E Commerce Notes
E Commerce Notes
E Commerce Notes
Ch,
Research Scholar(K.U)
1
Suresh Chandra.Ch,
Research Scholar(K.U)
2
E-Commerce:
Electronic Commerce, commonly referred to as "eCommerce" or "e-commerce", is
defined as the utilization of information and communication technologies (ICT) in
support of all the activities of business transactions.
E-commerce is defined as any form of business transaction in which the parties
interact electronically rather than by physical exchanges of documents or direct meetings
among officials.
Simply, E-commerce is defined as the process of conducting business
electronically or over the internet.
E-commerce involves business processes spanning the entire value chain:
electronic purchasing and supply chain management, processing orders electronically,
handling customer service, and cooperating with business partners.
ADVANTAGES OF E-COMMERCE:
There are many advantages of E-commerce It provides advantages for sellers
and buyers. Some of the important advantages are:
1. Increased sales opportunities for seller
2. Wider product availability to the buyers.
3. Decreased costs for sellers
4. Customized and personalized information and buying options.
5. 24 hours a day, 7 days a week sales for sellers and 24/7 shopping for buyers.
6. Access to global markets for sellers.
7. Increased speed and accuracy of information delivery.
8. Data collection and customer preferences tracking is available through E-
Business.
Suresh Chandra.Ch,
Research Scholar(K.U)
3
SIGNIFICANCE OF E-COMMERCE
1.Electronic commerce methods enable companies to link their internal and external data
processing systems more efficiently and flexibly, to work more closely with suppliers and
partners, and to better satisfy the needs and expectations of their customers.
2. . Ecommerce software solutions allow the integration of intra and inter firm business
processes.
3. E-commerce is a mainly Internet-based commerce method, the security of online
business information, business activities and their confidence will seriously affect
people's awareness, acceptance and participation of e-business, and thus the impact of e-
business development.
With the development of e-business, some new problems appeared. They are a challenge
to the traditional commercial mode, honesty and the evaluation method.
3. E-commerce can be conducted using the Web, the Internet, intranets, extranets, or
some combination of these.
4. E-commerce is any internet initiative tactical or strategic that transforms business
relationships, whether those relationships be business-to-consumer, business-to-business,
intra business or even consumer to consumer.
5. Electronic commerce is market place where businesses are using Internet technologies
and network computing to securely transform:
Their internal business processes(via Intranets),
Their business relationships(via extranets), and
The buying and selling of goods, services, and information (via e-commerce).
OPPORTUNITIES AND RISKS
Reducing costs, improving margins, efficiencies in company purchasing and
procurement processes for the buyers, and increasing revenues for sellers are the
main objectives of commercial transactions on the internet.
We use the term E-commerce to broadly describe the publishing of information
and the performing of various transactions over the Internet, Extranets, or
Intranets. E-commerce includes the various terms used to express specific
functions, including e-business, e-government, and others. The barriers to
Suresh Chandra.Ch,
Research Scholar(K.U)
4
effective E-commerce are varied enough in the industrial world, but especially
problematic in the developing world. Some obstacles are likely to be removed in
the relatively near future, but others will remain over a much longer period.
A growing number of companies use computers and the Internet in their daily
business. It is therefore not surprising that e-business is an important if not
significant part of their business strategy.
Security risks can include theft of data (credit card numbers from your database),
distortion of data (changes to payment files or invoices so that people appear to
owe you more or less than they do), destruction of data, or broadcasting of data
(showing visitors'' real names instead of their nicknames in a chat room or forum).
All of these cost your business money in terms of data recovery and goodwill
recovery.
DIFFERENCE BETWEEN E-BUSINESS & E-COMMERCE
In practice, e-business is more than just e-commerce.
E-commerce is a subset of an overall e-business strategy where as e-business is a
strategic focus of all the activities involved in electronic capabilities.
E-Commerce is a subset of E-business. Business involves a whole set of transactions that
must be completed before actual reaching the point where goods or services change
hands for the agreed consideration.
E-Commerce Models: Based on providers (or) producer and customer(or) clients point
of view, the E-Business models are classified into:
Business-to-business(B2B) *
Business-to-consumer (B2C) *
Business-to-employee (B2E)
Business-to-government (B2G) *
Government-to-business(G2B)
Government-to-government (G2G)
Government-to-citizen (G2C)
Consumer-to-government (C2G) *
Suresh Chandra.Ch,
Research Scholar(K.U)
5
Consumer-to-business (C2B) *
B2C BUSINESS MODEL
Business-to-consumer (B2C, sometimes also called Business-to-Customer) describes
activities of businesses serving end consumers with products and/or services.
There are several internet based shops, popularly known by several names such as virtual
shops, cyber shops, dot-com shops, E-stores etc.
Common Characteristics of the shops are;
Customers have access to the internet. ; They operate from the homes or work
places and wish to purchase items sold by the shops. For convenience sake, one can shp
at any time from the house and items will be delivered to the house. Through the web
address of the shop9ending with. .com known as dot com shops), connnected to the world
wide web, customer operates.
BUSINESS CONSUMER
An example of a B2C transaction would be a person buying a pair of shoes from a
retailer. The transactions that led to the shoes being available for purchase that is the
purchase of the leather, laces, rubber, etc.
Typical examples:
Online book store(eg: amazon.com)
Suresh Chandra.Ch,
Research Scholar(K.U)
6
Online car purchasing (eg: automall.com)
Booking and purchase of airline tickets
Advantages of B2 C applications:
It allows the company to extend existing services to customers
It allow companies to increase its customers
It helps the companies to offer a wide choice and allow cheaper prices
It may give to the company a world wide visibility.
MAJOR LEGAL AND ETHICAL ISSUES IN ELECTRONIC COMMERCE
The ethical values are the moral principles which govern the trustiness of e-
ecommerce. Some of the issues which are need to be considered for the smooth
functioning of business transactions through e-commerce applications are:
1. Privacy
2. Intellectual property
3. Computer crimes.
1. Privacy: privacy has become one of the worrying concerns for e-commerce. The copy
of the original document or video or any form can upset the business of the mother
companies. The privacy has also entered in many fields including media, film and in
duplication design of the products.
2. Intellectual Property: Intellectual property refers to the ownership of invention and
rights. The advancement in technology also created duplication of innovations and such
things created problems to the owners of intellectual property.
3. Computer Crimes: The computer crime or cyber crimes are also increasing with the
development of technology. The misuse of data and information, duplication of
innovations created problems and the computer crimes are also increasing.
Suresh Chandra.Ch,
Research Scholar(K.U)
7
Mechanics for e-commerce:
Some of the important mechanics for e-commerce include the following.
1. The internet
2. The world wide web(www)
3. Web architecture
1. The Internet
Internet is regarded as the system of interconnected networks that spans the globe.
With out the connection of internet, many applications of e-commerce cannot function.
The internet has proven its credibility as majority of the business transactions are
presently performing with the help of internet only. For getting the internet connection,
the following sources are needed.
a). Routers
b). TCP/IP (Transmission Control Protocol and Internet Protocol)
c). Firewalls
d). Infrastructure
e). Network protocols
2.The world wide web(WWW)
It is the part of the internet allows users to share information with an easy to use
interface. The world wide web provide access to all the users through out the world
to share and get the information from all parts of the world.
3. Web architecture:
The web architecture is also a very important web architecture. These include:
Client/server model
Suresh Chandra.Ch,
Research Scholar(K.U)
8
N-tier architecture, e.g., web servers, application servers, database servers,
scalability.
E-COMMERCE ARCHITECTURE
The e-commerce architecture means the synthesizing of various existing resources
like DBMS, data repository, computer languages, software agent-based transactions,
monitors or communication protocols to facilitate the integration of data and software for
better applications. The architectural framework for e-commerce consists of six layers of
functionality or services as follows:
1. Application services
2. Brokerage services, data or transaction management
3. Interface and support layers
4. Secure messaging, security and electronic document interchange
5. Middleware and structured document interchange, and
6. Network infrastructure and the basic communication services.
The e-commerce architecture can be of many types depending on the type of
client(s) and type of server.
