third and final kind of list is the definition list. This allows you to list terms and
their definitions. This kind of list starts with a <dl> tag and ends with </dl> Each term starts
with a <dt> tag and each definition starts with a <dd>. For instance:
<dl>
<dt>the first term</dt>
<dd>its definition</dd>
<dt>the second term</dt>

<dt>the third term</dt>

</dl>
The end tags </dt> and </dd> are optional and can be left off. Note that lists can
be nested, one within another. For instance:
<ol>
<li>
the second list item
<ul>
<li>first nested item</li>
<li>second nested item</li>
</ul>
DBA 1727
</li>
NOTES <li>the third list item</li>
</ol>
You can also make use of paragraphs and headings etc. for longer list items.
HTML has a head and a body
If you use your web browser’s view source feature (see the View or File menus)
you can see the structure of HTML pages. The document generally starts with a declaration
of which version of HTML has been used, and is then followed by an <html> tag followed
by <head> and at the very end by </html>. The <html> ... </html> acts like a container for
the document. The <head> ... </head> contains the title, and information on style sheets
and scripts, while the <body> ... </body> contains the markup with the visible content.
Here is a template you can copy and paste into your text editor for creating your own
pages:
<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”

“http://www.w3.org/TR/html4/loose.dtd”>
<html>
<head>
<title> replace with your document’s title </title>
</head>
<body>
replace with your document’s content
</body>
</html>
Tidying up your markup
A convenient way to automatically fix markup errors is to use HTML Tidy which
also tidies the markup making it easier to read and easier to edit. I recommend you regularly
run Tidy over any markup you are editing. Tidy is very effective at cleaning up markup
created by authoring tools with sloppy habits. Tidy is available for a wide range of operating
systems from the TidyLib Sourceforge site, and has also been integrated into a variety of
HTML editing tools.

1.9 OLAP: ON-LINE ANALYTICAL PROCESSING

NOTES
1.9.1 Introduction:
The term OLAP (On-Line Analytical Processing) was coined by E.F. Codd in
1993 to refer a type of application that allows a user to interactively analyze data. An
OLAP system is often contrasted to an OLTP (On-Line Transaction Processing) system
that focuses on processing transactions such as orders, invoices or general ledger
transactions.
OLAP is now acknowledged as a key technology for successful management in

the 90’s. It describes a class of applications that require multidimensional analysis of business
data. OLAP systems enable managers and analysts to rapidly and easily examine key
performance data and perform powerful comparison and trend analyses, even on very
large data volumes. They can be used in a wide variety of business areas, including sales
and marketing analysis, financial reporting, quality tracking, profitability analysis, manpower
and pricing applications and many others.
OLAP technology is being used in an increasingly wide range of applications. The

most common are sales and marketing analysis; financial reporting and consolidation; and
budgeting and planning. OLAP is being used for applications such as product profitability
and pricing analysis, activity based costing, manpower planning; quality analysis, in fact for
any management system that requires a flexible top down view of an organization.
1.9.2 What is OLAP?
On-Line Analytical Processing (OLAP) is a category of software technology that

enables analysts, managers and executives to gain insight into data through fast, consistent,
interactive access to a wide variety of possible views of information that has been transformed
from raw data to reflect the real dimensionality of the enterprise as understood by the user.
OLAP functionality is characterized by dynamic multi-dimensional analysis of

consolidated enterprise data supporting end user analytical and navigational activities
including:
• calculations and modeling applied across dimensions, through hierarchies and/

or across members
• trend analysis over sequential time periods
DBA 1727
• slicing subsets for on-screen viewing

NOTES • drill-down to deeper levels of consolidation
• reach-through to underlying detail data
• rotation to new dimensional comparisons in the viewing area
OLAP is implemented in a multi-user client/server mode and offers consistently

rapid response to queries, regardless of database size and complexity. OLAP helps the
user synthesize enterprise information through comparative, personalized viewing, as well
as through analysis of historical and projected data in various “what-if” data model scenarios.
This is achieved through use of an OLAP Server.
OLAP allows business users to slice and dice data at will. Normally data in an
organization is distributed in multiple data sources and are incompatible with each other. A
retail example: Point-of-sales data and sales made via call-center or the Web are stored in
different location and formats. It would a time consuming process for an executive to
obtain OLAP reports such as - What are the most popular products purchased by customers
between the ages 15 to 30?
Part of the OLAP implementation process involves extracting data from the various
data repositories and making them compatible. Making data compatible involves ensuring
that the meaning of the data in one repository matches all other repositories. An example of
incompatible data: Customer ages can be stored as birth date for purchases made over the
web and stored as age categories (i.e. between 15 and 30) for in store sales.
It is not always necessary to create a data warehouse for OLAP analysis. Data
stored by operational systems, such as point-of-sales, are in types of databases called
OLTPs. OLTP, Online Transaction Process, databases do not have any difference
from a structural perspective from any other databases. The main difference, and only,
difference is the way in which data is stored.
Examples of OLTPs can include ERP, CRM, SCM, Point-of-Sale applications, Call Center.
OLTPs are designed for optimal transaction speed. When a consumer makes a
purchase online, they expect the transactions to occur instantaneously. With a database
design, call data modeling, optimized for transactions the record ‘Consumer name, Address,
Telephone, Order Number, Order Name, Price, Payment Method’ is created quickly on
the database and the results can be recalled by managers equally quickly if needed.

NOTES
Data Model for OLTP

DBA 1727
Data are not typically stored for an extended period on OLTPs for storage cost and
NOTES transaction speed reasons.
OLAPs have a different mandate from OLTPs. OLAPs are designed to give an
overview analysis of what happened. Hence the data storage (i.e. data modeling) has to be
set up differently. The most common method is called the star design.
Star Data Model for OLAP
The central table in an OLAP start data model is called the fact table. The surrounding
tables are called the dimensions. Using the above data model, it is possible to build reports
that answer questions such as:
• The supervisor that gave the most discounts.
• The quantity shipped on a particular date, month, year or quarter.
• In which zip code did product A sell the most.
To obtain answers, such as the ones above, from a data model OLAP cubes are
created. OLAP cubes are not strictly cuboids - it is the name given to the process of linking

data from the different dimensions. The cubes can be developed along business units such
as sales or marketing. Or a giant cube can be formed with all the dimensions.
NOTES
OLAP Cube with Time, Customer and Product Dimensions
OLAP can be a valuable and rewarding business tool. Aside from producing reports,
OLAP analysis can aid an organization evaluate balanced scorecard targets.
Steps in the OLAP Creation Process
1.9.3 OLAP Server
An OLAP server is a high-capacity, multi-user data manipulation engine specifically

designed to support and operate on multi-dimensional data structures. A multi-dimensional
structure is arranged so that every data item is located and accessed based on the intersection
of the dimension members which define that item. The design of the server and the structure
of the data are optimized for rapid ad-hoc information retrieval in any orientation, as well
as for fast, flexible calculation and transformation of raw data based on formulaic
relationships. The OLAP Server may either physically stage the processed multi-dimensional
information to deliver consistent and rapid response times to end users, or it may populate
its data structures in real-time from relational or other databases, or offer a choice of both.
Given the current state of technology and the end user requirement for consistent and rapid
response times, staging the multi-dimensional data in the OLAP Server is often the preferred
method.

DBA 1727
1.9.4 Uses Of Olap

NOTES
OLAP applications span a variety of organizational functions. Finance departments
use OLAP for applications such as budgeting, activity – based costing (allocations), financial
performance analysis, and financial modelling. Sales analysis and forecasting are two of
the OLAP applications found in sales departments. Among other applications, marketing
departments use OLAP for market research analysis, sales forecasting, promotions analysis,
customer analysis, and market / customer segmentation. Typical manufacturing OLAP
applications include production planning and defect analysis.
For all the above applications is the ability to provide managers with the information
they need to make effective decisions about an organization’s strategic directions. The key
indicator of a successful OLAP application is its ability to provide information, as needed,
i.e., its ability to provide “just – in - time” information for effective decision- making. This
requires more than a base level of detailed date.
Analyzing and modelling complex relationships are practical only if response times
are consistently short. In addition, because the nature of data relationships may not be
known in advance, the data model must be flexible. A truly flexible data model ensures that
OLAP systems can respond to changing business requirements as needed for effective
decision making.
1.9.5 OLAP Benefits:
OLAP applications increase the productivity of business managers, developers,

and whole organizations. The inherent flexibility of OLAP systems means business users of
OLAP applications can become more self sufficient. Managers are no longer dependent
on IT to make schema changes, to create joins or worse. Perhaps more importantly,
OLAP enables managers to model problems that would be impossible using less flexible
systems with lengthy and inconsistent response times. More control and timely access to
strategic information equal more effective decision-making.
IT developers also benefit from using the right OLAP software. Although it is
possible to build an OLAP system using software designed for transaction processing or
data collection, it is certainly not a very efficient use of developer time. By using software
specifically designed for OLAP, developers can deliver applications to business users faster,

providing better service. Faster delivery of applications also reduces the applications
backlog
NOTES
OLAP reduces the applications backlog still further by making business users self-
sufficient enough to build their own models. However, unlike standalone departmental
applications running on PC networks, OLAP applications are dependent on data warehouses
and transaction processing systems to refresh their source level data. As a result, IT gains
more self-sufficient users without relinquishing control over the integrity of the data.
IT also realizes more efficient operations through OLAP. By using software designed
for OLAP, IT reduces the query drag and network traffic on transaction systems or the
data warehouse.
1.10 CRYPTOGRAPHY
1.10.1 Introduction to Cryptography
The origin of the word cryptology lies in ancient Greek. The word cryptology is
made up of two components: “kryptos”, which means hidden and “logos” which means
word. Cryptology is as old as writing itself, and has been used for thousands of years to
safeguard military and diplomatic communications. For example, the famous Roman emperor
Julius Caesar used a cipher to protect the messages to his troops. Within the field of
cryptology one can see two separate divisions: cryptography and cryptanalysis. The
cryptographer seeks methods to ensure the safety and security of conversations while the
cryptanalyst tries to undo the former’s work by breaking his systems.
1.10.2 Cryptographic services
The main goals of modern cryptography can be seen as: user authentication, data
authentication (data integrity and data origin authentication), non-repudiation of origin, and
data confidentiality.
User Authentication
If you log to a computer system there must (or at least should) be some way that
you can convince it of your identity. Once it knows your identity, it can verify whether you
are entitled to enter the system. The same principal applies when one person tries to

DBA 1727
communicate with another: as a first step you want to verify that you are communicating
NOTES with the right person. Therefore there must be some way in which you can prove your
identity. This process is called user authentication. There are several ways to obtain user
authentication.
You can give him something only you can know: a password, a (predesigned)
user-id, a pincode, and so on. Or you could have some specific items with which you can
identify yourself: a magnetic strip card, a smart card (a hand-held computer the size of a
credit-card), a token. One might make use of biometric properties; it is a well-known fact
that fingerprints, the shape of the hand and retinal pattern of a person are good decision
criteria. These however require specialized equipment and thus a big investment. However,
these biometric systems are not perfect: some legitimate users will inevitably fail the
identification and some intruders will be accepted as genuine. Other techniques include
measurements of how a person types his name or writes his signature, or can take into
account the location of the user.
For the time being the first two methods are the ones generally applied, and many
practical systems use a combination of both. Since the user’s memory is limited, this
information should not vary too much over time. Whether it is a password, a pincode or a
user-id, all these items are being defined at a certain time and often don’t change from
there on. One might argue that you could change your password, but this is not done each
time you access the computer. This indicates that someone who can eavesdrop this
information will later be able to impersonate the user. A similar observation holds true for a
magnetic strip card or memory chip. All these systems provide static authentication only.
If the user possesses a device which can perform simple computations, the security
can be increased significantly by introducing the well-known challenge-response idea. If a
person tries to identify himself to the system, the system generates a random challenge and
sends it to the person or to his device. In case of a token (a mini-calculator), the user will
have to enter the challenge on the keyboard. The device will then compute the corresponding
response, using secret information which has been assigned to him. This response is then
sent back to the system, which verifies it. If more sophisticated protocols are used, the
verifier does not need secret information (this requires public-key protocols), or will even
not learn the secret of the users (this requires zero-knowledge protocols). Note that in this
case the procedure does not authenticate the user but rather his device. In order to increase
the security, the user should authenticate himself with respect to the device, using something

he alone knows. This makes the device useless if it is stolen.

NOTES
In general, one also requires that the computer authenticates itself to the person
logging on. If both parties are authenticated to each other, we use the term mutual
authentication.
Data authentication
Data authentication consists of two components: the fact that data has not been
modified (data integrity) and the fact that you know who the sender is (data origin
authentication).
Data integrity
A data integrity service guarantees that the content of the message, that was sent,
has not been tampered with. Data integrity by itself is not meaningful: it does not help you
to know that the data you have received has not been modified, unless you know it has
been sent directly to you by the right person. Therefore it should always be combined with
data origin authentication.
You should always be alert for possible intruders in your network or in your
communication system. A well-known example is the Internet that connects universities
and companies world-wide. Electronic mail over the Internet does not offer any security.
As a consequence, an educated computer user can tap into the messages that are being
transmitted over the line. It is very easy to read and modify someone’s electronic mail,
which is commonly seen as being private.
We have A(lice) who sends a message to B(ob). There is also an enemy who taps
the line between them. If you don’t support data integrity, this enemy can just change the
message and then relay it to B. B will not see that the message has been tampered with and
will assume A really intended it the way he got it. One could argue that active wire-tapping
is difficult. In general wire-tapping is only a matter of cost: tapping a telephone line is
obviously easier than tapping a coaxial cable or a micro-wave. Active wire-taps (modifying
and then relaying the messages) are also more difficult than passive wire-taps (listening in
on the messages).

DBA 1727
Data origin authentication

NOTES
Here one wants to make sure that the person who is claiming to be the sender of
the message really is the one from whom it originates. If A sends a message to B, but the
enemy intercepts it and sends it to B, claiming A has sent it, how can B be sure of the real
origin of this data? A variation on this theme is: the enemy could send a message to B
claiming it A is the originator. Thanks to cryptography, there are techniques to ensure
against this type of fraud.
Non-repudiation of origin
Non-repudiation protects against denial by one of the entities involved in a

communication of having participated in all or part of the communication. Non-repudiation
with proof of origin protects against any attempts by the sender to repudiate having sent a
message, while non-repudiation with proof of delivery protects against any attempt by the
recipient to deny, falsely, having received a message.
An example will illustrate the importance of non-repudiation of origin. Suppose B

is the owner of a mail-order company and he decides to let his customers order through
electronic mail. For him it is really important that he can show to an arbitrary third party
that A really ordered the things he is claiming otherwise it would be easy for a customer to
deny the purchase of the goods. In a paper and pencil world, non-repudiation is provided
by a manual signature.
Data confidentiality
This aspect of data security certainly is the oldest and best known. The example of
Caesars cipher given in the introduction clearly demonstrates this. The fact that confidentiality
was considered to be much more important than authentication of both sender and data,
together with non-repudiation of origin can be explained as follows: the latter services have
been provided implicitly by the physical properties of the channel: a letter was written in a
recognizable handwriting, with a seal and a signature.
With data confidentiality we try to protect ourselves against unauthorized disclosure

of the message. If A sends a message to B, but the enemy intercepts it, one wants to make
sure that this enemy never understands his contents. Confidentiality protection is very

important in the medical world and also in the banking sector. World-wide there are several
million transactions each day and all of these have to be passed from one financial institution
NOTES
to another. If there were no way to protect confidentiality, everybody would be able to see
who had purchased what, who has made what kind of withdrawal, and so on.
Clearly this would violate individuals and companies rights to privacy. In order to
provide confidentiality, it is necessary to transform the message with a cipher.
1.10.3 Cryptographic primitives
The above cryptographic services can be realized by several cryptographic

primitives: we distinguish between primitives for encryption, primitives for authentication,
and cryptographic protocols. Encryption primitives can be used to provide confidentiality,
authentication primitives can be used to provide data authentication. We will also discuss
protocols for user authentication and for key management.
Encryption primitives
In cryptography one often makes use of encryption. With encryption we transform

the clear-text (or plaintext) into cipher-text. To get back to the original text, we apply the
inverse transformation, called decryption. These transformations themselves are public:
this makes it possible to analyze these algorithms and to develop efficient implementations.
However they use a secret parameter: the keys which are known only by the sender and/
or the receiver.
This key is the only thing one needs to know in order to encipher or decipher. Thus
it is really important to manage one’s keys and keep them secret where necessary. .
We discuss two types of encryption primitives, symmetric or conventional ciphers

and asymmetric or public-key ciphers.
Symmetric ciphers
Basically there are two kinds of encryption-schemes. The oldest ones and most
used until now are the symmetric ciphers. In these schemes, the key used to decipher the
cipher-text is equal to the one used to encipher the plaintext.

DBA 1727
The best known cipher in this category is the Data Encryption Standard (DES)
NOTES that was adopted in 1977 by the American NBS (National Bureau of Standards) as FIPS
46. Since then it has been used all over the world and until now no major flaws have been
discovered.
Asymmetric ciphers
The asymmetric or public-key ciphers are the most recent cryptographic tools. In
contrary to the symmetric systems the key used to encipher and the one used to decipher
are different. Each partner thus has two keys. He keeps one key secret and makes the
other one public. If A wants to send a message to B, he just enciphers it with B’s public
key. Since B is the only one who has access to the secret key, B is the only one who can
decipher the message and read the contents.
The most popular public-key cipher is the RSA system (RSA stands for Rivest,
Shamir and Adleman, the names of the three inventors). The security of this scheme is
related to the mathematical problem of factorization: it is easy to generate two large primes
and to multiply them, but given a large number that is the product of two primes, it requires
a huge amount of computation to find the two prime factors.
Symmetric versus asymmetric ciphers
The biggest drawback of the asymmetric systems up until now has been the relative
low performance compared to the symmetric ones.
Public-key systems provide significant benefits in terms of key management: if

every user generates his own key, only an authentic channel is required, eliminating
(expensive) secret channels like couriers.
In systems without a central trusted server, the number of keys can be reduced.
Indeed, suppose we have a network of n users each of whom wanting to communicate
with the others. Since each communication requires a secret key, the total number of keys
required equals n*(n-1)/2.

1.10.4 Authentication primitives

NOTES
One-way functions and hash codes
A one-way function is defined as a function f such that for every x in the domain of
f, f(x) is easy to compute; but for virtually all y in the range of f, it is computationally
infeasible to find an x such that y=f(x). In addition one requires that it is hard to find a
second pre-image: given an x and the corresponding value of f(x), it should be hard to find
an x’ different from x which has the same image under f.
One-way functions are used to protect passwords: one will store a one-way image
of the password in the computer rather than the password itself. One applies then the one-
way function to the input of the user and verifies whether the outcome agrees with the value
stored in the table.
A hash function is a function which maps an input of arbitrary length into a fixed
number of output bits. In order to be useful for cryptographic applications, a hash function
has to satisfy some additional requirements. One can distinguish two types of hash functions.
A MAC (Message Authentication Code) that uses a secret key, and an MDC (Manipulation
Detection Code) that works without a key. For a MAC one requires that it should be
impossible to compute the MAC without knowledge of the secret key. For an MDC one
requires that it is a one-way function, and - in most cases - that it is collision resistant,
which means that it should be hard to find two arguments hashing to the same result.
Hash functions can be used to protect the authenticity of large quantities of data
with a short secret key (MAC), or to protect the authenticity of a short string (MDC).
Sometimes an MDC is used in combination with encryption, which can yield protection of
both confidentiality and authenticity.
There are several schemes which have been proposed for use as hash functions.
The widely used construction for a MAC is the CBC mode of the DES (with an additional
output transformation), as specified in ISO-9797. Several MDC’s have been constructed
based on the DES. Other dedicated designs are SHA (Secure Hash Algorithm or FIPS
180), and RIPE-MD 160. These hash functions achieve a very high throughput (Mbit/s),
even in software implementations.

DBA 1727
Digital signature
NOTES
Public-key techniques can also be used for other purposes than for enciphering
information. If Alice adds some redundancy to her message and transforms the result using
her secret key, anyone who knows Alice’s public key can verify that this message was sent
by Alice (by verifying the redundancy). In this way one can create a digital signature, which
is the equivalent of the hand-written signature on a document.
Since it is not physically connected to the signed data or the originator, it will
depend on this data and on the secret key of the originator. Several signature schemes
have been proposed. The RSA public-key cryptosystem is the only one which can be
used for both enciphering and digital signatures. Schemes which can only be used for
digital signature purposes are the DSA and the Fiat-Shamir scheme.
Note that it is possible to produce a digital signature based on conventional ciphers

like the DES. However, these schemes are less efficient in terms of memory and
computations. Other constructions use a conventional cipher in combination with tamper
resistant hardware: this offers only a limited protection.
Assume Bob has received from Alice a digitally signed message. If Alice subsequently
denies having sent the message, Bob can go to a third party (e.g., a judge), who will be
able to obtain Alice’s public key. Subsequently he can verify the validity of the signature. In
this way a digital signature can provide non-repudiation of origin. It is easy to see that it
provides in addition data authentication, i.e., data integrity and data origin authentication.
Hash functions versus digital signatures
Hash functions can only be used in a situation where the parties mutually trust each
other: they cannot be used to resolve a dispute (unless one uses, in addition tamper resistant
hardware).
As in the case of encryption, hash functions tend to be three orders of magnitude

faster than digital signatures. This explains why in general one will first compute the hashcode
of the message with a fast hash function and subsequently apply the digital signature to this
short hashcode. This provides digital signatures which are not only faster and shorter, but
also more secure.

1.10.5 Cryptographic protocols

NOTES
A cryptographic protocol is an interaction between one or more entities to achieve
a certain goal. In fact, encryption and digital signatures can be seen as a special case of
cryptographic protocols.
While a huge number of protocols have been developed, we will restrict this section
to two types of protocols: protocols for user authentication and protocols for key
management.
User authentication protocols
The design of cryptographic protocols for user authentication is very complex. A

large number of protocols have been presented in the available literature, many of which
exhibit some weaknesses. The simplest protocol providing unilateral authentication consist
of sending a password.
More complex challenge-response protocols can be designed in which the user

does not transmit his secret information. They are based on an encryption algorithm, a
MAC or a digital signature and the use, in addition, of so called nonces (never used more
than once): random numbers, sequence numbers or time stamps. More complex protocols
are required to achieve mutual authentication.
Key Management Protocols
One of the main links in the cryptographic keychain is the key management protocol:
every cryptographic service will make use of cryptographic keying material, whose
confidentiality and/or integrity has to be protected. For the distribution of this keying material,
one can use a new cryptographic primitive, and ultimately, a physical channel.
In this way one builds a key hierarchy: secret keys for bulk encryption with a
symmetric cipher system will be encrypted using an asymmetric cipher system and signed
with a digital signature scheme. The public keys of the asymmetric cipher can be distributed
via an authentic channel which can be provided for example by combining conventional
mail with voice authentication. An alternative is to sign these public keys with a single
master key: now one only has to distribute a single master key via an authentic channel.

DBA 1727
These signed public keys are called certificates. The central authority certifies that a certain
NOTES public key belongs to a particular user. The commonly used scheme nowadays in based on
the ITU-T X.509 recommendation.
Note that there also exist public-key protocols which result in the agreement of a
secret key between two parties, by exchanging public keys or parameters. A well known
example in this class is the Diffie-Hellman key agreement scheme. This protocol is different
from a key transport protocol, in which one party generates the secret key and enciphers
it with the public key of the other party. The key agreement protocols have the advantage
that they result in an increased security level.
In the context of public-key cryptography, revocation of public keys is very

important: once the user’s secret key is compromised, anybody can read his messages or
forge his signatures. Although public-key systems require no on-line central management
system, the system has to provide a means to protect the user in the case by warning the
other users that his public key is no longer valid.
SUMMARY
1. Define EC and describe its types: Electronic commerce is an emerging model of

new selling and merchandising tools in which buyers are able to participate in all
phases of a purchase decision, while stepping through those processes electronically
rather than in a physical store or by phone (with a physical catalogue). There are a
number of different types of E-Commerce
• B2B - Business to Business

• B2C - Business to Consumer
• C2B - Consumer to Business
• B2E - Business to Employee
• C2C - Consumer to Consumer
2. Architectural framework of e commerce: The electronic commerce application

architecture consists of six layers of functionality, or services:
1) Applications
2) brokerage services, data or transaction management;

3) interface, and support layers”

4) secure messaging, security and electronic document interchange;
NOTES
5) middle ware and structured document interchange; and
6) network infrastructure and basic communications services
2 Environmental factors and major responses: Market, economical, societal and

technological factors are creating a highly competitive business environment in which
consumers are the focal point. Organizations’ major responses are divided into five
categories: strategic systems for competitive advantage, continuous improvement
efforts, business process reengineering (BPR), business alliances and EC.
3 Benefits of EC: The global nature of the technology, low cost, opportunity to
reach hundreds of millions of people, interactive nature, variety of possibilities, and
resourcefulness and rapid growth of the supporting infrastructures (especially the
Web) result in many potential benefits to organizations, individuals, and society.
4 The Limitations of EC: The limitations of EC can be grouped into technical

and non-technical categories.
5 Data mining and techniques used in Data mining: Data mining, the extraction
of hidden predictive information from large databases, is a powerful new
technology with great potential to help companies focus on the most important
information in their data warehouses. The most commonly used techniques in data
mining are: Artificial neural networks, Decision trees, Genetic algorithms, nearest
neighbour method, and Rule induction:
6 Trends that Effect Data Mining: Five external trends which promise to have a
fundamental impact on data mining are Data Trends, Hardware Trends, Network
Trends, Scientific Computing Trends and Business Trends.
7 Data warehouses and types of data warehouses: A data warehouse is a collection

of computer-based information that is critical to successful execution of enterprise
initiatives. The term data warehouse is currently being used to describe a number of
different facilities each with diverse characteristics-Physical data warehouse, Logical
data warehouse, Data library, Decision support systems (DSSs)

DBA 1727
8 Network Infrastructure Components

NOTES
• Routers and switches
• Firewalls
• Load balancers
• Storage Area Network (SAN)
• DNS
9 What is TCP/IP? TCP/IP is a set of protocols developed to allow cooperating

computers to share resources across a network. It was developed by a community
of researchers centred around the ARPAnet. Certainly the ARPAnet is the best-
known TCP/IP network.
10 HTML: HTML stands for Hypertext Markup Language. HTML is a special kind
of text document that is used by Web browsers to present text and graphics.HTML
consists of standardized codes or ‘tags’ that are used to define the structure of
information on a web page.
11 OLAP: On-Line Analytical Processing (OLAP) is a category of software technology

that enables analysts, managers and executives to gain insight into data through fast,
consistent, interactive access to a wide variety of possible views of information that
has been transformed from raw data to reflect the real dimensionality of the enterprise
as understood by the user.
12 Cryptography: The word cryptology is made up of two components: “kryptos”,

which means hidden and “logos” which means word. Cryptology is as old as writing
itself, and has been used for thousands of years to safeguard military and diplomatic
communications.
Questions for review
1. What is eCommerce?
2. What so you understand by EDI?
3. Explain different types of EC?
4. Explain Electronic Commerce Application Services
5. List the advantages and disadvantages of EC:

6. List the organizational, consumer and societal benefits of EC

7. Carefully examine the non-technological limitations of EC. Which of them are
NOTES
company-dependent and which are generic.
8. List the major activities taken by organizations to deal with the business pressures.
9. List the major activities of BPR
10. What is data mining? List the techniques used in data mining
11. Describe five external trends which promise to have a fundamental impact on data
mining.
12. What is data warehouse? List the advantages of data warehouse.
13. Discuss the Network infrastructure components
14. What is TCP/IP? Discuss the traditional TCP/IP services?
15. What is HTML? What are HTML tags and where are they used?
16. What is OLAP and discuss the data model of OLAP?
17. What are the benefits of OLAP?
18. What is Cryptography? Discuss the major goals of modern cryptography?
19. Discuss about encryption primitives.
20. What are cryptography protocols?

DBA 1727
NOTES

NOTES
UNIT II
BUSINESS APPLICATIONS IN
E-COMMERCE
2.1 RETAILING IN E-COMMERCE
2.1.1 Electronic Commerce and Retailing
Retailing is expected to change with the rapid development of new online sales
and distribution channels that literally can be used from anywhere, anytime-from work,
school, a hotel, car, or airplane. These developments should impact retailing as much as
the advent of strip malls, catalogue retailing, and TV-based home shopping.
Almost every retailer is re-evaluating every aspect of its operation from customer
service to advertising, merchandising to store design, and logistics to order fulfilment.
Furthermore, reacting to the pressure of retailers, suppliers are assessing technology based
solutions to drive down costs (labour, delivery, and production) and become more efficient
producers of goods. Online channels such as online services and the Web are also impacting
traditional retail business models. In the traditional model, the customer went to the store
and located the product. In the online model, the retailer seeks out the customer. The
success of catalog retailers demonstrates that a significant portion of consumers have
embraced the reverse model: the retailer going to the consumer.
However, retailers need to consider the following issues in developing a business model:
• Product/Content Issues: What kind of products are suited for online re-
tailing?
• Software Interface Issues: What kind of features will constitute an effective
interface? What features make it easy to find and select items for on-line
purchase?

DBA 1727
• Process Issues: What are the specific steps in the shopping process from a
NOTES consumer’s perspective? What kind of processes should companies de-velop
to fulfill orders efficiently?
Before examining the implications of changing consumer behavior and online retailing
in the existing retail business, let us step back for a moment and ask the question: Why
should retailers consider the online environment as a way of doing business? The answer
lies in understanding the market changes that affect retailing and that will continue to affect
it in the future.
2.1.2 E-Retailing
E-retailing essentially consists of the sale of goods and services. Sometimes we
refer to this as the sale of tangible and intangible goods, as shown in Figure 2.1.2(a) We
can divide tangible goods into two categories: physical goods and digital goods.
• Examples of physical goods would be a book, a television set, a video recorder,
a washing machine, etc.
• Examples of digital goods are software and music, which may be downloaded
from the internet. The sale of intangible goods is sometimes called E-servicing.
• Examples of services that may be sold are information such as the most recent
stock prices, the most recent foreign exchange rate, or education.
Entertainment such as -games that would be played on the internet are
also examples of e-services. So are the sales of services such as
telecommunication services or banking services. The sale of tangible and
intangible goods are all referred to as Customer oriented e-commerce or e-
retailing, if they are sold directly to the consumer who is the end user. Here
we discuss the sale of tangible goods.
Selling of different type of goods

2.1.3 Difference between Traditional retailing and E-retailing

NOTES
Traditional retailing
Traditional retailing essentially involves selling to a final customer through a physical

outlet or through direct physical communication. This normally involves a fairly extensive
chain starting from a manufacturer to a wholesaler and then to the retailer who through a
physical outlet has direct contact with the final customer.
Examples of physical outlets that retailers currently use are:
• Malls
• generalized stores (e.g. department store)
• specialized stores
• franchise stores
It is useful to reflect that even in traditional retailing we have moved away from just
using a static physical outlet within which a customer can have direct contact with the
retailer. Thus, more recent forms of traditional retailing include
• direct mailing
• telemarketing
• door-to-door sales
• vending machines
Direct mailing to a customer normally involves sending a brochure or catalogue to

a customer. The customer browses through this catalogue and then carries out mail ordering.
In some respects, this notion of browsing through a catalogue is a forerunner of e-retailing.
Direct mailing, telemarketing, door-to-door sales, or the use of vending machines includes
other forms that have actually moved away from a physical fixed outlet and in a way are
intermediate forms of the movement away from traditional physical retailing outlet to the
virtual retailing we see on the internet.
E-retailing
The internet has allowed a new kind of specialization to emerge. Instead of

specializing just in a special product line, they allow specialization in particular classes of

DBA 1727
customers and sellers. Thus, we see lastminute.com, which allows last minute purchases of
NOTES travel tickets, gift, and entertainment to be matched against last minute sellers of the same
items. Here, we see specialization not in a product line but in a class of purchasers and a
class of sellers. This kind of specialization would not have been possible before we had the
internet.
In addition to these specialized stores, we also get generalized e-stores where a

store sells several product lines under a single management. Examples of these generalized
stores include JC penny and Walmart.
We also have the electronic counterpart of malls or e-malls. E-malls essentially

provide a web-hosting service for your individual store much in the way that mall provide
a hosting service in the sense of a physical location for your store.
Examples of these e-malls are Yahoo! Store, GEO Shops, and CNET stores:
2.1.4 Benefits of E-Retailing
To the customer
Customers enjoy a number of benefits from e-retailing.
The first of these is convenience. It is convenient for the customer as he does not
have to move from shop to shop physically in order to examine goods. He is able to sit in
front of a terminal and search the net and examine the information on goods. The second
aspect of convenience he gets is in terms of time. Normally, the traditional shop has an
opening time and a closing time and the customer can only visit the shop within these
periods. On the net, the customer can choose at any time to visit a site to examine the
goods that are available and actually carry out his purchasing at one’s own convenient
time. The third type of convenience that the customer gets is that he has access to a search
engine, which will actually locate the products that he describes’ and also the site where
they may be available, or perhaps even locate the sites where they may be available at the
best price
The second type of benefit to customers is better information. The Internet and
the World Wide web are essentially communication media that allow retailers to put on
quite extensive information related to their products, which is available to the customers.

The third type of benefit that the customer gets is competitive pricing. This is due
to two factors.
NOTES
• The first is lowered costs to the retailer because he does not have to maintain a
physical showroom, he does not have to hire several shop assistants, and these
savings can be passed on to customers in the form of reduced prices.
• Secondly, competitive pricing pressure that arises from the fact that the customer
is now able to look at prices at several sites. Therefore, the pressure is always
there on the retailer to maintain a competitive price for his products.
To the business
There are a number of benefits of e-retailing to the business itself.
• The first of these is global reach. The retailer now is no longer restricted to
customers who are able to reach the store physically. They can be from
anywhere around the globe. The retailer must, of course, deliver the goods of
a purchase to the customer.
• The second benefit is better customer service. The use of email and the use
of electronic interchange of messages between the customer and the retailer
allow better communication between the customer and the retailer. These
allow one to easily inquiries and deal with complaints. These also allow a
much more rapid response time than was possible in the days of faxes and
postal mail.
• The third benefit is the lowered capital cost to the retailer. The retailer
does not have to maintain showrooms; he can probably have lower inventories.
Thus, while Amazon.com lists over a few million titles, it keeps an inventory of
a few thousand best selling titles only. Therefore, the retailer has lower
warehousing costs. He does not have to have many shop assistants who are
physically answering questions and. Showing the customer goods.
• The fourth benefit to the retailer is mass customization. Based on requests

by the customers, the retailer is now able to carry out mass customization
with reduced time to market for the customized products.

DBA 1727
• The next advantage is targeted marketing. The retailer is now able to pick
NOTES on a specific targeted group of customers and direct marketing towards these
customers. The retailer is also able to provide more value-added services
in the way of better information, add-on services to basic services, or add-on
options to products that he is selling.
• The last advantage to the retailer consists of different new forms of
specialized stores that he is now able to utilize.
2.1.5 Models of E-Retailing
There are several models for e-retailing and these include
• Specialized e-store
• Generalized e-store
• E-mall
• Direct selling by the manufacturer
• Supplementary distribution channel
• E-broker
• E-services
Specialized e-stores
The first class of model what we mention in e-retailing was the specialized e-store
and here you can distinguish between two different kinds of specialization: the more traditional
specialization along product lines and specialization by function. When you have specialization
by product line, essentially you have a store that decides to pick one particular product
line, say books, flowers, CDs, clothes, and sells only this particular product line. It may
also choose to position itself in a particular part of the product line, e.g. clothes; it could
choose to position itself at the very expensive end of the market selling brand names _
Gucci and Armani. Alternatively it could do more mass marketing by selling non - brand
names at a much lower price, or it could go into discount selling. So, you can have a
specialization by product line, and then you could have specialization - positioning within
that product line to cater for a particular part of the marker.
In contrast to this, a new kind of specialization is emerging on the internet, as

mentioned. earlier, namely specialization by function. A good example of this is
lastminute.com In lastminute.com they sell gifts, travel tickets, and other items for last

minute shoppers who want to purchase these items at a very short notice. Generally, when
one purchases an item at a very short notice (e.g. travel), he often pays a premium, which
NOTES
is an extra amount for the convenience of booking the travel at the last minute. Now, this
means that the air ticket is likely to cost much more than if he had purchased it some time
before traveling and made use of different discounts or promotions. The producers of the
web site lastminute.com realized that there are groups of customers who make these
purchases at the last minute and feel some degree of angst at having to pay the premium for
doing this shopping at the last minute. On the other hand, you will find that you may have
sellers, e.g. airline companies, that have empty seats at the last minute which they are
unable to fill. So, what lastminute.com does is bring together travelers who want to book
at the last minute and an airline which has got spare capacity at the last minute, and allow
the former to buy from the latter at the last minute. In this situation, the purchaser may get
his airline ticket at a reduced price.
So, there is a win-win situation for both the purchaser and the seller. This is a
unique kind of specialization. It is very difficult to do this unless one utilizes the internet to
carry out this kind of specialization.
Generalized e-stores
The next category of e-retailing models that we intend to look at is generalized

e-stores. Generalized e-stores sell a large number of product lines rather than con-fining
themselves to just one or a very few product lines.
E-malls
The next e-retailing model we consider is the e-mall. In an e-mall, cyberspace is

rented out to cyber e-stores that wish to sell their goods. This store could be a specialized
or generalized e-store. So, several product lines can be present. in a single e-mall.
However, unlike the generalized e-store which is under a single unified management,
in an e-mall, each store is under its own management. E-mall management is responsible
only for creating the cyber sites that can be rented and can support services and marketing
of the mall. It, thus, provides a web hosting service. Several e-malls also provide software
tools, which can be utilized by a prospective e-store to create and maintain it_ e-store.
The advantage for an e-store is that it is grouped together with other stores in a well-
known e-mall site and, therefore, is likely to pick up visitors to the mall.
DBA 1727
Direct selling by the manufacturer

NOTES
A number of manufacturers with well-known brand name products have chosen
to use the internet to carry out direct selling via the internet. One. of the best known here is
Ford, which utilizes the internet to achieve direct selling but uses its dealer network to
facilitate distribution and delivery. The other well -known examples are Cisco systems and
Dell computers. Note that this approach permits mass customization to meet customer
preferences. This direct selling by the manufacturer has an important disintermediation
effect leading to reduced costs to the end customer and increased profitability to the
manufacturer.
A note of caution is important here. By and large, this approach can be used by
manufacturers of well-known brands of products because the customer already knows
the pro-duct. Secondly, the manufacturer must have a thorough understanding of customer
preferences, otherwise he has to rely on the customer knowledge of a retailer.
Brokers or intermediaries
This class of e-retailers is essentially an extension of the notion of a broker from

the physical to the cyber world. A broker is an intermediary who
• may take an order from a customer and pass it on to a supplier

• may put a customer with specific requirements in touch with a supplier who
can meet those requirements
• may provide a service to a customer, such as a comparison between goods,
with respect to particular criteria such as price, quality, etc.
Thus, brokers provide comparison shopping, order taking and fulfilment, and
services to a customer. That is the reason why they are sometimes referred to as electronic
intermediaries.
There are several different models for electronic brokers and these include:
• Brokers that provide a registration service with directory, search facilities,

e-payment facilities, and security-related facilities. Any business can register
with such an e-broker (e.g. anewshop.com).

• Brokers that meet a certain requirement such as a fixed price

(e.g.Priceline.com).
NOTES
• Brokers that provide comparison shopping between products (e.g.
mySimon.com or bestbooksbuy.com).The last model i.e. E-services is
discussed in the next lecture.
2.1.6 Features of E-Retailing
1. The provision of an on-line catalogue, which allows one to browse through different
categories of goods. Thus, it is dynamic and linked with order process.
2. The provision of a search engine, which is a very important feature that does not
exist in traditional retailing.
3. The provision of a shopping cart, which allows convenient goods selection. An ability
to provide an automatic price update.
4. Personalization of store layouts, promotions, deals, and marketing.
5. The ability to distribute digital goods directly. Thus, these goods can be downloaded
instantly.
6. An on-line customer salesperson, “who” can help customers to navigate through the
site.
7. An order status checking facility, which is a useful feature before submission.
8. The use of Forums (collaborative purchasing circles) to create a customer community
and thus increase “stickiness.”
2.1.7 Changing Retail Industry Dynamics
Important factors that affects the retailing industry dynamics are:
• Overbuilding and excess supply.

• Change in consumer demographics, which more premium placed on efficient
use of time
• Changes in consumer behavior, with less focus on brand name and more on
lowest prices.
• Technology improvements that provide greater convenience and more
information than traditional retailing.

DBA 1727
Overbuilding and Excess Capacity

NOTES
With online retailing, constraints of time and space disappear. There is no bricks
and mortar storefront to worry about, no critical locations. This new way of retailing can
severely affect companies that have invested in expansion and adding capacity. It is important
to understand the trouble traditional retailers will face if online retailing takes off.
The 1980s was a period of overexpansion and turmoil for retailers. By the end of
the decade, complaints about excessive retail space were being voiced. Profits were declining
and control of operating expenses became a paramount management objective. Retailers
reduced staff and minimized merchandising in order to enhance profits. Sales growth and
market share development were given second priority behind profit enhancement. In the
1990s, companies are under pressure to grow and produce profit. An important
measurement of profit gains is gross margin per square foot. For many retailers, these
numbers is either growing slowly or declining, partially reflecting a less favorable product
mix and more competition. Inadequate productivity, both per worker and per unit of space,
is also reducing profit margins. Overbuilding also resulted in a growing shortage of low-
cost, entry-level workers for the retail industry. The shortage of entry -level workers
means that retailers are using under trained workers who are less able to empathize with
shopper needs-leading to a perception that retailers in general and shopping centres in
particular are unable or unwilling to provide quality service.
Clearly, with crowded domestic markets and competition constantly grinding away at
operating profit, new ways of retailing are being explored by forward-thinking companies
such as Wal-Mart.
Demographic Changes
Shopping patterns are beginning to change with the increase of time -strapped,
two-career couples and the aging of America. Value and time management are the consumer
concerns driving interest in online retailing. Recent retail data shows a decline in the amount
of time Americans are spending in shopping malls [EDR95]. The suggested reasons vary:
time constraints, safety concerns, and growing frustration with the lack of courteous service
and insufficient product information. Understanding the implications of time constraints on
consumer shopping behavior is important as they portend the trends to come. For instance,
Americans have openly embraced shopping channels like QVC and Home Shopping
Network and retailers like CUC International.

Today’s time-strapped shoppers have less time and want better values, fewer hassles, and
more options. Today, a shopping trip requires a consumer to decide what he or she or the
NOTES
family needs, brave the traffic on the way to a store, hunt for parking, find and select items
for purchase, take them to a checkout, wait in line, pay for the items, sometimes bag them,
and carry them back home. It can be a hassle and a lot of work, so most working
professionals have learned to dread shopping trips. As technology improves, it may not be
long before driving to the store gives way to online shopping with home delivery as provided
by Peapod.
In contrast, there is a growing segment of the population for whom time constraints
are less of a problem. The demographic outlook in the United States is for an increasing
share of older shoppers (age 50 and above) who prefer shopping at stores rather than
online. However, the product mix offered by many department stores and malls is increasingly
out of touch with the aging population and does not reflect the shift in purchasing power.
Also, with the aging of the population, there is evidence to indicate a shift in consumer
interest away from material goods and toward experiences, such as travel and recreation.
In addition, as people get older, they tend to become more frugal.
Retailers will need to concentrate on value by offering new product mixes. By this
we mean a product mix that includes not only merchandise but also bundles in entertainment
and “recreational” shopping with movie theatres, restaurants, bookstores, libraries, and
community meeting facilities. This sort of change is already occurring in bookstore design
(such as Borders Bookstores and Barnes and Noble), which include a variety of facilities
such as coffee shops. However, building shopping malls based on these new business
models is a risky venture and requires huge investments.
Consumer Behavior
Consumer behavior is more volatile than ever before, and companies need new
ways of responding to consumer needs and satisfying demand. According to one survey,
the typical consumer spent only four hours a month in a shopping mall in 1990 versus ten
hours in 1985, and sales per square foot dropped. Specialty retailing-power centres, discount
malls, discount stores, and catalogue shopping-has become one solution for closely
monitoring consumer trends and reacting to them quickly. All of these alter-natives have
one thing in common: they provide consumers with a very large selection of producers
priced with deep discounts.

DBA 1727
Consumers are no longer as influenced by brand names as they used to be. The
NOTES emergence of the value shopper is changing retailing. Today, the shopper is less willing to
pay the premium for the brand name and much more attentive to quality and value. The
decline in gross margins is the first evidence of the impact of that change, reflecting lower
initial mark-ups and more discriminating shoppers in that segment clearly, retailers that are
focused on providing value-the best price, service, and selection-regardless of the brand
name will be successful. The real differentiating characteristic for retailers will be in their
ability to define what the broad or niche consumer segment is looking for, identifying
characteristics of customers in each target segment, and learning how to bundle products
and package brands so that they become the preferred choice for
online customers
Technology Improvements in Electronic Retailing
Today, electronic retailing is still far from being a competitive threat to more
traditional store retailing (see Table), but it is becoming increasingly attractive as technology
and applications improve, and retailers gain experience.

