E - Commerce-Cropped

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 222

PONDICHERRY UNIVERSITY

(A Central University)

DIRECTORATE OF DISTANCE EDUCATION

E- Commerce
(Paper Code:BCOM2005)

Bachelor of Commerce - B.Com

II Year

DDE – WHERE INNOVATION IS A WAY OF LIFE


B.Com – 2nd Year Paper Code: BCOM 2005
PAPER X - E – COMMERCE
UNIT -I
E – Commerce: Meaning, definition, features, functions of E-Commerce, Scope, Benefits and
limitations of E-Commerce – The Internet and India – E-commerce opportunities and challenges
for Industries.

UNIT –II
Business Models for E-commerce: The Birth of Portals – E-Business Models – Business-to-
Consumer (B2C) – Business-to-Business (B2B) – Consumer-to Consumer (C2C) – Consumer- to-
Business (C2B) – Brokerage Model – Value Chain Model – Advertising Model.
UNIT –III
E-marketing – Traditional Marketing Vs.E-Marketing – Impact of E-commerce on markets –
Marketing issues in E-Marketing – Online Marketing – E-advertising – Internet Marketing
Trends – E-Branding – Marketing Strategies.
UNIT – IV
E-payment Systems: Digital payment Requirements – Digital Token-based E-payment systems –
Benefits to Buyers – Benefits to Sellers – Credit card as E-payment system – Mobile payments –
smart card cash payment system – Micropayment system – E- Cash.
UNIT –V
E-Finance: Areas of Financing, E-Banking - Traditional Banking Vs. E-Banking – Operations in
E-Banking – E-Trading – Stock Market trading – Importance and advantages of E-Trading.
UNIT –VI
Legal Framework for E-Commerce: E-Commerce Legal Framework – Rights and Obligations in
the World of E-commerce – Copyrights – Defamation – Privacy – Contracts – Taxation –
Signing a contract Electronically – Domain name and Registration.
UNIT –VII
E-Security: Security for E-commerce – Security Design – Analysing risk – E-Banks and Security
– safety of E-Commerce – Online Shopping with confidence – Firewalls for system Integrity –
Virus Protection and Protection from intruders.
UNIT –VIII
Mobile Commerce: Challenges of E-commerce – Global Mobile E-Commerce – Secure Mobile
Commerce – Secured Payments through Mobile – First Mobile Commerce Service.

TEXT BOOK:
Joseph P. T., E - Commerce – An Indian Perspective

REFERENCE:
Jaiswal S., E-Commerce
Mohammad Mahmoudi Maymand, E-Commerce
Murthy C.S.V., E-Commerce - Concepts, Models and Strategies

1
UNIT – I
E-Commerce
LEARNING OJECTIVES
After studying this lesson, you will be able to:
 Understand the concept of E-Commerce
 Know the Characteristics of E-Commerce
 Explain the functions of E-Commerce
 Define the scope of E-Commerce
 Recognize the benefits and limitations of e-commerce
 Identify E-Commerce opportunities and challenges

CONTENTS
1.1 Introduction
1.2 Meaning of E-Commerce
1.3 Definitions of E-Commerce
1.4 Features of E-Commerce
1.5 Functions of E-Commerce
1.6 Scope of E-Commerce
1.7 Benefits and limitations of E-Commerce
1.8 Internet and India
1.9 Opportunities and challenges
1.10 Future scope and growth
1.11 Summary
1.12 Key Terms
1.13 Self Evaluation Questions

1.1 Introduction
WE are living in e-century. The Internet and information and communications
technologies (ICT) are central to economic growth and productivity. Internet-based technologies
and networks can increase productivity, decrease costs and open new market opportunities.
Now-a-days, using the Internet and email to conduct business is not uncommon.
However, lack of technical and management skills in Information and Communications
Technology is a barrier. There are a wide variety of resources available to help you to improve

2
your e-commerce skills. Simply, decide what skills you need and identify the appropriate
resources to help you to build those skills.
The skills that may be required range from basic abilities, like word processing and
Internet navigation, to more complex capabilities such as designing and building websites and
database management.
There are a range of resources to help you broaden your understanding of the e-
commerce environment and develop your technical skills. These include online resources, books
and magazines, seminars and training courses.
Keeping this in mind, a summary on the background of Electronic Commerce is being
provided.
1.2 E-Commerce: Meaning
E-Commerce or Electronics Commerce is a methodology of modern business which
addresses the need of business organizations, vendors and customers to reduce cost and improve
the quality of goods and services while increasing the speed of delivery. E-commerce refers to
paperless exchange of business information using following ways.
 Electronic Data Exchange (EDI)
 Electronic Mail (e-mail)
 Electronic Bulletin Boards
 Electronic Fund Transfer (EFT)
 Other Network-based technologies

The concept of e-commerce is all about using the internet to do business better and faster.

E-commerce is the process of buying and selling over the Internet, or conducting any
transaction involving the transfer of ownership or rights to use goods or services through a
computer-mediated network without using any paper document.
Electronic commerce or e-commerce refers to a wide range of online business activities
for products and services. It also pertains to “any form of business transaction in which the
parties interact electronically rather than by physical exchanges or direct physical contact.”
Business transacted through the use of computers, telephones, fax machines, barcode
readers, credit cards, automated teller machines (ATM) or other electronic appliances without

3
the exchange of paper-based documents. It includes procurement, order entry, transaction
processing, payment authentication, inventory control, and customer support.
E-commerce is subdivided into three categories: business to business or B2B
(Cisco), business to consumer or B2C (Amazon), and consumer to consumer or C2C (eBay) also
called electronic commerce.
E-commerce the phrase is used to describe business that is conducted over the Internet
using any of the applications that rely on the Internet, such as e-mail, instant messaging,
shopping carts, Web services, UDDI, FTP, and EDI, among others.
A type of business model, or segment of a larger business model, that enables a firm or
individual to conduct business over an electronic network, typically the internet. Electronic
commerce operates in all four of the major market segments: business to business, business to
consumer, consumer to consumer and consumer to business.
Ecommerce has allowed firms to establish a market presence, or to enhance an existing
market position, by providing a cheaper and more efficient distribution chain for their products
or services.

1.2.1 Examples of E-Commerce

 An individual purchases a book on the Internet.


 A government employee reserves a hotel room over the Internet.
 A business calls a toll free number and orders a computer using the seller's interactive
telephone system.
 A business buys office supplies on-line or through an electronic auction.
 Retailer orders merchandise using an EDI network or a supplier's extranet.
 A manufacturing plant orders electronic components from another plant within the
company using the company's intranet.
 An individual withdraws funds from an automatic teller machine (ATM).
 Accepting credit cards for commercial online sales
 Driving information through a company via its intranet
 Driving manufacturing and distribution through a value chain with partners on an
extranet
 Selling to consumers on a pay-per-download basis, through a Web site, etc

4
1.3 E-Commerce Definitions
The definition of e-commerce includes business activities that are business-to-business
(B2B), business-to-consumer (B2C), extended enterprise computing (also known as "newly
emerging value chains"), d-commerce, and m-commerce.
Ecommerce is simply a part e-business, more specifically, the trading aspect of e-
business. Although there are many definitions and explanations of e-commerce, the following
definition provides a clear distinction. There are many definitions and understanding about E-
Commerce. They are as follows:
1. According to the editor-in-chief of International Journal of Electronic Commerce,
Vladimir Zwass, ‘Electronic commerce is sharing business information, maintaining
business relationships and conducting business transactions by means of
telecommunications networks’.
2. Electronic Commerce is where business transactions take place via telecommunications
networks, especially the Internet – E. Turban, J. Lee, D. King and H.M. Chung,
3. Electronic commerce is about doing business electronically – P. Timmers
4. Electronic commerce or e-commerce refers to a wide range of online business activities
for products and services – Anita Rosen
5. It pertains to “any form of business transaction in which the parties interact electronically
rather than by physical exchanges or direct physical contact.” – MK, Euro Info
Correspondence Centre (Belgrade, Serbia),
6. E-commerce is usually associated with buying and selling over the Internet, or
conducting any transaction involving the transfer of ownership or rights to use goods or
services through a computer-mediated network. – Thomas L. Mesenbourg
7. A more complete definition is: E-commerce is the use of electronic communications and
digital information processing technology in business transactions to create, transform,
and redefine relationships for value creation between or among organizations, and
between organizations and individuals. – Emmanuel Lallana, Rudy Quimbo, Zorayda
Ruth Andam, ePrimer
From your reading it should be apparent to you that electronic commerce is more
than online shopping.

5
1.4 E-Commerce – Features
Electronic commerce, or e-Commerce, refers to the purchasing and selling of goods or
services via electronic means, such as the Internet or mobile phone applications. It may also refer
to the process of creating, marketing, servicing and paying for services and goods. Businesses,
governments and the public can participate in e-Commerce transactions. The following
discussion will elicit the unique features of e-commerce. The unique features of e-commerce
technology include:
1.4.1 Ubiquity:
e-Commerce is ubiquitous, It is available just about everywhere and at all times by using
internet and Wi-Fi hotspot such as airport, coffee cafe and hill station places.. Consumer can
connect it to the Internet at any time, including at their homes, their offices, on their video game
systems with an Internet connection and mobile phone devices. E-Commerce is ubiquitous
technology which is available everywhere Moreover, individuals who have cell phones with data
capabilities can access the Internet without a Wi-Fi connection.
1.4.2 Global reach:
The potential market size is roughly equal to the size of the online population of the
world. E-Commerce Technology seamlessly stretches across traditional cultural and
national boundaries and enables worldwide access to the client. E-Commerce website has ability
to translate the multilingual websites as well as allow the access to visitors all over the world,
purchase products and make business interactions.
1.4.3 Universal standards:
The technical standards of the Internet are shared by all of the nations in the world. The
whole online tradition are growing and expanding their features in the world. To development
any kind of business need Internet and communication application which make the business
relationship more lovingly and attractive for secure business and successful business.
1.4.4 Richness:
Users can access and utilize text messages and visual and audio components to send and
receive information. An individual may see information richness on a company's blog if a post
contains a video related to a product and hyperlinks that allow him to look at or purchase the
product and send information about the post via text message or email.

6
1.4.5 Interactivity:
E-commerce technologies allow two-way communication between the merchant and the
consumer. As a result, e-Commerce technologies can adjust to each individual’s experience. For
example, while shopping online, an individual is able to view different angles of some items, add
products into a virtual shopping cart, checkout by inputting his payment information and then
submit the order.
1.4.6 Personalization:
Technologies within e-Commerce allow for the personalization and customization of
marketing messages that groups or individuals receive. An example of personalization includes
product recommendations based on a user's search history on a Web site that allows individuals
to create an account.
1.4.7 Information density:
The use of e-Commerce reduces the cost to store, process and communicate information,
At the same time, accuracy and timeliness increase; thus, making information accurate,
inexpensive and plentiful. For example, the online shopping process allows a company to receive
personal, shipping, billing and payment information from a customer all at once and sends the
customer's information to the appropriate departments in a matter of seconds.
1.4.8 Social technology:
E-Commerce technology has tie up the social media networking application to provide
the best source of content sharing technology and e-Marketing systems. You can share your
content or data easily in just one click.
1.4.9 User-Generated Content:
Social networks use e-Commerce technologies to allow members, the general public, to
share content with the worldwide community. Consumers with accounts can share personal and
commercial information to promote a product or service. When a company has a professional
social networking account, a member of the same social network has the option of associating
himself with the company or a product by saying he likes or recommends it. When an individual
updates his status on a social networking account, he may also mention a product or company by
name, which creates word-of-mouth advertising.

7
Differences between Traditional Commerce and E-Commerce
Point of E-commerce Traditional Commerce
Difference
Cost Effective E-commerce is cost effective. The cost Cost has to be incurred for the role of
incurred on middlemen is eliminated as middlemen to sell the company’s
there is direct link between the products. The total overhead cost is
business and the customers. . The total more. Running a traditional business
overhead cost required to run e- require a head office with several
business is comparatively less. branches to cater to the needs of
Running an e-business require only a customers situated in different places.
head office. Overhead cost can be
eliminated by hosting a website.
Time A lot of valuable time for both the It takes a lot of time to complete a
consumers and business is saved. A transaction.
product can be ordered and the
transaction can be completed in few
minutes through internet.
Convenience It provides convenience to both It is not so convenient method as that of
customers and business. It provides E-commerce. Customers have to move
better connectivity for its prospective away from their home or work place to
and potential customers as the website locate and purchase a desired product.
can be accessed virtually from
anywhere, anytime through internet. It
is not necessary to move away from
their work place or home to locate and
purchase a desired product.
Accessibility It is easy to expand the size of the It may not be easy to expand the size of
market from regional to international the market from regional to national
level. By hosting a website, a business level. Business organizations have to
can penetrate into global market. It is incur a lot of expenses to enter
quite easy to attract customers from international market.
global markets at a marginal cost.
Introduction of It is easy to introduce a product on the It takes a lot of time and money to
new product website and get the immediate introduce a new product and analyse the
feedback of the customers. Based on response of the customers. Initially, cost
the response, the products can be has to be incurred to carry out pilot
redefined and modified for a successful surveys to understand the taste of the
launch. customers.
Profit It helps the organization to enjoy The cost incurred on the middlemen,
greater profits by increasing sales, overhead, inventory and limited sales
cutting cost and streamlining operating pulls down the profit in traditional
processes. commerce.
Physical It does not allow physical inspection of It is possible to physically inspect goods
Inspection goods. before the purchase.
Time Round the clock service is available. Business is open only for a limited time.

8
accessibility
Product It not suitable for perishable goods and It is suitable for perishables and ‘touch
suitability high value items such as jewellery and and feel’ items.
antiques. It is mostly suitable for
purchasing tickets, books, music and
software.
Human It requires technically qualified staff It does not have such problems
resources with an aptitude to update themselves associated with human resources.
in the ever changing world. It has
difficulty in recruiting and retaining
talented people.
Customer The interaction between the business The interaction between the business
interaction and the customer is screen-to-face. and the consumer is a face-to-face.
Process Automated processing of business There are chances of clerical errors to
transactions helps to minimize the occur as there is manual processing of
clerical errors. business transactions.
Business Business relationship is characterized Business relationship is vertical or
relationship by end-to-end. linear.
Fraud Lot of cyber frauds take place in e- Fraud in traditional commerce is
commerce transaction. People comparatively less as there is personal
generally fear to give credit card interaction between the buyer and the
information. Lack of physical presence seller.
in markets and unclear legal issues give
loopholes for frauds to take place in e-
business transactions.
Information Little dependency on person to person
Heavy dependency on information
sharing information exchange. It provides a
exchange from person to person. No
universal platform to support business
uniform platform for information
activities across the globe. sharing as it depends heavily on
personal communication.
Method of Communication can be done in Communication is done in synchronous
Communication asynchronous way. Electronics system way. Manual intervention is required for
automatically handles when to pass each communication or transaction.
communication to required person or
do the transactions.
Strategy A uniform strategy can be easily It is difficult to establish and maintain
established and maintain. standard practices.

1.5 Functions of E-Commerce


The following are five functions you should be doing daily in your e-commerce business.
a) Search Engine Optimization (SEO)
 Generate unique relevant content. Google loves unique content that is related to what your site
is all about. Ensure you are using good keywords you want to focus on.

9
 Every page should have an H1 tag around what is the focus of the page, such as a product
name, category name, or static content title. Use H2 tags as well for other important page
sections.
 Keywords in optimized page titles.
 Internal linking. Link keywords in your unique content to pages related to that keyword. This
is huge!!!
 Friendly URLs with related phrases. E.g. When talking about Zobrist’s eZcommerce solution,
the URL looks like this: http://www.zobristinc.com/our_solutions/eZ_Commerce/
b) Selecting New Products
 Sell what the customer wants to buy, not what you want to sell! This is a common mistake,
especially when merchandisers are given a great price to sell a particular product. If nobody
wants to buy that product, it doesn’t matter what price you set it at.
 Find out what customers want. What is your value proposition on products you sell?
Capitalize on your niche!
c) Merchandising New Productions
 Pictures, pictures, pictures! It is very important to have high quality images of the products.
 Hero photos: if you have a big seller, feature it on a category page with a hero image of the
product.
 Promote latest releases in your newsletters and feature them in categories or on your
homepage.
 Market to customers who have purchased related items in the past.
d) Customer Service
 Make your customers happy.
 Delivery orders on time.
 Ensure order accuracy.
 Reship promptly if a package was failed to be delivered to the customer, if it came damaged,
or if it was missing parts.
 Don’t try to save every penny on an order. You may need to take a loss to make a customer
happy in order to retain their loyalty to you, and therefore be very valuable for many orders to
come.

1
e) Monitoring your KPIs / Analytics
 Monitor your analytics reports. View what items are selling and bubble them to the top of
product listings so customers can find them easier. A great tool for this, if you are on IBM
WebSphere Commerce, is our Smart Merchandiser product. With it, you can see analytic
overlays on each product in each category to help you make smart merchandising decisions.
 Tackle cart abandonment. Remarket those products to the customers if you have their email
addresses. Incentivize them to complete their checkout within X days.
1.6 Scope of E-Commerce
Today, online shopping is a reality in India. The market place is flooded with several e-
commerce options for shoppers to choose from. In the recent past, the growth of e-commerce
industry in India has been phenomenal as more shoppers have started discovering the benefits of
using this platform. There is enough scope for online businesses in the future if they understand
the Indian shopper’s psyche and cater to their needs. Listed below are the reasons that guarantee
the future prospect of E-commerce in India.
 Enhancing domain registrations
 Rising internet users
 Easy access to internet
 Awareness about internet even in rural areas
 Rising number of cyber cafes
 Growing need for E-commerce
a) Cash on delivery (COD)
Indian e-commerce industry has evolved over a period of time with innovations that have
changed the rules of the game globally. COD is one such example. In a country where credit card
penetration is much lower than other developed markets and where e-commerce companies are
still working hard to build trust among shoppers, introducing cash on delivery has been one of
the key factors for the success of the segment. At present, COD is the preferred payment mode
for close to 55-60% of all online transactions in the fashion and lifestyle segment in India.
Executing COD efficiently and painlessly for the customer is critical to the success of any e-
commerce player in the country.

1
b) Delivering experiences
E-commerce needs to focus on customer experience to build trust and confidence.
Customer experience encompasses every interaction of a customer from placing an order to
interacting with customer service team, to the actual delivery experience. Providing a great
delivery experience is one of the core aspects to delighting customers. This not only mean faster
deliveries but also consistency and reliability. The more faith the customer has in your delivery
service, the more likely he is to buy again. Besides, it builds a good brand image and word-of-
mouth publicity.
c) Growing the base
India has more than 130 million online users at present, out of which as many as 10% are
engaging in online transactions. The online user base is expected to cross 300 million in the next
2 – 3 years and a larger percentage of people are expected to transact online by the end of 2015.
This large base will provide vast scope for e-commerce businesses to establish themselves in
India.
d) Growing opportunities
The e-commerce industry is growing at a rapid pace and changing the dynamics of the
retail industry. In the coming years, e-commerce is expected to contribute close to 8-10% of the
total retail segment in India. This growth is bound to continue provided e-commerce companies
focus on innovating, building strong technology infrastructure and delivering the best customer
experience.
e) Online Travel Segment
The online travel segment has seen a CAGR of 55.5% from 2007-2012. The is due to rise
of disposable income, surge in demand for domestic travel and the boom of the tourism industry.
Domestic travel contributed to as much as 50% of the total market, followed by railways tickets,
international air tickets, hotel bookings and bus tickets.
f) E-Tailing
E-tailing encompasses buying consumer items like apparels, electronic devices, home and
kitchen appliances, jewellery, online. Competition is intense due to low entry barrier of this
segment. However, Amazon.com, flipkart, snapdeal.com,jabong.com, and myntra.com are some
of the major players. This segment is expected to grow further as people become more pressed
for time. Also the choice that e-tailing sites offer to customers will drive demand for this

1
segment. However, there will be intense price based competition in this sector and consolidations
are in the order.
g) Online Financial Services
The financial services segment includes applying for insurance, paying online bills, and
premiums and online transactions for financial services. The costs of these insurance policies are
lesser with premiums being 40%-60% cheaper. This is a win-win situation for both the insurance
provider and the customers. Also the convenience provided by online portals has led to more
customers choosing the online route for bill payment.
h) Classifieds
It is in a very promising stage and has lot of scope for growth. Online advertising is lot
cheaper than conventional methods and unlike the latter, it is not constrained to a geographic
location. The growth is mainly fuelled by services like online job (60% of the segment), online
matrimony, B2C classifieds and B2B classifieds. Naukri.com, timesjob.com, monster.com are
the major players in the job market while jeevansathi.com, shaadi.com are the major matrimonial
sites.
i) Other online Services
These include sites offering online services like buying entertainment tickets, food and
grocery.
1.7 Benefits and limitations of E-Commerce
1.7.1 Benefits of E-Commerce
Electronic commerce can increase sales and decrease costs. Advertising done well on the
web can get even a small firm’s promotional message out to potential consumers in every
country in the world. A firm can use electronic commerce to reach narrow market segments that
are geographically scattered. The web is particularly useful in creating virtual communities that
become ideal target markets for specific types of products or services. A virtual community is a
gathering of people who share a common interest, but instead of this gathering occurring in the
physical world; it takes place on the internet.
Some key benefits of e-commerce are summarized below:
 By becoming e-commerce enabled, businesses now have access to people all around the
world. In effect all e-commerce businesses have become virtual multinational
corporations.

1
 The cost of creating, processing, distributing, storing and retrieving paper-based
information has decreased.
 The pull-type processing allows for products and services to be customized to the
customer’s requirements.
 Enables reduced inventories and overheads by facilitating ‘pull’-type supply chain
management – this is based on collecting the customer order and then delivering through
JIT (just-in-time) manufacturing.
 The Internet is much cheaper than value added networks (VANs) which were based on
leasing telephone lines for the sole use of the organization and its authorized partners. It
is also cheaper to send a fax or e-mail via the Internet than direct dialing.
 Software and music/video products can be downloaded or e-mailed directly to customers
via the Internet in digital or electronic format.
 Businesses can be contacted by or contact customers or suppliers at any time.
 24/7 access: Enables customers to shop or conduct other transactions 24 hours a day, all
year round from almost any location.
 Customers not only have a whole range of products that they can choose from and
customize, but also an international selection of suppliers.
 Customers can ‘shop’ around the world and conduct comparisons either directly by
visiting different sites, or by visiting a single site where prices are aggregated from a
number of providers and compared (for example www.moneyextra.co.uk for financial
products and services).
 This can range from the immediate delivery of digitized or electronic goods such as
software or audio-visual files by downloading via the Internet, to the on-line tracking of
the progress of packages being delivered by mail or courier.
 An environment of competition where substantial discounts can be found or value added,
as different retailers view for customers. It also allows many individual customers to
aggregate their orders together into a single order presented to wholesalers or
manufacturers and obtain a more competitive price.
 Enables more flexible working practices, which enhances the quality of life for a whole
host of people in society, enabling them to work from home. Not only is this more
convenient and provides happier and less stressful working environments, it also

1
potentially reduces environmental pollution as fewer people have to travel to work
regularly.
 Enables people in developing countries and rural areas to enjoy and access products,
services, information and other people which otherwise would not be so easily available
to them.
 Facilitates delivery of public services like health services available over the Internet (on-
line consultation with doctors or nurses), filing taxes over the Internet through the Inland
Revenue website.
 A business can reduce the costs of handling sales inquiries, providing price quotes, and
determining product availability by using electronic commerce in its sales support and
order-taking processes.
 Electronic commerce provides buyers with a wider range of choices than traditional
commerce.
 Electronic commerce provides buyers with an easy way to customize the level of detail in
the information they obtain about a prospective purchase.
 Electronic payments of tax refunds, public retirement, and welfare support cost less to
issue and arrive securely and quickly when transmitted over the internet.
 Electronic payments can be easier to audit and monitor than payments made by cheque,
providing protection against fraud and theft losses.
 Electronic commerce can also make products and services available in remote areas.
1.7.2 Limitations of E-Commerce
Most of the disadvantages of e-commerce stem from the newness and rapidly developing
pace of the underlying technologies. Some of the key disadvantages of are given below:
 Return-on-investment is difficult to calculate.
 Many firms have had trouble recruiting and retaining employees with the technological,
design, and business process skills needed to create an effective electronic commerce
presence.
 Difficulty of integrating existing databases and transaction-processing software designed
for traditional commerce into the software that enables electronic commerce.
 Many businesses face cultural and legal obstacles to conducting electronic commerce
 Lack of sufficient system security, reliability, standards and communication protocols.

1
 Rapidly evolving and changing technology, so there is always a feeling of trying to ‘catch
up’ and not be left behind.
 Under pressure to innovate and develop business models to exploit the new opportunities
which sometimes leads to strategies detrimental to the organization. The ease with which
business models can be copied and emulated over the Internet increases that pressure and
curtails longer-term competitive advantage.
 Facing increased competition from both national and international competitors often
leads to price wars and subsequent unsustainable losses for the organization.
 Problems with compatibility of older and ‘newer’ technology. There are problems where
older business systems cannot communicate with web-based and Internet infrastructures,
leading to some organizations running almost two independent systems where data
cannot be shared. This often leads to having to invest in new systems or an infrastructure,
which bridges the different systems. In both cases this is both financially costly as well as
disruptive to the efficient running of organisations.
 Computing equipment is needed for individuals to participate in the new ‘digital’
economy, which means an initial capital cost to customers.
 A basic technical knowledge is required of both computing equipment and navigation of
the Internet and the World Wide Web.
 Cost of access to the Internet, whether dial-up or broadband tariffs.
 Cost of computing equipment. Not just the initial cost of buying equipment but making
sure that the technology is updated regularly to be compatible with the changing
requirement of the Internet, websites and applications.
 Lack of security and privacy of personal data. There is no real control of data that is
collected over the Web or Internet. Data protection laws are not universal and so websites
hosted in different countries may or may not have laws which protect privacy of personal
data.
 Physical contact and relationships are replaced by electronic processes. Customers are
unable to touch and feel goods being sold on-line or gauge voices and reactions of human
beings.
 A lack of trust because they are interacting with faceless computers.

1
 As people become more used to interacting electronically there could be an erosion of
personal and social skills which might eventually be detrimental to the world we live in
where people are more comfortable interacting with a screen than face to face.
 There is a potential danger that there will be an increase in the social divide between
technical haves and have-nots – so people who do not have technical skills become
unable to secure better-paid jobs and could form an underclass with potentially dangerous
implications for social stability.
 Reliance on telecommunications infrastructure, power and IT skills, which in developing
countries nullifies the benefits when power, advanced telecommunications infrastructures
and IT skills are unavailable or scarce or underdeveloped.
 As new technology states how do you dispose of all the old computers, keyboards,
monitors, speakers and other hardware or software?
 Facilitates Just-In-Time manufacturing. This could potentially cripple an economy in
times of crisis as stocks are kept to a minimum and delivery patterns are based on pre-set
levels of stock which last for days rather than weeks.

1.8 The Internet and India

Before the appearance of VSNL's GIAS, Internet had been in India for many years in the
form of ERNET. However, it was not possible for many people to get access to it, as it was
meant for only the educational and research communities.
1.8.1 Educational Research Network (ERNET)
Internet in India was established as ERNET. It was a joint undertaking of the Department
of Electronics (DOE) of the Government of India, and the United Nations Development Program
(UNDP), which provides technical assistance to developing nations. ERNET is one of the most
successful operations that UNDP has funded.
1.8.2 Gateway Internet Access Service (GIAS)
On August 15th 1995, Videsh Sanchar Nigam Limited (VSNL) -- the Indian international
trunk telephone carrier company -- launched the Gateway Internet Access Service (GIAS).
Subsequently, 6 nodes were established at Mumbai, Delhi, Madras, Calcutta, Bangalore and
Pune. Each GIAS node is connected to Internet via high speed MCI circuits having a bandwidth
of approximately 10 Mbps.

1
Users in remote areas of India can reach GIAS service via I-NET. The Department of
Telecommunication (DOT) has a wide-spread network in India called I-NET, which has direct
connectivity to each GIAS node.
1.8.3 Timeline Chart
The timeline chart showing the development of Internet in India is given below:
1986: ERNET project starts up; email exchange using UUCP protocol established between
National Centre for Software Technology, Bombay, and IIT Bombay
1987: Email exchange between ERNET institutions in metros; TCP over X.25 established
between the ERNET gateway at NCST and internet via CWI in Amsterdam

1988: Leased lines used to connect ERNET partner institutions to ERNET gateway in Bombay

1989: LWBBS (Live Wire BBS) and BBS CiX launch online services; VSNL commissions a
Gateway Packet Switching System (GPSS) running X.25 protocol; ERNET acquires an analog
leased line operating at 9600 bps to connect ERNET gateway at NCST, Bombay, to UUNET in
the US

1990: TCP/IP implemented for communication between ERNET centres connected by leased
lines

1991: LWBBS turns into a paid subscription service and expands to other cities such as
Ahmedabad, Madras (Chennai), Pune, Calcutta (Kolkata), Baroda, Vapi

1992: Business India launches aXcess, a value-added service offering email as well as e-news,
stock quotes

1994: ERNET establishes a hub in Bangalore to provide TCP/IP-level connectivity over satellite
links to locations otherwise unreachable by dedicated circuits

1995: VSNL introduces public internet access in India via dialup services in 6 cities on August
15, 1995; India World portal launches on March 13

1996: Major newspapers such as The Times of India, The Hindu, The Indian
Express and Hindustan Times set up websites; Rediff.com launched; India’s first cyber cafe
launched in Mumbai

1
1997: Tamil newspaper Dinamani sets up website; Hotmail creator Sabeer Bhatia sells Hotmail
to Microsoft for $400 million; first online banking site launched by ICICI Bank; Naukri.com
launched; IndusInd also launches website; Khel.com cricket site launched

1998: Private ISPs allowed to set up internet infrastructure; LWBBS’s Pune node, JabberWocky
operated by WMI becomes the first ISP licensee; Sify becomes India’s first national ISP license
holder; first major hacking case (teenagers hack data on BARC’s servers); launch of NASSCOM
to promote IT industry by efforts of Dewang Mehta; cyber cafes start mushrooming across
Indian cities; annual India Internet World conference series starts in Pragati Maidan

1999: IndiaWorld sold to Sify for US$115 million (Rs 499 crore) triggering the dotcom boom in
India; WebDunia, India’s first and most successful Hindi portal, launched; large number of
dotcoms appear, mostly modelled as e-marketplaces but have untested revenue models and big
spends; Sify sets up hundreds of public internet kiosks under the brand name i-Way; New
Telecom Policy 1999 launched by DoT; India ISPs allowed to set up satellite international
gateways; India Info portal launched

2000: Parliament passes Information Technology Act 2000; foreign portals like Yahoo and MSN
set up Indian sites; Bazee.com launched based on the eBay model; Indya.com launched with Rs
4.5 crore campaign blitz; birth of online journalism: Tehelka.com exposes cricket betting
scandal; ITC launches e-Choupal initiative to take the internet to villages; Railtel Corporation of
India launched; NSE launches online stock trading; cable internet starts replacing dialup
connections; 2000: Rediff IPO on NASDAQ; Sulekha.com legal entity founded in Austin, Texas

2001: Subscription sites set up by thenewspapertoday.com and NaiDunia.com; Times of India


group launches 8888 mobile service; India Today group launches 2424 mobile service; first
cyber crime-related arrest (two arrested for hacking go2nextjob.com); Indian Railways launches
online ticketing site (irctc.com) which soon becomes India’s largest e-revenue earner; India’s
first cyber crime police station opens in Bangalore; Dotcom bubble bursts -- many sites close,
some go into hibernation; C-DAC announced the launch of its Multilingual Advanced News
Automation System: MANAS; GAIL India launched; Andhra Pradesh state government launches
e-procurement portal and extends public internet kiosk facility to every mandal office

1
2002: Malayalam Varikha.com, the website of weekly Malayalam magazine, launches paid site;
NPTEL (National Programme on Technology Enhanced Learning) initiative launched; India’s
first teleradiology company Teleradiology Solutions launched; Indian ISPs allowed to set up
submarine international gateways; Wikipedia.org adds Assamese, Punjabi, Nepali, Oriya,
Malayalam content

2003: Air Deccan launches India’s first online air ticketing site; NIXI (National Internet
Exchange of India) set up; WiFi (2.4GHz) deregulated by GoI; official representation from
India’s DoT and DIT at WSIS 2003 in Geneva; AirTel launches broadband internet access;
Wikipedia.org adds Bhojpuri, Marathi, Kannada, Hindi, Kashmiri, Tamil, Telugu, Gujarati,
Sanskrit, Sindhi content

2004: DoT declares its Broadband Policy; BSNL introduces broadband; eBay buys Bazee.com;
Monster.com buys Jobsahead.com; NIXI takes over management of the .IN Registry; ITC e-
Choupal demonstrates rural internet adoption; Google starts India office; Wikipedia.org adds
Bengali, Urdu content; Sulekha starts Hindi operations; Ebay India CEO arrested for alleged sale
of porn online, but later released -- the arrest is criticised by industry

2005: Social networking sites like Orkut make their presence felt; online registration of .IN
domains begins; Indic language user interface appears on basic cell phones

2006: Facebook makes India debut; OneIndia.in portal launched; national E-Governance Plan
launched; Naukri.com IPO in India

2007: Major media websites switch to tab-based design; Arzoo.com re-launched as a travel
portal by Sabeer Bhatia; Twitter makes its India debut; Google News launches Hindi service

2008: India sets a world record by sending 10 satellites into orbit in a single launch; Apple
iPhone debut in India; Internet Governance Forum (IGF) held in India; Google News launches in
Tamil, Malayalam, Telugu

2009: GoI puts forth the draft policy on Indian language IDNs

2010: 3G spectrum auctioned by telecom players after two-year-long process; WiMax licenses
auctioned; GoI announces National IPv6 Roadmap; TRAI releases National Broadband Plan;
MakeMyTrip lists on NASDAQ at over US$1 billion; Facebook overtakes Orkut in India

2
2011: Mobile number portability launched; ICANN approves 7 Indian language Internationalised
Domain Names (IDNs) for India; iPad enters India market after its Dell and Samsung rivals;
Pearson Group takes controlling stake in e-education startup TutorVista; Indian government
launches National Knowledge Network (NKN); India internet start-ups Komli Media,
LetsBuy.com bag $21 million venture capital deals; India’s 2011 census uses social media; IIT
courses, lectures made available online

1.9 E-commerce opportunities and challenges for industries

E-Commerce is presently an essential ingredient of India’s trade facilitation policy. Since


1991, after economic reforms explicitly took place in India, the need to facilitate international
trade both through policy and procedure reforms has become the foundation stone of India’s
trade and fiscal policies. Resultantly, a technological revolution accompanied by the wide spread
use of the Internet, web technologies and their applications took place. E-Commerce has changed
and is still changing the way business is conducted around the world.

1.9.1 Opportunities:

There is a rising awareness among the businesses in India about the opportunities offered
by e-commerce. E-commerce provides a new place for connecting with consumers and
conducting transactions. Virtual stores operate round the clock.

a) Global Trade:

E-business is one of the major factors in the globalization of business. Other factors
include decreases in trade barriers, globalization of capital markets. Indian e-business has grown
at a compounded annual growth rate of 30% since FY09, and is expected to be $18 billion
(around Rs 1,116,00 crore) opportunity by FY15.

b) Virtual Businesses:

Business firms now have the ability to become virtual E-Business. Virtual business uses
electronic means to transact business as opposed to the traditional means of face to face
transaction.

2
c) Lower search costs:

The Internet brings low search costs and high price lucidity. E-business has proved to be
highly cost effective for business concerns as it cuts down the cost of marketing, processing,
inventory management, customer care, etc.

d) Round the clock:

Customers can do transactions for the product or enquiry about any product/services
provided by a company anytime, anywhere from any location.

e) Greater Economic Efficiency:

Greater economic efficiency (lower cost) and more rapid exchange (high speed,
accelerated, or real-time interaction) are achieved with the help of electronic business.

The e-commerce market in India has grown by 34 percent in the last decade, was about
USD 600 million in 2011-12 and is expected to touch USD 9 billion by 2016 and USD 70 billion
by 2020. According to Forrester, the Indian e-commerce market is expected to grow at a CAGR
of over 57 percent between 2012 and 2016, which is the fastest within Asia-Pacific region.

1.9.2 Challenges:

The growth of ecommerce volumes in India is attracting the attention of players around
the world. Despite lower per-capita purchasing power, the population still makes India one of the
most attractive emerging markets for ecommerce. But India is far from being a bed of roses.
Here are the top 8 challenges that ecommerce businesses face in India.
a) Indian customers return much of the merchandise they purchase online.

Indian customers return much of the commodities they purchase online. E business in
India has many first time buyers. This means that they have not yet made up their mind about
what to expect from e-business websites. As a result, buyers sometimes fall prey to hard sell. But
by the time the product is actually delivered, they regret and return the goods. Returns are
expensive for e-business companies, as reverse logistics presents unique challenges. This
becomes all the more complex in cross border e-business.

2
b) Cash on delivery is the preferred payment mode.

Cash on delivery is the preferred payment mode. Low credit card access and low trust in
online transactions has led to cash on delivery being the preferred payment choice in India.
Unlike electronic payments, manual cash collection is painstaking, risky, and expensive.

c) Payment gateways have a high failure rate.

Indian payment gateways have an unusually high failure rate by global standards. E-
business companies using Indian payment gateways are losing out on business, as several
customers do not attempt making payment again after a transaction fails.

d) Internet penetration is low.

Internet penetration is low. Internet penetration in India is still a small fraction of what is
there in a number of western countries. The quality of connectivity is poor in several regions. But
both these problems are on their last legs. The day is not far when connectivity issues would not
feature in a list of challenges to e-business in India.

e) Feature phones still rule the roost.

Though the total number of mobile phone users in India is very high, a significant
majority still use feature phones, and not smart phones. As a result this consumer group is unable
to make e-business purchases on the move. Though India is still a couple of years away from the
scales tipping in favour of smart phones, the rapid downward spiral in the price of entry-level
smart phones is an encouraging indication.

f) Postal addresses are not standardized.


If an online order is placed in India, it is quite likely get a call from the logistics company
to ask about exact location. Clearly address is not enough. This is because there is little
standardization in the way postal addresses are written.

g) Logistics is a problem in thousands of Indian towns.


Given the large size of the country, there are thousands of towns that are not easily
accessible. The problem with logistics is compounded by the fact that cash on delivery is the
preferred payment option in India. International logistics providers, private Indian companies,
and the government-owned postal services are making a valiant effort to solve the logistics
problem.

2
h) Overfunded competitors are driving up cost of customer acquisition.
The long-term prospects for ecommerce companies are so exciting that some investors
are willing to spend irrationally high amounts of money to acquire market share today. Naturally
the Indian consumer is spoiled for choice.

1.10 Future Scope and Growth

The growth of e commerce will be on two accounts: One is due to the changes in the
macro-economic parameters like disposable income, internet penetration, inflow of investments,
and the other due to segment specific factors.

a) Macro-economic factors

i) Personal Disposable Income will continue to rise

According to the International Monetary Fund (IMF), personal disposable income will
rise; it signals that the purchasing power of the people and their standard of living has increased.
As a result, demand for goods and services are expected to rise. With more disposable income,
the benefits of time saving offered by e-commerce will lead to growth in the sector.

ii) Number of active Internet users in India is poised to rise

Internet penetration has increased by a CAGR of 30% from 2007. There has been an
increase in internet user base and such trend is expected to continue. This will led to more
advertisement on the digital media. As advertisements increase, the trial rate and the repeat rate
for online retailing is likely to increase. This will trigger growth in both the travel and non travel
segment due to more customer acquisition.

iii) Demand for debit and credit cards will see a rise

The demand for debit and credit cards has also seen a steady rise over the last few years.
Most of the banks now provide online banking and debit card facility with every new account.
With the financial inclusion drive by the RBI, the number of bank accounts (and hence the
number of debit cards) will definitely see a rise. This coupled with rising disposable income will
invariably lead to more online transactions.

2
b) Segment Specific factors

In the online travel segment, growth of the tourism industry and demand of domestic
travel will have positive externalities on the e-commerce industry. With travel websites
providing additional features like hotel booking and package tours, the convenience factor
offered byy these websites will lead to growth. Additionally, internet gives users the a choice
where they can evaluate an offer, compare the prices and decide on the one that suit their
demand. In the online retail space, absence of showrooms and high cost of transportation
prevents those in tier 2 cities to access global brands thus increasing demand for online shopping.

1.11 Summary

There is no one commonly agreed definition of E-Commerce. E-commerce has an impact


on three major stakeholders, namely society, organizations and customers. There are a number of
advantages, which include cost savings, increased efficiency, customization and global
marketplaces. There are also limitations arising from E-Commerce which apply to each of the
stakeholders. These include information overload, reliability and security issues, cost of access,
social divisions and difficulties in policing the Internet.
In order to aid general understanding of E-Commerce a number of frameworks have been
introduced to explore it from different perspectives. These frameworks help identify the elements
of E-Commerce and how businesses can better understand E-Commerce and its practical
applicability.
1.12 Key Terms
1. E-Commerce: Electronic Commerce is where business transactions take place via
telecommunications networks, especially the Internet
2. E-Business: E-business is the transformation of key business processes through the use
of Internet technologies.
3. Internet: It is a worldwide system of computer network through which the users at any
4. Educational Research Network (ERNET): Internet in India was established as
ERNET. It was a joint undertaking of the Department of Electronics (DOE) of the
Government of India, and the United Nations Development Program (UNDP)

2
5. Gateway Internet Access Service (GIAS): On August 15th 1995, Videsh Sanchar
Nigam Limited (VSNL) -- the Indian international trunk telephone carrier company --
launched the Gateway Internet Access Service (GIAS).
6. E-tailing: E-tailing encompasses buying consumer items like apparels, electronic
devices, home and kitchen appliances, jewellery, online. Amazon.com, flipkart,
snapdeal.com,jabong.com, and myntra.com are some of the major players..
1.13 Self Evaluation Questions
1. Define the term E-Commerce.
2. What are the elements of E-Commerce?
3. What is Internet?
4. What is EDI?
5. What is E-Tailing?
6. Sketch out the historical development of E-Commerce.
7. State the impact of E-Commerce on business world.
8. What are the advantages of E-Commerce?
9. Bring out the disadvantages of E-Commerce.
10. Discuss the opportunities and challenges of E-Commerce in India.