Important forms of e-commerce architecture are:
1. Client server architecture
2. Multi client server architecture.
1. Client server architecture:
Typically the e-commerce customer is the client and the business is the server.
In the client/server model single machine can be both client and the server.
Suresh Chandra.Ch,
Research Scholar(K.U)
9
The client /server model utilises a database server in which RDBMS user queries
can be answered directly by the server.
The client/server architecture reduces network traffic by providing a query
response to the user rather than transferring total files.
The client/server model improves multi-user updating through a graphical user
interface (GUI) front and to the shared database.
In client/server architecture, client and server typically communicate through
statements made in structured query language(SQL).
TWO-TIER ARCHITECTURE
The user system interface is usually located in the users desktop environment and
the DBM services are usually in a server that is a more powerful machine that services
many clients.
PROBLEMS AND PROSPECTS IN E-COMMERCE
These include:
1. Fraud
2. security
3. legal issues
4. lack of skilled personnel
5. lack of training and maintenance
6. misuse of information
7. high cost
User Interface (Business
rules)
(Business rules)
Data Access
Suresh Chandra.Ch,
Research Scholar(K.U)
10
1. Fraud: with the advancement of internet technology the people who are
becoming fraud and doing fraud transactions are increasing. The mis use of
business transactions are keep growing and give in a tough question over the
performance of e-commerce.
2. Security: The e-commerce applications are not typical in nature. Hence, the
security problems are arising. The mis use of passwords and hacking the
transactions are keep growing. The security is posing another important tough
challenge to the e-commerce applications.
3. Legal Issues: The cyber crimes are also posing threats to the advancement of e-
commerce. The IT act 2000 is mainly enacted in order to restrict the cyber crimes
and the fraud and misuse of information are the majority of the cases filed in the
recent past.
4. Lack of skilled personnel: For countries, like in India, there is a huge demand
for skilled personnel. Lack of skilled personnel is also a threat as majority of the
middle and old age personnel are not skilled in computers and itnerent.
5. Lack of training and maintenance: Maintenance is also causing another
worrying factor for the e-commerce applications. Proper expertise is needed in
order to maintain the applications of e-commerce and at present, majority of the
companies are suffering from the lack of proper trainers for the employees and the
companies spending for maintenance cost is also increasing as they are hiring
with the services of outsiders.
6. High Cost: For maintenance and installation of several packages and programmes
to run e-commerce applications create high costs. And the high costs will also
generate to small companies to use e-commerce technology for their business
transactions.
Suresh Chandra.Ch,
Research Scholar(K.U)
11
UNIT II
EDT & INTRANET
Contents:
EDT
Technology and development of EDI
Intranets
Growth and benefits of intranets
Specific applications of Intranets
E-Commerce Standard
1). EDI
EDI refers to Electronic Data Interchange. EDI is the direct computer to
computer exchange between two organizations of standard business transaction
documents such as invoices, bill of lading (list of a ships cargo), purchase orders . It
saves money and time because transactions can be transmitted form one information
system to another through a tele-communications network, eliminating the printing and
handling of paper at one end and the inputting of data at the other.
The EDI standards were designed to be independent of communication and
software technologies. EDI can be transmitted using any methodology agreed to by the
sender and recipient. This includes a variety of technologies, including modem
(asynchronous, and bisynchronous), FTP, Email, HTTP, AS1, AS2, etc.
EDI differs from electronic mail in that it transmits an actual structured
transaction (fields like transaction date/amount, senders name, recipients name etc) in
contrast to an unstructured text message such as a letter. EDI consists of standardised
electronic message formats, for business documents such as requests for quotations,
purchase orders, purchase change orders, bills of lading, receiving advices and invoices.
Suresh Chandra.Ch,
Research Scholar(K.U)
12
APPLICATIONS OF EDI:
EDI is used in manufacturing, shipping, warehousing, utilities, pharmaceuticals,
construction, petroleum, metals, banking, insurance, retailing , government, healthcare,
and textiles among others.
The major benefits of EDI is cost reduction by eliminating paper document
handling and with faster electronic document transmission. The other important features
include:
1. Improvements in overall quality: By better record keeping, fewer errors in data,
reductions in processing time, less reliance on human interpretation of data,
minimised unproductive time.
2. Inventory reduction: it permits faster and more accurate filling of orders , helps
reduce inventory, assists in JIT(Just in Time) inventory management.
3. Provides better information: It provides accurate information and audit trails for
transactions, enabling business to identify areas offering the greater potential for
efficiency improvement or cost reduction.
4. Sending invoices: It can be used for sending invoices, purchase orders, custom
documents, shipping notices and other types of business documents in a fast and
expensive method.
5. Saves time: It saves time and manpower by avoiding the need to rekey data.
6. It eliminates the errors introduced by rekeying.
7. Data arrives much faster than it could be by mail, and there is an automatic
acknowledgement.
Limitations:
EDI provides lot of benefits to the organizations and suppliers and some
limitations are also restricts to use the Electronic Data Interchange. They are:
1. Applications of EDI costs very high to develop and operate. Specially new entrants
find this more difficult to use or have the EDI.
2. It does not allow consumers to communicate or transact with vendors in an easy way.
Hence it provides limited accessibility to the consumers and the subscribers must
subscribe to an online service called Value added network(VAN).
Suresh Chandra.Ch,
Research Scholar(K.U)
13
3. It need highly structure protocols, previously established arrangement, unique
proprietary bilateral information exchanges.
2). DEVELOPMENT OF EDI
EDI is a means of a communication being rapidly assimilated into every business
practice. The Process by which exchange of information through EDI, typically mirror-
image business applications owned by two or more are trading partners. The most
common trading partners are vendors and customers.
Historically, paper documents were prepared and mailed by the initiation of a
transaction, delivered through the postal system. This process required a significant
degree of human resource and represented non-value-added time in the business cycle.
Later, the telephone has become the most common means of a business interaction.
Recent advances in technology have partially addressed the problems from earlier
sources and the Electronic mail (E-mail) systems have been used for some time as an
intra organizational means of communicating effectively. E- mails inefficiency, as with
its close cousin the facsimile (FAX). Later, the e-mail, FAX, and voice mail, all require a
human being to interpret the transmitted informations content and react. Errors and time
were found problematic constraints. The problem for exchanging large volumes of
transactions was solved with the development in technology with computer punch cards
and magnetic tapes. Developments in telecommunications during the 1970s enabled
these transfers to move between partners even more rapidly. Later, the the creation of
TDCC( Transportation Data Coordinating committee) created the plot form for the
advanced development in EDI. Accredited Standards Committee X12 (ASC X12) was
established with an open membership which enabled the businesses to establish a single
software infrastructure to transform data, a process now termed translation to equate the
ASC X12 standard to its role as a common language for transaction and data exchange.
Technology of EDI
Suresh Chandra.Ch,
Research Scholar(K.U)
14
EDIs primary tool is software which transforms data from and to the defined
ASC X12 standard formats. Referring to this computer based process as translation
describes its true function. EDI begins and ends with business applications which share
data but have different methods of viewing and processing them. The buyer is assisted
by a firms purchasing system in placing an order for an item by part number, quantity,
unit price and delivery schedule. These data elements are received by the suppliers
order entry system and must be used to identify the product being purchasing, coordinate
delivery from inventory or schedule manufacturing and begin the billing cycle after
delivery is complete.
3). INTRANET
An intranet is a private network that uses Internet protocols to securely share any
part of an organization's information or operational systems with its employees.
Sometimes the term refers only to the organization's internal website, but often it is a
more extensive part of the organization's information technology infrastructure and
private websites are an important component and focal point of internal communication
and collaboration.
An intranet is built from the same concepts and technologies used for the Internet,
such as client-server computing and the Internet Protocol Suite (TCP/IP). Any of the well
known Internet protocols may be found in an intranet, such as HTTP (web services),
SMTP (e-mail), and FTP (file transfer). Internet technologies are often deployed to
provide modern interfaces to legacy information systems hosting corporate data.