Three dominant forms of electronic retailing channels are: television re-tailing, CD-
ROM retailing, and online service based retailing, in which we include Web-based retailing.
NOTES
Now we can discuss about the most prominent one: the television retailing.
Television Retailing:
Television retailing grossed an estimated Rs. 3.2 billion in 1994. One of the pioneers
in this area is Home Shopping Network, Inc. (HSN), which began broadcasting electronic
retailing to a small, local audience in 1982. Three years later they took this still unproven
idea national- and made it work. Today, HSN is a television-based retail, entertainment
company, and online retailer (owns Internet Shopping Network), with coast-to-coast
customers and annual sales of $1 + billion.
The breadth and reach of TV retailing are amazing. In. 1994, HSN reached 65.8
million television households throughout the United States. These households received the
signals via cable, broadcast, and satellite dish, twenty-four hours a day, seven days a
week. Unlike online audiences, which tend to be predominantly affluent and well educated
(net annual in-come is estimated at Rs. 60,000 - Rs. 80,000), the target audience for
television re-tailing is moderate income households and mostly women.
How does it work? The TV retail marketing and programming are divided into
segments that are televised live, with a show host who presents the merchandise and
conveys information relating to the product, including price, quality, features, and benefits.
Show hosts engage callers in on-air discussions regarding the currently featured product
or the caller’s previous experience with the company’s products. Viewers place orders for
products by calling a toll-free telephone number. Generally, merchandise is delivered to
customers within seven to ten business days of placing an order. The purchased item may
be returned within thirty days for a full refund of the purchase price, including the original
shipping and handling charges.
The success of television shopping is the result of the effective utilization of electronic
media for capturing the power and influence of celebrity and the magic of showmanship,
and bringing them to bear on a sale. In its annual report, the Home Shopping Network
states that a celebrity can de-but a line of jewelry on HSN and sell more than Rs. 2 million
in a single weekend. Of course, there’s another advantage to television retailing. When
customer interest, which is monitored by the number of calls being received, begins to

DBA 1727
wane, the retailer knows it instantly and can simply move on to the next product. More
NOTES recently, infomercials have become a crucial retailing topic. The infomercial has become a
new and interesting way to retail specialty products. Modem filming techniques and ingenuity
make it possible to create high-quality, cost-efficient, and entertaining documentaries that
sell.
This Coincides with the television viewing public’s appetite for information.
Infomercials are an especially logical medium since retailers have the opportunity to
economically test and evaluate a product through mass channels such as television retailing
before committing major capital resources to infomercial production.
Management Challenges in Online Retailing
While changes in retailing may be driven by technology, managerial vision is required

for successful implementation. Traditionally, retailing has been a low-tech environment in
which retailing executives often relegated technology issues to back-room operators. These
managers are most at risk, as they do not have a clue that a major revolution has begun.
Most of them have never used a computer (or had to), never been on an online service,
and do not know what the Internet is or what it can do. The winners will be the players
who understand how to leverage the unique capabilities of the on-line medium to effectively
meet the changing needs of the consumer. While the technology required to implement
online retailing is maturing, many management issues remain unanswered. No one really
knows yet how to build and run a successful, mass market online mall. The sales Medium
is new, the technology is new, and retailers have a lot to learn about tricky technology,
customer behavior, and management issue. But one thing is clear: For online retailing to
succeed, online technology must complement management and operational strategy.
Online Retailing Success Stories
Peapod, CUC International, and Virtual Vineyards help to explain the intricacies
of online retailing.
Online Retailing: Peapod’s Experience
Peapod, based in Evanston, Illinois, is using the online medium for food retailing
services. Founded in 1989 by two brothers, Peapod (http://www.peapod.com/) is a

member of an online grocery / drug-store shopping and delivery service that already has
thousands of customers in the Chicago, San Francisco, and Boston areas.
NOTES
Peapod was founded on the idea that people do not want to go to the grocery
store. Peapod has an online database of over 25,000 grocery and drugstore items, and
allows comparison shopping based on price, nutritional content, fat, or calories. Other
features include electronic coupons, retailer preferred customer discounts, and other benefits
like recipes, tips, and information. Peapod membership also allows users to use the shopping
and home delivery service. Peapod has a staff of professional shoppers, produce specialists,
and delivery people who fulfil the order.
How Does It Work?
Peapod provides customers with home shopping ser-vices via Pc. Customers
need to buy a software application that enables them to access Peapod’s database through
an online computer service. Peapod initially had a DOS-based system with graphics. They
introduced a new version of the software in 1995-a Windows platform in which product
pictures are available. Using the PC, a consumer can access all of the items in a grocery
store and drug store. Peapod customers create their own grocery aisles in their own virtual
store. Customers can request a list of items by category (cereals), by item (Frosted Flakes),
by brand (Kellogg’s), or even by what is on sale in the store on a given day. Within categories,
they can choose to have the items arranged alphabetically by brand or sorted by lowest
cost per ounce, package size, unit price, or nutritional value. Customers also can cre-ate
repeated use shopping lists (baby items, barbecue needs, and the like). Peapod’s back
office is linked with the mainframe databases of the super-markets at which it shops for its
customers (Jewel in Chicago and Safeway in San Francisco), allowing it to provide the
supermarkets’ stock keeping units and shelf prices electronically to its customers. Once
consumers have made a selection, they can then give specific shopping instructions, such
as “substitute with same calories,” or red grapes only.” They can click on the “Comment”
button and type in any extra information they would like the Peapod shopper to know. At
any time during the order, a consumer can subtotal the amount purchased, or access the
“Help” screen for immediate assistance. Online ordering is simple: users double-click on
the Peapod icon and then enter their user IDs and passwords. On verification, users get
access to a whole grocery store and drug store of items. Before the actual purchase of an
item, users can view images of it and the nutritional content as well. The system allows
users to sort items by various criteria like price, price/ unit, total calories, fat, protein,

DBA 1727
carbohydrates, and cholesterol. With these features, Pea pod aims to target the health and
NOTES fitness conscious consumer who chooses foods tailored to specific dietary needs. There
are also search features to help locate a particular item. A “Find Item” option at the top of
the screen lets users search either by brand name or product type. When users have
finished shopping, they click on “Done” and the order is electronically routed to Peapod.
During the transaction closing process, users need to choose a delivery time within a 90-
minute slot. Pinpoint delivery within a 3Dminute window) can be selected for a small
additional charge. Payment can be made by check, charge, or Peapod Electronic Payment.
Eighty-five to ninety percent of Peapod’s orders come in via computer; the rest
are faxed or phoned. Peapod orders are taken centrally, and then faxed to the stores. The
store gets a printout with the order, the delivery ad-dress, and instructions for getting there.
Each order is filled by a Peapod employee, who shops the aisles of the store. The employee
pays for the groceries, often at special Peapod counters in the back of the store. The
order is then taken to a holding area in the supermarket, where the appropriate items are
kept cold or frozen until the deliverer picks up a set of orders and takes them to the
customers within their 90-minute pre-selected windows. At each stage-ordering, shopping,
holding, and delivery-the processes are tailored to provide personalized service at a relatively
low cost.
If a customer has a problem, he or she can call Membership Services, and a

service representative will try to resolve the matter. Peapod treats each call as an opportunity
to learn (and remember) each customer’s preferences and to figure out what the company
can do to improve service as a whole. For example, service representatives found that
some customers were receiving five bags of grapefruits when they really wanted only five
grapefruits. In response, Peapod began asking customers to confirm orders in which order-
entry errors may occur.
Peapod members are charged actual shelf prices, plus a monthly service fee, a
per-order charge of Rs. 5.00 plus 5 percent of the order amount. Customers are willing to
pay these extra charges for convenience and because Peapod provides a lower cost shopping
experience for the consumer. Consumers save money-despite the extra overhead-because
they use more coupons, do better comparison shopping, and buy fewer impulse items than
they would if they shopped at a real supermarket. Reducing impulse purchases is important
when you consider that 80 percent of the items purchased in a grocery store are impulse
items-non-planned purchases. In addition, consumers save time and have more control
because they can shop from home or work whenever they want.

What is the Business Model?

NOTES
Rather than automating the trip to a retail store, as other online providers are
doing, Peapod is using interactive technology to change the shopping experience altogether.
Indeed, the formula for Peapod’s success is the busy American lifestyle. The homes it
delivers to cut across many demographics. The one thing these demographics have in
common is they have better things to do than grocery shop. Still, if it were not for well-
managed logistics, these customers would be back in the stores in a second. The behind-
the-scenes logistics are central to what Peapod is all about; Peapod has to make sure the
orders get to the stores and that they are shopped correctly.
How does Peapod Compete with Traditional Retailers?
Traditional retailers make money from the suppliers. They provide access to
customers and make their money by buying on deals, volume discounts, and getting coop
advertising. Peapod makes all of its money on the customers it serves, it is a mass customizer.
It creates the supply chain after identifying a specific demand from a specific customer, and
it feeds off the existing infrastructure to do it.
However, existing retailers do have some advantages. An important, though subtle,

advantage enjoyed by food retailers is the shopper’s resistance to switching food stores
because of familiarity with the shelf locations of products purchased. It is also inconvenient
for consumers to relearn dozens of product locations at a new store. The online environment
must offer significant advantages to overcome shopper inertia and induce trial, let alone
continued, patronage.
Is Peapod a competitor to the retail grocer? Not really. Peapod’s strategy has
been to partner with the retailer rather than compete directly. A lot of credibility comes
with the name of the retailer in its individual market. Peapod can help grocers expand into
places that might not otherwise be practical from a capital investment standpoint. However,
it is quite possible that in the future Peapod may be tempted to compete with grocers by
emulating certain aspects of their warehousing. Why? As these new retail formats emerge
, and once Peapod gains enough customers, Peapod will be tempted to say it is costing a
lot to go to the store and pick up product off the shelf. To avoid the overhead , Peapod
could have its own warehouse. As soon as the Peapod does that it is likely to fall into the
same traps as the retailers, such as having an overflow warehouse when something is
available on a deal or buying products before there is actual need.

DBA 1727
2.2 INTERNET CONSUMERS AND MARKET RESEARCH

NOTES
2.2.1 What is Internet Marketing?
If traditional marketing is about creating exchanges that simultaneously satisfy the

firm and customers, what is Internet marketing?
Internet marketing is the process of building and maintaining customer relation-

ships through online activities to facilitate the exchange of ideas, products, and serv-ices
that satisfy the goals of both parties.
This definition can be divided into five components:
A Process
Like a traditional-marketing program, an Internet-marketing program involves a

process. The seven stages of the Internet marketing program process are setting corporate
and business-unit strategy, framing the market opportunity, formulating the marketing
strategy, designing the customer experience, designing the marketing program, crafting the
customer interface, and evaluating the results of the marketing program. These seven stages
must be coordinated and internally consistent. While the process can be described in a
simple linear fashion, the marketing strategist often has to loop back and forth during the
seven stages.
Building and Maintaining Customer Relationship
The goal of marketing is to build and create lasting customer relationships. Hence,
the focal point shifts from finding customers to nurturing a sufficient number of committed,
loyal customers. Successful marketing programs move target customers through three stages
of relationship building: awareness, exploration, and commitment. It is important to stress
that the goal of Internet marketing is not simply building relationships with online customers.
Rather, the goal is to build offline (as relevant) as well as online relationships. The Internet
marketing program may well be part of a broader campaign to satisfy customers who use
both online and offline services.

Online
NOTES
By definition, Internet marketing deals with levers that are available in the world of
the Internet. However, as noted above, the success of an Internet marketing program
‘may rest with traditional, offline marketing vehicles. Consider, for example, the recruiting
and job-seeking service Monster.com. Monster’s success can be tied directly to the
effectiveness of its television advertising and, in particular, its widely successful of the past
two years.
Exchange
At the core of both online and offline marketing programs is the concept of exchange.
In both the online and offline worlds, exchange is still the heart of marketing. In the new
economy, firms must be very sensitive to cross-channel exchanges. That is, an online
marketing program must be evaluated according to its overall exchange impact-not just
the online exchange impact. Hence, online marketing may produce exchanges in retail
stores. Firms must be increasingly sensitive to these cross channel effects if they are to
measure the independent effects of online and offline marketing programs.
Satisfaction of Goals of both Parties
One of the authors of this book is a loyal user of the website weather.com. Each
day he arises and checks the weather in his city as well as the weather in cities he will be
traveling to during the week. He is clearly satisfied with and loyal to the site. To the extent
that weather.com can monetize this loyalty-most likely, in the form of advertising revenue-
both parties will be satisfied. However, if the firm is unable to meet its financial obligations
to employees, suppliers, or shareholders, then the exchange is unbalanced. Customers are
still happy, but the firm is unable to sustain its revenue model. Both parties must be satisfied
for exchange to continue.
2.2.2 Scope of Internet Marketing
Marketing is the process of planning and executing the conception, pricing,

promotion, and distribution of ideas, goods, and services to create exchanges that satisfy
individual and organizational goals

DBA 1727
The definition summarized above has four critical features.

NOTES These are:
Marketing is a Process
A process is a particular method of doing an activity, generally involving a series of

steps or operations. The classical marketing approach involves four broad steps: market
analysis, market planning, implementation, and control. 5 Market analysis involves searching
for opportunities in the marketplace, upon which a particular firm-with unique skills-can
capitalize. Market planning requires segmentation, target market choice, positioning, and
the design of the marketing mix (also termed the 4Ps, or marketing program). Market
implementation includes the systems and processes to go to market with the marketing
pro-gram. Finally, marketing control refers to the informal and formal mechanisms that
marketing mangers can use to keep the marketing program on course. Analysis, planning,
implementation, and control collectively provide a process for marketing managers to follow
in the design and execution of marketing programs.
It Involves a Mix of Product, Pricing, Promotion, and Distribution
Strong marketing programs do not involve one action, such as the design of a
great product. Rather, the most successful marketing programs involve mixing the
ingredients of marketing to deliver value to customers. This mixing entails blending the right
amounts of the 4P ingredients, at the right time, and in the right sequence. Too often,
marketing programs fail because they allocate too many (or too few) resources in an
uncoordinated way. How often have you witnessed the hot Christmas toy advertised-but
not found it on the shelf? In the Internet environment, this translates into significant problems
with order fulfilment at the most pressing times of the year.
It is about Exchange
Marketing is not successful unless two parties exchange something of value. The
buyer may exchange time, money, or services, while the seller must exchange something of
value to the buyer. The traditional retail context provides the simplest illustration of this
principle. A given consumer exchanges money for a particular good or service. However,
exchange also occurs in a wide variety of contexts, many of which are non monetary.
These include bartering, volunteering services, and political donations.

It is Intended to Satisfy Individual and Organizational Needs

NOTES
The aim of marketing is to provide a satisfactory outcome for both the firm and the
customer. Firms can have highly satisfied customers if they provide services for free.
However, those organizations are not likely to have a long life. The key to modern marketing
is simultaneously satisfying the customer, the firm, and its shareholders. In the long run, the
firm must have a positive cash flow or show a clear path to profitability for investors to
maintain confidence.
2.2.3 E-Business Issues & Internet Marketing
At its core, the mission of marketing is to attract and retain customers. To

accomplish this goal, a traditional bricks-and mortar marketer uses a variety of market-ing
variables-including pricing, advertising, and channel choice-to satisfy cur-rent and new
customers. In this context, the standard marketing-mix toolkit includes such mass-marketing
levers as television advertising, direct mail, and public relations, as well as customer-specific
marketing techniques such as the use of sales reps.
With the emergence of the Internet and its associated technology-enabled, screen-
to-face interfaces (e.g., mobile phones, interactive television), a new era of marketing has
emerged. Well-respected academics and practitioners have called for new rules and urged
debate about fundamental tenets of marketing, including segmentation, mass marketing,
and regionalized programs.) At the ‘other extreme, pundits and academics alike have argued
that both the basic building blocks of marketing strategy and the pathways to competitive
advantage have remained the same The approach taken in the current volume falls between
these polar views. That is, new levers have been added to the marketing mix, segments
have been narrowed to finer gradations, consumer expectations about convenience have
forever been altered, and competitive responses happen in real time. In short, these are
new, exciting changes that have a profound impact on the practice of marketing. At the
same time, some of the fundamentals of business strategy-seeking competitive advantage
based on superior value, building unique resources, and positioning in the minds of customers-
have remained the same.
The intent of this text is to provide a clear indication of what has changed and what
has not changed. At the same time, the text would not be complete (and indeed might be
actionable from the standpoint of business practice!) if it did not propose a broader

DBA 1727
framework to understanding the practice of Internet marketing. Frameworks such as the

NOTES 4Ps of marketing or the five forces of competitive analysis are important because they
provide easy-to-remember, simplifying structures for complex problems. They also serve
as guides to managerial action. Thus, under-standing the five forces enables firms to
comprehensively map their competitive environment while simultaneously identifying specific
actions for their managers (e.g., reduce buyer power by increasing the number of buyers).
2.2.4 The Seven Stages of Internet Marketing

The given figure provides an overview of the seven stages of Internet marketing.
The seven stages are these: setting corporate and business-unit strategy, framing the market
NOTES
opportunity, formulating the marketing strategy, designing the customer experience, designing
the marketing program, crafting the customer interface, and evaluating the results of the
marketing program.
The Seven Stage Cycle Of internet Marketing
Stage One: Setting Corporate and Business-Unit Strategy
Corporate strategy addresses the interrelationship between the various business

units in a firm, including decisions about which units should be kept, sold, or augmented.
Business-unit strategy focuses on how a particular unit in the company attacks a market to
gain competitive advantage. Consider, for example, Amazon.com. Corporate-strategy
issues relate to the choice, mix, and number of business units such as kitchen, music,
electronics, books, and tools/hardware. Once these business units are established and
incubated in Amazon’s corporate head~ quarters, the senior leadership team of each unit
sets the strategic direction and steers the business unit toward its goals.
Stage Two: Framing the Market Opportunity
Stage two entails the analysis of market opportunities and an initial first pass of the
business concept-that is, collecting sufficient online and offline data to establish the burden
of proof of opportunity assessment. Let’s say, for example, that you are running a major
dot-com business such as Amazon. The senior management team is continually confronted
with go/no-go decisions about whether to add a new business unit or develop a new
product line within an existing business unit. What mechanism do they put in place to
evaluate these opportunities? In this second part of the Internet-marketing process, a simple
six-step methodology helps evaluate the attractiveness of the opportunity The six steps
include: seeding the opportunity, specifying unmet or underserved customer needs, identifying
the target segment, declaring the company’s resource-based opportunity for advantage,
assessing opportunity attractiveness, and making the final go/no-go decision. The final go/
no-go choice is often a corporate or business-unit decision. However, it is very important
to stress that marketing plays a critical role in this market-opportunity assessment phase.
In order for the firm to make an informed choice about the opportunity, the
management team needs to obtain a sufficient picture of the marketplace and a clear

DBA 1727
articulation of the customer experience that is at the core of the opportunity. Thus, during
NOTES the market-opportunity assessment phase, the firm also needs to collect sufficient market
research data.
Stage Three: Formulating the Marketing Strategy
Internet marketing strategy is based upon corporate, business unit, and overall
marketing strategies of the firm. This set of linkages is shown in figure . The marketing
strategy goals, resources, and sequencing of actions must be tightly aligned with the business-
unit strategy. Finally, the overall marketing strategy comprises both offline and online
marketing activities.
Corporate, Business-unit, and Marketing Strategy Corporate
Stage Four: Designing the Customer Experience
Firms must understand the type of customer experience that needs to be delivered
to meet the market opportunity. The experience should correlate with the firm’s positioning
and marketing strategy. Thus, the design of the customer experience constitutes a bridge
between the high-level marketing strategy (step three) and the marketing program tactics
(step five).

Stage Five: Designing the Marketing Program

NOTES
The completion of stages one through four results in clear strategic direction for
the firm. The firm has made a go/no-go decision on a particular option. Moreover, it has
decided upon the target segment and the specific position that it wishes to own in the minds
of the target customer. Stage five entails designing a particular combination of marketing
actions (termed levers) to move target customers from aware-ness to commitment. The
framework used to accomplish this task is the Market space Matrix. Simply put, the Internet
marketer has six classes of levers (e.g., pricing, community) that can be used to create
target customer awareness, exploration, and, it is hoped, commitment to the firm’s offering.
However, prior to discussion of the Market space Matrix, the stages of the customer
relationship and the associated classes of levers that can be employed must be defined.
Building and Nurturing Customer Relationships
A relationship can be defined as a bond or connection between the firm and its
customers. This bond can originate from cognitive or emotional sources. The connection
may manifest itself in a deep, intense commitment to the brand (e.g., the Harley-Davidson
HOG club-member) or a simple, functional based commitment (e.g., regular use of
weather.com). Whether defined as a function or an organization-wide culture, marketing is
responsible for acquiring and retaining target customers. In this process, successful marketers
manage to move desirable customers from awareness through exploration and, finally,
commitment. Once customers reach commitment, the firm is in
a position to observe their behavior patterns and determine which customers to

nurture and which customers to terminate (or serve at a lower level of cost). Managing this
building and pruning process is one of marketing’s key tasks. The four stages of customer
relationships are briefly outlined below
Awareness
When customers have some basic information, knowledge, or attitudes about a

firm or its offerings but have not initiated any communications with the firm, they are in the
awareness stage. Consumers become aware of firms through a variety of sources, including
word-of-mouth, traditional marketing such as television advertising, and online marketing
programs such as banner ads. Awareness is the first step in a potentially deeper relationship

DBA 1727
with the firm. However, as one can imagine, awareness without action is not in the best
NOTES interests of the firm.
Exploration
In the exploration stage, the customer (and firm) begin to initiate communications
and actions that enable an evaluation of whether or not to pursue the four key stages of
customer relationship.
This stage is also likely to include some trial on the part of the customer. Exploration
is analogous to sampling songs, going on a first date, or test- driving a car. In the online
world, exploration may take the form of frequent site visits, some e-commerce retail
exchanges, and possibly even the return of merchandise. It may include phone call follow-
ups on delivery times or e-mails about product inventory. The exploration stage may take
only a few visits or perhaps years to unfold.
Commitment
Commitment involves feeling a sense of obligation or responsibility for a product

or firm. When customers commit to a website, their repeated, enduring attitudes and
behaviors reflect loyalty.
Dissolution
Not all customers are equally valuable to the firm. In an industrial- marketing context,
managers often refer to the 80/20 rule of profitability. That is, 20 percent of customers
provide 80 percent of the profit. By implication, therefore, a large number of customers
are unprofitable or have high cost to serve. Firms should segment their most valuable and
less valuable customers. The most valuable customers may be identified based on profit,
revenue, and/or strategic significance (e.g., a large well-regarded customer may not be
profitable but opens the door to new accounts). The firm does not want this set of customers
to terminate the relationship. Unprofitable, non strategic customers are a different matter.

Often it is in the best interests of the firm to terminate the relationship or encourage this set
of customers to disengage with the firm. The four stages vary by the ‘intensity of the
NOTES
connection between the firm and the customer Intensity of connection may be defined as
the degree or amount of connection that unfolds between the firm and its target customers.
Three dimensions capture intensity:
1. The frequency of the connection. (How often does the customer visit the site?)
2. The scope of the connection. (How many different points of contact does the customer
have with the firm?)
3. The depth of contact. (How thoroughly is the customer using the site?)
A customer might visit a website such as Amazon on a regular basis, but only to
purchase books. This visitor would have a high level of frequent contact but a low level of
scope. Another customer might visit Amazon frequently but not stay on the site for a long
duration or engage in deeper connections such as writing reviews, commenting on products,
or communicating with other Amazon users. This customer would have high frequency but
low depth. In all cases, relationship intensity is correlated with the stage of the relationship.
Stage Six: Crafting the Customer Interface
The Internet has shifted the locus of the exchange from the marketplace (i.e.,
face—to-face interaction) to the market space (i.e., screen-tb-face interaction). The key
difference is that the nature of the exchange relationship is now mediated by a technology
interface. This interface can be a desktop PC, sub-notebook, personal digital assistant,
mobile phone, wireless applications protocol (WAP) device, or other Internet enabled
appliance. As this shift from people-mediated to technology -mediated interfaces unfolds,
it is important to consider the types of interface design considerations that confront the
senior management team. What is the look-and— feel, or context, of the site? Should the
site include commerce activities? How important are communities in the business model?
Stage Seven: Evaluating the Marketing Program
This last stage involves the evaluation of the overall Internet marketing program.
This includes a balanced focus on both customer and financial metrics.

DBA 1727
2.2.5 Customer Relationship Management(CRM)

NOTES
Cross-selling and Up-selling
This application has the capability to qualify prospects, track contact or the “moments
of truth and refer them to sales persons when appropriate. By implementing a cross-sell
strategy, complete with the applications necessary to track customer contacts, triggers can
be established to identify prospects for additional sales. For example, in a bank an event
would be a large deposit, which would then trigger a sales person to call the customer and
ask if she or he would be interested in investment options. Cross-sell and up-sell application
may be used to schedule sales calls, keep detailed records of sales activities, and check on
the status of the customer orders.
Cross-selling and up-selling depend on identifying life-path needs. For instance, in

the finance industry, banks are attempting to build lasting relationships with customers by
matching their life-path needs to complementary products and services. As customers
approach retirement, banks could recommend assets such as money markets, bonds and
annuities. If customers with young children can be identified, then banks could cross-sell
education savings plans or even loan consolidation plans.
Direct Marketing and Fulfilment
This includes pre-sale interaction such as advertising that either influences or

provides potential customers with the necessary information to make a purchase decision.
Marketing automation is critical, as organizations grow larger. This is because, it becomes
more difficult to manage multiple simultaneous programs and track costs across multiple
channels. Campaign management, a direct marketing process, allows companies to manage,
integrate and leverage marketing programs by automating such tasks as managing responses,
qualifying leads, and arranging logistical aspects of events. Another critical core competency
is fulfilment. Marketing departments today are being deluged with requests for information
via the Web and other channels. The goal of effective fulfilment is to provide a myriad of
information to customers and prospects quickly, easily and efficiently. Whether it is product
or service inquiries, direct mail responses, pricing or billing issues, or requests for literature,
responding to requests in a timely manner is critical. This creates a need for fulfilment
capabilities that can get product information, literature, collateral packages, or other
correspondence into the hands of the customers and prospects when they are most receptive.

Effective fulfilment is not trivial; it requires a sophisticated interface with campaign

management, sales force automation, and posting systems.
NOTES
Customer Service and Support
Customer support provides customer care and other services. The applications
include support for service request management, account management, contact and activity
management, customer surveys, return material authorizations, and detailed service
agreements. These discrete applications work together to ensure that customer service
representatives can quickly assign, create and manage service requests, as well as look up
detailed information about customer service contracts, contacts and activities.
Customer support capabilities are used to manage customers who are having
problems with a product or service and to resolve those problems. Help-desk software
automates the management and resolution of support calls and improves efficiency and
effectiveness. These applications typically include capabilities to verify customer status
(e.g., what level of support they are entitled to) track specific tasks needed to resolve
problems across multiple workgroups, monitor service-level agreements, maintain permanent
incident histories, and capture support costs for charge backs. Armed with this complete
customer and product information, service professional can resolve customer issues efficiently
and effectively.
Field Service Operations
There is nothing like the hands-on approach to in they with of the customers about
the company your company. Field service is the hands on extension of external customer
support, activated when a problem can be solved over the phone and requires sending a
repair person to the customer site to perform maintenance or repair. Field service and
dispatch applications have become mission critical tools that affect a company’s ability to
deliver effective customer service and contain costs. The field service application provides
the organization with features for scheduling and dispatching repair personnel, managing
inventory and logistics, and handling contracts and accounting.
Retention Management
Effective Customer Relation must be based on differentiating customers based on

account and transaction histories. Today, very few organizations are able to make these

DBA 1727
distinctions. The ability to effectively segment customers depends on the decision support
NOTES technology, which most executives see as a powerful enabler of Customer Relation
Management.
Effective decision support depends on the ability to gather customer information at

great levels of detail. Detailed knowledge about customers allows companies to treat all
customers individually and, in many cases, disengage from customers are high maintenance,
low-margin prospects.
2.2.6 Benefit from an e-Commerce Sales Strategy
The internet is changing the balance of power between business and the customer.
Before online shopping, companies could be reasonably certain that buying almost anything
was not easy, so once a customer found a supplier they were comfortable with they tended
to stick with them, at least until something went wrong.
But with the advent of e-commerce, customers can check out the options anywhere,
and then buy from anyone. Customers can use comparison sites or shopping agents, or
“bots” as they are known, to search the web for a bundle of products and report back on
which supplier is offering them the cheapest. As a general rule, whatever sells in print in a
catalogue will also sell on the internet.
There are several major advantages to developing an e-commerce sales strategy:
Efficiency: Electronic purchase orders and sales orders are more economical to
place, track and manage.
Convenience: Buying and selling can go on 24 hours a day, 7 days a week, 365
days a year from any location.
Speed: It takes far less time to complete the entire buy/sell process, thus speeding
payment.
Accuracy: Virtually eliminates processing errors. Buying and selling firms have the
same views of the transactions, which make online commerce more precise.
Global Reach: Gives businesses an instant global reach to find supplies anywhere
in the world, in any time or currency zone.

Low Cost Entry: Before the web, selling direct to consumers could be expensive.
Setting up a retail outlet or printing a glossy catalogue could cost hundreds of thousands of
NOTES
pounds. On the web, you can sell direct to consumers worldwide for a hundred pounds a
month.
Up-to-date Status and Alerts: Generates instant pager, fax and e-mail notification
to identify potential problems, enabling problem avoidance or swifter solutions. Also provides
order histories.
2.2.7 Critical success factors for internet marketing executives
Marketers have always been in the business of anticipating and managing change,
and technology has been their principle tool for managing it. The Internet presents an
adaptive challenge for the marketing executive. Today’s Internet marketing exec-utive must
have all the traditional skills of the offline marketing professional, but must place extra
emphasis on some of them to account for the new economy. These critical new skills
include customer advocacy and insight, integration, balanced thinking, and a willingness to
accept risk and ambiguity.
Customer Advocacy and Insight
An insatiable curiosity for customers and marketplaces is a bare necessity for

today’s marketing professional. This innate curiosity fuels an individual’s desire to transform
mounds of customer data into meaningful and actionable insights, which in turn become a
platform for advocacy. Because the Internet enables a much greater degree of interaction
with customers, designing and promoting these interactions around customers’ needs and
progressively gaining deeper insights are critical components of creating positive customer
experience. A true customer advocate will be looking to provide demonstrable added
value to each customer interaction to form the basis for a meaningful relationship. As both
customer behaviors and enabling technologies simultaneously evolve, a deep understanding
of customer needs should serve as the guidepost driving marketing decisions. Marketing
professionals will need to strategically collect information from many disparate sources,
create insightful customer mosaics, and effectively trans-late them into marketing strategies
and tactics.

DBA 1727
Integration
NOTES
The Internet represents both a new channel and a new communications medium.
The new-economy marketing professional needs to have an integrated or’ holistic view of
the customer and the enterprise in order to create a uniquely advantaged strategic plan. In
today’s multi channel environment, a consistent message and experience must be maintained
across customer touch points in order to create a consistent brand image. Beyond strategy,
a marketing manager must fundamentally understand how to integrate these new tools into
the overall marketing mix. Managers who are able to hone their marketing plan in a highly
integrated fashion are more likely to capitalize on the synergies between marketing elements
and thus drive greater effectiveness.
Balanced Thinking
An Internet marketing professional needs to be highly analytical and very creative.

Culling specific customer insights from a veritable fire hose of data is critically important for
new economy managers. It requires understanding the dynamic tension between one-to-
one marketing and mass marketing and being able to strike a strategic balance between
them. It also requires determining the appropriate customer data requirements. Internet
marketing professionals must also be technologically savvy. Understanding the strategic
and tactical implications of the Internet, leveraging the rapid learning environment and
accelerated decision-making process it creates, and then creatively applying the insights
gleaned from analysis are critical success factors for all Internet marketing professionals.
Passion and Entrepreneurial Spirit
Although very hard to objectively assess, passion, or fire in the belly, is what will
differentiate leaders from followers in the new economy. Trying to change the status quo is
never easy and only people with conviction and passion will be heard over the din of the
inevitable naysayer. Successful marketing managers use this passion to fuel their
entrepreneurial instincts and vision, creating “bleeding edge” tools as they lead their teams
to success.
Willingness to Accept Risk and Ambiguity
In the new economy, Internet marketing professionals need to retool them-selves

and their companies to enter into a whole new era of customer-centric marketing. The

Internet has enabled customers to have much more information and many more choices
than ever before, thus shifting the balance of power toward the customer and creating the
NOTES
need for a whole new set of “pull” -based marketing tools. Successful Internet professionals
need to rely on a whole new set of marketing tools that work in an extraordinarily dynamic
environment. Having the courage to try new things is the key to developing break-through
Internet marketing. The risk and ambiguity of managing in such uncharted territory is
tremendous, and the most successful Internet marketers will be willing to play at the edges.
Today’s online marketing professionals must have the basic skill set of the offline
marketing professional. But they must also react more quickly and manage more information
and channels in order to stay one step ahead of the competition. The skill set has not
changed tremendously, but-the tools need to be applied with more vigor and sometimes
with greater speed. Successful Internet marketers will build their business models and
value propositions around a deep understanding of customer needs-not around the product.
2.3 E-COMMERCE FOR SERVICE SECTOR
2.3.1 E-Services
The delivery of services via the internet to consumers or other businesses can be
referred to by the generic term of e-services. There is a wide range of e-services currently
offered through the internet and these include banking, loans, stock trading, jobs and career
sites, travel, education, consultancy advice, insurance, real estate, broker services, on-line
publishing, and on-line delivery of media content such as videos, computer games, etc.
This list is by no means exhaustive and it is growing all the time. In this lecture, we will give
an overview of eservices.
In order to bring some order to the discuss of these wide variety of e-services, we
organize them into the following categories, namely
1. Web-enabling services, which were previously provided by humans in office

agencies and/or their branches. The primary purpose here is that these services help
to save time and effort for the user; bring convenience, and improve the quality of
life. In many cases, it can result in a reduced cost for the consumer.

DBA 1727
E-services that fall into this category include

NOTES
• Banking
• Stock trading
• Education
In some cases, this may bring a new dimension to the original service, enhancing
and altering it. E-education is an example of this. It may also bring into the catchments
new groups of consumers of the service to whom it might not have been previously
accessible.
2. Matchmaking services. These take a need from an individual or business customer

and provide mechanisms (from providers) for matching that need.
E-services that fall into this category include
• Jobs and employment sites

• Travel
• Insurance
• Loans including mortgage loans
• Real estate sales
• Brokers
The advantage of this kind of matchmaking through the internet is that the ability to
search electronically over a wider area to satisfy the customer need and to more precisely
meet the customer need is greatly facilitated by both computerization and communication
over the internet.
3. Information-selling on the web. This group essentially sells information content of

one sort or another and includes ecommerce sites that provide on-line publishing
such as web-based newspapers
• consultancy advice
• specialized financial or other information

4. Entertainment services. These provide internet-based access to videos, movies,

electronic games, or theme sites. This E-entertainment sector is expected to grow
NOTES
rapidly in the next few years, with a convergence of TV and internet-based
technologies.
5. Specialized services such as auctions. Many different auction sites have appeared
and these are discussed further in this lecture. It is not possible to discuss all the
different eservices in this lecture and so we will briefly sample only a few examples
for each category.
2.3.1.1. Web-Enabled Services
Web-enabled services include personal banking, stock trading, and education.
E-banking
Security First Network Bank (SFNB; www.sfnb.com/)was the first internet bank. It
provides most of the banking services on the web. Therefore, you can do your banking
with your fingers instead of your feet. Looking at e-banking, we can distinguish between
twp distinct models:
1. Pure cyber banks

2. Traditional banks that provide e-banking to complement their retail banking SFNB.
is a pure cyber bank, while the homepage of Bank of America
(www.bankofamerica.com) illustrates the second model.
While not all banks offer the full range of services on the internet, banks in both the
mentioned groups offer a varied range of services including
1. personal banking
2. commercial banking for both small businesses and large corporations
3. financial services
4. loan application services
5. international trade including settlement instruments, foreign exchange transactions,
etc.

DBA 1727
There are significant advantages for both the individual or corporation as well as
NOTES the bank in using e-banking. An individual doing personal banking on the internet can,
amongst other things, pay bills, do account transfers, make queries on account balances,
obtain statements, in some cases view images of checks, etc., and import transactions
directly into home account management software. Furthermore, one can make such
transactions 24 hours a day from any place with internet access around the world.
In addition to these, a number of banks offer personal financial services including

making personal loan applications on the internet. All these represent a large increase in
convenience and time saving for the bank customer, saving him trips to the bank branch,
queuing, etc.
The advantages to the banking institutions themselves include
1. reduction in the number of retail banking branches, saving rentals or ownership of

the related properties.
2. reduction in staffing because of the reduction in paper processing as well as face-to-
face bank teller contact.
3. bringing about increase in the time the bank hangs on to the money before making
the required transfers, leading to increase in interest received by the banks. These
advantages are so significant that some banks offer customers a number of incentives
to -switch to internet banking, such as free checks, reduced fees, increased deposit
rates, etc.
E-stock trading and e-investing
Several companies such as E-Trade (www.etrade.com). Datek.on-line, American

Express Financial Services, etc. allow you to trade stocks, bonds, mutual funds, etc. on
the internet. These companies offer you to trade at a very small cost compared to discount
brokers or full-service brokers. This has resulted in these on-line trading companies grabbing
an increasing market share. In response to this, discount brokers including Charles Schwab
and full-service brokers have also moved to introduce internet trading of stocks. The steps
involved essentially are the following:
1. place a request to trade, say buy a stock

2. the system responds with current “on the web site” prices

3. the internet trader has to confirm this trade or cancel it Several companies allow one
to create a simulated portfolio, which one watches over time without actually buying
NOTES
or selling the stocks in reality. An example of this can be found on the Smart Money
site (www.smartmoney.com).
The major advantages to the person doing the trading are
1. the reduced cost;

2. the convenience of being able to trade anywhere in the world with internet access,
e.g. while travelling; and
3. access to a wide variety of information on a number of sites.
In addition to actually allowing you to trade, these sites provide a considerable

amount of information. The reduction in margins available to stockbrokers as a result of
internet trading is beginning to have an effect on other more traditional forms of brokers.
This has led to some traditional brokers also providing internet trading of stocks.
E-education
A number of e-universities are being spawned around the world. Again, three
models can be seen:
1. Pure cyber universities, such as Jones International University (http://www.

jonesinternationa.edu)
2. Traditional universities setting up new cyber vehicles for providing university education
perhaps with other business partners. An example of this the Hong Kong CyberU
.(www.hkcyberu.com.hk;) which was set by the Hong Kong Polytechnic University
and Pacific Century CyberWorks.
3. Traditional universities offering courses themselves on the internet. There are a number
of web-based technology tools for this purpose. An example is Web CT. A number
of so called “open universities” that previously provided distance learning have moved
into providing an internet-based version of their courses. These traditional universities
have a number of advantages. They can now reach a client base that is outside their
catchment. They also expect to be able to deliver these courses at a reduced cost;
however, the jury is still out on this. Another advantage a traditional university has on
the internet over a new pure cyber university is that it has an established brand

DBA 1727
name. There are a variety of issues that need to be explored carefully when preparing
NOTES to deliver educational material on the internet and these include the following:
1. Does one use a distance learning model where the student uses a PULL model
to acquire the material?
2. Does one use a traditional lecture model using video streaming? This is a
PUSH model whereby a teacher “pushes” the materials to the students.
The use of the ‘internet for education opens up many possibilities, namely use of
quizzes, tests to provide the student with instant feedback on his/her mastery of the materials,
use of graphics and animation to explain concepts, particularly those that have a dynamic
character to them. It is anticipated that the internet will not only lead to cyber universities of
one kind or another but will also have a marked effect on teaching and learning in traditional
universities. One among some of the innovations that are being explored is the joint teaching
by two universities on different continents in order to enhance the learning experience.
2.3.1.2 Matchmaking Services
This has perhaps been the area in which there has been the greatest growth in e-
services. Essentially, in most of these applications, the customer who could be an individual
or business specifies his requirements in relation to the service.
The e-commerce site then does a search over its own databases or over the internet
using mobile agents, or over other databases or web sites to look for one or more matches
to these requirements. The information is then returned to the e-service provider site to
give the customer the required service.
Travel Services
Before the internet, one might have gone along to a travel agent in order to book
one’s travel requirements such as air tickets, train tickets, car hire, hotel, tours, etc. The
travel agent would try his best to meet these requirements by providing information regarding
schedules, pricing, promotions, as well as suggestions on changes to de itinerary. These
bookings could be for individuals or corporations involving corporate rates, etc. A large
number of e-commerce sites have appeared, which address this precise market segment.
These include trip.com travelweb.com, and priceline.com. These web sites work in exactly

the same way. When a customer provides requirements, these sites do a search of their
own databases or send agents our _ explore other web sites and respond to the consumer.
NOTES
Amongst the requirement that the customer could specify is an acceptable price. A number
of sites, such as priceline.com, require that provided the price specified is met, the customer
cannot refuse the offer found. These ecommerce sites are beginning to grab an increasing
part of the travel market. They are attractive to consumers because of the convenience,
the ability to meet requirements such as specified prices, and in some cases like
lastminute.com, a special customer need (i.e” booking at the last minute). These travel
sites often also have a lot of information on promotions, suggestions, etc., which are useful
for customers. These ecommerce sites are having a strong “disintermediation” effect.
Disintermediation refers to the removal of intermediaries such as travel agents from the
process involved in the purchase of the service. A recent increasing trend has also seen the
primary provider of a service such as an airline introducing internet based booking at
reduced prices, further emphasizing the disintermediation effect.
E-employment and e-jobs
There are several different kinds of services provided here, namely
1. sites where you can get advice on developing your resumes and can post your
resumes on the web
2. recruiters who use the web site to post available jobs, such as Hot jobs
(www.hotjobs.com) or Jobdirect
3. employers who list available jobs on the web sites
a. matchmaking facilities that search the internet for jobs for jobseekers based
on a specification, such as www.monster.com
b. matchmaking facilities to search the internet for resumes that best fit a job
description given by a prospective employer use of agents to do the search
These approaches of using the internet for e-employment or ejobs avoid many
of the costs and difficulties associated with traditional approaches to
advertising, such as high cost, limited duration, and minimal information.
Others
In some areas, such as real estates e.g., (www.realestate.com) the visualization

‘(3D’ facilities provided on the web allow one to either

DBA 1727
• show visualizations of buildings at the drawing board stage, or

NOTES • allow people distant from the physical site of building to actually visualize it
This area of matchmaking and brokering services is expected to grow greatly in

the near future with e-commerce sites exploiting new market niches. This is also an area
with the greatest likelihood of disinter mediation, and traditional agents or brokers will
have to build new dimensions to their services in order to survive.
E-Entertainment
This is expected to be a growing area of e-commerce in the future. A number of

companies are gaining access to or have purchased large inventories of movies or other
entertainment material with the view of allowing people to download this on the web. Sites
here vary from theme sites that use a small amount of interactive entertainment to promote
their products, such as Disney, to others that provide games either for a fee or are free
coupled together with advertising that pays for the site. An important issue here is that the
payments involved are relatively small for each transaction, and hence the use of micro
payment techniques is likely to be of considerable importance here.
2.3.2 Electronic Commerce and Banking
“Banking is vital to a healthy economy. Banking as a business can be subdivided

into five broad types: retail, domestic wholesale, international wholesale, investment, and
trust. Of all these types, retail and investment banking are most affected by online
technological innovations and are the ones that stand to profit most from electronic commerce.
The role of electronic commerce in banking is multifaceted impacted by changes in
technology, rapid deregulation of many parts of finance, the emergence of new banking
institutions, and basic economic restructuring. Given these environmental changes, banks
are reassessing their cost and profit structures. Many banks feel that in order to be profitable
they need to reduce operating expenses and maintain strict cost control. This philosophy is
evident in the many mergers and acquisitions occurring in the banking industry. The challenge
behind bank restructuring lies in adequately operational zing the notion of cost control.

Technology is the predominant solution for controlling costs.

NOTES
Banks are
Increasingly help to reduce operating costs and still provide adequate customer
service. Innovation and technology are becoming the key differentiators in the financial
services business. Advance in networking, processing, and decision analytics have allowed
institutions to lower service costs. Technology has also accelerated the pace of product
innovation. For example, sophisticated arbitrage instruments like derivatives are changing
the nature of investment banking. The Securities and Exchange Commission’s decision to
allow Spring Street Brewery to trade its stock online may also fundamentally change
investment banking by disinter mediating the traditional role of underwriting.
Technology is enabling the development of new products and services. For example,
technology is capable of replacing or expediting tedious financial exercises like check
writing, filing taxes, and transferring funds. Although large businesses have automated these
tasks, many small businesses and most households still do them manually. This is not
surprising; large businesses have been undergoing computerization for more than thirty
years, whereas PCs have been entering households in significant numbers only in the last
few years. Technology is changing the interaction between banks and consumers.
In particular, technological innovations have enabled the following capabilities: online

delivery of bank brochures and marketing information; electronic access to bank statements;
ability to request the transfer of funds between accounts; electronic bill payment and
presentment; ability to use multiple financial software products with “memory” (thus
eliminating the need to re-enter the same data); online payments—encrypted credit cards
for transferring payment instructions between merchant, bank, customer; and finally, micro
payments (or nickel-and-dime transactions using electronic cash and electronic checks).
These online capabilities increase the facility and speed of retail banking. However, new
technology is a double-edged sword. While it enables banks to be more competitive through
huge investments, it also enables new competition from fast-moving, non banking firms.
This trend can be seen in the area of online payments, where recent innovations have
provided an opportunity for non banks to break into the banking business, threatening the
banking stronghold on one of the last key services provided by banks. The present nature
of online payments is a clear indication that if the banking industry fails to meet the demand
for new products, there are many industries that are both willing and able to fill the void.

DBA 1727
Technology also creates problems in the product development lifecycle. In the

NOTES past, banks had the luxury of long roll-out periods because successful investment in retail
banking required a large monetary commitment for product development. This financial
requirement pre-vented new participants from entering the market and was a key determinant
of success. This is no longer the case. Instead of a single institution doing everything,
technology allows the creation of a “virtual financial institution” made up of firms, each
contributing the best-of-breed software or products to the overall product. In this new
“virtual model,” banks compete with the twelve-to-eighteen-month product development
times of companies like Intuit or Netscape, which have product life-cycle times of only six
to nine months.
Changing Dynamics In Banking Industry
In recent years, there has been a major change in the way banks strive for increased
profitability. In the past, the banking industry was chiefly concerned with asset quality and
capitalization; if the bank was performing well along these two dimensions, then the bank
would likely be profitable. Today, performing well on asset quality and capitalization is not
enough. Banks need to find new ways to increase revenues in a “mature market” for most
traditional banking services, particularly consumer credit. A thorough understanding of this
competitive environment is needed before banks can determine their online strategy.
Five distinct factors contribute to the new competitive environment:

• Changing consumer needs driven by online commerce
• Optimization of branch networks in order to reduce costs,
• Changing demographic trends and potential new consumer markets
• Cross-industry competition caused by deregulation, and
• New online financial products.
Changing Consumer Needs
Consumer requirements have changed substantially in the last decade. Customers

want to access account-related information, download account data for use with personal
finance software products, transfer funds between accounts, and pay bills electronically.
Of course, along with these services, banks must be able to supply/guarantee the privacy
and confidentiality that customers demand, which is not a trivial matter to implement on the
part of the banks.

