E Com

E-COMMERCE

AN OVERVIEW

WHAT IS E-COMMERCE?

E-commerce (electronic commerce or EC) is the buying and selling of goods and services on the Internet, especially the World Wide Web

FEATURES OF E-COMM

Nowadays E-Commerce is the buzz word. Although it is omnipresent but we never realize its importance primarily because it is known by different names. People do site promotion, affiliate marketing, and many other things but the goal is same i.e. to get clients and sell the products or services of the company. 'E' is just a medium to transact online. Here are some peculiar features of e-commerce which makes it considerably appreciable.

UbiquityE-commerce is ubiquitous, meaning that it is available just about everywhere at all times. It liberates the market from being restricted to a physical space and makes it possible to shop from your desktop.To transact, it is no longer necessary that you spend time and money traveling to a market. At a broader level, the ubiquity of e-commerce lowers the cognitive energy required to complete a task.

Global Reach

E-commerce technology permits commercial transactions to cross cultural and national boundaries far more conveniently and effectively as compared to traditional commerce. As a result, the potential market size for e-commerce merchants is roughly equal to the size of world's online population.

Universal Standards

One strikingly unusual feature of e-commerce technologies is that the technical standards of the Internet and therefore the technical standards for conducting e-commerce are universal standards i.e. they are shared by all the nations around the world.

Interactivity

Unlike any of the commercial technologies of the twentieth century, with the possible exception of the telephone, e-commerce technologies are interactive, meaning they allow for two-way communication between merchants and consumer.

Information Density and Richness

E-commerce technologies reduce information collection, storage, communication and processing costs. At the same time, these technologies increase greatly the accuracy and timeliness of information, making information more useful and important than ever. As a result, information becomes plentiful, cheaper and of higher quality. Information richness refers to the complexity and content of a message.

Personalization

E-commerce technologies permit personalization. Merchants can target their marketing messages to specific individuals by adjusting the message to a person's name, interests and past purchases. The technology also permits customization. Merchants can change the product or service based on user's preferences or prior behavior.

DISADVANTAGES

Time for delivery of physical products

E-commerce is often used to buy goods that are not available locally from businesses all over the world, meaning that physical goods need to be delivered, which takes time and costs money.

Physical product, supplier & delivery uncertainty

In some respects e-commerce purchases are made on trust. This is because, firstly, not having had physical access to the product, a purchase is made on an expectation of what that product is and its condition. Secondly, because supplying businesses can be conducted across the world, it can be uncertain whether or not they are legitimate businesses and are not just going to take your money. It's pretty hard to knock on their door to complain or seek legal recourse! Thirdly, even if the item is sent, it is easy to start wondering whether or not it will ever arrive.

Perishable goods

Goods bought and sold via the Internet tend to be durable and non-perishable: they need to survive the trip from the supplier to the purchasing business or consumer. This shifts the bias for perishable and/or non-durable goods back towards traditional supply chain arrangements, or towards relatively more local e-commerce-based purchases, sales and distribution.

Limited and selected sensory information.

If we were looking at buying a car on the Internet, we would see the pictures the seller had chosen for us to see but not the things we might look for if we were able to see it in person. And, taking into account our other senses, we can't test the car to hear the sound of the engine as it changes gears or sense the smell and feel of the leather seats. There are many ways in which the Internet does not convey the richness of experiences of the world. This lack of sensory information means that people are often much more comfortable buying via the Internet generic goods - things that they have seen or experienced before and about which there is little ambiguity, rather than unique or complex things.

Returning goods.

Returning goods online can be an area of difficulty. The uncertainties surrounding the initial payment and delivery of goods can be exacerbated in this process. Will the goods get back to their source? Who pays for the return postage? Will the refund be paid? Will I be left with nothing? How long will it take? Contrast this with the offline experience of returning goods to a shop.

Privacy, security, payment, identity, contract

Many issues arise - privacy of information, security of that information and payment details, whether or not payment details (eg credit card details) will be misused, identity theft, contract, and, whether we have one or not, what laws and legal jurisdiction apply.

Size and number of transactions

E-commerce is most often conducted using credit card facilities for payments, and as a result very small and very large transactions tend not to be conducted online. The size of transactions is also impacted by the economics of transporting physical goods.

SECURITY IN E-COMMAny system has to meet four requirements:

• privacy: information must be kept from unauthorized parties.

• integrity: message must not be altered or tampered with.

• authentication: sender and recipient must prove their identities to each other.

• non-repudiation: proof is needed that the message was indeed received.

TransactionsSensitive information has to be protected through at least three transactions:

1) Credit card details supplied by the customer, either to the merchant or payment gateway. Handled by the server's SSL and the merchant/server's digital certificates.

