Chapter One:

An Overview to E-commerce

Learning outcome
After completing this chapter learners should able to:

 Understand what is e-commerce?

 Distinguish e-commerce and e-business
 Understand the unique characteristics of e-commerce.
 Explain the advantages and disadvantages of e-commerce.

1.1 Introduction of E-Commerce

Recently most commercial transactions still take place through conventional channels, rising
numbers of consumers and businesses are using the Internet for electronic commerce. Projections
show that by 2006, total e-commerce spending by consumers and businesses could surpass $5
trillion (e-marketer, 2004 and 2003).
Today, networking and the Internet are nearly synonymous with doing business. Firms’
relationships with customers, employees, suppliers, and logistic partners are becoming digital
relationships. As a supplier, you cannot do business with national and international retailers
unless you adopt their well-defined digital technologies. As a consumer, you will increasingly
interact with sellers in a digital environment. As an employer, you’ll be interacting more
electronically with your employees and giving them new digital tools to accomplish their work.
So much business is now enabled by or based upon digital networks that we use the terms
electronic business and electronic commerce frequently throughout this text. Electronic business,
or e-business, designates the use of Internet and digital technology to execute all of the activities
in the enterprise. E-business includes activities for the internal management of the firm and for
coordination with suppliers and other business partners. It also includes electronic commerce, or
e-commerce. E-commerce is the part of e-business that deals with the buying and selling of
goods and services electronically with computerized business transactions using the Internet,
networks, and other digital technologies. It also encompasses activities supporting those market
transactions, such as advertising, marketing, customer support, delivery, and payment.
To sum up E-commerce is the use of the Internet and the Web to transact business. Digitally
enabled transactions include all transactions mediated by digital technology. For the most part,
this means transactions that occur over the Internet and the Web. Commercial transactions
involve the exchange of value (e.g., money) across organizational or individual boundaries in
return for products and services. Exchange of value is important for understanding the limits of
e-commerce. Without an exchange of value, no commerce occurs.

1.2. Origin Of E-Commerce

E-commerce applications began in the early 1970s with such innovations as electronic transfer of
funds. However, the applications were limited to large corporations and a few daring small
businesses. Then came electronic data interchange (EDI), which added other kinds of transaction
processing and extended participation to all industries.

The early years of e-commerce were a period of explosive growth and extraordinary innovation,
beginning in 1995 with the first widespread use of the Web to advertise products. This period of
explosive growth was capped in March 2000 when stock market valuations for [Link]
companies reached their peak and thereafter began to collapse.
The field of e-commerce is broad. There are many applications of EC, such as home banking,
shopping in electronic malls, buying stocks, finding a job, conducting an auction, collaborating
electronically with business partners around the globe, and providing customer service. The
implementation of various EC applications depends on four major support categories, shown as
supporting pillars in Figure 9.1: people, public policy, and marketing/advertising and supply
chain logistics. The EC management within each organization coordinates the applications,
infrastructure, and pillars.
The phenomenon of e-commerce is so broad that a multidisciplinary perspective is required.
There are two primary approaches to e-commerce: technical and behavioral.
Technical Approaches- Computer scientists are interested in e-commerce as an exemplary
application of Internet technology. They are concerned with the development of computer
hardware, software, and telecommunications systems, as well as standards, encryption, and
database design and operation. Management scientists are primarily interested in building
mathematical models of business processes and optimizing these processes. They are interested
in e-commerce as an opportunity to study how business firms can exploit the Internet to achieve
more efficient business operations.

Behavioral Approaches- In the behavioral area, information systems researchers are primarily
interested in e-commerce because of its implications for firm and industry value chains, industry
structure, and corporate strategy. The information systems discipline spans the technical and
behavioral approaches. For instance, technical groups within the information systems specialty
also focus on data mining, search engine design, and artificial intelligence. Economists have
focused on consumer behavior at Web sites, pricing of digital goods, and on the unique features
of digital electronic markets.

1.3. Definition of e-commerce

Electronic commerce (e-commerce) is often thought simply to refer to buying and selling using
the Internet; people immediately think of consumer retail purchases from companies such as
Amazon. But e-commerce involves much more than electronically mediated financial
transactions between organizations and customers. E-commerce should be considered as all
electronically mediated transactions between an organization and any third party it deals with.
By this definition, non-financial transactions such as customer requests for further information
would also be considered to be part of e-commerce.
The UK government also used a broad definition when explaining the scope of e-commerce to
industry:
E-commerce is the exchange of information across electronic networks, at any stage in the
supply chain, whether within an organization, between businesses, between businesses and
consumers, or between the public and private sector, whether paid or unpaid.(Cabinet Office,
1999
These definitions show that electronic commerce is not solely restricted to the actual buying and
selling of products, but also includes pre-sale and post-sale activities across the supply chain. E-
commerce is facilitated by a range of digital technologies that enable electronic communications.
These technologies include Internet communications through web sites and e-mail as well as
other digital media such as wireless or mobile and media for delivering digital television such as
cable and satellite.
1.4. E-Business Vs E-commerce

E-commerce: is more specific than e-business. E-business involves the use electronic platforms-
intranets, extranets and Internet to conduct a company’s business. Internet and other technologies
now help companies carry on their business faster, more accurately and over a range of time and
space. They have created intranets to help employees communicate with each other and access
information found in the company’s computers. They have set up extranets with major suppliers
and distributers to assist information exchange, orders, transactions and payments. Companies
such as Cisco, Microsoft and Oracle run almost entirely as e-business, in which memos, invoices,
engineering drawings, sales and marketing information –virtually everything-happens over the
Internet instead of on paper.
E-business: includes all electronic–based information exchanges within or between companies
and customers. In contrast e-commerce involves buying and selling processes supported by
electronic means, primarily the Internet. E-markets are market-spaces rather than physical
marketplaces. Sellers use e-markets to offer their products and services online. Buyers use them
to search for information, identify what they want, and place orders using credit or other means
of electronic payment. Is the online transaction of business, featuring linked computer systems of
the vendor, host, and buyer? Electronic transactions involve the transfer of ownership or rights to
use a good or service.

Figure 1.1- the difference between e-business system and e-commerce

1.5. Unique Features of E-Commerce
E-commerce has seven unique characteristics that distinguish from the traditional business
transaction. These are ubiquity, global reach, universal standards, richness, information density
and personalization/customization. Each unique characteristic are discussed below from business
significance and e-commerce technology dimension.
A. Ubiquity
In traditional commerce, a marketplace is a physical place you visit in order to transact. For
example, television and radio typically motivate the consumer to go some-place to make a
purchase. E-commerce, in contrast, is characterized by its ubiquity: it is available just about
everywhere, at all times. It liberates the market from being restricted to a physical space and
makes it possible to shop from your desktop, at home, at work, or even from your car, using
mobile commerce. The result is called a market-space—a marketplace extended beyond
traditional boundaries and removed from a temporal and geographic location. From a consumer
point of view, ubiquity reduces transaction costs—the costs of participating in a market. To
transact, it is no longer necessary that you spend time and money traveling to a market. At a
broader level, the ubiquity of e-commerce lowers the cognitive energy required to transact in a
market-space. Cognitive energy refers to the mental effort required to complete a task. Humans
generally seek to reduce cognitive energy outlays. When given a choice, humans will choose the
path requiring the least effort—the most convenient path.
B. Global Reach
E-commerce technology permits commercial transactions to cross cultural and national
boundaries far more conveniently and cost-effectively than is true in traditional commerce. As a
result, the potential market size for e-commerce merchants is roughly equal to the size of the
world’s online population (over 1 billion in 2005, and growing rapidly, according to the
Computer Industry Almanac) (Computer Industry Almanac, Inc., 2006). The total number of
users or customers an e-commerce business can obtain is a measure of its reach (Evans and
Wurster, 1997).
In contrast, most traditional commerce is local or regional—it involves local merchants or
national merchants with local outlets. Television and radio stations, and newspapers, for
instance, are primarily local and regional institutions with limited but powerful national networks
that can attract a national audience. In contrast to e-commerce technology, these older commerce
technologies do not easily cross national boundaries to a global audience.
C. Universal Standards
One strikingly unusual feature of e-commerce technologies is that the technical standards of the
Internet, and therefore the technical standards for conducting e-commerce, are universal
standards—they are shared by all nations around the world. In contrast, most traditional
commerce technologies differ from one nation to the next. For instance, television and radio
standards differ around the world, as doe’s cell telephone technology. The universal technical
standards of the Internet and e-commerce greatly lower market entry costs—the cost merchants
must pay just to bring their goods to market. At the same time, for consumers, universal
standards reduce search costs—the effort required to find suitable products. And by creating a
single, one-world market space, where prices and product descriptions can be inexpensively
displayed for all to see, price discovery becomes simpler, faster, and more accurate (Bakos,
1997; Kambil, 1997). And users of the Internet, both businesses and individuals, experience
network externalities—benefits that arise because everyone uses the same technology. With e-
commerce technologies, it is possible for the first time in history to easily find many of the
suppliers, prices, and delivery terms of a specific product anywhere in the world, and to view
them in a coherent, comparative environment. Although this is not necessarily realistic today for
all or many products, it is a potential that will be exploited in the Future.
D. Richness
Information richness refers to the complexity and content of a message (Evansand Wurster,
1999). Traditional markets, national sales forces, and small retail stores have great richness: they
are able to provide personal, face-to-face service using aural and visual cues when making a sale.
The richness of traditional markets makes them a powerful selling or commercial environment.
Prior to the development of the Web, there was a trade-off between richness and reach: the larger
the audience reached the less rich the message.
E. Interactivity
Unlike any of the commercial technologies of the twentieth century, with the possible exception
of the telephone, e-commerce technologies allow for interactivity, meaning they enable two-way
communication between merchant and consumer. Television, for instance, cannot ask viewers
any questions or enter into conversations with them, and it cannot request that customer
information be entered into a form.
In contrast, all of these activities are possible on an e-commerce Web site. Interactivity allows an
online merchant to engage a consumer in ways similar to a face-to-face experience, but on a
much more massive, global scale.
F. Information Density
The Internet and the Web vastly increase information density—the total amount and quality of
information available to all market participants, consumers, and merchants alike. E-commerce
technologies reduce information collection, storage, processing, and communication costs. At the
same time, these technologies increase greatly the currency, accuracy, and timeliness of
information—making information more useful and important than ever. As a result, information
becomes more plentiful, less expensive, and of higher quality. A number of business
consequences result from the growth in information density. In e-commerce markets, prices and
costs become more transparent. Price transparency refers to the ease with which consumers can
find out the variety of prices in a market; cost transparency refers to the ability of consumers to
discover the actual costs merchants pay for products (Sinha, 2000). But there are advantages for
merchants as well. Online merchants can discover much more about consumers; this allows
merchants to segment the market into groups willing to pay different prices and permits them to
engage in price discrimination—selling the same goods, or nearly the same goods, to different
targeted groups at different prices. For instance, an online merchant can discover a consumer’s
avid interest in expensive exotic vacations, and then pitch expensive exotic vacation plans to that
consumer at a premium price, knowing this person is willing to pay extra for such a vacation. At
the same time, the online merchant can pitch the same vacation plan at a lower price to more
price-sensitive consumers (Shapiro and Varian, 1999). Merchants also have enhanced abilities to
differentiate their products in terms of cost, brand, and quality.
G. Personalization/Customization
E-commerce technologies permit personalization: merchants can target their marketing messages
to specific individuals by adjusting the message to a person’s name, interests, and past purchases.
The technology also permits customization—changing the delivered product or service based on
a user’s preferences or prior behavior. Given the interactive nature of e-commerce technology,
much information about the consumer can be gathered in the marketplace at the moment of
purchase. With the increase in information density, a great deal of information about the
consumer’s past purchases and behavior can be stored and used by online merchants. The result
is a level of personalization and customization unthinkable with existing commerce technologies.
For instance, you may be able to shape what you see on television by selecting a channel, but
you cannot change the contents of the channel you have chosen. In contrast, the online version of
the Wall Street Journal allows you to select the type of news stories you want to see first, and
gives you the opportunity to be alerted when certain events happen.
1.6. Comparison of Traditional Commerce and E-Commerce

In e-commerce there may be no physical store, and in most cases the buyer and seller do not see
each other. The Web and telecommunications technologies play a major role, in e-commerce.
Although the goals and objectives of both e-commerce and traditional commerce are the same—
selling products and services to generate profits—they do it quite differently. Traditional
commerce presents product information by using magazines, flyers. On the other hand, e-
commerce presents by using web sites and online catalogs. Traditional commerce
communicates by regular mail, phone yet e-commerce by e-mail. Traditional commerce checks
product availability by phone, fax and letter. However, e-commerce checks by e-mail, web
sites, and internal networks. Traditional commerce generates orders and invoices by printed
forms but e-commerce by e-mail, and web sites. Traditional commerce gets product
acknowledgments by phone and fax. On the other hand, e-commerce gets by e-mail, web sites,
and EDI. It is important to notice that currently many companies operate with a mix of
traditional and e-commerce. Just about all medium and large organizations have some kind of e-
commerce presence. The followings are some examples, Toys-R-Us, Wal-Mart Stores, GoldPC,
and Vatan Computer.
1.7. Advantages and disadvantage of E-Commerce
 Advantages of E-Commerce
Some advantages that can be achieved from e-commerce include:

1. Being able to conduct business 24 x 7 x 365: E-commerce systems can operate all day
every day. Your physical storefront does not need to be open in order for customers and
suppliers to be doing business with you electronically.
2. Access the global market place: The Internet spans the world, and it is possible to do
business with any business or person who is connected to the Internet. Simple local
businesses such as specialist record stores are able to market and sell their offerings
internationally using e-commerce. This global opportunity is assisted by the fact that, unlike
traditional communications methods, users are not charged according to the distance over
which they are communicating.
3. Speed: Electronic communications allow messages to traverse the world almost
instantaneously. There is no need to wait weeks for a catalogue to arrive by post: that
communications delay is not a part of the Internet / e-commerce world.
4. Market space: The market in which web-based businesses operate is the global market. It
may not be evident to them, but many businesses are already facing international competition
from web-enabled businesses.
5. Opportunity to reduce costs: The Internet makes it very easy to 'shop around' for products
and services that may be cheaper or more effective than we might otherwise settle for. It is
sometimes possible to, through some online research, identify original manufacturers for
some goods - thereby bypassing wholesalers and achieving a cheaper price.
6. Computer platform-independent: 'Many, if not most, computers have the ability to
communicate via the Internet independent of operating systems and hardware. Customers are
not limited by existing hardware systems' (Gascoyne & Ozcubukcu, 1997:87).
7. Efficient applications development environment: - 'In many respects, applications can be
more efficiently developed and distributed because the can be built without regard to the
customer's or the business partner's technology platform. Application updates do not have to
be manually installed on computers. Rather, Internet-related technologies provide this
capability inherently through automatic deployment of software updates' (Gascoyne &
Ozcubukcu, 1997:87).
8. Allowing customer self-service and 'customer outsourcing': People can interact with
businesses at any hour of the day that it is convenient to them, and because these interactions
are initiated by customers, the customers also provide a lot of the data for the transaction that
may otherwise need to be entered by business staff. This means that some of the work and
costs are effectively shifted to customers; this is referred to as 'customer outsourcing'.
9. Stepping beyond borders to a global view: Using aspects of e-commerce technology can
mean your business can source and use products and services provided by other businesses in
other countries. This seems obvious enough to say, but people do not always consider the
implications of e-commerce. For example, in many ways it can be easier and cheaper to host
and operate some e-commerce activities outside Australia.
  Disadvantages and limitations of E-commerce
Some disadvantages and constraints of e-commerce include the following.
1. Time for delivery of physical products: It is possible to visit a local music store and walk
out with a compact disc or a bookstore and leave with a book. E-commerce is often used to
buy goods that are not available locally from businesses all over the world, meaning that
physical goods need to be delivered, which takes time and costs money. In some cases there
are ways around this, for example, with electronic files of the music or books being accessed
across the Internet, but then these are not physical goods.
2. Physical product, supplier & delivery uncertainty: When you walk out of a shop with an
item, it's yours. You have it; you know what it is, where it is and how it looks. In some
respects e-commerce purchases are made on trust. This is because, firstly, not having had
physical access to the product, a purchase is made on an expectation of what that product is
and its condition. Secondly, because supplying businesses can be conducted across the world,
it can be uncertain whether or not they are legitimate businesses and are not just going to take
your money. It's pretty hard to knock on their door to complain or seek legal recourse!
Thirdly, even if the item is sent, it is easy to start wondering whether or not it will ever
arrive.
3. Perishable goods: Forget about ordering a single gelato ice cream from a shop in Rome!
Though specialized or refrigerated transport can be used, goods bought and sold via the
Internet tend to be durable and non-perishable: they need to survive the trip from the supplier
to the purchasing business or consumer. This shifts the bias for perishable and/or non-durable
goods back towards traditional supply chain arrangements, or towards relatively more local
e-commerce-based purchases, sales and distribution. In contrast, durable goods can be traded
from almost anyone to almost anyone else, sparking competition for lower prices. In some
cases this leads to disintermediation in which intermediary people and businesses are
bypassed by consumers and by other businesses that are seeking to purchase more directly
from manufacturers.
4. Limited and selected sensory information: The Internet is an effective conduit for visual
and auditory information: seeing pictures, hearing sounds and reading text. However it does
not allow full scope for our senses: we can see pictures of the flowers, but not smell their
fragrance; we can see pictures of a hammer, but not feel its weight or balance. Further, when
 we pick up and inspect something, we choose what we look at and how we look at it. This is
not the case on the Internet. If we were looking at buying a car on the Internet, we would see
the pictures the seller had chosen for us to see but not the things we might look for if we were
able to see it in person. And, taking into account our other senses, we can't test the car to hear
the sound of the engine as it changes gears or sense the smell and feel of the leather seats.
There are many ways in which the Internet does not convey the richness of experiences of the
world. This lack of sensory information means that people are often much more comfortable
buying via the Internet generic goods - things that they have seen or experienced before and
about which there is little ambiguity, rather than unique or complex things.
5. Returning goods: Returning goods online can be an area of difficulty. The uncertainties
surrounding the initial payment and delivery of goods can be exacerbated in this process.
Will the goods get back to their source? Who pays for the return postage? Will the refund be
paid? Will I be left with nothing? How long will it take? Contrast this with the offline
experience of returning goods to a shop.
6. Privacy, security, payment, identity, and contract: Many issues arise - privacy of
information, security of that information and payment details, whether or not payment details
(eg credit card details) will be misused, identity theft, contract, and, whether we have one or
not, what laws and legal jurisdiction apply.
7. Defined services & the unexpected: E-commerce is an effective means for managing the
transaction of known and established services, that is, things that are every day. It is not
suitable for dealing with the new or unexpected. For example, a transport company used to
dealing with simple packages being asked if it can transport a hippopotamus, or a customer
asking for a book order to be wrapped in blue and white polka dot paper with a bow. Such
requests need human intervention to investigate and resolve.
8. Personal service: Although some human interaction can be facilitated via the web, e-
commerce cannot provide the richness of interaction provided by personal service. For most
businesses, e-commerce methods provide the equivalent of an information-rich counter
attendant rather than a salesperson. This also means that feedback about how people react to
product and service offerings also tends to be more granular or perhaps lost using e-
commerce approaches. If your only feedback is that people are (or are not) buying your
 products or services online, this is inadequate for evaluating how to change or improve your
e-commerce strategies and/or product and service offerings.
9. Size and number of transactions: E-commerce is most often conducted using credit card
facilities for payments, and as a result very small and very large transactions tend not to be
conducted online. The size of transactions is also impacted by the economics of transporting
physical goods. For example, any benefits or conveniences of buying a box of pens online
from a US-based business tend to be eclipsed by the cost of having to pay for them to be
delivered to you in Australia.