Many consumer requirements are based on a simple premise: customers and

financial institutions both seek closer and more multifaceted relation-ships with one another.
NOTES
Customers want to be able to bank at their convenience, including over the weekend or
late at night. Bankers want more stable and long term relationships with their customers.
From the bank’s perspective, developing and maintaining this relation-ship is difficult.
Although financial products are essentially information products and financial institutions
are highly automated, there is a gulf between automated information and the bank’s ability
to reach the consumer in a unified way. This gulf is filled with established methods, such as
branches, postage and mail, advertising, and people on telephones. These methods can be
costly and impersonal. Electronic banking provides a method of communication that will
enable the bank customer to be reached, served, and sold products and services in their
homes and offices whenever it is convenient for them-twenty-four hours a day, seven days
a week.
2.3.3. Banking Via Online Services
Although personal finance software allows people to manage their money, it only
represents half of the information management equation. No matter which software package
is used to manage accounts, information gets man-aged twice once by the consumer and
once by the bank. If the consumer uses personal finance software, then both the consumer
and the bank are responsible for maintaining systems; unfortunately, these systems do not
communicate with one another, thus giving new meaning to double-entry bookkeeping.
For example, a consumer enters data once into his system and transfers this information to
paper in the form of a check, only to have the bank then transfer it from paper back into
electronic form.
Unfortunately, off-the-shelf personal finance software cannot bridge the

communications gap or reduce the duplication of effort described above. But a few “home
banking” systems that can help are beginning to take hold. In combination with a PC and
modem, these home banking services let the bank become an electronic gateway, reducing
the monthly paper chase of bills and checks

DBA 1727
Citibank and Prodigy

NOTES
To understand the more contemporary online banking services, we look at CitiBank

and Prodigy. Prodigy has been pro-viding home banking to consumers since 1988, and
has relationships with more banks than any commercial online service. To expand the
attractiveness of its online banking services, in 1996 Citibank began offering Prodigy
subscribers a free and direct link to its electronic home banking service. Access to Citibank
is available to Prodigy sub-scribers at no extra fee throughout the New York metropolitan
area. The agreement represents the first time that CitiBank has expanded access to its
proprietary PC Banking service through a commercial online service. To en-courage Citi
Bank customers to try online banking through Prodigy, free Prodigy software will be made
available at local Citi Bank branches. CitiBanking on Prodigy offers a full range of banking
services. Customers can check their account balances, transfer money between accounts,
pay bills electronically, review their Citi Bank credit card account, and buy and sell stock
trough Citi Corp Investment Services. Citi Bank and Prodigy al-low customers to explore
the wide array of services using an interactive, hands-on demonstration.
Banking via the Web: Security First Network Bank
With the explosive growth in Internet use, banking via the World Wide Web will
undoubtedly catch on quickly. The goal of this approach to banking is to provide superior

customer service and convenience in a secure electronic environment. The competitors in

this segment are banks that are setting up Web sites, and firms like Intuit that can easily
NOTES
transport their product to the Internet.
Banking on the Internet is not the same as banking via online services. Internet
banking means that:
Consumers do not have to purchase any additional software (the Web browser is
sufficient), store any data on their computer, back up any information, or wait months for
new versions and upgrades, since all transactions occur on a secure server over the Internet.
Consumers can conduct banking anywhere as long as they have a com-puter (not
necessarily their own computer) and a modem-whether at home, at the office, or in a place
outside the United States. Banking via online services is restrictive in that the consumer has
to install a soft-ware package onto her computer. This limits the customer to banking only
from that computer, making a call to access a separate network, working with a separate
software company, and banking during limited hours of operation.
Consumers can download account information into their own choice of programs
rather than following the dictates of the service provider.
Internet banking allows banks to break out of the hegemony of software developers.
If bank customers (end users) install personal financial management software on their PCs,
these customers become direct customers of software firms. By controlling the software
interface, software firms such as Intuit can control the kinds of transactions end users
make and with whom these transactions occur. By maintaining a direct relationship with
end users via the Web, banks can offer additional services and provide a personal feel to
the interface, without seeking the cooperation of a software company. If banks choose to
offer home banking via personal financial management software, they lose control over the
end user interface and the relationship they have with customers. This loss of control has
tremendous long-term implications. The software industry history offers com-pelling proof
of the importance of organizations having a direct relationship with consumers. In the early
1980s, IBM decided that operating systems were not central to IBM business strategy. As
a result, IBM licensed DOS from a small software company called Microsoft. IBM called
this operating system PC-DOS and allowed Microsoft to market this same operating
system to competing computer manufacturers under the name of MSDOS. IBM’s seal of

DBA 1727
approval made DOS an industry standard. However, IBM was unable to move the industry
NOTES to a new operating system called OS/2 in the late 1980s because Microsoft controlled the
customer relationship and was able to convert most end -users to Windows. For banks,
too, losing control over the interface could have dire consequences.
2.3.3.1 Management issues in Online Banking
The challenge facing the banking industry is whether management has the creativity
and vision to harness the technology and provide customers with new financial products
necessary to satisfy their continually changing financial needs. Banks must deliver high
quality products at the customers’ convenience with high-tech, high-touch personal and
affordable service. In order to achieve this, management has to balance the five key values
that increasingly drive customers’ banking decisions: simplicity, customized ser-vice,
convenience, quality, and price. Online banking will realize its full potential when the following
key elements fall into place:
• The development of an interesting portfolio of products and services that is

attractive to customers and sufficiently differentiated from competitors.
• The creation of online financial supply chains to manage the shift from banks
as gatekeeper models to banks as gateways.
• The emergence of low-cost interactive access terminals for the home as well
as affordable interactive home information services.
• The identification of new market segments with untapped needs such as the
willingness to pay for the convenience of remote banking.
• The establishment of good customer service on the part of banks. The fact
that technology increases the ease of switching from one bank to an-other
means that banks that do not offer superior customer service may see low
levels of customer loyalty.
• The development of effective back-office systems that can support sophisticated
retail interfaces.
Marketing Issues: Attracting Customers
The benefits of online banking are often not made clear to the potential user.
Consumer question includes :

How is balancing the checking account online superior to doing it on paper? Is

paying bills online superior to the familiar 5 of writing checks? Where is the consumer
NOTES
gaining value? Perhaps the answers to these questions are not clear to the bankers
themselves. Regardless of how a bank chooses to answer these questions, it is clear that
make a mistake trying to sell online banking services on the basis of convenience. While
short term convenience is important, consumers want 19-term ability to control and organize
their finances more than they want convenience.
Banks must also look beyond home consumers for online banking consumers.
The rapidly growing use of personal computers by small business- provides a solid
opportunity for banks to build a profitable base of small business until a broader consumer
market evolves. There are mil-lions of small businesses with annual sales ranging from
Rs. 250,000 to Rs. 5 million. Many of these firms have PCs and modems. New services
like interactive cash management services could generate significant revenues for banks.
Industry studies indicate that 20 percent of small businesses are immediate prospects for
online banking and are willing to pay more than individual consumers for the service-up to
$100 a “month. Thus, banks have opportunity to tap into this market segment.
Marketing Issues: Keeping Customers
Keeping customers (or customer loyalty) requires the following:
1. Banks must switch the costs of moving from one software platform to other to keep
customers from moving. Customers are increasingly familiar with using technology
to access bank accounts and to handle financial affairs, and this familiarity increases
interest in additional vices and increases switching costs.
2. Banks must provide integrated services. The oftcited time squeeze on consumers-
long commutes, heavy workload, family obligations, household management is
pushing consumers toward integrated services that can speed up financial procedures.
These integrated services contribute to cementing the customer relationship.
3. Banks can realize the positive cost implications for the longterm value of building
customer loyalty. In the online world, there is not a big cost dif-ference between
serving one customer and serving 100,000 customers. Clearly, marketers must also
work on building a loyal customer base not only in order to maintain the existing
base, but also in order to be attractive to potential customers.

DBA 1727
2.4 ADVERTISING AND ONLINE PUBLISHING

NOTES
2.4.1 Advertising and Online Publishing
With the intention of attracting advertising dollars, magazines and newspapers have
also set up sites on the Web. Many online periodicals include traditional advertisements as
well as icons, which display an advertiser’s logo and, when clicked with a mouse, send a
user across the Web to the advertiser’s Web site. Among periodicals that have gone from
print to online advertising with some degree of advertising success are: Knight-Ridder’s
San Jose Mercury News newspaper, which reportedly charges Rs. 100 per day for an
advertisement, and magazines such as Hot Wired, Playboy, and People, which reportedly
charge Rs. 30,000-Rs. 45,000 per quarter for an advertiser to place an icon in the periodical.
Promotions are also common. In many cases, advertisers ask site visitors to provide their
names and addresses in exchange for a product discount.
2.4.1.1 Reasons expected for the increase in Advertising spending
Shorter Access Times
As more bandwidth becomes available, users will spend a larger proportion of

their time on Web sites and a smaller proportion waiting to access them. With more time
available to draw users’ attention, advertisers should be willing to pay more per user to
place their icons in online periodicals. Shorter access times also enable increasingly complex
graphics to be placed on Web sites, without requiring additional access time. This should
draw to the Web advertisers who may have been concerned that the current graphical
quality was insufficient for displaying their products. With more advertisers, advertising
rates should rise.
Reduced Access Fees
New Internet users will be attracted by reduced ac-cess fees, with part of the
reduction covered by advertisers. The cost of the access fee itself can be shared by an
advertiser if, for example, the advertiser pays for the access time used when accessing
online yellow pages.

Increasingly Convenient Access to Information

NOTES
As the amount of information online increases, it should be increasingly important
for advertisers to get users to their sites quickly, leading them to pay more for placement in
online periodicals.
Increasingly Valuable Information
Product descriptions can be enhanced through online advertising. With more

information available, the decision to purchase should be easier and more purchases should
occur (assuming the product is desirable). This should boost the appeal of the Web and in-
crease the rates that advertisers could be charged for placing their icons in an online
periodical.
2.4.1.2 Better Measurement of Advertising Effectiveness
Product advertising is far more effective if it leads to a purchase. If online advertising

encourages users to shift a portion of their purchases to the Web, then companies may pay
far more to advertise. However, a measurement system will not be useful until:
1. an online publisher can use it to determine advertising rates and the appeal of its
articles, and
2. an advertiser can use it to justify the cost of promoting a Web site, maintaining a
Web site, and placing a site -linked icon in an online page.
Despite the popularity of advertising on Web sites, few publishers have attempted
to measure how many advertising dollars are being spent. There are three reasons for this:
• The market is too small to justify the cost of measuring its size.
• There is not a clear definition of what advertising expenses should be counted.
• Spending can be the amount that advertisers pay other Web sites such as
periodicals and games to display their icons or product offerings.
The market is changing too rapidly to develop an effective means of measurement.

DBA 1727
Effective measurement of online advertising is taking centre stage. It was reported

NOTES in MediaWeek [MW96] that Procter & Gamble was ready to spend some of its $3.3
billion ad budget to advertise on various Web sites. However, the packaged goods giant
told the online publishing community that it will compensate the ad banners it buys only on
a “click-through” ba-sis. In other words, standard impressions-delivered when an Internet
surfer sees an ad banner but does not click on it to connect to a Web site -are considered
to have no value by P&G. The anticipated P&G strategy, a sharp departure from the
industry standard which measures hits ,has sent a shiver down the spine of many ad sales
executives. The concern was that other advertisers will follow P&G’s lead.
2.4.1.3 Digital Copyrights and Electronic Publishing
Intellectual property rights (copyrights, trademarks, and licenses) are an important

asset possessed by the publishers in their respective markets. Protecting intellectual property
rights and collecting dues from online users is proving to be quite challenging. The scope
and magnitude of the problem is clear. The potential of online copyright infringement vastly
surpasses the damage that can be inflicted with a photocopy machine. Anyone with a
computer can make and distribute countless copies of anything digital, be it a book, a TV
or computer program, or a piece of music. Even worse, the digital version can be sent to
friends or even a bulletin board system (BBS) for downloading by anyone with a modern.
Advances in technology have raised the stakes considerably. Today, virtually any
work can be “digitized,” archived, and used in the digital format. This increases the ease
and speed with which a work can be reproduced, the quality of the copies, the ability to
manipulate and change the work, and the speed with which copies (authorized and
unauthorized) can be “delivered” to the public. Works also can be combined with other
works into a single medium, such as a CD-ROM, causing a blurring of the traditional
content lines. The establishment of high-speed networking makes it possible for one
individual, with a few key strokes, to deliver perfect copies of digitized works to scores of
other individuals.
In short, the emergence of the Internet is dramatically changing how consumers

and businesses deal in information and entertainment products and services; as well as
how works are created, owned, distributed, reproduced, displayed, performed, licensed,
managed, presented, organized, sold, accessed, used, and stored. All of this has led to a
clarion call for changes in the copyright law.

The stakes are high. Owners of copyrights are not willing to put their interests at
risk if appropriate protections are not in place to permit them to set and enforce the terms
NOTES
and conditions under which their works are made available online. Likewise, the public
will not use the services avail-able and create the market necessary for online publishing’s
success un-less access to a wide variety of works is provided under equitable and
reasonable terms and conditions, and unless the integrity of those works is assured.
Online Copyright Protection Methods
Unauthorized access to published content can be restricted by two methods:
1. Restricting access to the source of the work. This includes controlling Web server
access or controlling individual document access.
2. Restricting manipulation of the electronic file containing the work.
2.4.2 Electronic Commerce and Online Ppublishing
The Web may have blossomed because of peer-to-peer publishing, but judging
from recent product offerings, there is an enormous groundswell of interest among both
commercial and corporate publishers in the Web. For instance, it was reported that, in less
than three months, the Wall Street Journal Interactive Edition attracted 500,000 registered
readers on the Web, and that number is growing by some 3,000 readers per day. Also, the
electronic edition has attracted more than thirty advertisers paying to reach this audience.
Initially, growth in the online publishing marketplace was driven by the potential of
new interactive technologies and applications. The promise of new interactive publishing
captured the imagination of both content providers and the public. However, from 1993 to
1995 much of online publishing was inhibited by a lack of business purpose. At that time,
the con-tent creation side of online publishing was dominated by techno-savvy individuals
who were not experienced at selling and who did not under-stand the business of publishing.
In addition, there were publishing companies who took a “Just Get Me on the Web!”
approach, failing to define the business purposes driving their online presence. As the
initial euphoria wore off, publishers realized that simply having a presence on the Web did
not guarantee profits. They discovered that offering exciting technology without compelling
content is insufficient to capture market share. These firms are learning that the best way to
capture consumers’ attention is to develop a business model that allows the company to

DBA 1727
offer unique and valuable information, programming, and services. This content, no matter
NOTES how it is delivered, must be packaged so that it provides more value than alternative
sources of information. The key is to identify what the customer wants and finds interesting
and to avoid being distracted by new technologies. Publishers need to pay more attention
to their core competency of packaging and delivering content and making money online.
These are tricky but necessary conditions to successful online publishing.
Many online publishing pioneers have gone up the technology curve and are
confronting tough management questions such as how to gain market share and how to be
profitable sooner than later. Some of these firms have invested tens of millions of dollars in
people, equipment, and marketing, and they have not yet turned a profit. Some of the sites
employ hundreds of people, with millions of dollars in payroll alone. Many early pioneers
invested a huge amount of money into brand building, marketing, and content, but they
have not been able to figure out which business model works best for making money.
Online publishers are developing new business models to charge customers directly
and convince them that such charges are justified. As more and more firms begin to offer
online content, they are being forced to adjust to new customer attitudes regarding pricing.
Publishers currently finance their businesses by offering advertisers mass markets for
delivering their message in return for large advertising fees. The public has been trained to
think that the news, information, and entertainment they receive should be subsidized or
nearly free and that advertisers will pay the bill. This approach may not be viable in the
online medium when mass markets are re-placed by customers selecting their information
and delivery methods. The early online publishing pioneers are trying to accomplish a
difficult feat.
Newspaper and magazine publishers, some of the first to stake their claims on the
Internet, are tinkering with new advertising models for their fledgling Web sites. In general,
mainstream advertisers have been skittish about pumping money into a medium with an
audience whose size and habits are nearly impossible to figure out. As a result of relatively
low ad revenues, none of the Web publishers have turned a profit. While ad revenues are
not coming close to covering expenses now, they could grow substantially in coming years
as the traffic increases and brand names become established. Brand development is
important because every time a user sits in front of a Web browser, she needs to make a
decision about where to go. The better the brand, the more likely it is to pop up in the
consumer’s mind another key issue in online publishing relates to digital copyrights.

Effective technological protection mechanisms are vital to ensuring the availability

of quality content online. Today, publishers such as Addison—Wesley only offer catalogs
NOTES
or sample selections of works available online. They do not and cannot offer more because
in an environment where the culture and technology provide so little protection for the
rights of content producers, there is too great a risk to their intellectual property. The
Internet makes it extremely easy to copy, retransmit, and alter works without the permission
or the copyright holder. Moreover, the digital world has no international boundaries, and
policing is impossible since the levels of protections and sanctions against infringement
vary widely in countries across the globe, which makes the risk even greater.
2.4.2.1 Online Publishing Strategies
As with any new development, there are generally three strategies for publishing
companies to consider:
Early Movers
These are highly skilled independent publishers with existing access to such key
capabilities as direct marketing and order fulfilment. These publishers have the capacity to
derive the highest benefits from new media as their learning curves are much shorter than
others, and they already have many of the necessary resources at hand.
Watchers
These are large publishing companies that employ scale-sensitive economics. They
are unlikely to view online publishing as a sufficiently attractive channel until costs fall and
distribution widens. This category includes publishers of unbranded or less distinctive content
who cannot attract a sufficiently large initial consumer franchise, as well as fo-cused publishers
in categories not easily suited for the online medium.
Testers
These are the majority of publishers that face either attractiveness and/ or skill
challenges. Gathered here are many multi category and specialty publishers who are
competing successfully in traditional markets, who are uncertain who will win in the online
marketplace, and who neither need nor want to make a choice now. Testers also include

DBA 1727
branded general publishers with robust consumer franchises and attractive distribution
NOTES channels already in place. For this group, the online medium appears to be an alternative.
In general, publishers are educating themselves about the potential opportunities

without committing themselves to anyone position. Those with strong brand images and
existing consumer franchises may choose to post-pone entry until they find viable service
providers and distributors. Publishers such as the Wall Street Journal and New York Times
are taking part in targeted tests and pilot projects aimed at learning what online publishing
has to offer, building required skills, and exploring the attractiveness of potential channels.
These tests often include a skill-building program as well as an early warning system so
that a company can quickly identify and re-act to changes within the industry or economy.
Content, incentives, service, quality, and price will not be enough to compete in this new
environment. Speed of delivery, bundling of products, and diversity of choice also become
critical success factors. Publishers will have to innovate constantly and challenge present
concepts if this form of commerce is to become widely accepted and popular. Winning in
online publishing will entail developing new skills in areas such as tailored advertising,
order processing and fulfilment, and customer service as well as re-learning the fundamental
principles concerning why people subscribe.
2.4.2.2 Online Publishing Approaches
There are four contrasting content publishing approaches.
• The online archive approach. This is new to the Web, but is a logical extension of
the trends in electronic delivery over the past several years.
• The new medium approach. This is more controversial and more difficult to
implement, but also more exciting.
• The publishing intermediation approach. This is an online extension of the third-
party publisher role off-line.
• The dynamic and just-in-time approach. In this approach, content is assembled in
real-time and transmitted in the format best suited to the user’s tastes and
preferences.
The Online Archive Approach
The online archive approach (including bibliographic databases and full-text search/
retrieval services) is one that appeals to corporate publishers and, to some extent,

commercial publishers (such as academic or journal publishers) who have an existing digital
archive that they want to deliver over the Web as well as on paper, CD- ROM, or other
NOTES
media. The most prevalent example of online archive approach is library catalogs and
bibliographic databases. Most libraries have replaced traditional card catalogs with
sophisticated electronic online bibliographic databases offering an incredible range of
functions. At revenues of over $1 billion a year, bibliographic databases represent a sizable
chunk of the online data-base market. An example of a bibliographic database is MEDLINE,
developed by the National Library of Medicine (NLM), which caters to an increasing
number of physicians who rely on online medical databases to keep up to date with the
latest developments and literature. The spread of PCs has enabled physicians to directly
search databases used only by librarians in the past. MEDLINE and other medical
databases are available free of charge on the Internet.
The online archive approach is also being used by niche publishers such as Ziff-
Davis, which began its venture into electronic publishing in .1985 with a bulletin board
system for readers of PC Magazine. That bulletin board evolved in 1988 to become PC
Mag-Net on CompuServe, which quickly grew in popularity. In 1991, Ziff-Davis created
the ZD Net subscription service on CompuServe to provide a service supporting online
versions of all its publications. Members of the ZD Net/CompuServe edition have access
to several features, including the ZD Net University series of comprehensive online
“continuing education courses, sophisticated on-line forums with top industry personalities,
and a comprehensive database of past articles. In addition to its successful CompuServe
subscription ser-vice, the ZD Net Web Edition (http://www.zdnet.com) logs access by
more than 700,000 Internet hosts each month and is reportedly showing a profit.
The New Medium Approach
The new medium approach (including real -time news delivery, personalized news
delivery, and edutainment) aims to create new material for the Web-to treat the Web as its
own medium, one deserving its own material. This approach will have the most appeal to
commercial print publishers, such as magazines, that view the Web as an alternative, not a
replacement, for print publications. For example, Wired magazine sees very little crossover
in content between its magazine and its HotWired venture. Some writers may write for
both media, but separate content streams will be developed for each medium. This approach
currently has some teething problems because of technological limitations. For instance,
the formatting limitations of the Web are frustrating at the moment, but with technological

DBA 1727
advancements they will soon be forgotten. The frustrations are more than offset by the
NOTES excitement of the interactivity the Web offers; its model is both broadcasting and
conversation at the same time. With online publishing there may be a well-known starting
point, but with no controlling gatekeeper, the subsequent value-added improvisation from
readers makes each online magazine a unique experience.
Even if the technology constraints were overcome, the expectations of the Web
are so different from print media that new content, written for a Web audience, must be
created. It quickly becomes apparent that under this model, the old paradigms do not
work. The publisher gives up not only its brand name, but its intellectual content, too-once
the information is out there, it is no longer, owned. Faced with that model, all a publisher
can do is “be the first with the most interesting stuff,” an approach that HotWired is taking
in its attempt to create a place where readers can see what the world has to say on a
minute-by minute basis.
The Publishing Intermediation Approach
The publishing intermediation approach (including online directories) exploits new

service opportunities for intermediaries. For example, in the growing market for educational
material such as course packs and other customized books, companies offering material
owned by more than one publisher face the daunting task of obtaining permissions. New
organizations that specialize in the management of copyright clearance are emerging as key
players.
Online directories are important for several reasons. Companies and consumers
interested in conducting electronic commerce often struggle to navigate the Internet to
create an electronic marketplace. Once on that sprawling network, they are having trouble
finding other companies, products, and services. The success of Yahoo’s initial public
offering (IPO) underscores the importance of online directories. Yahoo (which stands for
Yet Another Hierarchical Officious Oracle) was created in 1994 by David Filo and Jerry
Yang, two Stanford, University electrical engineering PhD students who began DY simply
compiling lists of their favorite Web sites. It went on to become one of the most popular
means of navigating around the Internet. Yahoo is the first place millions of Internet users
go when they try to find their way around the rapidly growing Internet. At one time, Yahoo
was getting about 6 million visitors per day, which made it the second most active Web site
next to Netscape’s home page.

Clearly, there will be a demand for intermediation because there will al-ways be a
need for a good directory to help people locate goods, services, and products. The future
NOTES
is bright for the publishing intermediaries who offer ease of operation, speed, and detailed
information.
The Dynamic and Just-in-Time Publishing Approach
Online content is no longer static information. Content can now be created in real-
time and transmitted on the fly in the format best suited to the user’s location, tastes, and
preferences. More importantly, the content engine recognizes repeat visitors to a site and
configures the Web pages to match the individual’s known preferences. For example, a
publisher planning to deploy a large product catalog will no longer have to author and
update each individual Web page. Instead, the elements of each page-text, graphics, video,
and sound-are stored separately in a database and used to create individualized pages on
the fly as each user browses the site. The page content can be further customized to reflect
which Web browser is being used, the user’s geographic location, and modem speed.
Another way of looking at dynamic publishing is that it is just-in-time publishing. That is,
the stories, applets, and content flow into the computer just as consumers need them, and
then self-destruct after usage.
A number of micro payment schemes are emerging. The world of online

entertainment-specifically “pay-for-play” outlets being developed by Sony, Sierra On-
Line, and others-could serve as the best model for every-one else [PCW96]. Clearly
publishers and developers should be thinking about low-value payments, but it is still too
early for most companies to de-ploy. For micro payments to work, transaction costs must
be very small (around 10 cents), and they are nowhere near that yet. What is more, the
proposed schemes vary widely and many kinks in the micro payment puzzle have to be
worked out.

DBA 1727
2.5 B2B E-COMMERCE

NOTES
2.5.1 B2B - Business to Business E-Commerce
E-commerce has been in use for quit a few years and is more commonly known as
EDI (electronic data interchange). In the past EDI was conducted on a direct link of some
form between the two businesses where as today the most popular connection is the
internet. The two businesses pass information electronically to each other. B2B e-commerce
currently makes up about 94% of all e-commerce transactions.
Typically in the B2B environment, E-Commerce can be used in the following

processes:
• Procurement;
• order fulfilment;
• Managing trading-partner relationships.
For many Welsh SMEs, B2B E-Commerce is synonymous with the vision of
integrated supply chains. This might be the ultimate objective, but, in the short term, B2B
E-Commerce could be used as a significant enabler in their move towards greater trading
partner collaboration.
E-Commerce technologies have allowed even the smallest businesses to improve

the processes for interfacing with customers. They are now able to develop services for
individual clients rather than provide a standard service. Pentwyn Splicers based in Pontypool
manufacture pneumatic splicers for the UK and world textile market. They evaluated all
aspects of their business process to determine where the greatest return could be obtained.
Using the Web to sell more products was an initial consideration, but it was in the provision
of customer service and support to their overseas distributors that the greatest benefits
have been achieved.
An alternative way of thinking of B2B eCommerce is to think of it as being used to:
• Attract, develop, retain, and cultivate relationships with customers;

• Streamline the supply chain, manufacturing, and procurement processes, and
automate corporate processes to deliver the right products and services to
customers quickly and cost-effectively;

• Capture, analyze, and share, information about customers and company

operations, in order to make better decisions.
NOTES
In business-to-business electronic commerce businesses use the Internet to integrate

the value- added chain, which can extend from the supplier of raw materials to the final
consumer. Business for business dominates the total value of e-commerce activity, accounting
for about 80 per cent at present. Because the-economic factors affecting the adoption of
e-commerce between businesses are such different from those affecting business-to-
consumer ecommerce, business-to- business e-commerce is likely to maintain for enlarge
is advantage for the foreseeable future:
Electronic links between businesses are not new. They have existed for decades,
in the form of electronic data interchange (EDI) supplied by value-added networks (VAN)
operated over leased telephone lines. Large manufacturing firms are the main users of
EDI. General Electric (GE), one of the largest EDI service suppliers, estimates that 80 per
cent of suppliers are not connected to an EDI system but rely on from, telephone or mail.
Drivers and inhibitors of business-to-business electronic commerce in business-

to-business e-commerce, three factors are likely to lead to e-commerce
a reduction in transaction costs and improvement of product quality/customer service
a. a defensive reaction A competitors engaging in commerce; and

b. Insistence by large businesses that all of their suppliers link into their e-commerce
system as a condition of-doing business.
The first factor, reduced transaction costs, drives the second and third and will be
explored in greater detail in the next chapter. However, electronic commerce clearly reduces
these costs and thus drives its adoption.
It is expected that by 2001-02, many barriers, such as questions of security and

reliability, which now limit the extension of Internet EDI to unknown firms, will have been
overcome. As a result, there will be a significant increase in business-to-business e-commerce
as it draws in smaller second- and third-tier suppliers. For example, the US Automotive
Network exchange (ANX), developed by the Automotive Industry Action Group (AIAG),
makes use of the Transport Control Protocol/Internet Protocol (TCP/IP) to link automotive

DBA 1727
suppliers to each other and to original equipment manufacturers (OEM) (e.g. GM, Ford
NOTES and Chrysler). Dispensing with the multiple networks and protocols that now link first-tier
suppliers to OEMs, the new system will provide a single common system that can be
extended to include all suppliers. The largest impact of business –to – business e-commerce
is likely to be on small and medium sized enterprises (SMEs), because many large business
already have EDT’ systems in place. The accessibility of the Internet makes electronic
commerce realistic possibility for SMEs and is likely to lead to its widespread diffusion. In
addition to migrating existing activity to e-commerce, new business—to-business products
are being created which did not, or could not, exist before electronic commerce over the
Internet made them economically viable. For example, spot markets that match buyers
and sellers for a wide variety of goods ranging from electronic components to agricultural
commodities to transportation futures have sprung up; they represent only the beginning of
what is expected to be a wide number of new business-to-business opportunities. Another
example is the extension of EDI-type links via the Internet. Parcel delivery, logistics and
order fulfillment services, frequently by the same firm, are also experiencing growth as
ecommerce increases. As businesses move to “build-to-order” processing and just-in-
time inventories, a premium is placed on timely, accurate inbound and outbound logistics.
In addition, there is greater demand by final consumers for fast order fulfillment and the
ability to track an order as it is being processed and delivered.
2.5.2 Automated Ecommerce Transactions
It is a term also used in electronic commerce and to describe automated processes

between trading partners.
The volume of B2B transactions is much higher than the volume of B2C transactions.
One reason for this is that businesses have adopted electronic commerce technologies in
greater numbers than consumers. Also, in a typical supply chain there will be many B2B
transactions but only one B2C transaction, as the completed product is retailed to the end
customer.
An example of a B2B transaction is a chicken feed company selling its product to

a chicken farm, which is another company. An example of a B2C transaction is a grocery
store selling grain-fed chickens to a consumer. B2B can also describe marketing activities
between businesses, not just the final transactions that result from marketing, though the
term can be used to identify sales transactions between businesses (also referred to as

“institutional sales”). For example, a company selling photocopiers would more likely be a
B2B sales organization than a B2C sales organization.
NOTES
“Business-to-business” can also refer to all transactions made in an industry value

chain before the finished product is sold to the end consumer.
2.5.3 Characteristics of B2B EC
Business – to – business electronic commerce implies that both the sellers and
buyers are Business Corporation, while business – to – consumer electronic commerce
implies that the buyers are individual consumers. Business-to – business EC is expected to
grow to $1,330.9 billion by 2003 and continue to be the major share of the EC market
(Free-man 1998, Retter and Calyniuk 1998). The percentage of Internet – based B2B
EC compared to total B2B commerce will expand from.2 percent in 1997 to 2.1 percent
in 2000 and 9.4 percent in2003. Computing electronics, utilities, shipping and warehousing,
motor vehicles, petrochemicals, paper and office products, food, and agriculture are the
leading items in B2B EC.
Business-to-business EC covers a broad spectrum of applications that enable an

enterprise or business to form electronic relationships with their distributors, resellers,
suppliers, and other partners. As Handfield and Nichols (1999) suggest, B2B applications
will offer enterprises access to the following sorts of information:
• Product – specifications, prices, sales history

• Customer – sales history and forecasts
• Supplier – product line and lead times, sales terms and conditions
• Product process – capacities, commitments, product plans
• Transportation – carriers, lead times, costs
• Inventory – inventory levels, carrying costs, locations
• Supply chain alliance – key contacts, partner roles and responsibilities,
schedules
• Competitor – benchmarking, competitive product offerings, market share
• Sales and marketing – point of seal (POS) , promotions
• Supply chain process and performance – process descriptions,
performance measures, quality, delivery time, customer satisfaction

DBA 1727
2.5.4 What is B2B Marketing Communications?

NOTES
B2B marketing communications is how businesses promote their products and
services to other businesses using tactics other than direct sales. The purpose of B2B
marketing communications is to support the marketer’s sales effort and improve company
profitability. B2B marketing is generally considered to be more complex than B2C marketing,
often complicated by a longer sales cycle and multiple decision makers on the buyer’s
side.
B2B marketing communications tactics generally include advertising, public relations,

direct mail, trade show support, sales collateral, branding, and interactive services such as
website design and search engine optimization. The Business Marketing Association is the
trade organization that serves B2B marketing professionals. It was founded in 1922 and
offers certification programs, research services, conferences, industry awards and training
programs.
B2B Marketing Methodologies
Positioning Statement
An important first step in business to business marketing is the development of

your positioning statement. This is a statement of what you do and how you do it differently
and better than your competitors.
Developing your messages
The next step is to develop your messages. There is usually a primary message
that conveys more strongly to your customers what you do and the benefit it offers to
them, supported by a number of secondary messages, each of which may have a number
of supporting arguments, facts and figures.
Building a campaign plan
Whatever form your B2B marketing campaign will take, build a comprehensive
plan up front to target resources where you believe they will deliver the best return on
investment, and make sure you have all the infrastructure in place to support each stage of

the marketing process - and that doesn’t just include developing the lead - make sure the
entire organization is geared up to handle the inquiries appropriately.
NOTES
Briefing an agency
A standard briefing document is usually a good idea for briefing an agency. As well
as focusing the agency on what’s important to you and your campaign, it serves as a
checklist of all the important things to consider as part of your brief. Typical elements to an
agency brief are: Your objectives, target market, target audience, product, campaign
description, your product positioning, graphical considerations, corporate guidelines, and
any other supporting material and distribution.
Measuring results
The real value in results measurement is in tying the marketing campaign back to
business results. After all, you’re not in the business of developing marketing campaigns
for marketing sake. So always put metrics in place to measure your campaigns, and if at all
possible, measure your impact upon your desired objectives, be it Cost Per Acquisition,
Cost per Lead or tangible changes in customer perception.
B2B standards
UN/EDIFACT is one of the most well-known and established B2B standards.

ANSI ASC X12 is a popular standard in North America. RosettaNet is an XML-based,
emerging B2B standard in the high tech industry. An approach like UN/CEFACT’s Modeling
Methodology (UMM) might be used to capture the collaborative space of B2B business
processes.
2.5.5 E-Marketplace
“E-” or “electronic” marketplace in a business-to-business context is primarily a

large online platform (B2B portal) or website that facilitates interaction and/or transactions
between buyers and suppliers at organizational or institutional rather than individual levels.
Since the builders of such marketplaces primarily aim at facilitating buyer-seller interaction
(in most cases without being a buyer or seller themselves), these are also referred to as
“third-party” B2B marketplaces.

DBA 1727
These marketplaces can do one or more of the following:

NOTES 1. Help buyers find new suppliers and vice versa
2. Help reduce the time and cost of interaction for B2B transactions
3. Help increase trade between distant geographies
4. Help manage payments and track orders for B2B transactions
5. Help reduce the number of profits after tax
6. Help increase the greenhouse gas emissions in the country
7. Help the environment by using appropriate technology that is environmentally friendly
Vertical e-Marketplace
A vertical e-marketplace spans up and down every segment of one specific industry.
Each level of the industry has access to every other level, which greatly increases
collaboration. Buyers and sellers in the industry are connected to increase operating efficiency
and decrease supply chain costs, inventories and cycle times. This is possible because
buying/selling items in a single industry standardizes needs, thereby reducing the need for
outsourcing many products. E-commerce has a variety of different opinions going out
towards different people in different organization that are committed to such technology.
Therefore e-commerce is not well no where near the advanced technology that us in
organizations use now a days.
Horizontal e-Marketplace
A horizontal e-marketplace connects buyers and sellers across many industries.

The most common type of materials traded horizontally are MRO (maintenance, repair
and operations) materials. Mainly business and consumer articles, these items are in demand
because they are crucial to the daily running of a business, regardless of industry and level
within that industry. Many corporations have MRO materials bought directly on-line by
the maintenance team in order to relieve the purchasing department.
No-frills e-Marketplace
Developed in response to customers wanting to purchase products without service

(or with very limited service), the no-frills e-marketplace parallels the B2C offering of
no-frills budget airlines. The subject of several Harvard and IMD articles/case-studies,
no-frills B2B e-marketplaces enable the effective de-bundling of service from product via

clear “business rules.” This provides the basis of differentiation from conventional B2B
sales/purchasing channels.
NOTES
Etymology
The term “business-to-business” was originally coined to describe the electronic

communication relations between businesses or enterprises in order to distinguish it from
the communications between businesses and consumers (B2C). It eventually came to be
used in marketing as well, initially describing only industrial or capital goods marketing.
However, today it is widely used to describe all products and services used by enterprises.
2.5.6 EDI Standards
EDI stands for Electronic Data Interchange. This is one of the applications of E
Commerce which makes Business to Business transactions possible over a network.
Electronic data interchange (EDI) is a technology poised for explosive growth in use as the
Internet provides an affordable way for businesses to connect and exchange documents
with customers and suppliers of any size. EDI is the electronic exchange of business
documents, data, and other information in a public-standard format. It cuts the cost of
managing business-to-business transactions by eliminating the need for labor-intensive
manual generation and processing of documents. In this lecture we will discuss the EDI
standards, the EDI networks and the EDI software that interfaces these two elements and
the business applications. These elements together with the EDI Agreement are covered in
detail in this lecture.
Let’s start with EDI Standards.
EDI Standards
At the heart of any EDI application is the EDI standard. The essence of EDI is the
coding and structuring of the data into a common and generally accepted format -anything
less is nothing more than a system of file-transfers. Coding and structuring the documents
for business transactions is no easy matter. There have been a number of EDI standards
developed in various industry sectors or within a specific country and there are complex
committee structures and procedures to support them.

DBA 1727
Following on from the various sectorial and national EDI standards is the United
NOTES Nations (UN) EDI Standard:
EDIFACT. This is the standard that should be adopted for any new EDI application.
EDI provides an electronic linkage between two trading partners. Business

transactions are output from the sending computer system, transmitted or transported in
electronic format and input into the second, receiving computer system. The computer
systems that exchange data need a common format; without a common format the data is
meaningless. Two organizations that exchange data can, with relative ease, agree a format
that meets their mutual needs. As the network of exchanges develops then the number of
organizations needing to be party to the agreement grows. To illustrate this, assume a
network of three customers (say supermarkets) ordering goods from four suppliers (food
manufacturers), see
Interchanges between Customers and Suppliers.
The network in is 12 separate interchanges. It is unlikely that each of these exchanges

would have its own format but it is perfectly possible that each customer would have
developed its own standards (giving each supplier three separate standards to cope with).

It is also possible that new exchanges added to the system will have requirements not
envisaged when the data formats were originally agreed; this would require a change to the
NOTES
existing standard or the introduction of an additional standard. The overall picture is one of
unnecessary complexity and incompatibility. EDI standards overcome these difficulties.
The EDI standard provides, or attempts to provide, a standard for data interchange that is:
• Ready formulated and available for use;

• Comprehensive in its coverage of the data requirements for any given
transaction;
• Independent of hardware and software;
• Independent of the special interest of any party in the trading network.
EDI Standards provide a common language for the interchange of standard

transactions.
Most of the work on EDI standards has been concerned with the interchange of
trade documentation and financial transactions but the principle applies to any interchange
where the data can be systematized and codified. EDI standards are used for the interchange
of information as diverse as weather station readings and school exam results. Now let’s
see how the various standards evolve.
National and Sectorial Standards
Evolution of EDI Standards
The first EDI standards evolved from the formats used for file transfer of data
between computer applications. The evolution of EDI standards can be seen as having
three stages (although in practice it was and is somewhat more complex than that):
1. The first formats that might properly be called EDI were developed by organizations
that had to process data from a large number of customer organizations. The data
recipients set the standard and the customers conformed to it.
2. The concept of EDI as an application independent interchange standard evolved
and several industry sector and / or national standards bodies developed EDI
standards to meet the needs of a specific user community.

DBA 1727
3. The requirements of international and cross sector trade meant that the sector and
NOTES national standards were becoming an impediment to the further development of
electronic trading. EDIFACT was developed, under the auspices of the United
Nations (UN), as a universal standard for commercial EDI.
The International EDI Standard
As already outlined, EDI developed in closed user communities within trade sectors
and / or national boundaries. The use of sector and national standards for this type of trade
was satisfactory. However, as electronic trade developed to cover wider trading relationships
there is a growing problem of trade between organisations using different EDI standards.
In addition to the problem of cross sector trade there is a desire to use EDI for
international trade. This (sensibly) requires a common format for the exchange of the standard
business forms (order, invoice, etc.) between organisations in differing countries.
International trade also requires a great deal of additional documentation for shipping,
customs authorities, international credit arrangements, etc. - all of this is potentially electronic
and obviously a common format is very desirable. To facilitate this cross sector and
international development of EDI the EDIFACT standard has been, and is being,
developed.
EDIFACT is the United Nations standard of Electronic Data
2.5.7 Business - TO - Business Actions
Business – to-business auctions are growing very rapidly due to the following
benefits they provide:
Generating Revenue
• New sales channel that supports existing online sales. For example, Weirton
steel Corp. doubled its customer base when it started auctions,
• New venue for disposing of excess, obsolete, and returned products quickly
and easily.

Increasing Page Views

NOTES
• Auctions give “stickiness”. Auction users spend more time on a site and
generate more page views than other users.
Acquiring and Retaining Members
• All bidding transactions result in additional registered members.
There are three major types of B2B auctions according to Forrester Research:
1. Independent auctions. In this case companies use a third – party auctioneer to create
the site and sell the goods. (e.g., www.fairmarket.com, www.imx exchange.com,
and www.auctionagate.com).
2. Commodity auctions. In this case many buyers and sellers come together to a third
– party Web site. For example, access energy, utilities, and telecommunications are
sold at www.band – x.com. The Dutch flower market is another example. Typical
intermediaries are www.metalsite.net and www.fastparts.com.
3. Private auctions by invitation only. Several companies by pass the intermediaries
and auction their products by themselves. Ingram Micro has its own site,
www.autionblock.com, for selling obsolete computer equipment to its regular business
customers.
2.5.8 Business – TO – Business Services
Many companies provide services that are intended to facilitate B2B. Some of
these services are provided by intermediaries, others by specialists. Here are some examples.
CommerceNet
CommerceNet (www.commerce.net) is a global non-profit membership

organization that aims to meet the needs of companies doing EC. It targets promoting and
supporting emerging communities of EC.
CommerceNet established a forum for companies doing EC to meet and exchange

their experiences, while introducing the latest technology to them to facilitate their business.

DBA 1727
It does contain information about members, which can be buyer or supplier companies.
NOTES However, no specific product information is stored in its database. In fact, CommerceNet
mainly acts as a services provider, not dealing with any of the individual transactions.
CommerceNet also certifies Internet-enabled EDI products.
Open Buying on the Internet
The Open Buying on the Internet (OBI) Consortium (www.openbuy.org) is a non-profit

organization dedicated to developing open standards for B2B Internet commerce.
Membership in the consortium, an independent collaborative managed by CommerceNet,
is open to buying and selling organizations, technology providers, financial institutions, and
other interested parties on an annual fee basis.
ConnectUS
ConnectUS is an online service designed for use by companies paying with

corporate purchasing cards. It is basically for – fee database, operated by Thomas Publishing
Co. and General Electric Information Systems, allowing companies to search for suppliers
anywhere in the world. The service may cut up to 90 percent of the transaction cost for the
average ($150) purchase. ConnectUS also aids companies in overcoming the shortfalls of
purchasing card programs, which are difficult to audit, sometimes resulting in vendor
overpayment.
ConnectUS provides all the necessary information that supports card purchasing
and facilities trades done EDI. The service is now as part of www.geis.com and
www.thomasregister.com systems.
Summary
1. EC and Retailing: Retailing is expected to change with the rapid development of

new online sales and distribution channels that literally can be used from anywhere,
anytime-from work, school, a hotel, car, or airplane. These developments should
impact retailing as much as the advent of strip malls, catalogue retailing, and TV-
based home shopping.

2. There are several models for e-retailing and these include

Specialized e-store
NOTES
Generalized e-store
E-mall
Direct selling by the manufacturer
Supplementary distribution channel
E-broker
E-services
3. Internet Marketing: Internet marketing is the process of building and maintaining

customer relation-ships through online activities to facilitate the exchange of ideas,
products, and services that satisfy the goals of both parties.
4. E-commerce Sales strategy: There are several major advantages to developing

an e-commerce sales strategy: Efficiency, Convenience, Speed, Accuracy, Global
Reach, Low Cost Entry, Up-to-date Status and Alerts.
5. E-Services: The delivery of services via the internet to consumers or other businesses
can be referred to by the generic term of e-services. There is a wide range of e-
services currently offered through the internet and these include banking, loans, stock
trading, jobs and career sites, travel, education, consultancy advice, insurance, real
estate, broker services, on-line publishing, and on-line delivery of media content
such as videos, computer games, etc We organize e-services into the following
categories, namely Web-enabling services, Matchmaking services, Entertainment
services, Specialized services such as auctions
6. EC in Banking: The role of electronic commerce in banking is multifaceted impacted

by changes in technology, rapid deregulation of many parts of finance, the emergence
of new banking institutions, and basic economic restructuring.
7. EC and On-line publishing: The Web may have blossomed because of peer-to-
peer publishing, but judging from recent product offerings, there is an enormous
groundswell of interest among both commercial and corporate publishers in the
Web.

DBA 1727
8. B2B EC: In business-to-business electronic commerce businesses use the Internet

NOTES to integrate the value- added chain, which can extend from the supplier of raw
materials to the final consumer. Business for business dominates the total value of e-
commerce activity, accounting for about 80 per cent at present.
1. How do you differentiate between traditional and E retailing?