2
UNIT – II
Business Models for E-commerce

LEARNING OBJECTIVES
After studying this unit, you will be able to:
 Know the meaning of Portal
 Appreciate the birth of portal
 Understand the concept of E-Business Model
 Classify different types of E-Business Models
 Explain the features of various E-Business Models

CONTENTS
2.1 Introduction
2.2 Meaning and Definition of Portal
2.3 Birth of portal
2.4 Classification of portals
2.5 Meaning and features of Business Model
2.6 E-Business Models
2.7 Summary
2.8 Key Terms
2.9 Self Evaluation Questions

2.1 Introduction
When it comes to starting an online business, you have a lot of choices to make. The
biggest of the choices may be the most important as they will ultimately define your business
model and much of the future of your business. Creating an e-commerce solution mainly
involves creating and deploying an e-commerce site. The first step in the development of an e-
commerce site is to identify the e-commerce model. Depending on the parties involved in the
transaction, e-commerce can vary greatly in terms of how they provide value to and earn income
from consumers. The following discussion would provide a bird’s eye view about various E-
Business Models in vogue.

2
2.2 Meaning and Definition of Portal
Portal is a doorway, entrance, or gate, especially one that is large and imposing. It is a
Website considered as an entry point to other websites by providing access to a search engine.
Definition:
1. A site on the World Wide Web (WWW) that serves as a gateway or port of entry to the
Internet is called Portal. It includes hyperlinks to news, weather reports, stock market
quotes, entertainment, chat rooms, and so on.
2. A portal is a kind of Web site. The term originated with large, well-known Internet search
engine sites that expanded their features to include email, news, stock quotes, and an
array of other functionality.
3. Portal is a term, generally synonymous with gateway, for a World Wide Web site that is
a major starting site for users when they get connected to the Web. There are general
portals and specialized or niche portals.
Examples of general portals: Yahoo, Excite, Netscape, Lycos, CNET, Microsoft
Network, and America Online's AOL.com.
Examples of niche portals: Garden.com (for gardeners), Fool.com (for investors), and
SearchNetworking.com (for network administrators).
4. A web portal is one specially designed Web page that brings information together from
diverse sources in a uniform way. Usually, each information source gets its dedicated
area on the page for displaying information (a portlet); often, the user can configure
which ones to display.
5. The term portal space is used to mean the total number of major sites competing to be
one of the portals.
Typical services offered by portal sites include a directory of Web sites, a facility to
search for other sites, news, weather information, e-mail, stock quotes, phone and map
information, information from databases and even entertainment content and sometimes a
community forum.
The features available may be restricted by whether access is by an authorized and
authenticated user (employee, member).
Examples of early public web portals were
AOL, Excite, Netvibes, iGoogle, MSN, Naver, Lycos, Indiatimes, Rediff, and Yahoo!.

2
2.3 Birth or Portal
Web portal was a web IT buzzword in the late 1990s. After the proliferation of web
browsers in the late 1990s many companies tried to build or acquire a portal to attempt to obtain
a share of an Internet market. The content and branding of a portal could change as internet
companies merged or were acquired. For Example:
 Netscape became a part of America Online
 Walt Disney Company launched Go.com
 IBM and others launched Prodigy
 Excite and @Home became a part of AT&T Corporation during 1990s
The interest in portals saw some old media companies racing to outbid each other for Internet
properties but died down with the dot-com bust in 2000 and 2001. Disney pulled the plug
on Go.com, Excite went bankrupt, and its remains were sold to iWon.com. Some portal sites
such as Yahoo! and some others first remain active and portals feature widely outside the English-
speaking web (Chinese, Japanese, Indian and Russian. Portal metaphors are widely used by public
library sites for borrowers using a login as users and by university intranets for students and for
faculty. Vertical markets remain for ISV's offering management and executive intranet
"dashboards" for corporations and government agencies in areas such as GRC and risk
management.
2.4 Classification
Web portals are sometimes classified as horizontal or vertical.
2.4.1 A horizontal portal is used as a platform to several companies in the same economic
sector or to the same type of manufacturers or distributors.
2.4.2 A vertical portal (also known as a "vortal") is a specialized entry point to a specific market
or industry niche, subject area, or interest. Some vertical portals are known as "vertical
information portals" (VIPs)
VIPs provide news, editorial content, digital publications, and e-commerce capabilities. In
contrast to traditional vertical portals, VIPs also provide dynamic multimedia applications
including social networking, video posting, and blogging.
2.4.3 Personal Portal: A personal portal is a web page at a web site on the World Wide Web or
a local HTML home page including JavaScript and perhaps running in a modified web browser.
It provides personalized capabilities to its visitors or its local user, providing a pathway to other

2
content. It may be designed to use distributed applications, different numbers and types
of middleware and hardware to provide services from a number of different sources and may run
on a non-standard local web server. Personal portals can be related to any specific topic such as
providing friend information on a social network or providing links to outside content that may
help others beyond your reach of services. Example:
home.psafe.com – A personal portal based on adaptive neural network technology provides
customizable content according to each user's navigation, and provide full security against
viruses, malware, phishing and bank fraud. The portal is developed by Brazilian online security
company PSafe.
2.4.4 Business Portal: Business portals can be designed for sharing and collaboration in
workplaces. A further business-driven requirement of portals is that the content be presented on
multiple platforms such as personal computers, personal digital assistants (PDAs), and cell
phones/mobile phones. Information, news, and updates are examples.
2.4.5 Government Web Portal: At the end of the dot-com boom in the 1990s, many
governments had already committed to creating portal sites for their citizens. These included
primary portals to the governments as well as portals developed for specific audiences.
Examples:
 australia.gov.au for Australia.
 USA.gov for the United States (in English) & GobiernoUSA.gov (in Spanish).
 www.gov.lk for Sri Lanka.
 Disability.gov for citizens with disabilities in the United States.
 Europa (web portal) links to all EU agencies and institutions in addition to press releases and
audio visual content from press conferences.
 gov.uk for citizens & businesslink.gov.uk for businesses in the United Kingdom.
 Health-EU portal gathers all relevant health topics from across Europe.
 india.gov.in for India.
 National Resource Directory links to resources for United States Service Members, Veterans
and their families.
 govt.nz for New Zealand.
 Saudi.gov.sa for Saudi Arabia.

3
2.4.6 Cultural portal: Cultural portal aggregate digitised cultural collections of galleries,
libraries, archives and museums. It provides a point of access to invisible web cultural content
that may not be indexed by standard search engines. Digitised collections can include books,
artworks, photography, journals, newspapers, music, sound recordings, film, maps, diaries and
letters, and archived websites as well as the descriptive metadata associated with each type of
cultural work. These portals are usually based around a specific national or regional groupings of
institutions. Examples of cultural portals:
 DigitalNZ – A cultural portal led by the National Library of New Zealand focused on New
Zealand digital content.
 Europeana – A cultural portal for the European Union based in the National Library of the
Netherlands and overseen by the Europeana Foundation.
 Trove – A cultural portal led by the National Library of Australia focused on Australian
content.
 In development - Digital Public Library of America

2.4.7 Corporate web portals: A Corporate Portal is basically a secured website used by
employees, manufacturers, alumni and even customers. The portal is the perfect starting point for
everyday tasks that usually would consist of using many different types and sources of
information and tools. By gathering all necessary information and tools in one environment,
users save huge amounts of time. Companies not only save time through their users, IT
management costs and the TCO (total cost of ownership) can be much lower. Corporate Portals
also offer customers & employees self-service opportunities.

2.4.8 Stock portal: It is also known as stock-share portal, stock market portal or stock
exchange portal. It is Web-based applications that facilitates the process of informing the share-
holders with substantial online data such as the latest price, ask/bids, the latest News, reports and
announcements. Some stock portals use online gateways through a central depository system
(CDS) for the visitors to buy or sell their shares or manage their portfolio.

2.4.9 Search portals: Search portals aggregate results from several search engines into one page.
You can find search portals specialized in a product, for example property search portals
like Nestoria or Nuroa.

3
2.4.10 Tender portals: A tender portal is a gateway for government suppliers to bid on
providing goods and services. Tender portals allow users to search, modify, submit, review and
archive data in order to provide a complete online tendering process.
Using online tendering, bidders can do any of the following:
 Receive notification of the tenders.
 Receive tender documents online.
 Fill out the forms online.
 Submit proposals and documents.
 Submit bids online.

2.4.11 Domain-specific portals: A number of portals have come about which are specific to the
particular domain, offering access to related companies and services; a prime example of this
trend would be the growth in property portals that give access to services such as estate
agents, removal firm, and solicitors that offer conveyancing. Along the same lines, industry-
specific news and information portals have appeared, such as the clinical trials-specific portal.
2.5 Meaning and Features of Business model
2.5.1 Meaning of Business Model
Business model is the most discussed and least understood aspect of the web. There is so
much talk about how the web changes traditional business models. But there is little clear-cut
evidence of exactly what this means.
Basically, a business model is the method of doing business by which a company can
sustain itself -- that is, generate revenue. The business model spells-out how a company makes
money by specifying where it is positioned in the value chain.
Some models are quite simple. A company produces a good or service and sells it to
customers. If all goes well, the revenues from sales exceed the cost of operation and the company
realizes a profit.
Internet commerce will give rise to new kinds of business models. But the web is also
likely to reinvent tried-and-true models. Business models have been defined and categorized in
many different ways. When organizations go online, they have to decide which e-business
models best suit their goals.

3
A business model is defined as the organization of product, service and information
flows, and the source of revenues and benefits for suppliers and customers. The concept of e-
business model is the same but used in the online presence.
The e-Business model describes how a company functions; how it provides a product or
service, how it generates revenue, and how it will create and adapt to new markets and
technologies. It has four traditional components. These are the e-business concept, value
proposition, sources of revenue, and the required activities, resources, and capabilities. In a
successful business, all of its business model components work together in a cooperative and
supportive fashion.
2.5.2 Features of Business model
i. E-Business Concept
The e-business concept describes the rationale of the business, its goals and vision, and
products or offerings from which it will earn revenue. A successful concept is based on a market
analysis that identifies customers likely to purchase the product and how much they are willing
to pay for it.
ii. Value Proposition
The value proposition describes the value that the company will provide to its customers
and, sometimes, to others as well. With a value proposition the company attempts to offer better
value than competitors so that the buyer will benefit most with this product.
A value proposition may include one or more of the following points:
 Reduced price
 Improved service or convenience such as the "1 click" checkout
 Speed of delivery and assistance
 Products that lead to increased efficiency and productivity
 Access to a large and available inventory that presents options for the buyer
 Providing value in an e-business uses the same approach as providing value in any
business, although it may require different capabilities. But common to both are the
customers who seek out value in a business transaction. The value proposition helps
focus the business on the well-being of the customer, where it remains in successful
companies.
 Value Delivery through Integration Of Activities

3
iii. Sources of Revenue
Depending on the business model, several revenue sources may be available to an e-
business. Many online businesses will have a three or four of these sources. A mix of revenue
sources is often referred to as a revenue model but may be mistakenly called a business model.
Some of these sources of revenue are:
 Advertising
 Affiliation
 Agent commissions
 Licensing
 Sales commissions
 Sales profits
 Sponsorship
 Subscription
 Syndication
 Use Fees
For large public-private or government projects revenue sources might also include:
 Bonds, usually for large capital expenditures
 Taxes, primarily income, property and sales taxes
 Use fees and tolls
With small fast-growing companies such as e-Business startups, investors often track
expected revenues and revenue growth and may make changes to increase revenue. However,
after the Dot-Com boom ended, more traditional measures such as cash flow and earnings have
came back into favor as means of evaluation.
iv. Activities, Resources and Capabilities
The activities, resources and capabilities of a business are sometimes known as its
requirements. In order to perform the activities required to carry out the mission of the business,
certain resources are needed; for example, employees with certain skills, or capabilities, are
needed to perform activities correctly and efficiently. Also, inventions, processes and
other intellectual property may add to the individual knowledge of an employee to develop a
competence in the performance of the required activities.

3
a. Activities
Activities are specific business processes or groups of processes such as design,
production and sales that implement the business concept. The operational business model
identifies the costs and outputs of each activity. Activities drive the need for resources.
b. Resources
In order to perform activities an organization requires human, tangible, intangible and
supporting resources.
Human resources, in particular the skills and knowledge of employees are important, as are the
programs (e.g. incentives, training) and institutions that support them.
Tangible, or physical and financial, resources include facilities, equipment, and cash
reserves.
Intangible resources include intellectual property, business processes that can be
patented, brands, customer profiles and personalization data in databases, and customized
software.
Supporting resources include organizational structure, information systems or
communications processes that may have little value as stand-alone resources.
c. Capacity
The total resources of the organization represent its capacity. When resources are
underutilized, the company has resources that aren't used, or idle capacity. Idle capacity in
manufacturing tends to be measured in terms of additional output that could be produced. In
service organizations the measure for idle capacity is usually a number of employees. Resource
capacity can also be measured in job-hours, machine-hours, sales per employee, or square feet.
Often these are compared with industry standards to assess the efficiency of the organization.
Capacity also represents a constraint to growth. Demand for product or services may
exceed capacity and managers may take a variety of steps to temporarily resolve the problem:
overtime for existing employees, additional shifts to increase the utilization of equipment,
contracting to outside entities, even competitors. For example, a software company may
outsource code writing, which is standard fare - almost a routine activity, in order to increase its
design capacity.

3
2.6 E-Business Models
An e-business model is simply the approach a company takes to become a profitable
business on the Internet. There are many buzzwords that define aspects of electronic business,
and there are subgroups as well, such as content providers, auction sites and pure-play Internet
retailers in the business-to-consumer space.
E-Commerce or Electronics Commerce business models can generally be categorized
into the following types.
Business - to - Business (B2B)
Business - to - Consumer (B2C)
Consumer - to - Consumer (C2C)
Consumer - to - Business (C2B)
Business - to - Government (B2G)
Government - to - Business (G2B)
Government - to - Citizen (G2C)
2.6.1 Business - to - Business (B2B)
A type of commerce transaction that exists between businesses, such as those involving a
manufacturer and wholesaler, or a wholesaler and a retailer is known as Business-to-Business
(B2B). It refers to business that is conducted between companies, rather than between a company
and individual consumers. This is in contrast to business to consumer (B2C) and business to
government (B2G). Website following B2B business model sells its product to an intermediate
buyer who then sells the product to the final customer. For example, a wholesaler places an order
from a company's website and after receiving the consignment, sells the end product to final
customer who comes to buy the product at wholesaler's retail outlet.
B2B implies that seller as well as buyer is business entity. B2B covers large number of
applications which enables business to form relationships with their distributors, resellers,
suppliers etc.
IBM, Hewlett Packard (HP), CISCO, Dell are the examples of B2B. Chemconnect.com
and chemdex.com are the examples of B2B that brings two firms together on the virtual market.
Following are the leading items in B2B e-Commerce.
 Electronics
 Shipping and Warehousing

3
 Motor Vehicles
 Petrochemicals
 Paper
 Office products
 Food
 Agriculture
B2B applications can be witnessed in the following areas:
 Supplier management
 Inventory management
 Distribution management
 Channel management
 Payment management
Diagrammatic Representation of B2B Model

Models in B2B:
The B2B model can be supplier centric, buyer centric or intermediary centric models
Supplier Centric Model
In this model, a supplier sets up the electronic commerce market place. Various customers interact
with the supplier at its electronic market place. The supplier is generally a dominant supplier. He
may

3
provide customized solutions and pricing to fit the needs of buyers. Intel and Cisco have been adopting
the supplier centric Model.
Buyer centric Model
In this model, big business organisations with high volume purchase capacity create an electronic
commerce market place. The online electronic commerce marketplace is used by the buyer for
placing requests for quotations and carrying out the entire purchase process. The US government and the
General Electric Trading Process Network are examples of buyer-centric model.
Intermediary – centric model
In this model, a third party sets up the electronic commerce market place. The third party attracts
both buyer and seller to interact with each other at its market place. The buyer places their request
interacts with each other and reaches a final decision in purchase or sale of goods.
Advantages of B2B
Selling products to businesses using an online channel is much more complex than
selling to private customers. In addition to the way that you approach the customer, which is
different than in the B2C sector, there is a whole range of other differences that are essential to
understand and that can be advantageous. The following are the advantages of B2B model.
1. Instant purchases: Online business allows for instant purchases. Now, companies can do
almost everything over the internet. They can get in contact with the company they are seeking
to transact with, make a first time transaction, and then set up a system for future transactions.
This allows for frequent purchases. Under frequent purchases, prices usually drop. Therefore,
there is saving in time and money.
2. Increased revenue: 24/7 online ordering will increase companies’ revenue. Many different
time zones exist in the world and potential clients might not have the same business hours as
you. By allowing for companies to make transactions all the time, the time zone becomes
irrelevant. For example: If it is 10 am in your clients’ time zone and 2 am in your time zone, your
client can still make purchases. By offering products at all hours of the day, revenue will increase
for the company.
3. Expands company’s presence: If your company has joined the online community, than it is
expanding its presence and increasing its brand awareness. Nowadays, you can find just about
anything over the internet. Why not allow for people to find your company too?

3
4. Closer business relationships: Doing business with other companies online will create closer
business relationships. This will result in more transactions. This frequent buying builds a
stronger relationship. Although this does not require face to face interaction, it does allow for
businesses to get more familiar with each other.
The Disadvantages of a B2B
Companies that embrace a B2B, model, stand to capture significant profit through the
sales of high-cost products or sheer bulk orders. B2B practices diverge in several and significant
ways from standard business-to-consumer practices. Although some differences entail simple
changes in perspective, others create disadvantages for companies seeking to sell to other
businesses.
1. Limited Market
Businesses selling to other businesses face a much smaller buying group than businesses
selling to consumers. The total number of prospective buyers may be in thousands, rather than
the potential millions of customers for consumer products. These limited numbers make every
lead and every existing customer more valuable and the loss of a single, large customer can
devastate the bottom line. For example, if you supply parts to businesses in mature markets,
where only a handful of competitors normally operate, your business might not survive if one of
your buyers closes shop.
2. Long Purchase Decision Time
The majority of consumer purchase decisions involve one or perhaps two decision
makers and the total time for a purchase decision tends to run on the short side. The B2B sales
cycle involves a complicated set of factors, involving multiple stakeholders and decision-makers,
with total decision times that can stretch out for months. B2B sellers cannot depend on a fast
turnaround with new clients for an influx of working capital and must maintain the financial
solvency to operate with long gaps between sales.
3. Inverted Power Structure
In B2B, buyers wield more power than sellers. A B2B buyer can, also within limits,
demand certain customizations, impose exacting specifications and drive a hard line with pricing
because the seller depends much more heavily on retaining its customers. This requires B2B
sellers to retain a level of flexibility in both product development and production.

3
4. Sales Process
The typical sale process in B2B demands considerable face time, often multiple meetings,
and gets driven by quantifiable factors, rather than the qualitative and emotional factors. The
sales process often depends on the salesperson’s ability to demonstrate what the product does or
allows modifications that solve the very specific problem the buyer faces, and can deliver a solid
return on investment.
2.6.2 Business - to - Consumer (B2C)
As the name suggests, it is the model involving business and consumers over the
internet. B2C means selling directly to the end consumer or selling to an individual rather than a
company. Website following B2C business model sells its product directly to a customer. A
customer can view products shown on the website of business organization. The customer can
choose a product and order the same. Website will send a notification to the business
organization via email and organization will dispatch the product/goods to the customer. B2C is
also known as internet retailing or E-trailing.
 The B2C model includes electronic shopping, information searching (e.g. railway
timetables) but also interactive games delivered over the Internet.
 Popular items sold using B2C model are airline tickets, books, computers, videotapes,
music CDs, toys, music, health and beauty products, jewellery etc..
Following are the key features of a B2C Model
 Heavy advertising required to attract large number of customers.
 High investment in terms of hardware/software.
 Support or good customer care service
Consumer Shopping Procedure
Following are the steps used in B2C e-commerce −
A consumer
 Determines the requirement.
 Searches available items on the website meeting the requirement.
 Compares similar items for price, delivery date or any other terms.
 Gives the order.
 Pays the bill.
 Receives the delivered item and review/inspect them.

4
 Consults the vendor to get after service support or returns the product if not satisfied with
the delivered product.

Diagrammatic representation of B2C Model

Advantages of E-Commerce for B2C Businesses


Benefits of B2C e-commerce can be considered either from the viewpoint of the
consumer or from that of the business.
From the consumer side, benefits include:
1. Access to goods and services from home or other remote locations.
2. The possibility of lower cost of goods and services.
3. Access to a greater variety of goods and services on offer.
4. Consumers can shop at any time of day, from the privacy of their own home. The internet has
been called “the mall that never sleeps.”
5. So many choices – Consumers can shop for basically any item they can think of! Airline
tickets, groceries, clothing, and even medicine!
6. Hassle free – Consumers can shop online without dealing with annoying sales people, fighting
the congestion of shopping malls, and driving 10 different places to find one thing.

4
From the business side, benefits include:
1. Lower transaction costs associated with sales.
2. Access to global markets and hence to more potential customers.
3. Can reach worldwide market with unlimited volume of customers.
4. Can display information, pictures, and prices of products or services without spending a
fortune on colourful advertisements.
5. In some cases, makes order processing an easier task than before.
6. Can operate on decreased, little, or even no overhead
Disadvantage of E-Commerce for B2C Businesses
1. The competition is so fast for the web. There can literally be thousands of places a customer
can go and purchase the same product.
2. Technology problem can cause problems to operate the site properly, resulting in losing
customers and sales.
3. Catalogue Inflexibility: The catalogue needs to regenerate every time when there is some new
information or items to add in.
4. Limited Market Place: Normally, customer will be from locally and limited to certain area.
5. High Sales Cycle: Usually, a lot of phone calls and mailings are needed.
6. Required Higher Cost of Doing Business: Cost regarding inventory, employees, purchasing
costs, and order-processing costs associated with faxing, phone calls, and data entry, and even
physical stores increase transaction costs.
7. Inefficient Business Administration: Store inventory levels, shipping and receiving logs, and
other business administration tasks might need to be categorized and updated manually in and
done only when have time. This cause the information might not the latest or updated.
8. Need to employ number of staff: Need staffs that give customer service and sales support
service.
Disadvantages for the consumer
1. Security issue: probably the number one reason why people don’t purchase online. Credit card
information is very sensitive and must be handled by someone the customer can trust. Scams,
frauds and rip-off are not uncommon on the web.
2. Customer services: consumer are not always satisfied with their purchases and when buying
online.

4
2.6.3 Consumer - to - Consumer (C2C)
Customer to Customer (C2C), sometimes known as Consumer to Consumer, E-
Commerce involves electronically-facilitated transactions between individuals, often through a
third party. One common example is online auctions, such as Ebay, where an individual can list
an item for sale and other individuals can bid to purchase it. Auction sites normally charge
commission to the sellers using them. They act purely as intermediaries who match buyers with
sellers and they have little control over the quality of the products being offered, although they
do try to prevent the sale of illegal goods, such as pirate CDs or DVDs.
Website following C2C business model helps consumer to sell their assets like residential
property, cars, motorcycles etc. or rent a room by publishing their information on the website.
Website may or may not charge the consumer for its services. Another consumer may opt to buy
the product of the first customer by viewing the post/advertisement on the website.
Another popular area for customer to customer transactions is online classified
advertising sites, such as Craigslist and Gumtree. Major online retailers like Amazon also allow
individuals to sell products via their sites.

C2C is expected to increase in the future because it minimises the costs of using third parties.
However, it does suffer from some problems, such as lack of quality control or payment
guarantees and there can sometimes be difficulties in making credit-card payments.

4
 The same customer can act as both buyer as well as seller
 The online market place will allow buyer to browse products by using different criteria
such as; best seller, most popular product, from your city and many more
 Different sellers can bid on the products with list item listed by the buyer, what they are
looking for so that the buyer can get different best prices and offers from sellers
 The social media linking functionalities include, community or forum discussion and
blog and other social media website link interface.
 The back end interface includes features for administration to manage buyer and seller
accounts, payment settings, gallery setting, etc.
Advantages of C2C E-Commerce

 It is always available so that consumers can have access to whenever they feel like
shopping
 There is regular updating of the website
 Consumers selling products to other consumers benefit from the higher profitability that
result from selling directly to one another
 There is a low transaction cost; sellers can post their goods over the internet at a cheaper
rate far better than higher price of renting a space in a store
 Customer can directly contact sellers and do without an intermediary.
Disadvantages of C2C E-Commerce

 Payment made has no guarantee


 There could be theft as scammers might try to create their website with names of some
famous C2C websites such as eBay to attract customers.
 There is lack of controlling quality of the products.
C2C e-commerce websites must update their technologies to suit the current happenings
in their business. It is every body’s wish to buy or sell without any threat to their security. C2C e-
commerce websites to upgrade their security measures to arrest the situation of scammers and
fraudsters that pose threat to the security of consumers and sellers. C2C e-commerce websites
should increase their payment technology to allow consumers to purchase products at ease.

4
2.6.4 Consumer - to - Business (C2B)
Customer to Business (C2B), sometimes known as Consumer to Business, is the most
recent E-Commerce business model. In this model, individual customers offer to sell products
and services to companies who are prepared to purchase them. This business model is the
opposite of the traditional B2C model.
C2B (Customer to Business) is a model where initiative comes from the customers
(consumers) and enterprises are the target group. The customers actively contact the enterprises
via the Internet and raise questions, suggestions and ideas that can be used, for example
for product or service innovation. The enterprises can facilitate the C2B model by setting, for
example discussions forums on their websites or their pages on social networks. In these cases,
the Word Of Mouth Marketing applies.
In this model, a consumer approaches website showing multiple business organizations
for a particular service. Consumer places an estimate of amount he/she wants to spend for a
particular service. For example, comparison of interest rates of personal loan/ car loan provided
by various banks via website. Business organization that fulfils the consumer's requirement
within specified budget approaches the customer and provides its services.
Elance was one of the first web sites to offer this type of transactions. It allows sellers to
advertise their skills and prospective buyers to advertise projects. Similar sites such as People per
hour and Guru work on the same basis.
General features of C2B
– Direct action.
– Collaborative consumption.
– Detailed segmentation.
– Interaction.
– Reciprocity.
– Bi-directionality.

4
The advent of the C2B scheme is due to major changes:

 Connecting a large group of people to a bidirectional network has made this sort of
commercial relationship possible. The large traditional media outlets are one direction
relationship whereas the internet is bidirectional one.
 Decreased cost of technology : Individuals now have access to technologies that were
once only available to large companies ( digital printing and acquisition technology,
high performance computer, powerful software)

There are only a few kinds of companies whose trading models could be considered as C2B.

Online Advertising sites like Google Adsense, affiliation platforms like Commission
Junction and affiliation programs like Amazon are the best examples of C2B schemes.
Individuals can display advertising banners, contextual text ads or any other promotional items
on their personal websites. Individuals are directly commissioned to provide an
advertising/selling service to companies.

The new C2B business model is a revolution because it introduces a new collaborative
trading scheme paving the way for new applications and new socio-economical behaviours
Advantages and Disadvantages of C2B
C2B Advantages
1. Could be described in terms of paths, nodes, properties
2. Could be graphic, examples could be generated.
3. One single place for all Magnolia configurable elements.
4. Could still be linked to java doc

4
2.6.5 Brokerage Model
Brokers are market-makers: They bring buyers and sellers together and facilitate
transactions. The Brokerage Model in e-commerce resembles the offline brokerage model where
the broker acts as a third party connecting sellers and buyers to a transaction and charges fees for
their services. The advantage of e-commerce affords brokers the ability to connect buyers and
sellers globally in contrast to the offline world where a broker may be restricted to a certain
region within their local market.
For example, in the offline world, a mortgage broker who connects people looking to
purchase a house with financial institutions who sell Mortgages, may be restricted to their local
area, hence creating a finite group of potential buyers.
In contrast, as a result of the Internets inherent globalisation an e-commerce mortgage
broker has the potential to reach people located outside their local area, in other states and other
countries, drastically increasing the number of potential buyers, their ability to connect more
buyers with sellers, and thus make better profits. It is well documented that eBay is one of the
most successful Auction Brokers in e-commerce.
eBay, like most companies on the Web, employ a number of business models in order to
make money. While the dominant model they leverage is the Brokerage model, eBay also utilise
the affiliate, advertising and community business models to sustain their presence in e-
commerce.
Brokers play a frequent role in business-to-business (B2B), business-to-consumer (B2C),
or consumer-to-consumer (C2C) markets. Usually a broker charges a fee or commission for each
transaction it enables. The formula for fees can vary. Brokerage models include:
Marketplace Exchange -- provides a full range of services covering the transaction process,
from market assessment to negotiation and fulfilment, for a particular industry. The exchange
can operate independently of the industry, or it can be backed by an industry consortium. The
broker typically charges the seller a transaction fee based on the value of the sale. There also
may be membership fees.
Business Trading Community -- or vertical web community, is a comprehensive source of
information and interaction for a particular vertical market. A community may contain product
information, daily industry news and articles, job listings and classifieds.

4
Buy/Sell Fulfilment -- customer specifies buy or sell orders for a product or service, including
price, delivery, etc. The broker charges the buyer and/or seller a transaction fee.
Demand Collection System -- the patented "name-your-price" model pioneered by Priceline.
Prospective buyer makes a final (binding) bid for a specified good or service, and the broker
arranges fulfilment.
Auction Broker -- conducts auctions for sellers (individuals or merchants). Broker charges the
seller a listing fee and commission scaled with the value of the transaction. Auctions vary in
terms of the offering and bidding rules. Reverse auctions are a common variant.
Transaction Broker -- provides a third-party payment mechanism for buyers and sellers to
settle a transaction. [fsbohouse.com]
Bounty Broker -- offers a reward for finding a person, thing, idea, or other desired, but hard to
find item. The broker may list items for a flat fee and a percent of the reward for items that are
found.
Distributor -- is a catalogue operation that connects a large number of product manufacturers
with volume and retail buyers. Broker facilitates business transactions between franchised
distributors and their trading partners.
Search Agent -- is an agent (i.e., a software agent or "robot") used to search-out the price and
availability for a good or service specified by the buyer, or to locate hard to find information?
Virtual Mall -- hosts online merchants. The Mall typically charges setup, monthly listing, and/or
per transaction fees. More sophisticated malls provide automated transaction services and
relationship marketing opportunities
2.6.6 Value chain Model
A value chain for a product is the chain of actions that are performed by the business to
add value in creating and delivering the product. Activities which comprise of the value chain are
undertaken by companies to produce and sell product and services. All companies undertake
series of activities in order to deliver a product to the customers. These series of activities
understand customer needs, designing products, procuring materials, production, storage of
products, distribution of products, after sale services of products and customer care.
The function of value chain activities is to add value to product at every stage before it is
delivered to the customers. There are two components, which make value chain - primary
activities and secondary activities. The primary activities are directly associated with the

4
manufacturing of products like supply management, plant operations, etc. The secondary
activities are referred to as support functions such as finance, HR, information technology, etc.
G. Winfield Treese and Lawrence C. Stewart suggest four general value-chain areas:
 Attract -- in which you get and keep customer interest, and includes advertising and
marketing
 Interact -- in which you turn interest into orders, and includes sales and catalogues
 Act -- in which you manage orders, and includes order capture, payment, and fulfilment
 React -- in which you service customers, and includes technical support, customer service,
and order tracking.
In the era of advanced information and communication technology, many businesses
have started operations on the internet as its medium. Through the internet, many commercial
activities like buying, selling, auctioning is taking place. This online commercial activity is
known as e-commerce. E-commerce value chain has series of activities like electronic fund
transfer, internet marketing, distribution channel, supply chain etc.
2.6.7 Advertising Model
The web-advertising model is an extension of the traditional media broadcast model. The
broadcaster is a web site, provides content and services like e-mail, chat, forums mixed with
advertising messages in the form of banner ads. The banner ads may be the major or sole source
of revenue for the broadcaster. The broadcaster may be a content creator or a distributor of
content created elsewhere. The advertising model only works when the volume of viewer traffic
is large or highly specialized.
Other E-Business Models
2.6.8 Business-to-Government (B-to-G):
Business-to-government (B2G) e-commerce is concerned with the need for business to
sell goods or services to governments or government agencies. Such activities include supplying
the army, police force, hospitals and schools with products and services. Furthermore, businesses
will often compete in an online environment for contracts to provide services to the public on
behalf of the government. Such services may include the collection of taxes, and the supply of
public services. The exchange of information, services and products between business
organizations and government agencies on-line. This may include,

4
 E-procurement services, in which businesses learn about the purchasing needs of
agencies and provide services.
 A virtual workplace in which a business and a government agency could coordinate
the work on a contracted project by collaborating on-line to coordinate on-line
meetings, review plans and manage progress.
 Rental of on-line applications and databases designed especially for use by
government agencies.

2.6.9 Business-to-Peer Networks (B-to-P):


This would be the provision of hardware, software or other services to the peer networks.
An example here would be Napster who provided the software and facilities to enable peer
networking.
2.6.10 Consumer-to-Government (C-to-G):
Examples where consumers provide services to government have yet to be implemented.
See Government-to-Business.
2.6.11 Consumer-to-Peer Networks (C-to-P):
This is exactly part of what peer-to-peer networking is and so is a slightly redundant
distinction since consumers offer their computing facilities once they are on the peer network.
2.6.12 Government-to-Business (G-to-B):
Also known as e-government, the exchange of information, services and products
between government agencies and business organizations. Government sites now enable the
exchange between government and business of:
 Information, guidance and advice for business on international trading, sources of
funding and support (ukishelp), facilities (e.g. www.dti. org.uk).
 A database of laws, regulations and government policy for industry sectors.
 On-line application and submission of official forms (such as value added tax).
 On-line payment facilities.
This improves accuracy, increases speed and reduces costs, so businesses are given
financial incentives to use electronic-form submission and payment facilities.

5
2.6.13 Government-to-Consumer (G-to-C):
It is also known as e-government. Government sites offering information, forms and
facilities to conduct transactions for individuals, including paying bills and submitting official
forms on-line such as tax returns.
2.6.14 Government-to-Government (G-to-G):
It is also known as e-government. Government-to-government transactions within
countries linking local governments together and also international governments, especially
within the European Union, which is in the early stages of developing coordinated strategies to
link up different national systems.

2.6.15 Peer–to-Peer Network (P-to-P):


This is the communications model in which each party has the same capabilities and
either party can initiate a communication session. In recent usage, peer-to-peer has come to
describe applications in which users can use the Internet to exchange files with each other
directly or through a mediating server.
2.6.16 Peer Network-to-Consumer (P-to-C):
This is in effect peer-to-peer networking, offering services to consumers who are an
integral part of the peer network.
2.6.17 Peer Network-to-Business (P-to-B)
Peer-to-peer networking provides resources to business. For example, using peer network
resources such as the spare processing capacity of individual machines on the network to solve
mathematical problems or intensive and repetitive DNA analyses which requires very high
capacity processing power.
M-commerce:
Mobile commerce is the buying and selling of goods and services through wireless
technology-i.e., handheld devices such as cellular telephones and personal digital assistants
(PDAs). Japan is seen as a global leader in m-commerce. As content delivery over wireless
devices becomes faster, more secure, and scalable, some believe that m-commerce will surpass
wire line e-commerce as the method of choice for digital commerce transactions.
Industries affected by m-commerce include:
● Financial services, including mobile banking as well as brokerage services.

5
● Telecommunications, in which service changes, bill payment and account
reviews can all be conducted from the same handheld device;
● Service/retail, as consumers are given the ability to place and pay for orders
on-the-fly; and
● Information services, which include the delivery of entertainment, financial
news, sports figures and traffic updates to a single mobile device.
This framework can be used by organizations to segment their customers and distinguish
the different needs, requirements, business processes, products and services that are needed for
each.

2.7 Summary
An electronic business model is an important baseline for the development of e-
commerce system applications. Essentially, it provides the design rationale for e-commerce
systems from the business point of view. However, how an e-business model must be defined
and specified is a largely open issue. We therefore present what should be in an e-business
model. There is little doubt that the Internet has introduced new and innovative business models
to both the B2B and B2C markets. It has shortened the value chain and put increasing pressure
on all players, but especially intermediaries, to add value or risk extinction.
2.8 Key Terms
1. Portal is a doorway, entrance, or gate, especially one that is large and imposing
2. Portal space is used to mean the total number of major sites competing to be one of
the portals
3. Business model is the method of doing business by which a company can sustain
itself -- that is, generate revenue
4. E-Business model is simply the approach a company takes to become a profitable
business on the Internet
5. B2B: A type of commerce transaction that exists between businesses
6. B2C: It is the model involving business and consumers over the internet
7. C2C: E-Commerce involves electronically-facilitated transactions between
individuals, often through a third party

5
8. C2B: In this model, individual customers offer to sell products and services to
companies who are prepared to purchase them.
9. P-to-C: This is in effect peer-to-peer networking, offering services to consumers who
are an integral part of the peer network.
10. Mobile commerce: Buying and selling of goods and services through wireless
technology-i.e., handheld devices such as cellular telephones and personal digital
assistants (PDAs).
11. A virtual workplace: in which a business and a government agency could coordinate
the work on a contracted project by collaborating on-line to coordinate on-line
meetings, review plans and manage progress.
12. Virtual Mall -- hosts online merchants. The Mall typically charges setup, monthly
listing, and/or per transaction fees. More sophisticated malls provide automated
transaction services and relationship marketing opportunities
2.9 Self Assessment Questions
1. What is Portal?
2. What is meant by Portal Space?
3. Give an account of various types of Portal
4. Trace out the birth of portals
5. What is meant by Business Model?
6. State the features of business model
7. Define E-Business Model
8. List out different types of E-Business Models
9. Explain various types of E-Business Models
10. State the advantages and disadvantages of B2B model.
11. Write a note on brokerage model
12. What is market place exchange?
13. Who is an auction broker?
14. Who is a transaction broker?
15. Write a note on B2G model

5
UNIT – III
E-Marketing
Learning Objectives
After reading this unit, you will be able to
 Understand the concepts of E-Marketing
 Differentiate Traditional Marketing and E-marketing
 Analyse the impact of E-Commerce on markets
 Know about internet marketing trends and strategies
Contents
3.1 Introduction
3.2 Definition of E-Marketing
3.3 Objectives of E-Marketing
3.4 Importance of E-Marketing
3.5 Disadvantages of E-Marketing
3.6 E-Marketing Mix
3.7 Traditional Marketing Vs. E-Marketing
3.8 Impact of E-Commerce on Markets
3.9 Marketing issues in E-Marketing
3.10 E-Advertising
3.11 Internet Marketing Trends
3.12 E-Branding
3.13 Marketing Strategies
3.14 Summary
3.15 Key Terms
3.16 Self Evaluation Questions
3.1 Introduction
The development of E-Marketing has been one of the most important and influential
trends in the field of business, marketing and information technology. It has revolutionized the
manner in which certain businesses market their products and the manner in which businesses
and consumers interact in the future. It can include information management, public relations,

5
customer service and sales. It is also known as Internet marketing. It is a component of electronic
commerce.
This unit will highlight the importance of E-Marketing; examine how it helps businesses
to reach their customers, some of the most important advantages and disadvantages, challenges
and opportunities of E-Marketing.
3.2 E-Marketing Definition:
E-Marketing is the process of considering marketing activities and achieving marketing
objectives through electronic medium. It may be defined as an economic process that involves
the use of computer, internet and other electronic systems and network, whereby the goods or
services are exchanged and their values in terms of price are determined.
CISCO specialists define E-Marketing as the sum of all activities a business conducts
through the internet with the purpose of, attracting, winning and retaining customers.
E-Marketing involves the use of online networks, computer communication and digital
interactive media to the marketing objectives of the organization. It enhances the functions of
traditional form of marketing. Business organizations adopt marketing tactics like e-mail, banner
ads, referrals, and video ads to attract and retain customers. For example, naukri.com helps job
aspirants to get a suitable placement at an economic cost.
E-marketing means using digital technologies to help sell goods or services. These
technologies are a valuable complement to traditional marketing methods. Though businesses
will continue to make use of traditional marketing methods, such as advertising, direct mail and
PR, E-Marketing adds a whole new element to the marketing mix. Many businesses are
producing great results with E-Marketing. Its flexible and cost-effective nature makes it suitable
for small firms too.

3.3 Objectives of E-Marketing


Different businesses may develop different E-Marketing objectives depending on their
individual circumstances. A useful framework for developing effective E-Marketing objectives is
the five S’s framework, which includes:
1. Sell – using the internet to sell products and services
2. Serve – using the internet to serve customers
3. Speak – using the internet to communicate with customers

5
4. Save – using the internet to save/ reduce cost
5. Sizzle – using the internet to build brand identity
When setting E-Marketing objectives, make sure that they are:
Specific – specify what is to be achieved
Measureable – expressed in measurable terms such as key performance indicators, outcomes,
numbers, percentage, dollars, etc.
Action-oriented – state which actions need to be taken and who will take them. Realistic –
achievable with the resources available
Time Bound – establish specified time frames.
Examples of some typical e-marketing objectives could be:
 To achieve 20% online sales within the first year of launching online marketing
campaigns
 To increase online sales for all products by 15% in 2016
 To grow email coverage to 50% of the current customer base by the end of next year
 To reduce the annual cost of direct marketing by 20% through E-Marketing
3.4 Importance of E-Marketing
E-Marketing gives access to the mass market at an affordable price and unlike TV or
print advertising, it allows truly personalized marketing.
Specific benefits of E-Marketing include:
Global reach – A website can reach anyone in the world who has internet access. This helps to
find new markets and compete globally with a small investment.
Lower cost – A properly planned and effectively targeted campaign can reach the right
customers at a much lower cost than traditional marketing methods.
Measurable results – marketing by email or banner advertising makes it easier to establish
effective campaign. Detailed information about customers’ responses to advertising can be
obtained.
Round the Clock – With a website, customers can find out about products even if office is
closed.
Personalization – If the customer database is linked to the website, then whenever someone
visits the site, you can greet them with targeted offers. The more they buy, the more you can
refine your customer profile and market effectively.