4). GROWTH OF INTRANET
An intranet can be understood as a private version of the Internet, or as a private
extension of the Internet confined to an organization. The first intranet websites and
home pages began to appear in organizations in 1990 - 1991. Although not officially
noted, the term intranet first became common-place inside early adopters, such as
universities and technology corporations, in 1992.
Suresh Chandra.Ch,
Research Scholar(K.U)
15
Intranets differ from extranets in that the former are generally restricted to
employees of the organization while extranets may also be accessed by customers,
suppliers, or other approved parties. Extranets extend a private network onto the Internet
with special provisions for access, authorization and authentication.
5). BENEFITS AND APPLICATIONS OF INTRANETS
Workforce productivity: Intranets can also help users to locate and view
information faster and use applications relevant to their roles and responsibilities.
With the help of a web browser interface, users can access data held in any
database the organization wants to make available, anytime and - subject to
security provisions - from anywhere within the company workstations, increasing
employees' ability to perform their jobs faster, more accurately, and with
confidence that they have the right information. It also helps to improve the
services provided to the users.
Time: With intranets, organizations can make more information available to
employees on a "pull" basis (i.e., employees can link to relevant information at a
time which suits them) rather than being deluged indiscriminately by emails.
Communication: Intranets can serve as powerful tools for communication within
an organization, vertically and horizontally. From a communications standpoint,
intranets are useful to communicate strategic initiatives that have a global reach
throughout the organization. The type of information that can easily be conveyed
is the purpose of the initiative and what the initiative is aiming to achieve, who is
driving the initiative, results achieved to date, and who to speak to for more
information. By providing this information on the intranet, staff have the
opportunity to keep up-to-date with the strategic focus of the organization. Some
examples of communication would be chat, email, and or blogs.
Web publishing allows 'cumbersome' corporate knowledge to be maintained and
easily accessed throughout the company using hypermedia and Web technologies.
Examples include: employee manuals, benefits documents, company policies,
business standards, newsfeeds, and even training, can be accessed using common
Internet standards (Acrobat files, Flash files, CGI applications). Because each
Suresh Chandra.Ch,
Research Scholar(K.U)
16
business unit can update the online copy of a document, the most recent version is
always available to employees using the intranet.
Business operations and management: Intranets are also being used as a
platform for developing and deploying applications to support business operations
and decisions across the internet worked enterprise.
Cost-effective: Users can view information and data via web-browser rather than
maintaining physical documents such as procedure manuals, internal phone list
and requisition forms.
Promote common corporate culture: Every user is viewing the same
information within the Intranet.
Enhance Collaboration: With information easily accessible by all authorized
users, teamwork is enabled.
Cross-platform Capability: Standards-compliant web browsers are available for
Windows, Mac, and UNIX.
Built for One Audience: Many companies dictate computer specifications. This,
in turn, may allow Intranet developers to write applications that only have to work
on one browser (no cross-browser compatibility issues).
Knowledge of your Audience: Being able to specifically address your "viewer"
is a great advantage. Since Intranets are user specific (requiring database/network
authentication prior to access), you know exactly who you are interfacing with.
So, you can personalize your Intranet based on role (job title, department) or
individual ("Congratulations Jane, on your 3rd year with our company!").
Immediate Updates: When dealing with the public in any capacity,
laws/specifications/parameters can change. With an Intranet and providing your
audience with "live" changes, they are never out of date, which can limit a
company's liability.
Supports a distributed computing architecture: The intranet can also be linked
to a companys management information system, for example a time keeping
system.
Suresh Chandra.Ch,
Research Scholar(K.U)
17
6). EXTRANET
An extranet is a private network that uses Internet protocols, network
connectivity, and possibly the public telecommunication system to securely share
part of an organization's information or operations with suppliers, vendors, partners,
customers or other businesses. An extranet can be viewed as part of a company's intranet
that is extended to users outside the company, usually via the Internet.
Advantages
Exchange large volumes of data using Electronic Data Interchange (EDI)
Share product catalogs exclusively with trade partners
Collaborate with other companies on joint development efforts
Jointly develop and use training programs with other companies
Provide or access services provided by one company to a group of other
companies, such as an online banking application managed by one company on
behalf of affiliated banks
Share news of common interest exclusively.
EXTRANET STRUCTURE
Enterprise
Intranet
Electronic
Storefront
Information
Dissemination
Customer
Services
Business
Intelligence
Internet
Extranet
Logistics
Provider
Distributors Suppliers
Financial
Srvices
Knowledge
Management
Internal
Communication
Project
Management
Suresh Chandra.Ch,
Research Scholar(K.U)
18
7). E-Commerce Standards
The standards are generally used to represent the trust and authenticity of the object
or invention. The e-commerce standard will help the organizations to ensure that they are
equipped with the inputs that enable smooth flow of business transactions. Some of the
important e-commerce standards include:
1. Data communication standards ( these include LAN, inter connect software,
hardware)
2. Physical later( to get the data in bits between the computers)
3. Data link layer
4. Network layer
5. Transport layer
6. Presentation & application layers.
Suresh Chandra.Ch,
Research Scholar(K.U)
19
UNIT III
ELECTRONIC PAYMENT SYSTEMS
Contents:
Electronic Payment Systems
Banking network
Role of intermediaries
Post paid payment systems
Instant paid payment systems
Prepaid payment system
1. ELECTRONIC PAYMENT SYSTEMS
Today, many users make payments electronically rather than in person. Hundreds
of electronic payment systems have been developed to provide secure Internet
transactions. Electronic payment systems are generally classified into four categories:
credit card and debit cards; electronic cash; micro payment systems; and session-level
protocols for secure communications.
Suresh Chandra.Ch,
Research Scholar(K.U)
20
STRUCTURE OF E-PAYMENT SYSTEM
1.CREDIT CARD: A credit card is part of a system of payments named after the small
plastic card issued to users of the system. It is a card entitling its holder to buy goods and
services based on the holder's promise to pay for these goods and services. The issuer of
the card grants a line of credit to the consumer (or the user) from which the user can
borrow money for payment to a merchant or as a cash advance to the user.
2.DEBIT CARD: A debit card (also known as a bank card or check card) is a plastic card
that provides an alternative payment method to cash when making purchases.
Functionally, it can be called an electronic cheque, as the funds are withdrawn directly
from either the bank account, or from the remaining balance on the card. In some cases,
the cards are designed exclusively for use on the Internet, and so there is no physical
card.
The use of debit cards has become widespread in many countries and has overtaken the
cheque, and in some instances cash transactions by volume. Like credit cards, debit cards
Suresh Chandra.Ch,
Research Scholar(K.U)
21
are used widely for telephone and Internet purchases, and unlike credit cards the funds
are transferred from the bearer's bank account instead of having the bearer to pay back on
a later date.
Debit cards can also allow for instant withdrawal of cash, acting as the ATM card for
withdrawing cash and as a cheque guarantee card. Merchants can also offer
"cashback"/"cashout" facilities to customers, where a customer can withdraw cash along
with their purchase.
3. e-CASH: Electronic Cash (also known as e-money, , electronic currency, digital
money, digital cash or digital currency) refers to money or scrip which is exchanged only
electronically. Typically, this involves use of computer networks, the internet and digital
store value systems. Electronic Funds Transfer (EFT) and direct deposit are examples of
electronic money. Also, it is a collective term for financial cryptography and technologies
enabling it.
4. MICRO PAYMENT SYSTEMS: Micropayments are financial transactions involving
very small sums of money. PayPal defines a micropayment as a transaction of less than
12 USD and offers less expensive fees for micropayment transactions. A problem that has
prevented the emergence of feasible micropayment systems that allow payments of less
than a dollar is a need to keep costs for individual transactions low,
[2]
which is
impractical when transacting such small sums,
[3]
even if the transaction fee is just a few
cents.