2. What are the benefits of E retailing for a customer?
3. What are the benefits of E retailing for a business?
4. Describe the several models of E-retailing?
5. What is Internet Marketing?
6. What are the E-Business issues?
7. What is CRM?
8. What are the critical success factors for internet marketing executives/?
9. Discuss about the wide variety of E-Services?
10. How do you find E-education to be better than the traditional one?
11. What are the advantages of E-banking?
12. What is On-line banking? Discuss the management issues in On-Line banking?
13. Discuss about on-line publishing and its strategies
14. What is B2B EC? List the characteristics of B2B EC.
15. What is E-Marketplace in a B2B EC?
16. Discuss B2B auctions and B2B services

NOTES
UNIT III
E-COMMERCE INFRASTRUCTURE
3.1 INTERNET
3.1.1 What is the Internet?
The Internet is a worldwide, publicly accessible series of interconnected computer

networks that transmit data by packet switching using the standard Internet Protocol (IP).
It is a “network of networks” that consists of millions of smaller domestic, academic,
business, and government networks, which together carry various information and services,
such as electronic mail, online chat, file transfer, and the interlinked web pages and other
resources of the World Wide Web (WWW).
The Internet and the World Wide Web are not synonymous. The Internet is a
collection of interconnected computer networks, linked by copper wires, fiber-optic cables,
wireless connections, etc. In contrast, the Web is a collection of interconnected documents
and other resources, linked by hyperlinks and URLs. The World Wide Web is one of the
services accessible via the Internet, along with various others including e-mail, file sharing,
online gaming and others described below.
America Online, Comcast, Earthlink, etc. are examples of Internet service

providers. They make it physically possible for you to send and access data from the
Internet. They allow you to send and receive data to and from their computers or routers
which are connected to the Internet.
World Wide Web is an example of an information protocol/service that can be

used to send and receive information over the Internet. It supports:
• Multimedia Information (text, movies, pictures, sound, programs . . . ).

DBA 1727
• Hypertext Information (information that contains links to other information

NOTES resources)
• Graphic User Interface (so users can point and click to request information
instead of typing in text commands).
The server software for the World Wide Web is called an HTTP server (or
informally a Web server). Examples are Apache and IIS. The client software for World
Wide Web is called a Web browser. Examples are: Netscape, Internet Explorer, Safari,
Firefox, and Mozilla. These examples are particular “brands” of software that have a
similar function, just like Lotus 123 and Excel are both spreadsheet software packages.
3.1.2 Internet Structure
The Internet is an international network of computers connected by wires such

as telephone lines. Schools, businesses, government offices, and many homes use the
Internet to communicate with one another. You have access to the Internet when you
work in one of this university’s computer labs. You also may have access at home or in
your residence hall. If not, you can obtain access once you have three things. First, you
need a computer and a modem, a device that allows you to connect your computer with
the Internet. Many new computers have built-in modems. Second, you need a browser,
a piece of software that allows you to view information on the Internet. Many new computers
also come with a browser, usually Internet Explorer. You also can download another
popular browser, Netscape Navigator, from the Internet for free. Finally, you need to
subscribe to an Internet Service Provider, or ISP, such as America Online or Carolina
Online.
One popular component of the Internet is electronic mail, or e-mail, which people
at separate locations can use to send messages to one another. In general, each of these
people has an e-mail address, which usually looks something like this:
mark.canada@uncp.edu. The first part of the address (.mark.canada) specifies the individual
user, and the rest of the address refers to the server (uncp.edu), which is a computer that
can store a lot of information.
In addition to allowing people to send e-mail messages to one another, the Internet
also allows organizations and individuals to post information about themselves so that
others can see it. For example, many companies post pictures and descriptions on World

Wide Web sites. In fact, you can set up your own World Wide Web site by reserving
space on a server. To understand how this process works, imagine that you wanted to
NOTES
store some articles you have written at a library so that people could come and read them.
First, you would need to obtain permission from the librarians, who would assign you a
folder where they would store your articles. Whenever you finished a new article, you
would put a name on it and send it to the librarians, who would then place it in your folder.
When people wanted to read one of these articles, they would need to know the address
of the library, the name of your folder, and the name of the specific article they want to
read. When they supplied this information, the librarian would give them the article they
want.
The World Wide Web works the same way. First you need to identify an Internet
company (librarian) and ask permission to save Web pages (articles) on its server (library).
The company (librarian) then assigns you a directory (folder) where it will store your Web
pages (articles). As you create each Web page (article), you give it a filename (name) and
publish it on the server (send it to the library). When people want to read your Web page
(article), they need your Web address, sometimes called a Uniform Resource Locator, or
URL. The URL consists of the domain name of the server (address of the library), name
of your directory (name of your folder), and the filename of the particular Web page (name
of article).
3.1.3 The Internet and its Characteristics
The Internet by the late 1990s has evolved into a complex environment. Originally
a military communication’s network it is now routinely used for five types of operations: (i)
long-distance transactions (e.g. e-commerce, form-filling, remote work, entertainment);
(ii) interpersonal communication; (iii) data storage; (iv) research (i.e. data finding); (v)
remote data access and downloading.
The Internet is a dynamic and mercurial system endowed with a number of traits.
These are:
1. Technological neutrality. The Internet joins together computers of various sizes

and architectures. They may run on various operating systems and utilise a great
variety of communication links.

DBA 1727
2. Built-in piecemeal change and evolution. The Internet is not a one-off

NOTES development. It is an energetic, polycentric, complex, growing, and self-refining
system. It is a network which is geared to expansion and growth. It is a system
which scales up extremely well.
3. Robustness and reliability. All basic technical features of the Net such as the
TCP/IP (transfer control protocol/internet protocol) (Kessler and Shepard 1997),
the multiplicity of routes followed by the packet-switched data, and the sturdiness
of related software are designed to eliminate errors, to handle unexpected interruptions
and interferences, to advise users of encountered difficulties and to recover gracefully
from any disasters and down-times.
4. Low cost. The Internet makes new uses of old technologies (standalone computers,
operating systems, telecommunication networks). Whenever possible, Internet
operations piggyback on already existing solutions. They rely on modularised,
configurable, easy-to-replace, and easy-to-upgrade off-the-shelf software and
hardware.
5. Ubiquity. The robustness, modularisation and low cost of the system is coupled
with the growing densities of dedicated computer lines, network backbones, as well
as wired and wireless phone networks. This means that Internet-enabled tools are
deployed in ever growing numbers in an ever widening range of environments
3.1.4 The Internet Tools and their Characteristics
The evolution of the Internet is punctuated by the introduction and mass acceptance
of such key resources and tools as Unix, Email, Usenet newsgroups, Telnet, Listserv Mailing
List Software, File Transfer Protocol, Internet Relay Chat, WAIS, Gopher, WWW, and
more recently by the Altavista search engine, Java language
UNIX
The foundations of an operating system called Unix were laid at AT&T Bell
Laboratories in 1969. Unix is not a product of Internet culture. It is its catalyst and
cornerstone. Internet culture owes Unix a major debt in the four areas. These conceptual
and procedural debts are: multitasking, community fostering, openness and extensibility,
and public access to the source code. Let’s briefly look at each of these debts.

Unix was one of the first operating systems which embodied the principle of
multitasking (time-sharing). In most general terms it means that several users could
NOTES
simultaneously operate within a single environment and that the system as a whole coped
well with this complicated situation. Unix was the first operating system which demonstrated
in practical terms robustness and tolerance for the variety of it’s users simultaneous activities.
Email
Email is the first of the Internet’s tools dedicated to the provision of fast, simple
and global communication between people. This revolutionary client/server software implied
for the first time that individuals (both as persons and roles) could have their unique electronic
addresses. Within this framework messages were now able to chase their individual
recipients anywhere in the world.
The initial format of email communication was that of a one-to-one exchange of

electronic messages. This simple function was subsequently augmented by email’s ability
to handle various attachments, such as documents with complex formatting, numbers and
graphic files. Later, with the use of multi-recipient mailing lists electronic mail could be used
for simple multicasting of messages in the form of one-to-many transmissions.
Usenet Newsgroups
Usenet (Unix Users Network), the wide-area array of sites collating and swapping
UUCP-based messages was pioneered in 1979. Usenet was originally conceived as a
surrogate for the Internet (then called ARPANET). It was to be used by people who did
not have ready access to the TCP/IP protocol and yet wanted to discuss their various Unix
tools. It was only in 1987 that the NNTP (Network News Transfer Protocol) was established
in order to enable Usenet to be carried on the Internet (i.e. TCP/IP) networks (Laursen
1997).

DBA 1727
Telnet
NOTES
The networking tool called Telnet was invented in 1980 (Postel 1980). It allowed
people (with adequate access rights) to login remotely into any networked computer in the
world and to employ the usual gamut of computer commands. Thereby files and directories
could be established, renamed and deleted; electronic mail read and dispatched; Usenet
flame wars indulged in; and statistical packages run against numeric data - all at a distance.
Moreover, results of all these and other operations could be remotely directed to a printer
or via FTP to another networked computer. In short, Telnet gave us the ability to engage in
long distance man-machine transactions, that is, ability to do the work as telecommuters.
File Transfer Protocol
The FTP client/server technology was first introduced in 1985 (Barnes 1997). Its
usefulness to Internet culture is three-fold.
Firstly, the FTP was a first widely-accepted tool for systematic permanent storage
and world-wide transmission of substantial electronic information (e.g. programs, text files,
image files). Secondly, FTP archives promoted the use of anonymous login (i.e. limited
public access) techniques as a way of coping with the mounting general requests for access
to the archived information. That novel technique placed electronic visitors in a strictly
circumscribed work environment. There they could browse through data subdirectories,
copy relevant files, as well as deposit (within the context of a dedicated area) new digital
material. However, the FTP software would not let them wander across other parts of the
host, nor did the visitors have the right to change any component part of the accessed
electronic archive.
Thirdly, the rapid proliferation in the number of public access FTP archives all over
the world necessitated techniques for keeping an authoritative, up-to-date catalogue of
their contents. This was accomplished through the Archie database (Deutsch et al. 1995)
and its many mirrors. Archie used an automated process which periodically scanned the
entire contents of all known “anonymous FTP” sites and report findings back to its central
database. This approach, albeit encumbered by the need to give explicit instructions as to
which of the FTP systems need to be monitored, nevertheless integrated a motley collection
of online resources into a single, cohesive, distributed information system.

3.1.5 Web based Client/Server

NOTES
Gopher
Gopher client/server software was used for the first time in 1991 (La Tour nd; Liu,
C. et al. 1994). It was a ground-breaking development on two accounts. Firstly, it acted
as a predictable, unified environment for handling an array of other electronic tools, such
as Telnet, FTP and WAIS. Secondly, Gopher acted as electronic glue which seamlessly
linked together archipelagos of information tracked by and referenced by other gopher
systems. In short, Gopher was the first ever tool capable of the creation and mapping of a
rich, large-scale, and infinitely extendable information space.
World Wide Web Server
The first prototype of the WWW server was built in 1991 (Cailliau 1995, Berners-
Lee, nd; Berners-Lee 1998). The WWW server is an invention which has redefined the
way the Internet is visualized by its users.
Firstly, the WWW server introduced to the Internet the powerful point-and-click
hypertext capabilities. The hypertext notions of a home page and links spanning the entire
body of data was first successfully employed on a small, standalone scale in 1986 in the
Macintosh software called Hypercard (Goodman 1987). The WWW however, was the
first hypertext technology applied to distributed online information. This invention was
previously theoretically anticipated by a number of writers, including in the 1945 by Vannevar
Bush of the Memex fame, and again in the 1965 by Theodor Nelson who embarked on
the never-completed Project Xanadu (Nielsen 1995, Gilster 1997:267). Hypertext itself
is not an new idea. It is already implicitly present (albeit in an imperfect because a paper-
based form) in the first alphabetically ordered dictionaries such as Grand dictionnaire
historique, compiled in 1674 by Louis Moreriego; or John Harris’ Lexicon Technicum
which was published in 1704 (PWN 1964). It is also evident in the apparatus, such as
footnotes, commentaries, appendices and references, of a 19th century scholarly
monograph.
The hypertext principle as employed by the WWW server meant that any part of
any text (and subsequently, image) document could act as a portal leading directly to any
other nominated segment of any other document anywhere in the world.

DBA 1727
Secondly, the WWW server introduced an explicit address for subsets of

NOTES information. Common and simple addressing methodology (Universal Resource Locater
[URL] scheme) enabled users to uniquely identify AND access any piece of networked
information anywhere in the document, or anywhere on one’s computer, or - with the same
ease - anywhere in the world.
Thirdly, the WWW provided a common, simple, effective and extendable language
for document markup. The HTML language could be used in three different yet
complementary ways: (a) as a tool for establishing the logical structure of a document; (b)
as a tool for shaping the size, appearance and layout of lines of text on the page; (c) as a
tool for building the internal (i.e. within the same document) and external (to a different
document residing on the same or totally different server) hypertext connections.
The interlocking features of the hypertext, URLs and the markup language, have
laid foundations for today’s global, blindingly fast and infinitely complex cyberspace.
Moreover, the World Wide Web, like gopher before it, was also a powerful electronic
glue which smoothly integrated not only most of the existing Internet tools (Email, Usenet,
Telnet, Listservs FTP, IRC, and Gopher (but, surprisingly, not WAIS), but also the whole
body of online information which could accessed by all those tools.
However, the revolutionary strengths of the Web have not been immediately obvious
to the most of the Internet community, who initially regarded the WWW as a mere (and
possibly clumsy) variant of the then popular Gopher technology. This situation has changed
only with the introduction of PC-based Web browsers with user-friendly, graphics-interfaces.
World Wide Web Browsers
The principle of a client/server division of labour was put to work yet again in the
form of a series of WWW browsers such as Mosaic (built in 1993), Lynx (which is an
ASCII, Telnet-based client software), Erwise, Viola, Cello, as well as, since 1994, several
editions of Netscape and Explorer Each of the Web browsers, except for Lynx, which
constitutes a deliberately simplified and thus very fast software, provided Internauts with
series of novel capabilities.
These are: (a) an ability to handle multi-format, or multimedia (numbers, text, images,
animations, video, sound) data within the framework of a single online document; (b) the

ability to configure and modify the appearance of received information in a manner which
best suits the preferences of the reader; (c) the ability to use the browser as a WYSIWYG
NOTES
(“what you see is what you get”) tool for crafting and proofreading of the locally created
HTML pages on a user’s PC; (d) ability to acquire, save and display the full HTML source
code for any and all of the published web documents.
3.1.6 Elements of Internet Architecture
• Protocol Layering
• Networks
• Routers
• Addressing Architecture
Protocol Layering
To communicate using the Internet system, a host must implement the layered set
of protocols comprising the Internet protocol suite. A host typically must implement at least
one protocol from each layer.
The protocol layers used in the Internet architecture are as follows
Application Layer
The Application Layer is the top layer of the Internet protocol suite. The Internet
suite does not further subdivide the Application Layer, although some application layer
protocols do contain some internal sub-layering. The application layer of the Internet suite
essentially combines the functions of the top two layers - Presentation and Application - of
the OSI Reference Model [ARCH:8]. The Application Layer in the Internet protocol suite
also includes some of the function relegated to the Session Layer in the OSI Reference
Model.
We distinguish two categories of application layer protocols: user protocols that

provide service directly to users, and support protocols that provide common system
functions. The most common Internet user protocols are:

DBA 1727
• Telnet (remote login)

NOTES • FTP (file transfer)
• SMTP (electronic mail delivery)
There are a number of other standardized user protocols and many private user
protocols.
Support protocols, used for host name mapping, booting, and management include
SNMP, BOOTP, TFTP, the Domain Name System (DNS) protocol, and a variety of
routing protocols.
Transport Layer
The Transport Layer provides end-to-end communication services. This layer is

roughly equivalent to the Transport Layer in the OSI Reference Model, except that it also
incorporates some of OSI’s Session Layer establishment and destruction functions.
There are two primary Transport Layer protocols at present:
• Transmission Control Protocol (TCP)

• User Datagram Protocol (UDP)
TCP is a reliable connection-oriented transport service that provides end-to-end

reliability, resequencing, and flow control. UDP is a connectionless (datagram) transport
service. Other transport protocols have been developed by the research community, and
the set of official Internet transport protocols may be expanded in the future.
Internet Layer
All Internet transport protocols use the Internet Protocol (IP) to carry data from
source host to destination host. IP is a connectionless or datagram internetwork service,
providing no end-to-end delivery guarantees. IP datagrams may arrive at the destination
host damaged, duplicated, out of order, or not at all. The layers above IP are responsible
for reliable delivery service when it is required. The IP protocol includes provision for
addressing, type-of-service specification, fragmentation and reassembly, and security.

The datagram or connectionless nature of IP is a fundamental and characteristic

feature of the Internet architecture.
NOTES
The Internet Control Message Protocol (ICMP) is a control protocol that is

considered to be an integral part of IP, although it is architecturally layered upon IP - it uses
IP to carry its data end-to-end. ICMP provides error reporting, congestion reporting, and
first-hop router redirection.
The Internet Group Management Protocol (IGMP) is an Internet layer protocol

used for establishing dynamic host groups for IP multicasting.
Link Layer
To communicate on a directly connected network, a host must implement the
communication protocol used to interface to that network. We call this a Link Layer protocol.
Some older Internet documents refer to this layer as the Network Layer, but it is
not the same as the Network Layer in the OSI Reference Model.
This layer contains everything below the Internet Layer and above the Physical
Layer (which is the media connectivity, normally electrical or optical, which encodes and
transports messages). Its responsibility is the correct delivery of messages, among which it
does not differentiate.
Protocols in this Layer are generally outside the scope of Internet standardization;
the Internet (intentionally) uses existing standards whenever possible. Thus, Internet Link
Layer standards usually address only address resolution and rules for transmitting IP packets
over specific Link Layer protocols.

DBA 1727
Networks
NOTES
The constituent networks of the Internet system are required to provide only packet
(connectionless) transport. According to the IP service specification, datagrams can be
delivered out of order, be lost or duplicated, and/or contain errors.
For reasonable performance of the protocols that use IP (e.g., TCP), the loss rate
of the network should be very low. In networks providing connection-oriented service, the
extra reliability provided by virtual circuits enhances the end-end robustness of the system,
but is not necessary for Internet operation.
Constituent networks may generally be divided into two classes:
• Local-Area Networks (LANs) LANs may have a variety of designs. LANs

normally cover a small geographical area (e.g., a single building or plant site)
and provide high bandwidth with low delays. LANs may be passive (similar
to Ethernet) or they may be active (such as ATM).
• Wide-Area Networks (WANs) Geographically dispersed hosts and LANs
are interconnected by wide-area networks, also called long-haul networks.
These networks may have a complex internal structure of lines and packet-
switches, or they may be as simple as point-to-point lines.
Routers
In the Internet model, constituent networks are connected together by IP datagram

forwarders which are called routers or IP routers. In this document, every use of the term
router is equivalent to IP router. Many older Internet documents refer to routers as gateways.
Historically, routers have been realized with packet-switching software executing

on a general-purpose CPU. However, as custom hardware development becomes cheaper
and as higher throughput is required, special purpose hardware is becoming increasingly
common. This specification applies to routers regardless of how they are implemented.
A router connects to two or more logical interfaces, represented by IP subnets or

unnumbered point to point lines . Thus, it has at least one physical interface. Forwarding an
IP datagram generally requires the router to choose the address and relevant interface of

the next-hop router or (for the final hop) the destination host. This choice, called relaying
or forwarding depends upon a route database within the router. The route database is also
NOTES
called a routing table or forwarding table. The term “router” derives from the process of
building this route database; routing protocols and configuration interact in a process called
routing.
The routing database should be maintained dynamically to reflect the current

topology of the Internet system. A router normally accomplishes this by participating in
distributed routing and reachability algorithms with other routers.
Routers provide datagram transport only, and they seek to minimize the state
information necessary to sustain this service in the interest of routing flexibility and robustness.
Packet switching devices may also operate at the Link Layer; such devices are
usually called bridges. Network segments that are connected by bridges share the same IP
network prefix forming a single IP subnet. These other devices are outside the scope of
this document.
3.1.7 Common uses of the Internet
E-mail
The concept of sending electronic text messages between parties in a way analogous
to mailing letters or memos predates the creation of the Internet. Even today it can be
important to distinguish between Internet and internal e-mail systems. Internet e-mail may
travel and be stored unencrypted on many other networks and machines out of both the
sender’s and the recipient’s control. During this time it is quite possible for the content to
be read and even tampered with by third parties, if anyone considers it important enough.
Purely internal or intranet mail systems, where the information never leaves the corporate
or organization’s network, are much more secure, although in any organization there will
be IT and other personnel whose job may involve monitoring, and occasionally accessing,
the e-mail of other employees not addressed to them.
The World Wide Web
Many people use the terms Internet and World Wide Web (or just the Web)
interchangeably, but, as discussed above, the two terms are not synonymous.

DBA 1727
The World Wide Web is a huge set of interlinked documents, images and other
NOTES resources, linked by hyperlinks and URLs. These hyperlinks and URLs allow the web
servers and other machines that store originals, and cached copies, of these resources to
deliver them as required using HTTP (Hypertext Transfer Protocol). HTTP is only one of
the communication protocols used on the Internet.
Web services also use HTTP to allow software systems to communicate in order
to share and exchange business logic and data.
Software products that can access the resources of the Web are correctly termed
user agents. In normal use, web browsers, such as Internet Explorer and Firefox, access
web pages and allow users to navigate from one to another via hyperlinks. Web documents
may contain almost any combination of computer data including photographs, graphics,
sounds, text, video, multimedia and interactive content including games, office applications
and scientific demonstrations.
Through keyword-driven Internet research using search engines like Yahoo! and
Google, millions of people worldwide have easy, instant access to a vast and diverse
amount of online information. Compared to encyclopedias and traditional libraries, the
World Wide Web has enabled a sudden and extreme decentralization of information and
data.
It is also easier, using the Web, than ever before for individuals and organizations
to publish ideas and information to an extremely large audience. Anyone can find ways to
publish a web page or build a website for very little initial cost. Publishing and maintaining
large, professional websites full of attractive, diverse and up-to-date information is still a
difficult and expensive proposition, however.
Many individuals and some companies and groups use “web logs” or blogs, which
are largely used as easily updatable online diaries. Some commercial organizations encourage
staff to fill them with advice on their areas of specialization in the hope that visitors will be
impressed by the expert knowledge and free information, and be attracted to the corporation
as a result. One example of this practice is Microsoft, whose product developers publish
their personal blogs in order to pique the public’s interest in their work.
Collections of personal web pages published by large service providers remain

popular, and have become increasingly sophisticated. Whereas operations such as Angelfire

and GeoCities have existed since the early days of the Web, newer offerings from, for
example, Facebook and MySpace currently have large followings. These operations often
NOTES
brand themselves as social network services rather than simply as web page hosts.
Advertising on popular web pages can be lucrative, and e-commerce or the sale
of products and services directly via the Web continues to grow.
In the early days, web pages were usually created as sets of complete and isolated
HTML text files stored on a web server. More recently, websites are more often created
using content management system (CMS) or wiki software with, initially, very little content.
Contributors to these systems, who may be paid staff, members of a club or other
organization or members of the public, fill underlying databases with content using editing
pages designed for that purpose, while casual visitors view and read this content in its final
HTML form. There may or may not be editorial, approval and security systems built into
the process of taking newly entered content and making it available to the target visitors.
Remote access
The Internet allows computer users to connect to other computers and information
stores easily, wherever they may be across the world. They may do this with or without the
use of security, authentication and encryption technologies, depending on the requirements.
This is encouraging new ways of working from home, collaboration and information
sharing in many industries. An accountant sitting at home can audit the books of a company
based in another country, on a server situated in a third country that is remotely maintained
by IT specialists in a fourth. These accounts could have been created by home-working
bookkeepers, in other remote locations, based on information e-mailed to them from offices
all over the world. Some of these things were possible before the widespread use of the
Internet, but the cost of private leased lines would have made many of them infeasible in
practice.
An office worker away from his desk, perhaps on the other side of the world on a
business trip or a holiday, can open a remote desktop session into his normal office PC
using a secure Virtual Private Network (VPN) connection via the Internet. This gives the
worker complete access to all of his or her normal files and data, including e-mail and
other applications, while away from the office.

DBA 1727
This concept is also referred to by some network security people as the Virtual Private
NOTES Nightmare, because it extends the secure perimeter of a corporate network into its
employees’ homes; this has been the source of some notable security breaches, but also
provides security for the workers.
Collaboration
The low cost and nearly instantaneous sharing of ideas, knowledge, and skills has
made collaborative work dramatically easier. Not only can a group cheaply communicate
and test, but the wide reach of the Internet allows such groups to easily form in the first
place, even among niche interests. An example of this is the free software movement in
software development, which produced GNU and Linux from scratch and has taken over
development of Mozilla and OpenOffice.org (formerly known as Netscape Communicator
and StarOffice). Films such as Zeitgeist, Loose Change and Endgame have had extensive
coverage on the Internet, while being virtually ignored in the mainstream media.
Internet “chat”, whether in the form of IRC “chat rooms” or channels, or via instant
messaging systems, allow colleagues to stay in touch in a very convenient way when working
at their computers during the day. Messages can be sent and viewed even more quickly
and conveniently than via e-mail. Extension to these systems may allow files to be exchanged,
“whiteboard” drawings to be shared as well as voice and video contact between team
members.
Version control systems allow collaborating teams to work on shared sets of

documents without either accidentally overwriting each other’s work or having members
wait until they get “sent” documents to be able to add their thoughts and changes.
File sharing
A computer file can be e-mailed to customers, colleagues and friends as an

attachment. It can be uploaded to a website or FTP server for easy download by others.
It can be put into a “shared location” or onto a file server for instant use by colleagues. The
load of bulk downloads to many users can be eased by the use of “mirror” servers or
peer-to-peer networks.

In any of these cases, access to the file may be controlled by user authentication;
the transit of the file over the Internet may be obscured by encryption, and money may
NOTES
change hands before or after access to the file is given. The price can be paid by the
remote charging of funds from, for example, a credit card whose details are also passed—
hopefully fully encrypted—across the Internet. The origin and authenticity of the file received
may be checked by digital signatures or by MD5 or other message digests.
These simple features of the Internet, over a worldwide basis, are changing the
basis for the production, sale, and distribution of anything that can be reduced to a computer
file for transmission. This includes all manner of print publications, software products,
news, music, film, video, photography, graphics and the other arts. This in turn has caused
seismic shifts in each of the existing industries that previously controlled the production and
distribution of these products.
Internet collaboration technology enables business and project teams to share

documents, calendars and other information. Such collaboration occurs in a wide variety
of areas including scientific research, software development, conference planning, political
activism and creative writing.
Streaming media
Many existing radio and television broadcasters provide Internet “feeds” of their
live audio and video streams (for example, the BBC). They may also allow time-shift
viewing or listening such as Preview, Classic Clips and Listen Again features. These providers
have been joined by a range of pure Internet “broadcasters” who never had on-air licenses.
This means that an Internet-connected device, such as a computer or something more
specific, can be used to access on-line media in much the same way as was previously
possible only with a television or radio receiver. The range of material is much wider, from
pornography to highly specialized, technical web casts. Pod casting is a variation on this
theme, where—usually audio—material is first downloaded in full and then may be played
back on a computer or shifted to a digital audio player to be listened to on the move. These
techniques using simple equipment allow anybody, with little censorship or licensing control,
to broadcast audio-visual material on a worldwide basis.
Webcams can be seen as an even lower-budget extension of this phenomenon.

While some webcams can give full-frame-rate video, the picture is usually either small or

DBA 1727
updates slowly. Internet users can watch animals around an African waterhole, ships in the
NOTES Panama Canal, the traffic at a local roundabout or their own premises, live and in real time.
Video chat rooms, video conferencing, and remote controllable webcams are also popular.
Many uses can be found for personal webcams in and around the home, with and without
two-way sound.
You Tube, sometimes described as an Internet phenomenon because of the vast

amount of users and how rapidly the site’s popularity has grown, was founded on February
15, 2005. It is now the leading website for free streaming video. It uses a flash-based web
player which streams video files in the format FLV. Users are able to watch videos without
signing up; however, if users do sign up they are able to upload an unlimited amount of
videos and they are given their own personal profile. It is currently estimated that there are
64,000,000 videos on YouTube, and it is also currently estimated that 825,000 new videos
are uploaded every day.
Voice telephony (VoIP)
VoIP stands for Voice over IP, where IP refers to the Internet Protocol that underlies
all Internet communication. This phenomenon began as an optional two-way voice extension
to some of the instant messaging systems that took off around the year 2000. In recent
years many VoIP systems have become as easy to use and as convenient as a normal
telephone. The benefit is that, as the Internet carries the actual voice traffic, VoIP can be
free or cost much less than a normal telephone call, especially over long distances and
especially for those with always-on Internet connections such as cable or ADSL.
Thus, VoIP is maturing into a viable alternative to traditional telephones.

Interoperability between different providers has improved and the ability to call or receive
a call from a traditional telephone is available. Simple, inexpensive VoIP modems are now
available that eliminate the need for a PC.
Voice quality can still vary from call to call but is often equal to and can even
exceed that of traditional calls.
Remaining problems for VoIP include emergency telephone number dialling and
reliability. Currently, a few VoIP providers provide an emergency service, but it is not
universally available. Traditional phones are line-powered and operate during a power
failure; VoIP does not do so without a backup power source for the electronics.

Most VoIP providers offer unlimited national calling, but the direction in VoIP is
NOTES
clearly toward global coverage with unlimited minutes for a low monthly fee.
VoIP has also become increasingly popular within the gaming world, as a form of
communication between players. Popular gaming VoIP clients include Ventrilo and
Teamspeak, and there are others available also. The PlayStation 3 and Xbox 360 also
offer VoIP chat features.
Internet access
Common methods of home access include dial-up, landline broadband (over coaxial cable,
fiber optic or copper wires), Wi-Fi, satellite and 3G technology cell phones.
Public places to use the Internet include libraries and Internet cafes, where computers
with Internet connections are available. There are also Internet access points in many
public places such as airport halls and coffee shops, in some cases just for brief use while
standing. Various terms are used, such as “public Internet kiosk”, “public access terminal”,
and “Web payphone”. Many hotels now also have public terminals, though these are usually
fee-based. These terminals are widely accessed for various usage like ticket booking,
bank deposit, online payment etc. Wi-Fi provides wireless access to computer networks,
and therefore can do so to the Internet itself. Hotspots providing such access include Wi-
Fi cafes, where would-be users need to bring their own wireless-enabled devices such as
a laptop or PDA. These services may be free to all, free to customers only, or fee-based.
A hotspot need not be limited to a confined location. A whole campus or park, or even an
entire city can be enabled. Grassroots efforts have led to wireless community networks.
Commercial Wi-Fi services covering large city areas are in place in London, Vienna, Toronto,
San Francisco, Philadelphia, Chicago and Pittsburgh. The Internet can then be accessed
from such places as a park bench.
Apart from Wi-Fi, there have been experiments with proprietary mobile wireless
networks like Ricochet, various high-speed data services over cellular phone networks,
and fixed wireless services.
High-end mobile phones such as smartphones generally come with Internet access
through the phone network. Web browsers such as Opera are available on these advanced

DBA 1727
handsets, which can also run a wide variety of other Internet software. More mobile phones
NOTES have Internet access than PCs, though this is not as widely used. An Internet access provider
and protocol matrix differentiates the methods used to get online.
3.1.8 Marketing
The Internet has also become a large market for companies; some of the biggest
companies today have grown by taking advantage of the efficient nature of low-cost
advertising and commerce through the Internet, also known as e-commerce. It is the fastest
way to spread information to a vast number of people simultaneously. The Internet has
also subsequently revolutionized shopping—for example; a person can order a CD online
and receive it in the mail within a couple of days, or download it directly in some cases.
The Internet has also greatly facilitated personalized marketing which allows a company to
market a product to a specific person or a specific group of people more so than any other
advertising medium.
Examples of personalized marketing include online communities such as MySpace,

Friendster, Orkut, Facebook and others which thousands of Internet users join to advertise
themselves and make friends online. Many of these users are young teens and adolescents
ranging from 13 to 25 years old. In turn, when they advertise themselves they advertise
interests and hobbies, which online marketing companies can use as information as to what
those users will purchase online, and advertise their own companies’ products to those
users.
3.1.9 Online Internet Business Models
The outward signs of a robust and thriving business are:
• Revenue increases
• Ability to generate profits
• Success in creating meaningful alliances
• Success in expanding into new markets
• Differentiating itself from other business models

What are the key areas that a profitable web site needs to concentrate on?
NOTES
• Develop a unique e-business website
• Control the product line
• Introduce new products on a regular basis
• Ensure easy and reliable credit-card payment methods
• Provide customer-friendly policies
• On-time delivery
• Keep promises
• Develop a clever marketing strategy
• Be the best in your field
Existing business models are of many kinds:
• Advertising - banner and direct marketing

• Subscription sites
• Customer services
• Directory services
• Content providers
• Product sales
Most successful companies pursue several related but different models concurrently.
They defy easy categorization by diversifying revenue streams and becoming hybrids in a
cost-efficient way.
Let’s take a look at some of the top e-businesses in the field today:
• E-Bay
• HomeStore.com
• Oracle
• CISCO
• Amazon.com
• DoubleClick.com
• YAHOO!

DBA 1727
NOTES EBAY
A company that has emerged unscathed from the recent dot-com bust with profits
soaring to almost 400% and revenues doubling in the past one year. It has transformed
auctions that were limited to garage sales and flea markets into highly evolved e-
marketplaces. Selling just about anything, from antiques and jewelry to computers,
automobiles and even auto insurance, it has 29.7 million registered users today.
Adopting an amazing and unique culture, where buyers and sellers of all items are
allowed to post their comments online, where credit-card payment facilities are secure and
easy, the company projects a trustworthy and reliable image.
Apart from bidding, certain high quality goods can be sold at prices fixed by the
seller. This site also offers professional services for all kinds of business needs. A widespread
global reach makes its easy for a buyer in Hong Kong to bid and buy a product from a
seller in Paris while the regional sites in North America are able to offer hard-to-ship
merchandise.
Person-to-person trading and a barter economy have established the company on

a secure B2B and B2C platform. Other companies like Yahoo! and Excite have been
quick to catch on and incorporate auctions into their sites. Priceline.com, a site that offers
airline tickets on discount has begun experimenting quite successfully with this business
model.
To summarize, their business model can be elucidated thus:
• Automation of traditional methods of selling unique items

• Reliability in mode of payments
• Customer friendly company
• Professional services in addition to just plain selling of goods
• Global reach
• Regional diversification
• Successful advertising

HOMESTORE.COM
NOTES
Statistics have revealed that realty sites account for about 9.6% of all online visitors.
Homestore.com is a company that has dominated the real estate field with 3.28 million
customers in January 2001 and is listed among the Fortune top e-50. It registered a growth
of 252% at one stage.
Homestore.com’s internet business model allows prospective buyers to review

properties before buying. Is that all? No, they also offer financial advice, online loans, and
buyer’s guides to homes and household items, home improvement tips, remodeling, and
safety and security aspects. Useful advice when moving home and tips on resettling has
ensured user satisfaction to the core.
Their main revenue came in from subscriptions (52%) and the remaining from
advertising. As a subscription site they picked a specific topic which a segment of the
population would be passionate about and marketed their services through strategic
advertising.
Subscription sites that allow users access to a regularly updated online database
of any kind for a fee are fast evolving into healthy and strong e-businesses.
ORACLE
This software and service provider entered the digitized world only in 1998, and
metamorphosed into a digital pioneer in the span of two years. Innovative products and
services and integration of these services have brought them into the forefront of web
innovation today.
Internet business models like the Biz Online Initiative that deliver simple and complete
online services and a host of other tools that customers require in setting up an e-business
model, have made them a one stop shop for e-businesses today. Their built-in self-service
system for customers, employees and suppliers improved productivity and accuracy and
brought down costs by 100’s of millions of dollars. Consulting services with major firms
like Sun Professional Systems have established their reliability with customers.

DBA 1727
Their business formula:

NOTES
• Innovative products and packages
• Integration of internal processes
• Exemplary customer service - a user friendly web site that connects customers
easily
• Fast online e-business services
• Expert consultancy service
Another company using a similar business model is Exodus Communications, an

Internet data center that offers a range of web hosting services, bandwidth on demand,
security monitoring. Their servers host leading web sites like Yahoo!, e-Bay and Merril
Lynch. They allow these firms to deliver content and applications online round the clock
without fail.
35% of their revenue comes from a very successful e-business consulting firm
whom they have partnered with (Sapient). They are expanding from 19 data centers to 34
data centers this year.
CISCO
Cisco develops switches and routers for Local Area Networks (LAN) and Wireless
Area Networks (WAN) and the related software. They have become the worldwide leaders
in networking for the Internet today.
90% of their sales are conducted over the Internet. They offer expertise in planning
and executing Internet enabled solutions.
The company has grown in the past 7 years with 71 acquisitions to its credit, the
latest being its investments in an optical equipment company and speech recognition software
makers. Their business model could be termed an acquisition one!
AMAZON.COM
The customer is King here! Amazon pampers their customers, tracks their tastes
and uses this information to create a unique customer experience. This e-tailer cultivates
relationships that lead to customers liking and trusting them. This kind of service surpasses
the most brilliant technology in use today. Amazon brought in the world of successful one-
to-one marketing, a personal touch from another era.

Recently though, they have suffered heavy losses, proving that any successful e-
business strategy will survive provided it is based on a solid brick and mortar foundation,
NOTES
a la Barnes and Noble, another famous online bookseller. Although barnesandnoble.com
and Barnes the Noble Ltd. are run separately, a customer tends to associate trust and
comfort in a known and established brand.
To summarize, exemplary customer service, successful online advertising and special

discounted offers made Amazon and books synonymous terms today.
DOUBLECLICK.COM
This Fortune e-50 company offers a collection of premium sites for custom ad-
buys and sponsorships in various fields - Business, automobiles, entertainment, technology,
travel and health. They help markets build brands, increase sales, maximize revenue and
build one-to-one relationships with their customers. They offer agencies plans to manage
online campaigns.
Their direct marketing strategies use customer data to refine marketing messages
and increase investment returns. One of their divisions, Abacus is one of the largest databases
of buyer behavior in about 90 million households in the United States itself. Another division,
www.diameter.net conducts online research to evaluate and understand online campaigns
and strategies. Some of their clients include www.macromedia.com, www.nasdaq.com,
www.networldsolutions.com and www.palm.net.
The web has proven to be an amazing vehicle for advertising and reaching millions
without spending a dime on postage and printing. Stu Heinecke Services, an advertising
solutions company used personalized cartoon direct mail and achieved response rates as
high as 100%.
Online ads possess tremendous communication powers. Banner ads placed on

sites like CNN, Lycos, CompuServe, Pathfinder and The New York Times showed that:
• appropriate placement of the ad on specific targeted sites,

• using a search component or a woman’s face in a banner ad,
• using odd-shaped attention grabbing banners,
• including trading links with other sites, and
• hosting online chat are a sure fire way to get a response. Online advertising is
international advertising that gets a 24X7 exposure for much lesser costs.

DBA 1727
YAHOO!
NOTES
The “operating system” of the net and a site for evolving search engines, free news
and information services, online ads, banner ads, sports and news, video and audio, clubs
and auction stores has become the most popular directory in the web. The value of this
successful business model lies in its unique and easy categorization of all pages and subjects
- a completely professional looking web site in all.
But, a BPI (Buying Power Index) report reveals that more online buying and
popularity of a site don’t go hand in hand. Other search engines like Altavista, Excite and
Juno seem to have raked in more profits recently.
Online advertising was the main revenue for Yahoo!, but they didn’t really check
on what kind of ads worked online. Immediate success stopped them from evolving and
developing other important aspects of e-business. As a result, this year they have been
forced to cut budgets and ads, showing that generalized media doesn’t work compared to
specialized media. Also, all of Yahoo’s content is owned by other sites and only licensed
for their use.
Among the other successful dot-coms, trends revealed that online e-brokers offer
the best economic models among consumer-centered Internet companies. Instead of
spending on physical infrastructure they concentrated in increasing the volume of transactions.
1-800Flowers.com blended telephone and Internet technologies, Reflect.com, a

beauty customization site outlasted other higher profile e-tailers in the business, thus proving
that the basic B2C business model is valid.
Smart thinking, brilliant business plans, great and innovative promotional ideas are
an integral part of any e-success. There is no doubt that in the near future, an average
person anywhere in the world will surf the Internet more often than he or she watches
television or uses the telephone. As a result, it makes sense for entrepreneurs of all kinds to
come up with ideas of generating income by marketing their products or services to these
surfers. Competition in cyberspace may become even fiercer in the future and therefore
the right business plan is what will eventually ensure long-term success.

3.2 INTRANET
NOTES
3.2.1What is an Intranet?
The Internet has captured world attention in recent years. In reality, growth of
internal networks based on Internet technologies known as the Intranet is outpacing the
growth of the global Internet itself.
An Intranet is a company-specific network that uses software programs based on

the Internet TCP/IP protocol and common Internet user interfaces such as the web browser.
Simply put, an Intranet is the application of Internet technologies within an organization
private LAN or WAN network.
The Intranet environment is completely owned by the enterprise and is generally

not accessible from the Internet at large. Today, many Intranets are built around Web
servers delivering HTML pages.
An Intranet is a company-wide network that is based on Internet technologies.
3.2.2 TCP/IP protocol suite
The TCP/IP protocol suite includes the Transport Control Protocol, the Internet
Protocol and other protocols. The protocol suite manages all the information that moves

DBA 1727
across the Intranet and Internet and each protocol transferring data across the network
NOTES uses a different format. These protocols work together to transfer information across the
network. Table 3.2.2.a summaries the common TCP/IP protocols.
Commonly used TCP/IP protocols
TCP/IP exists as an open standard, anyone can use and develop new applications
on top of TCP/IP. It can manage almost all the network tasks on the Intranet and Internet
and is also the only protocol required to ensure that the computer systems and
communications and networking software are interoperable.
3.2.3 The benefits of Intranets
Cross-platform
Many corporate computing environments use different computing platforms. The

capability to exchange information across platforms is crucial. The Intranet enables
companies to unify communication within a multi-platform environment. Hence, companies
can mix and match platforms as needed with no adverse effect on the overall environment.
Within an Intranet, universal browsers such as Netscape Navigator and Microsoft

Internet Explorer enable the users to perform the following tasks independent of the platforms
used:

1 create, view and revise documents,

2 participate in discussions and news groups
NOTES
3 interact with multimedia presentation
4 gain access to the Internet
Breaking down the barriers
Intranets dissolve the barriers of communication that are created by department

walls, geographical location and decentralized resources. Intranets create global accessibility
by bringing together individuals and resources from a distributed environment. Employees,
customers and vendors are able to access information stored in multiple locations
simultaneously.
Reducing distribution cost
By combining computing and communication in the same system, Intranets reduce

distribution costs by eliminating the traditional paper-based internal corporate communication
media, such as printed pages, pamphlets, booklets and flyers. Instead, they are published
electronically on the company’s Intranet, saving the resources needed to print, distribute
and update them.
Putting manuals on-line is an example of how a company can reduce paper

consumption and hence costs. Most companies have found that hundreds of paper-based
applications can be eliminated using Intranets.
Immediate delivery
Information delivered using an Intranet becomes available almost instantaneously

throughout the entire organization. With HTML form-support, users may even fill out forms,
post sign-up sheets and schedules on the Intranet. Information can move much more quickly
and effectively by removing the need for human intervention.
For example, an employee can make a request for taking leave on an Intranet. The
request form can be filled out and submitted electronically and can reach the concerned
parties in seconds.

DBA 1727
Increase internal communication

NOTES
Intranets greatly facilitate communication among employees, especially when they
are located in different buildings, cities or countries. Individuals and groups can distribute
their ideas to those who need it without having to go through the department traditionally
responsible for the distribution of information.
Employees in Hong Kong can communicate easily through e-mail with their
counterparts in the United States. They can, for example, send project documents
electronically, create online forums on new policies and use videoconference to exchange
ideas.
Minimal learning curve
With the increase in popularity of the Internet and the World Wide Web, training
users to use the Intranet is easy as many people are already familiar with the Web interface
and can translate that experience to Intranet use quickly.
Many companies have designed their Intranet pages to look as similar to the Web
pages as possible.
Getting the customers involved
Involving the customers with a company’s Intranet will help that company’s focus
move from being product driven to being more customer driven. Customers are no longer
required to go through various layers of organizational hierarchies to reach those who build
the products or provide the service. Companies are able to build a long-lasting relationship
with their customers. Employees can learn first hand on how customers feel about the
company’s products and services.
At Sun Microsystems, for example, different departments are setting up their own
servers to serve their customers directly.

Open standards
NOTES
Internet technologies follow a set of open standards, which facilitate software
developers to develop cost effective and easy-to-implement Intranet solutions. Users can
choose from a number of vendors for software products.
The growth of Internet technologies provides companies with a greater pool of

resources to develop their own Intranets. Conversely, traditional GroupWare products
have a more limited range of compatible products and fewer specially trained consultants
to install and administer them.
Scalability
Since Intranets are based on Internet technologies, size is not a limitation with
Intranets.
Unlike traditional GroupWare products, which often charge on a per-client basis,

Intranets use open systems to distribute information. The only per-client cost associated
with Intranets is the cost of the browsers.
3.2.4 Basic intranet structure
• Internet technologies used behind the corporate firewall or in private

environment
• Internet standard mail, web servers, providing access to information, databases,
scheduling, etc.
• threaded discussion groups
• Multimedia using mime type
• Virtual private network over public Internet
• Internet Firewall Intranet
3.2.5 Internet Architecture
The corporate intranet has been hailed as the most important business tool since
the typewriter, but the track record so far has been mixed. Despite many successes,
particularly in cost and time savings, many sponsors of corporate intranets are dissatisfied.