5
One-to-one marketing – E-Marketing helps to reach people who want to know about your
products and services instantly. For example, many people take mobile phones and PDAs
wherever they go. Combine this with the personalized aspect of E-Marketing, very powerful and
targeted campaigns can be created.
Better conversion rate – If there is a website, then ever your customers are only a few clicks
away from completing a purchase. Unlike other media which require people to get up and make
a phone call, post a letter or go to a shop, E-Marketing is seamless. With all these aspects E-
Marketing has the potential to add more sales.
Instant information – One of the most important advantages is the speedy availability of the
information. The clients/users can easily get information by navigating the internet, about the
products that they want to purchase; besides, they can check the information at anytime.
Savings – It allows the companies to save money, since the online marketing campaigns don’t
require a large amount of investment.
Scope for expansion – It helps the expansion of the operations from a local market to national
and international markets at the same time, offering almost infinite expanding possibilities.
Feedback – On the internet everything can be measured, thus it’s easier for the companies to
know if their campaign is working or not, which user is interested in their products, from which
place, etc.
3. 5 Disadvantages of E-Marketing
1. Complex websites – Slow internet connections can cause difficulties. If the companies build
too complex or too large websites, it will take too long for users to check or download them and
they will get bored eventually.
2. Purchase without inspection – The e-commerce doesn’t allow the user “to touch” the
merchandise before purchasing it. Because of this, some salesmen are starting to guarantee the
possibility of returning the product.
3. Payment method – Many users still do not trust in the electronic methods of paying and
because of this give up buying online.
4. Lack of confidence – One of the major disadvantages may be the lack of trust of the users
because of the constant virtual promotions that appear to be frauds. This is an aspect that
deteriorates the image and reputation of honest companies.

5
5. Cash on Delivery (CoD) – Cash on delivery system is another disadvantage. It doesn’t
guarantee the 100% purchase of the product.
3.6 The e-Marketing Mix

The marketing mix can be synthesized in the expression of “the 4 P’s”, standing for Product,
Price, Place and Promotion.

3.6.1 Product

Product – the first element of the marketing mix – includes investigation and research on the
potential customers’ needs in order to be able to develop products to satisfy these needs.

A classic definition of the “product” notion is that of Philip Kotler: a product is anything that
can be offered on the marketplace, with the purpose of capturing interest, buying, usage or
consumption, as long as it can satisfy a need or fulfil a wish. A product can be a physical
object, service, person, place, organization or idea. The e-marketing works in many cases with
non-physical products, and is situated more on the intangible, virtual side. As in classic
marketing, the e-marketing product is developed and analyzed after the 3-level model
introduced by Kotler.

The 3 levels of a product (Kotler)

The core product answers the question “What do consumers buy?” and consists in the services
or main advantages sought by consumers.

The actual product is built around the core product and it may have one, several, or all of the
following 5: quality, characteristics, style, brand name, packaging. The strategies at this level
should ensure that the product offers a differential advantage from the competitors’ products.

The augmented product: comes as the final and most sensitive layer of the total product. It
complements the product with additional services and advantages such as after sales service,
warranty, and delivery terms. In a highly competitive market, it’s the augmented product that
makes the difference and is pushing the buying decision.

Online options for the core product

In 1998, Ghosh proposed to evolve the product offerings using the Internet. He introduced the
notion of ‘digital value’ to customers and suggested companies to ask themselves the following
questions:

5
1. Can I offer additional information or transaction services to my existing customer base?
2. Can I address the needs of new customer segments by repackaging my current information
assets or by creating new business propositions using the Internet?
3. Can I use my ability to attract customers to generate new sources of revenue such as
advertising or sales of complementary products
4. Will my current business be significantly harmed by other companies providing some of
the value I currently offer?

Another concept related to the product issues in e-marketing is that of the ‘prosumer’. It was
introduced in 1980 by famous futurist Alvin Toffler in his book entitled “The Third Wave”.
Toffler sees a future that would mix production with consumption. He imagined a world where
interconnected users would collaboratively "create" products. The “prosumer” idea was further
developed and has been given alternative meanings, with great application in e-marketing.
Logophilia WordSpy defines “prosumer” as:

1. A consumer who is an amateur in a particular field, but who is knowledgeable enough to


require equipment that has some professional features ("professional" + "consumer").
2. A person who helps to design or customize the products they purchase ("producer" +
"consumer").
3. A person who creates goods for their own use and also possibly to sell ("producing" +
"consumer").
4. A person who takes steps to correct difficulties with consumer companies or markets and
to anticipate future problems ("proactive" + "consumer").

The inner nature of a product can even be fundamentally altered. Rayport and Sviokla (1994)
describe transactions where the actual product has been replaced by information about the
product. In the same manner, the scope of the product offer may be changed online. For
example, Tesco.com offers computers through its online presence, although it is impractical to
sell such a range of products inshore.

Online options for the augmented product

The most important feature one can add to a product marketed online, is the interactivity and the
possibility to provide extended product information. A known example is the printer
manufacturer Epson, who let purchasers select the best printer for them by choosing options

5
such as print quality and speed which then automatically reduces the number of available
printer options.

Other aspects of the augmented product that can be greatly addressed online: add-on services
such as gift wrapping; product or brand endorsement such as Pepsi offering video interviews
with David Beckham through their e-newsletter and web site; awards, testimonials; customer
lists; warranties; guarantees; money back offers; customer service.

When acting on an online market, we have great opportunities to get closer to the customer. A
simple way of doing so is the “Feedback” section of any efficient website. Such feedback can
provide detailed and accurate information upon the customers, such as demographics, spending
habits, purchase intentions in the following period and so on.

3.6.2 Price

Price is an extremely important element of the marketing mix, because it is the only one able to
generate a turnover for the organization. When looking more deeply into the interactions
between the 4 P’s of the marketing mix, one observes that Price is a supportive element for the
remaining 3 P’s, because it costs to produce and design a Product, it costs to distribute
it (Place) and definitely it costs to Promote it.

There is no single, consolidated view of how the use of internet interferes in pricing issues. We
have to present two extreme viewpoints, discussed by Baker in 2001.

The first view is the inevitability of having decreased prices for products sold over the internet.
Because the capabilities offered by the internet significantly increase the customer knowledge:
consumers have tools such as price comparison sites, at both individual and organizational
level.

The second view is that although price transparency is a great theory, the actual practice of the
consumers is quite different. Baker’s researches indicated that many online purchasers do not
perform much research before buying. For example, it is estimated that 89% purchase books
from first site and only 10% of online shoppers are aggressive bargain hunters. Another issue is
made of barriers to prevent organizational buyers to use online marketplaces. Another
impediment is the preference for a human face, especially when developing long-term
relationships with a supplier.

6
Now let us review what options a marketer has, to set online pricing policies. The identified and
most used options nowadays are:

 Differential pricing;
 Reverse B2B auctions;
 Pricing structure.

Differential pricing is basically means that a company that goes online would offer lower prices
when selling online compared to the prices offered offline. A classic example is that of airway
companies: almost all offer lower prices when you buy online than you can get from the
company’s offline offices.

There are three factors to assist in online pricing:

 precision: we must remember that any product has an indifference band, when
varying price has almost no effect on sales. In the traditional approach, researches to
determine these bands are very expensive, but the internet survey costs are much
more affordable;
 adaptability: implies a quick response to the demands of the marketplace. With the
internet-based technologies, it is often possible to alter prices according to the
dynamic of the demand, thus adjusting prices to maximize profitability.
 segmentation: implies different prices for different groups of customers, usually by
offering price facilities only in the cases when it is necessary to close the sale.

Reverse B2B auctions: are still a troubled practice even though it is widely used by some
business sectors like chemicals, engineering. It is difficult to predict the evolution of reverse
auctions since the buyers’ behaviour is still confusing: half of them do not chose the lowest
bidder, while over 80% prefer to stay with the current supplier.

Pricing structure: the internet technologies made possible to alter the traditional pricing
structure and adapt it to the new market realities. Altering pricing structure is particularly suited
for digital, downloadable products such as mp3’s, software, e-books. While in the traditional
commerce you would pay just once, for continuous use, in the online world you’re offered more
possibilities such as renting, pay-per-use, leasing.

6
Further pricing options that could be varied online include Basic Price, Discounts, Add-On’s
and extra products and services, Warranties, Refunds, Order Cancellation terms.

3.6.3 Place

Traditionally, the place element refers to how an organization will chose to distribute the
product / service they are offering to the end user to achieve the overall marketing objectives
efficiently.

A closer look into the marketing mix reveals that the biggest impact of the internet is upon the
place element, for the simple reason that the internet has a global reach. Identified major
implications of the internet upon the place aspect of the mix are:

Place of purchase, for which McDonald and Wilson (2002) identified five options:

Seller-controlled sites: those that are the main site of the supplier company which are e-
commerce enabled;

 Seller-oriented sites: controlled by third parties, but represent the seller rather than
providing a full range of options;
 Neutral site: independent evaluator intermediaries that enable price and product
comparison and will result in the purchase being fulfilled on the target site;
 Buyer-oriented sites: controlled by third parties on behalf of the buyer;
 Buyer-controlled sites: involve either procurement posting on buyer-company
sites or those of intermediaries that have been set up in such a way that it is the
buyer who initiates the market making.

Navigation, with three key aspects proposed by Evans and Wurster (1999):

 Reach: the potential audience of the e-commerce site. Reach can be increased by
moving from a single site to representation with a large number of different
intermediaries.
 Richness: the depth or detail of information which is both collected about the
customer and provided to the customer. This is related to the product element of
the mix.

6
 Affiliation: refers to whose interest the selling organization represents –
consumers or suppliers. This particularly applies to retailers, suggesting that
customers will favour retailers who provide them the richest information on
comparing products.

Localisation: the strategy of providing a local site, most of the times using the local language
when the culture differences are significant from one marketplace to another.

New channel structures: some new structures were born, specific for the internet-based
markets. They are:

 Disintermediation: refers to the possibility of performing direct sales. It can lead


to channel conflicts and there are a number of barriers and facilitators to such
change.
 Re-intermediation: new intermediaries who receive a commission on each sale
resulting from a referral from their site.
 Countermediation: refers to possible partnerships with another independent
intermediary, or setting up some own independent intermediary.

3.6.4 Promotion

The promotion as part of the marketing mix refers to how marketing communications are used
to inform the audience about an organization and its products. The internet offers plenty new
marketing communications channels to inform customers and assist during the purchase cycle.
Internet technologies can be deployed to find new ways to improve and sustain advertising
activities, sales promotions, public relations, or to proceed to direct marketing campaigns using
e-mail or websites.

The promotion element of a marketing plan also requires taking strategic decisions about
investment in the online communications mix. Example: “What is the balance between
investment in site promotion compared to site creation and maintenance?” The site must be
promoted just like you promote a product, in order to make it efficient and support your
business. Since there is often a fixed budget for site creation, maintenance and promotion, the e-

6
marketing plan should specify the budget for each to ensure there is a sensible balance and the
promotion of the site and e-marketing campaigns are not underfunded.

The Extended Marketing Mix

The model of the marketing mix, the 4 P’s, was introduced more than 40 years ago. As
consumers and businesses were subjects of continuous transformations and evolution, the
classical mix became not sufficient in terms of strategies for a company to distinguish itself and
achieve competitive advantage. Therefore, new service elements, has been added to complete the
marketing mix:

 People;
 Process;
 Physical evidence.

The service elements of the marketing mix are as important in the virtual world as they are in
the physical world. The extended marketing mix is also known as “the 3 P’s”, that add to the
initial 4 P’s.

3.6.5 People

The people element of the extended marketing mix refers to the how the staff of an organization
interacts with customers and other stakeholders.

The main aspect of the people element when we are active in an online market, is the degree in
which we can replace the staff with automation capabilities of the internet. There is several
ways we can do that:

 Auto responders: automatically generated response when a company e-mails an


organisation, or submits an online form.
 E-mail notification, generated by a company’ system, with the purpose of updating
customers on the status of their order.
 Call-back facility offers customers the opportunity to fill in their phone number on a
form and specify a convenient time to be contacted.

6
 Frequently Asked Questions (FAQs). For these, the art is in compiling and
categorising the questions so customers can easily find the question and a helpful
answer with a possible solution.
 On-site search engines, to help customers find what they’re looking for. Site maps are
sometimes used with the same purpose.

3.6.6 Process

The process element of the marketing mix refers to the methods and procedures companies use
to achieve all marketing functions such as new product development, promotion, sales and
customer service. The restructuring of the organization and channel structures described for the
product, price, place and promotion all require new processes to be performed.

3.6.7 Physical evidence is the element of the marketing mix that refers to the tangible
expression of a product and how it is purchased and used. In an online context, physical
evidence refers to customers’ experience of the company through the web site and associated
support. It includes issues such as site ease of use or navigation, availability and performance.

3.7 Traditional Marketing Vs. E-Marketing


3.7.1 Traditional marketing is labelled traditional, because it incorporates the original methods
of marketing and advertising through 4 basic ways; print, broadcast, direct mail and telephone.
Before our digital era arose, these were the ways in which we would receive our necessary
information and updates of products and services on offer.

6
Traditional Marketing is not too much different than sending a post card to everyone in a
city to see if they need moving services. Sure it will get some business but it is wasteful and in
the end may cost more than the revenue it generates. Generally, companies with a lot of
advertising money will enter into this arena just to maintain their market share and there is little
chance for growth.
Examples of traditional Marketing: Radio, TV, Yellow pages/Phone book, Newspapers,
Magazines, Coupon books, Direct Mail, Billboards, etc
3.7.2 E-Marketing
E-Marketing helps to broaden the reach and filter impressions. For instance, a lot more
demographics go to the internet for moving related topics than listen to a specific radio station.
Marketing is then targeted to those who have searched or shown interest in moving related
content. When money is paid for E-Marketing it is paid for the first call to action such as clicking
an ad rather than just impressions. It means that money is now more focused on people with
some level of interest in your services.
Examples of Internet Marketing: Purchased Leads, Google Adwords, SEO, Yelp, Google
Local, Facebook/Twitter, Article Marketing, Content Marketing, Email Marketing
3.7.3 Comparison of Traditional Marketing Vs. E-Markeitng
Product promotion: E-commerce enhances promotions of products and services through direct,
information-rich and interacting contact with customers.
Direct saving: The cost of delivering information to customers over the internet results in
substantial savings to senders.
Customer Service: Customer service can be greatly enhanced by enabling customers to find
detailed information online.
Brand Image: Newcomers can establish brand or corporate images very quickly through net and
at affordable cost.
Advertising: Traditional advertising is one way communication to persuade customers to buy
their products and services. In the electronic period, it is two way communication aims at
customers to browse, explore, compare, question and even customer design the product
configuration.

6
Customization: The ultimate luxury can get is in terms of custom designed products and
services. The net offers a tremendous opportunity to understand customers needs one at a time
and offer customized products and services.
Order making process: Taking orders from customers can drastically be improved if it is done
electronically, this saves time and reduces expenses and so sales people have more time to sell
their products or services.
Intermediaries: In traditional marketing middlemen are supposed to provide pace and time
utilities to the ultimate customer, but advancement of information technology is turning
intermediation in to disintermediation.
Customer Value: Traditional marketing tries to maximize the value per transactions; here
customer attraction is big target. But in electronic marketing, the marketers are trying to form
relationship with customers and they are looking for long term value maximization.
3.8 Impact of E-Commerce on Market
Marketing is one of the business functions most dramatically affected by emerging
information technologies. Companies can use the web to provide ongoing information, service
and support, create positive interaction with customers for long term relationships and encourage
repeat purchases. It allows customers to sit in their homes and purchase goods. One can shop any
kind of product or service in the mid of the night and from any part of the world.
During the agrarian economy, people engaged in the process of exchanging goods and
services used the barter system, in this system, buyers and sellers knew each other and there was
mutual dependence on each other for survival during this period.
During the industrial age the marketing term was coined to signify the need for
identification and satisfaction process. In this system manufacturers/sellers did not have a face to
face interaction with consumers, which led to problems for producers in understanding customer
needs. To avoid this problem marketers are using different tools like advertising, direct
marketing and E-commerce to exploit the gullible customers. E-Commerce expands the
marketplace to national and international markets. With minimal capital outlay, a company can
easily and quickly locate more customers, the best suppliers and the most suitable business
partners worldwide.
The following discussion would highlight various impacts of E-Commerce on market
 It provides many potential benefits to consumers and organizations. These are:

6
 It enables customers to shop round the clock a day, all year around, through any part of
the world.
 It provides customers with more choices; they can select from many vendors and from
more products.
 It allows quick delivery, especially in case of digitalized products like music and books.
 It makes it possible to participate in virtual auctions.
 It allows customers to interact with other customers in electronic communities and
exchange ideas as well as compare experiences.
 It allows customers to receive detailed and relevant information within seconds.
 It facilitates competition, which results in substantial discounts.
 It allows reduced inventories and overhead by facilitating ‘pull' type supply chain
management.
 It reduces the time between the outlay of capital and the receipt of products and services.
 It decreases the cost of creating, processing, distributing, storing and retrieving paper
based information.
 Apart from this benefit it attracts improved image and customer services.

Apart from the above, the impact of e-Commerce has already begun to appear in all areas
of business ranging from customer service to new product design. It has facilitated new types of
information based interaction with customers, Internet bookshops, on-line super market,
electronic newspapers, on-line trading on stock exchanges (e-Trading), on-line advertising (e-
Advertising), on-line taxation (e-Taxation), online ticketing (e-ticketing), online banking (e-
Banking), computerization in postal communication (e-Post) and so on. We shall take up some of
these e-Commerce services to have an idea of how it has transformed the functioning in these
sectors.
E-Banking
Imagine the days when long queues and waiting were the normal phenomena in a bank
during a particular time of the day and on particular days of a week to deposit or withdraw
money or to get a demand draft made. But, the scenario in banks now-a-days is very different.
One can withdraw and deposit money at his/her own convenience. Having an account in one

6
place in India, one can transact in any part of the country. Some of the new trends in banking
sector are as follows:
(a) Telebanking: A customer is given a password number (known as T-PIN i.e., Telephonic
personal identification number) through which he can have access to his/her account over
telephone and give instruction regarding withdrawal, issue of demand draft etc. The customer
can also access his account and give instructions by using the mobile phone. Similarly, the bank
can also keep on informing the customer regarding the various schemes, opportunities, last dates,
etc.
(b) Internet Banking: This is another way a customer can have access to his account and give
instructions. It makes the task of the customer easy as he can access his account anywhere, any
time and any number of times. The customer simply uses a password number and gets the details
of transactions sitting at home.
(c) ATM: ATM, the acronym for Automated Teller Machine, is increasingly becoming popular
in banking industry. ATM is a computerized machine used for most of the routine jobs of a bank.
It is operated by a magnetic plastic card popularly known as ATM card. By inserting the ATM
card in the machine and entering the PIN (Personal Identification Number) the customer can use
it for withdrawals and deposits of money.
The customer can also get the information about the balance available in his/her account,
get the mini-statement of last 5/10 transactions from the ATM. Earlier the customers only had
the option to access the ATM of the bank in which they had an account. But now-a-days some
banks have tied-up with other banks for use of their ATM by the customers. So customers can
use the ATM facility even of a bank they do not have an account in, but with whom their bank
has a tie-up.
(d) Debit Card: A debit card is an electronic card that can be used conveniently while making
payments. This card is issued to the customers of the bank having current or savings deposit
account. The holder of this card can use this card at several outlets for purchase of goods and
services. This card allows the holder to spend up to the balance available in his/her bank account.
It can also be used at ATMs just like ATM cards.
(e) Credit Card: Some banks issue credit cards to individuals who may or may not have an
account with them. The cards are issued to individuals after verifying their credit worthiness. The
individual can use those cards at various outlets to make payments. The issuing bank fixes a

6
credit limit up to which the cardholder can purchase goods and services. The bank issues a
statement of transactions periodically and the individuals have to pay back the amount to the
bank by a due date. Thus, the customers get a credit period ranging from 10 to 55 days which
varies from bank to bank and the nature of transactions. No interest is charged if the payment is
made within the due date. If the customers fails to pay by due date, the bank charges interest at a
high rate on the amount due. Most banks give bonus points for transactions and insurance
coverage for the products purchased through credit card as well as to the cardholders. The
cardholder can also use his/her card to withdraw cash from ATMs.
E-Ticketing
Purchasing tickets has become so easy now that you can make railway reservations sitting at
home or even while you are on the move. If you have access to Internet you can have all the
details of railway information and accordingly you can book a ticket. You have to make payment
through credit cards/debit cards for on-line booking of tickets. You can also buy air tickets
through similar methods. Recently, with private sector entry in aviation sector, the competition
has increased and bidding of air tickets through Internet has started. The highest bidder avails the
opportunity of travelling at a rate much lower than the original price. The e-Ticketing service is
also available through mobile phones.
E-Advertising
Internet advertising has revolutionized marketing strategies. Unlike the print and television
media where all advertisements are stacked together, the viewer has the choice either to view it
or ignore them. On the other hand, in the net-world the surfer will only click on the
advertisement of his/her choice. He may select advertisements of his own interest.
E-Trading
On line trading has started with the establishment of OTCEI. Now the National Stock Exchange
(NSE) and Bombay Stock Exchange (BSE) have also completely switched over to online trading
to which most stock-brokers have access through internet. It is also taking off among small
investors and traders in stock and shares. Internet makes available to them up-to-the-minute
information which, until recently, had only been available to financial institutions. The use of on-
line brokerage services automates the process of buying and selling. This allows reduction in
brokerage charges, makes trading transparent as they can access the information on market prices
on-line, and the investor is able to deal at a price viewed immediately. The transfer of ownership

7
of stocks and shares can also be recorded electronically in investor’s Demat accounts thereby
avoiding the need for physical delivery.
Computerization of Mail Transmission and Processing
As a part of modernization programme, computerization of the registration and sorting work has
been done in a large number of post offices in India. To cut down the transmission time for
sending money order across the country, money orders are now transmitted through VSAT
satellite networks which have resulted in faster delivery of money order to the customers. New
policy for Voice mail/Audio fax services was announced by incorporating a new service known
as Unified Message Service (UMS), a system by which voice message, mails, fax and e-mail can
be received from one mail box using telephone instrument, fax machines, mobile phones,
internet browsers, etc.
E-Post
E-mail is the fastest means of communication. To send and receive any information through e-
mail, we need to have a computer with Internet connectivity and the e-mail account of the sender
and receiver. However, this technology has not yet reached the rural and other remote areas of
our country. To bridge this gap and extend the benefit of the e-mail facility to the people of rural
India, the Department of Post has introduced e-Post facility. It enables people to send and receive
e-mail at the post offices. E-Post is a service under which printed or even handwritten messages
are transmitted as email on internet. At the destination post offices, these messages are printed,
enveloped and delivered through the postman like other letters. The post offices where this
facility is not available can receive the e-Post message from the customers and forward the same
to the nearest e-Post centre for dispatch. E-Post messages received for areas beyond the delivery
jurisdiction are printed and sent to concerned post office for delivery. Besides availing e-Post
services through post office it can also be accessed from a customer’s house or office or from
any other places if he has Internet access. The customer can make payment through a prepaid
card that is available in the head post office and other outlets. The customer has to register as a
user and access the service at the e-Post portal http://indiapost.nic.in.
3.9 MARKETING ISSUES ON E-MARKETING
Opportunities and threats
The use of electronic commerce by business in developed countries has grown
considerably in the past few years. In the near future, E-commerce will bring a change in not

7
only the way in which the trade is conducted, but also a change in the volume of goods traded
between countries. It is also changing manufacturing and distribution systems, product design,
and the relationship between the producer and consumer.
The changes to the current trading volume could have a negative effect on some
international environmental objectives such as sustainable development. There is also a potential
for developing countries to be further exploited by developed countries as e-commerce matures.
Besides, there are questions as to whether the internet will increase the "digital divide" between
the "haves and have-nots."
While e-commerce may have negative impacts on some aspects of international trade and
the environment, there are some "green" companies who are looking at e-commerce as a way to
positively impact trade and the environment. These companies have some innovative business
models that will likely bring environment-friendly goods to both consumers and businesses.
There are some other likely benefits to be gained from the growth of e-commerce such as
a reduction in the need for warehouses and retail stores, and a further reduction in the need for
the associated finished materials, energy, and land consumed by these structures.
3.10 E-ADVERTISING
E- Advertising or Online advertising or Internet advertising is a marketing strategy that
involves the use of the Internet as a medium to obtain website traffic and target and deliver
marketing messages to the right customers. It is geared toward defining markets through unique
and useful applications.
Delivery methods
Display advertising
Display advertising conveys its advertising message visually using text, logos,
animations, videos, photographs, or other graphics. Display advertisers frequently target users
with particular traits to increase the effect of advertisements. Online advertisers often
use cookies, which are unique identifiers of specific computers, to decide which ads to serve to a
particular consumer. Cookies can track whether a user left a page without buying anything, so
the advertiser can later retarget the user with ads from the site the user visited.
As advertisers collect data across multiple external websites about a user's online activity,
they can create a detailed picture of the user's interests to deliver even more targeted advertising.
This aggregation of data is called behavioural targeting.

7
Advertisers can also target their audience by using contextual and semantic advertising to
deliver display ads related to the content of the web page where the ads appear. Retargeting,
behavioural targeting, and contextual advertising all are designed to increase an
advertiser's return on investment, over untargeted ads.
Advertisers may also deliver ads based on a user's suspected geography through geo-
targeting. A user's IP address communicates some geographic information (the user's country or
region). It helps to narrow the range of possible locations. For example, with mobile devices,
advertisers can sometimes use a phone's GPS receiver or the location of nearby mobile towers.
Web banner advertising
Web banner ads typically are graphical ads displayed within a web page. Many banner
ads are delivered by a central ad server. Banner ads can use rich media to incorporate video,
audio, animations, buttons, forms, or other interactive elements using Java
applets, HTML5, Adobe Flash, and other programs.
Frame ad (traditional banner)
Frame ads were the first form of web banners. The colloquial usage of "banner ads" often
refers to traditional frame ads. Website publishers incorporate frame ads by setting aside a
particular space on the web page. The Interactive Advertising Bureau's Ad Unit Guidelines
proposes standardized pixel dimensions for ad units.

Pop-ups/Pop unders
A pop-up ad is displayed in a new web browser window that opens above a website
visitor's initial browser window. A pop-under ad opens a new browser window under a website
visitor's initial browser window.
Floating ad
A floating ad or overlay ad is a type of rich media advertisement that appears
superimposed over the requested website's content. Floating ads may disappear or become less
obtrusive after a preset time period.
Expanding ad
An expanding ad is a rich media frame ad that changes dimensions upon a predefined
condition, such as a preset amount of time a visitor spends on a webpage, the user's click on the

7
ad, or the user's mouse movement over the ad. Expanding ads allow advertisers to fit more
information into a restricted ad space.
Trick banners
A trick banner is a banner ad where the ad copy imitates some screen element users
commonly encounter, such as an operating system message or popular application message, to
induce ad clicks. Trick banners typically do not mention the advertiser in the initial ad, and thus
they are a form of bait-and-switch. Trick banners commonly attract a higher-than-average click-
through rate, but tricked users may resent the advertiser for deceiving them.
News Feed Ads
"News Feed Ads", also called "Sponsored Stories", "Boosted Posts", typically exist on Social
Media Platforms that offer a steady stream of information updates ("news feed") in regulated
formats (i.e. in similar sized small boxes with a uniform style). Those advertisements are
intertwined with non-promoted news that the users are reading through. Those advertisements
can be of any content, such as promoting a website, a fan page, an app, or a product. This format
of online advertisement yields much higher click-through rates than traditional display ads
Some examples are: Facebook's "Sponsored Stories", LinkedIn's "Sponsored
Updates", and Twitter's "Promoted Tweets".
Interstitial
An interstitial ad displays before a user can access requested content, sometimes while
the user is waiting for the content to load. Interstitial ads are a form of interruption marketing.
Text ads
A text ad displays text-based hyperlinks. Text-based ads may display separately from a
web page's primary content, or they can be embedded by hyperlinking individual words or
phrases to advertiser's websites. Text ads may also be delivered through email marketing or text
message marketing. Text-based ads often render faster than graphical ads and can be harder for
ad-blocking software to block.
Search Engine Marketing (SEM)
Search engine marketing (SEM) is designed to increase a website's visibility in search
engine results pages (SERPs). Search engines provide sponsored results and organic (non-
sponsored) results based on a web searcher's query. Search engines often employ visual cues to

7
differentiate sponsored results from organic results. SEM includes all of an advertiser's actions to
make a website's listing more prominent for topical keywords.
Search Engine Optimization (SEO)
Search engine optimization (SEO) attempts to improve a website's organic search
rankings in SERPs by increasing the website content's relevance to search terms. Search engines
regularly update their algorithms to penalize poor quality sites that try to game their rankings,
making optimization a moving target for advertisers.
Sponsored search
Sponsored search (also called sponsored links, search ads, or paid search) allows
advertisers to be included in the sponsored results of a search for selected keywords.
Social Media Marketing
Social media marketing is commercial promotion conducted through social
media websites. Many companies promote their products by posting frequent updates and
providing special offers through their social media profiles.
3.10.1 Advantages of online advertising:
Extensive coverage:
Online advertising releases wide range of advertising information, regardless of time and
geographical constraints. From the advertising point of view, the wider the scope of
dissemination of information, human contact, the more advertising effect will be. From the
advertisers market, even a small business is likely to become an international company
overnight.
Large-capacity information:
Capacity to provide information is unrestricted. Businesses or advertising agencies can provide
advertising information and instructions equivalent of thousands of pages without having to
worry about the increase on the advertising costs as that of traditional media. The network
behind small banner ads, companies can put their company and its products and services,
including product performance, price, model, morphology, etc. It seems necessary to explain all
audiences, including detailed information made into a web page on their website.
Strong interaction with sensory:
Online advertising carrier is basically a multimedia, hypertext format, as long as the audience
interested in a certain kind of product, you can tap the mouse further to know more, much more

7
detailed and vivid information so that consumers can personally “experience” products, services
and brand. As virtual reality and other new technologies to online advertising, immerse
experience for customers such as goods or services, and to book online, trading and settlement
will greatly enhance the effectiveness of online advertising.
Real-time and long-lasting unity:
Internet media has the right to change the function of information, companies can make changes
at any time according to need, 24 hour warehouse industry can adjust product prices, product
information, can instantly get the latest product information dissemination to consumers. Online
media can also be long-term preservation advertising information. Enterprise established for the
product website can remain, waiting for consumer inquiries, enabling real-time and persistence
unity.
Non-compulsory transfer of information:
As we all know, newspaper ads, magazine ads, TV ads, radio ads, outdoor advertising and so has
a compulsive, forced indoctrination into your brain. The online advertising belongs on demand
advertising, thus saving time and avoiding ineffective passive attention.

3.10.2 Disadvantages of online advertising:


Internet advertising has obvious advantages over traditional advertising, and also unavoidably
brings its disadvantages, mainly in the following aspects:

Visitors to their online advertising “filtered”:


Some visitors simply do not want to see, let alone have report responses. This situation is similar
to other media, only a handful of consumers will buy your product. The biggest difficulty lies in
selecting the right online advertising target market; otherwise it is difficult to bring about the
final ad buying behaviour.
Network technology to filter the ads:
On the one hand for the advertising network provides more space, opportunities, tools, and the
origin of Internet culture itself is obnoxious commercialism, so there have been some network
software and tools will plant a report as a network of cultural dregs filter out. In doing online
advertising company, be sure to verify that the target market has a tendency to extreme aversion
to commercial advertising, whether the use of these filters online advertising tool.

7
Lack of skills and marketing skills:
Internet advertising is the guiding ideology of the “information marketing” rather than the
“impression inducement,” but the expression and transmission of information still need
presentation skills to attract consumers. Therefore, only the aspects of the product and the
information listed here is definitely not form a successful online advertising. Traditional
advertising to generate an irresistible impression and attractive presentation skills and marketing
skills in online advertising is still needed, even more demanding. How to marketers to consumers
in rich information resources at the same time, but also have a strong attraction for them is a
huge challenge.
Online advertising marketing personnel requirements are higher than other media:
Compared to online advertising can almost be seen as a microcosm of the entire marketing,
which involves how to attract customers to interact with customers, etc., which is the traditional
advertising to customers impressed goals have to go very far. In short online advertising requires
marketer’s integrated use of traditional advertising performance practices, providing information
on the use of soft methods of marketing and network marketing techniques.
3.11 Internet Marketing Trends
Marketers are constantly looking into the future, trying to predict the next big trend, be it
for their brands or their clients. Naturally, marketers are preoccupied with questions like: What is
the next big campaign? How can we turn our client into the “next big thing”? What is the next
hot trend going to be in retail? Etc. Everyone wants to the answers. Knowing this, what do some
of the top minds in marketing predict for their own futures? Here are the 10 trends that are going
to have the biggest impact on the future of marketing.
1. Mobile is going to become the centre of marketing. From cell phones to smart phones,
tablets to wearable gadgets, the evolution of mobile devices is one of the prime factors
influencing the marketing world. As the focus is shifting to smaller screens, brands will be able
to strike up a more personalized relationship with their customers by leveraging the power of
mobile.
2. Transparency will dictate brand-customer relationships. Currently, customers are seeking
more engagement from brands. This trend will continue with customers becoming more
demanding in their expectation of transparency. Genuine brands – the ones that “walk the talk”

7
and create real value – will be rewarded. This means brands that still haven’t made their
customer dealings transparent are headed to a future of doom.
3. The need for good content will not slow down. Content, particularly visual content, will rule
the roost in the online marketing world, evolving into various forms and disrupting the
conventional marketing models. Moreover, the speed at which a brand can create amazing
content will play a part in their success.
4. User-generated content will be the new hit. The power of user-generated content will
surpass branded content as brands begin to relinquish control of their own brands’ marketing to
their customers. From online reviews, to social media posts and blogs, this means there will be a
strong need for brands to create a positive impact in their consumers’ minds. In response to this
model of content production, content co-creation between brands and consumers will become a
popular trend.
5. Social will become the next Internet. Social will become an integral part of the “broader
marketing discipline.” As its impact grows stronger, most brands will fully transition their
marketing efforts to social channels. As such, social has the full potential to become not just one
of the channels but the channel.
6. Brands will own their audience. By cultivating brand community and entering into direct
conversations with their customers, brands will begin to own their audience in a way that will
create loyalists and brand advocates. In the future of marketing, branding and marketing efforts
will have their seeds rooted in what customers are talking about. The customers’ responses and
feelings toward the brand will dictate future campaigns. Essentially, if the customers are happy,
they’ll gladly wear the marketer’s hat and do what is needed to bring their favourite brand in
focus.
7. Brands solely-focused on Millennials will go out of relevance. Brands will need to
understand that the millennials are not a niche “youth” segment but a generation of people who
will ultimately give way to a newer generation. Therefore, millennial-focused brands will have to
change their game to stay relevant.
8. Good brands will behave like product companies and not like service companies. While
service companies aim to create a happy customer and look forward to a contract renewal,
product companies thrive on innovation. So, for brands of the future, customer satisfaction and

7
retention will not be enough. They will need to innovate more efficiently to create more value for
their customers. However, great service will NEVER go out of style.
9. Personalized, data-driven marketing will become more refined. There is a difference
between data-driven marketing and intrusive marketing. While the former is based on
relationship-building, the latter is nothing but old-school push marketing wrapped in a new
cover. The difference between these two formats will become even more prominent in future.
Marketers who focus on relationship building will be rewarded, while intruders will be shut out.
10. More accurate metrics will surface. What most brands do in the name of measuring
marketing success is look at hollow “vanity” metrics such as likes, shares, or tweets. Even in
terms of data mining, we are still developing more sophisticated means to capture the right data.
Many ideas are hypothesized, but few are practical. The future will witness the rise of better
analytical tools to help marketers gauge the success of their campaigns.
3.12 Internet Branding
The word "brand" is derived from the word "brandr" meaning "to burn. Brand is the
“Name, term, design, symbol, or any other feature that identifies one seller's product distinct
from those of other sellers.".
In accounting, a brand defined as an intangible asset is often the most valuable asset on a
corporation's balance sheet.
Brand means Trademark, Logo or Trade name under which a product or service is sold in
market. Company means business organization/company which manufactures or provides service
to customers. Eg. Nokia India Pvt. Ltd. is the name of the company and its Brand name is
NOKIA under which it sells its Products.
Brand consists of Name Logo Tagline Shapes Colors Sounds Movements Etc
How Brand is found: Adopted to differentiate one person's cattle from another symbols are
burned into the animal's skin with a hot iron stamp, subsequently the same technique is used in
business, marketing, and advertising.
Internet branding (also known as online branding or E-Branding) is a technique that
uses the World Wide Web as a medium for positioning a brand in the marketplace. Website
creation and optimization, social media, blogs, online press releases, and video marketing are all
methods used for online branding purposes.

7
E-branding refers to the sum total of a company`s values, attitudes, vision, mission,
personality and appearance that is projected to the audience online.
Types of Brands
 Initialism: Name made of initials. Eg: UPS or IBM
 Alliteration: Names fun to say. Eg: Reese's Pieces or Dunkin' Donuts
 Evocative: Names evoke a relevant vivid image. Eg: Amazon or Crest
 Neologisms: Completely made-up words. Eg: Wii or Kodak
 Foreign word: Adoption word from another language. Eg: Volvo or Samsung
 Founders' names: Using the names of Founder. Eg: Hewlett-Packard, Dell or Disney
 Geography: Brands named for regions and landmarks. Eg: Cisco and Fuji Film
Purposes of Internet Branding
 To create a direct relationship between Customer and Brand owners
 To help in better sales & Brand loyalty
 To strengthen the market position of the organization
Benefits of Internet Branding
 Easy to survive among competitors
 Helps to build familiarity and loyalty from consumers
 Convenient to gain reputation amongst customers
 Becomes the digital asset for a company
 Result in higher sales of not only one product, but other products associated with brand
 Helps to be a part of the grand global internet community of the 21st century
 Easy to expand customer relationship
Advantages to Consumers
 Consumes less time in Shopping.
 The quality of product is better
 Prices are fixed by the company and there are no changes.
 Products own the responsibility.
Advantages to Producers
 Name helps in advertising in an easier way.
 Name establishes the permanent identity of the product
 Name promotes repurchasing

8
 Competition becomes easier with the help of brand loyalty
Effective Ways to Maximize E-Branding Presence
In the competitive age we live in, in order to succeed online, branding must be highly
recognizable, relatable, and authentic; thereby setting itself apart from the competition. High
visibility of brand increases credibility and customers will be more willing to retain your
product/services.
Creating an awareness of online brand is about capturing the attention of the targeted
audience. Consumer's today look to connect directly with business owners and hear their stories
before they make a decision on whether to buy their products/services. With that in mind, let's
examine seven key insights as to how to effectively maximize online brand presence:
1. Be Consistent With Branding. Ask one question: "What is my business really about?" It is
very important to display a consistent branding strategy across all online channels. This creates
brand recognition and helps to reinforce the brand. It is common for a business to use several
channels to reach out to customers. For example, a business may use its website, several social
networks, blogs, document sharing sites, etc.
2. Optimize Your Website. Creating and maintaining a website is one of the most important
branding tools for any business. Website optimization for optimal performance on search engines
is one thing companies can do to drive traffic to a website and improve the brand's visibility.
3. Social Media. Social Media Marketing is one of the most effective and cost effective ways to
promote both small businesses and corporations and enhance the visibility of brand. Social
Media Marketing promotes visibility, brand loyalty, recognition and can also increase sales. In
addition, social media marketing allows small businesses and established ones to compete with
an advantage.
4. Produce and Distribute Great Quality Content. Creating and distributing quality content is
the best way to gain visibility online. It is one of the most effective marketing strategies to create
brand recognition online.
5. Press Release Marketing. Press release distribution is a very effective and inexpensive way
to enhance brand visibility and recognition. If it is picked up by Google News, your company
will receive additional coverage for your brand.
6. Leverage Video Marketing. Businesses of all sizes and scale can benefit from video
marketing i.e., YouTube, Vimeo, Metcafe, etc. Posting branded videos relevant to your niche is a

8
very effective way to promote business, drive traffic to your website, and get your brand noticed
in front of a targeted audience.
7. Start a Blog. Having a blog can enhance brand visibility and improve chances of success. In
fact, blogging is one of the most effective ways to improve the visibility of the brand online.
Blogging greatly improves search engine rank, establishes validity in brand and increases reach.
In addition, blogging helps to cultivate relationships with customers and other influencers.
8. Authentic. As a final point, when creating an online brand presence, don't attempt to create
your online brand like any other brand in the market. Be authentic. If you can be open and honest
with yourself about your brand's value, you will be able to authenticate this value when creating
your online brand presence.
3.13 Marketing strategies
Marketing Strategies are made not only to attract customers but also to retain the existing
customers. Online Marketing Strategies too are made for the same purpose. Following are some
of the strategies that can be adopted in online marketing:
 E-Mail marketing strategies
 Affiliate marketing strategies
 Viral marketing strategies
 Brand leveraging strategies
 Search engine optimization (SEO)
E-Mail marketing strategies
Business organization s send e-mail messages to people who have requested information
about a specific product. This is called opt-in-email and this strategy is called Permission
Marketing Strategy. E-mail allows marketers to deliver different advertisements to different
customers based on market segmentation. It allows users to see graphic images and text that
really impresses them. The users also get transported to the related website by clicking on the
link in the message. Finally, the behaviour of the customer collected from the database can be
integrated by the marketers to send sales promotion e-mails to the customers.
For example, if a visitor had visited the website of UNIVERCELL to read about the latest
arrival of Mobile phones, then the information can be utilized by UNIVERCELL to send a
coupon or information through direct e-mail to the customer. It attracts the customer and may

8
result in purchase of mobile phone. Some marketers also send e-mail even without receiving any
request for information from the customers. It is known as unsolicited commercial e-mails
Affiliate marketing strategies
Low budget websites are using affiliate marketing strategy to generate revenues.
Affiliate’s firm website contains description, rating and information about a product that is
linked to another organization’s website that offers the product for sale. Marketers pay affiliates
to forward customers to their websites. The pioneer of affiliate marketing is amazon.com.
Affiliate member must feature a link to amazon’s site. When an internet user buys any
product on amazon’s website after having gone there through a link, the affiliate member link
which had forwarded the buyer to amazon.com receives the commission.
There are three types of affiliate marketing programmes.
1. Click through – affiliates are paid for each visitor who clicks through the banner or
button/link and goes to the sellers’ page.
2. Lead Generation – affiliates are paid if the marketer is able to register the user.
3. Revenue sharing – affiliates are paid when he customer makes a purchase
Viral marketing strategies
Viral marketing strategy approaches individual consumers to inform other persons about
the products and services of a business organization. Business organizations believe that this
marketing strategy can build good business as there is no face to face contact in electronic
marketing.
For example, Blue Mountain Arts, an electronic greeting company adopts the viral
marketing strategy. A greeting card recipient sends electronic greeting cards in turn to their
friends. This method helped it to grow as the most visited site on the web.