Chapter Two
Technology in E-procurement
Learning Objectives
After reading this chapter the reader should be able to:
 Understand the evolution of internet
 Identify the different types Internet protocols
 Assess different markup languages
 Identify the benefits and limitation of HTLM
 Recognized benefits of electronic data interchange
2.1. Origins of the Internet and New Uses for the Internet
The first recorded description of the social interactions that could be enabled through networking
was a series of memos written by J.C.R. Licklider of MIT in August 1962 discussing his
“Galactic Network” concept. He envisioned a globally interconnected set of computers through
which everyone could quickly access data and programs from any site. In spirit, the concept was
very much like the Internet of today.
The Internet has shown extraordinary growth patterns when compared to other electronic
technologies of the past. It took radio 38 years to achieve a 30% share of U.S. households. It took
television 17 years to achieve a 30% share. Since the invention of a graphical user interface for
the World Wide Web in 1993, it took only 10 years for the Internet/Web to achieve a 53% share
of U.S. households.
The Internet today is a widespread information infrastructure, the initial prototype of what is
often called the National (or Global or Galactic) Information Infrastructure. Its history is
complex and involves many aspects - technological, organizational, and community. And its
influence reaches not only to the technical fields of computer communications but throughout
society as we move toward increasing use of online tools to accomplish electronic commerce,
information acquisition, and community operations.
2.2. The Internet, Intranets, Extranets and the World Wide Web
2.2.1. The Internet
Internet is a worldwide network of computer networks built on common standards. We can also
defined internet as "A collection of interconnected networks using the Internet Protocol which
allows them to function as a single, large virtual network." Created in the late 1960s to connect a
small number of mainframe computers and their users, the Internet has since grown into the
world’s largest network, connecting over 500 million computers worldwide. The Internet links
businesses, educational institutions, government agencies, and individuals together, and provides
users with services such as e-mail, document transfer, newsgroups, shopping, research, instant
messaging, music, videos, and news. One of the key advantages of an intranet is the broad
availability and use of software applications unique to the needs of a corporation
The Internet is the most well-known and largest implementation of client/server computing and
internetworking, linking hundreds of thousands of individual networks all over the world, which
in turn service over 600 million individual PCs or host computers. The word Internet derives
from the word internetworking or the linking of separate networks, each of which retains its own
identity, into an interconnected network. In the United States, about 160 million people access
the Internet at home or work. The World Wide Web is the most popular service provided by the
Internet, providing user’s access to over 500 billion Web pages containing text, graphics, audio,
video, and other objects.
Technically, the Internet is a global information system defined by three characteristics:
 A network composed of computers and other devices that are logically linked together by
a unique address space based on the Internet Protocol
 A network where network devices (computers, routers, hubs, and other equipment) are
able to support communications using TCP/IP or other compatible protocols
  A network that provides high-level services layered on a communication and network
infrastructure.
The incredible success of the Internet as the world’s most extensive, public communication
system that rivals the global telephone system in reach and range results from a number of design
factors.
2.2.2. Intranets
Organizations can use Internet networking standards and Web technology to create private
networks called intranets. Intranet is an internal organizational network that provides access to
data across the enterprise. It uses the existing company network infrastructure along with Internet
connectivity standards and software developed for the World Wide Web. Intranets can create
networked applications that can run on many different kinds of computers throughout the
organization, including mobile handheld computers and wireless remote access devices.
Whereas the Web is available to anyone, an intranet is private and is protected from public visits
by firewalls—security systems with specialized software to prevent outsiders from entering
private networks. Intranet software technology is the same as that of the World Wide Web.
Intranets use HTML to program Web pages and to establish dynamic, point-and-click hypertext
links to other pages. The Web browser and Web server software used for intranets are the same
as those on the Web. A simple intranet can be created by linking a client computer with a Web
browser to a computer with Web server software using a TCP/IP network with software to keep
unwanted visitors out.
An intranet is protected by security measures such as passwords, encryption, and firewalls, and
thus can be accessed by authorized users through the Internet. A company’s intranet can also be
accessed through the intranets of customers, suppliers, and other business partners via extranet
links. Just think of an intranet as a private version of the Internet.
2.2.3. Extranets
An extranet is a collaborative network that uses internet technology to link businesses with their
suppliers, customers or other businesses that share common goals. Extranets are usually linked to
business intranets where information is either accessible through a password system or through
links that are established collaboratively.
A firm can create an extranet to allow authorized vendors and customers to have limited access
to its internal intranet. For example, authorized buyers could link to a portion of a company’s
intranet from the public Internet to obtain information about the costs and features of the
company’s products. The company can use firewalls to ensure that access to its internal data is
limited and remains secure; firewalls can also authenticate users, making sure that only
authorized users can access the site.
Both intranets and extranets reduce transaction and agency costs by providing additional
connectivity for coordinating disparate business processes within the firm and for linking
electronically to customers and suppliers. Private industrial networks are based on extranets
because they are so useful for linking organizations with suppliers, customers, or business
partners. Extranets often are employed for collaborating with other companies for supply chain
management, product design and development, and training efforts. Extranets uses TCP/IP
protocol network (like the internet) to link intranet in different location or specific protocols.
Extranet Benefits
• timeliness and accuracy of communications, reducing errors and misunderstandings
• Allows central management of documents allowing single updates
• Uses standard web protocols
• Easy to use, requires little training
• Used to automate transactions, reducing cost and cycle time
• Increased partner interaction, and improved processes.
Table 2.1. Overview: Internet, Intranet, and Extranet
Network type Typical users Types of access Information
Internet Any individual with dial-up Unlimited, public; no General, public and
access or LAN restrictions advertisement
Intranet Authorized employees only Private and restricted Specific, corporate and
proprietary
Extranet Authorized groups from Private and outside shared in authorized
collaborating companies authorized partners collaborating groups
2.2.4. The World Wide Web
The World Wide Web (the Web) is the most popular service that runs on the Internet
infrastructure. The Web is the “killer application” that made the Internet commercially
interesting and extraordinarily popular. It is a system with universally accepted standards for
storing, retrieving, formatting, and displaying information using client/server architecture. Web
pages are formatted using hypertext with embedded links that connect documents to one another
and that also link pages to other objects such as sound, video, or animation files. When you click
a graphic and a video clip plays, you have clicked a hyperlink.
The Web was invented in the period from 1989 to 1991 by Dr. Tim Berners-Lee and his
associates at the European Particle Physics Laboratory, better known as CERN. Information
shared on the Web remained text-based until 1993.
As mentioned the Web was developed in the early 1990s and hence is of much more recent
vintage than the Internet. The Web provides easy access to over 8 billion Web pages created in a
language called HTML (HyperText Markup Language). These HTML pages contain information
—including text, graphics, animations, and other objects—made available for public use. You
can find an exceptionally wide range of information on Web pages, ranging from the entire
catalog of Sears Roebuck, to the entire collection of public records from the Securities and
Exchange Commission, to the card catalog of your local library, to millions of music tracks
(some of them legal), and videos.
The Internet prior to the Web was primarily used for text communications, file transfers, and
remote computing. The Web introduced far more powerful and commercially interesting,
colorful multimedia capabilities of direct relevance to commerce. In essence, the Web added
color, voice, and video to the Internet, creating a communications infrastructure and information
storage system that rivals television, radio, magazines, and even libraries. There is no precise
measurement of the number of Web pages in existence, in part because today’s search engines
index only a portion of the known universe of Web pages, and also because the size of the Web
universe is unknown. Google, the Web’s most popular and perhaps most comprehensive Web
search engine, currently indexes over 8 billion pages. There are also an estimated 600 billion
Web pages in the so-called “deep Web” that are not indexed by ordinary search engines such as
Google. Nevertheless, it would be accurate to say that Web content has grown exponentially
since 1993.
The WWW is an application of Internet
 The World-Wide Web (WWW) is a service, an application of Internet.
 It is based on the Internet infrastructure.
 So the WWW is newer than the Internet.
2.3. Internet Protocols
The Internet protocols are the world’s most popular open-system (nonproprietary) protocol suite
because they can be used to communicate across any set of interconnected networks and are
equally well suited for LAN and WAN communications. The Internet protocols consist of a suite
of communication protocols, of which the two best known are the Transmission Control Protocol
(TCP) and the Internet Protocol (IP). The Internet protocol suite not only includes lower-layer
protocols (such as TCP and IP), but it also specifies common applications such as electronic
mail, terminal emulation, and file transfer.
Internet protocols were first developed in the mid-1970s, when the Defense Advanced Research
Projects Agency (DARPA) became interested in establishing a packet-switched network that
would facilitate communication between dissimilar computer systems at research institutions.
With the goal of heterogeneous connectivity in mind, DARPA funded research by Stanford
University and Bolt, Beranek, and Newman (BBN). The result of this development effort was the
Internet protocol suite, completed in the late 1970s.
TCP/IP later was included with Berkeley Software Distribution (BSD) UNIX and has since
become the foundation on which the Internet and the World Wide Web (WWW) are based.
Documentation of the Internet protocols (including new or revised protocols) and policies are
specified in technical reports called Request for Comments (RFCs), which are published and
then reviewed and analyzed by the Internet community.
Purpose of the Internet Protocol
 The IP protocol defines the basic unit of data transfer (IP datagram)
 IP software performs the routing function
 IP includes a set of rules that embody the idea of unreliable packet delivery:
 How hosts and routers should process packets
 How and when error messages should be generated
 The conditions under which packets can be discarded.
A TCP/IP internet provides three sets of services as shown in the following figure

Figure 2.1. three sets of services of internet

2.4. Web Page Request and Delivery Protocols

A web page (or webpage) is a web document that is suitable for the World Wide Web and the
web browser. A web browser displays a web page on a monitor or mobile device. The web page
is what displays, but the term also refers to a computer file, usually written in HTML or
comparable markup language, whose main distinction is to provide hypertext that will navigate
to other web pages via links.
Web page - A Web page is a simple text file that contains not only text, but also a set of HTML
tags that describe how the text should be formatted when a browser displays it on the screen. The
tags are simple instructions that tell the Web browser how the page should look when it is
displayed. The tags tell the browser to do things like change the font size or color, or arrange
things in columns. The Web browser interprets these tags to decide how to format the text onto
the screen.
Web browser - A Web browser, like Netscape Navigator or Microsoft Internet Explorer, is a
computer program (also known as a software application, or simply an application) that does
two things: A Web browser knows how to go to a Web server on the Internet and request a
page, so that the browser can pull the page through the network and into your machine. A Web
browser knows how to interpret the set of HTML tags within the page in order to display the
page on your screen as the page's creator intended it to be viewed.
HTTP is a simple request delivery system. The standard procedure to get a page in a Web
browser starts with a request from the browser to the Web server for that page. The server
delivers that page in the response and the transaction ends. Many Web pages contain references
to other files. For example, if there is a picture in the page, that image is not embedded in the
HTML creating the page. Instead, the HTML of the Web page contains a reference to another
file that contains the picture. On encountering the reference, the browser has to send another
request to the server for that new file. Each request returns one file. The process of interpreting
an HTML document into a viewable page may require many requests to the server to retrieve all
the files that make up that page.

2.5. Electronic Mail Protocol

The birth of electronic mail (email) occurred in the early 1960s. The mailbox was a file in a
user's home directory that was readable only by that user. Primitive mail applications appended
new text messages to the bottom of the file, making the user had to wade through the constantly
growing file to find any particular message. This system was only capable of sending messages
to users on the same system. The first network transfer of an electronic mail message file took
place in 1971 when a computer engineer named Ray Tomlinson sent a test message between two
machines via ARPANET — the precursor to the Internet.
Email protocols are the languages and rules that email servers and clients use to communicate
with each other and manage incoming and outgoing mail. Electronic mail is the transmission of
messages over communications networks. The messages can be notes entered from the keyboard
or electronic files stored on disk. Companies that are fully computerized make extensive use of
e-mail because it is fast, flexible, and reliable. These protocols are strictly defined and are in use
in a variety of different email clients. In addition, each email protocol has a unique way of
managing email that is sent and received from an email account. Most e-mail systems include a
rudimentary text editor for composing messages, but many allow you to edit your messages
using any editor you want. An email message is created using a mail client program. This
program then sends the message to a server. The server then forwards the message to the
recipient's email server, where the message is then supplied to the recipient's email client. To
enable this process, a variety of standard network protocols allow different machines, often
running different operating systems and using different email programs, to send and receive
email.
The following protocols discussed are the most commonly used in the transfer of email.
A. Mail Transport Protocols
Mail delivery from a client application to the server, and from an originating server to the
destination server, is handled by the Simple Mail Transfer Protocol (SMTP).
i. Simple Mail Transfer Protocol (SMTP)

The primary purpose of SMTP is to transfer email between mail servers. However, it is critical
for email clients as well. To send email, the client sends the message to an outgoing mail server,
which in turn contacts the destination mail server for delivery. For this reason, it is necessary to
specify an SMTP server when configuring an email client. Under Red Hat Enterprise Linux, a
user can configure an SMTP server on the local machine to handle mail delivery. However, it is
also possible to configure remote SMTP servers for outgoing mail. One important point to make
about the SMTP protocol is that it does not require authentication. This allows anyone on the
Internet to send email to anyone else or even to large groups of people. It is this characteristic of
SMTP that makes junk email or spam possible. Modern SMTP servers attempt to minimize this
behavior by allowing only known hosts access to the SMTP server. Those servers that do not
impose such restrictions are called open relay servers.
B. Mail Access Protocols
There are two primary protocols used by email client applications to retrieve email from mail
servers: the Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP).
Unlike SMTP, both of these protocols require connecting clients to authenticate using a
username and password. By default, passwords for both protocols are passed over the network
unencrypted.
i. Post Office Protocol (POP)
The default POP server under Red Hat Enterprise Linux is /usr/sbin/ipop3d and is provided
by the IMAP package. When using a POP server, email messages are downloaded by email
client applications. By default, most POP email clients are automatically configured to delete the
message on the email server after it has been successfully transferred, however this setting
usually can be changed.
POP is fully compatible with important Internet messaging standards, such as Multipurpose
Internet Mail Extensions (MIME), which allow for email attachments.
POP works best for users who have one system on which to read email. It also works well for
users who do not have a persistent connection to the Internet or the network containing the mail
server. Unfortunately for those with slow network connections, POP requires client programs
upon authentication to download the entire content of each message. This can take a long time if
any messages have large attachments.
The most current version of the standard POP protocol is POP3. There are, however a variety of
lesser-used POP protocol variants:
 APOP— POP3 with MDS authentication. An encoded hash of the user's password is sent
from the email client to the server rather than sending an unencrypted password.
 KPOP— POP3 with Kerberos authentication.
RPOP— POP3 with RPOP authentication. This uses a per-user ID, similar to a password, to
authenticate POP requests. However, this ID is not encrypted, so RPOP i For added security, it is
possible to use Secure Socket Layer (SSL) encryption for client authentication and data transfer
sessions. This can be enabled by using the ipop3s service or by using the /users bin/stunnel
program.
Advantages POP3
 simple protocol
 Easier to implement
 Copies all messages when connection is made.
 When not connected, still access and read downloaded mail.
Disadvantages POP3
 If mail in different format, hassle to transfer mail.
 synchronize their local inbox/server
ii. Interactive Mail Access Protocol (IMAP)
The default IMAP server under Red Hat Enterprise Linux is /usr/sbin/imapd and is provided
by the IMAP package. When using an IMAP mail server, email messages remain on the server
where users can read or delete them. IMAP also allows client applications to create, rename, or
delete mail directories on the server to organize and store email. IMAP is particularly useful for
those who access their email using multiple machines. The protocol is also convenient for users
connecting to the mail server via a slow connection, because only the email header information is
downloaded for messages until opened, saving bandwidth. The user also has the ability to delete
messages without viewing or downloading them. For convenience, IMAP client applications are
capable of caching copies of messages locally, so the user can browse previously read messages
when not directly connected to the IMAP server. IMAP, like POP, is fully compatible with
important Internet messaging standards, such as MIME, which allow for email attachments.
Advantages IMAP
- can store message
- Can access/manage multiple mail boxes.
- New/old mail can be accessed from any pc.
- Client independent.
- (switch mail to client PC without affecting user mail
Disadvantages IMAP
- fewer client than POP3
- slower than POP3
- less IMAP Software than POP3
- require more effect

IMAP vs. POP3

IMAP
  Access from any  Used by one client/computer
computer/anywhere.  Organizing mail into client-side
 Store mail on server folder
 Folder can be server and clients.  Send messages one way.
 Send message back and forth  Store mail on client computer
POP3
• Markup Languages and the Web
• Markup Languages

What is a Markup Language?