5. SESSIONAL LEVEL PROTOCOLS: Sessional level protocols include a set of rules
which is used by computers to communicate with each other across a network. A protocol
is a convention or standard that controls or enables the connection, communication, and
data transfer between computing endpoints. In its simplest form, a protocol can be
defined as the rules governing the syntax, semantics, and synchronization of
communication. Protocols may be implemented by hardware, software, or a combination
of the two. At the lowest level, a protocol defines the behavior of a hardware connection.
e-CASH:
Suresh Chandra.Ch,
Research Scholar(K.U)
22
Electronic Cash (also known as electronic money, electronic currency, digital
money, digital cash or digital currency) refers to money or scrip which is exchanged only
electronically. Typically, this involves use of computer networks, the internet and digital
store value systems. Electronic Funds Transfer (EFT) and direct deposit are examples of
electronic money. Also, it is a collective term for financial cryptography and technologies
enabling it.
ECash is a legal form of computer-based currency that can be securely purchased
and withdrawn by credit card, Cheque, certified cheques, wire transfer, money order and
Electronic Cheque Processing (ECP). Users can also deposit to and withdraw from their
ECash Direct account using several third-party merchants' payment solutions.
2). BANKING NETWORK IN ONLINE COMMERCE
An overview of four elements of an online commerce or e-commerce and their
relationship to the bank is given below.
7. Update with
Account status
5. Obtain payment
authorization
4. Select goods
6. Confirm payment 3. Merchant system
1. Select a store 2. Link to merchant server
BANKING SYSTEM IN E-COMMERCE
Browser
(Consumer)
Website
Website
(Online shopping
mall)
Banking system
Suresh Chandra.Ch,
Research Scholar(K.U)
23
1. The consumer and the associated browser to interact with the consumer
2. The merchant system residing on an online web server with a connection to the
web browsers over the internet.
3. An online shopping mall that may help direct consumers to the merchant server.
4. The background banking network to support on-line payments from consumer to
the merchant.
1. Consumer and the Browser
A consumer interacts with the online commerce system through a web
browser. Typically, the consumer first accesses a shopping mall and then uses the
hyperlinks from the mall to access the merchants homepage.
2. Shopping Mall
A shopping mall is where most consumers first visit for a shopping spree. The
connection between the shopping mall and a merchants storefront are showing. There
will be several shopping malls and it may pay to enlist with one or more well known
shopping malls. Typically a merchant should be listed with several online shopping
malls.
3. Merchant System
A merchant system consists of a home page and related software to manage the
business.
4. Banking network
The banking network consists of several components. First, there is a bank
that processes the online financial transactions for the given merchants. This bank
maintains the accounts for the merchant, authorizes and processes the payments. The
merchants bank also maintains a link with the consumers bank for verifying the
transactions. The link between the merchant and its bank is often real-time so as to allow
on-line authorization of consumer payments. The consumers bank typically has an off-
line link to the consumer, for eg: a post a mail or e-mail.
Suresh Chandra.Ch,
Research Scholar(K.U)
24
In short, for a complete transaction, the following steps need to be executed a
complete transactions.
1. The consumer accesses (browses in internet) the shopping mall and selects a shop
for purchasing certain items.
2. The shopping mall server accesses the merchant system for the selected shop.
3. The merchant system presents the stores home page to the consumers. It also
includes information on the various goods available from this store.
4. The consumer selects the desired goods, interacts with the merchant system and
makes the payments.
5. the merchant system accesses it bank for authorization of the consumer payments
6. The merchant system informs the consumer that the payment is accepted and the
transactions is completed (At later time, the merchants bank obtains payment
from the consumers bank).
7. The consumers bank informs the consumer of the money transfer through mail
such as a monthly report or on-line bank account.
3). PREPAID PAYMENT SYSTEMS
Prepaid payment systems are one of the electronic payment systems. In this
system, the amount for the value of goods or services will be paid by the customers at the
time of purchase or in advance to receive a good or service.
These include:
1. Prepaid cards
2. Internet Accounts/Wallet/Purse
3. Mobile Accounts/Wallet/Purse
4. Remittance Cards ( Domestic or International)
i). PREPAID CARDS
1. Closed System Payment Instruments, which are not reloadable with cash and do not
permit cash withdrawal (for example: phone calling, prepaid voucher and gift vouchers)
Suresh Chandra.Ch,
Research Scholar(K.U)
25
2. Semi-Closed System Payment Instruments, used at merchant locations, and which can
be reloaded, but do not allow cash withdrawal (for example: cash cards and smart cards)
3. Semi-Open System Payment Instruments: these can be reloadable or non-reloadable,
and can be used at any point-of-sale terminal, but they do not allow cash withdrawal.
Eg: Gift cards issued by banks
4. Open System Payment Instruments: these can be re-loadable or non-reloadable, but
most importantly, they permit cash withdrawal at ATMs. Examples of such cards are the
Payroll cards and travel cards
ii). Internet Accounts/Wallet/Purse
Internet account or wallet is essentially a pre-paid transaction instrument, much
like Cash Card services like Itz Cash Card and Done Card, though with an Internet
Wallet, a user can withdraw money as well.
These are classified into:
1. Internet bank accounts
2. Internet virtual accounts with cash withdrawal across the globe
3. Wallets/ purse for specific usages with no cash withdrawal.
iii). Mobile Accounts
Mobile banking account with all features of traditional banking and cash. Mobile
accounts are also called as m-commerce. Mobile Commerce is any transaction, involving
the transfer of ownership or rights to use goods and services, which is initiated and/or
completed by using mobile access to computer-mediated networks with the help of an
electronic device. Mobile Commerce (also known as M-Commerce, mCommerce or U-
Commerce, owing to the ubiquitous nature of its services) is the ability to conduct
commerce, using a mobile device e.g. a mobile phone (cell phone), a PDA, a smart phone
and other emerging mobile equipment such as dashtop mobile devices.
iv). Remittance:
Across the globe; no limits and specified value for specific transaction and total during
the year.
Suresh Chandra.Ch,
Research Scholar(K.U)
26
4). POST PAID PAYMENT SYSTEM
Post Paid payment system can be divided into three categories:
I). Credit Cards
Credit card is plastic card which is issued by a bank. It is issued to customers of
high credit ranking. the necessary information is stored in magnetic form on the card. A
card holder can purchases the item from the shop or the showrooms and need not pay
cash. he has to flash the card in machine at the place where he is making purchases.
Banks issues credit card to the customers upto a certain limit. The customers can
purchase goods/services from the authorized showrooms without carrying physical cash
with them. The bills are present by the showroom to the authorized branch. This bills is
presented by the paying branch to the issuing branch. Issuing branch informs the
customer about the debit. Banks takes nominal charges for credit cards. Credit cards are
used for online purchases. The merchants likes credit cards because that they know that
they are issued by issuing bank on the basis of creditability of the credit holder and thus,
like cheques, they don't have the risk of bounced. The customers like purchasing through
credit cards because they do not get goods and services as per the term and condition,
they can cancel the transaction.
For on-line transactions, credit cards are the easiest method of payment. Credit card
payment for online transactions can be preformed by phones or by filling form on the
website. The credit card holder has to exercise great precautions. if it is lost, an FIR
should be lodged and the concerned bank should be informed immediately.
ii). Cyber Cash
Unlike Credit card, Cyber Cash is not directly involved in handlng funds. In
Cyber cash system, after deciding what is to be purchased the customer makes payment
to the merchant through credit card without disclosing the credit card number to him. The
credit card number sent to the merchant in encrypted form. The merchant forward the
Suresh Chandra.Ch,
Research Scholar(K.U)
27
encrypted payment with his private ket to the bank's Cyber Cash gateway server. The
bank's Cyber Cash gateway server decrypts the information, processes the transaction and
forwards it to the merchant's bank. The merchant's bank forwards the authorization
request to the customer's bank. The approval or denial code sent to back to Cyber Cash
gateway server which returns the approval or denial code the seller who then passes it on
the customer. This process takes 15-20 second.
iii). Internet Cheques
A cheque is a signed paper document that orders the signer's bank to pay an
amount of money to a person specified on the cheque or bearer from the signer's account
on or after a specified date. Cheques pass directly from the payer to the payee, so that the
timing or the purpose of the payment is clear to the payee. The payee can deposit the
cheque in an account of his choice. Banks operate extensive facilities to accept cheques
for deposit Process them internally and clear and settle between banks.