Brand leveraging strategies


An organization leverages its dominant position by adding more features to the website
that are useful to existing customers. This is called Brand leveraging strategy.
For example, Yahoo added a search engine function and leveraged its dominant position
by acquiring other web businesses and widened its existing offerings.

8
Search engine optimization (SEO)
Search engine optimization (SEO) attempts to improve a website's organic search
rankings in SERPs by increasing the website content's relevance to search terms. SEO is not just
submitting site at search engine. It helps the internet user to identify the company’s product or
service available on the site when the users are searching for a product or a service. When a
potential customer checks through search engine looking out for a product or service, marketers
want their company’s website to appear among the top 10 returned listings. The method of
having a particular URL listed near the top of search engine results is called SEO. Search engine
sites offer companies a paid placement which is the consideration of purchasing a top listing on
the result pages.
For example, Sify.com is specialized in SEO. It provides a complete range of search
engine marketing solutions worldwide.
3.14 Summary
Developments of science and technology, generation of creative and innovative ideas and
emergence of e-consultants have contributed significantly for the growth and development of E-
Marketing. E-Marketing is the process of conducting marketing activities through electronic
medium. It saves money and time, develops intimate customer relationships, attracts analytical
buyers, removes distance barriers, provides choice and enables collection of data. Buyers differ
in their wants, attitudes, purchasing power, age, income, buying practices and geographical
locations. This complex and varied behaviours of customers is the cause for market
segmentation. Similarly, marketing mix decisions play a vital role in implementing effective
marketing management. The four elements of mix constitute successful marketing activities.
Business organizations send e-mail messages to people who have requested information about a
product. This is called opt-in-mail strategy. Advertising through the internet is called E-
Advertising. An overview of various types of E-Advertising is also provided for a better
understanding. An account of E-Branding, a process of positioning the product through
electronic media, is also provided.
3.15 Key Terms
E-Marketing: It is the process of considering marketing activities and achieving marketing
objectives through electronic medium.

8
Traditional marketing: It is labelled traditional, because it incorporates the original methods of
marketing and advertising through 4 basic ways; print, broadcast, direct mail and telephone.
Telebanking: A customer is given a password number (known as T-PIN i.e., Telephonic
personal identification number) through which he can have access to his/her account over
telephone/mobile phone and give instruction regarding withdrawal, issue of demand draft etc.
Internet Banking: The customer can access his account through internet from anywhere, any
time and any number of times. The customer simply uses a password number and gets the details
of transactions sitting at home.
ATM: ATM, the acronym for Automated Teller Machine. ATM is a computerized machine used
for most of the routine jobs of a bank. By inserting the ATM card in the machine and entering
the PIN (Personal Identification Number) the customer can use it for withdrawals and deposits of
money.
Debit Card: A debit card is an electronic card that can be used conveniently while making
payments. This card is issued to the customers of the bank having current or savings deposit
account. It can also be used at ATMs just like ATM cards.
Credit Card: The cards are issued to individuals after verifying their credit worthiness. The
individual can use those cards at various outlets to make payments. The issuing bank fixes a
credit limit up to which the cardholder can purchase goods and services. The bank issues a
statement of transactions periodically and the individuals have to pay back the amount to the
bank by a due date. The cardholder can also use his/her card to withdraw cash from ATMs.
E-Ticketing: Purchasing tickets through internet sitting at home or even while on the move.
Make payment through credit cards/debit cards for on-line booking of tickets. The e-Ticketing
service is also available through mobile phones.
E-Advertising: E- Advertising or Online advertising or Internet advertising is a marketing
strategy that involves the use of the Internet as a medium to obtain website traffic and target and
deliver marketing messages to the right customers.
E-Trading: On line trading has started with the establishment of OTCEI. Now the National
Stock Exchange (NSE) and Bombay Stock Exchange (BSE) have also completely switched over
to online trading to which most stock-brokers have access through internet.
E-Post: E-Post facility is introduced in India by the Department of Posts. It enables people to
send and receive e-mail at the post offices. E-Post is a service under which printed or even

8
handwritten messages are transmitted as email on internet. At the destination post offices, these
messages are printed, enveloped and delivered through the postman like other letters. The
customer can make payment through a prepaid card that is available in the head post office and
other outlets. The customer has to register as a user and access the service at the e-Post portal
http://indiapost.nic.in.
Display advertising: It conveys its advertising message visually using text, logos, animations,
videos, photographs, or other graphics.
Behavioural targeting: As advertisers collect data across multiple external websites about a
user's online activity; they can create a detailed picture of the user's interests to deliver even
more targeted advertising. This aggregation of data is called Behavioural targeting.
Geo-targeting: Advertisers may also deliver ads based on a user's suspected geography
through geo-targeting.
Web banner advertising: Web banner ads typically are graphical ads displayed within a web
page.
Pop-up: A pop-up ad is displayed in a new web browser window that opens above a website
visitor's initial browser window. A pop-under ad opens a new browser window under a website
visitor's initial browser window.
Search Engine Marketing (SEM): It is designed to increase a website's visibility in search
engine results pages (SERPs). Search engines provide sponsored results and organic (non-
sponsored) results based on a web searcher's query.
Search engine optimization (SEO): It attempts to improve a website's organic search rankings
in SERPs by increasing the website content's relevance to search terms.
Social Media Marketing: Social media marketing is commercial promotion conducted
through social media websites.
Internet branding: It is a technique that uses the World Wide Web as a medium for positioning
a brand in the marketplace.
3.16 Self Evaluation Questions
1. What is E-Marketing?
2. What are the advantages of E-Marketing?
3. Write a note on market segmentation
4. Explain in detail about E-Marketing Mix.

8
5. Explain the E-Marketing strategies.
6. What are the components of E-Marketing Mix?
7. What is E-Mail Marketing?
8. Explain the importance of affiliate marketing strategy.
9. Explain various advertisement methods used on the web
10. What are the objectives of web advertising?
11. What is E-Branding?
12. What is E-Banking?
13. What do you mean by Search Engine Marketing?
14. What do you understand by Search Engine Optimization?
15. What is Social Media Marketing?

8
UNIT- IV
E- Payment Systems
LEARNING OBJECTIVES
After reading this unit, you would be able to
 Understand the concept of E-Payment system
 Know about various types of E-Payments
 Learn the process of E=Payment system
CONTENTS
4.1 Introduction
4.2 Types of E-Payment Systems
4.3 Requirements of E-Payments
4.4 Digital Token Based E-Payment System
4.5 Credit cards as E-Payment System
4.6 Smart Card Cash Payment System
4.7 Micro Payment System
4.8 E-Cash
4.9 Summary
4.10 Key Terms
4.11 Self Evaluation Questions

4.1 INTRODUCTION
The ease of purchasing and selling products over the Internet has helped the growth of
electronic commerce and electronic payments services are a convenient and efficient way to do
financial transactions. Generally we think of electronic payments as referring to online
transactions on the internet, there are actually many forms of electronic payments. As technology
developing, the range of devices and processes to transact electronically continues to increase
while the percentage of cash and cheque transactions continues to decrease.

The Internet has the potential to become the most active trade intermediary within a
decade. Also, Internet shopping may revolutionize retailing by allowing consumers to sit in their
homes and buy an enormous variety of products and services from all over the worlds. Many

8
businesses and consumers are still wary of conducting extensive business electronically.
However, almost everyone will use the form of E Commerce in near future.

An electronic payment system is needed for compensation for information, goods and
services provided through the Internet - such as access to copyrighted materials, database
searches or consumption of system resources - or as a convenient form of payment for external
goods and services - such as merchandise and services provided outside the Internet. it helps to
automate sales activities, extends the potential number of customers and may reduce the amount
of paperwork.

Electronic Payment is a financial exchange that takes place online between buyers and
sellers. The content of this exchange is usually some form of digital financial instrument (such as
encrypted credit card numbers, electronic cheques or digital cash) that is backed by a bank or an
intermediary, or by a legal tender.

E payment is a subset of an e-commerce transaction to include electronic payment for


buying and selling goods or services offered through the Internet.

Risks in Electronic Payment systems


Customer's risks
 Stolen credentials or password
 Dishonest merchant
 Disputes over transaction
 Inappropriate use of transaction details
Merchant’s risk
 Forged or copied instruments
 Disputed charges
 Insufficient funds in customer’s account
 Unauthorized redistribution of purchased items
Electronic payments Issues
 Secure transfer across internet
 High reliability: no single failure point

8
 Atomic transactions
 Anonymity of buyer
 Economic and computational efficiency: allow micropayments
 Flexibility: across different methods
 Scalability in number of servers and users
Designing Electronic Payment systems
It includes several factors:
Privacy: A user expects to trust in a secure system; just as a telephone is a safe
Security: A secure system verifies the identity of two-party transactions through “user
authentication” & reserves flexibility to restrict information/services through access control
Intuitive interfaces: The payment interface must be as easy to use as a telephone.
Database integration: With home banking, for ex, a customer wants to play with all his
accounts.
Brokers: A “network banker”-someone to broker goods & services, settle conflicts, & financial
transactions electronically-must be in place
Pricing: One fundamental issue is how to price payment system services. For e.g., from cash to
bank payments, from paper-based to e-cash. The problem is potential waste of resources.

4.2 TYPES OF E-PAYMENT SYSTEMS


Electronic payment systems are proliferating in banking, retail, health care, on-line
markets, and even government—in fact, anywhere money needs to change hands. Organizations
are motivated by the need to deliver products and services more cost effectively and to provide a
higher quality of service to customers. The emerging electronic payment technology is labelled
as electronic funds transfer (EFT). EFT is defined as “any transfer of funds initiated through an
electronic terminal, telephonic instrument, or computer or magnetic tape so as to order, instruct,
or authorize a financial institution. EFT can be segmented into three broad categories:
Banking and financial payments
 Large-scale or wholesale payments (e.g., bank-to-bank transfer)
 Small-scale or retail payments (e.g., automated teller machines)
 Home banking (e.g., bill payment)

9
Retailing payments
 Credit Cards (e.g., VISA or MasterCard)
 Private label credit/debit cards (e.g., J.C. Penney Card)
 Charge Cards (e.g., American Express
On-line electronic commerce payments
1. Token-based payment systems
 Electronic cash (e.g., DigiCash)
 Electronic cheques (e.g., NetCheque)
 Smart cards or debit cards (e.g., Mondex Electronic Currency Card))
2. Credit card-based payments systems
 Encrypted Credit Cards (e.g., World Wide Web form-based encryption)
 Third-party authorization numbers (e.g., First Virtual)
Electronic payment refers to paperless monetary transactions. Electronic payment has
revolutionized the business processing by reducing paper work, transaction costs, labour cost.
Being user friendly and less time consuming than manual processing, it helps business
organization to expand its market reach / expansion. Some of the modes of electronic payments
are following.
 Credit Card
 Debit Card

 Smart Card

 E-Money

 Electronic Fund Transfer (EFT)

4.2.1 Cards
Credit cards, debit cards and prepaid cards currently represent the most common form of
electronic payments. For all 3 types of cards the consumer or the business uses a plastic card,
commonly with a magnetic stripe..Along with magnetic stripe cards, smart cards are also used
for payments. Smart cards are at present overwhelmingly plastic credit cards with an embedded
computer chip.
Credit Card: Credit card is small plastic card with a unique number attached with an account. It
has also a magnetic strip embedded in it which is used to read credit card via card readers. When

9
a customer purchases a product via credit card, credit card issuer bank pays on behalf of the
customer and customer has a certain time period after which he/she can pay the credit card bill.
It is usually credit card monthly payment cycle. Following are the actors in the credit card
system.

 The card holder - Customer

 The merchant - seller of product who can accept credit card payments.

 The card issuer bank - card holder's bank

 The acquirer bank - the merchant's bank

 The card brand - for example, visa or mastercard.

Debit Card
Debit card, like credit card is a small plastic card with a unique number mapped with the
bank account number. It is required to have a bank account before getting a debit card from the
bank. The major difference between debit card and credit card is that in case of payment through
debit card, amount gets deducted from card's bank account immediately and there should be
sufficient balance in bank account for the transaction to get completed, whereas in case of credit
card there is no such compulsion.

Smart Card
Smart card is again similar to credit card and debit card in appearance but it has a small
microprocessor chip embedded in it. It has the capacity to store customer work related/personal
information. Smart card is also used to store money which is reduced as per usage. Smart card
can be accessed only using a PIN of customer. Smart cards are secure as they stores information
in encrypted format and are less expensive/provide faster processing. Mondex and Visa Cash
cards are examples of smart cards.
4.2.2 E-Money
E-Money transactions refer to situation where payment is done over the network and
amount gets transferred from one financial body to another financial body without any
involvement of a middleman. E-money transactions are faster, convenient and save a lot of time.
Online payments done via credit card, debit card or smart card are examples of e-money

9
transactions. Another popular example is e-cash. In case of e-cash, both customer and merchant
both have to sign up with the bank or company issuing e-cash.
4.2.3 Electronic Fund Transfer
It is a very popular electronic payment method to transfer money from one bank account
to another bank account. Accounts can be in same bank or different bank. Fund transfer can be
done using ATM (Automated Teller Machine) or using computer. Now-a-days, internet based
EFT is getting popularity. In this case, customer uses website provided by the bank. Customer
logins to the bank's website and registers another bank account. He/she then places a request to
transfer certain amount to that account. Customer's bank transfers amount to other account if it is
in same bank otherwise transfer request is forwarded to ACH (Automated Clearing House) to
transfer amount to other account and amount is deducted from customer's account. Once amount
is transferred to other account, customer is notified of the fund transfer by the bank.
4.2.4 Internet
Online payments involve the customer transferring money or making a purchase online
via the internet. Consumers and businesses can transfer money to third parties from the bank or
other account, and they can also use credit, debit and prepaid cards to make purchases online.
Current estimates are that over 80% of payments for online purchases are made using a credit
card or debit card. At present, most online transactions involve payment with a credit card. While
other forms of payment such as direct debits to accounts or pre-paid accounts and cards are
increasing, they currently represent a less developed transaction methodology.
4.2.5 Mobile Payments
Mobile phones are currently used for a limited number of electronic transactions.
However, the percentage seems likely to increase as mobile phone manufacturers enable the chip
and software in the phone for easier electronic commerce. Consumers can use their mobile phone
to pay for transactions in several ways. Consumers may send an SMS message, transmit a PIN
number and use WAP to make online payments, or perform other segments of their transaction
with the phone. As phones develop further, consumers are likely to be able to use infrared,
Bluetooth and other means more frequently to transmit full account data in order to make
payments securely and easily from their phone. Additionally, merchants can obtain an
authorization for a credit or debit card transaction by attaching a device to their mobile phone. A
consortium in the US also announced PowerSwipe, for example, which physically connects to a

9
Nextel phone, weighs 3.1 ounces, and incorporates a magnetic stripe reader, infrared printing
port and pass-through connector for charging the handset battery.
4.2.6 Financial Service Kiosks
Companies and service providers in several countries, including Singapore and the US,
have set up kiosks to enable financial and non-financial transactions. These kiosks are fixed
stations with phone connections where the customer usually uses a keyboard and television-like
screen to transaction or to access information. Kiosks in the United States enable the customer to
send money via wire transfers, cash cheques, make purchases using cash, and make phone calls.
Located at convenient public locations such as bus or subway stations, convenience stores or
shopping malls, these kiosks enable electronic payments by individuals who may not have
regular access to the internet or mobile phones.
4.2.7 Television Set-Top Boxes and Satellite Receiver
Specialized boxes attached to a television can also be used for payments in some
locations. The set-top box attaches to the television and a keyboard or other device, and
customers can make purchases by viewing items on the television. Payment is made
electronically using a credit card or other account. While usage is presently low, it could grow
substantially in countries with a strong cable or satellite television network.

4.2.8 Biometric Payments


Electronic payments using biometrics are still largely in their infancy. Trials are
underway in the United States, Australia and a limited number of other countries. Most biometric
payments involve using fingerprints as the identification and access tool, though companies like
Visa International are piloting voice recognition technology and retina scans are also under
consideration. Essentially, a biometric identifier such as a fingerprint or voice could replace the
plastic card and more securely identifies the person undertaking the transaction. The electronic
payment is still charged to a credit card or other account, with the biometric identifier replacing
the card, cheque or other transaction mechanism.
4.2.9 Electronic Payments Networks
Various countries have electronic payments networks that consumer can use to make
payments electronically. ACH (Automated Clearing House) in the US, domestic EFTPOS

9
networks in Australia and Singapore, and other networks enable electronic payments between
businesses and between individuals. The consumer can go online, to a financial service kiosk or
use other front-end devices to access their account and make payments to businesses or other
individuals.
4.2.10 Person-to-Person (P2P) Payments
P2P payments enable one individual to pay another using an account, a prepaid card or
another mechanism that stores value. PayPal in the US, which was recently purchased by Ebay,
is one of the most frequently used P2P mechanisms. P2P payments can be made through a
variety of means, including services like PayPal, transfers using card readers, or other. In the
future other devices, such as mobile phones or PDAs, could also be used to enable P2P electronic
payments.

Source www.epayment.com

9
Types of E-payment and Initiatives

4.3 REQUIREMENTS FOR E-PAYMENTS


For making e-payments effective and successful the following requirements are essentials:
Critical mass
The success of a payment scheme depends on the number of users, both as regards
merchants and consumers, as financial institutions. Especially merchants play a crucial role in
the development of payment schemes, as their acceptance of e-payment systems creates the
market for such schemes. Providers face the so-called "chicken and egg" problem, as merchant
acceptance equally depends on customer acceptance.
Adoption at the EU-level
In order to foster cross-border payments in the Internal Market, it is essential that
payment schemes are developed that apply across the EU. Merely national payment schemes will
not increase cross-border e-shopping, because foreign customers cannot pay abroad with these

9
national schemes. Payment schemes that are limited to the national level, should at least try to
enter into cross-national associations to gain customer and merchant recognition.
Limited costs
The cost of using an electronic payment system should be limited to a minimum, so as to
increase merchant and customer acceptance. This particularly holds true for low-value
transactions, which must be facilitated by low transaction costs. (For example, the online
purchase of a ringtone of 1 EUR should not result in the need to pay an additional 0,40 EUR for
transaction costs.)
User friendly / low effort
Electronic payment systems should be user-friendly and should allow users to personalise
the system to integrate their everyday activities and personal financials. Simplicity is key to
gaining wide acceptance, especially to persuade new Internet users who lack both experience and
confidence to cope with complicated protocols. In Japan, for example, most electronic payment
systems only require the user to enter a unique set of 16 digits for authentication and payment
finalisation purposes.
Speed
Electronic payment systems should be able to process transactions very rapidly. Their
speed allows them to be differentiated from other (offline) payment schemes such as credit cards,
which are often subject to transaction terms of several days. Settlement of transactions in real
time allows customers to be informed of their available funds at any moment.
Security
Fraudulent payment card transactions represent losses of roughly 1 billion EUR per year
in the SEPA area. Moreover, given their virtual nature, e-payment schemes do not allow to see
the money physically represented, which often results in the feeling of having no control. It is
therefore essential that e-payment systems provide a sufficient level of security, both on a
technological level as on a psychological level.
Balance of interests
The current financial crisis has demonstrated the importance of controlling financial
institutions. Payment instruments which transfer substantial amounts of money, should be strictly
regulated, regardless of the fact whether they constitute online or offline payment systems.
However, there also is a need for balance. Strict compliance requirements could cripple the

9
further development of e-payment systems, particularly if small money transfer would also be
subject to such requirements. Hence, a balance between innovation incentives and the protection
of consumers is required.
Protection of privacy
As is possible with cash payments, consumers will want to have at least the option of
remaining anonymous in relation to e-payments. Moreover, the possibilities of profiling based on
financial transaction data should be limited. For example, the use of transaction-related data
outside the initial business context, of the sale of such data to third parties could lead to customer
discrimination. Such practices should therefore be contained by legal privacy provisions.
Transparency
Electronic payment schemes must be transparent to consumers, in particular with respect
to their personal financial data being handled by both merchants and financial institutions.
Transparency requires merchants and financial institutions to describe the way in which an
electronic payment system works, and how they intend to process any transactions requested by
consumers.
Predictability
For adapted legal rules to be effective, it is required that e-payment systems are generally
intelligible, clear and predictable to all actors involved. Any laws applicable to e-payment
systems must therefore clearly establish which services do and which do not fall within their
scope.
Trust
Both the electronic payment schemes themselves and the applicable legal framework
must present a trustworthy system. Customers and merchants will refrain from using such
payment schemes if the applicable laws cannot guarantee the protection of their interests.
Equally important is the need to address the issue of perceived trust: the public must be
convinced that cyber-cash is unforgettable.
Reliability
The legal framework applicable to electronic payments must be consistent in its effects
on all participants. In case of a dispute, the application of such laws should be predictable, and
the expected outcome of the dispute should be reliable

9
4.4 DIGITAL TOKEN BASED PAYMENT SYSTEM
The digital token based payment system is a new form of electronic payment system
which is based on electronic tokens rather than e-cheque or e-cash. The electronic tokens are
generated by the bank or some financial institutions. Hence we can say that the electronic tokens
are equivalent to the cash which are to be made by the bank.
Electronic tokens are three types:
1. Cash or Real-time
In this mode of electronic tokens transactions takes place via the exchange of electronic
currency (e-cash). Example: on-line currency exchange is electronic cash (e-cash).
2. Debit or Prepaid
In this electronic payment system the prepaid facilities are provided. It means that for
transactions of information user pay in advance. This technology is used in smart card, electronic
purses etc. Example: prepaid payment mechanisms are stored in smart cards and electronic
purses that store electronic money.
3. Credit or Post-paid
These types of electronic token based on the identity of customers which issue a card,
their authentication and verification by a third party. In this system the server authenticates the
customers and then verifies their identity through the bank. After all these process the transaction
takes place. Example is E-Cheques. Example: post-paid mechanisms are credit/debit cards and
electronic cheques.
The Digital Token based system has following issues:
1. Nature of transaction for which instrument is designed:
In this category, the design issues of token take place. It may be designed to handle micro
payments. It may be designed for conventional products. Some tokens are designed specifically
and other generally. The design issue involve involvement of parties, purchase interaction and
average amount.
2. Means of Settlement:
The Digital Tokens are used when their format must be in cash, credit, electronic bill
payments etc. Most transaction settlement methods use credit cards while other used proxies for
values.

9
3. Approach to Security, Anonymity and Authentication:
Since the electronic token are vary from system to system when the business transaction
take place. So it is necessary to secure it by intruders and hackers. For this purpose various
security features are provided with electronic tokens such as the method of encryption. The
encryption method uses the digital signatures of the customers for verification and
authentication.
4. Risk Factors:
The electronic tokens may be worthless and if the customer have currency on token than
nobody will accept it, if the transaction has long time between delivery of products and payments
to merchants then merchant exposes to the risk. so it is important to analysis risk factor in
electronic payment system.
Benefits of Utilizing an Electronic Payment System:
Many large global organizations are reaping the benefits from employing an electronic
payment system, which include:
1. Day Sales Outstanding (DSO) Improvements:
For suppliers, an electronic payment system can immediately improve DSO numbers by
allowing them to electronically receive and process payments from commercial customers.
2. Processing Cost Reduction:
A feature-rich electronic payment system lowers associate process time by automatically
initiating and processing payments.
3. Minimize Overdue Payments:
A best-in-class electronic payment system accelerates credit and collections by giving
customers, collections groups and internal customer service departments greater visibility into
payment status.
4. Simplify Dispute Management:
With an electronic payment system, companies enjoy improved data accuracy and
automated disbursement, receipt and payment processing to streamline vendor dispute
management.
5. Increased Compliance:
An electronic payment system makes it easier to track and monitor data to ensure
adherence to complex compliance regulations and all business rules.

1
6. Enhanced Security:
An electronic payment system is highly secure, safeguarding cardholder data and
preventing payment fraud better than paper-based payments can achieve.
7. Improved Workflow Efficiencies:
Increased automation is a key feature of a robust electronic payment system, enabling
less reliance on time-consuming and costly manual business processes.
8. Greater Visibility into Financial Supply Chain:
With access to reports and comprehensive corporate financial history, an electronic
payment system gives management and other authorized users easy access to snapshots and
detailed reports to improve decision-making and process efficiency.
4.5 CREDIT CARDS AS E-PAYMENT SYSTEM
Payment cards are all types of plastic cards that consumers use to make purchases, viz,
 Credit cards: Such as a Visa or a MasterCard, has a preset spending limit based on the
user’s credit limit.
 Debit cards: Removes the amount of the charge from the cardholder’s account and
transfers it to the seller’s bank.
 Charge cards: Such as one from American Express, carries no preset spending limit.
Advantages:
 Payment cards provide fraud protection.
 They have worldwide acceptance.
 They are good for online transactions.
Disadvantages:
 Payment card service companies charge merchants per-transaction fees and monthly
processing fees.
Payment Acceptance and Processing
 Open loop (such as VISA) and closed loop (such as American Express) systems will
accept and process payment cards.
 A merchant bank or acquiring bank is a bank that does business with merchants who
want to accept payment cards.
 Software packaged with your electronic commerce software can handle payment card
processing automatically.

1
Types of Credit Cards
There are two types of credit cards on the market today-
Credit cards are issued based on the customer's income level, credit history, and total
wealth. The customer uses these cards to buy goods and services or get cash from the
participating financial institutions. The customer is supposed to pay his or her debts during the
payment period; otherwise interest will accumulate. Two limitations of credit cards are their
unsuitability for very small or very large payments. It is not cost-justified to use a credit card for
small payments. Also, due to security issues, these cards have a limit and cannot be used for
excessively large transactions. There are two types of credit cards on the market today:
1. Credit cards issued by credit card companies (e.g., MasterCard, Visa) and major banks
(e.g. Is Bankasi, Ziraat Bankasi, Yapi Kredi, etc.)
2. Credit cards issued by department stores (e.g Boyner), oil companies (e.g. Shell)
Businesses extremely benefit from these company cards and they are cheaper to operate.
They are widely issued to and used by a broad range of customers. Businesses offer
incentives to attract customers to open an account and get one of these cards.

Credit card payment process:

Step Description
1 Bank issues and activates a credit card to customer on his/her request.
2 Customer presents credit card information to merchant site or to merchant from
whom he/she want to purchase a product/service.
3 Merchant validates customer's identity by asking for approval from card brand
company.
4 Card brand company authenticates the credit card and paid the transaction by
credit. Merchant keeps the sales slip.
5 Merchant submits the sales slip to acquirer banks and gets the service chargers paid
to him/her.
6 Acquirer bank requests the card brand company to clear the credit amount and gets
the payment.
7 Now card brand company asks to clear amount from the issuer bank and amount
gets transferred to card brand company.

102
Figure: Online Credit Card (VISA) Transaction Process
Processing a Payment Card Order

1
4.6 SMART CARD CASH PAYMENT SYSTEM
Smart Cards based Electronic Payment System “Smart cards‟ are receiving renewed
attention as a mode of online payment. They are essentially credit card sized plastic cards with
the memory chips and in some cases, with microprocessors embedded in them so as to serve as
storage devices for much greater information than credit cards with inbuilt transaction processing
capability.
This card also contains some kinds of an encrypted key that is compared to a secret key
contained on the user’s processor. Some smart cards have provision to allow users to enter a
personal identification number (PIN) code. Smart cards have been in use for well over the two
decades now and have been widespread mostly in Europe and Asian Countries. Owing to their
considerable flexibility, they have been used for a wide range of functions like highway toll
payment, as prepaid telephone cards and as stored value debit cards. However, with the recent
emergence of e-commerce, these devices are increasingly being viewed as a particularly
appropriate method to execute online payment system with considerably greater level of security
than credit cards. Compared with traditional electronic cash system, smart cards based electronic
payment systems do not need to maintain a large real time database. They also have advantages,
such as anonymity, transfer payment between individual parties, and low transactional handling
cost of files. Smart cards are also better protected from misuse than, say conventional credit
cards, because the smart card information is encrypted. Currently, the two smart cards based
electronic payment system- Mondex and Visa Cash are incompatible in the smart cards and card
reader specification.
Smart cards have been in existence since the early 1980s and hold promise for secure
transactions using existing infrastructure. Smart cards are credit and debit cards and other card
products enhanced with microprocessors capable of holding more information than the
traditional magnetic stripe. The smart card technology is widely used in countries such as France,
Germany, Japan, and Singapore to pay for public phone calls, transportation, and shopper loyalty
programs.
A smart card is about the size of a credit card, made of a plastic with an embedded
microprocessor chip that holds important financial and personal information. The microprocessor
chip is loaded with the relevant information and periodically recharged. In addition to these
pieces of information, systems have been developed to store cash onto the chip. The money on

1
the card is saved in an encrypted form and is protected by a password to ensure the security of
the smart card solution. In order to pay via smart card it is necessary to introduce the card into a
hardware terminal. The device requires a special key from the issuing bank to start a money
transfer in either direction.
Smart cards can be disposable or rechargeable. A popular example of a disposable smart
card is the one issued by telephone companies. After using the pre-specified amount, the card
can be discarded. Smart-card technology can be used to hold information on health care,
transportation, identification, retail, loyalty programs and banking, to name a few.
Kalakota and Whinston (1996), classified smart cards based electronic payment system as
(1) relationship based smart cards and (2) electronic purses. Electronic purses, which may
replace money, are also known as debit cards.
Relationship-Based Smart Credit Cards
 It is an enhancement of existing cards services &/ or the addition of new services that a
financial institution delivers to its customers via a chip-based card or other device
 These services include access to multiple financial accounts, value-added marketing
programs, or other information card holders may want to store on their card
 It includes access to multiple accounts, such as debit, credit, cash access, bill payment &
multiple access options at multiple locations
Electronic Purses
To replace cash and place a financial instrument are racing to introduce “electronic
purses”, wallet-sized smart cards embedded with programmable microchips that store sums of
money for people to use instead of cash for everything
The electronic purse works in the following manner:
1. After purse is loaded with money at an ATM, it can be used to pay for candy in a vending
machine with a card reader.
2. It verifies card is authentic & it has enough money, the value is deducted from balance on the
card & added to an e-cash & remaining balance is displayed by the vending machine.
Further Diwan and Singh (2000) and Sharma and Diwan (2000), classified 38 smart cards
into four categories. These are: (1) memory cards: this card can be used to store password or pin
number. Many telephone cards use these memory cards (2) shared key cards: it can store a
private key such as those used in the public key cryptosystems. In this way, the user can plug in

1
the card to a workstation and workstation can read the private key for encryption or decryption
(3) signature carrying card: this card contains a set of pre-generated random numbers. These
numbers can be used to generate electronic cash (4) signature carrying cards: these cards carry a
co-processor that can be used to generate large random numbers. These random numbers can
then be used for the assignment as serial numbers for the electronic cash.
Smart cards are broadly classified into two groups:
Contact: This type of smart card must be inserted into a special card reader to be read
and updated. A contact smart card contains a microprocessor chip that makes contact with
electrical connectors to transfer the data.
Contact-less: This type of smart card can be read from a short distance using radio
frequency. A contact-less smart card also contains a microprocessor chip and an antenna that
allows data to be transmitted to a special card reader without any physical contact. This type of
smart card is useful for people who are moving in vehicles or on foot. They are used extensively
in European countries for collecting payment for highway tolls, train fares, parking, bus fares,
and admission fees to movies, theatres, plays, and so forth.

Some of the advantages of smart cards include the following:


1. Stored many types of information • Not easily duplicated
2. Not occupy much space
3. Portable
4. Low cost to issuers and users
5. Included high security
Disadvantages:
1. Low maximum transaction limit (not suitable for B2B or most B2C)
2. High Infrastructure costs (not suitable for C2C)
3. Not (yet) widely used
4. Lack of universal standards for their design and utilization.
Smart Card Applications
• Ticketless travel
– Seoul bus system: 4M cards, 1B transactions since 1996
– Planned the SF Bay Area system

1
• Authentication, ID
• Medical records
• E-cash
• Personal profiles
• Government
– Licenses
• Mall parking

4.7 MİCRO-PAYMENT SYSTEM


A micropayment is an e-commerce transaction-type with a low financial amount.
Micropayments are typically used to purchase online products and services such as e-books,
music and memberships.
A Micropayment is a financial transaction involving a very small sum of money, and
usually one that occurs online. Micropayments were initially devised as a way of allowing the
sale of online content as a way to pay for very low cost network services. Micropayments were
envisioned to involve small fractions of a currency. Micropayments would enable people to sell
content on the Internet, and this would be an alternative to advertising revenue.

1
The term “micropayment” can be defined as a small sum of payment ranging from a
couple of dollars to a fraction of a cent in exchange for intellectual property or web-based
content. Micro-payments are becoming a popular form of payment in the e-commerce sales
sector. Many companies are providing their clients the option to pay for inexpensive transactions
through financial firms such as Paypal, Visa, Mastercard, etc. Each company has its own
maximum amount of money used in a micropayment transaction, for example for Paypal it is less
than $12 USD, and for Visa it is less than $20 USD.
“Micropayment system” is the name given to the online payments system, enabling
people to charge relatively small amounts of money for their online content or services. These
systems were developed during the 1990’s, however they are not efficiently implemented. Back
then, there are only a few websites that accept micropayments and implements this kind of
system. As the era changes, the term micropayment is commonly used to refer to the sale of
virtual goods.
Many consumers have the preference to pay these small sums of money online, as it is
timesaving and more convenient. Mobile technologies such as tablets running on the Android or
iPad system are also advancing rapidly and are incorporating applications from their app stores
to support micro-payments. Examples would include the eBay, Amazon, and Paypal applications
which allow users to make purchases online. EBay gives you the option to pay via Visa,
Mastercard, and Paypal. This new form of technology will change how we value money and
consider our purchases. This new convenience will accelerate our use of e-commerce and add
higher benefits to the end user by saving transportation costs
The key benefit to this process is the payment provider's ability to serve as a single secure
payment contact for sellers and buyers. Sellers can provide multiple websites and/or products
without the overhead of a merchant account, and buyers can pay many different sellers under one
secure transaction umbrella. Easy and secure adaptability is at the core of e-commerce growth at
the micro level.
How does this work?
With a prepaid system, cash, cheque, or credit payment is made to the online company
sponsoring the micropayment system; your online account is then credited with a commensurate
sum. You may then purchase goods or services online using this account. Often the purchases are

1
digital in nature, and include, artwork, photos, images, audio, and video clips, privileges, perks,
virtual goods, and titles.
When you first setup your account, your contractual agreement, sensitive financial, and
personal account information, is transferred to the company you wish to do business with via an
encrypted link.
At the time you are setting up your account, your account information is scrambled using
a cipher code uniquely designed to protect that information and that information is then
transmitted encoded to the online company that is sponsoring the micropayment system... There,
your sensitive financial information is decoded, and your account is setup. That is the way
micropayment accounts are supposed to work.
Once your account is setup, you may then make micropayments at any time, simply by
selecting an item or payment option, and confirming your choice. This also usually occurs in a
secured online environment setup by the company sponsoring the micropayment system, and
often involves the purchaser verifying his or her identity prior to the purchase using a password,
access code, or a digital or physical key of some sort.
Advantages and Disadvantages of Micro Payment system:
Advantages:
1. Anonymity
Setting up an online account with a micropayment service provider allows one to conduct
financial transactions online with some anonymity.
2. Speed
Micropayment accounts allow for quick and convenient purchase of real and virtual
goods and services.
3. Scalability
Micropayment systems can grow easily to accommodate additional trades, and new
products, or services.
4. Security
Fewer online transfers of actual payment leads to fewer opportunities for actual theft or
abuse. It is much easier to contain the scope of theft or abuse using a micropayment system.
Disadvantages:
1. Insecure Data

1
If sensitive account information is compromised, the account holder is left vulnerable to
more than just the losses from the investment in the account, often secondary or tertiary accounts
may be compromised as a result.
2. Dishonesty
Account holders may lose their investment in the micropayment system if the payment
processing company is dishonest, or otherwise deceptive.
3. Excessive, Taxes, Fees, and Charges
Individual transactions end up costing the buyer more over the long term as individual
taxes, fees, and charges, when combined and compared with a single larger purchase, reveal that
the purchases actually cost more than if a single large purchase was made.
4. Excessive Maintenance Costs
With the explosion in the sheer number of micro transactions, actually auditing or
reviewing such transactions quickly becomes extraordinarily expensive. Proportionally the
number of customer disputes over failed or undesired individual purchases increase as well.
In the next years the market for low value products such as online music and videos and
the role of micropayment systems for selling such products are expected to grow substantially.
4.8 Electronic Cash
Electronic cash is a general term that describes the attempts of several companies to
create value storage and exchange system that operates online in much the same way that
government-issued currency operates in the physical world.
Electronic cash (also called e-cash or digital cash) is any value storage and exchange
system created by a private (non-governmental) entity that does not use paper documents or
coins and that can serve as a substitute for government-issued physical currency. Since e-cash is
issued by many private companies, we need common standards for all e-cash issuers so that they
are accepted by each other. Until now those common standards were not met. Every issuer has its
own standards and e-cash is not universally accepted compared to government-issued physical
currency.
Electronic Cash (E-Cash) or electronic money are playing more significant role in our
daily life due to the rise of internet usage. Most of the money form today is in electronic.
However with new invention of tool doesn’t mean that it will bring all positive results as nothing
is perfect in this world.

1
Concerns about electronic payment methods include privacy and security, independence,
portability, and convenience. Privacy and security issues are probably the most important issues.
E-cash has its unique security problems. E-cash must have two important characteristics
in common with physical currency. It must be spent only once and it must be anonymous.
E-cash is independent and portable. E-cash is independent, if it is not related to any
network or storage device. It is portable, if it can be freely transferable between any two parties.
Credit and debit cards are not portable. In a credit card transaction, the credit card recipient must
have an account established with a bank unlike the case in e-cash.
The most important characteristic of cash is convenience. If e-cash requires special
hardware or software, it will not be convenient for people to use.
Properties of Electronic Cash:
There are many ways that exist for implementing an e-cash system, all must incorporate a
few common features.
Features of E-Cash
1. Consumer buys e-cash from Bank
2. Bank sends e-cash bits to consumer (after charging that amount plus fee)
3. Consumer sends e-cash to merchant
4. Merchant checks with Bank that e-cash is valid (check for forgery or fraud)
5. Bank verifies that e-cash is valid
6. Parties complete transaction: e.g., merchant present e-cash to issuing back for deposit once
goods or services are delivered
Specifically, e-cash must have the following four properties:
1. Monetary value
2. Interoperability
3. Retrievability
4. Security
Electronic Cash in Action
• Electronic Cash is based on cryptographic systems called “digital signatures”.
• This method involves a pair of numeric keys: one for locking (encoding) and the other for
unlocking (decoding). (Through public key and private key)
Purchasing E-cash from Currency Servers

1
The purchase of e-cash from an on-line currency server (or bank) involves two steps:
• Establishment of an account and
• Maintaining enough money in the account to bank the purchase.
Some customers might prefer to purchase e-cash with paper currency, either to maintain
anonymity or because they don’t have a bank account.
Using the Digital Currency
• Once the tokens are purchased, the e-cash software on the customer’s PC stores digital money
undersigned by a bank.
• The users can spend the digital money at any shop accepting e-cash, without having to open an
account there or having to transmit credit card numbers.
• As soon as the customer wants to make a payment, the software collects the necessary amount
from the stored tokens.
Electronic Cheques
• It is another form of electronic token.
• Buyers must register with third-party account server before they are able to write electronic
cheques
• The account server acts as a billing service.
Electronic Cash Storage
There are two methods of e-cash storage system. They are;
 On-line
o Individual does not have possession personally of electronic cash
o Trusted third party, e.g. e-banking, bank holds customers’ cash accounts
 Off-line
o Customer holds cash on smart card or electronic wallet
o Fraud and double spending require tamper-proof encryption
How a typical e-cash system works:
Similar to regular cash, e-cash enables transactions between customers without the need
for banks or other third parties. When used, e-cash is transferred directly and immediately to the
participating merchants and vending machines. Electronic cash is a secure and convenient
alternative to bills and coins. This payment system complements credit, debit, and charge cards

1
and adds additional convenience and control to everyday customer cash transactions. E-cash
usually operates on a smart card, which includes an embedded microprocessor chip.
A customer or merchant signs up with one of the participating banks or financial
institutions. The customer receives specific software to install on his or her computer. The
software allows the customer to download “electronic coins” to his or her desktop. The software
manages the electronic coins. The initial purchase of coins is charged against the customer's bank
account or against a credit card. When buying goods or services from a web site that accepts e-
cash, the customer simply clicks the “Pay with e-cash” button. The merchant's software
generates a payment request, describing the item(s) purchased, price, and the time and date. The
customer can then accept or reject this request. When the customer accepts the payment request,
the software residing on the customer's desktop subtracts the payment amount from the balance
and creates a payment that is sent to the bank or the financial institution of the merchant, and
then is deposited to the merchant's account. The attractive feature of the entire process is its
turnaround time which is a few seconds. The merchant is notified and in turn ships the goods.
Advantages and Disadvantages - Electronic Cash
Advantages:
We can transfer funds, purchase stocks, and offer a variety of other services without
having to handle physical cash or cheques as long as bank is providing such services online. The
significant effect is we do not have to queue in lines, thus saving our time.
Debit cards and online bill payments allow immediate transfer of funds from an
individual's personal account to a business's account regardless the designated place (around the
globe) by few clicks without any actual paper transfer of money. This bring convenience
individual like us and businessmen.
Consumers will have greater privacy when shopping on the Internet using electronic
money instead of ordinary credit cards.
 More efficient, eventually meaning lower prices
 Lower transaction costs
 Anybody can use it, unlike credit cards, and does not require special authorization
 Electronic cash transactions are more efficient and less costly than other methods.
 The distance that an electronic transaction must travel does not affect cost.
 The fixed cost of hardware to handle electronic cash is nearly zero.