In 1986 the Standard Generalized Markup Language (SGML) became an international standard
for defining descriptions of the structure and content of different types of electronic documents.
SGML, the "mother tongue" of HTML and XML, is used for describing thousands of different
document types in many fields of human activity, from transcription of ancient Sumerian tablets
to the technical documentation for steel bombers, and from patient's clinical records to musical
notations.
Markup languages are designed for the processing, definition and presentation of text. The
language specifies code for formatting, both the layout and style, within a text file. The code
used to specify the formatting is called tags. A markup language is a computer language that uses
tags to define elements within a document. Most markup languages are human readable because
the annotations are written in a way to distinguish them from the text. There are many different
markup languages. This site focuses on HTML and XML, but there are lots of other markup
languages. And there are three that you should be aware of if you are doing web design or
development: HTML, XML, and XHTML.
Hyper Text Markup Language (HTML)
Hyper Text Markup Language is a language for specifying how text and graphics appear on a
web page. When you visit a web site (e.g., [Link]) your web browser retrieves the
HTML web page and renders it
The HTML page is actually stored on the computer that is hosting the web site and the page is
sent to your browser.
Web pages are accessible through the Internet because Web browser software on your computer
can request Web pages stored on an Internet host server using the Hypertext Transfer Protocol
(HTTP). HTTP is the communications standard used to transfer pages on the Web. For example,
when you type a Web address in your browser such as [Link], your browser sends an
HTTP request to the [Link] server requesting the home page of [Link].
HTTP is the first set of letters at the start of every Web address, followed by the domain name,
which specifies the organization’s server computer that is storing the document. Most companies
have a domain name that is the same as or closely related to their official corporate name. The
directory path and document name are two more pieces of information within the Web address
that help the browser track down the requested page. Together, the address is called a Uniform
Resource Locator (URL). When typed into a browser, a URL tells the browser software exactly
where to look for the information. http names the protocol used to display Web pages,
[Link] is the domain name, content/features is the directory path that identifies
where on the domain Web server the page is stored, and [Link] is a document name and
the format of the document (it is an HTML page).
2.5.1. Extensible Markup Language (XML)
Extensible Markup Language is not a Web page format description language like HTML.
Instead, XML describes the contents of Web pages (including business documents designed for
use on the Web) by applying identifying tags or contextual labels to the data in Web documents.
For example, a travel agency Web page with airline names and flight times would use hidden
XML tags like “airline name” and “flight time” to categorize each of the airline flight times on
that page. Or product inventory data available at a Web site could be labeled with tags like
“brand,” “price,” and “size.” By classifying data in this way, XML makes Web site information
much more searchable, easier to sort, and easier to analyze.
HTML was designed as a markup language with simple structures, strong emphasis on
formatting and weak for encoding content. It was not designed to encode structure and semantics
needed for complex applications. Because of the lack of SGML support in mainstream Web
browsers, most applications that deliver SGML information over the Web convert the SGML to
HTML. This down-translation removes much of the intelligence of the original SGML
information. That lost intelligence virtually eliminates the flexibility of information and poses a
significant barrier upon reuse, interchange and automation.
For this reason, XML (Extensible Markup Language) was developed by the XML working group
(known as the SGML Editorial Review Board) formed under the auspices of the W3C in 1996
(W3C is the World Wide Web Consortium. The W3C is dedicated (in part) to encouraging the
development of open Web standards, such as the HTML and XML document markup languages,
to promote interoperability and assist the Web in achieving its potential.) XML is a highly
functional subset of SGML. The purpose of XML is to specify an SGML subset that works very
well for delivering SGML information over the Web. When the mainstream Web browsers
support XML, it is believed that it’s going to be very easy to publish SGML information on the
Web. It is actually misnamed because XML is not a single Markup Language. It is a meta
language that allows users to design their own markup language.
XML is a language for documents identifying structured data in a quite simple way. Structured
data includes both content (e.g., words, pictures) and some action indication (markup; tags). For
instance, content in a section heading has a different meaning from content in a footnote, which
means something different than content in a figure caption or content in a database table. XML
documents are text based. Therefore, after creating your document, you can share it with
everybody regardless of the computer or operating system s/he uses.
How does XML differ from SGML?
SGML has been the standard, vendor-independent way to maintain repositories of structured
documentation for more than a decade. It is a complex meta-language (a language designed for
talking about other languages) used to exchange documents.
However, it is not well suited to serving documents over the web (for a number of technical
reasons). Because XML comes from SGML, any fully conformant SGML system reads XML
documents. However, using and understanding XML documents does not require a system that is
capable of understanding the full generality of SGML. XML has 10% of the complexity and 90%
of the power of SGML.
How does XML differ from HTML?
XML documents use the same syntax as HTML pages (e.g., tags, attributes). Although XML and
HTML are similar in lineage and construction, they are two very different markup languages.
Importantly, XML can solve problems that HTML has.
HTML Limitations:
 HTML doesn't include the mechanisms for maintaining fine control. A web designer can't
specify the display size of a document or control the size of a browser window. Although
 HTML 4.0 includes <font> tags to help a web designer manipulate font style, size, and color,
users can override these settings with their own.
 HTML consists of a closed and predefined tag set. That is, both the tag semantics and the
tag set are fixed. For example, <h1> is always a first level heading and the tag <author>
is meaningless.
 HTML cannot display data in multiple formats. Therefore, a web designer should try
every available browser (e.g., Netscape, Internet Explorer, Mosaic, Hot Java, Mozilla and
Opera) and on every platform (e.g. web TV, PDA (personal data assistant like Palm
Pilot), PC, Mac, etc). It is impossible to know exactly which browser and platform are
being used to view web pages.
What is XML?

• XML stands for Extensible Markup Language;

• XML is a markup language;
• XML was designed to describe data;
• XML tags are not predefined. You must define your own tags;
• XML uses a Document Type Definition (DTD) or an XML Schema to define its syntax; and
• XML with a DTD or XML Schema is designed to be self-descriptive.
Benefits of XML
Using XML to exchange information offers many benefits, including the following:
 Its robust, logically-verifiable format is based on international standards;
 The hierarchical structure is suitable for most (but not all) types of documents;
 It is manifested as plain text files, unencumbered by licenses or restrictions;
 Uses human, not computer, language. XML is readable (and understandable, even by
novices) and no more difficult to code than HTML;
 Completely compatible with Java and 100% portable. Any application that can process
XML (on any platform) can use your information;
 Extendable. Create your own tags (or use tags created by others) that use the native
language of your domain, have the attributes you need, and make sense to you and your
users.
2.5.2. HTML and XML Editors
A. HTML Editors
The HTML Editor is integrated with all tools in the learning environment where HTML content
is created. This includes editing discussions topics, creating custom instructions for drop box
folders and creating content topics.
The HTML Editor features two tabs:
Basic; the basic tab displays the most basic controls for common word processing tasks,
including controls to insert images, tables and quick links.
Advanced; the advanced tab displays all available controls including controls to insert course
objects such as Flash animation files and videos. The purpose of the Html Editor is to provide a
control that allows for Html editing satisfying the requirements of input for rich text layouts and
simple portal type information. The control should emulate the operations that are available
within a Rich Text control, but have information persisted and restored from an Html BODY
element. Examples of the former are case where the Rich Text control would normally be
utilized; documentation, complex descriptions where text formatting is required,
correspondences, bulletins, etc. Examples of the latter case are such items as dashboards; news
clips, announcements, company references, etc. These are defined by cases where complex
layouts are required that may include images and links.
B. XML Editors
An XML editor is a markup language editor with added functionality to facilitate the editing of
XML. This can be done using a plain text editor, with all the code visible, but XML editors have
added facilities like tag completion and menus and buttons for tasks that are common in XML
editing, based on data supplied with document type definition (DTD) or the XML tree. There are
also graphical XNL editors that hide the code in the background and present the content to the
user in a more user-friendly format, approximating the rendered version or editing forms. This is
helpful for situations where people who are not fluent in XML code need to enter information in
XML based documents such as time sheets and expenditure reports. And even if the user is
familiar with XML, use of such editors, which take care of syntax details, is often faster and
more convenient.

2.6. Electronic Data Interchange

The broadest definition of electronic data interchange (EDI) is the exchange of information
between two difference computer systems. During the 1980s, the introduction of information
technology (IT) into companies has enabled significant change within business (e.g., change in
working practices, change in organizational structure, change to business strategies), thus
bringing improved efficiency, management control, and customer service and with them, a
bottom line of greatest importance, perhaps, in the 21st century.
Technologies such the PC, local area networks (LANs), and more widely based corporate
networks have been adopted, and within an organization, this has enabled the application (e.g., a
material requirements planning system) to be brought closer to the end user and has facilitated
the sharing of information among applications across common databases. This implementation of
technology has brought with it real business benefits to the organization.
There is, however, a further dimension to the implementation of IT, and this is the electronic
exchange of information between the applications of different organizations: electronic data
interchange. The business requirement for EDI is clear: Whatever the business, organizations
must be able to trade in order to survive. To achieve this, documents such as orders, delivery
instructions, and invoices must be interchanged and processed. Furthermore, because market
conditions can change rapidly, these communications must be fast and accurate, with
administrative processes minimized to ensure that, at all times, market opportunities are
exploited and profits are maximized. In other words, the organization needs to communicate
effectively with all of its trading partners, whatever their function in the supply chain, whatever
their size, and wherever they are. EDI services allow the exchange of trading data, such as orders
and invoices, directly from one computer system to another, regardless of its make, size, or
location and without the need for manual intervention. As such, the consequential benefits to be
obtained from the use of EDI are very significant.
In the ordering process alone, the speed of moving information means that the supply chain can
work together to ensure the right stock is in the right place, to ensure that the order is delivered
on time, to ensure that the market opportunity has been captured, and to minimize working
capital in the process. In short, EDI gives competitive advantage in competitive markets.
The winners of the 21st century will be those organizations that not only implement but also
exploit IT and particularly EDI more creatively, more efficiently, and more successfully than
their competitors. They will be companies that form much closer working relationships with their
trading partners, customers and suppliers, and EDI will be a key enabler in this process.
The Fundamentals of EDI
There are many different ways in which two businesses can communicate with one another: face
to face meetings; paper transactions; telephone conversations; the telex or the fax; and, more
recently, electronic mail. In each of these cases, an “operator” is required within each
organization for the communication to be completed — in essence, they are all forms of person-
to-person communications. In addition to personal communications, IT has allowed
organizations to offer trading partners access to their computer systems (including airline
reservation systems and insurance quotation systems) by a variety of communication methods.
Whilst one “operator” becomes the computer system, it is still, in essence, interrogated by a
person at the other end; hence, we have person-to computer communications. EDI takes this one
step further: a dialogue between two computer applications without the need for any personal
intervention. EDI transactions are designed to be generated by a computer application, not a
person. Likewise, an EDI transaction coming into a company is not designed to be printed and
read but rather to be entered directly into a computer application.
Benefits of EDI
Most firms with EDI systems fall somewhere between partially integrated EDI systems and fully
integrated EDI systems. Firms engaged in the process of just-in-time (JIT) raw materials
inventory systems typically use fully integrated EDI systems to ensure that the supplies
necessary for the production process arrive too early, the production plants have costs associated
with maintaining the inventory; if the goods arrive too late, the production stops which costs the
purchasing organization money.
The most widely recognized benefits of EDI are:
 Reduced lead time from placing the order to receiving the goods for manufacturing and
retail firms and reduced lead time in processing claims for insurance and medical
professions and other service organizations.
 reduced errors in producing manual documents and data entry,
 reduced processing costs,
 Increased inventory supply and claim processing information for customers.
  Cost and time savings, Speed, Accuracy, Security, System Integration, Just-In-Time
Support.
 Reduced paper-based systems, i.e. record maintenance, space, paper, postage costs
 Improved problem resolution and customer service and
 Expanded customer/supplier base or suppliers with no EDI program lose busine
Chapter -3
Business Model for E-Commerce
Learning objectives
After completing this chapter students will able:
 To understand various elements of e-commerce business models.
 To identify the types of e-commerce business models.
 To distinguish the nature and characteristics of e-commerce business models types.
3.1. Overview of E-Commerce Business Model
A business model is the methods of doing business by which a company can sustain itself, that
is, generate revenue. The business model spells out how a company makes money by specifying
where it is positioned in the value chain.
Some models are quite simple. A company produces goods or services and sells it to customers.
If all goes well, the revenues from sales exceed the cost of operation and the company realizes
profit. Other model can be more intricately woven. Radio and television broadcasting is a good
example. With all the talk about "free" business models on the web, it is easy to forget that in
radio, and later in television, programming have been aired free to anyone with a receiver (here,
the radio or the television) for much of the past century. The broadcaster is part of a complex
network of distributors, content creators, advertisers, and listeners or viewers. Who makes
money and how much is not always clear at the outset. The bottom line depends on many
competing factors.
The literature about Internet e-commerce has offered various definitions, some of which are
listed as follows:
 An architecture for the product, service and information flows, including a description of
the various business participants and their roles.
 A description of the potential benefits for the various business participants.
 A description of the sources of revenues.
However, a business model does not discuss how it will realize the business mission of the
company. The marketing strategy of the company is needed to assess the commercial viability of
a business model and to answer questions like: how is competitive advantage being built? What
is the positioning? What is the marketing mix? Which product-market strategy is followed? And
so forth.
For our understanding, e-commerce can be defined as any form of business transaction in which
the parties interact electronically. Transaction in an electronic market represents a number of
interactions between parties. For instance, it could involve several trading steps, such as
marketing, ordering, payment, and support for delivery. An electronic market allows
participating sellers and buyers to exchange goods and services with the support of information
A company's business model is the way in which it conducts business in order to generate
revenue. In the new economy, companies are creating new business models and reinventing old
models. Reading the literature, we find business models categorized in different ways. As such,
there is no single, comprehensive and cogent taxonomy of web business models one can point
to. Although there are many different ways to categorize e-business models, they can be broadly
categorized as
A. E-business model based on the relationship of transaction parties
B. E-business model based on the relationship of transaction types
We can see that many of the entities of these models being assembled together to be called as e-
commerce.
A business model can be defined as architecture for product, service, and information flow,
including a description of business players, their roles, and revenue sources. For example, some
of the most popular revenue-generating models adopted by companies are: (i) charge fees for
advertising, (ii) sell goods and services, (iii) sell digital contents, and (iv) charge for processing
the transactions that occur between two parties on the web. E-commerce models can be
perceived in the form of relationship between two entities such as: Direct marketing versus
indirect marketing, fully cyber marketing versus partial cyber marketing and Electronic
distributor versus' electronic broker
E-commerce business model – aims to use and leverage the unique qualities of Internet and Web.
Key Elements of a Business Model
A successful business model effectively addresses eight key elements:
 A. Value proposition: It answers the question “why should customer buy products and
services from a given firm? In other words, how a company's product or service fulfills
the needs of customers is typically addressed by value proposition. Typical e-
commerce value propositions include personalization, customization, convenience, and
reduction of product search and price delivery costs.

B. Revenue model
Refers to how the company plans to make money from its operations. Revenue model describes
how the firm will earn revenue, generate profits, and produce a superior return on invested
capital. Terms financial model and revenue model often used interchangeably. Major e-
commerce revenue models include the advertising model, subscription model, transaction fee
model, sales model, and affiliate referral model.
i) Advertising revenue model (ARM)
Web site that offers content, services and/or products also provides a forum for advertisements
and receives fees from advertisers. Example: [Link]
ii) Subscription fee revenue model (SFRM)
Web site that offers users content or services charges a subscription fee for access to some or
all of its offerings. Example: Consumer Reports Online
iii) Transaction fee revenue model (TFRM)
Company that receives a fee for enabling or executing a [Link]:[Link] and
[Link].

iii) Sales revenue model (SRM)

Company derives revenue by selling goods, information, or services to customers.

iv) Affiliate referral revenue model (ARRM)

Sites that steer business to an “affiliate” receive a referral fee or percentage of the revenue
from any resulting [Link]:[Link]

C. Market Opportunity-
Refers to, a company’s intended market space and the overall potential financial
opportunities available to the firm in that market space. Market space: the area of actual or
potential commercial value in which a company intends to operate is what a market
 opportunity means. Realistic market opportunity is defined by revenue potential in each of
market niches in which company hopes to compete.
D. Competitive Environment
The direct and indirect competitors doing business in the same market space, including how
many there are and how profitable they are, i.e. it refers to the other companies selling
similar products and operating in the same market space. Competitive environment is
influenced by:
 How many competitors are active?
 How large their operations are.
 What is the market share for each competitor?
 how profitable these firms are
 How they price their products.
 Includes both direct competitors and indirect competitors
E. Competitive Advantage
Achieved when, a firm can produce a superior product and/or bring product to market at a lower
price than most or all of competitors. Firms achieve competitive advantage when they are able to
obtain differential access to the factors of production that are denied to competitors.