DBA 1727
They have spent time and money on development, Net-enabled desktops, even intranet
NOTES training, but still aren’t enjoying significant enough productivity or cost savings. Why? While
critics often point to technological glitches, the real problems may lie in information design.
Intranets should help employees collaborate on business processes such as product

development or order fulfillment, which create value for a company and its customers.
Specifically, intranets centralize the business process in an easily accessible, platform-
independent virtual space. Successful intranets allow employees from a variety of
departments to contribute the different skills necessary to carry out a particular process.
While each department of a company may have its own virtual space, intranets should be
organized primarily around the business processes they help employees carry out, rather
than the organizational chart of the company.
Focusing on processes rather than departments is a widely-hailed business trend.

Recent shifts in corporate structure point to the emergence of “communities of process.”
Management gurus are helping companies move away from vertical, hierarchical
organizational lines towards horizontal, process-oriented groups that link cross-functional
teams focused on the same set of business tasks. The trouble is that this requires significant
interaction between departments, functions, even countries. Enter the intranet, the ideal
vehicle for creating and empowering process-based corporate communities.
Successful process-oriented intranets look and work as differently as the processes

they enable, but they share several common characteristics. First they are built on smart
information design. Second, they focus on tasks, not documents, and aim to integrate
those tasks into distinct processes. Finally, the best intranets encourage collaboration by
creating shared and familiar spaces that reflect the personality of the company and create
a common ground for all employees.
Don’t Overlook Design
Just as physical work spaces rely on architectural plans to optimize efficiency, an

intranet needs to be carefully designed to help employees access information and collaborate
effectively. Because the public doesn’t see the intranet, information design for intranets
often receives scant attention. Unlike customers, employees are assumed to be insiders,
able to easily locate company information. So, while the company Web site usually has the
input of the marketing department, design and structure of the intranet is often relegated to
the IT department.

By default, an organizational chart of the company is often used to organize

information on the intranet. While seemingly the obvious candidate for the structure of the
NOTES
intranet, an organizational chart actually works against the collaboration the intranet is
meant to foster. An organizational chart can’t help employees from the marketing and legal
departments collaborate on bringing a document through the approval process. It won’t
allow employees from marketing and research and development to work together to create
a new product.
Think About Tasks Rather Than Documents
Thinking of the intranet as a tool means understanding the intranet as more than a
collection of documents. While important, documents are usually a means to an end. People
use documents to complete tasks. Tasks include fulfilling orders, looking up a customer’s
billing history, or collaborating on a research document. To complete these tasks, people
need to have related documents and tools close at hand.
The principal of organizing by task can be demonstrated by the example of working

at a desk. When you sit down to begin a task (e.g., creating a budget), you have a variety
of information and tools at hand. While a spreadsheet is a “calculation” tool, and last
year’s budget is an “internal document,” both need to be next to each other in order to
develop a new budget. Similarly, on the corporate intranet, the tasks of the users rather
than the classification of documents or tools, should dictate the organization of the intranet.
Designed effectively around dynamic tasks rather than static documents, intranets
can contribute to dramatic increases in efficiency (as much as a 40% improvement in time
spent processing documents, according to the GIGA Group). Organizing documents within
the context of tasks also focuses employees on the function of the documents they are
working with. For example, to save employee time while signing up for various retirement
plans, information on various retirement plans (including links to financial Web sites) should
be placed near the forms actually used to register for those plans.
Organize Tasks Into Larger Processes
Isolated tasks are usually part of a larger process. Intranets should group together
all the tasks that make up a business process. Processes can be relatively discrete, such as
tracking deliveries, or getting approval for documents. Or, they can be more complex,

DBA 1727
such as developing or selling products. The most important processes in a company are
NOTES those that create value for a customer. These are the central processes which every intranet
should help employees accomplish.
Even simple processes can become more efficient when incorporated into an
intranet. For example, when Ford implemented an intranet, the company included an
application to help geographically dispersed engineers to get authorization for new projects.
What would previously be a time-consuming, expensive process, involving the potential
for lost documents and delays, is now centralized in an efficient electronic process.
More complex processes can also be effectively integrated into an intranet. For
example, Cadence Systems created an integrated section of the intranet for its entire sales
process. Each phase of the sales process is represented on the intranet with relevant
information and tools. So, the section covering an initial stage of the sales process includes
links to customer presentations, sample letters, and internal forms. Organizing all steps of
the sales process together also allows for easy tracking of each sales effort.
Create Virtual Workgroups Organized Around Processes
Intranets can break though departmental walls to help accomplish business processes
more efficiently. For example, a customer complaint might involve people and information
from the accounting, sales and marketing department. Even though the employees necessary
to resolve the complaint work in different departments, they are all involved in the process
of customer service. By creating spaces for cross-departmental collaboration, the intranet
can help employees collaborate to efficiently carry out the central processes of the company,
and cut costs by avoiding in-person conferences and employee reallocations.
Intranets (and private extranets) can also bring together employees and partners
who are geographically dispersed to work on common problems. Travel costs are
eliminated, and employees can increase their productivity by sharing knowledge. For
example, a pharmaceutical company is using its intranet to allow scientists all over the
world to collaborate on research. A major franchise retailer is using bulletin boards on its
intranet to coordinate major marketing projects. Caterpillar is developing an extranet
application so that experts from around the world can collaborate with employees to design
new products. Other applications for intranet collaboration include complex transactions
with lawyers and multiple parties, which rely on access to, and modification of, key
documents.

The bulk of discussion about collaboration in and between companies centers

around security, certainly an important issue to resolve. What receives less attention-but is
NOTES
central to the value of an intranet-is the design of virtual spaces, which encourage new
forms of collaboration. These, in turn, increase the efficiency of key business processes
such as product development, marketing and customer service.
The Intranet Reflects the Company; the Company Reflects the Intranet
The corporate intranet can help a company organize around “communities of

process” both on- and off-line. When Texas Instruments initiated a process-centered
organization, oriented around collaborative work groups, software development time fell
from twenty-two to eight months. The Texas Instruments intranet was established after this
shift, and was designed to reflect and enhance the new organization. Whether it precedes
or follows the organizational shift, an intranet that encourages this type of collaborative
work environment can provide a significant return-on-investment.
At the same time, using an intranet to shift the way work is done in an organization
requires a cultural change within the organization. Unless there is a clear commitment from
senior management to have employees collaborate across departments to more efficiently
accomplish key business processes, the intranet may have only limited application and
benefit. Even after the intranet is designed to encourage collaboration, marketing the intranet
to employees remains essential. As the intranet creates new forms of collaboration, it will
challenge traditional ways of doing work and obtaining information. For the intranet to be
successful, it must provide ways of empowering all employees, offering concrete incentives
for employees to use, and encourage the use, of the intranet.
The process-oriented intranet, then, is “in sync” with the company it works for.
And this is where graphic design, tone and standards emerge as vital to the intranet’s
success. Like it or not, intranets have personalities, which are amalgams of visual style,
tone and content. An intranet that reflects the culture of its company will make employees
feel more at home, will help dispersed employees feel that they share the same space, and
will encourage collaboration and communication around the processes they support. Turner
Entertainment Group, for example, created a distinctive, casual feel for its intranet with a
home page that uses a refrigerator with magnates to represent the various divisions. The
unique imagery created a friendly, shared, familiar space for all employees.

DBA 1727
3.2.6 Internet/Intranet Applications

NOTES
From blue-chip companies to one-person start-ups, the Internet and its related
technologies have provided new opportunities and new ways of doing business. Web-
based systems have enabled organizations to provide maintainable, secure global access
to their data and applications. The ease of deployment over the web has made such
applications very attractive for enterprise systems.
Any device which has a web browser can potentially utilize an internet/intranet
application. These applications are no longer restricted to the traditional PC user running
Windows, but are also available for PDAs and mobile phones. The introduction of Web
Services has widened the scope of web-based applications by allowing other systems to
interact with them.
Tessella has acquired wide ranging experience of internet and intranet applications,
and the majority of our work has a web-based component. We have worked on a variety
of web-based systems which have fulfilled many different business roles, including systems
such as sophisticated workflow systems that help organizations manage their day to day
business, and web front ends to large corporate and scientific databases. We also have
experience of developing distributed applications deployed over the internet such as
climateprediction.net, the world’s largest climate prediction experiment.
Advantages of intranets
1. Workforce productivity: Intranets can help users to locate and view information
faster and use applications relevant to their roles and responsibilities. With the help
of a web browser interface, users can access data held in any database the
organization wants to make available, anytime and - subject to security provisions -
from anywhere within the company workstations, increasing employees’ ability to
perform their jobs faster, more accurately, and with confidence that they have the
right information. It also helps to improve the services provided to the users.
2. Time: With intranets, organizations can make more information available to

employees on a “pull” basis (ie: employees can link to relevant information at a time
which suits them) rather than being deluged indiscriminately by emails.

3. Communication: Intranets can serve as powerful tools for communication within

an organization, vertically and horizontally. From a communications standpoint,
NOTES
intranets are useful to communicate strategic initiatives that have a global reach
throughout the organization. The type of information that can easily be conveyed is
the purpose of the initiative and what the initiative is aiming to achieve, who is driving
the initiative, results achieved to date, and who to speak to for more information. By
providing this information on the intranet, staff have the opportunity to keep up-to-
date with the strategic focus of the organization.
4. Web publishing allows ‘cumbersome’ corporate knowledge to be maintained and

easily accessed throughout the company using hypermedia and Web technologies.
Examples include: employee manuals, benefits documents, company policies, business
standards, newsfeeds, and even training, can be accessed using common Internet
standards (Acrobat files, Flash files, CGI applications). Because each business unit
can update the online copy of a document, the most recent version is always available
to employees using the intranet.
5. Business operations and management: Intranets are also being used as a platform
for developing and deploying applications to support business operations and
decisions across the internetworked enterprise.
6. Cost-effective: Users can view information and data via web-browser rather than
maintaining physical documents such as procedure manuals, internal phone list and
requisition forms.
7. Promote common corporate culture: Every user is viewing the same information
within the Intranet.
8. Enhance Collaboration: With information easily accessible by all authorised users,

teamwork is enabled.
9. Cross-platform Capability: Standards-compliant web browsers are available for

Windows, Mac, and UNIX.

DBA 1727
3.3 EXTRANET
NOTES
3.3.1 What is an Extranet?
An extranet is a private network that uses Internet protocols, network connectivity,

and possibly the public telecommunication system to securely share part of an organization’s
information or operations with suppliers, vendors, partners, customers or other businesses.
An extranet can be viewed as part of a company’s Intranet that is extended to users
outside the company (e.g.: normally over the Internet). It has also been described as a
“state of mind” in which the Internet is perceived as a way to do business with a pre
approved set of other companies business-to-business (B2B), in isolation from all other
Internet users. In contrast, business-to-consumer (B2C) involves known server(s) of one
or more companies, communicating with previously unknown consumer users.
Briefly, an extranet can be understood as a private intranet mapped onto the

Internet or some other transmission system not accessible to the general public, but is
managed by more than one company’s administrator(s). For example, military networks
of different security levels may map onto a common military radio transmission system that
never connects to the Internet. Any private network mapped onto a public one is a virtual
private network (VPN). In contrast, an intranet is a VPN under the control of a single
company’s administrator(s).
An argument has been made that “extranet” is just a buzzword for describing what
institutions have been doing for decades, that is, interconnecting to each other to create
private networks for sharing information. One of the differences that characterized an
extranet, however, is that its interconnections are over a shared network rather than through
dedicated physical lines. With respect to Internet Protocol networks, RFC 4364 states “If
all the sites in a VPN are owned by the same enterprise, the VPN is a corporate intranet.
If the various sites in a VPN are owned by different enterprises, the VPN is an extranet.
A site can be in more than one VPN; e.g., in an intranet and several extranets. We regard
both intranets and extranets as VPNs. In general, when we use the term VPN we will not
be distinguishing between intranets and extranets. Even if this argument is valid, the term
“extranet” is still applied and can be used to eliminate the use of the above description.”

It is important to note that in the quote above from RFC 4364, the term “site”
refers to a distinct networked environment. Two “sites” connected to each other across
NOTES
the public Internet backbone comprise a VPN. The term “site” does not mean “website.”
Further, “intranet” also refers to just the web-connected portions of a “site.” Thus, a small
company in a single building can have an “intranet,” but to have a VPN, they would need
to provide tunneled access to that network for geographically distributed employees.
Similarly, for smaller, geographically united organizations, “extranet” is a useful

term to describe selective access to intranet systems granted to suppliers, customers, or
other companies. Such access does not involve tunneling, but rather simply an authentication
mechanism to a web server. In this sense, an “extranet” designates the “private part” of a
website, where “registered users” can navigate, enabled by authentication mechanisms on
a “login page”.
An extranet requires security and privacy. These can include firewalls, server
management, the issuance and use of digital certificates or similar means of user
authentication, encryption of messages, and the use of virtual private networks (VPNs)
that tunnel through the public network.
3.3.2 Features of Extranet
Extranets generally have the following features:
• The use of Internet technologies and standards. These include the

standardized techniques for transmitting and sharing information and the
methods for encrypting and storing information, otherwise known as the
Internet Protocol, or IP.
• The use of Web browsers. Users access Extranet information using a web
browser like Microsoft Internet Explorer, Netscape Navigator or, more
recently, Mozilla’s Firefox. Browser software uses relatively small amounts of
memory and resources on a computer. The great thing about browsers is that
an application written for a browser can be read on almost any computer
without regard to operating system or manufacturer. That makes an application
developed for a browser a snap to deploy. A browser on a user’s machine is
all the software he or she needs to take full advantage of the Extranet
application. No messy and confounding installation disks; fewer clogged hard
drives.

DBA 1727
• Security. By their very nature, Extranets are embroiled in concerns about

NOTES security. To protect the privacy of the information that is being transmitted,
most Extranets use either secure communication lines or proven security and
encryption technologies that have been developed for the Internet.
• Central Server/Repository. Extranets usually have a central server where
documents or data reside. Members can access this information from any
computer that has Internet access.
While these are the broad attributes shared by most Extranets, Extranets vary
dramatically in their design and implementation. They can be employed in a wide variety of
environments and for very different purposes, like:
• Sharing case information

• Sharing of case-related documents—many Extranets contain document
repositories that can be searched and viewed by both lawyer and client on-
line
• Calendaring—key dates and scheduling of hearings and trials can be shared
on-line
• Providing firm contact information
• Acting as a “work flow engine” for various suppliers
• Providing access to firm resources remotely
• Sharing time and expense information
3.3.3 Industry use
During the late 1990s and early 2000s, several industries started to use the term
“extranet” to describe central repositories of shared data made accessible via the web
only to authorized members of particular work groups.
For example, in the construction industry, project teams could login to and access
a ‘project extranet’ to share drawings and documents, make comments, issue requests for
information, etc. In 2003 in the United Kingdom, several of the leading vendors formed
the Network of Construction Collaboration Technology Providers, or NCCTP, to promote
the technologies and to establish data exchange standards between the different systems.
The same type of construction-focused technologies have also been developed in the
United States, Australia, Scandinavia, Germany and Belgium, among others. Some

applications are offered on a Software as a Service (SaaS) basis by vendors functioning as

Application service providers (ASPs).
NOTES
Specially secured extranets are used to provide virtual data room services to
companies in several sectors (including law and accountancy).
There are a variety of commercial extranet applications, some of which are for
pure file management, and others which include broader collaboration and project
management tools. Also exist a variety of Open Source extranet applications and modules,
which can be integrated into other online collaborative applications such as Content
Management Systems. Companies can use an extranet to:
• Exchange large volumes of data using Electronic Data Interchange (EDI)

• Share product catalogs exclusively with wholesalers or those “in the trade”
• Collaborate with other companies on joint development efforts
• Jointly develop and use training programs with other companies
• Provide or access services provided by one company to a group of other
companies, such as an online banking application managed by one company
on behalf of affiliated banks
• Share news of common interest exclusively with partner companies
3.3.4 Extranet applications
An extranet application is a software data application that provides limited access

to your company’s internal data by outside users such as customers and suppliers. The
limited access typically includes the ability to order products and services, check order
status, request customer service and much more.
A properly developed extranet application provides the supply chain connection

needed with customers and suppliers to dramatically lessen routine and time consuming
communications. Doing so frees up resources to concentrate on customer service and
expansion as opposed to administrative office tasks such as data entry.

DBA 1727
Just as intranets provide increased internal collaboration, extranets provide

NOTES increased efficiencies between your company and its customers and/or suppliers. Developing
and implementing an extranet application can provide you the competitive edge to stay
ahead of the competition in the eyes of your customers and a better ability to negotiate
prices with your suppliers.
3.3.5 Disadvantages
1. Extranets can be expensive to implement and maintain within an organization (e.g.:

hardware, software, employee training costs) — if hosted internally instead of via an
ASP.
2. Security of extranets can be a big concern when dealing with valuable information.
System access needs to be carefully controlled to avoid sensitive information falling
into the wrong hands.
3. Extranets can reduce personal contact (face-to-face meetings) with customers and
business partners. This could cause a lack of connections made between people
and a company, which hurts the business when it comes to loyalty of its business
partners and customers
3.3.6 E-Commerce Business Models
Since eCommerce consists of doing business online or electronically, the business

or revenue models are somewhat different than that of a “brick and mortar” business.
Common eCommerce models are direct online sales, selling online advertising space, and
online commissions.
Direct online sales model
You can establish your website as your place of business and directly sell to those
entering your “store” to make a purchase. Since delivery is often by mail, this is similar to
customers buying from a mail order catalog. Software products, e-books, music and video
files can be delivered to the customer through the downloading process.
Amazon.com is a good example of a business using the direct sales model to gain
revenue.

Online advertising space model

NOTES
Just as television and radio stations gain revenue from advertisements, related to
the reach or number of viewers they have, so too can popular websites charge for the
number of viewers seeing an ad. A better method is to count the number of viewers that
click on an ad, taking them to the company’s website.
Online commission model
Individuals and companies can also be established as affiliates, where they gain a
commission for sales made through a company using the direct online sales model.
Online companies such as eBay and PayPal charge a commission for their services.
Google gains a commission for ads placed on others’ websites.
3.3.6.1 Successful Ecommerce Business Models
Five different ways websites can generate revenue by Robert Samuelsen
“There’s no such thing as a free lunch!” While this simple economic aphorism
seems to have been forgotten in the world of cyberspace, it holds true as much today as it
ever has. First lets establish the fact that no site is free - every web site costs money. The
web site is stored on a computer, uses web server software, accesses telecommunication
resources, and must be maintained. Someone must pay for the computers, software,
telecommunication charges, and time. The omnipresent cost either comes from your pocket
or some benevolent benefactor.
The cost and potential revenue constitutes a business model. Therefore, even the
“free” sites have a business model. A public site offered by a library, school, or university
has a business model. Free email service has a business model. Free home pages fit into a
business model. Every site in the entire world wide web has a business model. There are
different business models underlying each website.
In actuality, five distinct eCommerce business models form the basic structure for
the wide variety of websites today. The five categories are called vanity, billboard, advertising,
subscriptions, and storefront sites. [Editor’s Note: Mr. Samuelsen considers affiliate

DBA 1727
programs to be a variant on the storefront model.] While not all drive revenue directly, they
NOTES all incur costs. In addition, many sites combine several of the five identified business models.
Each of the five models have unique characteristics which make it different from the other
types. Therefore, it is important to understand their differences.
Vanity: Many web sites are started as vanity sites. These sites are often created
by individuals as an outlet of self expression, to share a hobby, promote a cause, or find
others with similar interests. These sites are created with no intentions of deriving revenue
and no illusions of grandeur. It could be as simple as a one page family site or a complex
forum on a specific topic. The costs are borne either by the individual or by some altruistic
enterprise such as universities, libraries, communities, associations, and even businesses.
Nevertheless, the costs are real of these “free” sites.
Billboard: Billboard sites (also called brochure or information sites) are designed
to derive economic benefit through indirect means from either referred sales, reduced
cost, or both. Revenue comes from creating awareness of its products or services via the
web, with the actual purchase transaction occurring off-line. Just like a billboard on a
highway, success is measured on viewer ship as net citizens “surf” by and are influenced to
purchase product. Most corporate sites today put up these electronic brochures to provide
information about their products, employment information, or public information. Economic
benefit is created through the indirect purchase of goods or services from existing physical
outlets and cost savings through the elimination of infrastructure or inefficiency. Finally,
some businesses feel this is the best way to avoid channel conflict’s potential pricing disparity
between different supply chains.
Advertising: Network television, radio, and many periodicals follow the advertising
model. All programming and content is funded by advertising dollars, with consumer
viewership measuring value. Agencies conduct sophisticated surveys to measure the value
and establish the pricing. For eCommerce, advertising can be in the form of banners,
sponsorships, ezine ads, and other promotion methods.
This is a much-ballyhooed but still largely unproven model on the web. While
there are a few sites that are entirely supported by advertising dollars, the lack of web-
savvy viewership statistics hindering the mass adoption by advertisers? As the knowledge
of consumer behavior is further understood, experts will prepare purchase pattern analyses
providing advertisers with empirical data to support their promotion campaigns.

Subscriptions: In other media, the subscription models are well established’

accepted by subscribers and nurtured by publishers. On the web, subscriptions are not yet
NOTES
widely accepted by consumers. Of those that are accepted, the subscription model caters
to sites targeted to particular niches of individuals who have specific needs. These sites are
often specialized with expert content and timely information. The subscriptions fund the
development and maintenance of the site.
Subscriptions can be paid on a weekly, monthly, or annual basis. Payment through

a credit card account is a common payment scheme for subscription sites because of the
ability to periodically process the purchase transaction electronically.
Storefront: To some people, a products-offered site is narrowly defined as a

“true” eCommerce site. A website that offers products for sale is the electronic version of
a catalog. These virtual storefronts are built to describe the offering with pictures and
words, offer promotions, provide a “shopping cart,” and complete the purchase transaction.
Once the product is purchased, the cyber enterprise arranges for product fulfillment including
shipping and handling. The fulfillment is sometimes completed by the website enterprise or
directly from the manufacturer in a drop shipping arrangement. Some manufacturers are
now passing up the intermediary wholesalers and retailers by offering their products directly
to consumers. This collapsing of the supply chain is called disintermediation.
Although the vast majority of these sites offer tangible products, they can work for
service products too. The primary characteristic of these types of sites is the ability to
make a one time purchase with no future obligations.
While it is impossible to predict the future in this fast moving media, it is obvious
that all five business models will remain viable for the near term. Each model will continue
to mature both in its acceptance and sophistication. Consumers will increasingly look to
the web for physical commerce alternatives because of the limitlessness of the media both
in terms of geography and shopping hours. For net entrepreneurs, each model should be
examined carefully to understand which model provides the maximum benefit. With the
understanding of the business models, financial projections can be easily created and business
plans finalized. With the business plan in hand, you will realize even in cyberspace, there is
no such thing as a free lunch.

DBA 1727
Robert Samuelsen operates eVine Online, which he describes as “The web’s

NOTES first family communication center featuring calendars, photo albums, discussion
groups, address books, and more—all in a password protected family environment.”
Summary
Internet: The Internet is a worldwide, publicly accessible series of interconnected

computer networks that transmit data by packet switching using the standard Internet
Protocol (IP). It is a “network of networks” that consists of millions of smaller domestic,
academic, business, and government networks, which together carry various information
and services, such as electronic mail, online chat, file transfer, and the interlinked web
pages and other resources of the World Wide Web (WWW).
The Internet Tools and their Characteristics: The evolution of the Internet is
punctuated by the introduction and mass acceptance of such key resources and
tools as Unix, Email, Usenet newsgroups, Telnet, Listserv Mailing List Software,
File Transfer Protocol, Internet Relay Chat, WAIS, Gopher, WWW, and more
recently by the Altavista search engine, Java language, and finally, the
Elements of Internet Architecture
• Protocol Layering
• Networks
• Routers
• Addressing Architecture
The outward signs of a robust and thriving business are:
• Revenue increases
• Ability to generate profits
• Success in creating meaningful alliances
• Success in expanding into new markets
• Differentiating itself from other business models
Intranet: An Intranet is a company-specific network that uses software programs

based on the Internet TCP/IP protocol and common Internet user interfaces such as the

web browser. Simply put, an Intranet is the application of Internet technologies within an
organization private LAN or WAN network.
NOTES
Why are intranets popular
• Inexpensive to implement
• Easy to use, just point and click
• Saves time and money, better information faster
• Based on open standards
• Scaleable and flexible
• Connects across disparate platforms
• Puts users in control of their data
Extranet: An extranet is a private network that uses Internet protocols, network

connectivity, and possibly the public telecommunication system to securely share part of
an organization’s information or operations with suppliers, vendors, partners, customers
or other businesses.
Companies can use an extranet to:
• Exchange large volumes of data using Electronic Data Interchange (EDI)

• Share product catalogs exclusively with wholesalers or those “in the trade”
• Collaborate with other companies on joint development efforts
• Jointly develop and use training programs with other companies
• Provide or access services provided by one company to a group of other
companies, such as an online banking application managed by one company
on behalf of affiliated banks
• Share news of common interest exclusively with partner companies
E-Commerce Business Models: Common eCommerce models are direct online sales,
selling online advertising space, and online commissions.

DBA 1727

NOTES
1. What is an Internet? Explain its characteristics?
2. List the Internet tools and explain its characteristics
3. What is FTP?
4. Explain web based Client/Server?
5. Describe the elements of Internet architecture?
6. Explain the uses of Internet?
7. What are the key areas that a profitable web site needs to concentrate on?
8. Discuss some successful companies that pursue different business models?
9. What is an intranet?
10. List the benefits of Intranet
11. List the basic intranet structure
12. Describe Internet architecture
13. Discuss Internet/Intranet applications
14. Discuss the integration of web technologies with business models
15. What is an Extranet and list its features
16. Describe the extranet applications
17. Discuss E-Commerce Business models

NOTES
UNIT IV
E-COMMERCE PAYMENTS
AND SECURITY
4.1 ELECTRONIC PAYMENTS AND PROTOCOLS
4.1.1 Electronic Payment Systems
Electronic payment is an integral part of electronic commerce. Broadly de-fined,

electronic payment is a financial exchange that takes place online between buyers and
sellers. The content of this exchange is usually some form of digital financial instrument
(such as encrypted credit card numbers, electronic checks, or digital cash) that is backed
by a bank or an intermediary, or by legal tender.
Three factors are stimulating interest among financial institutions in electronic

payments:
• decreasing technology costs,

• reduced operational and processing costs, and
• increasing online commerce.
The desire to reduce costs is one major reason for the increase in electronic
payments. Cash and checks are very expensive to process, and banks are seeking less
costly alternatives. It is estimated that approximately 56 percent of consumer transactions
in the United States are cash and 29 percent are check. Credits, debits, and other electronic
transactions account for about 15 percent of all consumer transactions, and are expected
to increase rapidly. Electronic transactions numbered 33 billion in 1993 and are expected
to climb to 118 billion by the year 2000. For the same period, paper transactions are
forecast to show very modest growth, from 117 billion in 1993 to 135 billion in the year
2000.

DBA 1727
Banks and retailers want to wean customers away from paper transactions because
NOTES the processing overhead is both labor intensive and costly. The crucial issue in electronic
commerce revolves around how consumers will pay businesses online for various products
and services. Currently, consumers can view an endless variety of products and services
offered by vendors on the Internet, but a consistent and secure payment capability does
not exist. The solutions proposed to the online payment problem have been ad hoc at best.
For instance, in one method marketed by CyberCash, users install client software packages,
sometimes known as “electronic wallets,” on their browsers. This software then
communicates with “electronic cash registers” that run on merchants’ Web servers. Each
vendor’s client works with only that vendor’s own server software, a rather restrictive
scenario. Currently, merchants face the unappealing option of either picking one standard
and alienating consumers not subscribing to a standard or needing to support multiple
standards, which entails extra time, effort, and money.
Today, the proliferation of incompatible electronic payment schemes has stifled

electronic commerce in much the same way the split between Beta and VHS standards
stifled the video industry’s growth in the 1970s. Banks faced similar problems in off-line
commerce in the early nineteenth century. Many banks issued their own notes, and a
recurrent problem was the tendency of some institutions to issue more notes than they had
gold as backing. Further, getting one bank to honor another’s notes was a major problem.
Innovations in payment methods involved the creation of new financial instruments that
relied on backing from governments or central banks, and gradually came to be used as
money. Banks are solving these problems all over again in an online environment.
The goal of online commerce is to develop a small set of payment methods that are
widely used by consumers and widely accepted by merchants and banks.
4.1.1.1 Types of Electronic Payment Systems
Electronic payment systems are proliferating in banking, retail, health care, on-line markets,
and even government-in fact, anywhere money needs to change hands. Organizations are
motivated by the need to deliver products and services more cost effectively and to provide
a higher quality of service to customers.
Research into electronic payment systems for consumers can be traced back to
the 1940s, and the first applications-credit cards appeared soon after. In the early 1970s,

the emerging electronic payment technology was labelled electronic funds transfer (EFT).
EFT is defined as “any transfer of funds initiated through an electronic terminal, telephonic
NOTES
instrument, or computer or magnetic tape so as to order, instruct, or authorize a financial
institution to debit or credit an account.” EFT utilizes computer and telecommunication
components both to supply and to transfer money or financial assets. Transfer is information-
based and intangible. Thus EFT stands in marked contrast to conventional money and
payment modes that rely on physical delivery of cash or checks (or other paper orders to
pay) by truck, train, or airplane. Work on EFT can be segmented into three broad categories:
Banking and financial payments
• Large-scale or wholesale payments (e.g., bank-to-bank transfer)

• Small-scale or retail payments (e.g., automated teller machines and cash
dispensers)
• Home banking (e.g., bill payment)
Retailing payments
Credit cards (e.g., VISA or MasterCard)

Private label credit/debit cards (e.g., J.C. Penney Card)
Charge cards (e.g., American Express)
On-line electronic commerce payments

o Token-based payment systems
Electronic cash (e.g., DigiCash)

Electronic checks (e.g., NetCheque)
Smart cards or debit cards (e.g., Mondex Electronic Currency Card)
o Credit card-based payment systems
Encrypted credit cards (e.g., World Wide Web form based encryption)
Third-party authorization numbers (e.g., First Virtual)

DBA 1727
4.1.2 Designing Electronic Payment Systems

NOTES
• Privacy. A user expects to trust in a secure system; just as the telephone is a
safe and private medium free of wiretaps and hackers, electronic communication
must merit equal trust.
• Security. A secure system verifies the identity of two-party transactions through
“user authentication” and reserves flexibility to restrict information/services
through access control. Tomorrow’s bank robbers will need no getaway cars
just a computer terminal, the price of a telephone call, and a little ingenuity.
Millions of dollars have been embezzled by computer fraud. No systems are
yet fool-proof, although designers are concentrating closely on security.
• Intuitive interfaces. The payment interface must be as easy to use as a
telephone. Generally speaking, users value convenience more than anything.
• Database integration. With home banking, for example, a customer wants
to play with all his accounts. To date, separate accounts have been stored on
separate databases. The challenge before banks is to tie these databases
together and to allow customers access to any of them while keeping the data
up-to-date and error free.
• Brokers. A “network banker”-someone to broker goods and services, settle
conflicts, and facilitate financial transactions electronically-must be in place.
One fundamental issue is how to price payment system service. For example,
should subsidies be used to encourage users to shift from one form of payment to another,
from cash to bank payments, from paper-’based to e-cash. The problem with subsidies is
the potential waste of resources, as money may be invested in systems that will not be
used. Thus investment in systems not only might not be recovered but substantial ongoing
operational subsidies will also be necessary. On the other hand, it must be recognized that
without subsidies, it is difficult to price all services affordably. · Standards. Without standards,
the welding of different payment users into different networks and different systems is
impossible. Standards enable interoperability, giving users the ability to buy and receive
information, regardless of which bank is managing their money. None of these hurdles are
insurmountable. Most will be jumped within the next few years. These technical problems,
experts hope, will be solved as technology is improved and experience is gained. The
biggest question concerns how customers will take to a paperless and (if not cashless)
less-cash world.

4.1.3 Secure Electronic Transaction (SET) Protocol

NOTES
SET protocol was initially designed by Visa and MasterCard in 1997 and has
evolved since then. SET protocol meets the four security requirements for EC as SSL(Secure
Socket Layer) does: authentication, encryption, integrity, and non repudiation. In addition,
SET defines the message format, certificate format, and procedure of message exchange
as depicted in. The role of payment gateway is to connect the Internet and proprietary
networks of banks. Each participating entity needs its own certificate. To keep the consumer’s
certificate in his or her personal computer or IC card, software called the electronic wallet,
or digital wallet, is necessary. To connect the dig-ital wallet with various merchants,
interoperability is a very important characteristic to meet.
Electronic Wallet
To achieve perfect security, the electronic wallet has to be downloaded into the
buyer’s personal computer. Since the interoperability of the cardholder’s digital wallet
with any merchant’s software is essential, a consortium of companies (Visa, MasterCard,
JCB, and American Express) has established a company called SETCo (Secure Electronic
Transaction LLC 1999). This company performs the interoperability test and issues a SET
Mark as a confirmation of interoperability. IBM, Netscape, Microsoft, VeriSign, Tandem,
and MetaLand provide such interoperable digital wallets.
Storage of Certificates
If the private key and corresponding public key in a certificate are physically stored in
the customer’s personal computer, the customer can use the certificate only at the computer.
However, if the certificate is stored in an IC card, the wallet can work if the IC card is
inserted into a card reader attached to a computer. Therefore, storing the certificate in IC
card seems to be the safest method.

DBA 1727
NOTES
Overview of main messages in SET
The International Center for Electronic Commerce (ICEC 1999) has developed a
system named Smart-SET, which integrates SET protocol with an IC card that can store
multiple certificates. Secure socket layer protocol for electronic payment even though
SET is a perfect solution for secure electronic payments, a relatively simple version of SSL
is currently widely adopted. This is because SET protocol is complex and certificates are
not widely distributed in a stable manner. Theoretically, the SSL protocol may use a
certificate but it does not include the concept of a payment gateway. Merchants need to
receive both ordering information and credit card information because the capturing process
initiated by the merchant.
The SET protocol, on the other hand, hides the customer’s credit card information
from merchants and also hides the order information from banks to protect privacy. This
scheme is called dual signature. Until SET becomes popular, a simple version of SSL is a
very viable alternative.

4.1.3.1 What Features does SET Specify?

NOTES
The following objectives are addressed by SET specifications:
Confidentiality of Information
To facilitate and encourage financial transactions, it will be necessary for merchants

and banks to assure consumers that their payment information is safe and accessible only
by the intended recipient. Therefore, credit card account and payment information must be
se-cured as it travels across the network, preventing interception of account numbers and
expiration dates by unauthorized individuals. SET provides confidentiality by the use of
message encryption.
Integrity of Information
SET ensures that message content is not altered during the transmission between
originator and recipient. Payment information sent from consumers to merchants includes
order information, personal data, and payment instructions. If any component is altered in
transit, the transaction will not be processed accurately. In order to eliminate this potential
source of fraud and/or error, SET provides the means to ensure that the contents of all
order and payment messages received match the contents of messages sent. Information
integrity is ensured by the use of digital signatures.
Consumer Account Authentication
Merchants need a way to verify that a consumer is a legitimate user of a valid

account number. Digital signatures and digital certificates ensure consumer account
authentication by providing a mechanism that links a consumer to a specific account number.
SET designates a third party called a certificate authority to authenticate the sender and
receiver.
Merchant Authentication
The SET specifications provide a way for consumers to confirm that a merchant
has a relationship with a financial institution that allows that merchant to accept bank card
payments. Merchant authentication is ensured by the use of digital signatures and merchant
certificates.

DBA 1727
Interoperability
NOTES
The SET specifications must be applicable on a variety of hardware and software
platforms, ands must not prefer one over another. Any consumer with compliant software
must be able to communicate with any merchant software that also meets the defined
standard Interoperability by the use of standard protocols and message formats.
4.2 SECURITY SCHEMES AGAINST INTERNET FRAUD
4.2.1 Security Issues
The Internet is a huge place that hosts several millions of people. As all the people
are not honest, illegal activity’ is inevitable. Statistics show that only 10% of computer
client is reported and only 2% of the reported client results in with convictions.
There are two basic types of criminal activities:
• The person who tries to understand and learn the various systems and
capabilities of any private network. In this case the person has no intentions
to do any damage or to steal any resources but tries to observe the system
functionality. For example teenagers who tries to enter into a network out of
curiosity till they are caught or deducted.
• The persons who uses the Internet and the Web to benefit themselves by
doing illegal activities such as, stealing software’s, information and causing
damage to resources. This type of criminal activity raises the concern for
network security.
A large system like Internet has many holes and crevices in which a determined
person can easily find the way to get into any private network. There are many terms used
to signify the computer criminals.
Type of Computer Criminals
• Hacker-is a person who has good knowledge about computers and tries to
open the data packets and steal the information transmitted through the Internet.

• Cracker-is someone who specifically breaks into computer systems by

bypassing or by guessing login passwords. These persons enter into the
NOTES
network as authenticated users and can cause any harm to the system.
• Phreaks-are persons who hack phone systems. These people specifically
try to scam long distance phone-time for them to control phone switch capability
or to hack company automated EBX systems to get free voice-mail accounts
or to raid companies existing voice-mail messages.
• Phracker-is the combination of freak and cracker. A phracker breaks into
phone systems and computer systems and specializes in total network
destruction.
Another major issue in the Internet security is misrepresentation and fraud. One of
the reasons of misrepresentation is that on the net it is easy to appear as anyone or anything
without the actual presence. For example, shops site displaying goods, which the dealer
may not have them physically. But at the same time, creating a scam site is not as easy as
it seems to be, because one must host pages somewhere, which makes the provider
responsible for the content. For this reason, most Web site providers examines sites and
have access to the information that is been provided. With the rapid growth in use of
Internet, in future the number of fraud cases in which perpetrators create their own provider
site will probably increase. This is possible specially, in case of offshore servers where
laws are more favorable to the criminal and enforcement will be very difficult. For this
reason, it is increasingly important for Web users to protect themselves.
4.2.2 Security Schemes
4.2.2.1 Encryption
Encryption is a technique for hiding data. The encrypted data can be read only by
those users for whom it is intended. Nowadays various encryption techniques are available.
One of the available techniques commonly used for encryption is Public Key. In Public
Key encryption system, RSA Data Security of Redwood City offers the most popular and
commercially available algorithm.
In a Public Key encryption system each user has two keys-public key and private
key. The encryption and decryption algorithms are designed in a way so that only the
private key can decrypt data that is encrypted by the public key. And the public key can

DBA 1727
decrypt data, encrypted by the private key. Therefore, one can broadcast the public key
NOTES to all users.
Computer encryption is based on the science of cryptography, which has been

used throughout history. Before the digital age, the biggest users of cryptography were
governments, particularly for military purposes.
Most computer encryption systems belong in one of two categories. Broadly

speaking, there are two types of encryption methods:
• Secret-key encryption
• Public-key encryption
SECRET - KEY ENCRYPTION
I
n
t
e
r
n
e
t
Anne Encrypt Decrypt Bob
Secret-key encryption, also known as symmetric encryption, involves the use of a

shared key for both encryption by the transmitter and decryption by the receiver. Secret-
key encryption works in the following way: Anne wishes to send a purchase order (PO) to
Bob in such a way that only Bob can read it. Anne encrypts the PO (the plaintext) with an
encryption key and sends the encrypted PO (the cipher text) to Bob. Encryption scrambles
the message, rendering it unreadable to anyone but the intended recipient.
Bob decrypts the cipher text with the decryption key and reads the PO. Note that
in secret-key encryption, the encryption key and decryption key are the same (see Fig.).
The transmitter uses a cryptographic secret “key” to encrypt the message, and the recipient
must use the same key to decipher or decrypt it. A widely adopted implementation of
secret-key encryption is data encryption standard (DES).
Although secret-key encryption is useful in many cases, it has significant limitations.

All parties must know and trust each other completely, and have in their possession a

protected copy of the key. If the transmitter and receiver are in separate sites, they must
trust not being overheard during face-to-face meetings or over a public messaging system
NOTES
(a phone system, a postal service) when the secret key is being exchanged. Anyone who
over-hears or intercepts the key in transit can later use that key to read all encrypted
messages.
scrambled
Scrambled
I message
message n
t
e
r
n
e
t
Encrypt Decrypt
Buyer with with seller
private key private key
Since shared keys must be securely distributed to each communicating party, secret-
key encryption suffers from the problem of key distribution-generation, transmission, and
storage of keys. Secure key distribution is cumbersome in large networks and does not
scale well to a business environment where a company deals with thousands of online
customers. Further, secret-key encryption is impractical for exchanging messages with a
large group of previously unknown parties over a public network. For in-stance, in order
for a merchant to conduct transactions securely with Internet subscribers, each consumer
would need a distinct secret key as-signed by the merchant and transmitted over a separate
secure channel such as a telephone, adding to the overall cost. Hence, given the difficulty
of providing secure key management, it is hard to see secret-key encryption becoming a
dominant player in electronic commerce. If secret encryption cannot ensure safe electronic
commerce, what can? The solution to widespread open network security is a newer, more
sophisticated form of encryption, first developed in the 1970s, known as public-key
encryption.
Public-Key Encryption
Public-key encryption, also known as asymmetric encryption, uses two keys: one
key to encrypt the message and a different key to decrypt the message. The two keys are
mathematically related so that data encrypted with one key only be decrypted using the
other.

DBA 1727
Unlike secret-key encryption, which uses a single key shared by two (or more)
NOTES parties, public-key encryption uses a pair of keys for each party. One of the two keys is
“public” and the other is “private.” The public key can be made known to other parties; the
private key must be kept confidential and must be known only to its owner. Both keys,
however, need to be protected against modification.
The best known public-key encryption algorithm is RSA (named after its inventors
Rivest, Shamir, and Adleman). In the RSA method, each participant creates two unique
keys, a “public key,” which is published in a sort of public directory, and a “private key,”
which is kept secret. The two keys work together; whatever data one of the keys “locks,”
only the other can unlock.
For example, if an individual wants to send a snoop-proof email message to a

friend, she simply looks up his public key and uses that key to en-crypt her text. When the
friend receives the e-mail, he uses his private key to convert the encrypted message on his
computer screen back to the sender’s original message in clear text. Since only the bona
fide author of an encrypted message has knowledge of the private key, a successful
decryption using the corresponding public key verifies the identity of the author and ensures
message integrity. Even if a would-be criminal intercepts the message on its way to the
intended recipient, that criminal has no way of deciphering the message without the private
key.
The computer handles the hard work of manipulating the large numbers used in
the math of encrypting and decrypting messages. Table compares secret- and public key
systems. Both types of systems offer advantages and disadvantages. Often, the two are
combined to form a hybrid system to exploit the strengths of each method. To determine
which type of encryption best meets its needs, an organization first has to identify its security
requirements and operating environment. Public-key encryption is particularly useful when
the parties wishing to communicate cannot rely on each other or do not share a common
key. This is often the case in online commerce.
Another prominent public key method being used in online commerce today is
called Digital Signatures

Comparing Secret key and public key Encryption methods.

NOTES
Digital Signature
Digital signatures are used for sending authentication. This also means that the
originator cannot falsely deny having signed the data. In addition, a digital signature enables
the computer to notarize the message, ensuring the recipient that the message has not been
forged transit.
Let us consider the following scenario of a customer, interacting with a merchant,

Online mart. When the customer orders something from Online mart, he uses Online mart’s
public key to encrypt her confidential information. Online Mart then uses its private key to
decrypt the message (only a private key can unlock a document deciphered with a public
key); thus the customer knows that only Online Mart received that data. To ensure further
security, the customer can enclose a digital signature, encrypted with her own private key,
which Online Mart could decrypt with the customers public key and know that only the
particular customer could have sent it. In the other direction Online mart would send
confidential information to the customer using her public key, and only she can decrypt it
using her private key. This shows how digital signature works in combination with public
key encryption to ensure authentication and privacy.
Technically, How Do Digital Signatures Work?
Data is electronically signed by applying the originator’s private key to the data.
To increase the speed of the process, the private key is applied to a shorter form of the

DBA 1727
data, called a “hash” or “message digest,” rather than to the entire set of data. The resulting
NOTES digital signature can be stored or transmitted along with the data. The signature can be
verified by any party using the public key of the signer. This feature is very useful, for
example, when distributing signed copies of virus-free .software. Any recipient can verify
that the program re-mains virus-free. If the signature verifies properly, then the verifier has
confidence that the data was not modified after 1:Jeing signed and that the owner of the
public key was the signer.
Digital signatures ensure authentication in the following way. In order to digitally

sign a document, a user combines her private key and the document and performs a
computation on the composite (key+docurnent) in order to generate a unique number
called the digital signature. For example, when an electronic document, such as an order
form with a credit card number, is run through the digital signature process, the output is a
unique “fingerprint” of the document. This “fingerprint” is attached to the original message
and further encrypted with the signer’s private key. If a user is communicating with her
bank, she sends the result of the second encryption to her bank. The bank then decrypts
the document using her public key, and checks to see if the enclosed message has been
tampered with by a third party. To verify the signature, the bank performs a computation
involving the original document, the purported digital signature, and the customer’s public
key. If the results of the computation generate a matching “fingerprint” of the document,
the digital signature is verified as genuine; otherwise, the signature may be fraudulent or the
message altered.
Digital signatures, variations of which are being explored by several companies,

are the basis for secure commerce. A digital signature provides a way to associate the
message with the sender, and is the cyberspace equivalent of “signing” for purchases. In
this way, consumers can use credit card accounts over the Internet.
Digital Certificates
Authentication is further strengthened by the use of digital certificates. Before two

parties, Bob and Alice, use public-key encryption to conduct business, each wants to be
sure that the other party is authenticated. Before Bob accepts a message with Alice’s
digital signature, he wants to be sure that the public key belongs to Alice and not to someone
masquerading as Alice on an open network. One way to be sure that the public key
belongs to Alice is to receive it over a secure channel directly from Alice. However, in most
circumstances this solution is not practical.