The electronic Cheque or e-cheque, is based on the idea that electronic documents
can be substituted for paper and public key cryptographic signatures can be substituted
for handwritten signatures. The e-cheques is designed to fit into current cheque practices
and system with minimum impact on payers, payees, banks and the financial system. The
payer writes a cheque by structuring an electronic document with the information legally
required to be in a cheque and cryptographically sign it. The payee receives the e-cheque,
verifies the payee's signature, writes out a deposit, and signs the deposit. The payee's
bank verifies the payers and payees signatures, credits the payees account and forwards
the cheque for clearing and settlement. Thus credit will not be a clear credit. it will be
float or temporary credit. to be confirmed after it has been cleared by the paying bank, in
the settlement process. The payee's bank verifies the payee's signature and debits the
payees account. The advantages of e-cheque are that cryptographic signatures on every
e-cheque can be verified at all points, while in paper cheques hand writing signatures are
rarely verified.
Suresh Chandra.Ch,
Research Scholar(K.U)
28
5). INSTANT PAID PAYMENT SYSTEMS
Instant paid payment systems include the following type of debit cards.
Debit card is a type of payment system in which we do not have to wait for days
together or months for getting payments, rather payments are made instantly. The use of
debit card payments has expanded rapidly over the past few years. A debit card is a card
that is used to access money in a saving account. Debit cards look like credit cards but
operate like cash. When debit cards are used, money is subtracted directly from the bank
account and money can be spent only up to the amount in, that account. Debit cards can
be used at Automated Teller Machines (ATMs) and some types are also accepted at many
grocery stores, retail stores, gas stations, and restaurants.
There are different types of debit cards:
i). Online Debit Card
Online debit cards are Personal Identification Number (PIN) based cards. The
cardholder's ATM or check card, PIN and a magnetic- stripe reader are used at the point
of sale provide fast, efficient online processing of purchases. Online cards based
transactions are called Electronic funds Transfers or EFTs. There is an immediate transfer
of money from buyer's bank account to the merchant's account. To access account, PIN is
entered in a keypad, as is done at an ATM. The system checks the accounts and transfers
enough money to cover the transactions. The merchant may charge a fee for this
transaction.
ii). Off-line Debit Card
Off-line debit cards are signature based cards and are often
referred to as check cards. They are available through bank and carry a credit cards logo
(such as Visa or Master cards). Unlike debit transaction, off-line purchases are debits to
the cardholder's account within 2 to 3 business days rather than immediately. Funds are
Suresh Chandra.Ch,
Research Scholar(K.U)
29
verified at the time of purchase and the merchant is guaranteed payment.
UNIT IV
E- SECURITY
Contents:
Security mechanisms
Healthy security policy and strategy
Use of Cryptography
Client based security
Server based security
1. SECURITY MECHANISMS
Security is the protection of any computer device, communication device or
network from unauthorized access to data, viruses etc.
CONCEPT OF E-SECURITY:
E-Security refers to the protection of electronic applications like software,
hardware, programs, mails and other features from unauthorized persons to access, share
or to use without a proper identity.
The basic security concepts in E-security are:
1. Confidentiality
2. Integrity
3. Availability
E-security is very important because as the internet is a collection of loosely
connected networks. There are so many varieties of hosts available to the hackers such as
Gateways, routers, dial-up connections and Internet service providers. The individual
hosts can access the former in a variety of ways, the intruders (who misuse the
confidential information) can access to the variety of information like:
Suresh Chandra.Ch,
Research Scholar(K.U)
30
Hardware and software
System configuration
Type of network connections
Phone numbers used
Access and authentication procedures.
i). ATTACKING METHODS
The attacking methods are the sources to the intruders to misuse the most valuable
information in the internet. Some of the important attacking methods are:
Gaining access to users account
Gaining privileged(confidential) access
Using the victims system as a launch platform for attacks on other sites.
Causing danger in less than 45 seconds
A decrease in productivity
A significant loss of credibility or market opportunity
A business no longer able to compete
Legal liability and
Loss of life
The important Security mechanisms include:
1. SET (Secure Electronic Transaction)
2. SSL (Security Socket Layer)
3. Hacking Security Tools
1. SECURE ELECTRONIC TRANSACTION (SET)
SET is a standard, designed to allow merchant transactions to occur across the
internet comparing to traditional transaction. The customer needs to have a valid
account set-up, they would thereafter receive a valid certificate with a public key to
authenticate the transaction.
Eg: A bank card account , credit card transactions etc.
Suresh Chandra.Ch,
Research Scholar(K.U)
31
FUNCTIONS OF SET: The important functions of SET are:
Provide for confidential payment information and enable confidentiality
Ensure integrity for all transmitted data.
Provide authentication that a buyer is a legitimate user of a branded bank card
account.
Provide authentication that a merchant can accept bank card payments
Ensure the use of the best security practices and design techniques to protect all
legitimate nor prevents their use.
SET offers buyers more security than is available in the commercial market.
Cardholders, merchants and the financial institutions each retain SET certificates that
identify them and the public keys associated with their digital identities.
2. SSL (SECURITY SOCKET LAYER)
SSL is a technology that encrypts or codes the packets of information sent over the
internet so that only the sending and receiving computer can reassemble and read the
information.
The combination of SSL and certificates make transactions very secure.
Many companies use the SSL method developed by Netscape Communication.
Netscape communications proposed a protocol for providing data security
layered between high-level application protocols and TCP/IP
3. HACKING SECRUTIY TOOLS
The Hacker is a computer enthusiast who gains unauthorized access to a computer
or network. A person who enjoys exploring the details of programmable systems and
how to stretch their capabilities, as opposed to most users, who prefer to learn only the
minimum necessary.
One who programs enthusiastically (even obsessively) or who enjoys
programming rather than just theorizing about programming.
A person who is good at programming quickly.
Suresh Chandra.Ch,
Research Scholar(K.U)
32
An expert at a particular program, An expert or enthusiast of any kind.
One who enjoys the intellectual challenge of creatively overcoming or
circumventing limitations. A malicious meddler who tries to discover
sensitive information by poking around. Hence "password hacker",
"network hacker".
HACKING SECURITY TOOLS
Hacking refers to the hobby/ profession of working with computers. Hacking is
defined as the unauthorized or illegal process of breaking into computer systems.
A hacking tool is a program designed to assist with hacking, or a legitimate
utility that can also be used for hacking. The important hacking security tools are:
1. Cryptology and Encryption
2. Kerberos
3. Security protocols
4. Digital signatures
5. Firewall security
6. UNIX security etc.
4).USE OF CRYPTOLOGY:
Cryptography or cryptology is a protection method that secures information by its
confidentiality. It is used to protect information about the integrity and authentication of
data.
Cryptography is used to prevent from unauthorized view of mails, messages,
information from the internet.
Cryptology is the interdisciplinary of mathematics, computer science and
engineering.
The applications of cryptography include ATM cards, computer passwords, and
electronic commerce.
Encryption is the powerful tool of cryptography which is used for ensurity.
Cryptography is used in the second world war-II period also to send highly
secured messages to the very high level general staff messages by the Germany.
Eg:
Suresh Chandra.Ch,
Research Scholar(K.U)
33
ii). Encryption:
In cryptography, encryption is the process of transforming information (referred
to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except
those possessing special knowledge, usually referred to as a key. The result of the process
is encrypted information (in cryptography, referred to as cipher text).
The word encryption also refers to the reverse process, decryption to make the
encrypted information readable again (i.e. to make it unencrypted).