1
 Electronic cash does not require that one party have any special authorization.
Disadvantages:
E-cash and E-Cash transaction security are the major concern. Frauds on E-Cash are on
the catch recent years. Hackers with good skill able to hack into bank accounts and illegally
retrieve of banking records has led to a widespread invasion of privacy and has promoted
identity theft. There are many other tricks including through phishing website of certain banks
and emails.
Money flow and criminal/terrorist activities are harder to be traced by government. With
the continued growth of E-Cash, money flow in and out of countries at immediate speed without
being traced will weaken the government's ability to monitor and income in tax. Money
laundering and tax evasion could be uncontrollable in e-cash systems as criminals use
untraceable internet transaction to hide assets offshore.
E-Cash is not for everyone. Low income groups without computer and internet access are
unable to enjoy the usage of E-Cash. This issue shall be resolved so that E-Cash could be
implemented widely.
There is also a pressing issue regarding the technology involved in electronic cash such
power failures, internet connection failure, loss of records and undependable software. These
often cause a major setback in promoting the technology.
 Susceptible to forgery
 Electronic cash provides no audit trail.
 Because true electronic cash is not traceable, money laundering is a problem.
 Electronic cash is susceptible to forgery.
 So far, electronic cash is a commercial flop.
E-Cash Concept

1
4.9 Summary
It is evident that electronic payments are very essential for completion of e-commerce
transactions. E-Payment is any kind of non-cash payment. It allows transfer of money through
internet and other electronic networks. E-payment comprises of different types of electronic
payments that are available to carry out e-commerce transactions. Some are card based and
others are electronic fund transfers. Therefore, it is essential for all business organizations to
know about the operations of e-payment system. This unit provides an overview of different e-
payments systems in vogue for the benefit of users.
4.10 Key Terms
E-payment: It is a subset of an e-commerce transaction to include electronic payment for buying
and selling goods or services offered through the Internet.
Electronic Fund Transfer (EFT): It is defined as “any transfer of funds initiated through an
electronic terminal, telephonic instrument, or computer or magnetic tape so as to order, instruct,
or authorize a financial institution.
E-Money: E-Money transactions refer to situation where payment is done over the network and
amount gets transferred from one financial body to another financial body without any
involvement of a middleman.
Electronic cash: It is any value storage and exchange system created by a private (non-
governmental) entity that does not use paper documents or coins and that can serve as a
substitute for government-issued physical currency.
Digital token based payment system: It is a new form of electronic payment system which is
based on electronic tokens rather than e-cheque or e-cash.
Smart card: It is about the size of a credit card, made of a plastic with an embedded
microprocessor chip that holds important financial and personal information.
Micropayment: It is a financial transaction involving a very small sum of money, and usually
one that occurs online.
P2P: P2P payments enable one individual to pay another using an account, a prepaid card or
another mechanism that stores value.
4.11 Self Evaluation Questions
1. What is meant by e-payment system?
2. State different types of e-payment system.

1
3. What do you understand by EFT?
4. What is Credit Card?
5. What is Debit Card?
6. What is Smart Card?
7. How does a Credit Card work?
8. How does a Debit Card work?
9. How does a Smart Card work?
10. Write a note on e-money
11. Write a note on mobile payments
12. What is Financial Services Kiosks?
13. What is Automated Clearing House?
14. Explain P2P
15. What is meant by digital token based payment system?
16. Describe Smart Card payment system
17. What is the concept of e-cash?
18. What are the properties of e-cash
19. What are the advantages and disadvantages of e-cash?
20. What are the smart card applications?
21. What is micro payment system?
22. How does micro payment system work?

1
UNIT – V
E-Finance

Learning Objectives
After studying this unit, the students would be able to understand
 The concept of E-finance
 The concept of E-banking
 The concept of E-trading
 Areas of E-finance
 Operations in E-banking
 Differences between e-banking and traditional banking
 Importance of e-trading

Contents
5.1 Introduction
5.2 Meaning of E-finance
5.3 Areas of E-finance
5.4 Scope of E-finance
5.5 Importance of E-finance
5.6 E-finance and India
5.7 Meaning of E-banking
5.8 Functions of E-banking
5.9 Importance of E-banking
5.10 Forms of E-banking
5.11 Advantages of E-banking
5.12 Traditional banking vs. E-banking
5.13 How does E-banking work?
5.14 Meaning of E-trading
5.15 Importance and advantages of E-trading
5.16 Summary
5.17 Key Terms
5.18 Self Evaluation Questions

5.1 Introduction
Finance refers to the use of monetary resources by an organization. The business is
evaluated by its financial position. With the emergence of e-commerce, the field of finance has
not been untouched by technology. As a result of the use of Internet in the field of financial

1
activities, the term E-finance came into vogue. It is a key component of E-Commerce. The
various components of E-finance are e-banking, e-payment system, e-cash, e-trading, digital
currency and IMPS (International Mobile Phone Services)
Electronic financial services, whether delivered online or through other remote
mechanisms, have spread quickly in recent years. E-finance penetration varies by type of service.
Most affected have been brokerage markets, where online trading is becoming the norm. The
spread of online banking services has been more varied across countries. Spurred by the entry of
new providers from outside the financial sector many financial service providers are now
offering e-finance services.
Electronic communication technologies and the Internet are more important for finance.
It will fundamentally transform the financial services industry and financial markets. The net
represents the latest in a long line of electronic technologies that have reshaped the financial
industry.
E-finance is a new field of Finance and is still in budding stage. It has a greater
importance and played a vital role for developing economy like India. The developments can be
divided into two broad areas. The first is the impact on banking and financial services. The
advent of the internet and other electronic communication has fundamentally altered many
aspects of the banking industry. Many of the services traditionally provided by banks are being
provided by other entities. The second broad area is the transformation of financial markets.
These no longer need to be associated with a physical place. As a result trading systems for
equities, bonds and foreign exchange are becoming global. All these changes have important
significance for public policy towards the financial services industry and financial markets. They
consider the implications for safety and soundness regulation, competition policy, consumer and
investor protection and global public policy.
E-finance - including investing, banking, mortgage lending and insurance - will grow at a
dazzling rate in the coming years. E-finance will empower both consumers and businesses,
enabling them to reduce transaction costs, speedy process of documents online and have
instantaneous access to information. For businesses, e-finance can improve efficiency and
decrease the costs of internal business functions.
Nowadays, with the emergence of e-commerce, E-finance has become a buzzword
among the entrepreneur, business firms and investors. Due to the increasing awareness about the

1
use of internet and computer technology in commercial purpose, E-finance has emerged as
solution to simplify the complexions involved in dealing with finance. It is somewhat the shift of
system of financial service from the real world to a virtual one.
5.2 Meaning of E-Finance
The Term ‘E-Finance’ is used differently by different people. It can be defined as a
provisioning of financing instruments to business organisations using electronic tools and
technology for the lengthwise process and this incorporates the use of electronic channels for
mobilizing e-finance services and electronic methods to set up proper finance conditions and
deal with the risk related to the finance itself.
The E-Finance system is designed to allow for paperless submission of a variety of
financial documents.
E-finance is defined as the provision of financial services and markets using electronic
communication and computation.
E-finance technologies have been deployed in different kinds of financial services firms,
depository institutions, insurance companies and securities companies.
E-finance in simple words is use of Internet and technologies in financial services. It has enabled
the people to have any financial transactions without any human interaction. It saves time
reduces the paper works and chances of fraudulent.
E-finance means the allocation, implementation and treatment of financial resources
through Internet.
5.3 Areas of E-finance
E-Commerce is not new. The Nasdaq market involved the electronic trading of stocks as
early as 1971. The difference today is that electronic communication and computation is now
used much more widely than before. A large number of people have access to the Internet and
this has vastly changed the opportunities for the use of electronic payments systems, the
operations of financial services firms and financial markets. We have argued that this change
raises a number of important research issues. For example, is the widespread use of paper based
cheques efficient? Will the financial services industry be fundamentally changed by teh advent
of the Internet? Why have there been such large differences in changes to market microstructure
across different financial markets/ we look forward to these and other questions being answered
as the emerging field of e-finance develops.

1
The developments of E-finance around the world can be divided into two broad areas, viw.,
1. Banking and financial services, and
2. Financial Markets
5.3.1 Impact on Banking and Financial Services
It is observed that the advent of the Internet and other electronic communication means
has fundamentally altered many aspects of the banking industry. Many services traditionally
provided by banks are being now provided by other entities. Three important trends in the
financial service industry have been accelerated by the emergence of the Internet. These are:
 Improved price transparency,
 Differential pricing and
 Transformation of distribution channels
Improved price transparency increases competition and reduces profit margins. Transaction costs
of search remain high that differential pricing is possible and this will become important in
financial services industry. Increased use of Internet leads to the unbundling of services and
promotes disintermediation, there will be a transformation of distribution channels and an
important restructuring of the industry. E-finance is dramatically changing the structure and
nature of financial services
 E-finance will lead to much lower costs and greater competition in financial services
through both new entry from outside financial sector and greater competition among
incumbent financial service providers. These developments will force banks to lower fees
and commissions because providing e-finance is much cheaper than providing traditional
financial services. As a result incumbent financial institutions will likely experience a
sharp decline in revenue.
 Internet and related technologies are completely different way of providing financial
services. They can also better stratify their customer base and allow consumers to build
preference profiles online. The Internet also allows new financial service providers to
compete more effectively for customers. All these forces are delivering large benefits to
consumers.
 New providers are emerging within and across countries, including online banks, online
brokerages and companies. Non-financial entities are also entering the market, including
telecommunications and utility companies that offer payment and other services.

1
Vertically integrated financial service companies are growing rapidly and creating
synergies by combining brand names, distribution networks, and financial service
production.
 Trading systems are consolidating and going global. Trading is moving toward electronic
platforms not tied to any location. Electronic trading and communication networks have
lowered the costs of trading and allow for better price determination.
 The telecommunications framework should avoid protecting incumbent providers and
allow private firms to enhance connectivity using forms ranging from fixed lines to
mobile and satellite.
 Internet transactions require security measures in cases where innovative approaches to
public and private partnerships will be necessary.
 If information is good enough, e-finance will extend the reach of financial institutions
and capital markets.
 With e-finance, contract enforcement has become more important within and across
borders, but new technology may also help solve contract enforcement problems.
 E-finance can increase long-standing risks—such as theft and lack of privacy—as well as
create new ones. Thus more emphasis is needed on better disclosure, education, and
information.
 To make financial markets and institutions work better, more emphasis should be placed
on competition policy and clear rules for markets.
 E-finance reduces the need for government intervention because the private sector can
provide financial services even when a country’s financial sector is weak.
5.3.2 Impact on Financial Markets
The second area is the transformation of the functioning of financial markets. These no
longer require associating with a physical place. As a result, trading system of equities, bonds
and foreign exchange are becoming global.
 The development of over the counter market for stocks into the trading system is an
example of e-finance in the context of financial markets.
 Many stock markets around the world adopted electronic trading methods
5.4 Scope of E-Finance
E-finance provides the scope for the following activities:

1
5.4.1 Financial markets
Financial market refers to the market where financial assets are exchanged by dealers
such as stock exchange market. By e-finance facility it has become easier to perform the
activities related to financial market through internet technology
5.4.2 Online banking
Online banking or rather e-banking refers to the process of getting connected to the
official website of the bank through the internet and performing the task even if the customer is
not present in the bank. It enables the user to maintain his financial activities through the e-
banking system.
5.4.3 Internet transactions
Internet transaction generally includes e-cash, e-payment, digital currency and ATM. It is
a way to transact through the internet without using real currency.
5.4.4 Online trade finance
Trade Finance provides services that resolve payment and delivery issues between buyers
and sellers in international trade
5.4.5Credit information and management
5.5 Importance of E-Finance
This is the era where the internet facilities and computer systems are easily available to
everyone, affordable and are more powerful, all these facility has made the work easier to us.
Many 0f the companies have been using them to build their own virtual network like email
(Electronic Mail) which enables the people to end the messages faster, creates the possibilities to
expand and promote their business outside their business network. However some there are some
key factors which make the E-finance important especially in developing countries, as:-
 It is cheaper Round-the-clock operation in ‘click-and-conquer’ world.
 Exchange of finance through the internet is an easier way to reach to the global customers
and expand the business area globally.
 No more need of mediator.
 The ‘face to face’ interaction is shifting to ‘screen to face’ interaction.
 Reduces the cost of acquiring customers & new business area, providing financial
services and expansion of corporate network

1
Various advantages of E-Finance can be divided into three categories viz. Financial
Institutions, Customers and Government
5.5.1 Advantages to Financial Institutions
 Fewer transaction Costs.
 Less Loan initiation costs.
 Enhanced customer relationship management
 Ease at use of credit scoring
 Easy availability of credit information
 More target Customers in less manpower.
5.5.2 Advantages to Customers
 Availability of Cheaper Finance from financing institutions
 Quick and early delivery of financial services
 Less personal visit to financial institution is required
 Ease at taking loan from global institutions.
 More convenience process
 For Securing Loan less collateral is required
5.5.3 Advantages to Government
 Dynamic SME Sector
 Help in employment generation
 Healthy completion in financial market
 Contribution in GDP of country
 Helpful in poverty alleviation
5.6 E- Finance and India
In India the position of E-finance is still in its initial stage and has a lot to grow up, This
is due to the insufficiency of the awareness of technological approach to the financial services.
Though, the business firms, entrepreneurs, investors and customers are getting aware with the
functions, importance and benefits of getting the financial task done through the internet
technology. Corporate are getting modernised and seeking to shift the whole transaction
digitalised. They are getting direct interconnected to their customers without any role of
mediator, taking their online feedback and solving their problems by making a separate FAQ and
suggestion/complain portals. It has put a great impetus on the other parts of business like

1
international market and financial accounting. It is a tool to overcome the lacuna of physical
delivery of financial services.
All these changes have important significance for public policy towards the financial
services industry and financial markets. They consider the implications for safety and soundness
regulation, competition policy, consumer and investor protection and global public policy.
5.7 Meaning of E-banking
E-banking refers to electronic banking. It is like e-business in banking industry. E-
banking is also called as "Virtual Banking" or "Online Banking". E-banking is a result of the
growing expectations of bank's customers. E-banking involves information technology based
banking. Under this I.T system, the banking services are delivered by way of a Computer-
Controlled System. This bank's system does involve direct interface with the customers. The
customers do not have to visit the premises. Banking is now no longer confined to the branches
were one has to approach the branch in person, to withdraw cash or deposit a cheque or request a
statement of accounts.
In India E-banking is of fairly recent origin. The traditional model for banking has been
through branch banking. Only in the early 1990s there has been start of non-branch banking
services. The good old manual systems on which Indian banking depended upon for centuries
seem to have no place today.
E-bank is the electronic bank that provides the financial service for the individual client
by means of Internet.
E-banking is defined to include the provision of retail and small value banking products
and services through electronic channels as well as large value electronic payments and other
wholesale banking services delivered electronically.
Electronic banking is an umbrella term for the process by which a customer may perform
banking transactions electronically without visiting a brick-and-mortar institution. Therefore
transactions related to bank activities via Electronic means and medium is called electronic
Banking.
Electronic banking, also known as electronic funds transfer (EFT), is simply the use of
electronic means to transfer funds directly from one account to another, rather than by check or
cash. You can use electronic funds transfer to:
 Have your paycheque deposited directly into your bank or credit union checking account.

1
 Withdraw money from your checking account from an ATM machine with a personal
identification number (PIN), at your convenience, day or night.
 Instruct your bank to automatically pay certain monthly bills from your account, such as
vehicle loan or mortgage payment.
 Have the bank transfer funds each month from your account to another account.
 Have your government social security benefits or tax refund deposited directly into your
account.
 Buy groceries and other purchases at the point-of-sale.
 Use a smart card with a prepaid amount of money embedded in it for use instead of cash
at a pay phone, road toll, or on college campuses at the bookstores.
5.8 Functions of E-banking
At present, the personal e-bank system provides the following services:
A. INQUIRY ABOUT THE INFORMATION OF ACCOUNT
The client inquires about the details of his own account information such as the card’s/account’s
balance and the detailed historical records of the account and downloads the report list.
B. CARD ACCOUNTS’ TRANSFER
The client can achieve the fund to another person’s Credit Card in the same city.
C. BANK-SECURITIES ACCOUNTS TRANSFER
The client can achieve the fund transfer between his own bank savings accounts of his own
Credit Card account and his own capital account in the securities company. Moreover, the client
can inquire about the present balance at real time.
D. THE TRANSACTION OF FOREIGN EXCHANGE
The client can trade the foreign exchange, cancel orders and inquire about the information of the
transaction of foreign exchange according to the exchange rate given by our bank on net.
E. THE B2C DISBURSEMENT ON NET
The client can do the real-time transfer and get the feedback information about payment from our
bank when the client does shopping in the appointed web-site.
F. CLIENT SERVICE
The client can modify the login password, information of the Credit Card and the client
information in e-bank on net.

1
G. ACCOUNT MANAGEMENT
The client can modify his own limits of right and state of the registered account in the personal e-
bank, such as modifying his own login password, freezing or deleting some cards and so on.
H. REPORTING THE LOSS IF THE ACCOUNT
The client can report the loss in the local area (not nationwide) when the client‟s Credit Card or
passbook is missing or stolen.
Popular Services Covered Under E-Banking: Indian banks offer to their customers following
E-Banking products and services:
1. Automated Teller Machines
2. Telephone Banking
3. Electronic Clearing Cards
4. Smart Cards
5. Electronic Funds Transfer (EFT) System
6. Electronic Clearing Services
7. Mobile Banking
8. Internet Banking
9. Telebanking
10. Door Step Banking
Description of Services
A description of some basic services provided by Electronic Banking is given below:
 SMS Banking: Short Message Service (SMS) is the formal name for text messaging.
SMS banking allows customers to make simple transactions to their bank accounts by
sending and receiving text messages.
 Electronic Funds Transfer: Electronic Funds Transfer (EFT) is a system of transferring
money from one bank account to another without any direct paper money transaction.
 Any Branch Banking: Any branch banking is the service where an account is accessible
from any branch of a particular bank. In Bangladesh the term is widely popularized as
online banking.
 Automated Teller Machine (ATM): ATM means computerized machine that permits
bank customers to gain access to their accounts and permit them to conduct some limited
scale banking transactions with a magnetically encoded plastic card and a code number.

1
 Point of Sale (POS): Point of Sale (POS) service is an innovative electronic money
transferring system that allows the customers of banks to pay for their purchases through
their ATM and credit card at any POS enabled retailer.
 Debit Cards: Debit cards are linked directly to the bank account of its holder. The holder
of debit card can use it to buy goods or withdraw cash and the amount is taken from the
bank account right away.
 Credit Cards: A credit card is a form of borrowing. Credit cards allow its holder to ‘buy
goods now and pay later’ – called ‘buying on credit’. They aren’t linked to the bank
account of the customers.
 Banking KIOSK: KIOSK Banking offers customers the flexibility to conduct their
banking transactions via the KIOSK machine. The customer must have a Debit Card and
a PIN. When one inserts the debit Card into the Kiosk, he/she will be prompted to enter
the PIN. He/she can then begin using KIOSK Banking.
 SWIFT: The Society for Worldwide Interbank Financial Telecommunication (“SWIFT”)
operates a worldwide financial messaging network which exchanges messages between
banks and other financial institutions.
5.9 Importance of E-Banking
Businesses rely on efficient and rapid access to banking information for cash flow
reviews, auditing and daily financial transaction processing. E-banking offers ease of access,
secure transactions and 24-hour banking options. From small start-up companies to more
established entities, small businesses rely on e-banking to eliminate runs to the bank and to make
financial decisions with updated information. The importance of E-Banking is as follows:
Activity Review:
Business owners, accounting staff and other approved employees can access routine
banking activity such as deposits, cleared checks and wired funds quickly through an online
banking interface. This ease of review helps ensure the smooth processing of all banking
transactions on a daily basis, rather than waiting for monthly statements. Errors or delays can be
noted and resolved quicker, potentially before any business impact is felt.
Productivity:
E-banking leads to productivity gains. Automating routine bill payments, minimizing the
need to physically visit the bank and the ability to work as needed rather than on banking hours

1
may decrease the time involved in performing routine banking activities. Additionally, online
search tools, banking actions and other programs can allow staff members to research
transactions and resolve banking problems on their own, without interacting with bank
employees. In some cases, month-end reconciliations for credit card transactions and bank
accounts can be automated by using e-banking files.
Lower Banking Costs
Banking relationships and costs are often based on resource requirements. Businesses that
place more demands on banking employees and need more physical assistance with wire
transfers, deposits, research requests and other banking activities often incur higher banking fees.
Opting for e-banking minimizes business overhead and banking expenses.
Reduced Errors
Utilizing e-banking reduces banking errors. Automation of payments, wires or other
consistent financial activities ensures payments are made on time and may prevent errors caused
by keyboard slips or user error. Additionally, opting for electronic banking eliminates errors due
to poor handwriting or mistaken information. In many cases, electronic files and daily reviews of
banking data can be used to double or triple check vital accounting data, which increases the
accuracy of financial statements.
Reduced Fraud
Increased scrutiny of corporate finances through audits and anti-fraud measures requires
a high level of visibility for all financial transactions. Relying on e-banking provides an
electronic footprint for all accounting personnel, managers and business owners who modify
banking activities. E-banking offers visibility into banking activities, which makes it harder for
under-the-table or fraudulent activities to occur.
5.10 Forms of E-banking

Clients use modern communication media for remote communication with the bank: a
modem, telephone, computer or payment card. A characteristic feature of these services is the
client’s uninterrupted round-the clock account access, i.e., independent of banking business
hours and the ability to execute local and international payments directly from the comfort of the
home or office. This reduces cash handling and transport costs, lowers the risk of theft or
accepting counterfeit bank notes, increases speed and enhances the comfort of making payments.

1
Electronic communication means are particularly coming to the forefront. These are more
convenient, faster, and often cheaper for clients. Banking experience shows it is suitable to use
combinations of several communication means, depending on individual segments, clients, and
types of operations, products and situations. Electronic banking is a service that specifically uses
electronic communication forms.
Electronic banking can be divided on the basis of the instruments used: telephone
connection, personal computers, means of payment [bank cards] and self-service zones.
Electronic Banking Using a Telephone Connection
Telephone banking and the first banking services using classic telephone lines for
communication date back to the turn of the end of the last century. At the close of the 20th
century mobile phones also started to be used in banking. Banks quickly responded to the using
of mobile telephones world-wide and began communicating with their clients by SMS messages.
Each financial institution offers this under a different name, but the essential product remains the
same. A mobile phone can be used to communicate with a so-called telephone banker or an
automated telephone system, just as well as a fixed line. However, opportunities for mobile
phone usage in communication with a bank are much greater. Mobile phone use represents a
direct communication channel that spread on a massive scale through which clients have
immediate access to typing a bank operation, ordering services or working with accounts.
Electronic banking using a telephone connection can be divided into phone banking (ATS, client
advisor) and mobile banking (SMS banking, GSM SIM Toolkit and WAP).
SMS banking
It is a type of mobile banking, a technology-enabled service offering from banks to its
customers, permitting them to operate selected banking services over their mobile
phones using SMS messaging. SMS banking uses short text messages sent through the client’s
mobile phone. SMS text messages can be used for both passive and active operations similarly as
with classic telephone banking. A client can automatically receive information about his account
balance: an SMS is sent to the client immediately after a certain operation is performed, or on
request: a client sends the bank a correctly formatted message which processes it and answers the
client’s request by SMS.
Information sent on request mostly concerns current interest rates or currency exchange
rates. Providing these is simple for the bank because this is publicly accessible information that

1
needs no protection. A client however can request information about the balance in his account,
which is not public information and must be protected when it is provided. Passwords are used
for this purpose or technologies based on the principle of an electronic key. A client however is
required to know the code of every transaction including constant and variable symbols. The
whole message containing data separated by # symbols sometimes has up to fifty characters.
Users can easily make mistakes. This is frequently a limiting factor for clients, reducing the
comfort factor in this service.
GSM SIM Toolkit
The GSM SIM Toolkit service can only be used from a mobile phone supporting this
technology. GSM SIM Toolkit is a software interface that enables arbitrary changes to the
mobile phone menu. Operators supporting this technology can use it to personalize mobile phone
menus. This means that only functions activated and paid for will appear on the user menu. This
technology dates back to 1998. Among the first companies to use it in banking applications
based on the
GSM SIM Toolkit standard were RadioMobil and Expandia Bank in the Czech Republic.
Most mobile phones now on the market support for the GSM SIM Toolkit. To use this service
the client needs to be using services of an operator supporting this standard in its network, be a
client of a bank that offers handling of accounts through the GSM SIM Toolkit, have a mobile
phone supporting GSM SIM Toolkit technology and use a special SIM card for banking services.
After buying a special SIM card and activating it at the pertinent bank branch the client can
begin using this service. The mobile phone menu will be widened to include the Banking
Services item, through which it is possible to carry out active or passive banking operations.
The precise structure differs from one financial institution to another. Security is what is
important here. To access banking services it is necessary to know BPUK (PUK for banking
applications) and BPIN. BPUK is assigned to a client by the bank when the application is
activated and recorded on the mobile phone’s SIM card. BPIN is used for every access to
protected items in the banking application. When a client makes three unsuccessful attempts to
type the BPIN, access to the banking application and its items is blocked, it is necessary to know
the BPUK to unblock it. When the client fails ten times to type the right BPUK the SIM card can
no longer be used for banking services. The main advantage of this service is its simplicity. A
client just follows instructions on the mobile phone display.

1
WAP (Wireless Application Protocol)
WAP is often compared to web pages, although this is a simplification. Unlike pages
appearing on a computer monitor, WAP presents its output on a small mobile phone display,
therefore concentrating on text information. It is a form of gateway to various services prepared
by a mobile network operator or another firm. One condition for using the service is that the
client must have a mobile phone supporting WAP technology.
Security is again provided by an electronic key. WAP banking has not caught on very well so
far, some banks however continue to offer it despite the relatively low number of users.
Electronic Banking using Personal Computers
Along with significant growth in the usage of mobile phones in banking practice,
personal computers have also come to the fore, which to an even greater extent facilitate and
modernize banking service provision. In an information society this communication instrument
plays an irreplaceable role and is indispensable for the present day banking sphere. The area of
electronic banking realized through personal computers can be divided into home banking,
internet banking and mail banking.
Home Banking
Home banking is a service that enables a bank client to handle his accounts from a
computer from a place selected in advance, at home or in the office. The main features of home
banking systems are the high level of security, comfort, simplicity of use, openness of the
system, wide communication possibilities, networking, definition of users and their rights,
automated data transmission and the option to define a combined signature specimen.
A home banking system usually consists of two parts: a bank computer program and a program
in the client’s computer. The bank program works as a communication server. It receives calls
from clients, verifies their identity, receives data from them, authenticates digital signatures,
generates digital receipts and sends data to clients. A home banking computer system is a multi
user application, meaning that several of the client’s employees can work with it, in particular:
a) administrator – can define new employees, change rights,
b) sender – ensures communication with the bank and transmission of prepared data,
c) accountant – can type payment orders and orders for collection,
b) viewer – can browse through statements and announcements received.
This system is open and can be expanded in the future without great cost.

1
Internet Banking
Internet banking allows customers of a financial institution to conduct financial
transactions on a secure website operated by the institution, which can be
a retail or virtual bank, credit union or society. It may include of any transactions related to
online usage. Internet banking can be used from the home or the office, as well as an internet
café, although the latter is not recommended for security reasons. In order to handle his account a
user just needs an internet browser (such as MS Explorer or Netscape Navigator).
A client cannot avoid visiting the bank though, because he must first ask for an
identification code. After opening the bank’s web site the client simply selects internet banking
and, further to proper identification, can perform passive or active operations. Good internet
banking should provide a maximum of services.
No less important are the graphic interface, clarity, simplicity, and unambiguity of usage.
The intelligibility of texts determines simplicity and speed of understanding of the meaning of
menu items, data fields, and general text information displayed to the client.
Safety for concrete applications is assured by client authentication, verification of data and data
protection by encryption. Client identification is done using passwords or codes. The client
chooses some of these and the bank assigns others. It is recommended to choose a password
made up of various types of characters, which can be a combination of numbers, lower case and
capital letters, and special symbols.
Banks usually protect large volume transactions with additional security means, such as
an encryption (authentication) calculator, or a token, which generates nonrecurring random
passwords, which a client types on confirming an order. The token itself is protected by certain
security features. Work with it is only enabled after the client types a four-digit PIN code,
whereby the user can change the PIN at any time. In the event of three failed attempts to type the
correct PIN the token blocks itself. After 60 seconds of inactivity a token automatically switches
itself off and once switched back on, it again requests the PIN. When a client generates several
(for example 10) authentication codes in succession and types none of them into the client
system, the key becomes desynchronized.
This protection serves to prevent use of the key for other purposes. A cheaper and, based
on its dimensions, more practical alternative to a token is a grid card. This is a card with a mesh

1
drawn on it with fields with random generated characters. The user authorizes an active
operation by typing the right code from the field of the card the operator requests from him.
Mail Banking
Mail banking is another electronic banking service that makes it possible to communicate
with the bank by electronic mail or e-mail. The most frequently used service is sending account
statements at agreed periodicity to the client’s mailbox. E-mail is not used for more complex
operations.
Mobile banking
It is also known as M-Banking, mbanking. It is a term used for performing balance
checks, account transactions, payments, credit applications and other banking transactions
through a mobile device such as a mobile phone or Personal Digital Assistant (PDA).
5.11 Advantages of E-banking
The Advantages or benefits can be classified in three categories, these are:
1. National Point of View
2. Banks’ Point of View
3. Customers’ Point of View
5.11.1 National Point of View
Though in these days banks transaction and activities has brought negative impact on the
economy of our country, the investment in e-banking by banks can make some long-term
benefits for our country. The advantages that our country is getting from e-banking action are:
Job creation
The issue of computers eliminating jobs of people was quite emotional and painfully real.
But it has two sides that automation will eliminate certain types of job like record keeper and
also created jobs like administrator, system analyst, programmer, operator etc. and helped to
reduce unemployment problem.
Contribution to GDP
Banks with a national economy, work towards building national capital, increasing
national savings and mobilizing investments in trade and industry.
Economic benefits: E-banking served so many benefits not only to the bank itself, but also to
the society as a whole.

1
 E-banking made finance economically possible: (i) Lower operational costs of banks (ii)
Automated process (iii) Accelerated credit decisions (iv) Lowered minimum loan size to
be profitable.
 Potentially lower margins: (i) Lower cost of entry (ii) Expanded financing reach (iii)
Increased transparency.
 Expand reached through self-service: (i) Lower transaction cost (ii) Make some corporate
services economically feasible for society (iii) Make anytime access to accounts and loan
information possible.
5.11.2 Banks’ point of view
From the banks’ view point, banks are getting some specific benefits or advantages after
starting the e-banking services. These advantages are:
Branding
Banks offering e-banking services was better branding and better responsiveness to the
market.
Profit Maximization
The main goal of every company was to maximize profits for its owners and banks were
not any exception. Banks are increasing its profit by reducing the cost of paper, time etc. by
using e-banking. Thus, automated e-banking services offered a perfect opportunity for
maximizing profits.
Increased Services Quality
Features of E-banking services include less time, complete transaction, no human conflict
and presence etc. thus the quality of services of bank is increasing day by day.
Increased Customer Rate
It is the most noticeable change in bank after starting e-banking services. Customers are
accepting this medium beside a traditional account. Ultimately, the profit of bank is increasing.
5.11.3 Customers’ point of view
The main benefit from the bank customers’ point of view was significant saving of time
by the automation of banking services processing and introduction of an easy maintenance tools
for managing customer’s money. The main benefits of e-banking were as follows:
 Increased comfort and timesaving-transactions made without requiring the physical
interaction with the bank.

1
 Quick and continuous access to information.
 Corporations had easier access to information as they can access multiple accounts at the
click of a button.
 Better cash management. E-banking facilities speed up cash cycle and increases
efficiency of business processes as large variety of cash management instruments is
available on Internet sites of banks.
 Private customers looked for slightly different kind of benefits from e-banking.
 Reduced costs: This was in terms of the cost of availing and using the various banking
products and services.
 Convenience: All the banking transactions performed from the comfort of the home or
office or from the place a customer wants to.
 Speed: The response of the medium was very fast; therefore customers actually waited
till the last minute before concluding a fund transfer.
 Funds management: Customers downloaded their history of different accounts and do a
“what-if” analysis on their own PC before affecting any transaction on the web.
5.12 Traditional Banking vs. E-Banking
Traditional banking and e-banking are two ways for getting the benefits from bank. Both
have benefits and disadvantages. Customer can use both or any of these facilities.
Here we are showing the differences between traditional banking and e-banking
1. Basic Introduction
(a) Traditional Banking
In traditional banking system, a customer can open any bank account in banks; take the
facility of saving his money by depositing money in local bank. He can withdraw his money
through cheque, counter payment and through bank draft. He can meet the bank manager and
solve his problem. He can take the physical help for getting loan from bank.
(b) E-banking
E-banking means Internet banking or modern banking. In this method, customer gets his
bank account ID and password and he can check his account, pay his bill and print his receipt
through his home personal computer which is connected with Internet. E-banking is development
of today banking system. In other words, e-banking is electronic banking whose facility, you can
take through your regular broadband Internet connection.

1
2. Benefits
(a) Traditional Banking
Traditional banking has totally improved from previous face. Traditional banking has
improved and there is minimum chance of fraud. For example, now banks started installing
surveillance cameras. Banks do not want to take risk of customer's money. Customer's loss is
their loss. They deduct fraud cases by monitoring the activities through these surveillance
cameras.
(b) E-banking
(i) Convenient
E-banking is convenient because we can use e-banking for tracking money in bank
without going to bank.
(ii) Protection of Environment
E-banking, can also protect our environment. Suppose, you have to withdraw Rs. 500,000
from HDFC bank and deposit it to SBI. What will you do? You will start your vehicle and go to
HDFC bank and withdraw the money and then go to SBI for depositing this money. By using
vehicle, you are increasing the pollution in the environment. We can protect our environment by
using e-banking. Just within 5 minute, we can transfer our money from HDFC bank to SBI bank
through home e-banking facility.
3. Disadvantages
(a) Traditional Banking
(i) Robbery
Open any day newspaper; there will be one new bank robbery case. This is the
disadvantage. No one can do same thing in e-banking.
(ii) Time limitation
Banks are opened from 9: 00 to 5:00 p.m. But, it may possible that we have to pay at
11:00 p.m. which can be done through e-banking not traditional banking.
(b) E-banking
Hacking, spyware program, computer virus and breaking online password are the
weakness of e-banking. Online big hackers are using computer virus and after spreading it, they
compromise your computer. After this, they know all detail and banking password and illegally

1
transfer all your money. Next day, your bank account may be zero. Even you can stop this crime
by writing strong password but you cannot remove it totally.
5.13 How Does Electronic Banking Work?
Banking was once paper-based, meaning that people wrote checks and withdrew paper
money to perform their everyday financial transactions. More recently, electronic banking has
become the norm for consumers. One may benefit from learning the basics of how electronic
banking works as well as its advantages and disadvantages.
Electronic banking transactions typically involve three parties --- the bank, the consumer
and a merchant. In some cases, only the bank and the consumer must participate to complete the
transaction. The consumer initiates the transaction by either submitting the request online, going
to a store or visiting an ATM machine. The bank receives the request and either approves or
rejects the electronic transfer of funds based on the accuracy of the data provided in the request
(card number, address, routing number or account number) and the available funds in the case of
withdrawals. After processing is completed, the funds electronically transfer to or from the
consumer's account to reach the intended recipient.
After all, Banking Sector is giving all the services through Electronic Banking which is
available in the world. But the services can be varied in case of Geographic cause, networking
problem and much more. If these problems are removed then it is expected that the whole
country will be under banking services through Electronic Banking Methods.
E-banking is a borderless entity permitting anytime, anywhere and anyhow banking. This
facilitates us with all the functions and many advantages as compared to traditional banking
services. During this step of the process, controls that could mitigate or eliminate the identified
risks, as appropriate to the organization’s operations, are provided. The goal of the recommended
controls is to reduce the level of risk to the IT system and its data to an acceptable level.
In India, E-banking is in a nascent stage. No doubt Indian banks are making sincere
efforts for the adoption of advanced technology and installation of e-delivery channels but still
masses are wary of the concept. E-banks should create awareness among people about E-banking
products and services. Customers should be made literate about the use of e-banking products
and services. Indicators of the challenges of E-banking should be taken into account to reap the
maximum benefits of E-banking in India.

1
5.14 Meaning of E-Trading
Once, the only way to trade stocks was through a stock broker. They would take orders,
make suggestions and then handle the entirety of the actual buying and selling of stocks. With
the advent of the internet, stock brokers have been used by those who intend to trade large
quantities of stock. The average person no longer needs a stock broker as he can trade online.
When it comes to electronic trading, for most individual investors, taking a long-term buy-and-
hold approach is probably the best strategy. Most of us simply don't have the time or the
expertise to trade for a living. But for some investors, trading can be an extremely lucrative
profession. There have always been professionals who made their living off of trading. It wasn't
until recently, however, that technology enabled individuals who weren't working for a
brokerage to directly access the markets. Electronic stock trading, or E-trading, is the practice of
buying and selling stock and other assets using an electronic stock brokerage service. Electronic
stock trading can have several advantages over traditional trading through a live broker.
Definition
 Electronic trading services allow users to sign up over the Internet and conduct stock
transactions using a purely electronic interface on the Web.
 The process of conducting stock market transactions (buy and sell orders) using an
electronic platform that transfers the orders to a physical person to complete. Electronic
trading has become a popular method due to its ability to conducts transactions quickly
and effectively.

 Electronic trading is a method of trading securities (such as stocks, and bonds), foreign
exchange or financial derivatives electronically.

 Information technology is used to bring together buyers and sellers through an electronic
trading platform and network to create virtual market places. This can include various
exchange-based systems, such as NASDAQ, NYSE Arca and Globex, as well as other
types of trading platforms, such as electronic communication networks (ECNs),
alternative trading systems, crossing networks and "dark pools."

 Electronic trading is rapidly replacing human trading in global securities markets.

 Electronic trading is in contrast to older floor trading and phone trading and has a number
of advantages, but glitches and cancelled trades do still occur.

1
5.15 Importance and Advantages of Electronic Trading

Ease of Access
E-trading services are easy for anyone to access and use. All that is required to use E-
trading services is an Internet connection and funds to invest. Accounts can often be set up
within a few days and transfers can be made into accounts from a linked account on demand, so
you can get money into investments quickly if necessary.

Cost
Another potential advantage of electronic trading is that the cost of transactions can be
much less than using a traditional stock broker. Often stock brokers will charge not only a
brokerage fee for their services, but they take a percentage of any earnings. They may also have
other fees added into the exchange, depending on the stockbroker. Brokers make their living
working with stocks. All that can make them very effective, but also very costly. Electronic
trading services are automated which can reduce the cost of placing trades, allowing electronic
services to charge low transaction fees. The flat rates charged by E-trading firms are usually
extremely inexpensive by comparison.

Control
This was always one of the complaints when brokers had a stranglehold on the market.
They would often refuse to perform a trade they thought was a poor investment. If they saw any
flaws in an investment, they had full authority to deny the trade to their clients. While this could
save the potential client from making a bad investment, it could also prevent them from taking a
risk that would pay off enormously. Online stock trading removes the middleman between
traders and the stocks they want.
Self-Directed Investing
Many investors pay investment professionals to manage their investments for them.
While this can have advantages for those who do not understand investing, professional services
often charge commissions that can sap investment gains. Electronic investing allows users to
direct their own investments and buy and sell whenever they please without having to interact
with middlemen.