An alternative to the use of a secure channel is to use a trusted third party to

authenticate that the public key belongs to Alice. Such a party is known as a certificate
NOTES
authority (CA). Once Alice has provided proof of her identity, the certificate authority
creates a message containing Alice’s name and her public key. This message, known as a
certificate, is digitally signed by the certificate authority. It contains owner identification
information, as well as a copy of one of the owner’s public keys. To get the most benefit,
the public key of the certificate authority should be known to as many people as possible.
Thus by using one public key (that of a CA) as a trusted third- party means of establishing
authentication, disparate parties can engage in electronic commerce with a high degree of
trust. In many ways, digital certificates are the heart of secure electronic transactions.
Through the use of a common third party, digital certificates provide an easy and convenient
way to ensure that the participants in an electronic commerce transaction can trust each
other. For example, in the credit card industry, Visa provides digital certificates to the
card-issuing financial institution, and the institution then provides a digital certificate to the
cardholder. A similar process takes place for the merchant. At the time of the transaction,
each party’s software validates both merchant and cardholder before any information is
exchanged. The validation takes place by checking the digital certificates that were both
issued by an authorized and trusted third party. In short, digital certificates ensure that two
computers talking to each other may successfully conduct electronic commerce.
4.2.2.2 Firewall
A firewall is simply a program or hardware device that filters the information coming
through the Internet connection into your private network or computer system. If an incoming
packet of information is flagged by the filters, it is not allowed through. Let’s say that you
work at a company with 500 employees. The company will therefore have hundreds of
computers that all have network cards connecting them together. In addition, the company
will have one or more connections to the Internet through something like T1 or T3 lines.
Without a firewall in place, all of those hundreds of computers are directly accessible to
anyone on the Internet. A person who knows what he or she is doing can probe those
computers, try to make FTP connections to them, try to make telnet connections to them
and so on. If one employee makes a mistake and leaves a security hole, hackers can get to
the machine and exploit the hole.
With a firewall in place, the landscape is much different. A company will place a
firewall at every connection to the Internet (for example, at every T1 line coming into the

DBA 1727
company). The firewall can implement security rules. For example, one of the security
NOTES rules inside the company might be:
Out of the 500 computers inside this company, only one of them is permitted to
receive public FTP traffic. Allow FTP connections only to that one computer and prevent
them on all others. A company can set up rules like this for FTP servers, Web servers,
Telnet servers and so on. In addition, the company can control how employees connect to
Web sites, whether files are allowed to leave the company over the network and so on. A
firewall gives a company tremendous control over how people use the network.
Firewalls use one or more of three methods to control traffic flowing in and out of
the network:
• Packet filtering - Packets (small chunks of data) are analyzed against a set
of filters. Packets that make it through the filters are sent to the requesting
system and all others are discarded.
• Proxy service - Information from the Internet is retrieved by the firewall and
then sent to the requesting system and vice versa.
• Stateful inspection - A newer method that doesn’t examine the contents of
each packet but instead compares certain key parts of the packet to a database
of trusted information.
Information travelling from inside the firewall to the outside is monitored for specific
defining characteristics, then incoming information is compared to these characteristics. If
the comparison yields a reasonable match, the information is allowed through. Otherwise
it is discarded
4.2.3 Creating a Secure System
It’s a known saying Prevention is the best medicine and this implies equally well to
compute security. The” first step is to keep the security of your data files such that only the
right people can see them. This is especially crucial for any of the following types of data
and files.
• User passwords
• Billing files

• System and user logs

• Credit card information
NOTES
• Trusted remote system information
• Compiler
• Administration tools
User passwords and usage logs should be kept secure to keep pirate from looking
at those files to figure out how to gain further access to your system. Keeping your password
files shadowed or hidden keeps pirates from remotely acquiring your file and then running
password cracking programs on the file in their own time.
Finally, be sure to protect administration tools as well as compiler. General users

to your system should not have access to these tools because, if they fall into wrong hands,
the tools can be used to create programs that aid the pirate in greasing security.”
4.2.4 Storing Secure Information
The most insure part of the Internet is not the Net itself but the source and destination
of users and computers on the net. As the user of the system, you should know the place
and the method to store your data. When you are connected to the network your personal
system is vulnerable. Because of the nature slip type connectivity and TCP/IP networks,
someone else could be probing your system while you are working. Decrypted data
residing on your hard disk may be available to outside for snooping. As server and browser
security increases almost pirates will be driven to breaking into the system at the source or
at the destination. This information of-course applies equally to the both the user and the
storeowner. Storeowners must ensure that product information database is secure. Again
store owners should ensure that they encrypt archived transactions, as well as transactions
in the process of being fulfilled. If a business can afford only lesser security then the best
you can do is keep permissions of files hidden from pirates. One of the best security
measures that you can take for physically stored data is to have hardware password
protection. Many commercial products provide this facility and often work well to keep
the data secure. Another security measure is to delete the not required data or information.
Simply deleting the information is not enough. Pirates can easily undelete previously deleted
information. They can even unformatted a formatted disk after securely deleting file
defrayment your drive using any popular disk utility. Such program ensures that the original
structure of the disk is recognized leaving no recoverable data. The best solution is to use

DBA 1727
programs like the Defense Departments recommended secure delete program. Such
NOTES programs are available in software archives throughout the Internet. Before marking the
file as deleted, such programs first write repeating sequences of bits to each bit within the
file. This ensures that magnetic particles are mixed several times so that traces of data are
not readable.
Another type of pirating is also done by using, the electromagnetic emissions that
come from the monitors. In the early age of computing, programmers could debug programs
by turning on a radio and placing it near the computer. The internal clock speed of the
computer would oscillate like the radio stations. So they could hear the programming
sequence running on the computer. The programmers soon learn how to interpret the
different sound frequencies to determine what was happening in their program. A type of
technology and research called TEMPEST is available that can reverse this electromagnetic
radiation into a reasonable reproduction of the original information.
The degree of security for computer connected Into Internet, depends upon the
requirements and cost. Every one should take the basic measures of creating secure
passwords, not leaving printouts laying around, and keeping hard” Yare secure. One
should encrypt sensitive data that sent over the Internet. The basic measures should be
enough to cover the average security standards for the company. But monitor the system
in, regular intervals. If security breaches are encounter, more sophisticated security measures
should be implemented. Particularly, the companies are vulnerable those are involved in
national security or those that have such companies as clients.

4.3 ELECTRONIC FUNDS TRANSFER

NOTES
4.3.1 What is EFT?
An electronic funds transfer (also known as EFT) is a system for transferring money
from one bank to another without using paper money. Its use has become widespread with
the arrival of personal computers, cheap networks, improved cryptography and the Internet.
Since it is affected by financial fraud, the electronic funds transfer act was
implemented. This federal law protects the consumer in case a problem arises at the moment
of the transaction.
The history electronic funds transfer originated from the common funds transfer of
the past. Since the 19th century, and with the help of telegraphs, funds transfers were an
usual thing in commercial transactions. Finally, it migrated itself to computers and became
the electronic money transfers of today.
4.3.2 Where do we find EFT?
One of the most common EFT’s is Direct Deposit. It is used by employers for
depositing their employees’ salary in a bank account. Other kind of EFT is the automatic
charge to your check or savings account. For example, when you are paying a mortgage,
the bank will discharge the monthly payment from a pre-accorded bank account. The
benefit is that you won’t have to go to the bank to do it. It’s automatic.
ATM’s are also used for EFT’s. Since an automatic teller machine is much cheaper
than a group of bank tellers, it has helped to bring costs down and beneficiate the costumer.
Points of sale (also known as POS) are also part of this group. Those little blue or
dark blue machines in which you pass your card are doing an electronic fund transfer from
your account to the retail account.
4.3.3 Advantages of EFT:
The main advantage of an electronic funds transfer is time. Since all the transaction
is done automatically and electronically, the bank doesn’t need to pay a person to do it, a

DBA 1727
person to drive the loans to the other bank, the cost of the transport, the cost of the
NOTES maintenance of the transport, insurance and the gas of the transport. EFT’s have
revolutionized modern banking.
Other benefit is immediate payment, which brings an up to date cash flow. You
won’t hear either about lost checks causes by the inefficiency of normal mail (nowadays
known as snail mail for its velocity compared to emails) and up to date bookkeeping.
4.3.4 Electronic Funds Transfers Initiated By Third Parties.
You may authorize a third party to initiate electronic funds transfers between your
account and the third party’s account. These transfers to make or receive payment may be
one-time occurrences or may recur as directed by you. These transfers may use the
Automated Clearinghouse (ACH) or other payments network. Your authorization to the
third party to make these transfers can occur in a number of ways. In some cases, your
authorization can occur when the merchant posts a sign informing you of their policy. In all
cases, the transaction will require you to provide the third party with your account number
and bank information. This information can be found on your check as well as on a deposit
or withdrawal slip. Thus, you should only provide your bank and account information
(whether over the phone, the Internet, or via some other method) to trusted third parties
whom you have authorized to initiate these electronic funds transfers. Examples of these
transfers include, but are not limited to:
• Preauthorized credits. You may make arrangements for certain direct deposits
to be accepted into your checking or savings account(s).
• Preauthorized payments. You may make arrangements to pay certain
recurring bills from your checking account(s).
• Electronic check conversion. You may provide your check to a merchant
or service provider who will scan the check for the encoded bank and account
information. The merchant or service provider will then use this information to
convert the transaction into an electronic funds transfer. This may occur at the
point of purchase, or when you provide your check by other means such as
by mail or drop box.
• Electronic returned check charge. Some merchants or service providers
will initiate an electronic funds transfer to collect a charge in the event a check
is returned for insufficient funds.

Limitations on frequency of transfers section regarding limitations that apply to

savings accounts.
NOTES
ATM Transfers – types of transfers and dollar limitations – You may access your
account(s) by ATM using your MasterMoney® card and personal identification number
to:
• make deposits to checking account(s) with a check card

• get cash withdrawals from checking with a check card
• transfer funds from checking to money market account(s) with a check card
• get information about the account balance of your checking account(s) with a
check card.
Some of these services may not be available at all terminals.
Currency Conversion.
If you effect a transaction with your MasterMoney® Card in a currency other

than US Dollars. MasterCard International Incorporated will convert the charge into a US
dollar amount. MasterCard International will use its currency conversion procedure, which
is disclosed to institutions that issue MasterCard cards. Currently, the conversion rate
used by MasterCard International to determine the transaction amount in US dollars for
such transactions is generally either a government mandated rate or a wholesale rate
determined by MasterCard International for the processing cycle in which the transaction
is processed , increased by an adjustment factor established from time to time by
MasterCard International. The currency conversion rate used by MasterCard International
on the processing date may differ from the rate that would have been used on the purchase
date or cardholder statement posting date.
Advisory Against Illegal Use.
You agree not to use your card(s) for illegal gambling or other illegal purpose.
Display of a payment card logo by, for example an online merchant does not necessarily
meant that transactions are lawful in all jurisdictions in which the cardholder may be located.

DBA 1727
Computer Transfer – types of transfers –

NOTES
You may access your account(s) by computer through the internet by logging onto
our website at firststarbank.com and using your user identification number, your password,
and a secure web browser, to:
• transfer funds from checking to checking

• transfer funds from checking to money market
• transfer funds from money market to checking
• transfer funds from money market to money market
• transfer funds from line of credit to checking
• transfer funds from line of credit to money market
• make payments from checking to third parties
• make payments from checking or money market to loan account(s) with us
• get information about:
the account balance of checking account(s)
the account balance of money market account(s)
Limitations on frequency of transfers.
In addition to those limitations on transfers elsewhere described, if any, the following

limitations apply:
Transfers from a money market account to another account or to third parties

by preauthorized, automatic, telephone, or computer transfer are limited to
six per month with no more than three by check, draft, or similar order to
third parties.
For security reasons, there are other limits on the number of transfers and
dollar amount you can make by check card.
FINANCIAL INSTITUTION’S LIABILITY
Liability for failure to make transfers. If we do not complete a transfer to or from your
account on time or in the correct amount according to our agreement with you, we will be
liable for your losses or damages. However, there are some exceptions. We will not be
liable, for instance:

(1) If, through no fault of ours, you do not have enough money in your account to
make the transfer.
NOTES
(2) If you have an overdraft line and the transfer would go over the credit limit.
(3) If the automated teller machine where you are making the transfer does not have
enough cash.
(4) If the terminal or system was not working properly and you knew about the
breakdown when you started the transfer.
(5) If circumstances beyond our control (such as fire or flood) prevent the transfer,
despite reasonable precautions that we have taken.
(6) There may be other exceptions stated in our agreement with you.
CONFIDENTIALITY
We will disclose information to third parties about your account or the transfers you make:
(1) where it is necessary for completing transfers; or

(2) in order to verify the existence and condition of your account for a third party, such
as credit bureau or merchant; or
(3) in order to comply with government agency or court orders; or
(4) as explained in the separate Privacy Disclosure.
4.3.5 Online Catalogs
Online catalogs provide easy access to product information. Consumers are

benefited because they are able to obtain detailed, up to the minute information about a
wide range of products over the Internet, without having to endure the inconvenience of
visiting a showroom.
For assisted selling, a valuable tool is a marketing encyclopedia, an intelligent

electronic catalog that connects sales representatives and customers to a company’s most
current product and service information. It provides a single point of entry for harnessing
and distributing all product information. Product managers can update information in the
database and immediately broadcast the changes throughout the enterprise. Some critical
requirements of any marketing encyclopedia are the ability to easily create and maintain a
repository of product information; the ability to create multiple search mechanisms to assist
in locating information; and the ability to alert sales representatives and customers to bundled
products and services, promotions, and complementary products.

DBA 1727
4.3.6 Intelligent Agents

NOTES
The Intelligent agent is software that assists people and acts on their behalf. Intelligent
agents work by allowing people to delegate work that they could have done, to the agent
software. Agents can, just as assistants can, automate repetitive tasks, remember things
the user might have forgotten, intelligently summarize complex data, learn from the user
and even make recommendations to the user. In addition to making recommendations to
the user, the agents can also make decisions and perform actions based on those decisions.
One typical use of the intelligent agent may be found in the exploration of data on the
Internet. The Internet can be viewed as a large distributed Information resource, with
connecting systems that are designed and implemented by many different organizations
with various goals and agendas. The growth of the Internet and correspondingly the vast
amount of Information it holds, presents a problem to the users-information overload. This
causes a problem of locating the relevant information. As a result much of the information
is discarded and processed in a sub optimal manner. The agent technology may help the
user by helping the user get around this problem. In times to come it is hoped that agent
technology can enhance the feature of electronic commerce by efficiently matching buyers
and sellers.

Intelligent Agent Computing Agent

NOTES
Three primary dimensions of the agents have been defined:
agency, intelligence and mobility.
1. Agency: The degree of autonomous action that can me taken; that is actions performed
without the need for direct human intervention or intervention by other agents. The agents
should have control over the actions performed within its system, i.e., not have actions
performed by other agents. Other agents can request actions, but the agent itself decides
whether to approve and allow the action.
2. Intelligence: The extent to which an agent can understand its own internal state and its
external environment. The level of intelligence is further classified according to its ability to
respond, to adapt and to take initiative.
3. Respond: Agents should perceive and respond to their environments.
4.4 CREDIT CARD BASED-ELECTRONIC PAYMENT SYSTEM
4.4.1 What is credit card?
A credit card is a system of payment named after the small plastic card issued to
users of the system. A credit card is different from a debit card in that it does not remove
money from the user’s account after every transaction. In the case of credit cards, the
issuer lends money to the consumer (or the user) to be paid to the merchant. It is also
different from a charge card (though this name is sometimes used by the public to describe
credit cards), which requires the balance to be paid in full each month.
4.4.2 Secured credit cards
A secured credit card is a type of credit card secured by a deposit account owned
by the cardholder. Typically, the cardholder must deposit between 100% and 200% of the
total amount of credit desired. Thus if the cardholder puts down Rs. 1000, he or she will
be given credit in the range of Rs. 500–Rs. 1000. In some cases, credit card issuers will
offer incentives even on their secured card portfolios. In these cases, the deposit required
may be significantly less than the required credit limit, and can be as low as 10% of the

DBA 1727
desired credit limit. This deposit is held in a special savings account. Credit card issuers
NOTES offer this as they have noticed that delinquencies were notably reduced when the customer
perceives he has something to lose if he doesn’t repay his balance.
The cardholder of a secured credit card is still expected to make regular payments,
as he or she would with a regular credit card, but should he or she default on a payment,
the card issuer has the option of recovering the cost of the purchases paid to the merchants
out of the deposit. The advantage of the secured card for an individual with negative or no
credit history is that most companies report regularly to the major credit bureaus. This
allows for building of positive credit history.
Although the deposit is in the hands of the credit card issuer as security in the event
of default by the consumer, the deposit will not be debited simply for missing one or two
payments. Usually the deposit is only used as an offset when the account is closed, either
at the request of the customer or due to severe delinquency (150 to 180 days). This means
that an account which is less than 150 days delinquent will continue to accrue interest and
fees, and could result in a balance which is much higher than the actual credit limit on the
card. In these cases the total debt may far exceed the original deposit and the cardholder
not only forfeits their deposit but is left with an additional debt.
Most of these conditions are usually described in a cardholder agreement which

the cardholder signs when their account is opened.
Secured credit cards are an option to allow a person with a poor credit history or
no credit history to have a credit card which might not otherwise be available. They are
often offered as a means of rebuilding one’s credit. Secured credit cards are available with
both Visa and MasterCard logos on them. Fees and service charges for secured credit
cards often exceed those charged for ordinary non-secured credit cards, however, for
people in certain situations, (for example, after charging off on other credit cards, or people
with a long history of delinquency on various forms of debt), secured cards can often be
less expensive in total cost than unsecured credit cards, even including the security deposit.
4.4.2.1 Security Overview
Credit card security is based on privacy of the actual credit card number. This
means that whenever a person other than the card owner reads the number, security is

potentially compromised. Since this happens most of the time when a transaction is made,
security is low. However, a user with access to just the number can only make certain
NOTES
types of transactions. Merchants will often accept credit card numbers without extra
verification for mail order, but then the delivery address will be recorded, so the thief must
make sure he can have the goods delivered to an anonymous address (i.e. not his own)
and collect them without being detected. Some merchants will accept a credit card number
for in-store purchases, whereupon access to the number allows easy fraud, but many
require the card itself to be present, and require a signature. Thus, a stolen card can be
cancelled, and if this is done quickly, no fraud can take place in this way. For internet
purchases, there is sometimes the same level of security as for mail order (number only)
hence requiring only that the fraudster take care about collecting the goods, but often there
are additional measures. The main one is to require a security PIN with the card, which
requires that the thief have access to the card.
4.4.2.2 Credit card numbering
The numbers found on credit cards have a certain amount of internal structure, and
share a common numbering scheme.
The card number’s prefix, called the Bank Identification Number, is the sequence
of digits at the beginning of the number that determine the bank to which a credit card
number belongs. This is the first six digits for MasterCard and Visa cards. The next nine
digits are the individual account number, and the final digit is a validity check code.
In addition to the main credit card number, credit cards also carry issue and
expiration dates (given to the nearest month), as well as extra codes such as issue numbers
and security codes. Not all credit cards have the same sets of extra codes nor do they use
the same number of digits.
4.4.3 Credit cards in ATMs
Many credit cards can also be used in an ATM to withdraw money against the
credit limit extended to the card but many card issuers charge interest on cash advances
before they do so on purchases. The interest on cash advances is commonly charged from
the date the withdrawal is made, rather than the monthly billing date. Many card issuers
levy a commission for cash withdrawals, even if the ATM belongs to the same bank as the

DBA 1727
card issuer. Merchants do not offer cash back on credit card transactions because they
NOTES would pay a percentage commission of the additional cash amount to their bank or merchant
services provider, thereby making it uneconomical.
Many credit card companies will also, when applying payments to a card, do so at
the end of a billing cycle, and apply those payments to everything before cash advances.
For this reason, many consumers have large cash balances, which have no grace period
and incur interest at a rate that is (usually) higher than the purchase rate, and will carry
those balances for years, even if they pay off their statement balance each month.
4.4.4 Credit Card payment-online networks
We can break credit card payment on on-line networks into three basic categories:
1. Payments using plain credit card details.
The easiest method of payment is the exchange of unencrypted credit cards over
a public network such as telephone lines or the Internet. The low level of security inherent
in the design of the Internet makes this method problematic (any snooper can read a credit
card number, and programs can be created to scan the Internet traffic for credit card
numbers and send the numbers to its master). Authentication is also a significant problem,
and the vendor is usually responsible to ensure that the person using the credit card is its
owner. Without encryption there is no way to do this.
2. Payments using encrypted credit card details.
It would make sense to encrypt your credit card details before sending them out,
but even then there are certain factors to consider. One would be the cost of a credit card
transaction itself. Such cost would prohibit low-value payments (micro payments) by adding
costs to the transactions.
3. Payments using third-party verification.
One solution to security and verification problems is the introduction of a third

party: a company that collects and approves payments from one client to another. After a
certain period of time, one credit card transaction for the total accumulated amount is
completed.

4.4.5 Encryption and Credit Cards

NOTES
Encryption is instantiated when credit card information is entered into a browser
or other electronic commerce device and sent securely over the net-work from buyer to
seller as an encrypted message. This practice, however, does not meet important
requirements for an adequate financial system, such as non refutability, speed, safety, privacy,
and security. To make a credit card transaction truly secure and non-refutable, the following
sequence of steps must occur before actual goods, services, or funds flow:
1. A customer presents his or her credit card information (along with an authenticity
signature or other information such as mother’s maiden name) securely to the
merchant.
2. The merchant validates the customer’s identity as the owner of the cred-it card
account.
3. The merchant relays the credit card charge information and signature to its bank or
on-line credit card processors.
4. The bank or processing party relays the information tot the customer’s; bank for
authorization approval.
5. The customer’s bank returns the credit card data, charge authentication, and
authorization to the merchant.
In this scheme, each consumer and each vendor generates a public key and a
secret key. The public key is sent to the credit card company and put on its public key
server. The secret key is re-encrypted with a password, and the unencrypted version is
erased. To steal a credit card, a thief would have to get access to both a consumer’s
encrypted secret key and password. The credit card company sends the consumer a
credit card number and a credit limit. To buy something from vendor X, the consumer
sends vendor X the message, ‘It is now time T. I am paying Y dollars to X for item Z,” then
the consumer uses his or her password to sign the message with the public key. The
vendor will then sign the message with its own secret key and send it to the credit card
company, which will bill the consumer for Y dollars and give the same amount (less a fee)
to X. (See Fig.4.4.5(a) Nobody can cheat this system. The consumer can’t claim that he
didn’t agree to the transaction, because he signed it (as in everyday life). The vendor can’t
invent fake charges, because he doesn’t have access to the consumer’s key. He can’t
submit the same charge twice, because the consumer included the precise time in the
message. To become useful, credit Card systems will have to develop distributed key

DBA 1727
servers and card checkers. Otherwise, a con-centrated attack on these sites could bring
NOTES the system to a halt.
Support for Privacy Enhanced Mail (PEM) and Pretty Good Privacy (PGP)
encryption has been built into several browsers. Both of these schemes can be substantially
bolstered with the addition of encryption to defeat snooping attacks. Now any vendor can
create a secure system that accepts credit card numbers in about an hour.
Figure 4.4.5(a) Processing payments using encrypted credit cards
4.4.6 Advantages and Disadvantage of credit cards:
Consumers use credit cards by presenting them for payment and then paying an
aggregate bill once a month. Consumers pay either by flat fee or individual transaction
charges for this service. Merchants get paid for the credit card drafts that they submit to
the credit card company. Businesses get charged a transaction charge ranging from 1
percent to 3 percent for each draft submitted.

• Credit cards have advantages over checks in that the credit card company assumes
a larger share of financial risk for both buyer and seller in a transaction. Buyers can
NOTES
sometimes dispute a charge retroactively and have the credit card company act on
their behalf. Sellers are ensured that they will be paid for all their sales—they
needn’t worry about fraud.
• One disadvantage to credit cards is that their transactions are not anonymous, and
credit card companies do in fact compile valuable data about spending habits.
• Record keeping with credit cards is one of the features consumers value most
because of disputes and mistakes in billing. Disputes may arise because different
services may have different policies. For example, an information provider might
charge for partial delivery of a file (the user may have abandoned the session after
reading part of the file), and a movie distributor might charge depending on how
much of the video had been downloaded. The cause of interrupted delivery needs
to be considered in resolving disputes (e.g., intentional customer action versus a
problem in the network or provider’s equipment). In general, implementing payment
policies will be simpler when payment is made by credit rather than with cash.
• The complexity of credit card processing takes place in the verification phase, a
potential bottleneck. If there is a lapse in time between the charging and the delivery
of goods or services (for example, when an airline ticket is purchased well in
advance of the date of travel), the customer verification process is simple because
it does not have to be done in real time. In fact, all the relaying and authorizations
can occur after the customer-merchant transaction is completed, unless the
authorization request is denied. If the customer wants a report (or even a digital
airline ticket), which would be downloaded into a PC or other information appliance
immediately at the time of purchase, however, many message relays and
authorizations take place in real time while the customer waits. Such exchanges
may require many sequence-specific operations such as staged encryption and
decrying and exchanges of cryptographic keys.
• Encryption and transaction speed must be balanced, however, as research has
show that on-line users get very impatient and typically wait for 20 seconds before
pursuing other actions. Hence, on-line credit card users must find the process to
be accessible, simple, and fast. Speed will have design and cost implications, as it
is a function of network capabilities, computing power, available at every server,
and the specific form of the transaction. The infrastructure supporting the exchange
must be reliable. The user must feel confident that the supporting payment

DBA 1727
infrastructure will be available on demand and that the system will operate
NOTES reasonably well regardless of component failures or system load conditions. The
builders and providers of this infrastructure are aware of customer requirements
and are in fierce competition to fulfill those needs.
4.4.7 Infrastructure for On-Line Credit Card Processing
Competition among these players is based on service quality, price, processing system
speed, customer support, and reliability. Most third-party processors market their services
directly to large regional or national merchants rather than through financial institutions or
independent sales organizations
.
Barriers to entry include
(1) large initial capital requirements,

(2) ongoing expenses related to establishing and maintaining an electronic transaction
processing network,
(3) the ability to obtain competitively priced access to an existing network, and
(4) the reluctance of merchants to change processors. What exactly is at stake here? A
lot. In the emerging world of ecommerce,, the companies that own the transaction
infrastructure will be able to charge a fee, much as banks do today with ATMs. This
could be extremely profitable. Microsoft, VISA, and other companies understand
that they have to do something. If they wait for a clear path to emerge, it will be “too
little too late.” They know all too well that ecommerce transaction architectures
(similar to MS-DOS or Windows) on which other e-commerce applications are
developed will be very profitable.
Many companies are developing advanced electronic services for home-based

financial transactions, and software companies are increasingly allying with banks to sell
home banking. Eventually, the goal would be to offer everything from mutual funds to
brokerage services over the network. Many banks are concerned about this prospect and
view it as an encroachment on their turf. After years of dabbling, mostly unsuccessfully,
with remote banking, banking is receiving a jarring message: Get wired or lose customers.
The traditional roles are most definitely being reshuffled, and electronic payment
on the Internet can have a substantial effect on transaction processing in the “real” (non

electronic) world. According to some estimates, trans-action processing services account,

for as much as 25 percent of non interest income for banks, so banks clearly stand to lose
NOTES
business. Why banks are on the defensive is obvious if we look at banking in the last ten
years. A decade ago, banks processed 90 percent of all bank card transactions, such as
VISA and MasterCard. Today, 70 percent of those transactions are processed by non-
banks such as First Data Resources. If software companies and other interlopers become
electronic toll-takers, banks could become mere homes for deposits, not the providers of
lucrative value-added services. Even more worrisome, banks could lose the all-important
direct link to be the customer’s primary provider of financial services that lets them hawk
profitable services. The effect of electronic commerce on the banking industry has been
one of total confusion. To be fair, things are happening so fast in this area that it’s hard to
keep up with it all.
4.4.8 Risks from Mistake and Disputes: Consumer Protection
Virtually all electronic payment systems need some ability to keep automatic records,
for obvious reasons. From a technical standpoint, this is no problem for electronic systems.
Credit and debit cards have them and even the paper-based check creates an automatic
record. Once information has been captured electronically, it is easy and inexpensive to
keep (it might even cost more to throw it away than to keep it). For example, in many
transaction processing systems, old or blocked accounts are never purged and old
transaction histories can be kept forever on magnetic tape. Given the intangible nature of
electronic transactions and dispute resolution relying solely on records, a general law of
payment dynamics and banking technology might be: No data need ever be discarded.
The record feature is an after-the-fact transcription of what happened, created without
any explicit effort by the transaction parties. Features of these automatic records include
(1) permanent storage;

(2) accessibility and traceability;
(3) a payment system database; and
(4) data transfer to payment maker, bank, or monetary authorities.
The need for record keeping for purposes of risk management conflicts with the
transaction anonymity of cash. One can say that anonymity exists today only because cash
is a very old concept, invented long before the computer and networks gave us the ability
to track everything. Although a segment of the payment-making public will always desire

DBA 1727
transaction anonymity, many believe that anonymity runs counter to the public welfare
NOTES because too many tax, smuggling, and/or money laundering possibilities exist. The anonymity
issue raises the question: Can electronic payments hap-pen without an automatic record
feature?
Many recent payment systems seem to be ambivalent on this point. For instance,
the Mondex electronic purse touts equivalence with cash, but its electronic wallets are
designed to hold automatic records of the card’s last twenty transactions with a statement
built in. Obviously, the card-reading terminals, machines, or telephones could all maintain
records of all transactions and they probably ultimately will. With these records, the balance
on any smart card could be reconstructed after the fact, thus allowing for additional
protection against loss or theft. This would certainly add some value versus cash. In sum,
anonymity is an issue that will have to be addressed through regulation covering consumer
protection in electronic transactions. There is considerable debate on this point. An
anonymous payment system without automatic record keeping will be difficult for bankers
and governments to accept. Were the regulation to apply, each transaction would have to
be reported, meaning it would appear on an account statement making mistakes and disputes
easier to resolve. However, customers might feel that all this record keeping is an invasion
of privacy resulting in slower than expected adoption of electronic payment systems. The
next risk involved is the privacy of the customer making a purchase.
Managing Information Privacy
The electronic payment system must ensure and maintain privacy. Every time one
purchases goods using a credit card, subscribes to a magazine or accesses a server, that
information goes into, a database somewhere. Furthermore, all these records can be linked
so that they constitute in effect a single dossier. This dossier would reflect what items were
bought and where and when. This violates one the unspoken laws of doing business: that
the privacy of customers should be protected as much as possible. All details of a consumer’s
payments can be easily be aggregated: Where, when, and sometimes what the consumer
buys is stored. This collection of data tells much about the person and as such can conflict
with the individual’s right to privacy. Users must be assured that knowledge of transactions
will be confidential, limited only to the parties involved and their designated agents (if
any).Privacy must be maintained against eavesdroppers on the network and against
unauthorized insiders. The users must be assured that they cannot be easily duped, swindled,
or falsely implicated in a fraudulent transaction. This protection must apply throughout the

whole transaction protocol by which a good or service is purchased and delivered. This
implies that, for many types of transactions, trusted third-party agents will be needed to
NOTES
vouch for the authenticity and good faith of the involved parties..
Managing Credit Risk
Credit or systemic risk is a major concern in net settlement systems because a

bank’s failure to settle its net position could lead to a chain reaction of bank failures. The
digital central bank must develop policies to deal with this possibility. Various alternatives
exist, each with advantages and disadvantages. A digital central bank guarantee on settlement
removes the insolvency test from the system because banks will more readily assume
credit risks from other banks. Without such guarantees the development of clearing and
settlement systems and money markets-may be impeded. A middle road is also possible,
for example, setting controls on bank exposures (bilateral or multilateral) and requiring
collateral. If the central bank does not guarantee settlement, it must define, at least internally,
the conditions and terms for extending liquidity to banks in connection with settlement.
Despite cost and efficiency gains, many hurdles remain to the spread of electronic payment
systems.
4.5 Debit card based-Electronic Payment System
4.5.1 What is a debit card?
A debit card (also known as a gift card) is a plastic card which provides an
alternative payment method to cash when making purchases. Physically the card is an ISO
7810 card like a credit card; however, its functionality is more similar to writing a cheque
as the funds are withdrawn directly from either the cardholder’s bank account (often referred
to as a check card), or from the remaining balance on the card.
Depending on the store or merchant, the customer may swipe or insert their card
into the terminal, or they may hand it to the merchant who will do so. The transaction is
authorized and processed and the customer verifies the transaction either by entering a
PIN or, occasionally, by signing a sales receipt.
In some countries the debit card is multipurpose, acting as the ATM card for
withdrawing cash and as a check guarantee card. Merchants can also offer “cashback”/

DBA 1727
”cashout” facilities to customers, where a customer can withdraw cash along with their
NOTES purchase.
The use of debit cards has become wide-spread in many countries and has overtaken
the check, and in some instances cash transactions by volume. Like credit cards, debit
cards are used widely for telephone and Internet purchases.
4.5.2 Types of debit card
A Finnish smart card. The 3 by 5 mm security chip embedded in the card is shown
enlarged in the inset. The gold contact pads on the card enable electronic access to the
chip.
An example of the front of a typical debit card:
1. Issuing bank logo

2. EMV chip
3. Hologram
4. Card number
5. Card brand logo
6. Expiry date
7. Cardholder’s name
An example of the reverse side of a typical debit card:
1. Magnetic stripe
2. Signature strip
3. Card Security Code
Although many debit cards are of the Visa or MasterCard brand, there are many
other types of debit card, each accepted only within a particular country or region, for
example Switch (now: Maestro) and Solo in the United Kingdom, Carte Bleue in France,
Laser in Ireland, “EC electronic cash” (formerly Eurocheck) in Germany and EFTPOS
cards in Australia and New Zealand. The need for cross-border compatibility and the
advent of the euro recently led to many of these card networks (such as Switzerland’s “EC
direkt”, Austria’s “Bankomatkasse” and Switch in the United Kingdom) being rebranded

with the internationally recognised Maestro logo, which is part of the MasterCard brand.
Some debit cards are dual branded with the logo of the (former) national card as well as
NOTES
Maestro (e.g. EC cards in Germany, Laser cards in Ireland, Switch and Solo in the UK,
Pinpas cards in the Netherlands, Bancontact cards in Belgium, etc.). Debit card systems
have become popular in video arcades, bowling centers and theme parks. The use of a
debit card system allows operators to package their product more effectively while
monitoring customer spending. An example of one of these systems is ECS by Embed
International.
4.5.3 Online and offline debit transactions
Typical debit card transaction machine, branded to McDonalds.
There are currently two ways that debit card transactions are processed: online
debit (also known as PIN debit) and offline debit (also known as signature debit). In
some countries including the United States and Australia, they are often referred to at point
of sale as “debit” and “credit” respectively, even though in either case the user’s bank
account is debited and no credit is involved.
Online debit (“PIN debit” or “debit”)
Online debit cards require electronic authorization of every transaction and the
debits are reflected in the user’s account immediately. The transaction may be additionally
secured with the personal identification number (PIN) authentication system and some
online cards require such authentication for every transaction, essentially becoming enhanced
automatic teller machine (ATM) cards. One difficulty in using online debit cards is the
necessity of an electronic authorization device at the point of sale (POS) and sometimes
also a separate PINpad to enter the PIN, although this is becoming commonplace for all
card transactions in many countries. Overall, the online debit card is generally viewed as
superior to the offline debit card because of its more secure authentication system and live
status, which alleviates problems with processing lag on transactions that may have been
forgotten or not authorized by the owner of the card. Banks in some countries, such as
Canada and Brazil, only issue online debit cards.

DBA 1727
Offline debit (“signature debit” or “credit”)

NOTES
Offline debit cards have the logos of major credit cards (e.g. Visa or MasterCard)
or major debit cards (e.g. Maestro in the United Kingdom and other countries, but not the
United States) and are used at point of sale like a credit card. This type of debit card may
be subject to a daily limit, as well as a maximum limit equal to the amount currently deposited
in the current/checking account from which it draws funds. Offline debit cards in the United
States and some other countries are not compatible with the PIN system, in which case
they can be used with a forged signature, since users are rarely required to present
identification. Transactions conducted with offline debit cards usually require 2-3 days to
be reflected on users’ account balances.
4.5.4 Advantages and Disadvantages
Debit and check cards, as they have become widespread, have revealed numerous
advantages and disadvantages to the consumer and retailer alike. Advantages are as follows:
• A consumer who is not credit worthy and may find it difficult or impossible to
obtain a credit card can more easily obtain a debit card, allowing him/her to make
plastic transactions.
• Use of a debit card is limited to the existing funds in the account to which it is
linked, thereby preventing the consumer from racking up debt as a result of its use,
or being charged interest, late fees, or fees exclusive to credit cards.
• For most transactions, a check card can be used to avoid check writing altogether.
Check cards debit funds from the user’s account on the spot, thereby finalizing the
transaction at the time of purchase, and bypassing the requirement to pay a credit
card bill at a later date, or to write an insecure check containing the account
holder’s personal information.
• Like credit cards, debit cards are accepted by merchants with less identification
and scrutiny than personal checks, thereby making transactions quicker and less
intrusive. Unlike personal checks, merchants generally do not believe that a payment
via a debit card may be later dishonored.
• Unlike a credit card, which charges higher fees and interest rates when a cash
advance is obtained, a debit card may be used to obtain cash from an ATM or a
PIN-based transaction at no extra charge, other than a foreign ATM fee.

The debit card has many disadvantages as opposed to cash or credit:

NOTES
• Some banks are now charging over-limit fees or non-sufficient funds fees based
upon pre-authorizations, and even attempted but refused transactions by the
merchant (some of which may not even be known by the client).
• Many merchants mistakenly believe that amounts owed can be “taken” from a
customer’s account after a debit card (or number) has been presented, without
agreement as to date, payee name, and dollar and cent amount, thus causing penalty
fees for overdrafts, over-the-limit, amounts not available causing further rejections
or overdrafts, and rejected transactions by some banks.
• Debit cards offer lower levels of security protection than credit cards. Theft of the
users PIN using skimming devices can be accomplished much easier with a PIN
input than with a signature-based credit transaction.
• When a transaction is made using a credit card, the bank’s money is being spent,
and therefore, the bank has a vested interest in claiming its money where there is
fraud or a dispute. The bank may fight to void the charges of a consumer who is
dissatisfied with a purchase, or who has otherwise been treated unfairly by the
merchant. But when a debit purchase is made, the consumer has spent his/her
own money, and the bank has little if any motivation to collect the funds.
• For certain types of purchases, such as gasoline, lodging, or car rental, the bank
may place a hold on funds much greater than the actual purchase for a fixed period
of time. Until the hold is released, any other transactions presented to the account,
including checks, may be dishonored, or may be paid at the expense of an overdraft
fee if the account lacks any additional funds to pay those items.
• While debit cards bearing the logo of a major credit card are accepted for virtually
all transactions where an equivalent credit card is taken, a major exception is at
car rental facilities. Car rental agencies require an actual credit card to be used, or
at the very least, will verify the creditworthiness of the renter using a debit card.
These companies will deny a rental to anyone who does not fit the requirements,
and such a credit check may actually hurt one’s credit score.

DBA 1727
4.6 ELECTRONIC CHECKS

NOTES
4.6.1 E-Checks
Electronic checks are designed to accommodate the many individuals and entities
that might prefer to pay on credit or through some mechanism other than cash. Electronic
checks are modelled on paper checks, except that they are initiated electronically, use
digital signatures for signing and endorsing, and require the use of digital certificates to
authenticate the payer, the payer’s bank, and bank account. The security/authentication
aspects of digital checks are supported via digital signatures using public-key cryptography.
Ideally, electronic checks will facilitate new online services by: allowing new payment flows
(the payee can verify funds availability at the payer’s bank); enhancing security at each
step of the transaction through automatic validation of the electronic signature by each
party (payee and banks); and facilitating payment integration with widely used EDI-based
electronic ordering and billing processes. Electronic checks are delivered either by direct
transmission using telephone lines, or by public networks such as the Internet. Electronic
check payments (deposits) are gathered by banks and cleared through existing banking
channels, such as automated clearing houses (ACH) networks.
E-checks:
• contain the same information as paper checks contain

• are based on the same rich legal framework as paper checks
• can be linked with unlimited information and exchanged directly between parties
• can be used in any and all remote transactions where paper checks are used
today
• enhance the functions and features provided by bank checking accounts
• expand on the usefulness of paper checks by providing value-added information
4.6.2 Benefits of Electronic Checks
Electronic checks have the following advantages:
• Electronic checks work in the same way as traditional checks, thus simplifying
customer education. By retaining the basic characteristics and flexibility of
paper checks while enhancing the functionality, electronic checks can be easily
understood and readily adopted.

• Electronic checks are well suited for clearing micro payments; the conventional
cryptography of electronic checks makes them easier to process than systems
NOTES
based on public-key cryptography (like digital cash). The payee and the
payee’s and payer’s banks can authenticate checks through the use of public-
key certificates. Digital signatures can also be validated automatically.
Electronic checks can serve corporate markets. Firms can use electronic
checks to complete payments over the networks in a more cost-effective
manner than present alternatives. Further, since the contents of a check can
be attached to the trading partner’s remittance information, the electronic
check will easily integrate with EDI applications, such as ac-counts receivable.
Electronic checks create float, and the availability of float is an important
requirement for commerce. The third-party accounting server can earn revenue
by charging the buyer or seller a transaction fee or a flat rate fee, or it can act
as a bank and provide deposit accounts and make money from the deposit
account pool.
• Electronic check technology links public networks to the financial payments
and bank clearing networks, leveraging the access of public net-works with
the existing financial payments infrastructure.
4.6.3 How do Electronic Check works?
Electronic checks are another form of electronic tokens. They are designed to
accommodate the many individuals and entities that might prefer to pay on credit or through
some mechanism other than cash. Buyers must register with a third-party account server
before they are able to write electronic checks. The account server also acts as a billing
service. The registration procedure can vary depending on the particular account server
and may require a credit card or a bank account to back the checks. Once registered, a
buyer can then contact sellers of goods and services. To complete a transaction, the buyer
sends a check to the seller for a certain amount of money. These checks may be sent using
e-mail or other transport methods.
When deposited, the check authorizes the transfer of account balances from the
account against which the check was drawn to the account to which the check was
deposited. The e-check method was deliberately created to work in much the same way
as a conventional paper check. An account holder will issue an electronic document that
contains the name of the payer, the name of the financial institution, the payer’s account

DBA 1727
number, the name of the payee and amount of the check. Most of the information is in
NOTES uncoded form. Like a paper check, an e-check will bear the digital equivalent of a signature:
a computed number that authenticates the check as coming from the owner of the account.
And, again like a paper check, an e-check will need to be endorsed by the payee, using
another electronic signature, before the check can be paid. Properly signed and endorsed
checks can be electronically exchanged between financial institutions through electronic
clearinghouses, with the institutions using these endorsed checks as tender to settle accounts.
The specifics of the technology work in the following manner:
On receiving the check, the seller presents it to the accounting server for verification
and payment. The accounting server verifies the digital signature on the check using any
authentication scheme. A user’s digital “signature” is used to create one ticket-a check-
which the seller’s digital “endorsement” transforms into another-an order to a bank computer
for fund transfer. Subsequent endorsers add successive layers of information onto the
tickets, precisely as a large number of banks may wind up stamping the back of a check
along its journey through the system.
4.6.4 Why do we use e-checks?
E-Checks have important new features. They offer:

• the ability to conduct bank transactions, yet are safe enough to use on the
Internet
• unlimited, but controlled, information carrying capability
• reduces fraud losses for all parties
• automatic verification of content and validity
• traditional checking features such as stop payments and easy reconciliation
• enhanced capabilities such as effective dating
The E-Check:
• can be used by all account holders, large and small, even where other electronic
payment solutions are too risky, or not appropriate
• is the most secure payment instrument available today
• provides rapid and secure settlement of financial obligations
• can be used with existing checking accounts
can be initiated from a variety of hardware platforms and software applications

4.6.5 Comparison with other payment instruments

NOTES
E-Check and Paper Checks
The electronic check (e-Check) is an all-electronic enhancement to the paper

check and is based on current check law. This white paper briefly compares paper and e-
checks, based on five categories: usage, cost, and allowance for errors, risk management,
and information richness.
E-checks and Debit cards
Debit cards are used by individuals and to a far lesser extent by businesses, to
make payments at the retail point-of-sale, or to obtain cash from ATMs. This white paper
will briefly compare the differences between debit cards and e-checks.
E-check and Automated Clearing House (ACH)
Since electronic checks are debit transactions, this white paper provides a high
level comparison of some of the main differences between the ACH debit system and e-
checks. These differences are reviewed in five main categories: terminology, business
practices, underlying technology, transaction authorization, and risk management.
E-check and Secure Electronic Transaction (SET)
The SET protocol specifications were defined by the credit card industry to facilitate
credit card purchases over the Internet. This white paper briefly compares the differences
between SET and e-checks.
E-check and Home Banking
Home banking bill payments are convenient for consumers, and although they
have some of the characteristics of electronic payments, there are significant differences
between echecks and home banking bill payments. This white paper will briefly explore
the differences between the two payment approaches.