Encryption has long been used by militaries and governments to facilitate secret
communication. Encryption is now commonly used in protecting information within
many kinds of civilian systems. In recent years there have been numerous reports of
confidential data such as customers' personal records being exposed through loss or theft
of laptops or backup drives. Encrypting such files at rest helps protect them should
physical security measures fail. Digital rights management systems which prevent
unauthorized use or reproduction of copyrighted material and protect software against
reverse engineering are another somewhat different example of using encryption on data
at rest.
Encryption is also used to protect data in transit, for example data being
transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless
microphones, wireless intercom systems, Bluetooth devices and bank automatic teller
machines. There have been numerous reports of data in transit being intercepted in recent
Suresh Chandra.Ch,
Research Scholar(K.U)
34
years. Encrypting data in transit also helps to secure it as it is often difficult to physically
secure all access to networks.
iii). KERBEROS
MIT(Massachusetts Institute of Technology (MIT)) developed Kerberos to protect
network services provided by Project Athena. The protocol was named after the Greek
mythological character Kerberos (or Cerberus), known in Greek mythology as being the
monstrous three-headed guard dog of Hades.
Kerberos is a popular third-party authentication protocol. It is an encryption-
based system that uses secret key encryption designed to authenticate users and network
connections. It provides an authentication means in an open network.
iv). PASSWORD
A password is a secret word or string of characters that is used for authentication,
to prove identity or gain access to a resource (example: an access code is a type of
password). The password must be kept secret from those not allowed access.
Banks, hospitals, and other businesses are requiring usernames and passwords to
gain access to their sites. Free e-mail sites, newspapers and even game sites require
usernames and passwords. Often the requirement to use usernames and passwords is
imposed to gain marketing data.
Passwords are not displayed on the screen, when they are typed into
prevent anyone else from reading them. User passwords are generally encrypted using the
DES algorithm. Once a password is encrypted, it cannot be decrypted back to its text
format. This helps to prevent hackers from reading the password file and stealing
passwords. Users have the responsibility for the maintenance of their passwords.
A user can change passwords at his will periodically or as necessary, unless the
administrator has set up password aging mechanisms, which forces the user to change
the password at regular intervals.
v). KEYS:
In cryptography, a key is a piece of information (a parameter) that determines the
functional output of a cryptographic algorithm or cipher. Without a key, the algorithm
would have no result. In encryption, a key specifies the particular transformation of
plaintext into cipher text, or vice versa during decryption. Keys are also used in other
Suresh Chandra.Ch,
Research Scholar(K.U)
35
cryptographic algorithms, such as digital signature schemes and message authentication
codes.
vi). DIGITAL SIGNATURE
A digital signature or digital signature scheme is a mathematical scheme for
demonstrating the authenticity of a digital message or document. A valid digital signature
gives a recipient reason to believe that the message was created by a known sender, and
that it was not altered in transit. Digital signatures are commonly used for software
distribution, financial transactions, and in other cases where it is important to detect
forgery and tampering.
Digital signatures are often used to implement electronic signatures, a broader
term that refers to any electronic data that carries the intent of a signature,
[1]
but not all
electronic signatures use digital signatures.
[2][3][4]
In some countries, including the United
States, and members of the European Union, electronic signatures have legal
significance. However, laws concerning electronic signatures do not always make clear
whether they are digital cryptographic signatures in the sense used here, leaving the legal
definition, and so their importance, somewhat confused.
Digital signatures employ a type of asymmetric cryptography. For messages sent
through an insecure channel, a properly implemented digital signature gives the receiver
reason to believe the message was sent by the claimed sender. Digital signatures are
equivalent to traditional handwritten signatures in many respects; properly implemented
digital signatures are more difficult to forge than the handwritten type.
A digital signature scheme typically consists of three algorithms:
A key generation algorithm that selects a private key uniformly at random from a
set of possible private keys. The algorithm outputs the private key and a
corresponding public key.
A signing algorithm which, given a message and a private key, produces a
signature.
Suresh Chandra.Ch,
Research Scholar(K.U)
36
A signature verifying algorithm which given a message, public key and a
signature, either accepts or rejects the message's claim to authenticity.
Two main properties are required. First, a signature generated from a fixed
message and fixed private key should verify the authenticity of that message by using the
corresponding public key. Secondly, it should be computationally infeasible to generate a
valid signature for a party who does not possess the private key.
SECURED PROTOCOLS
Security protocol (cryptographic protocol or encryption protocol) is an abstract or
concrete protocol that performs a security-related function and applies cryptographic
methods.
A protocol describes how the algorithms should be used. A sufficiently detailed protocol
includes details about data structures and representations, at which point it can be used to
implement multiple, interoperable versions of a program.
Cryptographic protocols are widely used for secure application-level data transport.
The prominent secure transmission protocols to secure web communications are:
1. Secure sockets layer(SSL)
2. Secure HTTP(S-HTTP)
FIREWALL
A firewall is a piece of software or hardware that helps screen out hackers, viruses, and
worms that try to reach your computer over the Internet. If you are a home user or small-
business user, using a firewall is the most effective and important first step you can take
to help protect your computer.
It is important to turn on your firewall and antivirus software before you connect to the
Internet.
Suresh Chandra.Ch,
Research Scholar(K.U)
37
A firewall is a part of a computer system or network that is designed to block
unauthorized access while permitting authorized communications. It is a device or set of
devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer
traffic between different security domains based upon a set of rules and other criteria.
Firewalls can be implemented in either hardware or software, or a combination of both.
Firewalls are frequently used to prevent unauthorized Internet users from accessing
private networks connected to the Internet, especially intranets. All messages entering or
leaving the intranet pass through the firewall, which examines each message and blocks
those that do not meet the specified security criteria
EXAMPLES OF FIREWALL USAGE
4. CLIENT BASED SECURITY
Suresh Chandra.Ch,
Research Scholar(K.U)
38
Client based security uses various authorization methods to make sure that only
valid users and programs have access to information resources such as databases.
Password protection, encrypted smart cards, biometrics, and firewalls are some of the
important client based security tools used for the protection from unauthorized access.
Client server network is one of the vital challenges for clients. Network
security on the Internet is a major concern for commercial organizations, especially top
management. By connecting to the Internet, a local network organization may be
exposing itself to the entire population on the internet. Internet connection effectively
breaches the physical security perimeter of the corporate network and opens itself to
access from other networks comprising the public Internet.
Client based security problems falls under three categories.
1. Physical security holes
2. Software Security holes
3. Inconsistent usage holes.
1. Physical Security holes: It result when individuals gain unauthorized physical
access to a computer. A good example is the work place, where it would be easy
for a hack to reboot a machine into single-user mode and tamper with the files, if
precautions are not taken. On the network, this is also a common problem, as
hackers gain access to network systems by guessing passwords of various users.
2. Software Security holes: It results when badly written programs or privilege
software are compromised into doing thing they should not. Send mail and
rlogin are some of the important problem which enable a cracker to create a root
shell or super user access mode. This problem can cause deleting of entire file
system, or create a new account r password file resulting in incalculable damage.
3. Inconsistent usage holes: It results when a system administrator assembles a
combination of hardware and software such that he system is seriously flawed
from a security point of view. The incompatibility of attempting two unconnected
but useful things creates the security hole. Problem like this are difficult o isolate
Suresh Chandra.Ch,
Research Scholar(K.U)
39
once a system is et up and running, so it is better to carefully build the system
with them in mind.
To reduce these security problems and threats, various protection methods are
developed. At the file level, operating systems typically offer mechanisms such as access
control lists that specify the resources various users and groups are entitled to access.
Some of the important security mechanisms that help the clients (users) of a
system are:
1. Security through obscurity: Hiding account passwords in binary files or scripts.
2. Password schemes: Using a minimum of eight character length mixed case
passwords containing at least one non-alphanumeric character and changing
passwords every 60 to 90 days.
3. Biometric Systems: The most secure level of authorization, involve some unique
aspect of a persons body. It involves a person to stick a finger or a hand into a
slot, or sign their name, or still while an optical system scans their eye ball. This
biometric systems are expensive ones and are only used
5). SERVER BASED SECURITY
Servers can be affected from the threats which consist of unauthorized
modification of server data, unauthorized eavesdropping or modification of incoming
data packets, and compromise of a server system by exploiting bugs in the server
software. Compared to stand-alone systems, network servers are much more susceptible
to attacks where legitimate users are impersonated.