1
Convenience
Electronic stock trading also offers greater convenience than using a conventional stock
broker. With E-trading, trades can be made anywhere as long as you have access to the internet.
For instance, if one is on a business trip to China, he could make trades from a laptop at hotel
without having to call anyone. Accounts are typically accessible at any time of the day, allowing
users to look over their investments whenever they please.
Subscription Levels
Electronic stock trading services may offer a variety of subscription levels for different
types of investors. For instance, some accounts are free and charge fees only when you make
trades. Others may charge monthly fees, but allow traders to make trades for less money, which
can be advantageous to investors that expect to trade often.
Propinquity
The chain of investor to broker to trade to payoff was too time consuming process to
execute the trade in time, which is a danger in the world of stock market where time is money.
Trading online allows immediate trading for the investor and real-time updates regarding a
stock’s performance. The lag between the investor's purchase and the actual time the stocks are
bought has been reduced to nil.
Able to make as many or as few trades
Stockbrokers usually required a minimum trade allotment which means an individual
could not make a single trade for a paltry sum. They were forced to follow the broker’s
guidelines. This prevented casual traders from being able to trade whatever volume of
investments they wanted.
The stock market has come a long way from the ancient days of faceless men. Now it is
just as easy for anyone to trade online while sitting in home. The benefit of online stock trading
is that it wrests control of the market from the brokers and puts it into the hands of the individual.

5.16 Summary
The E-Finance system is designed to allow for paperless submission of a variety of financial
documents. Nowadays, E-finance has become a buzzword among the entrepreneur, business
firms and investors. E-finance has emerged as solution to simplify the complexions involved in
dealing with finance. It is somewhat the shift of system of financial service from the real world

1
to a virtual one. This unit highlights the scope and importance of E-finance, areas of E-finance
and the status of E-finance in India.
Businesses rely on efficient and rapid access to banking information for daily financial
transaction processing. E-banking offers ease of access, secure transactions and 24-hour banking
options. From small start-up companies to more established entities, e-banking is a boon to make
financial decisions with updated information. Banking is now no longer confined to the branches
were one has to approach the branch in person, to withdraw cash or deposit a cheque or request a
statement of accounts. In India E-banking is of recent origin. E-bank is the electronic bank that
provides the financial service for the individual client by means of Internet. This unit brings to
light the importance and functions of E-banking, explains various forms of E-banking, highlights
the advantages of E-banking and the working of E-banking system.
The average person no longer needs a stock broker as he can trade online. Electronic
trading services allow users to sign up over the Internet and conduct stock transactions using a
purely electronic interface on the Web. This unit gives a picture of the importance and
advantages of E-trading.
5.17 Key Terms
E-finance is defined as the provision of financial services and markets using electronic
communication and computation.
E-bank is the electronic bank that provides the financial service for the individual client by
means of Internet.
E-banking is defined to include the provision of retail and small value banking products and
services through electronic channels as well as large value electronic payments and other
wholesale banking services delivered electronically.
Automated Teller Machine (ATM): ATM means computerized machine that permits bank
customers to gain access to their accounts and permit them to conduct some limited scale
banking transactions with a magnetically encoded plastic card and a code number.
Point of Sale (POS): Point of Sale (POS) service is an innovative electronic money transferring
system that allows the customers of banks to pay for their purchases through their ATM and
credit card at any POS enabled retailer.
Banking KIOSK: KIOSK Banking offers customers the flexibility to conduct their banking
transactions via the KIOSK machine. The customer must have a Debit Card and a PIN. When

1
one inserts the debit Card into the Kiosk, he/she will be prompted to enter the PIN. He/she can
then begin using KIOSK Banking.
SWIFT: The Society for Worldwide Interbank Financial Telecommunication (“SWIFT”)
operates a worldwide financial messaging network which exchanges messages between banks
and other financial institutions.
SMS Banking: Short Message Service (SMS) is the formal name for text messaging. SMS
banking allows customers to make simple transactions to their bank accounts by sending and
receiving text messages.
Electronic Funds Transfer: Electronic Funds Transfer (EFT) is a system of transferring money
from one bank account to another without any direct paper money transaction.
Home banking is a service that enables a bank client to handle his accounts from a computer
from a place selected in advance, at home or in the office.
Mobile banking: It is a term used for performing balance checks, account transactions,
payments, credit applications and other banking transactions through a mobile device such as
a mobile phone or Personal Digital Assistant (PDA).
Electronic trading is a method of trading securities (such as stocks, and bonds), foreign
exchange or financial derivatives electronically.
5.18 Self Evaluation Questions
1. What is E-finance?
2. What is E-trading?
3. What is E-banking?
4. What is Internet Banking?
5. What is SMS Banking?
6. What is Home Banking?
7. What is Mobile Banking?
8. Explain the scope of E-finance.
9. List out popular services rendered by E-banking
10. Write a note on GSM SIM Toolkit
11. What do you understand by WAP (Wireless Application Protocol)?
12. What is Mail Banking?
13. Bring out the importance of E-finance.

1
14. State the importance of E-Banking
15. What are the functions of E-banking?
16. Describe various forms of E-banking
17. Enumerate the advantages of E-banking
18. Differentiate traditional banking from E-banking
19. Enunciate the importance and advantages of E-trading

1
UNIT – VI

Legal Framework for E-commerce


Learning objectives
After studying this unit, students would be able to understand:
 E-Commerce Legal Framework
 Provision of Information Technology Act, 2000
 Provision of Information Technology Act, 2008
 Internet and Copyrights
 Concept of Defamation
 Consumer Privacy
 Formation of E-Contracts
 Taxation issues in Internet
 Domain Name in Internet

Contents
6.1 Introduction
6.2 Information Technology Act, 2000
6.3 Information Technology Act, 2008
6.4 Copyright and the Internet
6.5 Defamation
6.6 Privacy
6.7 Formation of an E-contract
6.8 Tax issues
6.9 Domain Names
6.10 Summary
6.11 Key Terms
6.12 Self Evaluation Questions

6.1 Introduction
Technological advancements in the field of communications have greatly shortened the
distance across the globe. Revolutionary changes in both synchronous and asynchronous
communication have taken place as a result of the popularity of the Internet. Vast amounts of
information, formerly expensive and difficult to obtain, now proliferate on the Internet. The
approach to business transactions has changed, as new technology replaces traditional modes of
doing business. Consequently, regulations to monitor activities over the Internet must be
implemented in order to keep pace with the new advances in information technology.
E-commerce has its origin in foreign jurisdictions especially in developed nations. These
jurisdictions have proper laws and adequate infrastructure to cater to the needs of e-commerce

1
stakeholders. This has helped these stakeholders in not only complying with the laws of these
jurisdictions. It also helped in contributing to the economy of these areas. But E-commerce in
India is a totally different case. It has all the advantages of profit making and commercial
viability even though it is not regulated by any e-commerce law.
Legal provisions pertaining to foreign direct investment (FDI), Foreign Exchange
Management Act (FEMA), national taxation laws, cyber law due diligence, cyber security due
diligence, e-commerce due diligence, etc are openly ignored in India. In some instance,
Enforcement Directorate (ED) has also initiated investigation against big e-commerce players
like Myntra, Flipkart and many more e-commerce websites operating in India. Many
stakeholders have also protested against the unfair trade practices and predatory pricing tactics of
Indian e-commerce websites.
The matter has reached to the level of Indian government that has also promised to look
into the matter and draft suitable e-commerce law of India, if required. The alternative approach
that can be adopted by Indian government is to amend the Information Technology Act, 2000 (IT
Act 2000) to accommodate e-commerce related issues.
A special law to deal with e-commerce is necessary due to several peculiar features
which are specific to e-commerce world. These are:
 The Internet has no physical or national boundaries. There is no single “controller” of the
Internet.
 All correspondence and documents are in electronic form. There are no handwritten or
physically signed documents. There are no other identifying marks such as printed or
embossed letter head, seals and thumb impressions.
 Taxation laws, International laws are not very clear between countries.
 As the Internet is “open” there is a perceived lack of security and confidentiality unless
special protections are taken.
 Computer and communication technologies are changing rapidly.
 Most common people are ignorant about technology.
6.2 The Information Technology Act 2000
India is one of the few countries in the world to pass the first cyber law by the Parliament
on the 17th October, 2000. It is called Information Technology Act, 2000. The Act came into
force with a view to promote the growth of e-commerce transactions and e-governance in the

1
country. The Act was drafted by using the model law on e-commerce initiated by the United
Nations Commission on International Trade Law (UNCTTRL). The primary object is to create
trust in the electronic environment through the use of digital signatures. It provides the legal
infrastructure for conducting e-commerce transactions.
The primary objectives of the Act are:
 To promote e-commerce and amend existing laws in tune with the new technology.
 To enable the conclusion of contracts and enforce rights and obligations relevant to
electronic documents.
 To recognise electronic documents and to recognize digital signature analogous to
physical signature.
 To certify the authenticity of digital signatures by an appropriate Government
 To ensure wide acceptance and enforcement of digitally signed documents in courts of
law.
 To promote e-governance the Act proposes Government offices and agencies to accept
electronic records signed digitally.
 To make necessary consequential amendments in the Indian Penal Code and the Indian
Evidence Act, 1982 which deal with offences related to documents and paper-based
transactions.
 To amend the Reserve Bank of India Act, 1934 to facilitate Electronic Funds Transfer
between the financial institutions and bankers.
 To amend the Bankers’ Books Evidence Act, 1891 to give legal sanctity to bank accounts
maintained in electronic form by banks.
The Act Specifically left out the following from its scope:
 Negotiable Instruments
 Power of Attorney
 Trust Deed
 Will
 Contract for sale of property
The above documents are normally registered by registration offices of various States after
paying appropriate stamp duties.
The major interesting aspects of the Act are:

1
 E-mail correspondence has legal status and can be used as evidence in a court of law.
 The use of private key and public key in encryption has been recognised as a secure
method of transmitting data electronically. Correspondence to this digital signature based
on the private key-public key pair is recognized for signing documents.
 Since amendment, signature in the Act is assumed to be digital signature.
 A controller of public key certifying authorities has been appointed by the Government to
authenticate public keys. He can grant licences to certifying authorities.
 The foreign public key certifying authorities can be recognized by the Controller in India.
 All applications to Government bodies can be filed in electronic form. The Government
can issue licences, permits, sanctions, approvals, etc., online in electronic form. All these
have to be digitally signed.
 Archival documents of companies and government departments to be kept for a specified
period can now be stored in CDROM or tapes.
 Online contracts are recognized by the Act. Electronic contracts are considered legally
valid. They are enforceable by law. The originator of an electronic record sends it as a
message. It is considered to have been received by the addressee, if he sends an
acknowledgement. Formation of online contracts depends on the terms and conditions
stated by the originator. The time of dispatch of the electronic record is deemed to be the
time at which the electronic record enters a computer resource outside the control of the
originator. Likewise, the time of receipt of an electronic record is taken to be the time it
enters the computer resource designated by the addressee.
The following have been classified as offences by the Information Technology Act, 2000 and
punishment of imprisonment and/or fine has been specified.
 If a company’s network is digitally accessed and stored data is stolen or damaged or
flooding the site leading to a denial of access to a company’s site, monetary claims up to
Rs. 1 Crore can be made against the intruder.
 If a person(s) steals source code of a company’s computer or tampers with it, a
punishment of maximum 3 years imprisonment and/or Rs. 2 lakhs fine can be levied.
 If private confidential information is accessed for unlawful purposes by a person(s) it is
punishable with imprisonment of up to 2 years.

1
For the following offences committed by a cyber criminal, popularly known as a hacker, the Act
specifies imprisonment and fine. The IT Act, 2000 deals with the following categories of cyber
crimes:
1. Tampering with computer resource code
2. Hacking
3. Publishing any obscene information
4. Breach of privacy
5. Misrepresentation
6. Publishing digital signature which is false for a particular type
Cyber crimes that generally occur within organizations are:
 E-mail abuse
 Spam mails
 Cyber defamation
 Theft of source code
 Exchange of business secrets and documents
 Insiders attacks on personnel databases
 Use of office computer for running other businesses
 Transmission and viewing of pornographic materials
 External cyber attacks on an organization resulting in denial of service
 Information espionage
Many countries have enacted specific laws to deal with Internet crimes or cyber crimes. For
example, USA has the PATARIOT Act, Singapore, Malaysia, Britain, South Korea and Japan
have implemented similar laws. However, different countries have differences about the
perception and definitions of crimes. An activity deemed criminal in a target country may not be
considered so in the country from where the offending action was launched. For example,
pornography websites are perfectly legal in the USA while accessing them from India may be an
illegal activity. The cyber world is complex. Some interesting points about cyber crimes are:
 The definition of hacking covers virus, worm and Trojan
 The Act prescribes punishment for publishing obscene information on a website
 Unauthorized access to ‘protected systems’ is considered as an offence and teh Act
prescribes very severe punishment.

1
 The Act prescribes punishment for cyber crimes. It prescribes punishment in the form of
fine and imprisonment.
 Downloading copies or extracts of confidential data from a database without permission
of the owner.
 Introducing any soft contaminant or computer virus into any computer or a computer
network.
 Altering or deleting data from a person’s computer without the person’s knowledge.
 Publishing obscene literature / pictures accessible from the Internet.
 Charging for services availed of by a person to another person by tampering with or
manipulating accounts in a computer network.
 Using the Internet for any act which will compromise the sovereignty or integrity of
India.
A legal framework has also been created for trying cyber crimes. They are:
 The IT Act provides for bringing a cyber criminal to justice irrespective of his nationality
and location anywhere in the world.
 An adjudicating officer has been appointed to hold inquiries under the Act.
 The Act prescribes the damages that may be payable as compensation by the offender.
An application must be made by the victim for claiming compensation. The damages to
be paid may be assessed by an adjudicating officer.
 The Act precludes Internet Service Providers (ISPs) and other service providers from its
scope.
 All appeals against the order of an adjudicating officer are to be heard by the Cyber
Regulations Appellate Tribunal and not by any civil court.
 A Cyber Appellate Tribunal with a high court judge as presiding officer and other experts
have been appointed.
 The institution of the Cyber Regulations Appellate Tribunal, (CRAT) presided over by a
judge of the High court, shall be the appellate authority against all the decisions and
rulings of the CCA and the Adjudicating Officers under the IT Act.
 All appeals against the order of the Tribunal will be heard by a High Court.
 Police officers of a certain rank have been given the authority to enter any public place
(for example, a cyber cafe) and search and arrest without warrant if they suspect that an

1
action breaking the provisions of the IT Act is being committed. This is a draconian
measure which is not probably entirely warranted.
 The Act does not cover common cyber crimes such as cyber stalking, cyber harassment,
stalling of Internet hours, cyber defamation, etc. Cyber stalking and e-mail harassment
are emerging as major crimes.
 A Cyber Regulation Advisory Committee has been appointed to advise the controller of
public key certifying authorities and the Government on matters relating to the actual
implementation and working of the Act.
 The Act recognizes digital signatures. The IT Act provides for authentication of an
electronic record through digital signature. The digital signature shall be effected by the
use of an asymmetric crypto system and hash function. The digital signature works on the
private and public key. While the private key is used to sign an electronic record by
encrypting it the corresponding public key can alone verify that the record was signed by
its owner’s private key.
 The Certifying Authorities have to get license to issue digital signature certificates.
 Certifying Authorities (CAs) have to declare its practice in public in the form of what is
known as its Certification Practice Statement (CPS)
6.3 Information Technology (Amendment) Act, 2008
Based on the criticism and experience gained by using the Information Technology Act,
2000 the Government formed an expert committee to review the IT Act in January 2005. The
Committee had representatives from the Government, IT Industry and legal experts and
submitted its report in August 2005. After approval from the Government, the Information
Technology Act (Amendment) Bill, 2006 was submitted to the Parliament. The Parliament sent it
to its standing committee which has made some more recommendations. The Bill is called IT
(Amendment) Bill 2008 has been debated and passed by Lok Sabha and is now an Act. The main
amendments are;
1. The term 'digital signature' has been replaced with 'electronic signature' to make the Act
more technology neutral. In the IT Act, 2000 an e-document is affixed with a digital
signature which is based n encryption with a certified public key. It is not “technology
neutral”. If this encryption method is found insecure by some unforeseen future
technology the entire law breaks down with all the structures which have been put in

1
place. In such case, other methods of signing such as affixing scanned thumb print (or
other unique biometric makers), using a digital watermark, etc., may have to be used.
Thus, the amendment replaces the term digital signature by the term electronic
signature. This new term does not exclude digital signature as it is an electronic
signature. However, the types of electronic signatures which are allowed are not
specified. It will be specified from “time to time” by the Government.
2. In the IT Act, 2000 the controller of public key certifying authorities is a government
appointee in the Department of IT who has to keep in his or her office all public key
certificates to allow anyone to access database of public key certificates to authenticate
the certificate.
This provision has been amended allowing the certifying authorities to provide
public key certificates. The purpose is to relieve the controller’s office whose public key
database could become huge. However, authenticity of a certificate given by a
responsible government official has better credibility, in public’s perception.
3. The other set of important amendments relate to the protection of the privacy of personal
data. Currently no specific law in the statue books in India addresses directly this issue of
data privacy. Privacy is a right flowing from the constitutional guarantee of right to life.
The 2008 Act places responsibility of ensuring security of personal data of
individuals handled by a company. If through their negligence in securing the data of
individuals “sensitive private data” is accessed by unauthorized persons, the company is
liable to pay a compensation of up to Rs.5 crores to the affected individual. It does not
define what constitutes “sensitive private data”
4. The amended Act also penalizes service providers who collect personal data to provide,
for example, a free service, from disclosing it to anyone else with intent to cause injury to
the individual.
5. Another amendment relates to circulation of indecent pictures or videos of individuals
(e.g., nude pictures) without their permission. Anyone doing this can be jailed for a year
and fined up to Rs.25 lakhs.
6. The term hacking which was used in IT Act has been replaced by the more accurate term
computer related offence. As we pointed out while discussing IT Act 2000, the term
hacker does not necessarily mean a cyber criminal.

1
7. The provision of the IT Act 2000 which relates to publishing and transmission of
pornography has been substantially changed. Only entities which intentionally or
knowingly are involved in publishing or transmission of pornographic material are
punishable. Intermediaries have been excluded from the ambit of this law. For example, a
search engine company like Google is not liable for pornographic material which is
retrieved using their tool. However, if active collusion of the intermediary is proved in
publishing and transmission of pornographic material, then it is liable. If an intermediary
is informed about such an objectionable material, it must remove the material.
8. If an offence is committed by a company, the person managing its affairs (such as CEO)
is normally liable. The amendment modifies this clause. A manager/director is punishable
only if it is proved that the person connived in committing the offence and failed to
prevent it.
9. The IT Act 2000 gave arbitrary powers to the police. Under its provision a police officer
can enter, search and arrest an individual from a public place if he or she suspects that the
IT Act is being violated. This provision has now been removed.
10. The IT Act 2000 provides an appellate authority to appeal against the rulings of the
controller. It had one person appointed by the Government. It has been changed to
“Cyber Appellate Tribunal” which would consist of a chairperson and other members to
be appointed by the Government. One member of the tribunal will be a judicial member.
The Government will also appoint an examiner (or examiner’s office) to give expert
opinion on electronic form of evidence.
The following material has been based on an analysis of the proposed bill which has been
published by PRS Legislative Research, New Delhi. It is an analysis of some of the issues not
properly addressed by the 2006 bill but has since been addressed in the 2008 Act.
 Currently telephone can be tapped and regular mail intercepted only to protect
sovereignty of the country, national interest, etc. The 2008 amendment allows e-mail
communications also to be intercepted by the police for investigation of any offence.
 As pointed out earlier there is no current law on privacy in India except under the
constitutional guarantee of right to life. The IT Act 2000 does not specify what personal
information may be collected, how it can be processed, used and disseminated. The 2008
Act provides compensation to persons whose personal data has been used unlawfully

1
without permission of the individual. It does not, however, address the issue of breach of
privacy.
 Copying and destroying personal data without permission of the individual is punishable
under the amended Act. If an employee of a company who is authorized to access
persona data misuses it, there is no provision to deal with it.
 The 2008 Act defines child pornography. Using computer or communication device to
propagate child pornography will attract exemplary punishment.
 The Act adds to the definition of intermediary telecom networks, Internet and web
hosting service providers, search engines, online payment and auction sites. It defines
cyber cafe as any facility which provides Internet access to the general public as part of
their business and includes them as an intermediary.
 New offences have been added as part of the amended Act. They are: sending offensive
messages using a computer or a mobile phone, disclosing information in breach of a
lawful contract, cheating by using a computer, sending nude pictures of persons without
their permission.

Other provisions which are now added are:


 Punishment has been prescribed for receiving stolen communication devices including
computers.
 Dishonestly using electronic signature and password is an offence and it is punishable.
 If a person cheats by impersonating using a communication device or a computer
resource, it is punishable.
 Cyber terrorism has been defined and exemplary punishment has been prescribed for
terrorist acts using computers or communication device.
 The amended Act provides punishment for sending spam (i.e., unsolicited e-mail on a
mass scale)
 Appropriate officials have been empowered to monitor and collect traffic data to ensure
cyber security including virus and other computer contaminant distribution.
 Appropriate officials have been empowered to issue directions to ISP etc., to block public
access of any information dissemination through a computer communication device
which in their considered opinion is detriment to the sovereignty, integrity and defence of

1
India. Blocking of information can also be ordered to prevent incitement to the
commission of cognizable offence related to security, sovereignty, etc., of India.
 An Indian computer emergency response team is to be formed to collect, analyze and
disseminate information on cyber incidents and to forecast, alert and take emergency
measures to handle such incidents. It will also issue guidelines, advisories, vulnerability
notes to all concerned from time to time.
The standing committee of the Parliament which studied the bill made some suggestions which
are listed below:
 Punishment for cyber crimes committed outside India cannot be enforced. It suggests that
India should take the initiative to convene an International convention on the issue of
cross border cyber crimes.
 Due diligence obligations must be enforced on intermediaries who deal with personal
data before giving them immunity particularly in areas such as online auction sites and
online market places.
 The complicated adjudication process proposed in the bill for obtaining compensation for
various crimes should be simplified.
 The jurisdiction of the appellate tribunal and civil courts in various cases should be
clarified.
 The government along with industry should initiate training programs for all the entities
dealing with cyber crimes.
Cyber Security Issues of E-Commerce Business in India
 E-commerce business is flourishing at a great speed in India. Most of the e-commerce
entrepreneurs are concentrating upon commercial aspects. But they are ignoring techno
legal requirements that may affect their rights in the long run.
 For instance, e-commerce laws in India are spread across multiple legal frameworks and
they are seldom followed by Indian e-commerce stakeholders. Even foreign e-commerce
players and portals are required to be registered in India and comply with Indian laws.
 Similarly, e-commerce players are required to comply with cyber law and cyber
security regulatory compliances in India. A dedicated law for cyber security breaches
disclosures is also in pipeline that would impose stringent obligations upon e-commerce

1
players operating in India. Companies that would fail to comply with the cyber law due
diligence requirements in India may be punished according to Indian laws.
 The cyber security challenges for Indian companies are very difficult to manage in the
absence of proper planning and management. Directors of Indian companies and e-
commerce websites can be held liable for improper cyber security dealings in India.
 Thus, cyber security issues of e-commerce businesses in India cannot be ignored by
various stakeholders except at the risk of litigations and heavy monetary compensations.
Regulation of E-Commerce Websites in India
An ineffective cyber law of India and lack of cyber law skills among the law enforcement
agencies of India is resulting in increased cyber crimes and offences through the medium of e-
commerce websites in India. Further, cyber law awareness in India is also missing that is
resulting in increased e-commerce frauds in India.
For instance, the e-commerce sites selling adult merchandise in India are openly violating
the laws of India. Similarly, e-commerce websites in India are engaging in punishable soft porn
publication and Indian government is sleeping over the matter.
There are well recognised legal requirements to start an e-commerce website in India and
the legal formalities required for starting e-commerce business in India. As on date, the e-
commerce websites are not following such techno legal requirements. They are also not
following the cyber law due diligence requirements of India and are liable for Internet
intermediary liability in India.
E-commerce websites dealing with online pharmacies, online gambling, online selling of
adult merchandise, etc are openly and continuously violating the cyber law of India. However,
Indian government has yet to take action against these offending e-commerce websites of India.
Recently, the Supreme Court of India has sought response from central government over
blocking of porn websites in India. Similarly, the Supreme Court of India has entertained a
public interest litigation seeking regulations and guidelines for effective investigation of cyber
crimes in India.
The cyber law of India is too weak to tackle cyber criminals effectively. In fact, cyber
law of India should be repealed and an effective cyber law must be formulated as soon as
possible. The cyber criminals are becoming innovative day by day and our laws are grossly
inadequate to deal with the same.

1
For instance, numerous websites, both Indian and foreign, are violating the cyber law of
India by operating illegal e-commerce websites in India. These websites are engaging in illegal
trade in wildlife, promising home delivery of live animals, prized animal parts and rare medicinal
plants from across nations through simple internet banking formats.
These are transnational crimes where the authorship attribution for cyber crimes is very
difficult to establish. Realising this reality, the India's Wildlife Crime Control Bureau (WCCB) is
utilising the services of cyber crime experts to trace such cyber criminals. A preliminary inquiry
by WCCB bureau's cyber crime specialists has indicated that nearly a thousand websites are
advertising sale and delivery of live animals and animal products protected under the Wildlife
Protection Act, 1972 of India and the global Convention on International Trade in Endangered
Species (CITES).
Surprisingly, most of these websites are popular shopping websites, online classifieds and
free ad posting websites, etc. They are clearly violating the cyber law and other laws of India and
Indian government is not taking any action against these websites. It is high time to take strict
penal action against such illegal e-commerce websites in India.

Legal Requirements to Start an E-Commerce Website in India


IT Act 2000 is the sole cyber law of India. The cyber law of India mandates that the e-
commerce entrepreneurs and owners must ensure cyber law due diligence in India. The cyber
law due diligence for companies in India has already become very stringent and many foreign
and Indian companies and websites have been prosecuted in India for non exercise of cyber due
diligence.
E-commerce entrepreneurs and owners in India must understand that legal issues of e-
commerce in India are different for different categories of e-commerce. For instance, electronic
trading of medical drugs in India requires more stringent e-commerce and legal compliances as
compared to other e-commerce activities. Digital communication channels for drugs and
healthcare products in India are scrutinised more aggressively than other e-commerce activities.
Regulatory and legislative measures to check online pharmacies trading in banned drugs in
India are already in pipeline.
The legal requirements for undertaking e-commerce in India also involve compliance
with other laws like contract law, Indian penal code, etc. Further, online shopping in India also

1
involves compliance with the banking and financial norms applicable in India. For instance, take
the case of PayPal in this regard. If PayPal has to allow online payments receipt and
disbursements for its existing or proposed e-commerce activities, it has to take a license from
Reserve Bank of India (RBI) in this regard. Further, cyber due diligence for Paypal and other
online payment transferors in India is also required to be observed.
All e-commerce entrepreneurs and owners must do a proper techno legal due diligence
before opening an e-commerce website. The Internet intermediary liability in India may be
frequently invoked against e-commerce websites in India. The Information Technology
(Intermediary Guidelines) Rules 2011 prescribes stringent liabilities for e-commerce websites in
India. Further, e-commerce websites in India must ensure privacy protection, data protection,
data security, cyber security, confidentiality maintenance, etc as well.
E-Commerce Compliances in India
Thousands of e-commerce portals have emerged in India. However, legal and compliance
requirements pertaining to e-commerce have been totally ignored by almost all the e-commerce
portals. There are many techno legal compliance requirements that e-commerce portals of India
must comply with. Online shops pertain to online pharmacies, online gambling, electronics, etc.
are more vulnerable categories. Indian government is also lax in implementing the regulatory and
compliance requirements. Regulatory bodies covering these fields must be more vigil while
keeping a strip upon illegal and unethical activities of those e-commerce portals.
Presently, cyber law compliances, due diligence and techno legal compliances are not
followed by various e-commerce websites in India. There is an urgent need to scrutinise these e-
commerce portals and prosecute the guilty for violations of Indian laws.
6. 4 Copyright and the Internet
"The Internet has been characterized as the largest threat to copyright since its inception.
The Internet is flooded in information with varying degrees of copyright protection. Copyrighted
works on the Net include stories, software, novels, screenplays, graphics, pictures, Usenet
messages and even email. Almost everything on the Net is protected by copyright law. That can
pose problems for the unfortunate surfer."
Generally, Copyright was developed to protect the creative work of authors and rests with
the author. The copyright law protects only the expression of an idea and not the idea itself. In
due course, it started protecting the originality of artists and innovators too. For example, the

1
Copyright Designs and Patent Act, 1988 in the UK allows protection of the following subject
matters:
 Original Literary, dramatic, musical and artistic works
 The typographical arrangement of published editions of Literary, dramatic, or musical
works
 Sound recordings
 Broadcasts
 Cable programmes
Copyright helps an author to protect his work from being copied, taken or used by others
without permission. Copyright owners enjoy the following rights – reproduce, distribute, create
derivative works, publicly perform, display publicly, digitally perform.
A copyright infringement takes place when one of the rights of the copyright holder is
violated. But the copyright law applies to the downloaded matter, in much the same way that it
applies to physical copies. It has been established in a manner of disputes that a website is likely
to enjoy copyright protection. However, a website operator has to ensure that he does not violate
someone else’s copyright while creating the site.
Plagiarism
Plagiarism is the act of stealing and passing off the ideas, words, or other intellectual
property produced by another as one's own. For example, using someone else's words in a
research paper without citing the source is an act of plagiarism.
COPYRIGHT ON INTERNET AND INDIAN LAW
Meaning of Copyright
Copyright is a form of intellectual property protection granted under Indian law to the
creators of original works of authorship such as literary works (including computer programs,
tables and compilations including computer databases which may be expressed in words, codes,
schemes or in any other form, including a machine readable medium), dramatic, musical and
artistic works, cinematographic films and sound recordings.
Section 14 of the Act provides the meaning of copyright in following words: For the
purpose of this Act, “copyright” means the exclusive right subject to the provisions of this Act,
to do or authorize the doing of any of the following acts in respect of a work or any substantial
part thereof, namely:

1
a. In the case of a literary, dramatic or musical work not being a computer programmme,-
i. to reproduce the work in any material form including the storing of it in any medium by
electronic means;
ii. to issue copies of the work to the public not being copies already in circulation;
iii. to perform the work in public, or communicate it to the public;
iv. to make any cinematograph film, or sound recording in respect of the work;
v. to make any translation of the work;
vi. to make any adaptation of the work;
vii. to do in relation to a translation or adaptation of work, any of the acts specified in
relation to the work in sub-clause (i) to (iv).
b. In the case of a computer programme
i. to do any of the acts specified in clause (a);
ii. to sell or give on hire, or offer for sale or hire any copy of the computer programme,
regardless of whether such copy has been sold or given on hire on earlier occasions;
c. in the case of an artistic work,-
i. to reproduce the work in any material form including depiction in three dimensions of a
two dimensional work or in two dimensions of a three dimensional work;
ii. to communicate the work to the public;
iii. to issue copies of the work to the public not being copies already in circulation;
iv. to include the work in any cinematograph film;
v. to make any adaptation of the work;
vi. to do in relation to any adaptation of the work any of the acts specified in relation to
the work in sub-clause (i) to (iii).
d. in the case of a cinematograph film,-
i. to make a copy of the film including a photograph of any image forming a part thereof;
ii. to sell or give on hire, or offer for sale or hire, any copy of the film, regardless of
whether such copy has been sold or given on hire on earlier occasions;
e. in the case of a sound recording,-
i. to make any other sound recording embodying in it;
ii. to sell or give on hire, or offer for sale or hire, any copy of the sound recording,
regardless of whether such copy has been sold or given on hire on earlier occasions;

1
iii. to communicate the sound recording to the public.
Exemption from liability vis-à-vis copyright and patent laws
Section 81 of the IT Act provides that nothing contained in the IT Act will restrict any
person from exercising the rights granted to them under the Copyright Act, and the Patents Act,
1970. This provision is overarching and applies to all provisions of the IT Act, including those
relating to intermediaries.
6.5 Defamation
The term defamation is used to define the injury that is caused to the reputation of a
person in the eyes of a third person. The injury can be done by words oral or written, or by signs
or by visible representations. The intention of the person making the defamatory statement must
be to lower the reputation of the person against whom the statement has been made.
Section 499 of the IPC defines defamation as any act of making or publishing any
imputation concerning a person with
 The knowledge, or
 The intention; or
 The reason to believe
that such imputation will harm the reputation of such person.

There are certain exceptions set out in this section such as:

i. It is not defamation to impute anything which is true concerning any person, if it be for the
public good

ii. It is not defamation to express in good faith any opinion respecting the merits of any public
performance
The punishment of defamation is simple imprisonment for up to two years and/or with fine.
Invention of the internet has provided a medium to interact with the people worldwide. It
has brought the world closer to every man. It has proved to be repository of the enormous
information. It has also given new dimensions to business and trade. Social networking,
entertainment, shopping, job hunt, recruitment, you name anything and its possible via the
medium of internet. The widespread use of internet has also given a new medium to the bad
elements to commit crime.

1
Cyber defamation is publishing of defamatory material against another person with the
help of computers or internet. The harm caused to a person by publishing a defamatory statement
about him on a website is widespread and irreparable as the information is available to the entire
world. The following are mediums by which offense of cyber defamation can be committed:
 World Wide Web
 Discussion groups
 Intranets
 Mailing lists and bulletin boards
 E-mail
There are two broad categories falling under cyber defamation:
 The first category involves the cases in which the liability is of the primary publishers of
the defamatory material, e.g. web site content providers, e-mail authors etc;
 The second category involves the cases involving the liability of the internet service
providers or bulletin board operators.

STATUTORY PROVISIONS GOVERNING CYBER DEFAMATION IN INDIA:


INDIAN PENAL CODE, 1860
The Indian Penal Code, 1860 contains provisions to deal with the menace of cyber defamation:
1. Section 499 of IPC:
 Section 499 of IPC says that whoever, by words either spoken or intended to be read, or
by signs or by visible representations, makes or publishes any imputation concerning any
person intending to harm, or knowing or having reason to believe that such imputation
will harm, the reputation of such person, is said, except in the cases hereinafter excepted,
to defame that person.
 The offence of defamation is punishable under Section 500 of IPC with a simple
imprisonment up to 2 years or fine or both.
 The law of defamation under Section 499 got extended to "Speech" and "Documents" in
electronic form with the enactment of the Information Technology Act, 2000
2. Section 469 of IPC:
 Section 469 of IPC says that whoever commits forgery, intending that the document or
electronic record forged shall harm the reputation of any party, or knowing that it is likely

1
to be used for that purpose shall be punished with imprisonment of either description for
a term which may extend to three years and shall also be liable to fine.
 The phrase “intending that the document forged” under Section 469 was replaced by the
phrase “intending that the document or electronic record forged” vide the Information
and Technology Act, 2000.
3. Section 503 of IPC
 Section 503 of IPC defines the offense of criminal intimidation by use of use of emails
and other electronic means of communication for threatening or intimidating any person
or his property or reputation.
 Section 503 says that whoever, threatens another with any injury to his person, reputation
or property, or to the person or reputation of any one in whom that person is interested,
with intent to cause alarm to that person, or to cause that person to do any act which he is
not legally bound to do, or to omit to do any act which that person is legally entitled to
do, as the means of avoiding the execution of such threats, commits criminal intimidation

INFORMATION TECHNOLOGY ACT, 2000


The Section 66A of the Information Act, 2000 does not specifically deal with the offence
of cyber defamation but it makes punishable the act of sending grossly offensive material for
causing insult, injury or criminal intimidation.
Section 66A of the Information Act, 2000
Section 66A of the IT Act says that any person who sends, by means of a computer
resource or a communication device:
 any information that is grossly offensive or has menacing character; or
 any content information which he knows to be false, but for the purpose of causing
annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation,
enmity, hatred, or ill will, persistently makes by making use of such computer resource or
a communication device,
 any electronic mail or electronic mail message for the purpose of causing annoyance or
inconvenience or to deceive or to mislead the addressee or recipient about the origin of
such messages shall be punishable with imprisonment for a term which may extend to
three years and with fine.

1
Where to lodge a complaint?
A person aggrieved of the offence of cyber defamation can make a complaint to the
Cyber Crime Investigation Cell. The Cyber Crime Investigation Cell is a branch of the Criminal
Investigation Department (CID). Cyber Crime Investigation Cells have opened up in many cities
like Delhi, Mumbai, Chandigarh, Hyderabad, Bangalore, Tamil-Nadu, Gurgaon, Pune, Madhya-
Pradesh, Lucknow, etc. The Cyber Crime investigation Cells deal with offences related to the
computer, computer network, computer resource, computer systems, computer devices and
Internet. It also has power to look into other high-tech crimes.
Sale of Defamatory Matter
Section 500 of the IPC also makes it an offence to sell or offer for sale any printed or
engraved substance knowing that such substance contains defamatory matter. The punishment
for this offence is simple imprisonment for up to two years and/or with fine. Hence, an e-
commerce portal may also be liable where
i. It advertises products containing defamatory matter irrespective;

ii. It itself sells any defamatory matter.

Very often e-commerce portals have inter-active / open platforms where users can post views
and comments and interact with each other. Adequate steps should be taken to ensure that no
defamatory comments are posted on such spaces.
6.6 Privacy
Under modern digital era, generating consumer information is inevitable. It is almost
difficult to complete any online transaction without collecting some form of personal information
of the users. Besides, e-commerce may also collect a variety of other indirect information such as
users’ personal choices and preferences and patterns of search. Though some companies use the
personal information they obtain to improve and provide more services to consumers, many
companies use the information in an irresponsible manner. Hence, an important consideration for
every e-commerce platform is to maintain the privacy of its users. Two primary concerns that a
user of e-commerce platforms would have are:

i. Unauthorized access to personal information


ii. Misuse of such personal information.

1
Historically, the concept of privacy and data protection were not addressed in any Indian
legislation. In the absence of a specific legislation, the Supreme Court of India in the cases of
Kharak Singh vs State of UP and People's Union of Civil Liberties vs the Union of India
recognised the “right to privacy”. However, a right under the Constitution can be exercised only
against any government action. Non-state initiated violations of privacy may be dealt with under
principles of torts such as defamation, trespass and breach of confidence.
In countries that do provide legal protection for consumer privacy, it is never protected as
an absolute right. Consumer privacy is not considered an absolute right for three reasons:
1. What constitutes consumer privacy is culturally, contextually, individually defined
2. Consumer privacy often conflicts with other market rights
3. The ownership of a consumer's private information is debated — as consumers believe
they own the information and businesses believe they own the information.
To understand consumer privacy, it is useful to outline the privacy expectations and
strategies of both consumers and businesses and to examine the protection measures taken by
firms to safeguard consumer information. The major privacy concerns held by consumer's can be
broken down into three main domains:
1. Consumers want to be informed about the type of information that is being collected from
them.
2. Consumers need to know that they a certain degree of control over the personal information
that is being collected.
3. Consumers need to be assured that their personal information will be secure and will not be
abused or stolen.
Though privacy has been defined by many as the "right to be let alone", its application in
today’s modern world is not that straightforward. We live in a world where our purchasing
behaviour, both online and offline, is shared and used invisibly.
For instance, if an individual uses a social networking site, it is possible for a third party
application to access personal information that is shared. Similarly, if an individual uses a
warranty card or loyalty card during a purchase, it is possible for third parties, like data brokers,
to collect and use the individuals' personal information.

The IT Act deals with the concept of violation of privacy in a limited sense; it provides
that the privacy of a person is deemed to be violated where images of her private body areas are

1
captured, published or transmitted without her consent in circumstances where she would have
had a reasonable expectation of privacy and prescribes a punishment of imprisonment of up to 3
years and/or fine of up to INR 2 lakhs.
Breach of Privacy in Information Collection
Internet users often fear the loss of personal privacy, because of the ability businesses and
their websites have to collect, store and process personal data. For example, after collecting
user information, the sites match the data with their personal and demographic information to
create a profile of the user’s preferences which is then used to promote targeted advertisements
or provide customized services. There are two ways in which sites can collect information:
1. Sites collect information directly through server software. Sites often use automatic software
logs to do this.
2. A third party extracts information from the site without the consumer’s knowledge. Sites often
place cookies on websites to extract user information.
Automatic software logs and third party cookie placement are two overlooked aspect of
information collection. Cookies work by collecting personal information while a user surfs the
net and then feeds the information back to a Web server. Cookies are either used to remember
the user or are used by network advertising agencies to target product advertisements based on
long term profiles of user’s buying and surfing habits. An example of a website that uses cookies
is 'double click'. Web bugs are used by advertising networks to add information to the personal
profiles stored in cookies. Web bugs are also used in junk email campaigns to see how many
visits the site gets. Cookies and web bugs are just two out of hundreds of technologies used to
collect personal information.
6.7 Formation of an E-Contract
The growth of e-commerce has resulted in the formation of legally enforceable online
contracts. It is a paperless contract. So, evidence that exists in traditional contracts may not exist
in e-commerce contracts. To get compensation in case of disputes, the existence of an e-
commerce contract must be proved.
The most common forms of e-contracts are click wrap, browse wrap and shrink-wrap
contracts. In each case, the terms and conditions of the contract are made available to the
contracting party in a form that is significantly different from the usual paper contracts.