Types of competitive advantage include:

 First mover advantage—results from a firm being first into a marketplace. What does
this firm has competitive advantage over its successors?
 Unfair competitive advantage—occurs when one firm develops an advantage based on
a factor that other firms cannot purchase.
 Second mover advantage –results form a firm being second into a market place. What
does this firm has competitive advantage over its predecessors?
F. Market Strategy
A plan that details how a company intends to, enter a new market and attract customers. Best
business concepts will fail if not properly marketed to potential customers. It also connotes to all
marketing mix strategies: product, price, place and promotion.
G. Organizational Development
The process of defining all the, functions within a business and the skills necessary to perform
each job, as well as the process of recruiting and hiring strong employees. Describes how the
company will organize the work that needs to be accomplished. Work is typically divided into
functional departments and respective employees are assigned accordingly. Move from
generalists to specialists as the company grows.
H. Management Team
The group of individuals retained to guide the company's growth and expansion. Employees of
the company responsible for making the business model work. Strong management team gives
instant credibility to outside investors. A strong management team may not be able to salvage a
weak business model, but should be able to change the model and redefine the business as it
becomes necessary.
3.2. Types of E-Commerce business Models
There are a variety of different types of e-commerce, having many different ways to characterize.
E-commerce consists of six major types of Business models recently practiced. These are
business to business (B2B), business to consumer (B2C), consumer to business (C2B), consumer
to consumer (C2C), and business to government (B2G). For the most part, these distinguished
by the nature of the market relationship—who is selling to whom. The exceptions are P2P and
m-commerce, which are technology-based distinctions.
3.2.1. Business-to-business (B2B) models for E-Commerce
Business-to-business (B2B) applies to businesses buying from and selling to each other over the
Internet. Online access to data, including expected shipping date, delivery date, and shipping
status, provided either by the seller or a third-party provider is widely supported by B2B models.
Electronic marketplaces represent a new wave in B2B e-business models. Electronic
marketplaces, or e-marketplaces , are interactive business communities providing a central
market where multiple buyers and sellers can engage in e-business activities.

Figure. 3.1. Business to Business e-commerce

As Figure 3.1 shows that structures for conducting commercial exchange, consolidating supply
chains, and creating new sales channels. Their primary goal is to increase market efficiency by
tightening and automating the relationship between buyers and sellers.
A B2B can be applied in net market places and private industrial network.
B2B e-commerce business models incorporate e-distributors, e-procurement, hubs and industry
consortia.
E-Distributors -Single –firm online versions of retail and wholesale stores; supply maintenance,
repair operation goods; indirect inputs. E.g may include Find [Link] and [Link]. They
use SRM.
E-Procurement-Create and sell access to digital electronic markets.B2B service provider is one
type – offer purchasing firms sophisticated set of sourcing and supply chain management tools.
Single firms creating digital markets where thousands of sellers and buyers transact for indirect
inputs E.g. may include Commerce [Link] and [Link]. They generate their revenue by
charging fees for market-making service; supply chain management and fulfillment services.
Exchanges \Hubs-what do you think hubs actually do? Differentiate vertical hubs from
horizontal ones.
Industry consortia -Are industry-owned vertical digital markets open to select suppliers?
The b2b Private Industrial Networks consists of Single-firm networks and industry-wide
networks. They generate their revenue by charging fees and commission on transactions.
Single-firm networks -Company –owned networks to coordinate supply chains with limited set
of partners .Her cost absorbed by network owner and recovered through production and
distribution efficiencies .Here contributions from industry member firms and recovered through
production and distribution efficiencies ;fees for transaction and services .E.g. may include Wal-
Mart and Ford Motor Co.
Industry-wide networks -Industry –owned networks to set standards, coordinate supply and
logistics for the industry .[Link] is such example.
3.2.2. Business-to-Consumer (B2C) E-commerce Models
The most commonly type of e-commerce is Business-to-Consumer (B2C) e-commerce, in Even
though B2C is comparatively small ($140–$170 billion in 2005), it has grown exponentially
since 1995, and is the type of e-commerce that most consumers are likely to encounter. Within
the B2C category, there are many different types of business models. B2C business models
consists seven elements: portals, online retailers, content providers, transaction brokers, market
creators, service providers, and community providers . Common B2C e-business models include
e-shops and e-malls.
E-Shop - An e-shop, sometimes referred to as an e-store or e-tailor, is a version of a
retail store where customers can shop at any hour of the day without leaving their home or office.
These online stores sell and support a variety of products and services. The online businesses
channeling their goods and services via the Inter-net only, such as [Link], are called pure
plays. The others are an extension of traditional retail outlets that sell online as well as through a
traditional physical store. They are generally known as “bricks and clicks” or “click and mortar”
organizations.
E-Mall - An e-mall consists of a number of e-shops; it serves as a gateway through which a
visitor can access other e-shops. An e-mall may be generalized or specialized depending on the
products offered by the e-shops it hosts. Revenues for e-mall operators include membership fees
from participating e-shops, advertising, and possibly a fee on each transaction if the e-mall
operator also processes payments. E-shops in e-malls benefit from brand reinforcement and
increased traffic as visiting one shop on the e-mall often leads to browsing “neighboring” shops.
which online businesses attempt to reach individual consumers.
3.2.3. Consumer-to-Business (C2B)
Consumer-to-business (C2B) applies to any consumer that sells a product or service to a business
over the Internet. One example of this e-business model is [Link] where bidders (or
customers) set their prices for items such as airline tickets or hotel rooms, and a seller decides
whether to supply them. The demand for C2B e-business will increase over the next few years
due to customer’s desire for greater convenience and lower prices.
3.2.4. C2C (Consumer-to-Consumer)
C2C means that online visitors increasingly create product information, not just consume it.
They join Internet interest groups to share information, so that "word of web" is joining
"word of mouth" as an important buying influence. Words about good companies travel
fast; and words about bad companies travel even faster. EBay is a person-to-person online
trading community with more than 23 million registered users. The company's Web site
hosts more than two million auctions each month for items in more than 1,000 categories,
from jewelry to stamps, and from antiques to electronics. E-Bay also maintains auction sites
in several foreign countries, including Japan, the United Kingdom; and Germany.
Consumer-to-Consumer (C2C) e-commerce provides a way for consumers to sell to each other,
with the help of an online market maker such as the auction site eBay.
There is considerable consumer-to-consumer communication on the Web on a whole range
of subjects. AOL boasts some 14,000 chat rooms covering such topics as health, eating,
caring for your Bonsai tree, and exchanging views about the latest soap opera happenings.
AOL recently introduced "buddy lists," which alert members when friends are online,
allowing them to exchange instant messages. [Link] is an online community of
more than 200,000 parents who spend time online gathering information, chatting with other
parents, and linking to related sites. On [Link], farmers can find commodity
prices, recent farm news, and chat rooms of all types. The site is attracting as many as five
million hits per month. The Web hosts many bulletin boards where people can post
messages. The most prominent C2C channel is e-mail, which functions as a digital post
office.
Given that in 2005, eBay generated more than $44 billion in gross merchandise volume around
the world, it is probably safe to estimate that the size of the global C2C market in 2006 will be
over $50 billion (eBay, 2006). In C2C e-commerce, the consumer prepares the product for
market, places the product for auction or sale, and relies on the market maker to provide catalog,
search engine, and transaction-clearing capabilities so that products can be easily displayed,
discovered, and paid for.

3.2.5. Business to Government (B2G)

As a term, e-business is normally used to refer to the ICT-enablement of activity systems within
private sector organizations. But the redesign of activity systems is also of importance to the
public sector, particularly within government and its agencies. Government typically fulfills
three major functions: enabling and supporting democracy, developing and implementing policy,
delivering services. To date, electronic government (e-Government) in most countries around the
World has traditionally focused on the last of these functions, perhaps because of the ease with
which a model of service delivery has been adapted from the commercial sector.

We may view government in systems terms as the major control process in a political system;
this provides meaning to the concept of governance. In the modern Western world it has been
argued that governance is now undertaken by a network of stakeholders not all of whom are
traditional political organizations or even public sector organizations. In this view, the
disaggregation of the government value network which this implies demands an increasingly
sophisticated technology infrastructure to support communication and coordination between
diverse networks of actors. It is possible to identify at least five major forms of E-government in
terms of the value network idea. These forms are located around the major value-chains within
the network and hence typically involve different stakeholders. Internal e-Government refers to
the enablement of internal processes within the government body itself with ICT. The major
stakeholder involved is the employee of the government body and the value-chain supported is
the internal value-chain. In this area the significant innovation is the integration of back-voice
systems and processes within government. G2C (government to citizen) E-Government is a form
of external E-Government since it is particularly involved in supporting the customer chain of
the government body. Since the major stakeholder involved is the citizen, many of the so-called
customer chain issues in e-Business travel over into G2C e-Government. However, many distinct
issues arise located in the public sector nature of service provision such as diffuse, sometimes
conflicting, goals characteristic of government bodies and the difficulties inherent in the
customer/citizen distinction. The key promise of e-Government in this area is particularly seen as
the process of disintermediation, providing direct contact between citizen and government. For
instance, much of the effort made by the Inland Revenue (now Inland Revenue and Customs)
over the last decade, has been devoted to re-engineering key aspects of its customer chain by
providing G2C services via its website.

G2B (government to business) e-Government concerns electronic enablement of the relation-

ships between government bodies and the private sector. One of the major forms of such
relationships involves management of the supply chain. Hence, many of such supply chain issues
are held to be similar in nature to e-Business issues in this area. However, many features of the
context of public sector procurement shape the relevance of technological solutions in this area.
For example, a number of G2B portals have been built around Europe in an attempt not only to
improve the efficiency of government procurement but also to enable the private sector greater
access to public sector contracts. Much of e-Government success is based on delivering what has
been referred to as joined-up government. This is the key issue for G2G e-Government, the use
of e-Government to support intra-government cooperation and collaboration.
 Chapter Four
Concepts of E-Procurement

Learning Objective

After successfully completing this chapter, students should be able to:

 Define of Electronic procurement

 Mention the Objectives of e-Procurement
 Elements of E-procurement
 Analyze the Public E-procurement

 Describe E-procurement Systems

 Identify the benefits and risks of e-procurement
4.1. Introduction
Procurement has not traditionally been a significant topic for management study in comparison
with other areas such as marketing, operations or strategy. The concept of e-business has,
however, highlighted its importance as a strategic issue since introducing electronic procurement
or e-procurement can achieve significant savings and other benefits which directly impact upon
the customer.
The potential importance of online procurement is highlighted by Christa Degnan, a senior
analyst at the Aberdeen Group, who explains that purchased goods and services are often the
largest expenditure at many companies:
We estimate that for every dollar a company earns in revenue, 50 cents to 55 cents is spent on
indirect goods and services – things like office supplies and computer equipment. That half
dollar represents an opportunity: By driving costs out of the purchasing process, companies can
increase profits without having to sell more goods. (Hildebrand, 2002)
Issues involved with electronic trading between a supplier and its customers. In this chapter, we
consider the same transaction, but from the alternative perspective of the purchaser of goods. It
will be seen that there are a wide range of methods of implementing electronic trading with
suppliers which will be assessed by purchasing, information systems and marketing managers.
Meanwhile, company directors will need to assess the strategic benefits and risks of e-
procurement.
In this chapter we consider the benefits and risks of e-procurement together with techniques that
can be used to assess these benefits and risks. We also consider the selection of the different
types of e-procurement.
4.2. What is e- procurement?
The terms ‘purchasing’ and ‘procurement’ are sometimes used interchangeably, but as Kalakota
and Robinson (2000) point out, ‘procurement’ generally has a broader meaning. ‘Procurement’
refers to all activities involved with obtaining items from a supplier; this includes purchasing, but
also inbound logistics such as transportation, goods-in and warehousing before the item is used.
Definition of Electronic procurement (e-procurement)
The electronic integration and management of all procurement activities including purchase
request, authorization, ordering, delivery and payment between a purchaser and a supplier.
E-procurement should be directed at improving performance for each of the ‘five rights of
purchasing’ (Baily et al., 1994), which are sourcing items:
 At the right price
 Delivered at the right time
 Of the right quality
 Of the right quantity
 From the right source.
E-procurement is not new; there have been many attempts to automate the process of
procurement for the buyer using electronic procurement systems (EPS), workflow systems and
links with suppliers through EDI these involved online entry, authorization and placing of orders
using a combination of data entry forms, scanned documents and E-mail based workflow. It is
convenient to refer to these as ‘first-generation e-procurement’.
The key procurement activities and associated information flows within an organization are
shown in Figure 4.1
Figure 4.1. Key procurement activities within an organization

The Chartered Institute of Supply and Purchasing (2008) (CIPS, [Link]) defines e-
procurement.
The combined use of information and communications technology through electronic means to
enhance external and internal purchasing and supply management processes. These tools and
solutions deliver a range of options that will facilitate improved purchasing and supply
management.

4.3. E-procurement Overview

E-procurement is the term used to describe the use of electronic methods, typically over the
Internet to conduct transactions between awarding authorities and suppliers. It’s a collaborative
procurement of goods, works and services using electronic methods in every stage for bringing
in efficiency and transparency. The process of e-procurement covers every stage of purchasing,
from the initial identification of a requirement, through the tendering process, to the payment and
potentially the contract management.
E-procurement, also known as electronic purchasing or supplier exchange, is the business-to-
business, business-to-consumer or business-to-government purchase and sale of products and
services through the Internet and other information and networking systems. On the consumer
level, this type of e-commerce includes such sites as Amazon and EBay: customers purchase
physical or digital items through a website, which are then shipped or delivered appropriately. E-
procurement systems can improve a company's transactions and decision-making, manage assets,
and optimize production operations.
Typically, e-procurement websites allow qualified and registered users to look for buyers or
sellers of goods and services. Depending on the approach, buyers or sellers may specify costs or
invite bids. Transactions can be initiated and completed. Ongoing purchases may qualify
customers for volume discounts or special offers. E-procurement software may make it possible
to automate some buying and selling.
E-procurement developed a well-deserved bad reputation a few years ago when the [Link]
bubble burst. The combination of zealous solution providers and eager-to-automate end users
produced a backlash response to all the hype about e-procurement’s value, value that was largely
unfulfilled during the first “wave” of e-procurement deployment. For a time, this backlash
obscured a very important fact: Properly deployed, e-procurement can deliver tremendous value
to enterprises, and in various ways. But proper deployment requires up-front detailed planning
and a lot of time and effort, not only by procurement groups but by executive management, other
internal stakeholders, suppliers, and solution providers.
Today, the backlash against e-procurement is gone. Leading enterprises have learned a lot of
lessons from their early e-procurement deployments, and best-in-class performers have
intelligently expanded their e-procurement implementations and are gaining benefits that create a
competitive edge in the marketplace.
Why E-Procurement?
 Efficiency (fast and effective communication);
 More competition (cross-border competition!);
 More transparency, more fairness (everything happens on-line);
 Harmonized processes and docs;
 Savings on process costs and time; and
 Value for money
Objectives of e-Procurement
• To act as the catalyst for procurement reform;
• To enhance transparency, monitoring and control in procurement process;
• To bring in economies of scale through aggregation of demand;
• To reduce cost of doing business for both government and suppliers
• To establish level playing field and “fair” competitive platform for the; suppliers
What’s Behind the Resurgence?
Several major forces have combined to place e-procurement back on the front-burner of
enterprises’ supply management strategies:
 Continued and growing cost pressures. Outsourcing, consumerization of markets,
globalization— these forces have combined to exert continuous price pressures on
product manufacturers. E-procurement is a proven way to reduce costs, often
dramatically.
 Compliance issues. E-procurement drives compliance with negotiated contracts,
reducing or preventing the “leakage” of negotiated pricing. And better spend visibility is
allowing enterprises to more easily comply with new legislation, such as the Sarbanes-
Oxley Act.
 Advances in supplier enablement. Supplier enablement has been a major stumbling
block for e-procurement success. End users have made great progress in their approaches
to supplier enablement, essentially pushing enablement and content management to third
parties.
 Increased functionality from e-procurement solution providers. E-procurement
functionality and usability have advanced; most solutions now include core
requisitioning, approval routing and workflow, and basic integration and reporting
capabilities. Solutions providers also have extended their process footprint and category-
specific functions. Implementation and maintenance also have improved.
 Supplier networks and catalog hubs have expanded, reducing the burdens of supplier
enablement.
 New pricing models. Specifically, the emergence of the “on-demand” model has made e-
procurement much more affordable for mid-market and small enterprises.
All of these advances have helped move e-procurement along the maturity curve, making it
easier and less expensive for enterprises to implement e-procurement technologies and gain the
many potential benefits. Enterprises that have not deployed e-procurement, especially mid-
market and small firms, now have the opportunity to take advantage of e-procurement
technology without suffering much of the pain of the e-procurement “pioneers” who had to learn
from past mistakes and, in some cases, wasted investment.
Enterprises that employ best practices generally have years of experience with e-procurement
and have learned from past mistakes. These enterprises also have worked closely with e-
procurement solutions providers, sometimes for many years, to refine solution functionality and
system usability. The experiences of these best practices stand as examples for enterprises that
want to implement e-procurement or expand existing systems. Successful e-procurement
implementation hinges on a combination of both internal and external factors. Past experiences
of enterprises that have implemented e-procurement systems – including unsuccessful
implementations – present opportunities for other enterprises to learn from successes and
mistakes. Any enterprise that is considering an initial e-procurement system deployment or
expansion of a system that’s already in place can avoid costs and speed success by studying
examples of other implementations.
4.4. E-procurement Tools
There are several tools and application which fall under e-procurement some of them are as
follows:
In electronic data interchange system, procurement messages are exchange between computers
of two separate organizations. Message is exchange in batch and can be easily transmitted and
stored. EDI is mostly used for order transmission, order confirmation, logistic information and
order invoicing. Enterprise resource planning system have separate module to handle the
procurement function.
Internet based tools and resources help in the process of procurement. Some of the common
applications are email, internet based EDI, XML based data exchange via the internet etc.
Internet provides tools for e-sourcing, e-tendering, e-auctioning, e-ordering and e-catalogue.
 E-sourcing tool is used to identify potential suppliers during the selection phase.
 E-tendering tool is used to send out tenders with procurement requirements, supply
schedule, contracting terms, etc.
 E-auctioning tools bring together potential supplier identified during selection phase
under one umbrella to undertake auctioning process.
 E-auctioning tools operate under two separate mechanism, upward price mechanism for
selling organization and downward price mechanism for the buying organization.
  E-ordering tool is used procurement of office supplies and services; it is accessible by all
employees within the organization and is mainly used for ad-hoc purchases. A web-based
ERP tool is used for product-related purchases, is exclusively used by the procurement
department, and falls under a planned process.