2) Credit card details passed to the bank for processing. Handled by the complex security measures of the payment gateway.

3) Order and customer details supplied to the merchant, either directly or from the payment gateway/credit card processing company. Handled by SSL, server security, digital certificates (and payment gateway sometimes).

Privacy

Privacy is handled by encryption. In PKI (public key infrastructure) a message is encrypted by a public key, and decrypted by a private key. The public key is widely distributed, but only the recipient has the private key. For authentication (proving the identity of the sender, since only the sender has the particular key) the encrypted message is encrypted again, but this time with a private key. Such procedures form the basis of RSA (used by banks and governments) and PGP (Pretty Good Privacy, used to encrypt emails).

Digital SignaturesDigital signatures meet the need for authentication and integrity. To vastly simplify matters a plain text message is run through a hash function and so given a value: the message digest. This digest, the hash function and the plain text encrypted with the recipient's public key is sent to the recipient. The recipient decodes the message with their private key, and runs the message through the supplied hash function to that the message digest value remains unchanged (message has not been tampered with). Very often, the message is also time-stamped by a third party agency, which provides non-repudiation.

Secure Socket LayersInformation sent over the Internet commonly uses the set of rules called TCP/IP (Transmission Control Protocol / Internet Protocol). The information is broken into packets, numbered sequentially, and an error control attached. Individual packets are sent by different routes. TCP/IP reassembles them in order and resubmits any packet showing errors. SSL uses PKI and digital certificates to ensure privacy and authentication. The procedure is something like this: the client sends a message to the server, which replies with a digital certificate. Using PKI, server and client negotiate to create session keys, which are symmetrical secret keys specially created for that particular transmission. Once the session keys are agreed, communication continues with these session keys and the digital certificates.

SET

• Secure Electronic Transaction (SET) was a standard protocol for securing credit card transactions over insecure networks, specifically, the Internet.

• SET was developed by SETco, led by VISA and MasterCard (and involving other companies such as GTE, IBM, Microsoft, Netscape, RSA and VeriSign) starting in 1996.

SET allowed parties to cryptographically identify themselves to each other and exchange information securely. SET used a blinding algorithm that, in effect, would have let merchants substitute a certificate for a user's credit-card number. If SET were used, the merchant itself would never have had to know the credit-card numbers being sent from the buyer, which would have provided verified good payment but protected customers and credit companies from fraud.

Firewalls

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt (in and out) computer traffic between different security domains based upon a set of rules and other criteria.

KerberosIt is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol. Its designers aimed primarily at a client-server model, and it provides mutual authentication — both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.

• Kerberos builds on symmetric key cryptography and requires a trusted third party. Extensions to Kerberos can provide for the use of public-key cryptography during certain phases of authentication

EDI

Electronic Data Interchange is the computer-to-computer exchange of routine business data between trading partners in standard data formats. This definition contains 3 key concepts about EDI:

1) Efficient form flows directly out of a sender’s computer system directly into a receiver’s computer system without any human intervention.( However, it is not always possible for EDI to flow in this most efficient manner.)

2) Routing business data: EDI is used for routine business documents like Purchase Orders and Invoices. It is not used for non-routine business documents like complicated contracts or information meant for humans to read and analyze.

3) Standard data formats: A standard definition of the location and structure of the data is provided. Unstructured text is not EDI.

The diagram illustrates how much slower the conventional paper process than the EDI process. Additionally, the conventional paper process includes substantially more human intervention to move business information from one company to another.

The conventional process requires someone to handle a printed computer generated form and mail it. Then, the recipient re-keys the data back into another computer for their internal processing. (It is estimated that 80% of the data that is keyed into computers is output from other computers!) The EDI process is a computer transmitting the information directly to another computer, eliminating the paperwork and human intervention.

Benefits of EDI

• Speed – Data can move directly out of one computer system and into another with little to no delay.

• Accuracy – Errors are reduced because data is not being re-keyed. Error rates from entering data are between .5 – 3%. On large volumes of transactions, the possibility for the introduction of errors is enormous.

• Simplicity – EDI standards specify how data will be formatted and where it can be found.

• Security – Much less likely to lose information transmitted through EDI than information sent via mail. EDI can be accessed only by authorized users, and then there are audit trails and archives of data. EDI data cannot be easily changed by unauthorized users. It is also not subject to viruses.

These 4 benefits produce the following results

• Faster buy-sell cycle time• Faster cash flow• Reduced order lead time• Reduced inventories• Ability to conduct just-in-time manufacturing• Improved trading partner relationships