1
 In case of a click wrap contract, the contracting party’s affirmative acceptance is taken by
means of checking on an ‘I accept” tab. Also, there is typically a scroll box that allows
the contracting party to view the terms and conditions.
 A browse wrap agreement is intended to be binding on the contracting party by the mere
browse of the website.
 Shrink wrap agreements though not directly relevant to e-commerce platforms are
relevant in the context of e-commerce mostly because of the kind of goods associated
with shrink-wrap agreements. Under this agreement the contracting party can read the
terms and conditions only after opening the box within which the product is packed.
Validity of Online Contracts
In India, e-contracts like all other contracts are governed by the basic principles of the
Indian Contract Act, 1872 which inter alia mandate certain pre-requisites for a valid contract. In
this context it is important to note that the Information Technology Act, 2000 provides
fortification for the validity of e-contracts.
Essentials of a valid contract under the Indian Contract Act are as follows:
 Agreement enforceable by law
 Free consent of the contracting parties;
 Lawful consideration for the contract;
 Parties should be competent to contract;
 The object of the contract should be lawful
Unless expressly prohibited under any statute, e-contracts like click-wrap agreements
would be enforceable and valid if the requirements of a valid contract as per the Indian Contract
Act are fulfilled. Consequently the terms and conditions which are associated with an e-
commerce platform are of utmost importance in determining and ensuring that e-commerce
transactions meet with the requirements of a valid contract.
The IT Act, however, is not applicable in relation to negotiable instruments, power of
attorneys, trust, will, contracts for sale or conveyance of immovable property. Now important
provisions relating to e-contacts are discussed below:
A. Signature Requirements
There is no requirement under the Indian Contract Act to have written contracts
physically signed. However, specific statues do contain signature requirements. For instance the

1
Indian Copyright Act, 1957 states that an assignment of copyright needs to be signed by the
assignor. In such cases, the IT Act equates electronic signature with physical signature. An
electronic signature is supposed to be issued by the competent authorities under the IT Act.
B. Contracts with Minors
The very nature of e-commerce is that is virtually impossible to check the age of anyone
who is transacting online. This may pose problems and liabilities for e-commerce platforms. The
position under Indian law is that a minor is not competent to enter into a contract and such a
contract is not enforceable against the minor. The age of majority is 18 years in India.
C. Stamping Requirements
Every instrument under which rights are created needs to be stamped under the specific
stamp duty legislations in India. An instrument that is not appropriately stamped may not be
admissible as evidence before a competent authority unless the requisite stamp duty and the
prescribed penalty have been paid. In some instances criminal liability is associated with
intentional evasion of stamp duty.

Whether Standard-form Online Contracts are Unconscionable


In India there does not seem to be well developed jurisprudence on the issue of whether
standard form online agreements are unconscionable. However, Indian laws and Indian courts
have dealt with instances where terms of contracts (including standard form contracts) were
negotiated between parties in unequal bargaining positions. Certain provisions under the Indian
Contract Act deal with the unconscionable contracts such as when the consideration in the
contract or the object of the contract is opposed to public policy. If the consideration or object of
the contract is opposed to public policy, then the contract itself cannot be valid.
In case of unconscionable contracts, the courts can put a burden on the person in the
dominant position to prove that the contract was not induced by undue influence. Section 16(3)
of the Contract Act provides that where a person who is in a position to dominate the will of
another, enters into a contract with him, and the transaction appears, on the face of it or on
evidence adduced, to be unconscionable, the burden of proving that such contract was not
induced by undue influence shall lie upon the person in a position to dominate the will of the
other.

1
Section 23 of the Contract Act provides that the consideration or object of any agreement
is unlawful when:
 It is forbidden by law, or
 Is of such a nature that if permitted, it would defeat the provisions of any law; or
 Is fraudulent, or
 Involves or implies injury to the person or property of another, or
Formation of Online Contracts
Section 11 to 13 of the IT Act relate to formation of an online contract between two
parties that is solely mediated electronically. The originator of an electronic record sends it as a
message, which is deemed to have been received by the addressee, if he sends an
acknowledgement or conducts him in a manner so as to let the originator know that the message
has been received by him. The two parties can agree on the formation of the contract depending
on whether the acknowledgement of receipt of the electronic record by the addressee has been
stipulated as a condition by the originator. If it has been mandated then the contract will be
deemed to be formed only after receipt of the acknowledgement from the addressee.
Alternatively, if the originator does not receive any acknowledgement nor any indication that the
addressee has received the electronic record sent by him, the originator, he can re-transmit the
message stating the timeframe by which the acknowledgement should come, failing which the
originator can treat the electronic record as thought it had never been sent.
The time of dispatch of the electronic record is deemed to be the time at which the
electronic record enters a computer resource outside the control of the originator. Likewise, the
time of receipt of an electronic record is taken to be the time it enters the computer resource
designated by the addressee. These sections further clarify that the place of business of both the
parties will be taken to be the place where the electronic record will be deemed to have
originated and received respectively. This will be the case irrespective of where the computer
resources of both parties may be located.
It is very difficult to trace evidences regarding cyber crimes. Electronic evidence is
fragile and can be easily modified. Cyber attackers may destroy the electronic evidences. The
challenge lies in devising techniques to gather evidence and producing it effectively before a
court so that the cyber criminals brought to justice. This area of crime analysis is called cyber

1
forensics. There are two distinct areas of cyber forensics: (i) Computer forensics and (ii)
Network forensics.
 Computer forensics deal in gathering of evidence from computer media seized at the
crime scene. They involve recovering deleted files, searching slack and free space and
preserving the collects information for litigation purposes. In this case, evidence resides
on computer systems, essentially under the system and slack space.
 Network forensics is technically more challenging. They gather digital evidence that is
distributed across large scale, complex networks. Often this evidence is transient in
nature and is not preserved within permanent storage media. Network forensics deals
primarily with an in-depth analysis of computer network. Evidence in this case resides on
routers and other network devices.
6.8 Tax issues
E-business does not have a physical presence and certain goods are not delivered
physically. An online seller can easily sell to customers throughout the world from a single
physical location. Goods are delivered across geographical boundaries. The customer and the
seller of the goods may stay in a different place or a country. This raises tax issues. Where the
profits should be taxed? Location factors primarily raise tax issues at the international and State
levels. E-Commerce allows certain products like software, newspaper to be delivered through
internet. It raises tax issues regarding the type of revenue generated. The proof of identity of the
user is also very weak in e-commerce transactions. Today, certain goods are sold at auction
through intermediaries. It raises taxation issues globally.
Taxation for E-Commerce - A Global Perspective
E-business taxation is an intriguing concept. It crosses nine trillions. In these
circumstances, it seems an imperative for revenue authorities to examine the approach and policy
towards taxation of e-commerce more comprehensively than they have to date.
The development of electronic commerce modifies the way of doing business. E-
commerce occurs in various forms and between various entities in the market. One among the
question faced by nations is how to tax it. As the internet crosses the boundaries the main
challenges are how the basic requirements of physical presence, place of establishment and
substantial nexus criteria of taxation can be met. Due to the uniqueness of e-

1
commerce, taxation faces a number of problems. It is also worried that if this is left untaxed, it
will give rise to a parallel economy.
For centuries, traditional business around the world has been based on two concepts:-
1. Physical presence; and
2. Physical delivery of goods and services.
Today physical presence is no longer necessary to perform activities and physical
transactions are replaced by bytes of data. Since electronic commerce can be conducted virtually
instantaneously around the globe and around the clock, where the profits should be taxed
becomes crucial issue. Thus, taxing the Internet is a global issue.
Need for taxation
The development of e-commerce has revolutionized the way business operates. It has
also challenged the adequacy and fundamental validity of principles of international taxation
which are the basis of asserting tax liability.
Business conducted through the internet caters to globally located customers and
involving in cross border legal issues. Transactions that may be legal and valid in one
jurisdiction may not be enforceable in others. Creation of wealth through cyber space would also
entail the use of "offshore" financial institutions to store this wealth. This results in an elaborate
and untraceable form of tax avoidance. Taxing rights must be based on mutually agreed
principles and a common man’s understanding of how these principles should be applied.
A taxpayer is generally taxed on its worldwide income in the country of its residence.
Generally tax treaties restrict the use of domestic source rules by requiring a minimum nexus to
allow taxation in that jurisdiction. Thus, taxation of business income on the basis of the source
rule requires the presence, in the country of source. Where the income or capital is taxed in the
country of source, the country of residence has the obligation to give relief from double taxation.
Taxation for Internet Transaction
The Internet has changed many of the fundamental concepts of taxation. Governments
are faced with the various issues of taxation raised by e-commerce. This is because of lack of
comprehensive understanding of:
• The communication technologies
• The complex nature of business offered through Internet business, etc.

1
• The modus operandi of Internet business, etc. has made the operation of tax legislations
more difficult.
Basic Principles of Taxation
Several basic principles form the foundation of taxation policy in any country. The most
important of these principles are efficiency, equality, certainty and positive economic effect.
The efficiency principle encompasses notions of both fiscal and economic efficiency. An
economically efficient tax system should be neutral and not influence one's economic behaviour
simply because of the manner in which the tax is levied.
An ideal tax system is also equitable in its application. Not only does it treat taxpayers in
similar economic circumstances similarly but also it makes suitable distinctions in its treatment
of those in different economic situations.
It necessarily raises questions of "similar economic circumstances", certainty in the tax
laws is a fundamental principle in the establishment of ideal tax structure because predictability
of tax consequences is an essential component of other basic tax principles.
Finally, taxation has always been a mechanism for stabilisation and regulation of the
economy. Recognising this fact, legislature has emphasised the economic effects of the principle
of taxation, with a particular focus on encouraging economic growth.
For the development of rational tax policy one should understand the nature of industry.
Some of the peculiarities of Internet are".
• It is a network of networks and it cannot be controlled or owned by one person.
• This network of networks is capable of rapidly transmitting packets from one computer
to another.
• No human involvement is necessary to transmit data from one computer to another.
• The Internet can re-route itself if one computer is connected to the net. Content wise the
Internet is very rich.
• The world-wide web environment provides a user friendly graphical interface.
• A simple click is sufficient to obtain vast information anywhere in the World.
• It encompasses all territorial and geographical limitations
Keeping these unique qualities of the Internet in mind one should try to visualise the issues
concerning the taxes on the net.

1
The problems with online transactions, as perceived by tax collecting authorities include:
• Inability to identify a transaction
• Encryption of transaction
• Collecting the tax from millions of end-users rather than a small number of
intermediaries.
• Difficulties in determining where a product is produced or consumed.
• Definition of goods and services and
• Distinctions between types of services
The well -planned tax system in India with the authority to levy taxes is divided between the
Central and State Governments.
• Central Government collects direct taxes like personal income tax, corporate tax
• State Governments collect local and state sales tax.
In India the tax policies should be carefully formulated based on a policy that is clear and
transparent and is consistent with the international norm of characterisation of revenues. The
Government should honour the principle of neutrality as laid down by the OECD in
characterisation of income from e-commerce transactions.
India has signed tax treaties with various countries. These are mainly based on OECD.
These treaties are making it mandatory to reduce the loss of income due to double taxation and
also to give relief to Indian Assesses from double taxation. Taxation of e-commerce has become
a major concern for international agencies and tax authorities worldwide. The recent report of
OECD paved way for a statement of broad taxation principles that should apply to e-commerce
as reported in "The Economic Times" dated, 3rd June, 2000.
"All double taxation avoidance treaties to be reviewed". In sum and substance, same principles
of conventional taxation should apply to e-commerce.
Neutrality - Taxation should be neutral and equitable between different forms of e-commerce
and thus, avoiding double taxation or international non-taxation.
Efficiency - Compliance costs for business and administration costs for the Governments should
be minimised as far as possible.
Certainty and Simplicity-Tax rules should be clear and simple to understand so that tax payers
know where they stand.

1
Effectiveness and fairness - Taxation should produce the right amount of tax at the right time,
and the potential for evasion and avoidance should be minimised.
Flexibility - Taxation system should be flexible and dynamic to ensure that they keep pace with
technological and commercial developments.
These principles can be applied through existing tax rules and there should be no discriminatory
tax treatment of e-commerce.
Challenges before Tax authorities
Major challenges regarding e-commerce are:
(i) Identifying the tax payer, especially when an Internet user is involved.
(ii) Identifying audit risks and developing audit trials to ensure compliance.
(iii) Obtaining access to verifiable information and documents.
(iv) Obtaining access to encrypted data
(v) Developing a response to the advent of electronic money (e-cash) and ensuring
efficient mechanism for collecting tax especially from non-resident tax payers.
There is a need for initial inter-government and multi-jurisdictional co-operation and agreement
to synchronize the taxation treatment.
Legislative Approach
The Government of India had set up a committee to go into the various questions
regarding taxation of e-commerce. The Kanwarjit Singh committee, submitted its report to the
Central Board of Direct Taxes and it has made certain recommendations on e-commerce
and taxation. Government is making effort to create a balance between economic growth and
generation of revenue in the InfoTech global environment. The issues raised by e-
commerce taxation are complex and the subject is controversial in nature because it has created
serious conflict of interest between developed and developing nations. Unique features of
interest also add to the existing confusion.
Income Tax Act, 1961 is silent about e-commerce taxation. The only existing agreements
in this area are OECD Model Treaty and United Nations Model Treaty. Thus, India has got no
legislation to deal with e-commerce taxation.
The structure of software industry involves transnational transactions, which attract
transactions provisions of more than one country thereby, leading to double taxation of
companies involved in such transactions. All counties try to avoid such double taxation by

1
entering in to DTAAS. However, there is still a need on the part of all countries to come together
and form an internationally accepted uniform model for tax reforms. In order to bring Indian tax
system in line with the International Tax System some big changes are required. India has
already seen transformation in its tax structure. There is a lot more to be done to make sure that
Indian IT industry is not hindered by tax related issues.
On a larger perspective, the base of tax system should be broadened. It should also be
simple within the administrative capacity of the Government. The Government tries to enhance
its revenue while tax payers oppose any increase in tax rates. Therefore, there has to be a line of
demarcation which the Government will have to follow because exclusive taxes do not reflect
positive indications for the growth of any economy and may act as restriction for those entering
the Indian market.
6.9 Domain Names
A company that commences e-commerce activities would at first have to get its domain
name registered. A domain name is an address on the internet like www.ebay.in and
www.google.com. In more technical terms a domain name is an easily recognizable and
memorable name to the Internet Protocol resource (which is typically a set of numbers) of a
website. A name that identifies an Internet Website is a domain name. Domain Names
always have two or more parts, separated by dots. The part on the left is the most specific and the
part on the right is the most general. A company takes its domain name from the Regisrry in its
name. Thus, the company which registers its name first for the domain name eliminates all others
from using that name in cyberspace. Domain names are argued in the USA and UK as a domain
name functions as a trademark. Therefore, if a person or company not entitled to the trademark,
yet it uses the domain name, it is guilty of trademark infringement.
Domain names normally fall within the purview of trademark law. A domain name
registry will not register two identical domain names but can register a similar domain name.
This leads to a situation where deceptively similar domain names can be registered for example
www.gooooooogle.com by a third party. Any person visiting www.gooooooogle.com might
think that the content on this website belongs to or it has been sponsored by Google. In such
cases trademark law comes to the rescue of Google.
Further, while registering domain names, if the company chooses a domain name that is
similar to some domain name or some existing trademark of a third party, the company could be

1
held liable for cyber squatting. Indian courts have been proactive in granting orders against the
use of infringing domain names. In fact in the case of Satyam Infoway Ltd. v. Sifynet Solutions
Pvt. Ltd., the Supreme Court had also held that “a domain name may pertain to the provision of
services within the meaning of section 2(z) of the Trade Marks Act, 1999.
Enforcing IP - Liability for Infringement of IP
The issue of liability for infringement of IP gets even more complicated with the vastness
of the internet world which makes the duplication, or dissemination of IP protected works easy
and instantaneous and its anonymous environment makes it a challenge to detect the infringer.
Moreover, infringing material may be available at a particular location for only a very short
period of time. In determining the possible liability that could arise for infringement of an IP, the
fact IP protection is territorial in nature needs to be emphasized. What amounts to an
infringement varies for each form of IP? There are a host of factors that a court would consider
in deciding whether or not there is an infringement of copyright.
Some of the most common forms of liability for infringement in India would be:
 Injunction (temporary or permanent) against the infringer stipulating that the infringing
activity shall not be continued.
 Damages to the extent of lost profit or damages to remedy unjust enrichment of the
infringing party.
 Order for accounts of profits
 Order for seizure and destruction of infringing articles.

In addition to the civil remedies, some of the IP laws contain stringent criminal provisions
relating to offenses and penalties such as imprisonment of up to three years for applying for a
false trademark, knowingly infringing a copyright and for applying for a false geographical
indication.
CERT-In
The Indian Computer Emergency Response Team (CERT-In) was established in 2003 as
a part of the international CERT community. It was set up with the specific purpose to respond to
computer security incidents reported by the entire computer and networking community in the
country. CERT-In was established with the objective to enhance the security of India’s
communication and information infrastructure. Its responsibility is to improve cyber security in
the country and it shall adopt proactive action and effective collaboration. The purpose of CERT-

1
In is to become the nation’s most trusted referral agency for the Indian community. Its purpose is
to respond to computer security incidents as and when they occur. CERT-In will also help
members to reduce the risks of computer security incidents.
Jurisdiction Issues
Internet communication does not have geographical boundaries. Different laws are
applicable under different jurisdictions. E-commerce transactions are conducted beyond
geographical boundaries. In some of the transactions, the buyer may live in one country and the
seller may live in another country.
Thus, the use of Internet to make contracts, to transmit computer files may subject the
defendant to jurisdiction in foreign states. Some companies have added to their website terms
and conditions requiring that any dispute must be taken up at a certain venue. Hence, people
entering transactions in different countries must go through the terms and conditions of the
contract.
Service Provider Liability
Many ISP users access to shared websites, Usenet news, e-mail distribution lists, etc.
These facilities can be used by their users to upload unlawful, defamatory and copyright or
trademark infringing material, pornography and obscene material, without the ISP having a
chance to review it. An ISP could be held liable for the bulletin boards and for helping and
abetting the commission of an offence such as the distribution of pornography. Network service
providers will not be liable for any third party information or data made available by them if they
can prove that the offence or contravention was committed without their knowledge.
6.10 Summary
Regulations to monitor activities over the Internet must be implemented in order to keep
pace with the new advances in information technology. Given the global nature of the Internet,
entering into a contract and doing business online is not as secure as the traditional method of
contracting. Another challenging issue for e-business is the security of the online contracts. One
way to make these contracts secure is by legally recognizing electronic signatures as legitimate
mechanisms for authenticating non-face to face electronic transactions. A dedicated e-commerce
law of India is urgently required and Indian websites must be suitably regulated. Indian
government must also formulate a techno legal framework to take care of complicated
technology related legal issues in India. The result is passing of Information Technology Act,

1
2000 and later on Information Technology (Amendment) Act, 2008. This unit highlights the
important provisions of both these Acts. The provisions of Copyrights, defamation, domain
names, taxation issues, etc are explained in detail.
6.11 Key Terms
Copyright: It means the exclusive right to do or authorize the doing of any of the following acts
in respect of a work or any substantial part thereof.
Plagiarism: It is the act of stealing and passing off the ideas, words, or other intellectual
property produced by another as one's own.
Defamation: It is used the injury that is caused to the reputation of a person in the eyes of a third
person.
Domain name: A name that identifies an Internet Website
6.12 Self Evaluation Questions
1. Give an account of legal framework of e-commerce in India.
2. Elucidate the important provisions of Information Technology Act, 2000
3. Highlight the important amendments of Information Technology Act, 2008
4. What are not included within the scope of Information Technology Act, 2000?
5. List out the cyber crimes as per the provisions of Information Technology Act, 2000
6. State the cyber crimes that generally occur in an organization
7. Write a note on digital signature
8. What do you understand by electronic signature?
9. What are Cyber Security Issues of E-Commerce Business in India?
10. What is Copyright?
11. What is Defamation?
12. What is Plagiarism?
13. What is domain name?
14. State the mediums by which offense of cyber defamation can be committed?
15. Describe the statutory provisions covering cyber defamation in India
16. Discuss the provisions relating to cyber defamation under Information Technology Act,2000
17. What is E-contract?
18. Explain various forms of E-contracts.
19. Explain the provisions regarding E-Contracts under Information Technology Act, 2000
20. What are the basic principles of taxation under e-commerce?
21. Enumerate the taxation issues under e-commerce business
22. Write a note on CERT-In
23. Write a note on Service Provider Liability

1
UNIT – VII
E-Security
Learning Objectives
After studying this unit, students would be able to understand
 The concept of E-Security
 Dimensions of Security Design
 Firewalls and system integrity
 Virus protection
 Protection from intruders
Contents
7.1 Introduction
7.2 Security for E-Commerce
7.3 Security Design
7.4 Analysing the risks
7.5 E-banks and security
7.6 E-Security Protection
7.7 Firewalls
7.8 Virus Protection
7.9 Intruders
7.10 Summary
7.11 Key Terms
7.12 Self Evaluation Questions
7.1 Introduction
The term “e-security” is often interchangeable used with other terms such as “internet
security”, “cyber security”, and / or “IT Security”. Broadly “e-security encompasses security
aspects of the information economy, including information systems and communications
networks”.
E-Security is a branch of computer security specifically related to the Internet, often
involving browser security but also network security. Its objective is to establish rules and
measures to use against attacks over the Internet. The Internet represents an insecure channel for
exchanging information leading to a high risk of intrusion or fraud, such as phishing. Different

1
methods have been used to protect the transfer of data, including encryption. Like that, there are
benefits associated with the popularity of the Internet and ever-increasing growth rate of the
computers being connected to it. But there is a down side too. The task of protection of the data
and information stored in the computers and travelling across the Internet has never been so
challenging. Therefore, Computer and Internet Security has become a specialized area in itself.
The internet provides great opportunities for business but, with those opportunities come some e-
security risks. Intruders can install malicious software such as spyware and viruses, which can
steal sensitive business information and slow down the computer, intercept financial
transactions, steal credit card details and access customer information, steal download limit
without your knowledge and at your cost, take over your website and modify it and Steal
sensitive business information by using a portable device.
7.1.1 Concept of E-Security:
E-Security is a part of the Information Security framework and is specifically applied to
the components that affect e-commerce that include Computer Security, Data security and other
wider realms of the Information Security framework. E-commerce and network security are not
simple; diligence is needed to prevent loss.
E-security or Information security is also protection of information against unauthorized
disclosure, transfer, modifications, or destruction, whether accidental or intentional. E-Security is
the method of securing internet systems from malicious use. It deals with the security of the
information (in electronic form) that travels over the Internet. So e-security involves securing
both the information as well as the network through which the information flows.
7.1.2 Pictorial concept of E-security

1
7.1.3 Importance of E-commerce security:
Companies are doing more and more business on the Web as interactions become faster
and less expensive. However, there are many security concerns. Authentication (who is the user)
authorization (permission to do what they want), data integrity and encryption (accessing
information that cannot be altered or read in transit), accountability (can be held responsible for
their actions) and notarization (can make agreements with sites that are legally enforceable) are
to be considered.
E-security is an important one to businesses and governments today. In an enterprise, a
security exposure might result in possible damage in the organizations information and
communication systems. Example of exposure includes unauthorized disclosure of information,
modification of business or employer’s data and denial of legal access to the information system.
E-security addresses the security of a company, locates its vulnerabilities and supervises
the mechanisms implemented to protect the on-line services provided by the company, in order
to keep adversaries (hackers, malicious users and intruders) from getting into the company’s
networks, computers and services.
Thus, in order to protect the critical information in electronic form belonging to any
private or public sector organization, we need to employ the e-security measures.
7.1.4 Common e-commerce pitfalls
The security of e-commerce transactions is a critical part of the ongoing success and
growth of E-commerce. Inadequate security could result in the loss of customer confidence or
the non-availability of site. The pitfalls in e-security are:
1. Hackers gain access to information
Inadequate security enables hackers to gain access to sensitive business data (price lists,
catalogues, intellectual property, etc). The motives may be malicious or to gain competitive
knowledge. Hackers may also gain access to the information of your business or customers with
a view to committing fraud.
2. Loss of customer confidence
Security breaches can damage the confidence of customers in e-commerce service. A
lack of customer confidence is fatal to the success of online venture.

1
3. Denial-of-service attacks
Denial-of-service attacks prevent access to authorized users, so that the site is forced to
offer a reduced level of service or cease operation completely.
4. No contingency measures in place
The increase in e-commerce and the rapid rise of the mobile device usage in e-commerce
also increases the threat of cyber crimes. Contingency planning puts measures in place that
enable the systems to continue operating in a crisis.
7.1.5 Need for E-Security:
The areas which need security are network security and intrusion detection.
Network security
Network security includes systems that protect networks, such as a local area network
(LAN) or wide area network (WAN). Different techniques are used to create a trusted zone in
these networks. Firewalls protect the network by permitting only specified traffic to enter it from
the outside (from the Internet, for example). In large organizations, firewalls also separate
internal networks from each other, keeping an intruder in one network from gaining access to
another or preventing unauthorized access by employees to certain files. Firewalls divide the
information technology world into two parts: the inside, trusted zone and the outside, untrusted
zone. To work effectively, firewall rules and policies must support your business.

Intrusion Detection
Intrusion detection provides additional layers of protection. It can detect and register
suspicious activity, alert appropriate personnel and block the anomalous behaviour on the
network or its hosts. It varies vary from broad, multipurpose tools to highly specialized tools that
look for specific features. An example of a broad tool is a network sniffer. Sniffers were
developed for administrators needing to troubleshoot problems, but they were quickly adapted by
hackers to access information such as passwords and files.
7.1.6 E-Security Tools:
The tools which are used to secure e-commerce are:
 Firewalls-hardware and software
 Digital Signatures
 Digital Certificates

1
 Passwords
 Public key infrastructure
 Encryption Software
 Biometrics-retinal scan, fingerprints, voice, etc.
 Locks & Bars
7.2 Security for E-Commerce
As business activity grows on the Internet, security is becoming an important
consideration to take into account and to address, to the stakeholders' satisfaction. Security is an
essential part of any transaction that takes place over the internet. Customer will lose faith in e-
business if its security is compromised. E-Commerce Security deals with the protection of E-
commerce assets such as computers and networks from unauthorized access, use, alteration or
distribution. Anything that can cause danger to the e-commerce assets are considered to be
threats. Systems that are connected to the internet are the targets for destruction / tampering of
the data stored in them. Certain threats may result in severe financial loss and others may result
in loss of reputation to an individual and to an organization. With the growing internet use, such
incidents would result in loss of trust in computer and networks and also decline the growth of
public confidence in internet. In this context security relates to three general areas:
 Secure file / information transfers
 Secure transactions
 Secure enterprise networks, when used to support Web commerce
7.2.1 Fundamentals of Computer Security
Computer security has several fundamental goals
 Confidential − Information should not be accessible to unauthorized person. It should
not be intercepted during transmission.
 Integrity − Information should not be altered during its transmission over the network.
 Availability − Information should be available wherever and whenever requirement
within time limit specified.
 Authenticity − There should be a mechanism to authenticate user before giving him/her
access to required information.

1
 Non-Reputability − It is protection against denial of order or denial of payment. Once a
sender sends a message, the sender should not able to deny sending the message.
Similarly the recipient of message should not be able to deny receipt.
 Encryption − Information should be encrypted and decrypted only by authorized user.
 Auditable − Data should be recorded in such a way that it can be audited for integrity
requirements.
 Fraud – Another issue to be tackled is just plain fraud, where the buyer simply supplies
Out-of-date or incorrect credit card information.
7.3 Security Design
All security solutions need to begin with a policy. Some basic security policy questions
that must be answered are:
 What components are most critical but vulnerable?
 What information is confidential and needs to be protected?
 How will confidentiality be ensured?
 What authentication system should be used?
 What intrusion detection systems should be installed?
 Who has authority and responsibility for installing and configuring critical e-business
infrastructure?
 What plans need to be in place to ensure continuity or minimum disruption of service?
A viable security policy should have the following characteristics:
 The policy must be clear and concise
 The policy must have built-in incentives to motivate compliance
 Compliance must be verifiable and enforceable
 Systems must have good control for legitimate use: access, authentication, and
authorization
 There must be regular backup of all critical data
 There must be a disaster recovery and business continuity plan
7.3.1 Measures to ensure Security
Major security measures are following:
 Encryption − It is a very effective and practical way to safeguard the data being
transmitted over the network. Sender of the information encrypts the data using a secret

1
code and specified receiver only can decrypt the data using the same or different secret
code.
 Digital Signature − Digital signature ensures the authenticity of the information. A
digital signature is a e-signature authentic authenticated through encryption and
password.
 Security Certificates − Security certificate is unique digital id used to verify identity of
an individual website or user.
7.3.2 Stages in E-security design
A six-stage security design is discussed below:
Stage – I: Developing corporate risk consciousness and management focus
For any security to work well there has to be a strong organizational foundation. Both
management and employees must have a keen sense of how their interests and the fortune of the
organization depend very strongly on their ability to safeguard their information resources.
Stage – II: Performing Risk Assessment
Risk Assessment is based on identifying threats, vulnerabilities and cost. A simple
equation can be used to represent this process:
Risk = (Threat x Vulnerability x Cost of business disruption) / (Cost of Countermeasure)
Stage – III: Devising a systematic risk-management based e-business security policy
Security policy is the first tangible evidence of a credible security system. Every
organization must have a comprehensive security policy. The policy must address each system
component, internal and external threats, human and machine factors, managerial and non-
managerial responsibility. The security policy has the six objectives of e-business security:
confidentiality; integrity; availability; legitimate use, auditing, and non-repudiation.
Stage – IV: Implementing Best Practices in Securing E-Business Infrastructure
This is the area of security risk management that is mainly a technology issue. Each
component has to be addressed with a view to implementing a complete e-business secure
infrastructure. Important elements will include cryptography, PKI and digital signature
technology. The best practice is one that is not only impressive in its design and implementation
but one that can be optimal. A best practice will be a cost-effective that is commensurate with the
perceived information security risk of the organization.

1
Stage – V: Analyzing, Assessing and Insuring Residual Risk
Once the best practices are in place and certified, any risk that is not covered must be addressed
by means of an insurance mechanism. Those risks need to be further assessed in terms of the
probability of the events and the subsequent financial impact on the organization.
Stage – VI: Monitoring and revising the system
Implementing effective e-business security is a dynamic process. The technology is
changing very fast and so are the threats and vulnerabilities. Creating a security and risk
management culture is a slow process. It is necessary to establish an effective monitoring and
feedback system in order to determine the efficacy of the security policy.
7.4 Analysing the Risks
Irrespective of the size of business, there are things that can make the use of the Internet
more secure. First, undertake a risk assessment, taking into account how you use or plan to use
the Internet. Consider the types of transactions conducted, and identify the associated risks.
These could include fraud, impersonation and theft. Then assess the magnitude of these risks,
focusing on the potential for damage to the business. Finally, identify how to manage these risks,
that is, the specific measures to protect against them.
The risk management measures will depend on the plan to use the Internet. If internet is
used to send and receive email and access information only, the measures may be more basic.
They could include:
 installing protective anti-virus and personal firewall software
 ensuring that you keep the software up to date by installing software 'patches'
 using passwords that cannot be easily guessed, with a combination of letters, numbers
and symbols
 exercising caution when opening attachments to email.
If advanced e-commerce capabilities are required, such as an online catalogue with
transaction facilities, more sophisticated protective measures are to be taken. Developing a
formal IT security policy for operations and a response plan for computer security incidents may
become necessary. Some organizations choose to outsource their security arrangements to
specialist service providers.
If you are implementing an advanced e-commerce capability, you will need to consider
arrangements for authenticating your trading partners and securing your transactions. There are

1
many different types of technology, which can help you do this, some of which you will already
be familiar with. The most common kind that almost everyone uses is a plastic card and Personal
Identification Number (PIN) to access funds in a bank account.
Broadly speaking, authentication relies on one or more of the following:
 Something you know (such as a Password or PIN)
 Something you have (such as a smart card or a hardware token)
 Something you are (such as a fingerprint or iris scan).
It is important to note that authentication is not the same as security. Authentication must
operate in conjunction with an organization’s overall security framework.
Anecdotal evidence indicates that the main risks associated with e-commerce concern
hackers, viruses, and interception of credit card numbers travelling over telecommunication
lines. Risks are in three primary areas: information risks, technology risks, and business risks.
7.4.1 Types of Risks:
1. INFORMATION RISKS stem from information published and contained in web sites
and associated with the conduct of e-commerce.
Examples of Information Risk
 Content on web page exposing web publisher to libel, defamation of character, slander
 Copyright infringement and invasion of privacy suits stemming from posted textual
content
 Copyright infringement and invasion of privacy suits stemming from digital scanning and
morphing
 Copyright, patent, or trade secret infringement violations by material used by web site
developers
 After unauthorized access to a web site, online information about employees or
customers is stolen, damaged or released without authorization
 Electronic bulletin boards containing defamatory statements resulting in liability or
embarrassment
 Worldwide legal exposure resulting from use of creative material (e.g. names, likenesses)
that violate laws of countries outside of the home country
 Credit card information intercepted in transit is disclosed or used for fraudulent purposes

1
 Information that has been changed or inserted in transmission is processed leading to
erroneous results
 Flight of intellectual property due to employees moving to competitors
2. TECHNOLOGY RISKS include risks involving hardware, software,
telecommunications and databases. It results from the misuse of technology or
inappropriate use of technologies.
Examples of Technology Risk
 Negligent errors or omissions in software design
 Unauthorized access to a web site,
 Infecting a web site with computer viruses
 Internet service provider (ISP) server crashes
 Software error and omission risks causing unauthorized access
 Software content risk that violates a copyright or is libelous.
 Third party intercepts credit card information in transit causing breeches in security for
online payments.
 Intercepting and copying or changing non-credit card information during transmission
 Insufficient bandwidth to handle traffic
 Obsolete hardware or hardware lacking the capacity to process required traffic
 Risk due to excessive ISP outages or poor performance
 ISP phone numbers being busy
 ISP or home-company servers being down
 Scant technical infrastructure to manage cycle time to develop, present, and process web-
based products
 Risk of improperly integrating e-commerce system with internal databases
 Risk of improperly integrating e-commerce system with internal operational processes
 Risk due to poor web site design manifesting themselves in long response times
Inability of customer or supplier computers to handle graphical downloads
3. BUSINESS RISKS are concerned with customer and supplier relationships and risks
associated with products and services marketed and distributed over the Internet. They
also include risks associated with managerial aspects of the business including personnel
and contractual relations.

1
Examples of Business Risk
 Web page content exposes web publisher to libel, defamation of character, slander
 Electronic bulletin boards containing defamatory statements resulting in liability
 Worldwide legal exposure resulting from use of information in violation of home-country
laws
 Using web sites to conduct illegal promotional games, such as a sweepstakes or contests
 Risks related to payment to web site developers and disputes between developers and
clients
 Lack of maintenance on existing web pages
 Impact on business due to intellectual property lost due to employees moving to
competitors
 Changes in supplier relationships re: data access, data ownership, distribution strategy,
and marketing tactics
 Changes in customer relationships re: data access, data ownership, distribution strategy,
and marketing tactics
 Products out-of-stock due to poor communication with operations
 High shipping costs required for distribution
 Inconvenient return policies -- lack of coordination with physical system
 Excessive dependence on ISP to support firm's business strategy
 Inability to manage cycle time for developing, presenting, and processing web-based
products
 Risk due to unprotected domain names which are usurped by other organizations
 Improperly integrating e-commerce systems with internal operational processes
 Insufficient integration of e-commerce with supply chain channels
The above risks can lead to events resulting in the loss of assets. This loss may be two types:
1. Deliberate loss of assets can result from disclosing information, fraud, or deliberate
disruption of service.
2. Inadvertent loss of assets can occur through inadvertent disruption of service, legal
penalties due to disclosure of information, or direct or indirect losses due to lost
business.

1
7.4.2 E-Commerce Threats
Anything with the capability, technology, opportunity and intent to do harm is called
threat. Potential threats can be foreign or domestic, internal or external, state-sponsored or a
single rogue element. Terrorists, insiders, disgruntled employees and hackers are included in this
profile. E-commerce threats can be classified into the following categories;
1. Intellectual property threats -- use existing materials found on the Internet without the
owner's permission, e.g., music downloading, domain name (cybersquatting), software
pirating
2. Client computer threats
– Trojan horse
– Active contents
– Viruses
3. Communication channel threats
– Sniffer program
– Backdoor
– Spoofing
– Denial-of-service
4. Server threats
– Privilege setting
– Server Side Include (SSI), Common Gateway Interface (CGI)
– File transfer
– Spamming
A procedure that recognizes, reduces, or eliminates a threat
1. Intellectual property protection
– Legislature
– Authentication
2. Client computer protection
– Privacy -- Cookie blockers; Anonymizer
– Digital certificate
– Browser protection
– Antivirus software
– Computer forensics expert

1
3. Communication channel protection
– Encryption
* Public-key encryption (asymmetric) vs Private-key encryption (symmetric)
* Encryption standard: Data Encryption Standard (DES), Advanced Encryption
Standard (AES)
– Protocol
* Secure Sockets Layer (SSL)
* Secure HyperText Transfer Protocol (S-HTTP)
– Digital signature
Bind the message originator with the exact contents of the message
–A hash function is used to transform messages into a 128-bit digest (message digest).
–The sender’s private key is used to encrypt the message digest (digital signature)
–The message + signature are sent to the receiver
–The recipient uses the hash function to recalculate the message digest
–The sender’s public key is used to decrypt the message digest
–Check to see if the recalculated message digest = decrypted message digest
4. Server protection
– Access control and authentication
* Digital signature from user
* Username and password
* Access control list
– Firewalls
International Computer Security Association's classification:
· Packet filter firewall: checks IP address of incoming packet and rejects anything that
does not match the list of trusted addresses (prone to IP spoofing)
· Application level proxy server: examines the application used for each individual IP
packet (e.g., HTTP, FTP) to verify its authenticity.
· Stateful packet inspection: examines all parts of the IP packet to determine whether
or not to accept or reject the requested communication.
7.4.3 How to minimize Security Threats
1. Perform a risk assessment: A list of information assets and their value to the firm

1
2. Develop a security policy: A written statement on:
 What assets to protect from whom?
 Why these assets are being protected?
 Who is responsible for what protection?
 Which behaviours are acceptable and unacceptable?
3. Develop an implementation plan à a set of action steps to achieve security goals
4. Create a security organization à a unit to administer the security policy
5. Perform a security audit à a routine review of access logs and evaluation of security
procedures
Besides, the table below outlines some of the more prominent Internet security threats
and measures to be taken to protect them.

Nature
of Effect of Threat Measures of protection
Threat
Anti-Virus software protects against
A virus is a piece of code that, when
infection. You can also subscribe to a
loaded onto a computer, is capable of
Virus Alert mailing list (for example,
attaching itself to other files and
AusCERT, www.auscert.org.au).
repeatedly replicating itself, usually
Virus Exercise caution with unsolicited
without user knowledge. Some viruses
emails, especially if they have
can lie dormant until activated by a
attachments. When in doubt, delete.
trigger such as a date (for example, 'time-
Avoid having the preview pane open
bomb').
when using email.
A worm is a specialized type of virus. Most Anti-Virus software will stop
The most common form, an email macro worms or help fix the computer after
virus, occurs as an attachment to an infection. Exercise other precautionary
Worm email. Opening the email message measures as for viruses generally.
activates the worm, which then sends
itself to every address in your address
book.
A Trojan Horse is another type of virus, Most Anti-Virus software will stop
which carries unauthorized software or Trojan Horse viruses or help fix the
viruses to your computer. Some free computer after infection. Exercise other
software, shareware or games precautionary measures as for viruses
Trojan
downloaded from the Internet may generally.
Horse
contain Trojan Horse viruses. Be
cautious of accepting email attachments,
especially executable files ending with
'.exe'.

1
DoS attacks can render Internet- Anti-DoS attack software programs are
connected computers and networks available to assist in securing networks.
Denial of
unusable, mainly by overloading
Service
computers with messages. DoS attacks
(DoS)
are popular with hackers and can deny
attack
users access to a website.

Port scanning identifies 'open doors' to a Firewalls (specific network servers


computer (vulnerabilities which may and/or routers that filter out unwanted
provide a point of access by hackers). A packets of data) can protect computers
computer's port is scanned because this is and servers from port scanning.
Port the place where information travels to Firewalls can be used to protect
Scanning and from the computer. Port scanning individual PCs as well as networks of
can unnecessarily increase your Internet computers.
usage and associated costs by increasing
the amount of data transmitted to and
from your computer.
Sniffer software programs track data Ensure that no unauthorized equipment
travelling over the Internet or other is connected to computers or the
Sniffer networks. They can be used legitimately network. Use encryption to protect
Program for network management purposes, they sensitive communications across a
can also be used to steal unsecured data network.
and information.
Internet Dumping occurs when a person To prevent dumping place a bar on all
logged on to the Internet has their calls starting with 1900 on phone
modem connection to their usual dial-up services and exercise caution in
number disconnected and reconnected to downloading and installing software
another number - either an international from sites you do not trust. Complaints
Dumping number or a 1900 (premium rate) can be lodged with the
number. In many cases people are not Telecommunications Industry
aware that they have been dumped until Ombudsman at www.tio.com.au.
they receive an unusually high phone bill
as a result of the modem's re-connection.

7.4.4 Legal issues


The fact that the use of the Internet for business transactions was a relatively recent
phenomenon created uncertainty in the minds of many about the legal standing of these
transactions. It could be assumed that laws that applied to paper-based transactions would also
apply to electronic transactions. For example, it would still be necessary to comply with laws
regarding defamation and intellectual property when publishing on the Internet. But it was
unclear exactly how the courts would interpret and apply existing laws to electronic transactions.