Servers can also be attacked with threats such as denial of service, where a user
can render the system unusable for legitimate users by hogging a resource by damaging
or destroying resources so that they cannot be used. The two most common forms of
denial of service attacks are service over loading and message flooding.
Suresh Chandra.Ch,
Research Scholar(K.U)
40
In service overloading, one can easily overload a WWW server by writing a small loop
that sends request continually for a particular file, for example, a home page. Denial of
service attacks may be caused intentionally or unintentionally by runaway software
programs such as those caught in an infinite loop.
Message overloading occurs when someone sends a very large file to a message
box every few minutes. The message box rapidly grows in size and begins to occupy all
the space on the disk and increases the number of receiving processes on the recipients
machine, tying it up even more and often causing a disk crash.
Security tools for Server based security:
To counter the server threats, some of the important concepts emerged in the area
of network security on the internet are:
1. Firewalls
2. IP packet screening Routers
3. Proxy application Gateways
4. Hardened Firewall Hosts
1. FIREWALLS:
Firewall is a protection device to shield vulnerable areas from some form of
danger. In the context of the Internet, a firewall is a system a router, a personal
computer, a host or a collection of hosts set up specifically to shiled a site or subnet from
protocols and services that can be abused from hosts on the outside of the subnet.
Firewall is a basically a method placing a device a computer or a router - between gthe
network and the Internet to control and monitor all traffic between the outside world and
the local network.
2. IP PACKET SCREENIGN ROUTERS
This is static traffic routing service placed between the network service providers
router and the internal network. The traffic routing service may be implemented at an IP
level via screening rules in a router or at an application level via proxy gateways and
servers.
Suresh Chandra.Ch,
Research Scholar(K.U)
41
3. PROXY APPLICATION GATEWAYS
Proxy application gateway is a special server that typically runs on a firewall machine.
Their primary use is access to applications such as the World Wide Web from with in a
secure perimeter. Instead of talking directly to external WWW servers, each request
from the client would be routed to a proxy on the firewall that is defined by the user. The
proxy is known as how to get through the firewall.
4. HARDENED FIREWALL HOSTS
A Hardened firewall host is stripped down machine that has been configured for
increased security. This type of firewall requires inside or outside users to connect to the
trusted applications on the firewall machine before connecting further. Generally, these
firewalls are configured to protect against unauthenticated interactive logins from the
external world.
Hardened host requires the following steps.
They are:
1. Removing all user accounts except those necessary for operation of the firewall.
2. Removing all no crucial files and executables, especially network serer programs
and client programs.
3. Extending traffic logging and monitoring to check remote access.
4. Disabling IP forwarding to prevent the firewall from forwarding unauthorized
packets between the internet and the enterprise network.
Suresh Chandra.Ch,
Research Scholar(K.U)
42
UNIT V
MARKETING STRATEGIES ON WEB
Contents:
Web design
Attracting visitors to website
Direct marketing
Virtual societies
Banner and campaigning
Online shopping
Shopping solutions
1. MARKETING ON WEB OR ONLINE MARKETING:
Online marketing, also known as digital marketing, web marketing, internet
marketing, search marketing or e-marketing, is referred to as the marketing (generally
promotion) of products or services over the Internet. iMarketing is used as an abbreviated
form for Internet Marketing.
Internet marketing is considered to be broad in scope because it not only refers to
marketing on the Internet, but also includes marketing done via e-mail and wireless
media. Digital customer data and electronic customer relationship management (ECRM)
systems are also often grouped together under internet marketing.
Internet marketing ties together the creative and technical aspects of the Internet,
including design, development, advertising, and sales.
Internet marketing also refers to
the placement of media along many different stages of the customer engagement cycle
through search engine marketing (SEM), search engine optimization (SEO), banner ads
on specific websites, email marketing, mobile advertising, and Web 2.0 strategies.
1. WEB DESIGN
Suresh Chandra.Ch,
Research Scholar(K.U)
43
Web design is the process of planning and creating a website.
Text, images, digital media and interactive elements are shaped by the web
designer to produce the page seen on the web browser.
Typically, a web design consists of the following sources. They are:
1. Clients and Servers
2. Internet service providers
3. Internet service providers
4. Website hosting services
5. Domain names, URLs and IPs
6. Registrars
1. CLIENTS AND SERVERS
A client is a person who requires having a website. Typically all the
people who want to get the ownership of a website is regarded as clients. The servers
are the providers of the website and internet.
2. INTERNET SERVICE PROVIDERS
The internet service providers are the providers of the internet connection. In
India, the internet service providers are BSNL, Vodafone, TATA, Reliance, Idea etc.
They provide the internet service to the systems and the internet service is needed to
view the web pages in the internet of a system.
3. WEBSITE HOSTING SERVICES
These provide the services to connect the website or webpage to the internet.
The web service providers will charge the amount from the clients and enlist the
websites to the internet. Web hosting services include:
Computer (server)
Web server software
Firewall hardware and software
IT services
(Backup, troubleshooting, hardware repair)
Disk space
Bandwidth / connection to internet
Suresh Chandra.Ch,
Research Scholar(K.U)
44
Routers and switchers
Email server / storage
4. DOMAINS URLS AND IPs
The specific address of a computer on the Internet. The domain indicates the name or
title of a web site or webpage. The domain names are unique in nature and a client who
wants to create a website should ensure that the title or name which suggest is not
registered and not used. There are several classifications are there for domain names.
The extensions include .com, .org, .edu, .in , .net etc.
Eg:
microsoft.com
Uniform Resource Locator (URL): URL is very vital in order to display the contents
of a web page. URL will also help to display the sub pages of a web page.
Eg:
http://www.microsoft.com/faqs.html
An Internet Protocol address (IP address) is a numerical label assigned to each device
(e.g., computer, printer) participating in a computer network that uses the Internet
Protocol for communication.
An IP address serves two principal functions: host or
network interface identification and location addressing. Its role has been characterized as
follows: "A name indicates what we seek. An address indicates where it is. A route
indicates how to get there.192.168.1.1
5. DOMAIN REGISTRAR
A company that provides domain name registration services for a fee.
Maintain database which maps domain names to IPs
Propagate new domain name/IP address information across the internet
STEPS TO DESIGN A WEBPAGE: The following are the important steps in the
creation of a web page. They are:
1. Choose a domain name
2. Register with a Registrar
Suresh Chandra.Ch,
Research Scholar(K.U)
45
3. Choose a hosting service
4. Tell Registrar the IP address
5. Create web content
6. Store (publish) onto hosting server (FTP)
7. Submit new site to search engines
2). PRINCIPLES OF GOOD WEB DESIGN TO ATTRACT VISITORS
The following principles help the visitors to attract a web page. A good web
design is possible only, if the client as well as designer considers the following issues.
1. Visitor-centric, clear purpose
2. Progressive disclosure
3. Displays quickly
4. Browser compatible
5. Intuitive navigation
6. Spelling, grammar, writing
7. Secure (eCommerce)
8. Attractive design, easy to read
9. Cultural bias? (Regional? Domestic? International?)
10. No technical problems (broken links, buggy scripts)
11. Maintainable (separate content from style)
12. Search Engine Accessible
3). ONLINE SHOPPING
Online shopping is the process whereby consumers directly buy goods or services
from a seller in real-time, without an intermediary service, over the Internet.
It is a form of electronic commerce. An online shop, eshop, e-store, internet shop,
webshop, webstore, online store, or virtual store evokes the physical analogy of
buying products or services at a bricks-and-mortar retailer or in a shopping centre.
The process is called Business-to-Consumer (B2C) online shopping. When a
business buys from another business it is called Business-to-Business (B2B)
online shopping.