A traditional procurement process starts with phase requirement definition, sourcing, solicitation,
evaluation, contracting and contract management. In the internet based this steps are replaced by
e-sourcing, e-tendering, e-reverse auction, e-ordering and web based ERP.
4.5. Types of E- procurement
To understand the benefits of e-procurement, and also to highlight some of the practical
considerations with introducing e-procurement, we need to briefly consider the different types of
items that are obtained by procurement (what is bought?) and types of ordering (how is it
bought?). Let us start us by reviewing what is bought by businesses. A B2B company might buy
everything from steel for manufacturing products, through equipment to help machine products,
to paper clips and pens for office use. There are two broad categories of procurement: those that
relate to manufacturing of products (production-related procurement) and operating or
nonproduction-related procurement that supports the operations of the whole business and
includes office supplies, furniture, information systems, MRO goods and a range of services
from catering, buying travel, and professional services such as consulting and training. Raw
materials for the production of goods and MRO goods are particularly important since they are
critical to the operation of a business. For the B2B Company, they would include manufacturing
equipment, network cables and computers to control the process. Moving to how items are
bought, businesses tend to buy by one of two methods:
 Systematic sourcing – negotiated contracts with regular suppliers, typically in long-term
relationships.
 Spot sourcing – fulfillment of an immediate need, typically of a commoditized item for
which it is less important to know the credibility of the supplier.
A further characteristic of corporate procurement is that often items such as stationery are
purchased repeatedly, either for identical items (straight re-buy) or with some changes (modified
re-buy). E-procurement systems can assist in purchase if they make re-buys more
straightforward.
Elements of E-procurement
E-procurement consists of the following general types:
 Creating and approving purchasing requisitions and placing purchase orders and
receiving goods and services by using a software system based on Internet technology
 Electronic maintenance, repair and overhaul (e-MRO). Similar to Web-based ERP,
but goods and services ordered are non-product-related MRO supplies
 E-sourcing. Identifying new suppliers for a specific category of purchasing requirements
using Internet technology
 E-tendering. Sending requests for information and prices to suppliers and receiving the
responses of suppliers using Internet technology
 E-reverse auctioning. Using Internet technology to buy goods and services from a
number of known or unknown suppliers
 E-informing. Gathering and distributing purchasing information  from and to internal
and external parties using Internet technology
4.6. E-procurement Systems
"A good e-procurement system helps a firm organize its interactions with its most crucial
suppliers. It provides those who use it with a set of built-in monitoring tools to help control costs
and assure maximum supplier performance. It provides an organized way to keep an open line of
communication with potential suppliers during a business process. The system allows managers
to confirm pricing, and leverage previous agreements to assure each new price quote is more
competitive than the last."
Andy Gueritz's "Understanding the benefits of e-Procurement" (PDF) says, "Before formulating
an e-Procurement strategy it is vital to recognize that the nature of the products and services to
be procured and their pricing basis will have a significant impact on the way they should be
sourced and procured in terms of technology, organization and processes to maximize the
benefits of the proposed system.
For example, IT contractors, who are usually billed monthly in arrears, require a system that can
manage the life-cycle of the contractor and can deliver efficiency improvements throughout the
process. This is a very different procurement need from commodity items with well-recognized
stable specifications such as office supplies, or metered services such as telecommunications
costs which benefit more from a system that links pricing to an industry index and allows
reconciliation of recorded usage against billings."
E-procurement systems can be implemented fairly easily by starting with nonessential purchases
and applying lessons learned to other parts of the business. Before implementing an e-
procurement system, businesses should:
 Develop a business case
 Conduct a business process analysis
 Analyze spending patterns
 Consult suppliers
 Determine criteria for choosing an e-procurement solution
Successful e-procurement requires a number of underlying systems that provide:
 Digital signatures and identity authentication
 Certificates and attestations
 Catalogs of products and services
 Record archival
4.7. Public E-procurement: The concept of public procurement
Most purchases in public sector institutions require a bureaucratic procedure to be followed. The
majority of items are bought on requisition. This means that enormous amounts of efforts are
spent on sending forms back and forth in the system. The internal coordination costs are
therefore high with respect to the contracting procedure for commodities. The procurement of
commodities represents the greatest potential for savings with respect to electronic purchases
especially due to the reduction in work procedures, which can be automated. This is the case
both with respect to the ordering process and the handling of invoices and payments. This
combined with the regulated tendering process makes the idea of automating procurement an
attractive option compared with the status quo. Unlike private procurement, public procurement
is highly regulated.
Public Procurement can be defined as the procurement of goods, works and services by all Govt.
Ministries, Departments, Agencies, Statutory Corporations and Public Sector Undertakings in the
Centre and the States, Municipal Corporations and other local bodies and even by private Public
Sector Undertakings providing public services on monopoly basis.
Public procurement is only an extension of the personal procurement by two key words i.e.
transparency and fairness. When we take up any construction work for ourselves or make
personal purchases or hire of any services, we always try to ensure that we get the value for
money, good quality product and timely delivery. In case of public procurement we have to go a
little further i.e. in addition ensure that procurement is done in a transparent fair and equitable
manner.
The cannon of Public Procurement is to procure work, material, services of the specified quality
within the specified time at the most competitive prices in a fair, just and transparent manner. In
brief, the watchwords in this context are
• Transparency
• Fairness
• Value for money
• Quality
• Time
Issues in Public Procurement
 Lack of a common Public Procurement Policy
 Public Procurement Law and regulations
 Dedicated Agency
 Transparency in Procurement Act
 Lack of model bidding documents and contract documents
 Complicated procedures for bidding, approvals and payments.
 Lack of skilled resources
 No centralized system of registration of suppliers
 Delays in making payments to suppliers
Transparency in public procurement
 WHAT is being procured?
 WHO is eligible to bid?
 HOW to bid?
 WHAT are the evaluation criteria?
 WHO has got the award?
 At WHAT cost?
  WHAT is the quality of work/ product/service?
Efficiency in public procurement
 Clear Specifications
 Ease of Registration / Bidding
 Speedy Evaluation
 Efficient payment system
 Strict Quality Checks
 Cost Effectiveness of Procurement
 Cost Savings in procurement spend
 Accountability of public functionaries

4.8. BENEFITS OF E-PROCUREMENT

There is an enormous potential for savings to be made for establishing and using an e-
procurement across the country. The manual or traditional procurement processes has certain
disadvantages that increases cost as well as cause delays in the procurement process. Use of
information technology to conduct government procurement is therefore expected to generate
benefits for both government and procurement practitioners.
Most of these benefits can be grouped in three major areas, namely;
 Governance
 Efficiency and
 Economic Development
Governance
Government procurement is often identified with tensions between public expectations of high
standards of governance, management requirements for performance, overt political influence
and broader stakeholder interests particularly from the private sector. Technology offers the
potential to substantially strengthen transparency of government procurement, addressing an area
of sometimes intense public interest. E-Procurement will enhance governance in terms of
transparency and accountability.
Transparency is achieved in terms of;
 Available Information on Public Procurement Function
 Available Information on Procurement Transactions
 Higher compliance levels
  Reduced Corruption
 Audit Trails on Procurement Transactions
 Improved quality of public procurement reporting, monitoring and management
 In terms of accountability, the following will readily be available on an e-Procurement
sys-tem.
 Online disclosure of procurement notices
 Online disclosure of awarded contracts
 Open and fair competition
 Increased compliance with procurement policy
 Public access to procurement information
 Less opportunity for corruptive, collusive, fraudulent and coercive practices.
Efficiency
Using e-Procurement also offer gains in terms of efficiency and effectiveness. The benefits of
online technology for the efficiency and effectiveness of government procurement reflects on the
cost of transactions and value-for-money outcomes. This can be measured in terms of;
 Increased Price Transparency
 Increased Competition
 Lower Transaction Cost for Suppliers
In addition to these outcomes e-Procurement can be expected to provide significant but less
quantifiable benefits through greatly improved management information and analysis, laying the
foundation for innovation in sourcing, aggregation and service production.
Economic Development
Implementing e-Procurement also has the potential of changing the procurement landscape in
terms of economic development. These developments can be attributed to
 Private Business Activation
 Infrastructural Development
 Capacity Building

Cost Reduction
E-procurement not only reduces the cost of transactions, it also improves process efficiency and
can reduce administrative and other costs. Manual (phone and fax) communications are reduced
or eliminated, as are paper invoices and their associated costs.
Higher Productivity
Enterprises that implement e-procurement report that procurement, accounting, and other
corporate functions are more productive now than with traditional buying methods. E-
procurement systems provide a standardized approach to rolling out efficient processes to not
only procurement but all departments involved in transaction processing and financial record-
keeping.
Increased Spend Under Management
Benchmark survey was the ability of e-procurement users to bring more spends under
management of the procurement organization. Increasing spend under management helps ensure
the enterprise achieves maximum spending lever- age in supply negotiations; it also ensures that
consistent and thorough market diligence, costing measures, and compliance methods are applied
to each spend category. In contrast, that portion of enterprise spend that is managed outside the
procurement group typically results in less negotiation leverage and sub-optimal market analysis,
producing higher pricing levels and management costs. Aberdeen research shows that each new
dollar of spend brought under management can yield 5% to 20% cost savings.
For all procurement practitioners to participate in procurement activities using e-Procurement,
will require building of broadband capacity, promoting digital literacy, and encouraging
businesses to use information and communications technology for procurement activities.
4.9. Challenges and risk of Implementation E-Procurement
There are a number of reported benefits that are regularly associated with the implementation of
e-procurement practices. Operational and cost efficiency are perceived as the primary advantage
of e-procurement. Curiously, implementation of e-procurement initiatives has turned out to be
much more problematic and challenging than expected. Through effective deployment of e-
procurement technology, companies can:
 Reduce transaction costs
 Improve process efficiency
 Reduce or eliminate “maverick” buying
 Increase contract compliance
 Reduce cycle times
 Save inventory costs
4.9.1. Challenges to E-Procurement Implementation
Though much progress has been made, significant challenges to successful e-procurement
implementation remain. Specifically:
Supplier enablement: In the early days of e-procurement, buying enterprises and solution
providers underestimated the time, effort, and resources required to enable suppliers to
transaction business electronically. Leading enterprises typically use a combination of supplier-
enablement approaches. Though tremendous progress has been made in supplier enablement, all
involved parties – end users, suppliers, and solution providers – continue to work to make
enablement as simple and cost effective as possible.
User adoption: Individual end users and entire business units will naturally resist any change in
business processes that takes away buying power and buying flexibility. Over the past few years,
user adoption has increased at essentially the same pace as the increase in suppliers enabled.
With more products and suppliers on the e-procurement system, users have less reason to try to
circumvent the system. Still, end users report that several factors continue to hold back user
adoption, including inadequate representation of spending categories within the system,
inconsistent purchase requirements, procedures, and supply bases by site or region, and a lack of
executive mandates or policies to drive adoption and system compliance. Best Practice
enterprises have worked on user adoption for years, and many supply executives at these
enterprises have become leading “sellers” of the e-procurement system to end users.
Budget and policy support. In Aberdeen’s e-procurement benchmark research late last year,
more than half of research respondents reported that securing budget/policy support for their e-
procurement initiative was a challenge that delayed or muted the benefits of e-procurement. In
contrast, the Best Practice enterprises depicted in this report received top management support
and a level of investment needed to gain cost savings, process efficiencies, and the other benefits
of e-procurement. However, even supply executives at Best Practice enterprises would like to see
more investment and support of their e-procurement systems.
Organizational
 Many users are resistant to change, simply due to human nature and habit
 Users may believe that e-procurement will make their job more difficult or cumbersome
 Current roles will change due to the impact of e-procurement
Economic-Legal
  Level of economic development
 Regulatory framework
 Technological scenario
 Existence of private competitor services
 General Education level
4.9.2. Risks and Impacts of E-Procurement
The Transmit (1999) report above indicated that in the UK and throughout Europe, adoption of
e-procurement is low, with less than a fifth of large companies adopting this technology. It may
be possible to explain low adoption through a consideration of the risks and impacts involved
with e-procurement. A PricewaterhouseCoopers survey of 400 senior European business leaders
indicates that security concerns and lack of faith in trading partners are the most significant
factors holding back e-procurement (Potter, 2000). Potter states that authentication of identity is
the main issue. He says ‘People need to be satisfied about who they are dealing with. They need
to know that their messages have not been intercepted or corrupted on the way, and most
importantly they are legally non-reputable – meaning that the other party can’t walk away from it
in a court of law.’ He goes on to say that the security fears are well founded, with nearly two-
thirds of companies relying solely on password protection when dealing with suppliers. Trusted
third-party certification is required for the level of trust to increase. While the Internet may give
the impression of making it readily possible to swap between suppliers and use new suppliers,
two-thirds of those interviewed said building a trusted relationship with suppliers is necessary
before they would trade using the Internet.
Organizational risks
If the cost savings referred to earlier in the chapter are to be achieved it may be necessary to
redeploy staff, or in the worst case make them redundant. For a medium-sized company such as
Cambridge Consultants the purchasing team of five people was reduced to four. The threat of
redundancy or redeployment is likely to lead to resistance to the introduction of the system and
this need to be managed. The purchasing manager will have to carefully explain the reasons for
introducing the new system, emphasizing the benefits to the company as a whole and how it
should enable more variety to be introduced to the buying role.
Since the cost savings of e-procurement are achieved through empowerment of originators
throughout the business to directly purchase their own items rather than through a purchasing
department there is a risk that some originators may take advantage of this. This is known as
‘maverick or off-contract purchasing’, and it has always happened to some extent. Maverick
purchasing occurs when items are ordered that are unnecessary or too expensive. Complete
Failure to achieve real cost reductions
There is a risk that the return on investment (ROI) from introducing e-procurement may be lower
than that forecast and the introduction of the e-procurement system may not pay for itself.
Technology risks
Tranmit (1999) reported the biggest barrier to automation of e-procurement as integration with
existing financial systems, according to 60 per cent of respondents. The section on implementing
e-procurement below shows that there is a range of different models for procurement. The
models are evolving fast, so it is difficult to know which to select. Likewise there is a range of
different marketplaces, many of which have not yet reached critical mass. It will be wasteful to
become involved in a marketplace which fails in a year’s time. Problems introduced by large-
scale ERP systems may also not dispose organizations to e-procurement.
Advantages and Disadvantages of E-procurement
Most organizations suffer inefficiencies when using the traditional procurement process. The
procurement process consists of sourcing (negotiating prices), procurement (raising and fulfilling
orders), and payment (collecting invoices and arranging payment). E-procurement streamlines all
three parts of the process and offers:

 Improved management information across all areas of purchasing

 Instant access to catalogs and products
 Improved transparency and interoperability
 Standardized and streamlined purchasing practices
 Budget visibility and control
 Supplier bills paid on time
 Reduction in paperwork and duplicated records
 Centrally-managed contracts
 Faster procurement
 Improved methods of spending and performance measurement and analysis
 Lower overhead and marketing costs for vendors
  Pre-acceptance of Terms and Conditions
E-procurement also carries its share of disappointments and disadvantages, such as:
 Human or system errors in orders
 Software and systems that don't meet companies' needs
 Lack of vendor support for e-commerce
 Generation and maintenance of product information
 Inadequate search capabilities
 Tendency to use one e-procurement system or process (e.g., reverse auctions) for all areas
 The need for internal culture change so employees will use the new system
 Training costs
Most purchases in public sector institutions require a bureaucratic procedure to be followed.
Public procurement is only an extension of the personal procurement by two key words i.e.
transparency and fairness.
There are benefits regularly associated with the implementation of e-procurement practices. Most
of these benefits can be grouped in three major areas, namely;
 Governance
 Efficiency and
 Economic Development
 Potential change in suppliers or available goods

Chapter Five
E-payment Systems
Learning Objectives:

After successfully completing this chapter, learners should able to:

 Assess evolution of electronic payment systems

 Analyze characteristics of current payment systems
 Describe the Types of Payment Systems
  Examine Credit-Card Transaction Enablers
1.1 Introduction
The idea of paying for goods and services electronically is not a new one. All around us we see
evidence of transactions taking place where at least part of the process is carried on
electronically. Since the late1970s and early 1980s, a variety of schemes have been proposed to
allow payment to be effected across a computer network. Few of these schemes got beyond the
design stage since the schemes were of little use to those who were not connected to a network.
The arrival of the Internet has removed this obstacle to progress. This network of networks has
grown dramatically from its inception in the late 1970s to today’s truly global medium. It is not
known how many people make regular use of the Internet, but Figure 5.1 shows a graph of the
number of host computers connected at different points in its history.
By July 2000, after a period of exponential growth, the number of machines hooked up to the
network had grown to over 93 million. In the early stages of the Internet evolution, it was
common to make the assumption that each of these machines was used by around 10 people.
This would mean that some 930 million people have Internet access worldwide. Most
commentators would agree that this figure is much too high, and have used a variety of other
estimating techniques to arrive at a better answer. The 2001 Nua Internet Survey takes an
average of such estimates and concludes that just over 400 million people were online by
January 2001. Much of this growth has been driven by the availability of World Wide Web
(WWW) technology that allows information located on machines around the world to be
accessed as a single multimedia-linked document with simple point-and-click interactions.

Surveys of Internet users suggest that the profile is changing from the original university-
centered user base to a more broadly based residential population with a high spending power.
These facts are not lost on commercial organizations wishing to offer goods and services for sale
to a global consumer audience.
Initially the focus of electronic commerce (e-commerce) was on selling goods to consumers. The
most popular categories included computer goods and software, books, travel, and music CDs.
This so-called business-to-consumer (B2C) e-commerce grew spectacularly. In the United States,
such spending was estimated at $7.7 billion in 1998, $17.3 billion in 1999, and $28 billion in
2000.