1
This made some hesitant to trade in the online environment, and was an impediment to broader
adoption of e-commerce.
To promote community and business confidence in the online environment, the
Commonwealth, State and Territory governments agreed to establish a light-handed, technology-
neutral legal framework to support the use of e-commerce. Most governments have implemented
or are implementing legislation dealing with the legal status of electronic transactions. While a
comprehensive body of e-commerce law will only develop as specific cases are decided in the
courts, this legislation sets the framework for electronic transactions.
7. 5 E-banks and Security
E-banking increases security risks, potentially exposing hitherto isolated systems to open and
risky environments. Security breaches essentially fall into three categories, viz.,
 Breaches with serious criminal intent (fraud, theft of commercially sensitive or financial
information)
 Breaches by casual hackers (defacement of websites or denial of service causing websites
to crash)
 Flaws in systems design and/or set up leading to security breaches (genuine users
seeing/being able to transact on other users’ accounts)
E-banking system should consider the following points for strengthening its security system:
 A strategic approach to information security, building best practice security controls into
systems and networks as they are developed
 A proactive approach to information security, involving active testing of system security
controls (eg., penetration testing), rapid response to new threats and vulnerabilities and
regular review of market place developments
 Sufficient staff with information security expertise
 Active use of system based security management and monitoring tool
 Strong business information security controls
7.6 E-Security protocols
Following are the popular protocols used over the internet which ensures security of
transactions made over the internet.

1
Secure Socket Layer (SSL)
It is the most commonly used protocol and is widely used across the industry. It meets
following security requirements −
 Authentication
 Encryption
 Integrity
 Non-reputability
"https://" is to be used for HTTP urls with SSL, whereas "http:/" is to be used for HTTP urls
without SSL.
Secure Hypertext Transfer Protocol (SHTTP)
SHTTP extends the HTTP internet protocol with public key encryption, authentication
and digital signature over the internet. Secure HTTP supports multiple security mechanism
providing security to end users. SHTTP works by negotiating encryption scheme types used
between client and server.
Secure Electronic Transaction (SET)
It is a secure protocol developed by MasterCard and Visa in collaboration. Theoretically,
it is the best security protocol. It has following components −
 Card Holder's Digital Wallet Software − Digital Wallet allows card holder to make
secure purchases online via point and click interface.
 Merchant Software − This software helps merchants to communicate with potential
customers and financial institutions in secure manner.
 Payment Gateway Server Software − Payment gateway provides automatic and
standard payment process. It supports the process for merchant's certificate request.
 Certificate Authority Software − This software is used by financial institutions to issue
digital certificates to card holders and merchants and to enable them to register their
account agreements for secure electronic commerce.
7.7 Firewall
A firewall insulates a private network from a public network using carefully established
controls on the types of request they will route through to the private network for processing and
fulfilment. For example, an HTTP request for a public Web page will be honoured, whereas an
FTP request to a host behind the firewall may be dishonoured. Firewalls typically run monitoring

1
software to detect and thwart external attacks on the site, and are needed to protect internal
corporate networks. Firewalls appear primarily in two flavours; application level gateways and
proxy servers. Other uses of firewalls include technologies such as Virtual Private Networks that
use the Internet to tunnel private traffic without the fear of exposure
7.7.1 Definitions of firewalls
1. Cheswick and Bellovin define a firewall as a collection of components or a system placed
between two networks and possessing the following properties:
 All traffic from inside to outside, and vice-versa, must pass through it;
 only authorized traffic, as defined by the local security policy, is allowed
to pass through it; and
 the system itself is highly resistant to penetration.
2. A firewall is a mechanism used to protect a trusted network from an untrusted network,
usually while still allowing traffic between the two. Typically, the two networks in
question are an organization's internal (trusted) network and the (untrusted) Internet.
3. Firewall protects the networks from attacks through the internet.
4. A firewall enforces an access control policy.
5. A firewall is a software program or piece of hardware that helps screen out hackers,
viruses, and worms that try to reach your computer over the Internet.
6. .A firewall is a network security system, either hardware or software based, that controls
incoming and outgoing network traffic based on a set of rules.
7. Internet firewalls are often referred to as secure Internet gateways. Like the gates in a
medieval walled city, they control access to and from the network.
Firewall filters the incoming and outgoing traffic that flows through a system. It can use one or
more sets of “rules” to inspect network packets such as the protocol type, source or destination
host address, and source or destination port. It can enhance the security of a host or a network. It
can be used to do one or more of the following:
 Protect and insulate the applications, services, and machines of an internal network from
unwanted traffic from the public Internet.
 Limit or disable access from hosts of the internal network to services of the public Internet.

1
 Support network address translation (NAT), which allows an internal network to use
private IP addresses and share a single connection to the public Internet using either a
single IP address or a shared pool of automatically assigned public addresses.

Basically, a firewall is a barrier to keep destructive forces away from your property. In
fact, that's why it’s called a firewall. Its job is similar to a physical firewall that keeps a fire from
spreading from one area to the next.
Another approach to firewall views it as both policy and the implementation of that
policy in terms of network configuration. Physically, a firewall comprises one or more host
systems and routers, plus other security measures such as advanced authentication in place of
static passwords.
7.7.2 Types of Firewalls
Firewall are classified into the following categories
 Access Control Lists
 Packet filter
 Application -level Gateway
 Network layer firewall
 Proxy server
 Stateful inspection firewalls
 Unified Threat Management (UTM)
 Next-generation firewalls (NGFWs)
i. Access Control Lists (ACLs)
These were early firewalls implemented, typically on routers. They are useful for
scalability and performance, but can't read more than packet headers, which provide only
rudimentary information about the traffic.
ii. Packet Filter
Packet filtering at the network layer can be use first defense, i iltering can occur on
incoming packets, outgoing packets, or both. Limitations may exist on one's router as to where
one can apply a filter. Filtering of incoming packets may protect the router from becoming
compromised by an attacker.
Some security issues may come in the form address spoofing. IP address spoofing is
defined as sending pa from an outside host that allege to be sent from an internal Attacks using

1
IP address spoofing are difficult to detect unless logging is performed and activities are
correlated against legitimate. Hence, though filtering helps in the fight against security threats
does not by itself prevent attacks from address spoofing. A threat could still be realized by an
attacker portraying a trusted host that may be on an internal network.
iii. Application -level Gateway
Application layer firewalls are hosts that run proxy servers, which permit no traffic
directly between networks and they perform elaborate logging and examination of traffic passing
through them. Application layer firewalls can be used as network address translators, since
traffic goes in one side and out the other after having passed through an application that
effectively masks the origin of the initiating connection.
An application-level gateway provides mechanism for filtering traffic for various
applications. The administrator defines and implements code specific to applications or service.
Services or users that can compromise the network security then be restricted. To counter some
weaknesses associated with filtering routers, firewalls utilize software applications to forward
filter connections for services such as Telnet, FTP, and HTTP
A key distinction between packet-filtering router application-level gateways is the ability
to filter and log at the application level rather than just the IP level. In this way, administrators do
not have to worry about security holes in foreign hosts which may only invoke simple measures.
Application gateways have over filtering routers, including logging, hiding of internal host
names and IP addresses, robust authentication, and simpler filtering rules.
iv. Network layer firewalls
Network layer firewalls generally make their decisions based on the source address,
destination address and ports in individual IP packets. A simple router is the traditional network
layer firewall, since it is not able to make particularly complicated decisions about what a
packet is actually talking to or where it actually came from. One important distinction many
network layer firewalls possess is that they route traffic directly through them, which means in
order to use one, you either need to have a validly assigned IP address block or a private Internet
address block. Network layer firewalls tend to be very fast and almost transparent to their users.
v. Proxy server
Proxy firewalls offer more security than other types of firewalls, but at the expense of
speed and functionality, as they can limit which applications the network supports.

1
Unlike stateful firewalls or application layer firewalls, which allow or block network packets
from passing to and from a protected network, traffic does not flow through a proxy.
A proxy server terminates a user's connection and sets up a new connection to the
ultimate destination on behalf of the user, proxying for the user. This prevents direct connections
between systems on either side of the firewall and makes it harder for an attacker to discover
where the network is, because they don't receive packets created directly by their target system.
A user connects with a port on the proxy; the connection is routed through the gateway to
a destination port, which is routed to the destination address. Logging can be set up to track such
transmission information as number of bytes sent, inbound IP address, and the outbound
destination IP address. Usually, if a proxy is used, the proxy server provides most of the Internet
connectivity. An example of a proxy is a Web services proxy server (HTTP).
Proxy firewalls also provide comprehensive, protocol-aware security analysis for the
protocols they support. This allows them to make better security decisions than products that
focus purely on packet header information.
vi. Stateful inspection firewalls
They classify and track the state of traffic by monitoring all connection interactions until
a connection is closed.
vii. Unified Threat Management (UTM)
Solutions consolidate stateful inspection firewalls, antivirus, and IPS to a single
appliance. They are also generally understood to include many other network security
capabilities.
viii. Next-generation firewalls (NGFWs)
They were created to respond to increasing capabilities of malware and applications.
They bring together the key network security functions, including advanced firewall, IPS/IDS,
URL filtering and threat protection. Our NGFW solution ensures better security than legacy
firewalls, UTMs, or point threat detection products.
A firewall is an approach to security; it helps implement a larger security policy that
defines the services and access to be permitted. In other words, a firewall is both policy and the
implementation of that policy in terms of network configuration, host systems and routers, as
well as other security measures such as advanced authentication in place of static passwords.

1
7.8 Virus protection
A computer virus is defined as a program executed in different forms to infect and attack
computers at home or at businesses. Studying the behaviour and characteristics of viruses brings
us to discovering the symptoms resulting from infected systems and e-commerce.
On one hand, like virus attack might range from Worms, Trojan Horses, and logic or time
bombs. On the other hand, non-virus attacks range from Bugs and False alarms to Droppers and
Jokes. Finally, for every disease there is a treatment and for every PC virus there is antivirus
software that ceases its job to widely spread further in system corruptions.
7.8.1 Definition of Virus
1. Computer viruses are small software programs that are designed to spread from one
computer to another and to interfere with computer operation.
2. A computer virus is a type of malware that is intentionally written to gain entry into your
computer, without your knowledge or permission. It has the capacity to modify or
replicate itself, in which case it will continue spreading.
3. Computer virus is a software program written with malicious intentions which can
impede the functioning of computer.
4. A Computer virus is a harmful software programme written intentionally to enter a
computer without the user’s permission or knowledge. It has the ability to replicate itself,
thus continuing to spread. Some viruses do little but replicate, while others can cause
severe harm or adversely affect the programme and performance of the system. A virus
should never be assumed harmless and left on a system.
5. A computer virus is a program written to enter your computer system surreptitiously and
"infect" it by installing or modifying files or establishing itself in memory. Some viruses
are benign and won't harm your system, while others are destructive and can damage or
destroy your data
6. A computer virus is a program designed to harm or cause harm on an infected computer.
Viruses can spread via any of the methods used to get information into your computer:
network connections, shared folders, e-mail, and shared media such as flash memory,
CDs, and diskettes. Once they are established, viruses work at transferring themselves to
other computers. Its spreads through e-mail attachments, portable devices, websites
containing malicious scripts and file downloads.

1
7. A computer virus attaches itself to the host files and always activate whenever the
infected files are opened. The virus can replicate itself and then infect the other files on
your computer causing more damage.
Viruses can be differentiated by the methods they use to spread. Worms are viruses that
self-replicate and spread via e-mail or networks. Trojans are seemingly legitimate computer
programs that have been intentionally designed to disrupt computing activity or use computer for
something did not intend. Advancement in communication system paved way for the number of
viruses, worms and Trojans and the speed with which they spread have increased dramatically.
Flaws in operating systems like Windows or peer-to-peer file sharing programs and other widely
distributed network software may open "backdoors" to computer and can run malicious code,
infect system, or use computer for their own personal benefit.
Some popular peer-to-peer programs are: Acquisition, Aimster, Ares, Audiogalaxy,
BearShare, BitTorrent (and other BitTorrent clients), Blubster, Direct Connect, eDonkey2000,
Freewire, Gnotella, Gnucleus, Grokster, GTK-Gnutella, iMesh, Kazaa, LimeWire, LordofSearch,
Mactella, Morpheus, NeoNapster, OneMX, Overnet, Phex, Piolet, Qtella, Shareaza, SoulSeek,
SwapNut, TrustyFiles, Warez P2P, WinMX, and XoLoX. Some of these are, no doubt, safer than
others. All of them make your computer more accessible from the Internet.
Backdoors created by spyware may also be vulnerable to viruses. Spyware provides
some kind of service in exchange for monitoring and reporting activities. At a minimum,
spyware is likely to degrade the performance of your computer and increase traffic on your
network connection. It may also result in annoying pop-up advertisements while you surf the
Web. In the worst cases, computers become so clogged with spyware that they are no longer
usable. Ad-Aware from Lavasoft and Spybot Search and Destroy from Safer Networking are two
preferred tools for combating spyware. Both are free for personal use.
Given below is a list of different types of computer viruses and their functions
7.8.2 Types of Computer Viruses
i. Macro Viruses
Macro viruses infect files that are created using certain applications or programs that
contain macros, like .doc, .xls, .pps, .mdb, etc. These mini-programs make it possible to
automate series of operations so that they are performed as a single action, thereby saving the
user from having to carry them out one by one. These viruses automatically infect the file that

2
contains macros, and also infects the templates and documents that the file contains. It is referred
to as a type of e-mail virus
Hideout: These hide in documents that are shared via e-mail or networks.
Macro viruses include:
Relax
bablas
Melissa.A
097M/Y2K
Protection: The best protection technique is to avoid opening e-mails from unknown senders.
Also, disabling macros can help to protect your useful data
ii. Memory Resident Viruses
These viruses fix themselves in the computer memory and get activated whenever the OS
runs and infects all the files that are then opened.
Hideout: This type of virus hides in the RAM and stays there even after the malicious code is
executed. It gets control over the system memory and allocates memory blocks through which it
runs its own code, and executes the code when any function is executed.
Target: It can corrupt files and programs that are opened, closed, copied, renamed, etc.
Memory Resident Viruses Include:
CMJ
meve
randex
mrklunky
Protection: Install an antivirus program.
iii. Overwrite Viruses
These types of viruses delete any information in a file they infect, leaving them partially
or completely useless once they are infected. Once in the computer, they replace all the file
content but the file size doesn’t change.
Hideout: The virus replaces the file content. However, it does not change the file size.
Overwrite Viruses Include:
Trj.Reboot
way

2
trivial.88.D
Protection: The only way to clean a file infected by an overwrite virus is to delete the file
completely, thus losing the original content. However, it is very easy to detect this type of virus,
as the original program becomes useless.
iv. Direct Action Viruses
These viruses mainly replicate or take action once they are executed. When a certain
condition is met, the viruses will act by infecting the files in the directory or the folder specified
in the AUTOEXEC.BAT. The viruses are generally found in the hard disk’s root directory, but
they keep on changing location. FindFirst/FindNext technique is used where the code selects a
few files as its victims. It also infects the external devices like pen drives or hard disks by
copying itself on them.
Hideout: The viruses keep changing their location into new files whenever the code is executed,
but are generally found in the hard disk's root directory.
Target: It can corrupt files. Basically, it is a file-infecter virus.
Direct Action Viruses Include:
Vienna virus
Protection: Install an antivirus scanner. This type of virus has minimal effect on the computer’s
performance.
v. Directory Virus
Also known as cluster virus or file system virus. They infect the computer’s directory by
changing the path indicating file location. They are usually located in the disk but affect the
entire directory. When you execute a program file with an extension .EXE or .COM that has
been infected by a virus, you are unknowingly running the virus program, while the original file
and program is previously moved by the virus. Once infected, it becomes impossible to locate
the original files
Hideout: It is usually located in only one location of the disk, but infects the entire program in
the directory.
Directory Viruses Include:
dir-2 virus
Protection: All you can do is, reinstall all the files from the backup that are infected after
formatting the disk.

2
vi. Web Scripting Virus
Most web pages include some complex codes in order to create an interactive and
interesting content. Such a code is often exploited to cause certain undesirable actions. They
mostly originate from the infected web pages or browsers.
Web Scripting Viruses Include:
JS.Fortnight is a virus that spreads through malicious e-mails.
Hideout: The main sources of web scripting viruses are the web browsers or infected web pages
Protection: Install the microsoft tool application that is a default feature in Windows 2000,
Windows 7 and Vista. Scan the computer with this application
vii. Multipartite Virus
These viruses spread in multiple ways possible. It may vary in its action depending upon
the operating system installed and the presence of certain files. They tend to hide in the
computer’s memory but do not infect the hard disk.
Multipartite Viruses Include:
flip
invader
tequila
Hideout: In the initial phase, these viruses tend to hide in the memory as the resident viruses do;
then they infect the hard disk
Protection: Clean the boot sector and also the disk to get rid of the virus, and then reload all the
data in it. However, ensure that the data is clean
viii. FAT Viruses
The file allocation table (FAT) is the part of a disk used to store all the information about
the location of files, available space, unusable space, etc.
FAT Viruses Include:
the link virus
Hideout: FAT virus attacks the FAT section and may damage crucial information. It can be
especially dangerous as it prevents access to certain sections of the disk where important files are
stored. Damage caused can result in loss of information from individual files or even entire
directories

2
Protection: Before the virus attacks all the files on the computer, locate all the files that are
actually needed on the hard drive, and then delete the ones that are not needed. They may be files
created by viruses
ix. Companion Viruses
These are type of file infector virus. These viruses infect files just like the direct action
and the resident types. They are known as companion viruses because once they get into the
system they 'accompany' the other files that already exist. In other words, to carry out their
infection routines, companion viruses can wait in memory until a program is run (resident virus),
or act immediately by making copies of themselves (direct action virus)
Hideout: These generally use the same filename and create a different extension of it
For example: If there is a file "Me.exe", the virus creates another file named "Me.com" and hides
in the new file. When the system calls the filename "Me", the ".com" file gets executed (as
".com" has higher priority than ".exe"), thus infecting the system
Companion Viruses Include:
Asimov.1539
stator and terrax.1069
Protection: Install an antivirus scanner and also download Firewall
x. Polymorphic Virus
They encode or encrypt themselves in a different way every time they infect your
computer. They use different encryption and algorithms. This makes it difficult for the antivirus
software to locate them using signature or string searches (since they are very different in each
encryption). The virus then goes on to create a large number of copies
Polymorphic Viruses Include:
Marburg
tuareg
Satan bug
elkern
Protection: Install a high-end antivirus as the normal ones are incapable of detecting this type of
virus

2
xi. Worm
This program is very similar to a virus and has the ability to self-replicate leading to
negative effects on your computer. But they can be detected and eliminated by an antivirus
software
Hideout: These generally spread through e-mails and networks. They do not infect files or
damage them, but they replicate so fast that the entire network may collapse
Worms include:
PSWBugbear.B
Lovgate.F
Trile.C
Sobig.D
Mapson
Protection: Install an updated version of antivirus
xii. Trojans
Trojans can illegally trace important login details of users online. For example E-Banking
is very common among users, therefore, vulnerability of tracing your login details whenever
your PC is working without any strong powerful antivirus installed.
Another nasty breed of malicious code are Trojans or Trojan horses, which unlike
viruses, do not reproduce by infecting other files, nor do they self-replicate like worms. In fact, it
is a program which disguises itself as a useful program or application
xiii. Email Virus
This is a virus spread via an email. Such a virus will hide in an email and when the recipient
opens the mail.
xiv. Browser Hijacker
This virus can spread in many different ways including a voluntary download. If infects certain
browser functions especially in form of re-directing the user automatically to certain sites. A
good example is
Browser Hijackers Include:
the cool web search
Boot Sector Virus

2
This type of virus affects the boot sector of a hard disk. This is a crucial part of the disk,
in which information of the disk itself is stored along with a program that makes it possible to
boot (start) the computer from the disk. This type of virus is also called Master Boot Sector Virus
or Master
Hideout: It hides in the memory until DOS accesses the floppy disk, and whichever boot data is
accessed, the virus infects it.
xv. Boot Record Virus include
Polyboot.B
AntiEXE
Protection: The best way of avoiding boot sector viruses is to ensure that floppy disks are write
protected. Also, never start your computer with an unknown floppy disk in the disk drive.
xvi. Logic Bombs
They are not considered viruses because they do not replicate. They are not even
programs in their own right, but rather camouflaged segments of other programs. They are only
executed when a certain predefined condition is met. Their objective is to destroy data on the
computer once certain conditions have been met. Logic bombs go undetected until launched, the
results can be destructive and your entire data can be deleted
From the above discussion, it is very clear that computer viruses and their effects are very
harmful and can completely damage computer. Always make sure your system is up to date.
Also install antivirus software. The antivirus program protects your computer and the personal
information in it.
7.8.3 What do computer viruses do?
Through the use of Internet and computer, one may have come in to contact with
computer viruses. A computer virus might corrupt or delete data on the computer, it may use the
email program to spread itself to other computers, or even erase everything on the hard disk.
Computer viruses are often spread by attachments in email messages. That is why it is essential
that not to open email attachments from unknown source. Viruses can be disguised as
attachments of funny images, greeting cards, or audio and video files. Computer viruses also
spread through downloads on the Internet.

2
7.8.4 Virus Symptoms
The following points will highlight the ways in which virus can be detected:
 If your computer starts performing differently for no apparent reason, it may be
infected by a virus.
 Antivirus software will give a warning of an infection. However, that may not happen if
it is not updated or if antivirus software stops functioning for some reason. (For example,
some viruses attack antivirus software).
 There's no single symptom for virus infections. Some viruses inform themselves by
displaying messages like, "Ha, ha, you're infected by whatever."
 Others just usurp system and network resources to do things like send e-mail messages or
propagate themselves over the network.
 Still others delete or corrupt critical files. In some cases, Information Security is able to
detect a virus on computer by tracing malicious network traffic or e-mail back to your
network connection.
 Recognizing computer virus symptoms is a slightly slow and cumbersome task, which
depends on the virus competency and the user's computer knowledge and understanding.
If the user has the correct knowledge, computer virus symptoms can often be spotted
quickly after infection.
 Malicious viruses will often corrupt or delete program or system files, and perhaps invade
the computer storage and memory. The deletion of critical files can usually been seen
almost instantly, as commonly used programs will no longer work as intended or parts of
the system will start to become unstable or disabled; when it has been determined that
these errors have not been caused by the user, it is highly likely that the computer
terminal, system or network has been infected with a computer virus.
 Memory occupying is another way a virus may secure its place on a computer, by
installing itself transparently at system start up.
 Sudden degradation in the computer's ability. If the user suddenly spots a dramatic
decrease, or considerable slowing down of their computer terminal, is the symptom of
virus infection.
 If files appear to be moving, changing size, or doing other suspicious activities, it is the
symptom of virus infection

2
7.8.5 Precautions and Preventive Actions
Many viruses create multiple copies of themselves on each computer, so that if one
suspect were deleted, other hidden clones may carry on. Antivirus software is programmed to
recognize this, and wipe all components of a virus, including memory inhabitants. Symptoms,
like that of the Trojan, are difficult to spot without the use of anti-virus software, unless the user
has knowledge. While some computer virus symptoms may alert infected users of their presence,
through an on-screen message of some sort, the majority of virus programs are a little more
subtle - and these are the more destructive computer virus.
To help avoid computer viruses, it's essential to update antivirus tools, stay informed
about recent threats, run computer as a standard user not as administrator and that follow a few
basic rules when surfing the Internet, downloading files and opening attachments. Once a virus is
on, its type or the method it used to get there is not as important as removing it and preventing
further infection.
Virus protection software is designed to prevent viruses, worms and Trojan horses from
getting onto a computer as well as remove any malicious software code that has already infected
a computer.
7.8.6 Measures to avoid viruses and spyware
IT professionals must encourage their users to follow several security practices to
minimize virus, spyware, and malware exposure.
1: Install quality antivirus
All Windows users should install professional, business-grade antivirus software on their
PCs. Pro-grade antivirus programs update more frequently throughout the day, protect against a
wider range of threats (such as rootkits) and enable additional protective features (such as custom
scans).
2: Install real-time anti-spyware protection
Most free anti-spyware programs do not provide real-time, or active, protection from
adware, Trojan, and other spyware infections. While many free programs can detect spyware
threats once they've infected a system, typically professional (or fully paid and licensed) anti-
spyware programs are required to prevent infections and fully remove those infections already
present.

2
3: Keep anti-malware applications current
Antivirus and anti-spyware programs require regular signature and database updates.
Without these critical updates, anti-malware programs are unable to protect PCs from the latest
threats. Computer users must keep their antivirus and anti-spyware applications up to date.
Prevent license expiration, thereby ensuring that they provide protection against the most recent
threats.
4: Perform daily scans
Regardless of the infection source, enabling complete, daily scans of a system's entire
hard drive adds another layer of protection. These daily scans can be invaluable in detecting,
isolating, and removing infections that initially escape security software's attention.
5: Disable autorun
Computer users can disable the Windows autorun feature by following Microsoft's
recommendations, which differ by operating system.
6: Disable image previews in Outlook
Prevent against automatic infection by disabling image previews in Outlook. By default,
newer versions of Microsoft Outlook do not automatically display images. But if you have
changed the default security settings, you can switch them back selecting Don't Download
Pictures Automatically in HTML E-Mail Messages or RSS.
7: Don't click on email links or attachments
Don't click on email links or attachments. Users should never click on email attachments
without at least first scanning them for viruses using a business-class anti-malware application.
As for clicking on links, users should access Web sites by opening a browser and manually
navigating to the sites in question.
8: Surf smart
Users should never enter user account, personal, financial, or other sensitive information
on any Web page at which they haven't manually arrived. They should instead open a Web
browser, enter the address of the page they need to reach, and enter their information that way,
instead of clicking on a hyperlink and assuming the link has directed them to the proper URL.
Hyperlinks contained within an e-mail message often redirect users to fraudulent, fake, or
unauthorized Web sites. By entering Web addresses manually, users can help ensure that they
arrive at the actual page they intend.

2
9: Use a hardware-based firewall
Reliable firewall is indispensable, as it protects computers from a wide variety of
exploits, malicious network traffic, viruses, worms, and other vulnerabilities. The software-based
firewall included with Windows is not sufficient to protect systems from the myriad robotic
attacks affecting all Internet-connected systems. Therefore, all PCs should be connected to the
Internet secured capable hardware-based firewall.
10: Deploy DNS protection
Users can protect themselves from many threats by changing the way their computers
process DNS services. While a computer professional may be required to implement the switch,
OpenDNS offers free DNS services to protect users against common phishing, spyware, and
other Web-based hazards.
11. Use a firewall.
Windows Firewall (or any other firewall) can help alert you to suspicious activity if a
virus or worm attempts to connect to your computer. It can also block viruses, worms, and
hackers from attempting to download potentially harmful programs to your computer.
12. Use your browser's privacy settings.
Being aware of how websites might use your private information is important to help
prevent fraud and identity theft. If you're using Internet Explorer, you can adjust your Privacy
settings or restore the default settings whenever you want.
13. Use a pop-up blocker with your browser.
Pop-up windows are small browser windows that appear on top of the website you're
viewing. Although most are created by advertisers, they can also contain malicious or unsafe
code. A pop-up blocker can prevent some or all of these windows from appearing. The Pop-up
Blocker feature in Internet Explorer is turned on by default.
14. Turn on User Account Control (UAC).
When changes are going to be made to your computer that require administrator-level
permission, UAC notifies you and gives you the opportunity to approve the change. UAC can
help keep viruses from making unwanted changes.

2
7.9 Intruders
Intruder, often referred to as a hacker or cracker, is another threat to security Anderson
identified three classes of intruders:
1. Masquerader: An individual who is not authorized to use the computer and who
penetrates a system’s access controls to exploit a legitimate user’s account
2. Misfeasor: A legitimate user who accesses data, programs, or resources for which such
access is not authorized, or who is authorized for such access but misuses his or her
privileges
3. Clandestine user: An individual who seizes supervisory control of the system and uses
this control to evade auditing and access controls or to suppress audit collection.
The masquerader is likely to be an outsider; the misfeasor generally is an insider; and the
clandestine user can be either an outsider or an insider. Intruder attacks range from the benign to
the serious. At the benign end, there are many people who simply wish to explore internets. At
the serious end, individuals who attempt to read privileged data, perform unauthorized
modifications to data, or disrupt the system.
Examples of intrusion:
 Performing a remote root compromise of an e-mail server
 Defacing a Web server
 Guessing and cracking passwords
 Copying a database containing credit card numbers
 Viewing sensitive data, including payroll records and medical information, without
authorization
 Running a packet sniffer on a workstation to capture usernames and passwords
 Using a permission error on an anonymous FTP server to distribute pirated software and
music files
 Dialling into an unsecured modem and gaining internal network access
 Posing as an executive, calling the help desk, resetting the executive’s e-mail password,
and learning the new password
 Using an unattended, logged-in workstation without permission

2
7.9.1 Intruder Behaviour Patterns
The techniques and behaviour patterns of intruders are constantly shifting, to exploit
newly discovered weaknesses and to evade detection and countermeasures. Even so, intruders
typically follow one of a number of recognizable behaviour patterns, and these patterns typically
differ from those of ordinary users. In the following, we look at three broad examples of intruder
behaviour patterns, to give the reader some feel for the challenge facing the security
administrator.
Some Examples of Intruder Patterns of Behaviour
(a) Hacker
1. Select the target using IP lookup tools such as NSLookup, Dig, and others.
2. Map network for accessible services using tools such as NMAP.
3. Identify potentially vulnerable services (in this case, pcAnywhere).
4. Brute force (guess) pcAnywhere password.
5. Install remote administration tool called DameWare.
6. Wait for administrator to log on and capture his password.
7. Use that password to access remainder of network.
(b) Criminal Enterprise
1. Act quickly and precisely to make their activities harder to detect.
2. Exploit perimeter through vulnerable ports.
3. Use Trojan horses (hidden software) to leave back doors for reentry.
4. Use sniffers to capture passwords.
5. Do not stick around until noticed.
6. Make few or no mistakes.
(c) Internal Threat
1. Create network accounts for themselves and their friends.
2. Access accounts and applications they wouldn’t normally use for their daily jobs.
3. E-mail former and prospective employers.
4. Conduct furtive instant-messaging chats.
5. Visit Web sites that cater to disgruntled employees, such as f’dcompany.com.
6. Perform large downloads and file copying.
7. Access the network during off hours.

2
7.9.2 Intrusion Techniques
The objective of the intruder is to gain access to a system or to increase the range of
privileges accessible on a system. Most initial attacks use system or software vulnerabilities that
allow a user to execute code that opens a back door into the system. Alternatively, the intruder
attempts to acquire information that should have been protected. In some cases, this information
is in the form of a user password. With knowledge of some other user’s password, an intruder
can log in to a system and exercise all the privileges accorded to the legitimate user. Typically, a
system must maintain a file that associates a password with each authorized user. If such a file is
stored with no protection, then it is an easy matter to gain access to it and learn passwords. The
password file can be protected in one of two ways:
1. One-way function: The system stores only the value of a function based on the user’s
password. When the user presents a password, the system transforms that password and
compares it with the stored value.
2. Access control: Access to the password file is limited to one or a very few accounts. If
one or both of these countermeasures are in place, some effort is needed for a potential
intruder to learn passwords.
On the basis of a survey of the literature and interviews with a number of password crackers, the
following techniques for learning passwords are reported:
1. Try default passwords used with standard accounts that are shipped with the system. Many
administrators do not bother to change these defaults.
2. Exhaustively try all short passwords (those of one to three characters).
3. Try words in the system’s online dictionary or a list of likely passwords. Examples of the
latter are readily available on hacker bulletin boards.
4. Collect information about users, such as their full names, the names of their spouse and
children, pictures in their office, and books in their office that are related to hobbies.
5. Try users’ phone numbers, Social Security numbers, and room numbers.
6. Try all legitimate license plate numbers for this state.
7. Use a Trojan horse to bypass restrictions on access.
8. Tap the line between a remote user and the host system.

2
7.9.3 Password Protection
The defence against intruders is the password system. All multiuser systems require that a
user provide not only a name or identifier (ID) but also a password. The password serves to
authenticate the ID of the individual logging on to the system. In turn, the ID provides security in
the following ways:
 The ID determines whether the user is authorized to gain access to a system. In some
systems, only those who already have an ID filed on the system are allowed to gain
access.
 The ID determines the privileges accorded to the user. A few users may have supervisory
or “superuser” status that enables them to read files and perform functions that are
especially protected by the operating system. Some systems have guest or anonymous
accounts, and users of these accounts have more limited privileges than others.
 The ID is used in what is referred to as discretionary access control. For example, by
listing the IDs of the other users, a user may grant permission to them to read files owned
by that user.
7.9.4 Protection from intrusion:
The internet has certainly made our lives easier and more comfortable. Just think of web
services, such as online takeaway ordering or online grocery purchases which can be carried out
with one click and delivered to your doorstep. On the other hand most of us know how annoying
it is when your device catches a virus and stops working, resulting in a loss of your data.
Computers have revolutionized how we learn, work, shop, pay bills, keep track of our accounts,
and communicate with others. Computer is like your home – it contains sensitive and valuable
information, so it’s a good idea to keep it locked and be careful about it.
Intruders lurking in cyberspace or those who have physical access to your computer may try to
steal information stored in your computer, or use it to attack other computer systems. Some
individuals simply enjoy sending out viruses that can destroy your files and require expensive
computer repairs. Taking some basic security steps can help one to use computer with
confidence and protect personal information from abuse by the intrusion.

2
Step One: Pick an Effective Password
Passwords are the keys that unlock access to your email accounts and other computer
activities. They must be chosen to prevent intruders from correctly guessing them based on
knowledge about you or cracking them with software programs that try every word in the
dictionary until they get a match. To have an effective functioning of password the following
factors may be considered:
 Use a combination of letter and numbers.
 Avoid obvious things such as your birth date.
 Pick passwords that you can easily remember.
 Don’t write passwords anywhere which others may find them.
 Keep your passwords private and be suspicious of people who ask for them claiming to
be from companies that should already have them.
Step Two: Build a Firm Firewall
A firewall is like the fence around a fort – it makes it harder for intruders to get into the
computer from cyberspace. This is important for a high-speed Internet connection through cable
provider or DSL (digital subscriber line), because the doorway from the computer to the Internet
is open whenever the computer is on, even if you aren’t doing anything online at that moment.
To build a firm firewall, the following steps may be considered:
 Check if the computer hardware or software already has a built-in firewall.
 If yes, it may be necessary to turn the firewall feature on.
 If you don’t already have one, you can find free firewall software on the Internet or
purchase software.
 Use an external firewall device that connects to your computer.
 Firewalls differ, and some can be customized to suit your particular needs, so read the
descriptions carefully and decide about the installation of a particular firewall.
Step Three: Avoid Catching a Computer Virus
A computer can become infected and infect other computers with viruses that may be
planted in emails or attachments to emails, in programs or files that are downloaded, in floppy
disks, and even in Web sites that are visited. The first line of defence is an anti-virus program.
This is not the same as a firewall – both are needed since they protect you from different types of
attacks. In this regard, the following points must be remembered:

2
 Get an anti-virus program that updates automatically.
 Install programs that can also repair damage caused by a virus.
 Don’t open email or email attachments unless you expected the message and know the
source.
 Download files and programs and use disks from sources you know and trust.
 Don’t forward email warnings about new viruses to others – they could be hoaxes
designed to spread a virus instead of warn against them.
Step Four: Back It Up
Consider safeguarding important items in your computer and take back up so that they
won’t be lost if a virus strikes, computer crashes, or there is some other kind of disaster. For
example, financial records, research, writing, original artwork, and work files are difficult to
reconstruct or replace, therefore they should be backed up regularly. For back up process the
below given points are to be remembered:
 Don’t rely on paper copies for things that would require inputting the data all over again,
such as computerized check registers.
 Use floppy disks to back up small files, CDs or removable disk drives for larger files.
 Some items, (bank records), should be backed up every time a change is made, while
others might require less frequent back-ups.
 Set schedules for backing up files and stick to them.
 Store back-ups in a locked, fireproof container.
Step Five: Keep Up to Date
To keep your computer secure, you need to keep one step ahead of Hackers (outsiders
who try to get into computers through the Internet) and virus creators. Make use of “patches”
that software manufacturers may offer when they discover flaws in their programs that can make
them vulnerable to hackers, viruses, and other problems. These can often be downloaded at no
charge.
 If your anti-virus software doesn’t automatically update itself to detect and stop new
viruses, get updated software at least once a year.
 Update your firewall regularly.

2
Step Six: Control the Use of Your Computer
When your computer is shared with roommates, children, or other users, it is crucial for
everyone to follow the same security rules as follows:
 Make sure that all users understand the dangers of security breaches.
 Turn the computer off when not in use.
 Don’t share passwords.
 Keep the computer in a common area where from it can be seen easily that who is using it
and what they’re doing.
 Instruct all users to tell inform immediately if they suspect there is a security problem.
Don’t get panic if a security breach occurs. Report the same to your Internet service provider
(ISP). If you have high-speed Internet access through cable or DSL, unplug the phone or cable
line from your computer. Your ISP and software and hardware vendors may offer advice about
how to remedy the problem. If you believe that someone has obtained your financial information,
contact the financial institution immediately. Try to determine how the security breach occurred
so you can strengthen your protection in the future.
7.9.5 Difference between Intruders and Hackers:
A hacker has a lot of computing skills and challenges of solving technical problems. This
includes the failure of computers and networks. But the goal of intruder is no damage of
network, the technical aspects and how to overcome as learners and status symbol among the
hacker community.
A hacker is a person who intensely interested in the workings of any computer operating
system. The hackers are most often programmers. As such, hackers obtain advanced knowledge
of operating systems and programming languages. They might discover holes within systems and
the reasons for such holes. Hackers constantly seek further knowledge; freely share what they
have discovered, and never intentionally damage data.
The intruder is one who breaks into or otherwise violates the system integrity of remote
machines with malicious intent. Having gained unauthorized access, crackers destroy vital data,
deny legitimate users service, or cause problems for their targets. Crackers can easily be
identified because their actions are malicious.”

2
The difference between hacker and intruder might not seem much to the average person
because after all divided into two computers and networks not allowed but that is what matters
the person made after he infiltrates a network.
7.10 Summary
E-Security is a part of the Information Security framework and is specifically applied to
the components that affect e-commerce that include Computer Security, Data security and other
wider realms of the Information Security framework. E-security has its own problems. E-
commerce and network security are not simple; diligence is needed to prevent loss. Firewalls
protect network by permitting only specified traffic to enter it from the outside (from the
Internet). In other words, firewalls are a type of access control for networks. Because of the
Internet, firewalls have come to play an important role in modern business technologies. A major
weakness of firewalls and intrusion detection systems is that they must be managed
continuously. Security vendors have made great progress in developing tools that extend
protected network into the open e-commerce world; detect would-be intruders; hold users
accountable for their actions; stop malicious code encrypted in messages from reaching their
targets; and letting the owner of the Web site or application server, decide who gets to access
what.
Security issues in e-commerce threaten to derail industry. With the ever increasing cyber
threats and the global expansion of e-commerce, the security of the Internet and e-commerce in
general will become more vital. There are number of government, organizational and industry
initiatives that can assist in providing businesses and consumers’ guidance that will help address
some of the risk. Everyone has to participate in making the Internet more secure.
7.11 Key Terms
 E-Security: It is a branch of computer security specifically related to the Internet, often
involving browser security but also network security.
 Network Security: It includes systems that protect networks, such as a local area
network (LAN) or wide area network (WAN).
 Intrusion detection: It can detect and register suspicious activity, alert appropriate
personnel and block the anomalous behaviour on the network or its hosts.
 Digital Signature: A digital signature is a e-signature authentic authenticated through
encryption and password.

2
 Security Certificates: Security certificate is unique digital id used to verify identity of
an individual website or user.
 PIN: Personal Identification Number to access funds in a bank account.
 Information Risks: They stem from information published and contained in web sites
and associated with the conduct of e-commerce.
 Technology Risks: They include risks involving hardware, software,
telecommunications and databases. It results from the misuse of technology or
inappropriate use of technologies.
 Business Risks: They are concerned with customer and supplier relationships and risks
associated with products and services marketed and distributed over the Internet. They
also include risks associated with managerial aspects of the business including personnel
and contractual relations.
 Card Holder's Digital Wallet Software: Digital Wallet allows card holder to make
secure purchases online via point and click interface.
 Merchant Software: This software helps merchants to communicate with potential
customers and financial institutions in secure manner.
 Payment Gateway Server Software: Payment gateway provides automatic and
standard payment process. It supports the process for merchant's certificate request.
 Certificate Authority Software: This software is used by financial institutions to issue
digital certificates to card holders and merchants and to enable them to register their
account agreements for secure electronic commerce.
 Firewall: A firewall is a software program or piece of hardware that helps screen out
hackers, viruses, and worms that try to reach your computer over the Internet.
 Computer virus: It is a software program written with malicious intentions which can
impede the functioning of computer.
 Worms: They are viruses that self-replicate and spread via e-mail or networks.
 Trojans: They are seemingly legitimate computer programs that have been intentionally
designed to disrupt computing activity or use computer for something did not intend.
 Intruder: A hacker or cracker, is another threat to security
 Hacker: A person who intensely interested in the workings of any computer operating
system. The hackers are most often programmers.

2
7.12 Self Evaluation Questions
1. What is E-security?
2. What are the areas with which E-security is related to?
3. What are the fundamentals of Computer Security?
4. What factors are to be considered for E-Security Design?
5. What are the measures to be taken to ensure security?
6. Describe various stages in E-security Design.
7. What are the various types of security risks? Explain.
8. Explain different types of E-commerce threats.
9. Discuss various measures to be taken to protect from threats.
10. Write a note on E-banks and security.
11. Enumerate E-security protocols
12. Define the term firewall.
13. Explain various types of firewalls
14. Define the term computer virus
15. Discuss about various types of computer viruses?
16. What to computer viruses do?
17. Discuss various points to be considered to find virus symptoms.
18. What are the preventing measures from virus attacks?
19. Who is an intruder?
20. What are different classes of intruders?
21. List out various examples of intrusion
22. Describe various intruder behaviour patterns
23. What are different intruder techniques?

You might also like