Suresh Chandra.Ch,
Research Scholar(K.U)
46
Online shoppers commonly use a credit card to make payments, however some systems
enable users to create accounts and pay by alternative means, such as:
Billing to mobile phones and landlines
Cash on delivery (C.O.D., offered by very few online stores)
Cheque
Debit card
Direct debit in some countries
Electronic money of various types
Gift cards
Postal money order
Wire transfer/delivery on payment
Egs: 1. www.ebay.in
2. www. amazon.com
3. shopping.rediff.com
4). VIRTUAL COMMUNITY (OR) VIRTUAL SOCIETIES:
A virtual community is a social network of individuals who interact through
specific media, potentially crossing geographical and political boundaries in order to
pursue mutual interests or goals. One of the most pervasive types of virtual community
includes social networking services, which consist of various online communities.
Suresh Chandra.Ch,
Research Scholar(K.U)
47
The explosive diffusion of the Internet since the mid-1990s has also fostered the
proliferation of virtual communities taking the form of social networking services and
online communities. The nature of those communities is diverse, and the benefits that
Rheingold envisioned are not necessarily realized, or pursued, by many. At the same
time, it is rather commonplace to see anecdotes of someone in need of special help or in
search of a community benefiting from the use of the Internet.
Types of virtual communities (or) Virtual Societies
1. Internet message boards
An online message board is a forum where people can discuss thoughts or ideas
on various topics. Online message centers allow users to choose which thread, or board of
discussion, users would like to read or contribute to. A user will start a discussion by
making a post on a thread. Other users who choose to respond can follow the discussion
by adding their own post to that thread. Message boards are not conversation based
because user responses do not have to take place right away. Whenever the user revisits
the message board, he/she can make a response. Unlike a conversation, message boards
do not have an instantaneous response and require that users actively go to the site to
check for responses.
Anyone can register to participate in an online message board. A message board is unique
because people can choose to participate and be apart of the virtual community, even if
they choose not to contribute their thoughts and ideas. Registered users can simply view
the various threads or contribute if they choose to.
2. Online chat rooms
Shortly after the rise of interest in message boards and forums, people started to
want a way of communicating with their "communities" in real time. The downside to
message boards was that people would have to wait until another user replied to their
posting, which, with people all around the world in different time frames, could take
awhile. The development of online chat rooms allowed people to talk to whoever was
Suresh Chandra.Ch,
Research Scholar(K.U)
48
online at the same time they were. This way, messages were sent and online users could
immediately respond back.
Chat room users communicate through text based messaging. Most chat room
providers are similar and include an input box, a message window, and a participant list.
The input box is where users can type their text based message to be sent to the providing
server. The server will then transmit the message to the computers of anyone in the chat
room so that it can be displayed in the message window. The message window allows the
conversation to be tracked and usually places a time stamp once the message is posted.
There is usually a list of the users who are currently in the room, so that people can see
who is in their virtual community.
3). Virtual worlds
Virtual worlds are the most interactive of all virtual community forms. In this type
of virtual community, people are connected by living as an avatar in a computer-based
world. Users create their own avatar character (from choosing the avatar's outfits to
designing the avatar's house)and control their character's life and interactions with other
characters in the 3-D virtual world. It is similar to a computer game, however there is no
objective for the players. A virtual world simply gives users the opportunity to build and
operate a fantasy life in the virtual realm. Characters within the world can talk to one
another and have almost the same interactions people would have in reality. For example,
characters can socialize with one another and hold intimate relationships online. This
type of virtual community allows for people to not only hold conversations with others in
real time, but also to engage and interact with others. The avatars that users create are like
humans. Users can choose to make avatars like themselves, or take on an entirely
different personality than them.
4. Social network services
Social networking services are the most prominent type of virtual community.
They are either a website or software platform that focuses on creating and maintaining
relationships. Facebook, Twitter, and Myspace are all virtual communities. With these
sites, one often creates a profile or account, and adds friends or follow friends. This
Suresh Chandra.Ch,
Research Scholar(K.U)
49
allows people to connect and look for support using the social networking service as a
gathering place. These websites often allow for people to keep up to date with their
friends and acquaintances activities without making much of an effort.
WEB BANNER AND CAMPAIGNING
A web banner or banner ad is a form of advertising on the World Wide Web
delivered by an ad server. This form of online advertising entails embedding an
advertisement into a web page. It is intended to attract traffic to a website by linking to
the website of the advertiser. The advertisement is constructed from an image (GIF,
Flash, often employing animation, sound, or video to maximize presence. Images are
usually in a high-aspect ratio shape (i.e. either wide and short, or tall and narrow) hence
the reference to banners. These images are usually placed on web pages that have
interesting content, such as a newspaper article or an opinion piece. Affiliates earn money
usually on a CPC (cost per click) basis. For every unique user click on the ad, the affiliate
earns money.
The web banner is displayed when a web page that references the banner is loaded
into a web browser. This event is known as an "impression". When the viewer clicks on
the banner, the viewer is directed to the website advertised in the banner. This event is
known as a "click through". In many cases, banners are delivered by a central ad server.
When the advertiser scans their logfiles and detects that a web user has visited the
advertiser's site from the content site by clicking on the banner ad, the advertiser sends
the content provider some small amount of money.
Web banners function the same way as traditional advertisements are intended to
function: notifying consumers of the product or service and presenting reasons why the
consumer should choose the product in question, although web banners differ in that the
results for advertisement campaigns may be monitored real-time and may be targeted to
the viewer's interests. Behavior is often tracked through the use of a click tag.
Banner ads
Suresh Chandra.Ch,
Research Scholar(K.U)
50
Located on Web pages, act like small billboards, usually contain graphics
and an advertising message
Benefits include:
Increased brand recognition, exposure and possible revenue
Side panel ads or skyscraper banners
Advertisements that lie vertically on Web sites
Placing logo on banners will enhance brand recognition
DIRECT MARKETING
Direct marketing is the process where the marketers directly interact with the
customers to sell their goods and services. Direct marketing is also called as face to face
marketing. The important sources for Direct Marketing are:
1. Direct marketing through telephone
2. Direct marketing through web
3. Door-to door marketing
4. E-mail Marketing
Eg: Dell Company markets and sells its laptops directly through its website. Such
practices will help the companies to avoid the intermediaries and the cost for the product
can also be decreased.
Suresh Chandra.Ch,
Research Scholar(K.U)
51
i). Direct marketing through web:
Direct marketing helps the marketers to directly interact with the
customers. This feature helps the marketers to easily promote the products and
services through banner ads and online advertisements. The customers can
also benefit with the view of many products and services in front of a system.
Direct marketing helps the marketers to reduce the cost of promotion and enable
the sales that can be done directly with the customers with out the help of
marketing intermediaries.
ii). Email Marketing
Sending marketing messages through email is one of the most widely used direct-
marketing methods. According to one study,email is used by 94% of marketers, while
86% use direct mail. One reason for email marketing's popularity is that it is relatively
inexpensive to design, test, and send an email message. It also allows marketers to deliver
messages around the clock, and to accurately measure responses.
Online Tools
With the expansion of digital technology and tools, direct marketing is increasingly
taking place through online channels. Most online advertising is delivered to a focused
group of customers and has a trackable response.
Display Ads are interactive ads that appear on the Web next to content on Web
pages or Web services. Formats include static banners, pop ups, videos, and
floating units. Customers can click on the ad to respond directly to the message or
to find more detailed information. According to research by eMarketer,
expenditures on online display ads rose 24.5% between 2010 and 2011.
Search: 49% of US spending on Internet ads goes to search, in which advertisers
pay for prominent placement among listings in search engines whenever a
potential customer enters a relevant search term, allowing ads to be delivered to
customers based upon their already-indicated search criteria. This paid placement
Suresh Chandra.Ch,
Research Scholar(K.U)
52
industry generates more than $10 billion dollars for search companies. Marketers
also use search engine optimization to drive traffic to their sites.
Social Media Sites, such as Facebook and Twitter, also provide opportunities for
direct marketers to communicate directly with customers by creating content to
which customers can respond.