Electronic Payment Systems for E-Commerce

100,000,000
90,000,000
80,000,000
70,000,000
60,000,000
50,000,000
40,000,000
30,000,000
20,000,000
10,000,000
0
Oct- Oct-Oct- Oct- Oct- Oct- Jan- Jul- Jan- Jul- Jan- Jul- Jan- Jul- Jan- Jul-
Jan- Jul-
89 90 91 929394959596969797989899990000

Table 5.1: Count of host computers connected to the Internet over time.
Around 1999, the industry focus began to shift to the trade that companies do with each other.
By building on-line electronic marketplaces, it became possible to bring together businesses such
as car manufacturers and their component suppliers, or fruit wholesalers with primary producers.
This business-to-business (B2B) e-commerce is thought to have the potential to become
considerably larger than the B2C sector and indeed some early estimates suggest that B2B e-
commerce reached $226 billion worldwide in 2000 and is projected to reach $2.7 trillion by
2004. In both the B2C and B2B sectors, the Web was first used simply as a means of discovering
products and services, with the payment being carried out off-line by some conventional
payment method. In the case of B2C consumer purchases, merchants found they could capture
credit card details from Web forms allowing the completion of the transaction off-line, albeit
with a complete absence of security measures.
When the first edition of Electronic Payment Systems was released in 1997, a huge variety of
different payment methods had been developed by both academic researchers and commercial
interests. Some of these were launched on the market and failed to reach a critical mass. Early
market leaders such as First Virtual Inc., Cyber Cash Inc., and Digi cash launched payment
systems that achieved some quite extensive deployment but failed to generate an economic
return. At the same time, many new companies started up, offering new methods of payment for
the B2C sector. The advent of B2B payments with their different requirements will give a greater
impetus to payment methods that can cope with bank-mediated large-value transfers. A totally
new market has also developed for people to make payments with the assistance of their mobile
phone or handheld wireless device. Mobile commerce (m-commerce) has the potential to
become a very large industry and many payment technology providers have appeared to fill this
gap.
For electronic commerce to have a chance to meet the soaring expectations set in the press with
regards to the Internet, efficient and effective payment services need to be established and
accepted by businesses and consumers alike. Recognizing this, virtually all interested parties in
academia, governments, and financial services are exploring various types of payment services
and the issues surrounding electronic payment systems and digital currency. Some proposed
electronic payment systems are simply electronic versions of existing payment systems, such as
checks and credit cards, whereas others are based on digital currency technology and have the
potential for definitive impact on today's financial and monetary systems. While the popular
press and developers of payment systems predict fundamental changes in the financial sector
because of innovations in electronic payment.
Electronic payment systems can be considered merely the next—albeit significant—step in a
long line of changes in payment clearing systems. The electronic settling of accounts, for
example, has long been an integral part of payment systems using credit cards, debit cards,
automatic teller machines, and prepaid cards. What enables any payment mechanism to be
processed electronically is the fact that unlike currency, bills, or coins that carry monetary
values, non-cash mechanisms are promises or contracts of payments. Based on the information
transmitted following a transaction, the appropriate accounts representing notational money are
adjusted between banks and financial institutions. Checks are a primary example in which an
intrinsically worthless piece of paper, which nonetheless conveys important information, is
exchanged for settlement.
5.1.1 Characteristics of Current Payment Systems

Payment in its most primitive form involves barter: the direct exchange of goods and services for
other goods and services. Although still used in primitive economies and on the fringes of
developed ones, this form of payment suffers from the need to establish what is known as a
double coincidence of wants. This means, for example, that a person wishing to exchange food
for a bicycle must first find another person who is both hungry and has a spare bicycle!
Consequently, over the centuries, barter arrangements have been replaced with various forms of
money.
The earliest money was called commodity money, where physical commodities (such as corn,
salt, or gold) whose values were well known were used to effect payment. In order to acquire a
number of desirable properties including portability and divisibility, gold and silver coins
became the most commonly used commodity money, particularly after the industrial revolution
in the 1800s.

The next step in the progression of money was the use of tokens such as paper notes, which were
backed by deposits of gold and silver held by the note issuer. This is referred to as adopting a
commodity standard. As an economy becomes highly stable and governments (in the form of
central banks) are trusted, it becomes unnecessary to have commodity backing for notes that are
issued. This is referred to as fiat money since the tokens only have value by virtue of the fact that
the government declares it to be so, and this assertion is widely accepted.
Cash payment is the most popular form of money transfer used today, but as amounts get larger
and security becomes an issue, people are less inclined to hold their wealth in the form of cash
and start to avail of the services of a financial institution such as a bank. If both parties to a
payment hold accounts with the same bank, then a payment can be effected by making a transfer
of funds from one account to another. This essential mechanism is at the root of a wide variety of
payment schemes facilitated by the financial services industry today.
5.2. Online Payment Process.
E-payment systems are becoming central to e-commerce as companies look for ways to serve
customers faster and at lower cost. Emerging innovations in the payment for goods and services
in electronic commerce promise to offer a wide range of new business opportunities. The current
state of online electronic payments is in many ways reminiscent of the medieval ages. The
merchants of Asia and Europe faced a similar problem while trying to unlock the commercial
potential of the expanding marketplace. Those ancient traders faced a number of obstacles such
as conflicting local laws and customs regarding commercial practices and incompatible and
nonconvertible currencies that restricted trade. To circumvent some of these problems, traders
invented various forms of payment instruments such as promissory notes, bills of exchange, gold
coins, and barter. The merchants also developed commercial law surrounding the use of these
instruments that proved to be one of the-turning points in the history of trade and commerce. We
are on the verge of a similar sort of development today with regard to e-payment systems.
Everyone agrees that the payment and settlement process is a potential bottleneck in the fast-
moving electronic commerce environment, if we rely on conventional payment methods such as
cash, cheques, bank drafts, or bills of exchange. Electronic replicas of these conventional
instruments are not well suited for the speed required in e-commerce purchase processing.
5.2.1. Types of Payment Systems/Online Credit Card Payment Process
In order to understand e-commerce payment systems, you first need to be familiar with the
various types of generic payment systems. Then you will be able to clarify the different
requirements that e-commerce payment systems must meet and identify the opportunities
provided by e-commerce technology for developing new types of payment systems. There are
three main types of payment systems:
1. Cash payments
2. Payment through banks and
3. Using payment cards

1. Cash payments
On first examination, payment by cash appears to be the simplest and most effective of all of the
alternatives. It is easily transferred from one individual to another. In paper form, it is quite
portable and large amounts can be carried in a pocket or briefcase. There is no transaction
charges levied when a payment is made, which makes it very suitable for transactions with a low
value, and no audit trail is left behind. This last attribute makes cash payment a favorite payment
method for those engaged in criminal activity.
But contrary to appearances, cash is not free. There is a huge amount of cash in circulation. It
was estimated in 1999, that $500 billion in U.S. currency was in the hands of the public. This
currency wears out a $1 bill has a life expectancy of 18 months, while the less common $50 bill
usually lasts about nine years. Each year, around 10 billion notes are destroyed and replaced with
newly printed ones. Regardless of the denomination, each note costs some 4¢ to produce, and
this cost is Electronic Payment Systems for E-Commerce ultimately borne by the taxpayer. A
similar situation exists in every country in the world.
Once the cash has been produced, it must then be transferred to and from banks or companies
under very high security. Vaults must be built to store it, and heavy insurance premiums paid to
cover losses due to theft. All of these costs are eventually passed on by a variety of indirect
means to the cash user. With recent advances in color photocopying techniques, the risk from
counterfeiters is also growing at an alarming rate.
Nevertheless, cash is the most commonly used form of payment, accounting for about 80% of all
transactions. As an example, U.S. statistics and estimates [2] suggest that in 1993, nearly 300
billion cash transactions took place in the American economy with a total dollar value of some
$3.4 trillion. The fact that this yields an average transaction value of around $11 reflects the fact
that cash is mostly used to buy low value goods.
One of the factors that have allowed cash to remain the dominant form of payment is the
development of automated teller machines (ATMs), which allow consumers much easier access
to money in cash form. The banking industry, which acts as the distributor of cash in the
economy, has been attempting for many years to wean consumers off cash and into electronic
bank mediated payments and in recent years has begun to have some success.
1. Payment through banks
Where both parties have lodged their cash with a bank for safekeeping, it becomes unnecessary
for one party to withdraw notes in order to make a payment to another. Instead, they can write a
check, which is an order to their bank to pay a specified amount to the named payee. The payee
can collect the funds by going to the payer’s bank and cashing the check. Alternatively, the
payee can lodge the check so that the funds are transferred from the account of the payer to that
of the payee.
A. Payment by check
If the parties hold accounts with separate banks, then the process gets more complicated. The
cycle begins when A presents a check in payment to B. Party B lodges the check with his bank
(referred to as the collecting bank), which will collect the funds on his behalf. In most cases, a
credit is made to B’s account as soon as the check is lodged, but this immediate funds
availability is not always the case. All checks lodged with bank B over the course of a day will
be sent to the clearing department, where they are sorted in order of the banks on which they are
drawn. The following day, they are brought to a clearinghouse, where a group of banks meet to
exchange checks. The check in question will be given to bank A and (usually) one day later bank
A will verify that the funds are available to meet the check and debit A.s account for the sum
involved.
If funds are not available, the signature on the check does not match with samples, or any other
problem occurs, then the check must be returned to the collecting bank together with some
indication as to why it could not be processed. Bank A must attend to this promptly, usually
within one working day. These so-called returned items are the major problem with the check as
a payment instrument in that their existence introduces uncertainty, and the fact that they need
individual attention from banking staff means that they are very expensive to process. The
principal loser in this situation is B, who finds himself in possession of a dishonored check with
hefty bank charges to pay. In general, however, the bank’s changes are seldom high enough to
cover their processing expenses. If funds are available to meet the check, then the following day
the banks that are part of the clearing arrangement will calculate how much they owe to or are
owed by the group of clearing banks as a whole. This amount is then settled by making a credit
or debit from a special account usually maintained by the central bank.
B. Payment by giro or credit transfer
The returned items problem is the single biggest drawback with checks as a payment method.
This problem is eliminated using a credit transfer or giro payment. A giro is an instruction to the
payer’s bank to transfer funds to the payee’s bank. The processing of a giro is similar to a check,
with the main difference being that the transaction cannot be initiated unless A has the funds
available. This eliminates any uncertainty and extra cost imposed by the need to process returned
items. It is an easier process to conduct electronically since the correct processing of the payment
does not require sending the signed document through the clearing system.
This form of payment is quite popular in many European countries where national post offices
rather than banks tend to operate the system. The payment method is not used in paper form in
the United States, but credit transfers in electronic form are possible.
A. Automated Clearing House (ACH) Payments
From their inception, paper-based payments (checks and giros) grew in popularity and as the task
of carrying out paper-based clearing grew, the banks began to look for more automated ways to
make payments. In 1968, a group of Californian bankers came together to form the Special
Committee on Paperless Entries (SCOPE), which led to the formation in 1972 of the California
Clearing House Association, the first regional automated clearing house (ACH) in the United
States.
The ACH system operates in a similar way to paper clearing except that the payment instructions
are in electronic form. In the early days of ACH, banks prepared magnetic tapes of these
transactions that were transported to the ACH, sorted by destination bank, and distributed in
much the same way as paper checks and giros, but increasingly this method is being replaced by
real-time transactions sent on telecommunications links.
The system is now used extensively by employers to pay wages directly into workers. Bank
accounts, to implement standing orders, direct debits, and direct credits. There is considerable
variation in the operation of ACH payments systems in different countries around the world. In
general, there is no compatibility between the messages used in individual countries, but there
are major developments both in Europe and globally that are noteworthy.

B. Wire transfer services

The ACH method of effecting payment is ideal for mid- to low-value transactions. In 1999, for
example, the average value of a credit ACH payment in the United States was around $3,000.
Where the value of payments is considerably higher, the risk level rises and different procedures
involving more scrutiny are required. These high-value payments are referred to as wire
transfers. In the United States, the Federal Reserve (central bank) operates the Fed wire payment
system, and a private sector organization called the Clearing House Interbank Payment System
(CHIPS) is also in operation.
Typically, these systems handle payments between corporations and banks and to and from
government. In 1998, the average wire transfer payment was worth $4.3 million
1. Using payment cards
The idea of payment using cards first arose in 1915, when a small number of U.S. hotels and
department stores began to issue what were then referred to as shoppers’ plates. It was not until
1947 that the Flatbush National Bank issued cards to its local customers. This was followed in
1950 by the Diners Club, which was the first travel and entertainment or charge card, and eight
years later the American Express card was born. Over the years, many card companies have
started up and failed, but two major card companies, made up of large numbers of member
banks, have come to dominate this worldwide business. These are Visa International and
MasterCard.
Credit cards are designed to cater for payments in the retail situation. This means that payments
can only be made from a cardholder to a merchant who has preregistered to accept payments
using the card. The card companies themselves do not deal with cardholders or merchants, but
rather license member organizations (usually banks) to do this for them.
A bank that issues cards to its customers is called a card-issuing bank. This means that it
registers the cardholder, produces a card incorporating the card association’s logo, and operates a
card account to which payments can be charged.
Merchants who wish to accept payments must also register with a bank. In this case, the bank is
referred to as the acquiring bank, or simply the acquirer. In a paper-based credit card payment, a
merchant prepares a sales voucher containing the payer’s card number, the amount of the
payment, the date, and a good description. Depending on policy, the transaction may need to be
authorized. This will involve contacting an authorization center operated by or on behalf of the
acquiring bank to see if the payment can go ahead. This may simply involve verifying that the
card does not appear in a blacklist of cards, or it may involve a reference to the card-issuing bank
to ensure that funds are available to meet the payment. Assuming it can be authorized, the
payment completes. At the end of the day, the merchant will bring the sales vouchers to the
acquiring bank, which will clear them using a clearing system not unlike that used for paper
checks and giros but operated by or on behalf of the card associations. The merchant’s account is
credited, the cardholder’s is debited, and the transaction details will appear on the next monthly
statement.
All the costs associated with a credit card transaction are borne by the merchant involved. The
cardholder will see only the amount of the transaction on his or her statement, but the merchant
typically pays over a small percentage of the transaction value with some associated minimum
charge that is divided between the acquiring bank and the card association.
For this reason, credit cards are not worthwhile for transactions in which the amount is below a
certain threshold (typically around $2). The reason why a credit card is so named is that the
balance owing on a cardholder’s account need not necessarily be paid at the end of the monthly
period. The cardholder can pay interest on the outstanding balance and use the card for credit.
Other arrangements are possible; for example, if the balance must be paid in full at the end of the
period, it is called a charge card.
Another possibility is to link the card to a normal bank account, and to process the transaction in
real time. This means that at the time the transaction takes place, the amount is transferred from
the customer to the merchant bank account. This arrangement is called a debit card. One final
way to use a payment card is to incorporate a storage facility into the card that can be loaded
with cash from the cardholder’s bank account. Bankers often classify payment cards into three
types: pay before (electronic purse), pay now (debit cards), and pay later (credit cards).
A. Credit Cards
A credit card represents an account that extends credit to consumers, permits consumers to
purchase items while deferring payment, and allows consumers to make payments to multiple
vendors at one time. Credit card schemes have been in use as a payment method since the early
1960s and the two major international brands, Visa and MasterCard, are household names all
over the world. The Visa brand grew from a scheme launched by the Bank of America, which
was subsequently licensed by Barclaycard in the United Kingdom in 1966. By the spring of2000,
this organization, owned by its 21,000 member financial institutions, had issued more than 1
billion cards and is now accepted by more than 19 million merchants in 300 countries.
Requirements for Issuing Credit cards
As the bank or credit issuing agent or credit association will make payment for the merchant
from the bank account itself, the access to credit card is quite limited as compared to debit card
where anyone who has a balance in the bank can have access to. This shows that credit cards are
eligible only to those the bank has more chance of getting the amount it pays on behalf of the
merchant. Below are some of the criteria for qualifying customers for getting credit card.
1. Prominenecy
2. Credit Standing
3. Collateral
How Credit Card works?

 Consumers/businesses apply for a credit line with a bank.

 Issuing banks create a spending account for each user with a spending limit based on
user’s credit history (prominenecy), credit standing and collateral.
 Payments are processed through Visa/MasterCard networks (for a fee).
 User receives consolidated statement at the end of the month; can pay the entire
balance or carry it over as a loan by paying a min amount.
 Issuing banks make money from interest charged on loans.
Advantages of Credit Card
 Worldwide acceptance.
 Built-in security for merchants and users (e.g., fraudulent purchases).
 Maintains audit trails (purchase and payment histories).
 Convenient for consumers (don’t have to carry cash).
 Payment is simple anywhere and in any currency, thus matching the global reach of the
Internet.
 The credit issuing bank company shares the transaction risk; helping overcome
consumers fear and reluctance to buy goods they have not actually seen.
 Transaction costs are hidden from users (i.e. basically met by sellers and passed onto all
customers, not just credit card users.)
Disadvantages Credit Card:
 Merchants pay per-transaction fees and monthly fees, which may be expensive (3-5%)
for small payments (under $10).This relatively high transaction costs makes them
impractical for small value payments.
 They cannot be directly for individuals to make payments for other individuals (peer to
peer transactions )
 Reluctance from the customer’s side.
 Are not very democratic, even though they seem to be ubiquitous. Adults with low
income cannot qualify for credit cards.
Credit Card Payment Processing
This document provides an overview of how online credit card processing works. Credit card
payment processing for your store takes place in two phases: authorization (getting approval for
the transaction that is stored with the order) and settlement (processing the sale which transfers
the funds from the issuing bank to the merchant's account).
The flow charts below represent the key steps in the process starting from what a customer sees
when placing an order through completing the sale and finishing with the merchant processing
the sale to collect funds.