DBA 1727
4.7 STORED VALUE CARDS AND E-CASH

NOTES
4.7.1 Smart Cards
Smart cards, also called stored value cards, use magnetic stripe technology or
integrated circuit chips to store customer-specific information, including electronic money.
The cards can be used to purchase goods or services, store information, control access to
accounts, and perform many other functions. Smart cards offer clear benefits to both
merchants and consumers. They reduce cash-handling expenses and losses caused by
fraud, expedite customer transactions at the checkout counter, and enhance consumer
convenience and safety. In addition, many state and federal governments are considering
stored value cards as an efficient option for dispersing government entitlements. Other
private sector institutions market stored value products to transit riders, university students,
telephone customers, vending customers, and retail customers.
One successful use of stored value cards is by New York’s Metropolitan

Transportation Authority (MTA). The MTA is the largest transportation agency in the United
States and, through its subsidiaries and affiliates, operates the New York City subway and
public bus system, the Long Island Railroad and Metro-North commuter rail systems, and
nine tolled intrastate bridges and tunnels. These facilities serve four million customers each
workday. In 1994, the MTA began the operation of an automated fare-collection system
based on a plastic card with a magnetic stripe. The MetroCard is either swiped through a
card reader at subway stations or dipped into a fare box on buses where the fare is
decremented. All 3,600 MTA buses became operational in 1996. The full complement of
467 subway stations is expected to be operational by mid-1997. By 1999, the MTA
anticipates more than 1.2 billion electronic fare collection transactions a year on subway
and bus lines. The management challenges created by smart card payment systems are
formidable. Institutions such as the MTA have made a considerable investment in the stored
value card processing network, and to get a good return on investment must identify new
and innovative ways to achieve additional operating efficiencies and value.
4.7.2 Smart Cards and Electronic Payment Systems
The enormous potential of electronic tokens is currently stunted by the lack of a

widely accepted and secure means of transferring money on-line. In spite of the many
prototypes developed, we are a long way from a universal payment system because

merchants and banks have to be signed up and a means has to be developed to transfer
money. Such a system moreover must be robust and capable of handling a large number of
NOTES
transactions and will require extensive testing and usage to iron out all the bugs.
In the meantime, thousands of would-be sellers of electronic commerce services

have to pay one another and are actively looking for payment substitutes. One such substitute
is the smart card. Smart cards have been in existence since the early 1980s and hold
promise for secure transactions using existing infrastructure. Smart cards are credit and
debit cards and other card products enhanced with microprocessors capable of holding
more information than the traditional magnetic stripe. The chip, at its current state of
development, can store significantly greater amounts of data, estimated to be 80 times
more than a magnetic stripe. Industry observers have predicted that, by the year 2000,
one-half of all payment cards issued in the world will have embedded microprocessors
rather than the simple magnetic stripe.
The smart card technology is widely used in countries such as France, Germany,
Japan, and Singapore to pay for public phone calls, transportation/ and shopper loyalty
programs. The idea has taken longer to catch on in the United States, since a highly reliable
and fairly inexpensive telecommunications system has favored the use of credit and debit
cards. Smart cards are basically of two types:
• Relationship-based smart credit cards

• Electronic purses. Electronic purses, which replace money, are also known
as debit cards and electronic money.
4.7.2.1 Relationship-Based Smart Cards
Financial institutions worldwide are developing new methods to maintain and

expand their services to meet the needs of increasingly sophisticated and technically smart
customers, as well as to meet the emerging payment needs of electronic commerce.
Traditional credit cards are fast evolving into smart cards as consumers demand payment
and financial services products that are user-friendly, convenient, and reliable. A relationship-
based smart card is an enhancement of existing card ser-vices and/or the addition of new
services that a financial institution delivers to its customers via a chip-based card or other
device. These new services may include access to multiple financial accounts, value-added
marketing programs, or other information cardholders may want to store on their card.

DBA 1727
The chip-based card is but one tool that will help alter mass marketing techniques to
NOTES address each individual’s specific financial and personal requirements. Enhanced credit
cards store cardholder information including name, birth date, personal shopping
preferences, and actual purchase records. This information will enable merchants to
accurately track consumer behavior and develop promotional programs designed to increase
shopper loyalty. Relationship-based products are expected to offer consumers far greater
options, including the following:
• Access to multiple accounts, such as debit, credit, investments or stored

value for e-cash, on one card or an electronic device
• A variety of functions, such as cash access, bill payment, balance inquiry, or
funds transfer for selected accounts
• Multiple access options at multiple locations using multiple device types, such
as an automated teller machine, a screen phone, a personal computer, a
personal digital assistant (PDA), or interactive TVs Companies are trying to
incorporate these services into a personalized banking relationship for each
customer. They can package financial and non financial services with value-
added programs to enhance convenience, build loyalty and retention, and
attract new customers. Banks are also attempting to customize services on
smart cards, offering a menu of services similar to those that come up on
ATM screens. As with credit cards/banks may link up with health care
providers, telephone companies, retailers, and airlines to offer frequent shopping
and flyer programs and other services.
4.7.2.2. Electronic Purses and Debit Cards
Despite their increasing flexibility, relationship-based cards are credit based and
settlement occurs at the end of the billing cycle. There remains a need for a financial
instrument to replace cash. To meet this need, banks, credit card companies, and even
government institutions are racing to introduce “electronic purses,” wallet-sized smart cards
embedded with programmable microchips that store sums of money for people to use
instead of cash for everything from buying food, to making photocopies, to paying subway
fares.
The electronic purse works in the following manner.

After the purse is loaded with money, at an ATM or through the use of an inexpensive
special telephone, it can be used to pay for, say, candy in a vending machine equipped with
NOTES
a card reader. The vending machine need only verify that a card is authentic and there is
enough money available for a chocolate bar. In one second, the value of the purchase is
deducted from the balance on the card and added to an e-cash box in the vending machine.
The remaining balance on the card is displayed by the vending machine or can be checked
at an ATM or with a balance-reading device. Electronic purses would virtually eliminate
fumbling for change or small bills in a busy store or rush-hour toll booth, and waiting for a
credit card purchase to be approved. This allows customers to pay for rides and calls with
a prepaid card that “remembers” each transaction. And when the balance on an electronic
purse is depleted, the purse can be recharged with more money. As for the vendor, the
receipts can be collected periodically in person—or, more likely, by telephone and
transferred to a bank account. While the technology has been available for a decade, the
cards have been relatively expensive, from $5 to $10. Today the cards cost $1, and
special telephones that consumers could install at home to recharge the cards are projected
to cost as little as $50. A simple card reader would cost a merchant less than $200.
4.7.3 Electronic or Digital Cash
Electronic or digital cash combines computerized convenience with security and

privacy that improve on paper cash. The versatility of digital cash opens up a host of new
markets and applications. Digital cash attempts to replace paper cash as the principal
payment vehicle in online payments. Although it may be surprising to some, even after
thirty years of developments in electronic payment systems, cash is still the most prevalent
consumer payment instrument.
Cash remains the dominant form of payment for three reasons:
o lack of consumer trust in the banking system;

o inefficient clearing and settlement of non-cash transactions; and
o negative real interest rates on bank deposits.
These reasons behind the prevalent use of cash in business transactions indicate
the need to re-engineer purchasing processes. In order to displace cash, electronic payment
systems need to have some cash-like qualities that current credit and debit cards lack. For
example, cash is negotiable, meaning that it can be given or traded to someone else. Cash

DBA 1727
is legal tender, meaning that the payee is obligated to take it. Cash is a bearer instrument,
NOTES meaning that possession is proof of ownership. Cash can be held and used by anyone,
even those without a bank account. Finally, cash places no risk on the part of the acceptor;
the medium is always good.
In comparison to cash, debit and credit cards have a number of limitations. First,
credit and debit cards cannot be given away because, technically, they are identification
cards owned by the issuer and restricted to one user. Credit and debit cards are not legal
tender, given that merchants ‘have the right to refuse to accept them. Nor are credit and
debit cards bearer instruments; their usage requires an account relationship and authorization
system. Similarly, checks require either personal knowledge of the payer, or a check
guarantee system. A really novel electronic payment method needs to do more than recreate
the convenience that is offered by credit and debit cards; it needs to create a form of digital
cash that has some of the proper-ties of cash.
4.7.3.1 Properties of Electronic Cash
o Digital cash must have a monetary value; it must be backed by cash (currency),
bank-authorized credit, or a bank-certified cashier’s check. When digital cash
created by one bank is accepted by others, reconciliation must occur without
any problems. Without proper bank certification, digital cash carries the risk
that when deposited, it might be returned for insufficient funds.
o Digital cash must be interoperable or exchangeable as payment for other digital

cash, paper cash, goods or services, lines of credit, deposits in banking
accounts, bank notes or obligations, electronic benefits transfers, and the like.
o Digital cash must be storable and retrievable. Remote storage and retrieval
(such as via a telephone or personal communications device) would allow
users to exchange digital cash (withdraw from and deposit into banking
accounts) from home or office or while travelling.
o Digital cash should not be easy to copy or tamper with while it is being
exchanged. It should be possible to prevent or detect duplication and double-
spending of digital cash.

4.7.4 Using the Digital Currency

NOTES
Once the tokens are purchased, the e-cash software on the customer’s PC stores
digital money undersigned by a bank. The user tan spend the digital-money of any shop
accepting e-cash, without having to open an account there first or-having to transmit credit
card numbers. As soon as the customer wants to make a payment, the software collects
the necessary amount from the stored tokens.
Two types of transactions are possible: bilateral and trilateral.
Typically, transactions involving cash are bilateral or two-party (buyer and seller)
transactions, whereby the merchant checks the veracity of the note’s digital signature by
using the bank’s public key. If satisfied with the payment, the merchant stores the digital
currency on his machine and deposits it later in the bank to redeem the face value of the
note. Transactions involving financial instruments other than cash are usually trilateral or
three-party (buyer, seller, and bank) transactions, whereby the “notes” are sent to the
merchant, who immediately sends them directly to the digital bank. The bank verifies the
validity of these “notes” and that they have not been spent before. The account of the
merchant is credited. In this case, every “note” can be used only once. In many business
situations, the bilateral transaction is not feasible because of the potential for double spending,
which is equivalent to bouncing a check. Double spending becomes possible because it is
very easy to make copies of the e-cash, forcing banks and merchants to take extra
precautions. To uncover double spending, banks must compare the note passed to it by
the merchant against a database of spent notes .Just as paper currency is identified with a
unique serial number, digital cash can also be protected. The ability to detect double spending
has to involve some form of registration so that all “notes” issued globally can be uniquely
identified. However, this method of matching notes with a central registry has problems in
the on-line world. For most systems, which handle high volumes of micro payments, this
method would simply be too expensive. In addition, the problem of double spending means
that banks have to carry added overhead because of the constant checking and auditing
logs. (fig 4.7.4(a)) Double spending would not be a major problem if the need for anonymity
were relaxed. In such situations, when the consumer is issued a bank note, it is issued to
that person’s unique license. When he or she gives it to some-body else, it is transferred
specifically to that other person’s license. Each time the money changes hands, the old
owner adds a tiny bit of information to the bank note based on the bank note’s serial
number and his or her license. If somebody attempts to spend money twice, the bank will

DBA 1727
now be able to use the two bank notes to determine who the cheater is. Even if the bank
NOTES notes pass through many different people’s hands, whoever cheated will get caught, and
none of the other people will ever have to know. The downside is that the bank can tell
precisely what your buying habits are since it can check the numbers on the e-cash and the
various merchant accounts that are being credited. Many people would feel uncomfortable
letting others know this personal information.
Figure 4.7.4(a) Detection of double spending

4.7.5 Drawback of E-cash

NOTES
One drawback of e-cash is its inability to be easily divided into smaller amounts. It
is often necessary to get small denomination change in business transactions. A number of
variations have been developed for dealing with the “change” problem. For the bank to
issue users with enough separate electronic “coins” of various denominations would be
cumbersome in communication and storage. So would a method that required payees to
return extra change. To sidestep such costs, customers are issued a single number called
an “open check” that contains multiple denomination values sufficient for transactions up to
a prescribed limit. At payment time, the e-cash software on the client’s computer would
create a note of the transaction value from the “open check.”
4.7.6 Business Issues and Electronic Cash
Electronic cash fulfils two main functions: as a medium of exchange and as a store
of value. Digital money is a perfect medium of exchange. By moving monetary claims
quickly and by effecting instant settlement of transactions, e-cash may help simplify the
complex interlocking credit and liabilities that characterize today’s commerce. For instance,
small businesses that spend months waiting for big customers to pay their bills would
benefit hugely from a digital system in which instant settlement is the norm. Instant settlement
of micro payments is also a tantalizing proposition.
The controversial aspects of e-cash are those that relate to the other role, as a
store of value. Human needs tend to require that money take a tangible form and be widely
accepted, or “legal tender”. In most countries, a creditor by law cannot refuse cash as
settlement for a debt. With the acceptability of cash guaranteed by law, most people are
willing to bank their money and settle many of their bills by checks and debits, confident
that, barring a catastrophe, they can obtain legal tender (cash) on demand. If e-cash had to
be convertible into legal tender on demand, then for every unit there would have to be a
unit of cash reserved in the real economy: or, to look at it the other way round, there would
be cash in the real world for which digital proxies were created and made available. This
creates problems, because in an efficient system, if each e-cash unit represents a unit of
real cash, then positive balances of e-cash will earn no interest; for the interest they might
earn would be offset by the interest foregone on the real cash that is backing them.
The enormous currency fluctuations in international finance pose another

DBA 1727
problem. On the Internet, the buyer could be in Mexico and the seller in the United States.
NOTES How do you check-that the party in Mexico is giving a valid electronic currency that has
suitable backing? Even if it were valid today, what would happen if a sudden devaluation
occurs such as the one in December 1994 where the peso was devalued 30 percent
overnight. Who holds the liability, the buyer or the seller? These are not technological
issues but business issues that must be addressed for large-scale bilateral transactions to
occur. Unless, we have one central bank offering one type of electronic currency, it is very
difficult to see e-cash being very prominent except in narrow application domains.
From a banker’s point of view, e-cash would be a mixed blessing. Because

they could not create new money via lending in the digital world, banks would see electronic
money as unproductive. They might charge for converting it, or take a transaction fee for
issuing it, but on-line competition would surely make this a low-profit affair. In the short
term, banks would probably make less from this new business than they would lose from
the drift of customers away from traditional services. It seems unlikely that e-cash would
be allowed to realize its potential for bypassing the transaction costs of the foreign exchange
market. If you pay yen for e-cash in Osaka and buy something from a merchant based in
New York who cashes them for francs, a currency conversion has taken place. That,
however, is an activity toward which most governments feel highly defensive; and if e-cash
started to bypass regulated foreign exchange markets by developing its own gray market
for settlement, then governments might be provoked into trying to clamp down on it. Because
of these obstacles, e-cash in its early forms may be denominated in single currencies and
exchanged at conventional market rates.
Next we will see the risks involved while doing the transactions involving the use of
e-cash.
4.7.7 Operational Risk and Electronic Cash
Operational risk associated with e-cash can be mitigated by imposing constraints,

such as limits on
(1) the time over which a given electronic money is valid,

(2) how much can be stored on and transferred by electronic money
(3) the number of exchanges that can take place before a money needs to be redeposit
with a bank or financial institution, and
(4) the number of such transactions that can be made during a given period of time.

These constraints introduce a whole new set of implementation issues For example,
time limits could be set beyond which the electronic money, would expire and become
NOTES
worthless. The customer would have to redeem or exchange the money prior to the
expiration deadline. For this feature to work; electronic money would have to be time-
stamped, and time would have to be synchronized across the network to some degree of
precision. The objective of imposing constraints is to limit the issuer’s liability. A maximum
upper limit could be imposed on the value that could be assigned to any single transaction
or that could be transferred to the same vendor within a given period of time. Since the
user’s computer could be programmed to execute small transactions continuously at a high
rate over the network, a strategy of reporting transactions over a certain amount would be
ineffective for law enforcement. However, a well-designed system could enforce a policy
involving both transaction size and value with time. For example, an “anonymous coin-
purse” feature might be capable of receiving or spending no more than $500 in any twenty-
four hour period. Alternatively, the “rate ceiling” for the next twenty-four hours could be
made dependent on the rate of use or on the number of exchanges that could be permitted
before any electronic money would have to be redeposit in a bank or financial institution
and reissued. Finally, exchanges could also be restricted to a class of services or goods
(e.g., electronic benefits could be used only for food, clothing, shelter, or educational
purposes). The exchange process should allow payment to be withheld from the seller
upon the buyer’s instructions until the goods, or services are delivered within a specified
time in the future.
4.7.8 Legal Issues and Electronic Cash
Electronic cash will force bankers and regulators to make tough choices that will
shape the form of lawful commercial activity related to electronic commerce. As a result of
the very features that make it so attractive to many, cash occupied an unstable and
uncomfortable place within the existing taxation and law enforcement systems. Anonymous
and virtually untraceable, cash transactions today occupy a place in a kind of underground
economy. This underground economy is generally confined to relatively small scale
transactions because paper money in large quantities is cumbersome to use and manipulate-
organized crime being the obvious exception. As long as the transactions fare small in
monetary value, they are tolerated by the government as an unfortunate but largely
insignificant by product of the modern commercial .state. As transactions get larger the
government becomes more suspicious and enlists the aid of the banks, through the various
currency reporting laws, in reporting large disbursements of cash so that additional oversight
can be ordered.

DBA 1727
E-cash on taxation
NOTES
Transaction based taxes (e.g., sales taxes) account for a significant portion of state
and local government revenue. But if e-cash really is made to function the way that paper
money does, payments we would never think of making in cash-to buy a new car, say, or
as the down payment on a house-could be made in this new form of currency because
there would be no problem of bulk and no risk of robbery. The threat to the government’s
revenue flow is a very real one, and officials in government are starting to take cognizance
of this development and to prepare their responses.
To prevent an underground economy, the government through law may prevent a

truly anonymous and untraceable e-cash system from developing. Just as powerful
encryption schemes permit the design of untraceable e-cash systems, so, too, do powerful
electronic record-keeping tools permit the design of traceable systems-systems in which
all financial transactions are duly recorded in some database, allowing those with access to
know more about an individual than anyone could know today. Anything that makes cash
substantially easier to use in a broader range of transactions holds the potential to expand
this underground economy to pro-portions posing ever more serious threats to the existing
legal order. Under the most ambitious visions of e-cash, we would see a new form of
currency that could be freely passed off from one computer to another with no record, yet
incapable of being forged. A consumer could draw such e-cash electronically from his or
her bank. The bank would have a record of that transaction, just as a withdrawal or check
is recorded now. But after that, the encrypted e-cash file could be handed off without the
knowledge of anyone but the par-ties to the transaction.
However, as the politics and business play out, the technology is forcing legal, as
issues to be reconsidered. The question e-cash poses is not, “Should the law take notice
of this development?” but rather, “How can it not?” By impacting revenue-raising capabilities,
e-cash cannot escape government scrutiny and regulation; but it is going to take some
serious thinking to design a regulatory scheme that balances personal privacy, speed of
execution, and ease of use. Without a functioning system, what the government will do
remains a mystery. Moreover, it is not even clear yet that the market as a whole will adopt
an anonymous e-cash standard. For now, we are mainly watching and trying to educate
ourselves about the likely path of the transition to electronic cash.

4.7.9 Electronic Tokens

NOTES
An electronic token is a digital analogue of various forms of payment backed by a
bank or financial institution.
Electronic tokens are of three types:
1. Cash or real-time. Transactions are settled with the exchange of electronic currency.
An example of on-line currency exchange is electronic cash (e-cash).
2. Debit or prepaid. Users pay in advance for the privilege of getting information.
Examples of prepaid payment mechanisms are stored in smart cards and electronic
purses that store electronic money.
3. Credit or post-paid. The server authenticates the customers and verifies with the
bank that funds are adequate before purchase. Examples of post-paid mechanisms
are credit/ debit cards and electronic checks.
The following sections examine these methods of on-line payment. But we must
first understand the different viewpoints that these payment instruments bring to electronic
commerce.
Here are four dimensions that are useful for analyzing the different initiatives.
1. The nature of the transaction for which the instrument is designed, Some-
tokens are-specifically designed to handle micro payments, that is, payments for
small snippets of information. Others are designed for more traditional products.
Some systems target specific niche transactions; others seek more general
transactions. The key is-to identify the parties involved, the average amounts, and
the purchase interaction.
2. The means of settlement used. Tokens must be backed by cash, credit, electronic
bill payments (prearranged and spontaneous), cashier’s checks, letters and lines of
credit, and wire transfers, to name a few. Each option incurs trade-offs among
transaction speed, risk, and cost. Most transaction settlement methods use Credit
cards, while others use other proxies for value, effectively creating currencies of
dubious liquidity and with interesting tax, risk, and float implications.

DBA 1727
3. Approach to security, anonymity, and authentication. Electronic tokens vary in

NOTES the protection of privacy and confidentiality of the transactions. Some may be more
open to potentially prying eyes-or even to the participants themselves. Encryption
can help with authentication, non reputability, and asset management.
4. The question of risk. Who assumes what kind of risk at what time? The tokens
might suddenly become worthless and the customers might have the currency that
nobody will accept. If the system stores value in a smart card, consumers may be
exposed to risk as they hold static assets. Also electronic tokens might be subject to
discounting or arbitrage. Risk also arises if the transaction has long lag times between
product delivery and payments to merchants. This exposes merchants to the risk
that buyers don’t pay-or vice versa that the vendor doesn’t deliver.
4.7.10 Other Emerging Financial Instruments
Several other electronic payment systems are currently being prototyped and tested.
These include debit cards, electronic benefit transfer cards, and smart cards.
Debit Cards at the Point of Sale (POS)
The fastest growing number of electronic transactions today is debit card point-
of-sale transactions. Such a transaction occurs when a customer uses a debit card to make
a purchase from a merchant (supermarket, gas station, convenience store, or some other
store that accepts such cards instead of using cash, check, or credit card).
The transaction works much like a credit card transaction. For example, a customer
gives an ATM card to the merchant for the purchase. The merchant swipes the card through
a transaction terminal, which reads the information; the customer enters his personal
identification number (PIN); and the terminal routes the transaction through the ATM network
back to the customer’s bank for authorization against the customer’s demand deposit
account. The funds, once approved, are transferred from the customer’s bank to the
merchant’s bank. These transactions occur within the banking system, and safety of payment
is assured. The third-party processors who provide services for merchants are also examined
by the federal regulators for system integrity. Both the consumer and the merchant maintain
bank accounts, and the funds are transmitted inter-bank within the payment system.
Authentication is provided by the use of the digital signature or PIN numbers, just as it is at

ATMs. Further, PINs are sent through the system in an encrypted form, and the PIN pads
and terminals are tamper-proof. Dedicated lines are also often used for transmission,
NOTES
particularly by larger merchants.
Debit Cards and Electronic Benefits Transfer
Debit cards are being used extensively for electronic benefits transfer (EBT).
Electronic benefits transfer uses debit cards for the electronic delivery of benefits to individuals
who otherwise may not have bank accounts. In an EBT system, recipients access their
benefits in the same way that consumers use debit cards to access their bank accounts
electronically: the card is inserted into or swiped through a card reader and the cardholder
must enter a PIN associated with that card. The benefit recipient can then access his or her
benefits to make a purchase or obtain cash. For example, food stamp purchases are
charged against the participant’s allotment, and other purchases or cash distributions are
charged against the participant’s cash assistance program allotment.
Benefits that can be delivered via EBT generally fall into three cate-gories: federally
funded, but state administered benefits (such as food stamps, Aid to Families with Dependent
Children programs); state-funded and state-administered benefits (such as general
assistance, heating assistance, refugee assistance, and supplemental or emergency
payments); and benefits that are both federally funded and federally administered (such as
Social Security and Veterans benefits). Through EBT, existing networks and technologies
can provide benefit recipients with online access to their funds at pas devices and ATMs.
In an EBT process, no paper changes hands, except for the receipt printed for the purchaser
by the pas device or the ATM. Recipients can access cash through any number of
establishments, including grocers, drugstores, and financial institutions, as well as ATMs.
Certain cash payments can also be facilitated by installing pas devices in housing authority
and utility company offices to accept rent and bill payments. Electronic benefits transfer
has several advantages over paper based, benefit distribution systems. First, EBT is less
costly. Currently, many recipients of federal and state benefits must pay significant fees
(three or more dollars) to cash their checks. EBT systems are designed to provide no-
cost or low-cost access methods. - Second, EBT is more convenient than paper methods.
EBT eliminates the need to carry food stamp coupons, stand in long lines to cash checks,
or accept the entire benefit amount at one time. EBT programs also provide recipients with
toll-free customer service lines and multilingual support to handle questions or problems.
EBT is safer than cash or coupons, which can be lost or stolen. In EBT, benefits are stored

DBA 1727
electronically, and can be used only when needed and in the amounts required. Recipients
NOTES control all ac-cess to their benefits through their cards and PINs. They can also deactivate
lost or stolen cards immediately and request a replacement card by a toll free phone call.
Third, EBT is convenient for retailers. It eliminates the time-consuming task of

handling food stamp coupons, making grocery checkout procedures faster and easier. By
eliminating checks and coupons, EBT reduces losses associated with theft, forgery, and
fraud.
Finally, EBT is convenient for the government. Its inherent audit and tracking
advantages enhance investigations into suspicious conduct by retailers. EBT improves benefit
program management by creating an audit trail and record of benefit usage, ensuring that
programs are working properly and effectively.
Summary
Electronic payment system: Electronic payment is an integral part of electronic commerce.

Broadly de-fined, electronic payment is a financial exchange that takes place online between
buyers and sellers.
Types of Electronic Payment System: Banking and financial payments, Retailing

payments, On-line electronic commerce payments
Secure Electronic Transaction (SET) protocol: SET protocol meets the four security
requirements for EC as SSL (Secure Socket Layer) does: authentication, encryption,
integrity, and non repudiation.
Security issues: Encryption is a technique for hiding data. Most computer encryption
systems belong in one of two categories; there are two types of encryption methods:
Secret-key encryption, Public-key encryption
Digital Signature: Digital signatures are used for sending authentication. This also means
that the originator cannot falsely deny having signed the data. In addition, a digital signature
enables the computer to notarize the message, ensuring the recipient that the message has
not been forged I transit.
Firewall: A firewall is simply a program or hardware device that filters the information
coming through the Internet connection into your private network or computer system

EFT: An electronic funds transfer (also known as EFT) is a system for transferring money
from one bank to another without using paper money. Its use has become widespread with
NOTES
the arrival of personal computers, cheap networks, improved cryptography and the Internet.
Credit card: A credit card is a system of payment named after the small plastic card
issued to users of the system. A credit card is different from a debit card in that it does not
remove money from the user’s account after every transaction.
Debit card: A debit card (also known as a gift card) is a plastic card which provides an
alternative payment method to cash when making purchases. Physically the card is an ISO
7810 card like a credit card; however, its functionality is more similar to writing a cheque
as the funds are withdrawn directly from either the cardholder’s bank account (often referred
to as a check card), or from the remaining balance on the card.
E-checks: Electronic checks are designed to accommodate the many individuals and
entities that might prefer to pay on credit or through some mechanism other than cash.
Electronic checks are modelled on paper checks, except that they are initiated electronically,
use digital signatures for signing and endorsing, and require the use of digital certificates to
authenticate the payer, the payer’s bank, and bank account.
Smart cards: Smart cards, also called stored value cards, use magnetic stripe technology
or integrated circuit chips to store customer-specific information, including electronic money.
The cards can be used to purchase goods or services, store information, control access to
accounts, and perform many other functions.
Smart cards are basically of two types: Relationship-based smart credit cards, Electronic
purses.
E-cash: Electronic or digital cash combines computerized convenience with security and
privacy that improve on paper cash. Digital cash attempts to replace paper cash as the
principal payment vehicle in online payments.
E-token: An electronic token is a digital analogue of various forms of payment backed by

a bank or financial institution.
Electronic tokens are of three types:
1. Cash or real-time. 2. Debit or prepaid. 3. Credit or post-paid.

DBA 1727

NOTES
1. What is Electronic Payment System? Discuss the various Electronic Payment
Systems.
2. Discuss about the benefits of electronic payment system.
3. What is SET protocol? What features does SET specify?
4. Describe security schemes against internet fraud
5. How do you differentiate Secret-key cryptography and Public-key cryptography?
6. How can you ensure and maintain privacy, security in electronic payment.
7. What is EFT? Describe the advantages of EFT
8. What is a credit card? What are the pros and cons of using Credit Cards for electronic
payment?
9. Describe the major steps involved in an online credit card transaction.
10. List the advantages and disadvantages of using credit card
11. How do you make your credits cards information secure?
12. What is a debit card? How debit card is different from credit card?
13. Discuss on-line and off-line debit transactions
14. List the advantages and disadvantages of debit card
15. What are electronic cheques? How they are different from traditional cheques?
16. List the benefits of E-check
17. Compare E-check with other payment instruments
18. How electronic checks are differing from credit card?
19. What are smart cards?
20. Compare and contrast smart card and traditional credit cards.
21. How electronic purses work?
22. What are bilateral and trilateral transactions?
23. What all are the risk factors associated with E-cash?
24. How e-cash effect the government revenues?
25. Discuss the other emerging financial instruments

NOTES
UNIT V
LEGAL AND PRIVACY ISSUES

IN E-COMMERCE
5.1 LEGAL ASPECTS OF E- COMMERCE
5.1.1 Legal issues
The world is used to conducting business and commerce on signed paper

documents. Two millennia of commerce has been based on the written document with its
value ‘authorized’ by the signature of a duly authorized officer. The current legal practice
has paper documents and signatures affixed thereon as its foundation. Electronic documents
and messages, without the familiar signatures and marks, have changes the scene. However,
trade still wants to be assured that the electronic world is safe. The EC system must,
therefore, offer at least the same level of reliability as that which obtains in the paper world
notwithstanding the significant difference between the concepts embodied in electronic
messages and paper documents. It is well known that frauds do take place in the traditional
paper based commercial transaction. Signatures can be forged, paper document can be
tampered with, and even the most secure marks, impression, emblems and seals can be
forging. But then these are known, and trade as well as the legal community knows how to
deal with these problems. Companies set aside funds to take care of losses due to such
frauds. For example, credit-cards companies do know that a very small percentage of
transactions is fraudulent in nature. The world is comfortable with these problems, since
they have been there for as long as we have been trading.
The EC world, on the other hand, exposes us to issues, which were hitherto
unknown, since they are directly the outcome of creating documents electronically,
transmitting them over world wide computer communication networks. Trading partners
exchange documents electronically. They need to convince themselves that such documents
are authentic when received over networks, and that their authentication can be established

DBA 1727
in case of dispute. Transactions may be electronic, but the key concept of admissibility of
NOTES evidence and evidential value of electronic documents, which are central to the law, remain
the same. There must be a way to prove that a message existed, that it was sent, was
received, was not changed between the sending and receiving, and that it could not be
read and interpreted by any third party intercepting or deliberately receiving it. The security
of an electronic message, legal requirement, thus gets directly linked to the technical methods
for security of computers and networks. From the legal angle, there is a further complication
because the electronic message is independent of the actual medium used for storage
transmission. The message can be stored on a floppy, a magnetic disk, or an optical disk.
Likewise, it may be transmitted over a Local Area Network, a Wide Area Network, a
private Value Added Network or the Internet. The physical medium could be coaxial
cable, radio link, optical fiber or a satellite communication channel.
The legal issues of EC have generated tremendous interest among technologists,

traders and legal experts. Many of the early EDI experiments, and even production systems
went into operation without any legal interchange agreement between trading partners,
between VANs and their customers. No laws for EC existed; in fact they are still in the
making. In India, too the Indian Customs EDI system (ICES) Project got off the ground in
1995 without any EC/EDI law in existence, or even a proper interchange agreement.
EDI interchange Agreement
It is a known fact that a certain discipline is required in the conduct of commerce

in the paper world. Simple activities such as preparation of invoices, drawing up commercial
contracts, signing, despatch, receipts etc. have to follow certain protocols agreed to by
trading partners. These may be formal or in formal. In addition, acceptable rules of conduct
are also necessary to achieve the kind of discipline required for smooth and effective trade
and commerce.
In the EDI world of electronic documents, this kind of discipline has been created
through a set of rules that have developed in the form of interchange agreements within a
number of user groups, national organization, and regions. At the international level, the
UN has adopted the Model Interchange Agreement for the International Commercial Use
of Electronic Data Interchange, which applies to the interchange of data and not to the
underlying commercial contracts between the parties. It addresses the need for uniformity
of agreement so that there are no barriers to international trade on account of different

solutions for various problems being adopted by countries. The UN has recommended
that the member countries should take into account the terms and provisions of the Model
NOTES
Interchange Agreement when framing their own laws on EC. An interchange agreement
may be made between trading partners. It establishes the rules they will adopt for using
EDII ED transaction. It establishes the rules they will adopt for using EDI/EC transactions.
It details the individual roles and legal responsibilities of trading partners for transmitting,
receiving, and storing electronic messages. The signing of an interchange agreement signifies
that the parties intend to be bound by it, and that they desire to operate within a legal
framework. This can help reduce legal uncertainty in the electronic environment. Many of
the conventions and agreements relating to international trade do not anticipate the use of
EDIIEC. Many national laws, as noted above, also introduce uncertainty regarding the
legal validity of electronic document. There are still very few national and international
judgments ruling” on the validity of electronic documents, messages or signatures. It” is
precisely in this kind of a scenario where clear legal rules and principles are absent, that an
interchange agreement provides trading partners with readily available solutions the EDI/
EC relationship between them. It provides a strong legal framework for ensuring that
electronic documents will have a legal binding effect, subject to national laws and regulations.
The issues, which were addressed by the working party, which prepared this model
Interchange Agreement, are as follows:
1. Selection of EDI messages, standards and the methods of communication.

2. Responsibilities for ensuring that the equipment, software and services are operated
and maintained effectively;
3. Procedures for making any systems changes which may impair the ability of the
trading partners to communicate. .
4. Security procedures and services;
5. The points at which EDI messages have legal effect;
6. The roles and contracts of any third-party service providers;
7. Procedures for dealing with technical errors;
8. The need (if any) for confidentiality;
9. Liabilities in the event of any delay or failure to meet agreed EDI communications
requirement;
10. The laws governing the interchange of EDI messages and the arrangements of the
parties.
11. Methods for resolving any possible disputes.

DBA 1727
The interchange agreement is flexible enough to meet the requirement of all business
NOTES sectors involved in international trade. Trading partners can feel confident that it addresses
the recognised legal issues arising from commercial use of EDI in international trade, and
provides a strong legal and practical framework for considering and recording the necessary
business decisions.
Legal Issues for Internet Commerce
Internet commerce raises legal issues through the provision of the following services:
• Online marketing
• Online retailing ordering of products and services
• Financial services such as banking and trading in securities.
• Exchange of electronic messages and documents
• EDI, electronic filing, remote employee access, electronic transactions.
• Trade and commerce over the Internet give rise to several legal issues .
5.1.2 Copyright and the Internet
Copyright developed in the printed world to protect the economic interests of

creative writers. Copyright law protects only the expression of an idea and idea itself. In
due course it protects the originality of artists and innovators too. In recent times, however,
the subject matter of copyright has further expanded. For example, the Copyright Designs
and Patent Act, 1988 in the UK, allows protection of the following subject matter:
Original literary, dramatic, musical and artistic works; the typographical arrangement
of published editions of literary, dramatic or musical works; sound recordings; broadcasts;
cable programs These have been broadly classified into two groups as ‘author works’ and
‘media works’ by Hector L. Macqueen. The multimedia capability of websites enables all
types of work to be ‘published’ on the Internet in the sense that copies can be distributed
to users/customers. The problems, however, is that unlike a paper copy, this copy can be
readily duplicated and distributed further by the recipient. If the material is in the public
domain there are no difficulties. But the copyright law applies to the downloaded matter,
much the same way it applies to physical copies.

5.1.3 Issues Related to Jurisdicary

NOTES
The Internet allows anyone to set up a Website anywhere in the world. Its location
could, however, be interpreted to decide the jurisdiction of disputes especially in EC. A
Website may accept orders from visitors to the site as part of an Internet store or a shopping
mall. For example, amazon.com is a bookstore retailing books. A court law may rule that
the location of the Website determines the jurisdiction for that business. This is based on
accepted legal practice. Jurisdiction determines which laws would be acceptable. EC on
the Internet will grow if the parties doing business know what rules will govern what rules
govern their activities.
5.1.4 Service Provider liability
Many ISPs provide users access to shared websites, Usenet news, E-mail
distribution list etc. These facilities can because by their users to upload unlawful, defamatory,
copyright or trademarks infringing material. Unlawful material includes banned publications,
hate propaganda, pornography and obscene material, without ISP having chance to review
it. Liability for materials distributed in the Internet may be different for the Website operators,
and the ISPs. AN ISP could be held liable for the bulletin boards, and for aiding and
abetting the commission of an offence such as the distribution of photography. Similarly,
third-party liability for defamation,-web sites, etc: “Thus the concerns include libel and
defamation, liability for infringement of third-party rights, liability for hosting of unlawful
materials.
5.1.5 Formation of an Enforceable Online Contract
The growth of EC on the Internet depends to a large extent on the confidence of

traders in forming legally enforceable contracts online. The key activities associated with
the formation of an enforceable contract do take place on the Internet, viz. offer is
communicated by the acceptor and acceptance is received by the offer or from the acceptor.
An offer can be communicated orally or in writing; and in the EC environment through E-
mail, Eform is valid, much the same way a fax message is. The offer or can display terms
and conditions as a legal notice, on his website. Visitor to the site, who choose to proceed
further, even after reading the notice may be constructed as accepting the conditions imposed
by it. However, the timing of the acceptance offer determines when the contract is formed.
In this case the E-mail of acceptance has to reach the offer or who may say that the
contract will be legal only after its receipt (in his notice placed on the Website).

DBA 1727
Legal issues are manifold. Whether it is EDI over VANs, or EC over the Internet
NOTES the primary concern of users is the existence, and enforceability of appropriate laws for
EC. In case of dispute, electronic document must be acceptable as legal evidence in courts
of law. While the problems of acceptance of and confidence in electronic transactions are
there, they are not insurmountable. There is sufficient awareness in, and synergy of action
among trade, legal and EC technology communities to make EC happen through appropriate
developments in their respective areas.
5.2 ETHICAL, SOCIAL, AND POLITICAL ISSUES IN ECOMMERCE
5.2.1 Ethics, Social and Political issues
Defining the rights of people to express their ideas and the property rights of
copyright owners are just two of many ethical, social, and political issues raised by the
rapid evolution of e-commerce.
The ethical, social, and political issues raised in e-commerce, provide a framework
for organizing the issues, and make recommendations for managers who are given the
responsibility of operating e-commerce companies within commonly accepted standards
of appropriateness. Understanding Ethical, Social, And Political Issues in E-Commerce
Internet and its use in e-commerce have raised pervasive ethical, social and political issues
on a scale unprecedented for computer technology.
We live in an “information society,” where power and wealth increasingly depend

on information and knowledge as central assets. Controversies over information are often
in fact disagreements over power, wealth, influence, and other things thought to be valuable.
Like other technologies such as steam, electricity, telephones, and television, the Internet
and ecommerce can be used to achieve social progress, and for the most part, this has
occurred. However, the same technologies can be used to commit crimes, despoil the
environment, and threaten cherished social values. Before automobiles, there was very
little interstate crime and very little federal jurisdiction over crime. Likewise with the Internet:
Before the Internet, there was very little “cyber crime.”
Many business firms and individuals are benefiting from the commercial development
of the Internet, but this development also exacts a price from individuals, organizations,
and societies. These costs and benefits must be carefully considered by those seeking to
make ethical and socially responsible decisions in this new environment.

The major ethical, social, and political issues that have developed around e-
commerce over the past seven to eight years can be loosely categorized into four major
NOTES
dimensions: information rights, property rights, governance, and public safety and
welfare as shown in Fig 5.2.1(a). Some of the ethical, social, and political issues raised in
each of these areas include the following:
• Information rights: What rights to their own personal information do

individuals have in a public marketplace, or in their private homes, when Internet
technology make information collection so pervasive and efficient? What rights
do individuals have to access information about business firms and other
organizations?
• Property rights: How can traditional intellectual property rights be enforced
in an internet world where perfect copies of protected works can be made
and easily distributed worldwide in seconds?
• Governance: Should the Internet and e-commerce be subject to public laws?
And if so, what law-making bodies have jurisdiction - state, federal, and/or
international?
• Public safety and welfare: What efforts should be undertaken to ensure
equitable access to the Internet and ecommerce channels? Should governments
be responsible for ensuring that schools and colleges have access to the
Internet? Is certain online content and activities - such as pornography and
gambling - a threat to public safety and welfare? Should mobile commerce be
allowed from moving vehicles?
To illustrate, imagine that at any given moment society and individuals are more or
less in an ethical equilibrium brought about by a delicate balancing of individuals, social
organizations, and political institutions. Individuals know what is expected of them, social
organizations such as business firms know their limits, capabilities, and roles and political
institutions provide a supportive framework of market regulation, banking and commercial
law that provides sanctions against violators. Now, imagine we drop into the middle of this
calm setting a powerful new technology such as the Internet and e-commerce.
Suddenly individuals, business firms, and political institutions are confronted by

new possibilities of behavior. For instance, individuals discover that they can download
perfect digital copies of music tracks, something which, under the old technology of CDs,
would have been impossible. This can be done, despite the fact that these music tracks still

DBA 1727
“belong” as a legal matter to the owners of the copyright - musicians and record label
NOTES companies.
The introduction of the Internet and e-commerce impacts individuals, societies,
and political institutions. These impacts can be classified into four moral dimensions: property
rights, information rights, governance, and public safety and welfare Then business firms
discover that they can make a business out of aggregating these musical tracks - or creating
a mechanism for sharing musical tracks- even though they do not “own” them in the traditional
sense. The record companies, courts, and Congress were not prepared at first to cope
with the onslaught of online digital copying. Courts and legislative bodies will have to make
new laws and reach new judgments about who owns digital copies of copyrighted works
and under what conditions such works can be “shared.” It may take years to develop new
understandings, laws, and acceptable behavior in just this one area of social impact. In the
meantime, as an individual and a manager, you will have to decide what you and your firm
should do in legal “grey”- areas, where there is conflict between ethical principles, but no
c1ear-cutural guidelines. How can you make good decisions in this type of situation?
Before reviewing the four moral dimensions of e-commerce in greater depth, we
will briefly review some basic concepts of ethical reasoning that you can use as a guide to
ethical decision making, and provide general reasoning principles about social political
issues of the Internet that you will face in the future.
Fig 5.2.1(a)

5.2.2 Basic Ethical Concepts: Responsibility Accountability, and Liability

NOTES
Ethics is at the heart of social and political debates about the Internet. Ethics is the
study of principles that individuals and organizations can use to determine right and wrong
courses of action. It is assumed in ethics that individuals are free moral agents who are in a
position to make choices.
Extending ethics from individuals to business firms and even entire societies can be
difficult, but it is not impossible. As long as there is a decision-making body or individual
(such as a Board of Directors or CEO in a business firm or a governmental body in a
society), their decisions can be judged against a variety of ethical principles. If you understand
some basic ethical principles, your ability to reason about larger social and political debates
will be improved. In western culture, there are ability and liability principles that all ethical
schools of thought share: responsibility, account- liability.
Responsibility means that as free moral agents, individuals, organizations and

societies are responsible for the actions they take. Accountability means that individuals,
organizations, and societies should be held accountable to others for the consequences of
their actions. The third principle -liability - extends the concepts of responsibility and
accountability to the area of law. Liability is a feature of political systems in which a body
of law is in place that permits individuals to recover the damages done to them by other
actors, systems, or organizations. Due process is a feature of law-governed societies and
refers to a process in which laws are known and understood and there is an ability to
appeal to higher authorities to ensure that the laws have been applied correctly.
Analyzing Ethical Dilemmas
Ethical, social, and political controversies usually present themselves as dilemmas.

A dilemma is a situation in which there are at least two diametrically opposed actions, each
of which supports a desirable outcome. When confronted with a situation that seems to
present ethical dilemmas, how can you analyze and reason about the situation? The following
is a five step process that should help.
• Identify and describe clearly the facts. Find out who did what to whom,
and where, when, and how. In many instances, you will be surprised at the
errors in the initially reported facts, and often you will find that simply getting

DBA 1727
the facts straight helps define the solution. It also helps to get the opposing
NOTES parties involved in an ethical dilemma to agree on the facts.
• Define the conflict or dilemma and identify the higher order value
involved. Ethical, social, and political issues always reference higher values.
Otherwise, there would be no debate. The parties to a dispute all claim to be
pursuing higher values (e.g., freedom, privacy, protection of property, and the
-enterprise system). For example, Double Click and its supporters argue that
their tracking of consumer movements on the Web increases market efficiency
and the wealth of the entire society. Opponents argue this claimed efficiency
comes at the expense of individual privacy, and Double Click should cease its
or offer Web users the option of not participating in such tracking.
• Identify the stakeholders. Every ethical, social, and political issue has
stakeholders: players in the game who have an interest in the outcome, who
have its vested in the situation, and usually who have vocal opinions. Find out
the identity of these groups and what they want. This will be useful later when
designing a solution.
• Identity the options that you can reasonably take. You may find that
none of the options satisfies all the interests involved, but that some options
do a better job than others. Sometimes, arriving at a “good” or ethical solution
may not, always be a balancing of consequences to stakeholders.
• Identify the potential consequences of your options. Some options may
be ethically correct, but disastrous from other points of view. Other options
may work in this one instance, but not in other similar instances. Always ask
yourself, “what if I choose this option consistently over time?” Once your
analysis is complete, you can refer to the following well established ethical
principle to help decide the matter.
5.2.3 Privacy and Information Rights
The Internet and the Web provide an ideal environment for invading the personal
privacy of millions of users on a scale unprecedented in history. Perhaps no other recent
issue has raised as much widespread social and political concern as protecting the privacy
of over 160 million Web users in the United States alone.
The major ethical issues related to ecommerce and privacy includes the following:
Under what conditions should we invade the privacy of others?

What legitimates intruding into others lives through unobtrusive surveillance, market
research, or other means?
NOTES
The major social issues related to e-commerce and privacy concern the development
of “exception of privacy” or privacy norms, as well as public attitudes. In what areas of
should we as a society encourage people to think they are in “private territory” as opposed
to public view? The major political issues related to ecommerce and privacy concern the
development of statutes that govern the relations between record keepers and individuals.
The Concept of Privacy
Privacy is the moral right of individuals to be left alone, free from surveillance or
interference from other individuals or organizations, including the state. Privacy is a girder
supporting freedom: Without the privacy required to think, write, plan, and associate
independently and without fear, social and political freedom is weakened, and perhaps
destroyed. Information privacy is a subset of privacy. The right to information privacy
includes both the claim that certain information should not be collected at all by governments
or business firms, and the claim of individuals to control over personal of whatever
information that is collected about them. Individual control over personal information is at
the core of the privacy concept. Due process also plays an important role in defining
privacy. The best statement of due process in record keeping is given by the Fair Information
Practices doctrine developed in the early 1970s and extended to the online privacy debate
in the late 1990s (described below).
Legal Protections
In the United States, Canada, and Germany, rights to privacy are explicitly granted
in or can be derived from, founding documents such as constitutions, as well as in specific
statutes. In England and the United States, there is also protection of privacy in the common
law, a body of court decisions involving torts or personal injuries. For instance, in the
United States, four privacy-related torts have been defined in court decisions involving
claims of injury to individuals caused by other private parties intrusion on solitude, public
disclosure of private facts, publicity placing a person in a false light, and appropriation of a
person’s name or likeness (mostly concerning celebrities) for a commercial purpose. In the
United States, the claim to privacy against government intrusion is protected primarily by
the First Amendment guarantees of freedom of speech and association and the Fourth:

DBA 1727
Amendment protections against unreasonable search and seizure of one’s personal

NOTES documents or home, and the Fourteenth Amendment’s guarantee of due process. In addition
to common law and the Constitution, there are both federal laws and state laws that protect
individuals against government intrusion and in some cases define privacy rights vis-a-vis
private organizations such as financial, education, and media institutions (cable television
and video rentals)
Table 5.2.2.(a) Federal Privacy Laws
NAME DESCRIPTION
General Federal Privacy Laws
Freedom of Information Act of 1966 Gives people the right to inspect information about
themselves held in government files, also allows
other individuals and organizations the right to
request disclosure of government records based on
the publics right to know
Privacy Act of 1947, as amended Regulates the federal government’s collection, use,
and disclosure of data collected by federal agencies.
Gives individuals right to inspect and correct records.
Electronic Communications Privacy Act Makes conduct that would infringe on the security of
electronic communications illegal
of 1986
Computer Matching and Privacy Regulates computerized matching of files held by
different government agencies
Protection Act of 1983
Computer Security Act of 1987 Makes conduct that would infringe on the security of
computer based files illegal
Driver’s Privacy Protection Act of 1994 Limits access to personal information maintained by
state Motor vehicle departments to these with legit
mate business purposes Also gives drivers the option
to prevent disclosure of driver’s license information
to marketers and the general public
Privacy Laws affecting Private Institutions
Fair Credit Reporting Act of 1970 Regulates the credit investigating and reporting
industry. Gives people the right to inspect credit
records if they have been denied credit and provides
procedures for correcting information
Family Educational Rights and Privacy Requires schools and colleges to give students and
their parents access to student records and to allow
Act of 1974
them to challenge and correct information limits
disclosure of such records to third parties
Right to Financial Privacy Act of 1978 Regulates the financial industry’s use of personal
financial records establishes procedures that federal
agencies mist follow to gain access to such records
Privacy Protection Act of 1980 Prohibits government agents from conducting
unannounced searches of press offices and files if no
one in the office is suspected of committing a crime.
Cable Communications Policy Act of Regulates the cable industry’s collection and
disclosure of information concerning subscribers
1984
Video Privacy Protection Act of 1988 Prevents disclosure of a person’s video rental records
without court order or consent

5.3 PROTECTING INTELLECTUAL PROPERTY

NOTES
Intellectual property is considered to be intangible property created by individuals
or corporations. Information technology has made it difficult to protect intellectual property,
because computerized information can be so easily copied or distributed on networks.
5.3.1 Intellectual Property Rights
Next to privacy, the most controversial ethical, social, and political issue related to
e-commerce is the fate of intellectual property rights. For instance, if you personally create
an ecommerce site, it belongs entirely to you, and you have exclusive rights to use this
“property” in any lawful way you see fit. But the Internet potentially changes things. Once
intellectual works become digital, it becomes difficult to control access, use, distribution,
and copying. These are precisely the areas that intellectual property seeks to control.
Digital media differ from books, periodicals, and other media in terms of ease of
replication, transmission, and alteration; difficulty in classifying a software work as a program,
book, or even music; compactness - making theft easy; and difficulty in establishing
uniqueness. Before widespread use of the Internet, copies of software, books, magazine
articles, or films had to be stored on physical media, such as paper, computer disks, or
video tape, creating some hurdles to distribution. The Internet technically permits millions
of people to make perfect digital copies of various works - from music to plays, poems,
and journal articles - and then to distribute them nearly cost-free to hundreds of millions of
Web users.
The proliferation of innovation has occurred so rapidly that few entrepreneurs have
stopped to consider who owns the patent on a business technique or method their site is
using. The spirit of the Web has been so free-wheeling that many entrepreneurs ignored
trademark law and registered domain names that could easily be confused with another
company’s registered trademarks. In short, the Internet has demonstrated the potential for
destroying traditional conceptions and implementations of intellectual property law developed
over the last two centuries.
The major ethical issue related to e-commerce and intellectual property concerns
how we (both as individuals and as business professionals) should treat property that
belongs to others. From a social point of view, the main questions are: Is there continued

DBA 1727
value in protecting intellectual property in the Internet age? In what ways is society better
NOTES off, or worse off, for having the concept of property apply to intangible ideas? From a
political perspective we need to ask how the Internet and ecommerce can be regulated or
governed to protect the institution of intellectual property while at the same time encouraging
the growth of e-commerce and the Internet.
5.3.2 Types of Intellectual Property Protection
There are three main types of intellectual property protection:

• Copyright,
• Patent and
• Trademark law.
The goal of intellectual property law is to balance two competing interests - the
public and the private. The public interest is served by the creation and distribution of
inventions, works of art, music, literature, and other forms of intellectual expression. The
private interest is served by rewarding people for creating these works through the creation
of a time-limited monopoly granting exclusive use to the creator. Maintaining this balance
of interests is always challenged by the invention of new technologies. In general, the
information technologies of the last century - from radio and television to CD-ROMs and
the Internet - have at first tended to weaken the protections afforded by intellectual property
law. . Owners of intellectual property have usually been successful in pressuring Congress
and the courts to strengthen the intellectual property laws to compensate for any
technological threat, and even to extend protection for longer periods of time and to entirely
new areas of expression. In the case of the Internet and ecommerce technologies, once
again, intellectual property rights are severely challenged.
5.3.2.1 Copyright: The Problem of Perfect Copies and Encryption
In the United States, copyright law protects original forms of expression such as
writings (books, periodicals, and lecture notes), art, drawings, photographs, music, motion
pictures, performances, and computer programs from being copied by others for a minimum
of 50 years. Copyright does not protect ideas -just their expression in a tangible medium
such as paper, cassette tape, or handwritten notes.

Since the first federal Copyright Act of 1790, the congressional intent behind
copyright laws has been to encourage creativity and authorship by ensuring that creative
NOTES
people receive the financial and other benefits of their work. Most industrial nations have
their own copyright laws, and there are several international conventions and bilateral
agreements through which nations coordinate and enforce their laws. In the mid-1960s,
the Copyright Office began registering software programs, and in 1980, Congress passed
the Computer Software Copyright Act, which clearly provides protection for source and
object code and for copies of the original sold in commerce, and sets forth the rights of the
purchaser to use the software while the creator retains legal title. For instance, the HTML
code for a Web page - even though easily available to every browser - cannot be lawfully
copied and used for a commercial purpose, say, to create a new Web site that looks
identical. Copyright protection is clear-cut: It protects against copying of entire programs
or their parts. Damages and relief are readily obtained for infringement. The drawback to
copyright protection is that the underlying ideas behind a work are not protected, only
their expression in a work. A competitor can view the source code on your Web site to see
how various effects were created and then reuse those techniques to create a different
Web site without infringing on your copyright.
Look and Feel
“Look and feel” copyright infringement lawsuits are precisely about the distinction
between an idea and its expression. For instance, in 1988, Apple Computer sued Microsoft
Corporation and Hewlett-Packard Inc. for infringing Apple’s copyright on the Macintosh
interface. Among other claims, Apple claimed that the defendants copied the expression of
overlapping windows. Apple failed to patent the idea of over-lapping windows when it
invented this method of presenting information on a computer screen in the late 1960s. The
defendants counter claimed that the idea of overlapping windows could only be expressed
in a single way and, therefore, was not protect able under the “merger” doctrine of copyright
law. When ideas and their expression merge (Le., if there is only one way to express an
idea), the expression can-not be copyrighted, although the method of producing the
expression might be patentable.
Fair Use Doctrine
Copyrights, like all rights, are not absolute. There are situations where strict
copyright observance could be harmful to society, potentially inhibiting other rights such as

DBA 1727
the right to freedom of expression and thought. As a result the doctrine of fair use has been
NOTES created. The doctrine of fair use permits teachers and writers. to use copyrighted materials
without permission under certain circumstances. The fair use doctrine draws upon the
First Amendment’s protection of freedom of speech (and writing). Journalists, writers, and
academics must be able to refer to, and cite from, copyrighted works in order to criticize
or even discuss copyrighted works. Professors are allowed to clip a contemporary article
just before class, copy it, and hand it out to students as an example of a topic under
discussion.
5.3.2.2 Patents: Business Methods and Processes
A patent grants the owner an exclusive monopoly to the ideas behind an invention
for 20 years. The congressional intent behind patent law was to ensure that inventors of
new machines, devices, or industrial methods would receive the full financial and other
rewards of their labor and yet still makes widespread use of the invention possible by
providing detailed diagrams for those wishing to use the idea under license from the patent’s
owner. Patents are obtained from the United States Patent and trademark Office (USPTO),
created in 1812. Obtaining a patent is much more difficult and time-consuming than obtaining
copyright protection (which is automatic with the creation of the work). Patents must be
formally applied for, and the granting of a patent is’ determined by ‘Patent Office examiners
who follow a set of rigorous rules. Ultimately, federal courts decide when patents are valid
and when infringement occurs.
Patents are very different from copyrights because patents protect the ideas
themselves and not merely the expression of ideas.
There are four types of inventions for which patents are granted under patent law:
machines, man-made products, compositions of matter, and processing methods.
The Supreme Court has determined that patents extend to “anything under the sun that is
made by man” as long as the other requirements of the Patent Act are met. There are three
things that cannot be patented: laws of nature, natural phenomena, and abstract ideas. For
instance, a mathematical algorithm cannot be patented unless it is realized in a tangible
machine or process that has a “useful” result (the mathematical algorithm exception).
In order to be granted a patent, the applicant must show that the invention is new,
original, novel, non obvious, and not evident in prior arts and practice. As with copyrights,

the granting of patents has moved far beyond the original intent of Congress’s first patent
statute that sought to protect industrial designs and machines. Patent protection has been
NOTES
extended to articles of manufacture (1842), plants (1930), surgical and medical procedures
(1950), and software (1981). The Patent Office did not accept applications for software
patents until a 1981 Supreme Court decision that held that computer programs could be a
part of a patentable process. Since that time, thousands of software patents have been
granted. Virtually any software program can be patented as long as it is novel and not
obvious.
Essentially, as technology and industrial arts progress, patents have been extended
to both encourage entrepreneurs to invent useful devices and promote widespread
dissemination of the new techniques through licensing and artful imitation of the published
patents (the creation of devices that provide the same functionality as the invention but use
different methods) (Winston, 1998). Patents encourage inventors to come up with unique
ways of achieving the same functionality as existing patents. For instance, Amazon’s patent
on one-click purchasing caused Barnesandnoble.com to invent a simplified two-click
method of purchasing.
The danger of patents is that they stifle competition by raising barriers to entry into
an industry. Patents force new entrants to pay licensing fees to incumbents, and thus slow
down the development of technical applications of new ideas by creating lengthy licensing
applications and delays.
E-commerce Patents
Much of the Internet’s infrastructure and software was developed under the
auspices of publicly funded scientific and military programs in the United States and Europe.
Unlike Samuel F. B. Morse, who patented the idea of Morse Code, and made the telegraph
useful, most of the inventions that make the Internet and e-commerce possible were not
patented by their inventors. The early Internet was characterized by a spirit of worldwide
community development and sharing of ideas without consideration of personal wealth.
This early Internet spirit changed in the mid-1990s with the commercial development of
the World Wide Web. Business firms began applying for “business methods” and software
patents.

DBA 1727
“Business Methods” Patents

NOTES
In 1998, in a landmark decision that paved the way for Internet business methods
patents, a Federal Circuit Court of Appeals in the State Street Bank & ‘Dust v. Signature
Financial Group, Inc.Financial Group, Inc. case upheld the claims of Signature Financial
to a valid patent for a business method that allows managers to monitor and record financial
information flows generated by a partner fund ( a “hub and spoke” system). In hub and
spoke financial systems, mutual funds (the spokes) pool their funds into a single portfolio
to achieve greater financial leverage, diversification, and higher returns. Signature Financial
had invented and obtained a patent (“Data Processing System for Hub and spoke Financial
Services Configuration”) on such a system in 1993. State Street Bank & trust attempted
to license the system from Signature Financial, but when negotiations broke down, State
Street sought to have the patent declared invalid and unenforceable because business
methods could not be patented. However, the Federal Appeals Court threw out the so-
called business methods exception under which it was thought business methods could not
be patented. The court concluded that business methods should be treated like any process
and that Signature Financial had invented a business method that could be patented. The
court ruled there was no reason to disallow business methods from patent protection, or
any “step by step process, be it electronic or chemical or mechanical, that involves an
algorithm in the broad sense of the term.”
5.3.2.3 Trademarks: Online Infringement and Dilution
Trademark law is a form of intellectual property protection for trademarks - a

mark used to identify and distinguish goods and indicates their source. Trademark
protections exist at both the federal and state levels in the United States. The purpose of
trademark law is two fold. First, the trademark law protects the public in the market-place
by ensuring that it gets what it pays for and wants to receive. Second, trademark law
protects the owner - who has spent time, money, and energy bringing the product to the
marketplace - against piracy and misappropriation.
‘Trademarks have been extended from single words to pictures, shapes, packaging,
and colors”. Some things may not be trademarked: common words that are merely
descriptive (“clock”), flags of states and nations, immoral or deceptive marks, or marks
belonging to others. Federal trademarks are obtained, first, by use in interstate commerce,
and second, by registration with the U.S. Patent and ‘Trademark Office (USPTO).
‘Trademarks are granted for a period of ten years, and can be renewed indefinitely.

Disputes over federal trademarks involve establishing infringement. The test for
infringement is twofold: market confusion and bad faith. Use of a trademark that creates
NOTES
confusion with existing trademarks, causes consumers to make market mistakes, or
misrepresents the origins of goods is an infringement.
In addition, the intentional misuse of words and symbols in the marketplace to

extort revenue from legitimate trademark owners (“bad faith”) is proscribed.
In 1995, Congress passed the Federal ‘Trademark Dilution Act, which created a
federal cause of action for dilution of famous marks. This new legislation dispenses with
the test of market confusion (although that is still required to claim infringement), and extends
protection to owners of famous trademarks against dilution, which is defined as any behavior
that would weaken the connection between the trademark and the product. Dilution occurs
through blurring (weakening the connection between the trademark and the goods) and
tarnishment (using the trademark in a way that makes the underlying products appear
unsavoury or unwholesome).
5.4 CYBER LAW, CONTRACTS AND WARRANTIES
5.4.1 Cyber law
Cyber law is a term used to describe the legal issues related to use of
communications technology, particularly “cyberspace”, i.e. the Internet. It is less a distinct
field of law in the way that property or contract are, as it is an intersection of many legal
fields, including intellectual property, privacy, freedom of expression, and jurisdiction. In
essence, cyber law is an attempt to apply laws designed for the physical world to human
activity on the Internet.
Jurisdiction and sovereignty
Issues of jurisdiction and sovereignty have quickly come to the fore in the era of
the Internet. The Internet does not tend to make geographical and jurisdictional boundaries
clear, but Internet users remain in physical jurisdictions and are subject to laws independent
of their presence on the Internet. As such, a single transaction may involve the laws of at
least three jurisdictions: 1) the laws of the state/nation in which the user resides, 2) the laws
of the state/nation that apply where the server hosting the transaction is located, and 3) the

DBA 1727
laws of the state/nation which apply to the person or business with whom the transaction
NOTES takes place. So a user in one of the United States conducting a transaction with another
user in Britain through a server in Canada could theoretically be subject to the laws of all
three countries as they relate to the transaction at hand.
Another major problem of cyber law lies in whether to treat the Internet as if it
were physical space (and thus subject to a given jurisdiction’s laws) or to act as if the
Internet is a world unto itself (and therefore free of such restraints). Those who favor the
latter view often feel that government should leave the Internet community to self-regulate.
John Perry Barlow, for example, has addressed the governments of the world and stated,
“Where there are real conflicts, where there are wrongs, we will identify them and address
them by our means. We are forming our own Social Contract. This governance will arise
according to the conditions of our world, not yours. Our world is different” (Barlow, A
Declaration of the Independence of Cyberspace). A more balanced alternative is the
Declaration of Cyber secession: “Human beings possess a mind, which they are absolutely
free to inhabit with no legal constraints. Human civilization is developing its own (collective)
mind. All we want is to be free to inhabit it with no legal constraints. Since you make sure
we cannot harm you, you have no ethical right to intrude our lives. So stop intruding!”.
Other scholars argue for more of a compromise between the two notions, such as Lawrence
Lessig’s argument that “The problem for law is to work out how the norms of the two
communities are to apply given that the subject to whom they apply may be in both places
at once” (Lessig, Code 190).
5.4.2 Contracting and Contract Enforcement in EC
Any contract includes three essential elements: an offer, an acceptance and

consideration. The Contract is formed when one party accepts the offer of another party.
An offer is a commitment with certain terms made to another party such as

declaration of willingness to buy or sell a product or service. An acceptance is the expression
of willingness to take an offer, including all of its stated terms. Consideration is the agreed
upon exchange of something valuable, such as money, property or future services.
Contracts are a key element of traditional business practice, and they are equally
important on the Internet. Offers and acceptances can occur when parties exchange e-
mail messages, engage in electronic data interchange (EDI) or fill out forms on web pages.

These Internet communications can be combined with traditional methods of forming

contracts, such as exchange of paper documents, faxes and verbal agreements made over
NOTES
the telephone or in person.
When enforcing contracts, courts tend to view offers and acceptances as actions
that occur within a particular context. If the actions are reasonable under the circumstances,
courts tend to interpret those actions as offers and acceptances. For example, courts have
held the various actions—including mailing a check, shipping goods, shaking hands, nodding
one’s head, taking an item off a shelf, or opening a wrapped package—are all, in some
circumstances, legally binding acceptances of offers.
Writing Contracts on the web
An early decision in the 1800’s held that a telegraph transmission was writing.
Later courts have held that tape recordings of spoken words, computer files on disks and
faxes are writings. Thus the parties to an electronic commerce contract should find it relatively
easy to satisfy the writing requirement. Courts have been similarly generous in determining
what constitutes a signature. A signature is any symbol executed or adopted for the
purpose of authenticating writing. It is reasonable to assume that a symbol or code included
in an electronic file would constitute a signature. Firms concluding international electronic
commerce do not need to worry about the signed writing requirement in most cases. The
main treaty that governs international sales of goods, Article 11 of the United Nations
Convention on Contracts for the International Sales of Goods (CISG), requires neither a
writing nor a signature to create a legally binding acceptance.
5.4.3 Warranties on the web
Any contract for the sale of goods includes implied warranties. A seller implicitly
warrants that the goods it offers for sale are fit for the purposes for which they are normally
used. If the seller knows specific information about the buyer’s requirements, acceptance
of an offer from the buyer may result in an additional implied warranty of fitness, which
suggests that the goods are suitable for the specific uses of the buyer. Sellers could create
explicit warranties, often unintentionally, by making general statements in brochures or
other advertising materials about product performance or suitability for particular tasks.

DBA 1727
5.5. TAXATION AND ENCRYPTION POLICIES:

NOTES
5.5.1 Introduction on Taxation
Electronic Commerce (“Ecommerce”) presents unique challenges to federal and

state tax authorities. Ecommerce involves commerce using the Internet: typically purchases
and sales through computers. Because Ecommerce involves computers communicating
with each other at the speed of light, transactions are both instantaneous and largely
anonymous. In contrast, mail order and telephone solicitation, two traditional forms used
by remote sellers, involve the delivery of goods from a specific physical location to a
specific location by means of a common carrier.
Although states and local jurisdictions have wrestled with the issue of collecting
taxes from out-of-state mail order sellers and telephone solicitors for decades, the internet
allows almost any small business to sell to customers in different states and countries.
The concept of taxation involves jurisdiction. From the Boston Tea Party Rebellion
in which tea was taxed as it physically landed on American shores, to sophisticated concepts
in international taxation, a government’s authority to tax has always been based on territory
and jurisdiction. For instance, the U.S. government taxes its residents on their world-wide
income because they are connected with the U.S. through citizenship and residency. Also,
the U.S. taxes foreign individuals and businesses who are receiving income from U.S.
sources. But the U.S. cannot tax a foreign citizen who is not a U.S. resident on earnings
from a foreign source.
With the internet, a business can move to so-called tax haven jurisdictions and
conduct business outside the taxing jurisdiction of any country. Also, because of the speed
in which transactions occur and the absence of a traditional paper trail, especially with
intangible property transmitted by computer such as software, digital music or books and
services, it will be very difficult, if not impossible to apply traditional notions of jurisdiction
to tax these transactions.
While governments who rely on an income tax to fund themselves will have great
difficulty taxing Ecommerce, states and local jurisdictions that rely on sales and property
taxes to fund their operations are in steep trouble. As discussed below, the U.S. constitution
requires a sufficient physical connection with the state or local jurisdiction by a company to

burden the business with a tax obligation, and merely selling property, services or goods to
a customer who resides in a state is not sufficient nexus.
NOTES
In short, it will take a Constitutional amendment to change the commerce clause,

and it extremely doubtful that U.S. citizens will vote to tax themselves on internet transactions.
In fact, outside of pressure from state and local tax authorities, there is little ground swell
for internet taxation by politicians. According to a Gallup Poll, 73% of active internet users
oppose an internet sales tax, compared to 14% in favor (Source: San Francisco Chronicle,
September 15, 1999, page D2). According to 36% of the respondents who use the
internet, they would be less likely to vote for a politician who voted to tax internet transactions.
But brick and mortar retailers who sell their products in physical locations, contend that
internet taxes are needed to equalize the tax burden for competitive reasons.
Some of the unique features of Ecommerce include:

Computer-to-Computer transactions without a paper trail;
Anonymous transactions, especially if a new form of electronic cash takes
hold;
Lack of information on the location of the seller and purchaser;
Electronic delivery of goods (books, CDs and movies in electronic form) and
services (brokerage or accounting services); and
Bundling of taxable and non-taxable items, such as taxable goods with tax-
exempt services.
5.5.2 Current Law - A Moratorium on Internet Taxes
Currently, under the Internet Taxation Freedom Act (“ITFA”), passed in 1988
there is a 3-year moratorium on federal and state taxation imposed on internet transactions.
The moratorium began on October 21, 1998 and remains in effect until October 21,
2001. ITFA’s purpose is to halt the rush by states to tax transactions occurring on the
internet until Congress has had the opportunity to study the issue and make
recommendations.
Congress realized that the internet needed time to grow as a viable medium for
commerce, without being subjected to taxing regimes imposed by the states. Congress
noted that the internet was inherently susceptible to multiply and discriminatory taxation in
ways that traditional commerce was not. Congress was concerned that because internet

DBA 1727
transactions involved a number of computers and routers, routing transactions throughout

NOTES the country and even throughout the world, potentially dozens of jurisdictions could attempt
to tax a single transaction. Thus, ITFA would protect internet business from being taxed in
complicated and unexpected ways by remote jurisdictions.
Discriminatory Taxes
A discriminatory tax traditionally involved a tax that favored local commerce over
interstate commerce, but the definition under ITFA has been broadened to include the
coverage of the tax, its application or a differential tax rate. In other words, if an ecommerce
transaction is subject to a tax that is any different from a tax imposed on similar property,
goods or services through other means, then the tax is discriminatory.
Example: If the purchase of a book over the internet is subject to a tax that is
different from purchasing a book in a bookstore, the tax is discriminatory. The same
would be true if the taxing authority charged a higher rate of tax for ecommerce purchases
of books. However, it is permissible to charge a lower rate on an ecommerce transaction.
It other works, a taxing jurisdiction may discriminate in favor of ecommerce.
Ecommerce conducted by out-of-state vendors do not have an obligation to collect

sales taxes if traditional remote sellers, such as mail-order and telephone solicitation vendors
do not collect sales taxes. Sales tax cannot be levied on because the purchaser uses
ecommerce to access the seller’s computer to acquire property, goods or service. Also,
states cannot use an “agency nexus” theory to claim that a purchaser’s ISP is an in-state
agent for the seller.
Example: If a purchaser in California uses his computer to connect with a

bookseller’s computer located in Nevada, no state or political subdivision may levy a sales
tax, even if the purchaser used a California ISP to connect to the internet.
Example: If a Nevada-based seller hosts his website on a California computer

and a California resident purchases a book, California cannot claim there is an agency
nexus to tax the transaction.
In addition, if a remote seller in one state, uses a computer in another state for
internet access or online services, there is no agency relationship between the remote seller
and the company providing the access or online services.

Example: A New Hampshire company, with no physical presence in California, hosts its
website with a California ISP, California cannot impose a sales tax on transactions because
NOTES
a California ISP was involved.
If books, magazines, newspapers or forms of tangible information are not subject

to sales tax, then downloads of that same information cannot be taxed. A tax obligation
cannot be imposed on a different entity such as a credit card company, if the vendor selling
the product, service or property would be the entity responsible to collect sales tax under
conventional commerce.
Multiple Taxes
Multiple taxes on the same transaction or service either in the same taxing jurisdiction
or tow or more taxing jurisdictions are prohibited. There is an exception if the tax is
imposed by a state and a local subdivision, such as California’s sales tax and San Francisco
County’s add-on sales tax for it Bay Area Rapid Transit. This could occur if a state taxed
internet access services as telecommunications services and then taxed located telephone
services as well. Unless a credit is given to eliminate any double-taxation, such a tax
would violate the prohibition against multiple taxation.
Exceptions to ITFA transactions.
Vendors who knowingly conduct ecommerce involving obscene or materials that

are otherwise harmful to minors cannot rely on ITFA as a defense against taxation. However,
the vendor can use ITFA as a defense if he uses credit card verification or procedures to
insure he is dealing with persons over age 17. The exception does not apply to internet
information and search services such as Yahoo, Lycos or Alta Vista or ISPs that host such
websites or telecommunication companies that transmit information over the internet.
Bundled software that includes protected ecommerce or internet applications are

protected under ITFA, but only in proportion to the ecommerce or internet applications.

DBA 1727
5.5.3 Taxation of Ecommerce - The Significant Issues

NOTES
Nexus - The Foundation of State and Local Taxation
The Interstate Commerce Clause of the U.S. Constitution prevents the states and
their political subdivisions from imposing taxes that unduly burden interstate commerce.
The key issue is whether the company that is being taxed as sufficient connection (nexus)
with the taxing authority.
Example: A company that operates in Nevada and does not sell products in California or
to California residents cannot be taxed by California. Converse, both California and San
Francisco have the right to tax a company physically located in San Francisco, such as a
hotel, even though the guests might reside in another state.
The problem comes when a business is not physically located in California, but
sells to California residents. Under what circumstances may California levy a tax on sales
to California residents?
In Quill v North Dakota, 504 U.S. 298, 1992, the U.S. Supreme Court held that
a remote seller could be required to collect sales taxes only if the seller had the requisite
nexus with the buyer’s state. Quill corporation sold office furniture products through a
catalogue. Although it was not physically present in North Dakota and did not have a sales
agents in the state, the North Dakota Supreme Court held that by selling its product to
North Dakota customers, Quill established an economic presence in North Dakota which
created nexus for sales tax purposes.
The U.S. Supreme Court held otherwise and ruled that a state could impose a
requirement that a company collect and remit sales taxes, the company had to have substantial
connections (a physical presence) with the state. Under the commerce clause, a mail-
order company without a physical location, employees or sales agents in North Dakota
could not be compelled to collect sales tax on its sales to North Dakota customers.
It is the commerce clause’s concept of nexus that prohibits most ecommerce

transactions from being taxed. In general, the duty to collect a sales or use tax depends on
where the sale is located and whether the buyer is a consumer or a business. Three
general rules apply:
1. Retail sales by venders to in-state consumers are subject to sales tax on the purchase,
but the vendor has the obligation of collect and remit the tax to the tax agency.

2. Out-of-state vendors making consumer sales are not required to collect and remit
sales taxes, unless the vendor has sufficient nexus under the commerce clause with
NOTES
the purchaser’s state to require collection.
3. If the out-of-state vendor cannot be required to collect the tax, then the consumer is
legally obligated to pay a self-assessed tax directly to the taxing agencies on the
purchase. This is usually referred to as a “use” tax, instead of a sales tax, since the
consumer is paying a tax for the use of the property. As a practical matter, this is
virtually impossible to enforce, hence the emphasis on requiring out-of-state vendors
to collect and remit the tax.
The absence of nexus in the mail order cases is profoundly greater in the Ecommerce
context. Not only do internet companies not have physical presence in the taxing jurisdiction,
often then can be located outside the jurisdiction of the U.S. altogether. Even if a transaction
can be theoretically taxed, in reality, Ecommerce transactions occur instantaneously and
without identity of the seller’s or buyer’s location. Because the sales tax is destination
based, unless a state or locality can pinpoint the physical location of the seller and buyer, it
is impossible to determine jurisdiction for sales tax purposes.
Example: California wants to apply a sales tax to the sale of software to its residents. In
order to California to levy the tax, it must determine that the purchase is a California
resident and that the seller has sufficient nexus with California to be required to collect and
remit the sales tax. Without ascertaining the location of the seller or buyer, California
cannot determine whether the purchaser was a California resident and whether the seller
had sufficient physical presence in California.
Note: If the goods or property purchased are tangible, such as an actual book, CD or a
shirt, then the traditional notions applicable to mail order taxation could be applied since it
could be ascertained where the goods were shipped and where they were delivered.
Will Ecommerce Really Erode the Tax Base for States and Localities?
Although state and local tax officials express grave concern that the Ecommerce
will decimate the ability for states and localities to levy taxes on these transactions, this
response might be overblown. Currently, states and localities cannot tax remote sellers
anyway, unless they have sufficient nexus with the state. This means that mail order and

DBA 1727
telephone solicitation commerce by remote sellers is not subject to tax. Unless the Supreme
NOTES Court drastically alters its reading of the Constitutions’s commerce clause, or there is a
constitutional amendment allowing taxation of remote sellers, Ecommerce merely continues
the trend to avoid taxes by engaging in remote selling without a physical presence.
Most services and intangible products are not currently subject to sales taxes
anyway. In California, services, such as legal, accounting, and medical costs, are not
subject to sales taxes. Neither are food or medicine. Therefore, Ecommerce involving
intangible goods or services will not cause an erosion of the tax base.
Even if a remote seller is not subject to sales tax rules, a state’s citizen is supposed
to self-assess a use tax which is equal to the sales tax, but the states have been lax in
enforcing this requirement. The answer to Ecommerce taxation in particular and remote
selling in general, is to require a state or locality’s resident to self-assess the tax that should
have been collected by the remote seller. There is no prohibition against the use tax; the
problem lies in enforcement. Therefore, although Ecommerce prevents states from forcing
remote sellers from collecting and remitting sales tax, the ultimate tax liability is not affected
since in-state consumers have the legal tax liability to self-assess and pay the tax anyway.
Although Ecommerce in rapidly growing, as of 1988, it represents much less than

1% of total consumer spending. Remember that business-to-business sales are subject to
use tax payments by in-state businesses, and approximately 80% of current Ecommerce is
business-to-business.
To the extent Ecommerce is merely a substitute for other remote seller transactions,
Ecommerce does not affect the tax base since remote sales involving mail order or telephone
solicitation are exempt from sales tax under the commerce clause.
There is evidence that even if all Ecommerce was subject to sales taxes, the revenue
generated to the states and localities would represent about one-tenth of one percent of all
sales and use taxes collected. Also, sales and use taxes continue to grow, despite
Ecommerce.

5.5.4 The Future for Ecommerce Taxation

NOTES
The Commission on Electronic Commerce, created by the ITFA legislation, has
not been able to make any headway in the taxation debate, but several members have
voice support for Internet taxes, provided the tax is simple to calculate for businesses.
This could mean a uniform tax rate agreed to by all the states, or technological advances
that would allow businesses to calculate the sales tax simply and without a large investment
in time and resources.
Unfortunately, the current state and local tax systems, which number close to 7,500
throughout the U.S., are notoriously parochial minded when it comes to defending their
jurisdiction. In Texas alone, there are more than 1,300 separate sales tax jurisdictions.
These numbers could be significantly increased if states and local jurisdictions were allowed
to tax Ecommerce.
Small businesses would be buried in costly paperwork attempting to comply with

all these rules. That is precisely why the commerce clause in the Constitution prohibits
taxes and is an undue burden on interstate commerce.
5.5.5 Encryption policy:
Encryption is a technique for hiding data. The encrypted data can be read only by
those users for whom it is intended. Nowadays various encryption techniques are available.
One of the available techniques commonly used for encryption is Public Key. In Public
Key encryption system, RSA Data Security of Redwood City offers the most popular and
commercially available algorithm.
In a Public Key encryption system each user has two keys-public key and private
key. The encryption and decryption algorithms are designed in a way so that only the
private key can decrypt data that is encrypted by the public key. And the public key can
decrypt data, encrypted by the private key. Therefore, one can broadcast the public key
to all users.
Computer encryption is based on the science of cryptography, which has been

used throughout history. Before the digital age, the biggest users of cryptography were
governments, particularly for military purposes.

DBA 1727
Most computer encryption systems belong in one of two categories. Broadly

NOTES speaking, there are two types of encryption methods:
Secret-key cryptography
Public-key cryptography
Data Encryption Standard (DES)
A widely-adopted implementation of secret-key cryptography is Data Encryption

Standard (DES). The actual software to perform DES is readily available at no cost to
anyone who has access to the Internet. DES was introduced in 1975 by IBM, the National
Security Agency (NSA), and the National Bureau of Standards (NBS) (which is now
called NIST). DES has been extensively researched and studied over the last twenty years
and is definitely the most well-known and widely used cryptosystem in the world. DES is
secret-key, symmetric cryptosystem: When used for communication, both sender and
receiver must know the same secret key, which is used both to encrypt and decrypt the
message. DES can also be used for single user encryption, for example, to store files on a
hard disk in encrypted form. In a multi-user environment, however, secure-key distribution
becomes difficult; public-key cryptography, discussed in the next subsection, was developed
to solve this problem.
DES operates on 64-bit blocks with a 56-bit secret key. Designed for hardware
implementation, it operation is relatively fast and works well for large bulk documents or
encryption. Instead of defining just one encryption algorithm, DES defines a whole family
of them. With a few exceptions, a different algorithm is generated for each secret key. This
means that everybody can be told about the algorithm and your message will still be secure.
You just need to tell others your secret key a number less than 256. The number 256 is
also large enough to make it difficult to break the code using a brute force attack (trying to
break the cipher by using all possible keys). DES has withstood the test of time. Despite
the fact that its algorithm is well known, it is impossible to break the cipher without using
tremendous amounts of computing power. A new technique for improving the security of
DES is triple encryption (Triple DES), that is, encrypting each message block using three
different keys in succession. Triple DES, thought to be equivalent to doubling the key size
of DES, to 112 bits, should prevent decryption by a third party capable of single-key
exhaustive search. Of course, using triple-encryption takes three times as long as single-
encryption DES. If you use DES three times on the same message with different secret

keys, it is virtually impossible to break it using existing algorithms.. Over the past few years
several new, faster symmetric algorithms have been developed, but DES remains the most
NOTES
frequently used.
5.5.6 Customer’s Trust Online
1. Presentation
The look of a site conveys a sense of personality and influences the degree to
which visitors are prepared to trust the site owner. If an organisation already has a corporate
identity then the site should be consistent with this. On-screen design and copy styles
should reflect existing printed literature. A company’s colours may need re-working online,
to a new palette that is fast to download to the computer screen. Developing a brand to
work online is a new task. The internet is tactile - web pages should look, sound and move
in ways that reinforce the company’s existing image.
2. Navigation
If customers walk into a new high street shop they can usually find their way
around. There are conventions for laying out a shop and customers unconsciously understand
and follow them. Online conventions are still being developed.
Therefore, some judgement will be needed to make first-time visits successful.

The challenge is to create enticement – to explore the store - without customers getting
lost. On the home page a site’s purpose must be clear to the first-time visitor. Use simple
words to describe the site’s content and make it easy for visitors to find what they are
looking for by giving clear instructions.
3. Fulfilment
Goods have now been selected and your customer has made it to the checkout.
At this point most shopping carts are abandoned. Websites can keep customers’ trust by
taking them through a transparent transaction process. At all times customers should know
where they are in the checkout process and they should be able to find out what happens
later. It must be easy to see: How orders are to be processed The company’s returns
policy. Online and offline customer support services The company’s security policy for

DBA 1727
personal information. If you have shops on the high street, give customers the option to
NOTES return goods there. And remember to train your staff to handle returned online orders.
4. Familiar Names & Logos
Names that we know and trust are familiar and friendly. If we see them on a
website we trust the website more. Customers trust sites where they can see the familiar
logos of credit card brands, major software companies and web security organizations. If
your company is trusted by these organizations, don’t hide it. Should your company have
a familiar name, use it to build customer expectation of the site’s content, the quality of
products and the level of service support. Web customers will have higher service
expectations than offline customers. They may expect service delivered in real time, with
transparency and, above all, with consistency.
5. Technology
Too much technology can be daunting. Use technology as a transparent aid to

navigation and activity. Aim for graphics and functions in proportion to your customer’s
needs. These needs will change with your customer’s experience. Are you handling visitors
new to the web trade or devotees?
• Newcomers need signposts and easy navigation.

• Old hands need quick routes to every part of the site.
Younger visitors and technically aware customers may be more tolerant of higher
technical demands. Make sure that technology supports your sales process and does not
obscure it: Automatically recognise returning customers Help to complete forms correctly
Design forms to work with software programs that automatically add user details to the
form
5.5.7 Steps to Plan Successful E-Commerce
Respond Fast
If the plan is to respond to customer wishes, then the most successful plan will be
the one that responds fastest. This means that every component of the plan should be built

with the intention of proving a principle. Ask yourself if your customers want this? If they
do, then a more robust version can be built. If they don’t, then you can redirect your time
NOTES
and resources and use the knowledge gained to good effect elsewhere.
Test out Your Plan
In the online marketplace everything is a test until it’s proven by the customer.
Successful testing follows a simple rule:
Test one Thing at a Time
Only test changes that can be measured directly. If a test includes more than one
change, it’s almost always impossible to measure the effect of each one. Test to learn from
the customer and to improve one step at a time.
Challenge Internal Assumptions
Remove internal processing costs to make dramatic improvements to profit margins.

Analyse each sales process to clarify what it is that staff spend time doing. In particular,
look for processes in which information is transferred. How many steps can be eliminated
by outsourcing tasks to your customers and suppliers? Who is best placed to make the
original information entry? Can that information be shared to avoid reentering the same
information? What information could customers, suppliers and distributors find for
themselves, computer to computer? With the time saved, what could your staff do to add
more value for customers?
Focus on Customer, Supplier & Distributor Benefits
What’s in it for customers, suppliers and distributors? Have you asked what they’d
like? The web’s very good at research. Are you offering them a new way to use an existing
service or a completely new service? Is it faster, cheaper, more convenient or just new and
online? What new information do they get? Decide what you can reliably offer each group
now and plan a phased introduction of more complex services. Complexity often arises
from integrating tried and tested stand-alone services.

DBA 1727
Give Good Reasons to Use Online Services

NOTES
Not all customers will automatically move to an online service simply because it’s
there. Equally, in a service’s early stages it may not make good sense to risk overwhelming
a new online channel by quickly moving large numbers of customers over to the new
service.
If you prefer customers to use an online channel, find ways to: Inform them that it
is there (they may not know this) Tell them how to change over Incentivise the swap to
make it worthwhile Introduce the new service as a special privilege beta test programme
Calculate the Three Sets of Costs
Very few organisations have all the resources in-house to start offering online
services. There are three sets of costs that should be calculated:
1. Current company costs that will be altered by the online changes

• both internal and external costs
2. Cost to implement the changes

• interim support may be needed
• training for staff whose tasks change
3. New cost assumptions, post change

• long-term cost-savings
• long-term outsourcing arrangements
• ongoing online development plans
Help Staff Adapt to Online Working
An online service will affect your staff and the work that they do. If your organisation
is typical, there will be a progressive transfer from processing tasks towards customer
service. Some may find this work more fulfilling; others will not enjoy the increased
interaction with customers. Unless a company’s online services are entirely online, staff
who is to fulfil new service roles will require assistance to develop new skills. They will
almost certainly require some training in how to make the most of the new technology for
the benefit of their customers.

Summary
NOTES
• Internet commerce raises legal issues through the provision of the following
services:
Online marketing
Online retailing ordering of products and services

Financial services such as banking and trading in securities.
Exchange of electronic messages and documents
EDI, electronic filing, remote employee access, electronic transactions.
Trade and commerce over the Internet give rise to several legal issues
• The growth of EC on the Internet depends to a large extent on the confidence

of traders in forming legally enforceable contracts online. The key activities
associated with the formation of an enforceable contract do take place on the
Internet, viz. offer is communicated by the acceptor and acceptance is received
by the offer or from the acceptor.
• The ethical, social, and political issues raised in e-commerce, provide a

framework for organizing the issues, and make recommendations for managers
who are given the responsibility of operating e-commerce companies within
commonly accepted standards of appropriateness.
• The Concept of Privacy: Privacy is the moral right of individuals to be left

alone, free from surveillance or interference from other individuals or
organizations, including the state. Privacy is a girder supporting freedom:
Without the privacy required to think, write, plan, and associate independently
and without fear, social and political freedom is weakened, and perhaps
destroyed.
• Intellectual property is considered to be intangible property created by

individuals or corporations. Information technology has made it difficult to
protect intellectual property, because computerized information can be so
easily copied or distributed on networks.

DBA 1727
• There are three main types of intellectual property protection: Copyright, Patent
NOTES and Trademark law.
• Cyber law is a term used to describe the legal issues related to use of
communications technology, particularly “cyberspace”, i.e. the Internet. It is
less a distinct field of law in the way that property or contract are, as it is an
intersection of many legal fields, including intellectual property, privacy,
freedom of expression, and jurisdiction. In essence, cyber law is an attempt
to apply laws designed for the physical world to human activity on the Internet.
• Contracting and Contract Enforcement in EC: Any contract includes three

essential elements: an offer, an acceptance and consideration. The Contract is
formed when one party accepts the offer of another party.
• The outdated and overly complex mechanisms used by thousands of

jurisdictions to tax traditional transactions is clear that a fundamental
restructuring of our current sales tax laws is needed to simply tax collection,
to decrease the burden of compliance on business and to deal with the
increasingly integrated economy of Ecommerce.
1. List the major legal issues of EC

2. Discuss the EDI Interchange agreement
3. Define ethics
4. Discuss the ethical, social and political issues in EC
5. What are the basic ethical concepts
6. Define privacy
7. Define Intellectual property
8. Describe the three main types of intellectual property protection
9. What is contracting? How is it enforced in EC
10. Discuss taxation in EC
11. Describe the significant issues of taxation in EC
12. Define encryption policy
13. Define DES
14. Discuss the steps to plan successful EC

E Commerce

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

E Commerce

Uploaded by

Copyright:

Available Formats

MBA

Centre for Distance Education

• Frontiers of electronic commerce by Kolokota Whinston, Pearson Education,inc.

UNIT I –FUNDAMENTAL OF E-COMMERCE

UNIT II – BUSINESS APPLICATIONS IN E-COMMERCE

UNIT III – E-COMMERCE INFRASTRUCTURE

UNIT IV - E-COMMERCE PAYMENTS AND SECURITY

UNIT V – LEGAL AND PRIVACY ISSUES IN E-COMMERCE

2. Kalakota et al, ‘Frontiers of Electronic Commerce’, Addison Welsley, 2001.

3. Sandeep Krishnamurthy,’E-Commerce Management –Text and Cases’, Thomson Learning, 2003

4. Greenstein Firsman,’Electronic Commerce’, Tata McGraw Hill, 1999.

1.1 INTRODUCTION TO E-COMMERCE 1

2.1 RETAILING IN E-COMMERCE 93

3.1 INTERNET 165

4.1 ELECTRONIC PAYMENTS AND PROTOCOLS 213

5.1 LEGAL ASPECTS OF E- COMMERCE 273

1.1 INTRODUCTION TO E-COMMERCE

1.1.2 Brief History Of E-Commerce

The history of E-commerce is a history of how Information Technology has

1 ANNA UNIVERSITY CHENNAI

1969, when the Advanced Research Projects Agency (a Department of Defence

EDI, which expanded from financial transactions to other transaction processing

1.1.3 Definition Of E-Commerce:

Electronic commerce is an emerging model of new selling and merchandising

E-commerce is basically, doing business-as-usual, but across the Internet. You

2 ANNA UNIVERSITY CHENNAI

• Browse through stock list, read about an item or service;

Electronic Commerce under different perspectives:

3 ANNA UNIVERSITY CHENNAI

2. Business Process Perspective

1.1.4 Classifications of E-Commerce Applications

Electronic Commerce (e-Commerce) is a general concept covering any form of

E-Commerce systems include commercial transactions on the Internet but their

Electronic Data Interchange (EDI):

Electronic Data Interchange (EDI) is the electronic exchange of business documents

4 ANNA UNIVERSITY CHENNAI

5 ANNA UNIVERSITY CHENNAI

The three categories of E Commerce

1.1.5 Types of e-commerce

There are a number of different types of E-Commerce

• B2B - Business to Business

6 ANNA UNIVERSITY CHENNAI

B2B - Business to Business

B2C - Business to Consumer

Business to Consumer e-commerce is relatively new. This is where the consumer

7 ANNA UNIVERSITY CHENNAI

C2B - Consumer to Business

B2E - Business to Employee

Business to Employee e-commerce is growing in use. This form of E-commerce is

C2C - Consumer to Consumer

1.1.6 Scope of E-Commerce

• Selling can be focussed to the global customer

8 ANNA UNIVERSITY CHENNAI

• Financing and insurance

1.1.7 E- Commerce in Action

9 ANNA UNIVERSITY CHENNAI

How E-Commerce Works

From there, the consumer decides that he wants to purchase something, so he

10 ANNA UNIVERSITY CHENNAI

1. Getting a Merchant Bank Account

Getting a Merchant Bank Account

1. In order for credit card authorization to be automatic from within ManageMore,