Figure 5.2. Credit Card Payment Process

B. Debit Cards
A debit card (also known as a bank card or check card) is a plastic card which provides an
alternative payment method to cash when making purchases. Functionally, it can be called an
electronic check, as the funds are withdrawn directly from either the bank account (often referred
to as a check card), or from the remaining balance on the card. In some cases, the cards are
designed exclusively for use on the Internet, and so there is no physical card.
The use of debit cards has become widespread in many countries and has overtaken the cheque,
and in some instances cash transactions by volume. Like credit cards, debit cards are used widely
for telephone and Internet purchases. Debit cards can also allow for instant withdrawal of cash,
acting as the ATM card for withdrawing cash and as a cheque guarantee card. Merchants can
also offer "cash back" -" cash out" facilities to customers, where a customer can withdraw cash
along with their purchase. For consumers, the difference between a "debit card" and a "credit
card" is that the debit card deducts the balance from a deposit account, like a checking account,
where the credit card allows the consumer to spend money on credit to the issuing bank. In other
words, a debit card uses the money you have and a credit card uses the money you don't have.
"Debit cards" which are linked directly to a checking account are sometimes dual-purpose, so
that they can be used as a credit card, and can be charged by merchants using the traditional
credit networks. A merchant will ask for "credit or debit?" if the card is a combined credit +
debit card. If the payee chooses "credit", the credit balance will be debited the amount of the
purchase; if the payee chooses "debit", the bank account balance will be debited the amount of
the purchase.
Types of Debit Cards
There are currently three ways that debit card transactions are processed: online debit (also
known as PIN debit), offline debit (also known as signature debit) and Electronic Purse Card.
Although many debit cards are of the Visa or Master Card brand, there are many other types of
debit card, each accepted only within a particular country or region. The use of a debit card
system allows operators to package their product more effectively while monitoring customer
spending.

i) Online Debit Card

Online debit cards require electronic authorization of every transaction and the debits are
reflected in the user’s account immediately. The transaction may be additionally secured with the
personal identification number (PIN) authentication system and some online cards require such
authentication for every transaction, essentially becoming enhanced automatic teller machine
ATM cards. One difficulty in using online debit cards is the necessity of an electronic
authorization device at the point of sale (POS) and sometimes also a separate PIN pad to enter
the PIN, although this is becoming commonplace for all card transactions in many countries.
Overall, the online debit card is generally viewed as superior to the offline debit card because of
its more secure authentication system and live status, which alleviates problems with processing
lag on transactions that may have been forgotten or not authorized by the owner of the card.
Typical examples may include ATM cards and VISA Cards.
ATM Cards
CBE(Commercial Bank of Ethiopia) was trying to offer ATM (Automated Teller Machine) Card
to its customers in the capital. Despite its effort, its customers do not seem to be happy with the
quality of the service. For effective ATM Cards service well established infrastructure where
many banks giving the service have interdependence and network with one another.
Visa Cards
Dashen Bank is the exclusive Visa card agent in our country so far May [Link] is
requirements to be eligible to be Visa card agent:

 The amount of foreign currency deposit

 Bargaining power
 Well-established business relationship
 Trust

Hence, why Dashen Bank can easily be an exclusive Visa card agent is simply because it has
fulfilled the above requirements. Which part of customers is entitled to get Visa card from
Dashen bank and what further provisions are there? Though Visa card can and is being used for
international payment purposes in other nations, in our country context the Visa card Dashen
Bank provides to its customers is used only for domestic use. Here all literate customers of the
bank are entitled to get Visa card upon their freewill. That means if the customers are illiterate
and cannot put their signature, they will not be allowed to get Visa card. For better safeguarding
the customers, the bank is implanting one customer one card system.
Prominent Problems with the Visa cards payment system are the following:
1. Offline
Every day the system will process the day’s transaction and customers will not have chance
during those 30 minuses to 1 hour time.
2. Network Problems
The lack of sustainable Internet connection makes big challenge for both the bank and the
customers, where customers raise too many complaints on the bank where in fact the bank
cannot do anything!!
3. Usage Problems
The Visa card only permits for users to try to insert their PIN code 3 times. If they insert a wrong
number in their 3rd trial, they won’t have any more chance. Plus a customer should be alert
enough to take the card after 30 seconds, otherwise the card and money will be denied to be
given thinking that the customer has forgotten the card!! Some authors indicate that there is
preparation from Wegagen Bank to be the 2nd Visa card agent in Ethiopia.

ii. Offline Debit Card

Offline debit cards have the logos of major credit cards (e.g. Visa or Master Card) or major debit
cards (e.g. Maestro) and are used at the point of sale like a credit card. Using this Visa card the
bank also provides POS (Point of Sale), where customers can use the card to directly purchase
fuels, or get services from hotels like Dire International Hotels, Rift Valley Hotels etc. Here, they
can spend up to 5000 birr per day.
This type of debit card may be subject to a daily limit, and/or a maximum limit equal to the
current/checking account balance from which it draws funds. Transactions conducted with
offline debit cards require2–3 days to be reflected on users’ account balances.
In some countries and with some banks and merchant service organizations, a "credit" or offline
debit transaction is without cost to the purchaser beyond the face value of the transaction, while a
small fee may be charged for a "debit" or online debit transaction (although it is often absorbed
by the retailer). Other differences are that online debit purchasers may opt to withdraw cash in
addition to the amount of the debit purchase (if the merchant supports that functionality); also,
from the merchant's standpoint, the merchant pays lower fees on online debit transaction as
compared to "credit" (offline) debit transactions.
iii.) Prepaid Debit Card
Prepaid debit cards, also called reloadable debit cards or reloadable prepaid cards, are often used
for recurring payments. The payer loads funds to the cardholder's card account. Particularly for
US-based companies with a large number of payment recipients abroad, prepaid debit cards
allow the delivery of international payments without the delays and fees associated with
international checks and bank transfers. Web-based services such as stock photography websites
outsourced services and affiliate networks have all started offering prepaid debit cards for their
contributors/freelancers/vendors abroad.
Advantages of Debit Cards
Debit and check cards, as they have become widespread, have revealed numerous advantages
and disadvantages to the consumer and retailer alike. Advantages are as follows (most of them
applying only to some countries, but the countries to which they apply are unspecified):

 A consumer who is not credit worthy and may find it difficult or impossible to obtain a credit
card can more easily obtain a debit card, allowing him/her to make plastic transactions.
 Use of a debit card is limited to the existing funds in the account to which it is linked
(except cases of offline payments), thereby preventing the consumer from racking up
debt as a result of its use, or being charged interest, late fees, or fees exclusive to credit
cards.
 For most transactions, a check card can be used to avoid check writing altogether. Check
cards debit funds from the user's account on the spot, thereby finalizing the transaction at
the time of purchase, and bypassing the requirement to pay a credit card bill at a later
date, or to write an insecure check containing the account holder's personal information.
 Like credit cards, debit cards are accepted by merchants with less identification and
scrutiny than personal checks, thereby making transactions quicker and less intrusive.
Unlike personal checks, merchants generally do not believe that a payment via a debit
card may be later dishonored.
 Unlike a credit card, which charges higher fees and interest rates when a cash advance is
obtained, a debit card may be used to obtain cash from an ATM or a PIN-based
transaction at no extra charge, other than a foreign ATM fee.
Disadvantages of Debit card
 Some banks are now charging over-limit fees or non-sufficient funds fees based upon pre-
authorizations, and even attempted but refused transactions by the merchant (some of which
may not even be known by the client).
 Many merchants mistakenly believe that amounts owed can be "taken" from a customer's
account after a debit card (or number) has been presented, without agreement as to date,
payee name, amount and currency, thus causing penalty fees for overdrafts, over-the-limit,
amounts not available causing further rejections or overdrafts, and rejected transactions by
some banks.
 In some countries debit cards offer lower levels of security protection than credit cards. Theft
of the users PIN using skimming devices can be accomplished much easier with a PIN input
than with a signature-based credit transaction. However, theft of users' PIN codes using
skimming devices can be equally easily accomplished with a debit transaction PIN input, as
with a credit transaction PIN input, and theft using a signature-based credit transaction is
equally easy as theft using a signature-based debit transaction.
 In many places, laws protect the consumer from fraud a lot less than with a credit card. While
the holder of a credit card is legally responsible for only a minimal amount of a fraudulent
transaction made with a credit card, which is often waived by the bank, the consumer may be
held liable for hundreds of dollars in fraudulent debit transactions. The consumer also has a
much shorter time (usually just two days) to report such fraud to the bank in order to be
eligible for such a waiver with a debit card whereas with a credit card, this time may be up to
60 days. A thief who obtains or clones a debit card along with its PIN may be able to clean
out the consumer's bank account, and the consumer will have no recourse.
 When a transaction is made using a credit card, the bank's money is being spent, and
therefore, the bank has a vested interest in claiming its money where there is fraud or a
dispute. The bank may fight to void the charges of a consumer who is dissatisfied with a
purchase, or who has otherwise been treated unfairly by the merchant. But when a debit
purchase is made, the consumer has spent his/her own money, and the bank has little if any
motivation to collect the funds.
While debit cards bearing the logo of a major credit card are accepted for virtually all
transactions where an equivalent credit card is taken, a major exception in some countries is at
car rental facilities. In some countries car rental agencies require an actual credit card to be used,
or at the very least, will verify the creditworthiness of the renter using a debit card. In these
unspecified countries, these companies will deny a rental to anyone who does not fit the
requirements, and such a credit check may actually hurt one's credit score as long as there is such
a thing as a credit score in the country of purchase and/or the country of residence of the
customer
C. Electronic Purse Card/ Smart Card
A smart card is about the size of a credit card, made of a plastic with an embedded
microprocessor chip that holds important financial and personal information. The microprocessor
chip is loaded with the relevant information and periodically recharged. In addition to these
pieces of information, systems have been developed to store cash onto the chip. The money on
the card is saved in an encrypted form and is protected by a password to ensure the security of
the smart card solution. In order to pay via smart card it is necessary to introduce the card into a
hardware terminal.
Smart cards can be disposal or rechargeable. A popular example of a disposal smart card is one
issued by telephone companies. After using the pre-specified amount the card can be discarded.
Smart cards have been extensively used in the telecommunications industry for years. Smart-card
technology can be used to hold information on health care, transportation, identification, retail,
loyalty programs and banking, to name a few. Smart cards enable information for different
purposes to be stored in one location. The microprocessor chip can process different types of
information, and therefore, various industries use them in different ways. Due to their
multipurpose functions, their popularity in Turkey is also on the rise.
Smart cards are broadly classified into two groups:
Contact: This type of smart card must be inserted into a special card reader to be read and
updated. A contact smart card contains a microprocessor chip that makes contact with electrical
connectors to transfer the data.
Contact-less: This type of smart card can be read from a short distance using radio frequency. A
contact-less smart card also contains a microprocessor chip and an antenna that allows data to be
transmitted to a special card reader without any physical contact. This type of smart card is
useful for people who are moving in vehicles or on foot. They are used extensively in European
countries for collecting payment for highway tolls, train fares, parking, bus fares, and admission
fees to movies, theaters, plays, and so forth.
Smart cards can accommodate a variety of applications that allow the customer to make
purchases from a credit account, debit account, or stored value on the card. These cards can even
have multiple applications operating at the same time. The customer, for example, could have a
frequent flyer program working on the same card as the customer debit or credit account. This
enables the customer to earn points in his or her favorite program.
Some of the advantages of smart cards include the following:
 Stored many types of information

 Not easily duplicated

 Not occupy much space

 Portable

 Low cost to issuers and users

 Included high security

The disadvantages of smart cards are the lack of universal standards for their design and
utilization. On the other hand, smart card applications are expected to increase as a result of the
resolution of these disadvantages in the near future.
5.2.2. Some of the Online Credit Card Transaction Enablers
Companies that have established business relationships with financial institutions that will accept
online credit-card payments for merchant clients
 iCat
 Trintech
 Cybercash
 NextCard, Inc.
Cyber Cash Feature
• Enables businesses to receive payments through Internet Cash Register
• Makes it possible for merchants to receive credit-card numbers, offer the numbers to the
appropriate financial institution for validation and accept credit-card payments in a secure
environment over the Web
• Establishes direct connection between its servers and the Web sites of its e-business
customers
• Customer enters credit-card and shipping information
 • Information sent to CyberCash for validation, once validation is received, purchase can
be completed and funds are transferred electronically from customer accounts to
merchant’s account
 CyberCash Instabuy allows customers to store their purchasing information in an
Instabuy e-wallet. An e-wallet electronically stores purchasing information
 Using redundant servers, or identical servers for back up if one server fails, Cyber Cash
is able to minimize downtime
 Cash Register keeps track of transactions
 All financial information transmitted via the Internet is encrypted and digitally signed
 Cyber Cash offers fraud detection to protect merchants
Online Credit-Card Fraud
Chargeback
• When a credit-card holder claims a purchase was made by an unauthorized individual, or
when a purchase was not received
• The charges in question are not the responsibility of the credit-card holder
• On the Internet, neither a scan of the card nor a signature is registered and the cost is
incurred by the merchant
• Visa
- High-risk business models
- “Best Practices”
• Master card
-Uses the three digit pin code on the back of the card
On-Line Credit Card Transaction
1. Customer adds item to merchant’s shopping cart (SSL is initiated)
2. Merchant software contacts clearinghouse (financial intermediary)
3. Clearinghouse contacts bank to authenticate credit card and verify account
information
4. Once verified, credit card bank puts money in bank of merchant’s account
5. Transaction written to the customer’s credit card bill
Credit-Card Transactions
• Popular form of payment for online purchases
 • Resistance due to security concerns
• Many cards offer capabilities for online and offline purchases
– MasterCard
– Visa
– American Express Blue
Anatomy of an Online Credit-Card Transaction
 To accept credit-card payments, a merchant must have a merchant account
 Traditional merchant accounts accept only POS (point-of-sale) transactions
 Transactions that occur when you present your credit card at a store
 Card-not-present (CNP) transaction
 Merchant does not see actual card being used in the purchase
 Authentication
 The person is, in fact, who they say they are
 Authorization
 The money is available to complete the transaction
 Acquiring bank
 The bank with which the merchant holds an account
 Issuing bank
 The bank from which the buyer obtained the credit card, and the credit-card
association
 Verification
 Money issued to merchant after product/service is distributed
Step 1
– Consumer makes a purchase at an online store, credit card information received
by e-store (merchant)
• Step 2
– Credit card information is sent from the merchant to the acquiring bank
• Step 3 and Step 4
– The credit card association and the issuing bank certify the transaction and the
verification is sent to the acquiring bank
• Step 5
 – The merchant ships the product and payment is issued
Online Credit-Card Fraud
• Chargeback
 When a credit-card holder claims a purchase was made by an unauthorized
individual, or when a purchase was not received
 The charges in question are not the responsibility of the credit-card holder
 On the Internet, neither a scan of the card nor a signature is registered and the cost is
incurred by the merchant
• Visa
 High-risk business models
 “Best Practices” policy
• Master card
 Uses the three digit pin code on the back of the card
 Chapter Six
6. Supply Chain Information System

6.1. Fundamental Concepts of Supply Chain Information System

Today’s competitive business environment calls for companies to pay much more attention to
how they manage their supply chains. Customers are insisting on greater value, faster order
fulfillment, and more responsive service when they make purchases.
Shorter product life cycles, global sourcing, and greater product variety have increased
supply chain costs and complexity. The value chains of so many businesses are linked
together that competitive advantage may be based on entire supply chains rather than
individual firms. Supply chain management (SCM) today is not limited to order fulfillment
but is tied to such strategic issues as the ability to create and deliver new products or to create
and implement new business models (Kopczak and Johnson, 2003).
Supply chain management refers to the close linkage and coordination of activities involved
in buying, making, and moving a product. It integrates business processes to speed
information, product, and fund flows up and down a supply chain to reduce time, redundant
effort, and inventory costs.
The supply chain is a network of organizations and business processes for procuring raw
materials, transforming these materials into intermediate and finished products, and
distributing the finished products to customers. It links suppliers, manufacturing plants,
distribution centers, retail outlets, and customers to supply goods and services from
source through consumption.
Materials, information, and payments flow through the supply chain in both directions.
Goods start out as raw materials and move through logistics and production systems
until they reach customers. Returned items flow in the reverse direction from the buyer
back to the seller.
Figure 6.1 provides a simplified illustration of a supply chain, showing the flow of
information and material among suppliers, manufacturers, distributors, retailers, and
customers. The upstream portion of the supply chain includes the organization’s suppliers
and their suppliers and the processes for managing relationships with them. The downstream
portion consists of the organizations and processes for distributing and delivering products to
the final customers. The manufacturer also manages internal supply chain processes for

77
transforming the materials, components, and services furnished by suppliers into finished
goods and for managing materials and inventory.
The major entities in the supply chain and the flow of information upstream and downstream
to coordinate the activities involved in buying, making, and moving a product. The wide
arrows show the flow of materials between supply chain members, and the dotted line and
arrows show the flow of information. Suppliers transform raw materials into intermediate
products or components, and then manufacturers turn them into finished products. The
products are shipped to distribution centers and from there to retailers and customers.
Materials flow downstream from raw material sources through manufacturing facilities that
transform the raw materials into intermediate products (also referred to as components or
parts). These are assembled on the next level to form finished products.
The products are shipped to distribution centers and from there to retailers and customers.

6.2. Solving Business Problems with Information Systems in Supply Chain

Management
Inefficiencies in the supply chain, such as parts shortages, underutilized plant capacity,
excessive finished goods inventory, or runaway transportation costs, are caused by inaccurate
or untimely information. For example, manufacturers may keep too many parts in inventory
because they do not know exactly when they will receive their next shipment from their
suppliers. Suppliers may order too few raw materials because they do not have precise
information on demand. These supply chain inefficiencies can waste as much as 25 percent of
a company’s operating costs.
If a manufacturer had perfect information about exactly how many units of product customers
wanted, when they wanted them, and when they could be produced, it would be possible to
implement a highly efficient just-in-time strategy. Components would arrive exactly at the
moment they were needed and finished goods would be shipped as they left the assembly
line.

In a supply chain, however, uncertainties arise because many events cannot be foreseen
uncertain product demand, late shipments from suppliers, defective parts or raw material, or
production process breakdowns.
One recurring problem in supply chain management is the bullwhip effect, in which
information about the demand for a product gets distorted as it passes from one entity to the
next across the supply chain. A slight rise in demand for an item might cause different

78
members in the supply chain— distributors, manufacturers, suppliers, secondary suppliers
(suppliers’ suppliers), and tertiary suppliers (suppliers’ suppliers’ suppliers)— to stockpile
inventory so each has enough “just in case.” These changes ripple throughout the supply
chain, magnifying what started out as a small change from planned orders, creating excess
inventory, production, warehousing, and shipping costs.
The bullwhip can be tamed by reducing uncertainties about demand and supply when all
members of the supply chain have accurate and up-to-date information. If all members of the
supply chain could share dynamic information about inventory levels, schedules, forecasts,
and shipments, they would have a more precise idea of how to adjust their sourcing,
manufacturing, and distribution plans. Supply chain management systems provide the kind of
information that can help members of the supply chain make better purchasing and
scheduling decisions.
The central objective of supply chain management systems is information visibility—open
and rapid communication and information sharing between members of the supply chain.
Correct movement of accurate information makes it possible to time orders, shipments, and
production properly to minimize stocking levels and expedite deliveries to customers. Supply
chain management systems automate the flow of information between a company and its
supply chain partners so they can make better decisions to optimize their performance.
For example, if a large customer places a larger order than usual or changes that order on
short notice, it can have a widespread impact throughout the supply chain.
Supply chain management systems enable firms to streamline both their internal and external
supply chain processes and provide management with more accurate information about what
to produce, store, and move. By implementing a networked and integrated supply chain
management system, companies can match supply to demand, reduce inventory levels,
improve delivery service, speed product time to market, and use assets more effectively.
Companies that excel in supply chain management have been found to produce higher rates
of growth in their market value than the average for their industries (D’Avanzo, von
Lewinski, and Van Wassenhove, 2003). Effective supply chain management systems enhance
organizational performance in the following areas:
. Improved customer service and responsiveness. If a product is not available when a
customer wants it, that customer will likely try to purchase it from someone else.
Having the right product at the right place at the right time will increase sales.
2. Cost reduction. Supply chain management helps companies contain, and often reduce,
some or all of the costs associated with moving a product through the supply chain. These

79
costs include material acquisition, inventory carrying, transportation, and planning costs.
(Inventory carrying costs may amount to 30 or 40 percent of the value of the entire
inventory.) Total supply chain costs represent the majority of operating expenses for many
businesses and in some industries approach 75 percent of the total operating budget
(Handfield, 1999). Reducing supply chain costs can thus have a major impact on firm
profitability.
3. Cash utilization. The sooner a company delivers a product, the sooner that company will
get paid. Companies leading in supply chain efficiency have cash available two to three
months faster than companies that do not have this capability.

6.3. Data Base Management

A database management system (DBMS) is simply the software that permits an organization
to centralize data, manage them efficiently, and provide access to the stored data by
application programs.

The DBMS acts as an interface between application programs and the physical data files.
When the application program calls for a data item, such as gross pay, the DBMS finds this
item in the database and presents it to the application program. Using traditional data files,
the programmer would have to specify the size and format of each data element used in the
program and then tell the computer where they were located. A DBMS eliminates most of the
data definition statements found in traditional programs.

The DBMS relieves the programmer or end user from the task of understanding where and
how the data are actually stored by separating the logical and physical views of the data. The
logical view presents data as they would be perceived by end users or business specialists;
whereas the physical view shows how data are actually organized and structured on physical
storage media. The database management software makes the physical database available for
different logical views presented for various application programs.
A database management system has three components:

1. A data definition language

2. A data manipulation language

3. A data dictionary

80
The data definition language is the formal language programmers use to specify the structure
of the content of the database. The data definition language defines each data element as it
appears in the database before that data element is translated into the forms required by
application programs. Most DBMS have a specialized language called a data manipulation
language that is used in conjunction with some conventional third- or fourth-generation
programming languages to manipulate the data in the database. This language contains
commands that permit end users and programming specialists to extract data from the
database to satisfy information requests and develop applications.

The third element of a DBMS is a data dictionary. This is an automated or manual file that
stores definitions of data elements and data characteristics, such as usage, physical
representation, ownership (who in the organization is responsible for maintaining the data),
authorization, and security. Many data dictionaries can produce lists and reports of data use,
groupings, program locations, and so on.

Types of Databases
Contemporary DBMS use different database models to keep track of entities, attributes, and
relationships. Each model has certain processing advantages and certain business advantages.
A. Relational DBMS
The most popular type of DBMS today for PCs as well as for larger computers and
mainframes is the relational DBMS. The relational data model represents all data in the
database as simple two-dimensional tables called relations. Tables may be referred to as files.
Information in more than one file can be easily extracted and combined.

B. Hierarchical DBMS
This model organizes data in a top-down, treelike manner. Each record is broken down into
pieces of records called segments. The database looks like an organization chart with one root
segment and any number of subordinate segments. The segments, in turn, are arranged into
multilevel structures, with an upper segment linked to a subordinate segment in a parent-child
relationship.
A "parent" segment can have more than one "child" but a subordinate "child" segment can
have only one "parent". Thus, all the relationships among records are one-to-many since each
data element is related only to one element above it. Data is accessed by starting at the root
and moving progressively downward along the branches of the tree until the desired record is
located.

81
C. The Network structure
This structure is best at representing many-to-many relationships among records- that is, the
network model allows entry into a database at multiple points, because any data element or
record can be related to any number of other data elements. For example, departmental
records can be related to more than one employee record, and employee records can be
related to more than one project record. In other words, a "child" can have more than one
"parent".

6.4. Planning and Implementing Information systems

Supply chain execution systems manage the flow of products through distribution centers and
warehouses to ensure that products are delivered to the right locations in the most efficient
manner. They track the physical status of goods, the management of materials, warehouse
and transportation operations, and financial information involving all parties. In the pre-
Internet environment, supply chain coordination was hampered by the difficulties of making
information flow smoothly among disparate internal supply chain systems for purchasing,
materials management, manufacturing, and distribution. It was also difficult to share
information with external supply chain partners because the systems of suppliers, distributors,
or logistics providers were based on incompatible technology platforms and standards.
Enterprise systems could supply some integration of internal supply chain processes but they
were not designed to deal with external supply chain processes.
Some supply chain integration can be supplied inexpensively using Internet technology.
Firms can use intranets to improve coordination among their internal supply chain processes,
and they can use extranets to coordinate supply chain processes shared with their business
partners.

6.5. Controlling Supply Chain Information Systems

Companies need to be able to measure the performance of their supply chain management
efforts using objective performance information. A number of metrics can be used to evaluate
the performance of supply chain processes, and supply chain management systems can
provide the data for them. A metric is a standard measurement of performance. Important
metrics for measuring supply chain performance include the fill rate (the ability to fill orders
by the due date), the average time from order to delivery, the number of days of supply in

82
inventory, forecast accuracy, and the cycle time for sourcing and making a product. (Cycle
time is the total elapsed time to complete a business process.
Companies may not necessarily excel in all these areas, but management should choose the
operations that are most critical for the success of the firm and focus on metrics that measure
their performance. Although large software vendors have tools for automating many of the
most important supply chain processes, no software package or set of tools does everything.
The specific supply chain management objectives for each company should determine which
supply chain management package or set of software tools to use.

Summary
The supply chain is a network of organizations and business processes for procuring raw
materials, transforming these materials into intermediate and finished products, and
distributing the finished products to customers. It links suppliers, manufacturing plants,
distribution centers, retail outlets, and customers to supply goods and services from source
through consumption. Materials, information, and payments flow through the supply chain in
both directions. And Goods start out as raw materials and move through logistics and
production systems until they reach customers.

Supply chain management systems automate the flow of information between a company and
its supply chain partners so they can make better decisions to optimize their performance.
The central objective of supply chain management systems is information visibility—open
and rapid communication and information sharing between members of the supply chain.
Correct movement of accurate information makes it possible to time orders, shipments, and
production properly to minimize stocking levels and expedite deliveries to customers.
Effective supply chain management systems enhance organizational performance by
improving customer service and responsiveness, Cash utilization and Cost reduction.
A database management system (DBMS) is simply the software that permits an organization
to centralize data, manage them efficiently, and provide access to the stored data by
application programs. The DBMS acts as an interface between application programs and the
physical data files. A database management system has three components; data definition
language, data manipulation language and data dictionary.

83
 Chapter Seven
E-Commerce Security Technology

Learning Objectives:
After reading this chapter learners should able to:
 Understand the concepts of e-security.
 Explain the major threats of e-security.
 Describe the techniques and tools of a secure e-commerce.
 Understand the communication channel security measures.
 Understand the client and server computer security measures.
7.1. Overview of Online E-Commerce Security

E-commerce is a powerful tool for business transformation that allows companies to enhance
their supply-chain operation, reach new markets, and improve services for customers as well
as for providers. Implementing the E-commerce applications that provide these benefits may
be impossible without a coherent, consistent approach to E-commerce security. E-commerce
has presented a new way of doing transactions all over the world using internet.

Security is the basic need to secure information on internet. E-commerce transaction between
customer and merchant can include different requests. The high degree of confidence is
needed in authenticity and privacy of such transactions can be difficult to maintain where
they are exchanged over an untrusted public network such as the Internet. It also pertains to
any form of business transaction in which the parties interact electronically rather than by
physical exchanges or direct physical contact. A security objective is the contribution to
security that a system is intended to achieve. E-commerce is conducted on global network
that is Internet which is untrusted. Therefore confidentiality is required during transaction and
sending information should be kept secure against all type of threats. The successful
functioning of E-commerce security depends on a complex interrelationship between several
applications development platforms, database management systems, and systems software
and network infrastructure.

The Effective E-commerce security involves five basic elements/ these are:

84
 1 Access Control.
2 Privacy/Confidentiality.
3 Authentication.
4 Non -repudiation.
5 Integrity.
A. .Access Control
The first and most obvious network security concern addresses access control. In physical
security, the term access control refers to the practice of restricting entrance to a property, a
building, or a room to authorized persons. Physical access control can be achieved by a
human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys,
or through technological means such as a card access system.
There are several technologies that can be used to control access to intranet and internet
resources. Access control includes authentication, authorization and audit. It also includes
measures such as physical devices, including biometric scans and metal locks, hidden paths,
digital signatures, encryption, social barriers, and monitoring by humans and automated
systems. In any access control model, the entities that can perform actions in the system are
called subjects, and the entities representing resources to which access may need to be
controlled are called objects. Subjects and objects should both be considered as software
entities, rather than as human users: any human user can only have an effect on the system
via the software entities that they control.
B. Authentication
The principle of authentication in e-commerce security requires that both the seller and the
buyer should be real. They should be who they say they are. The business should prove that it
is real, deals with genuine items or services, and delivers what it promises. The clients should
also give their proof of identity to make the seller feel secure about the online transactions. It
is possible to ensure authentication and identification. If you are unable to do so, hiring an
expert will help a lot. Among the standard solutions include client login information and
credit card PINs.
C. Privacy
Privacy includes preventing any activity that will lead to the sharing of customers’ data with
unauthorized third parties. Apart from the online seller that a customer has chosen, no one
else should access their personal information and account details. A breach of confidentiality
occurs when sellers let others have access to such information. An online business should put

85
in place at least a necessary minimum of anti-virus, firewall, encryption, and other data
protection. It will go a long way in protecting credit card and bank details of clients.
D. Authorization
Authorization allows a person or computer system to determine if someone has the authority
to request or approve an action or information. In the physical world, authentication is usually
achieved by forms requiring signatures, or locks where only authorized individuals hold the
keys.
Authorization is tied with authentication. If a system can securely verify that a request for
information (such as a web page) or a service (such as a purchase requisition) has come from
a known individual, the system can then check against its internal rules to see if that person
has sufficient authority for the request to proceed.
In the online world, authorization can be achieved by a manager sending a digitally signed
email (an email stamped by their personal digital certificates). Such an email, once checked
and verified by the recipient, is a legally binding request for a service. Similarly, if a web-
server has a restricted access area, the server can request a digital certificate from the user’s
browser to identify the user and then determine if they should be given access to the
information according to the server’s permission rules.
E. Integrity
Integrity is another crucial concept of ecommerce Security. It means ensuring that any
information that customers have shared online remains unaltered. The principle states that the
online business is utilizing the customers’ information as given, without changing anything.
Altering any part of the data causes the buyer to lose confidence in the security and integrity
of the online enterprise.
F. Non-repudiation
Repudiation means denial. Therefore, non-repudiation is a legal principle that instructs
players not to deny their actions in a transaction. The business and the buyer should follow
through on the transaction part that they initiated. E-commerce can feel less safe since it
occurs in cyberspace with no live video. Non-repudiation gives ecommerce security another
layer. It confirms that the communication that occurred between the two players indeed
reached the recipients. Therefore, a party in that particular transaction cannot deny a
signature, email, or purchase.

7.1.1. Purpose of E-Security

86
E-commerce security is the protection of e-commerce assets from unauthorized access, use,
alteration, or destruction. While security features do not guarantee a secure system, they are
necessary to build a secure system. The success of e-Commerce depends on the security of
data like personal details and credit card numbers transmitted over the Internet.
The main objectives of e-commerce security are:-
 Data Confidentiality – is provided by encryption / decryption.
 Authentication and Identification – ensuring that someone is who he or she claims to
be is implemented with digital signatures.
 Access Control – governs what resources a user may access on the system. Uses valid
IDs and passwords.
 Data Integrity – ensures info has not been tampered with. Is implemented by message
digest or hashing.
 Non-repudiation – not to deny a sale or purchase.
7.2. Threats of E-Security

With the evolution of technology, online shopping has become a more convenient option for
consumers, this has helped companies to engage with customers in numerous ways,
increasing their sales and becoming profitable. With the growing benefits, there are lots of
security threats that e-commerce companies face.
Let’s look at the different types of e-commerce security threats and solutions that every
business should be aware of,
Financial fraud:
In the world of e-commerce, financial fraud is a serious risk that businesses must always be
aware of. Attackers can exploit weaknesses in payment systems to steal money, potentially
causing catastrophic losses for businesses and customers alike. As more organizations move
to digital systems, it is increasingly important to understand the threats and develop effective
solutions to secure their data and protect their customers. Fortunately, there are a number of
measures that can be taken to mitigate these risks and ensure secure e-commerce transactions
for everyone involved.
Solution:
Online consumers now have access to previously unheard-of financial services from banks,
like live chat assistance, account blocking through customer care, and even the ability to
revoke payments through applications, to help reduce this threat.

87
But this doesn’t completely protect buyers from getting fraud because the simple reason is
that most do not check their bank records on occasion and this lapse allows cybercriminals to
make numerous payments. Ecommerce companies should spread awareness about the
services that help them from getting fraud.
Online buyers should also be aware of important web security markers such as HTTPS
indicators and companies must seriously consider setting up PCI DSS standards to raise the
safety levels of online transactions.
Phishing:
Phishing, also known as distributed denial of service (DDoS) attacks, are a type of cyber-
attack that targets customers of online stores through email, text message, or phone calls
made under the false pre tense of a reputable organization or in the name of well-known
brands in order to trick people into disclosing personal information like passwords, banking
information, and credit card information.
Denial of Service (DOS) and Distributed Denial of Service (DDoS) make your Ecommerce
website unstable by overloading it with requests, thus disrupting its operations. It mostly
occurs during peak times, like Black Friday. One of the signs of DOS attacks is degrading
network performance. Besides, you also see high volume of email spam or website
downtime.
Although DDoS attacks are rare, it is a major security risk that will cause trouble to your
store and damage your reputation. To counter these kinds of attacks, you must have a DoS
protection service that helps you monitor incoming traffic to the store and helps to notice and
block fraudulent entries to your online stores. It is also important to educate people about
what they should do when they receive emails, how you operate, and how to identify you as
legit, and customers need to know what they might be asked for and what might not. Use
Secure sockets layer (SSL) certificates to prevent hackers from using your ecommerce
website for phishing attempt.

Brute Force Attacks

Brute force attack is a common password cracking technique that is used by hackers, where
they will use a program to run through thousands of passwords in a hope of getting it right,
and secondly, through informed guessing they will use pieces of information from the user’s
life or through social media to identify the words that are most likely to appear as their
passwords.

88
The solution to getting protected from this kind of attack is simple. All you must do is
regularly change the passwords and create intricate and complex passwords.
Secondly, you should use multi-factor authentication for the logins such as authentication
codes sent via text message or e-mail. This helps to secure your and your client’s accounts
from getting hacked.
Bots
Bots are both good and bad. Good bots help to crawl the web pages and determine the rank of
your website on search engines, and some also help to chat with the customers.
Cybercriminals utilize bad bots to scrape websites for pricing and inventory, which changes
the cost of the products and freezes popular items in shopping carts on the site, hurting sales
and income.
The best security solution to prevent this kind of attack is to protect exposed API apps and
mobile apps, e-commerce app owners must regularly inspect for traffic sources and then
block those hosting providers and proxy servers.
MITM Attacks
A man-in-the-middle attack is a common type of security threat that e-business face which
allows the attackers to spy on the conversation between two people and can imitate both. The
most important feature of this attack is that it is hard for a person to detect this attack, where
the hackers can send you e-mails with links that would look genuine, and they will create
websites that look exactly like the original websites so that users would not hesitate to enter
confidential information. Different kinds of man-in-the-middle attacks are IP Spoofing,
HTTPS Spoofing, SSL hijacking, DNS spoofing, packet injection, e-mail hijacking, and
stealing browser cookies. The best security solution to prevent this kind of attack having
strong WEP/WAP encryption on access points prevents unwanted nearby users from joining
your network by helping you to improve your website security. You want to make sure to
change your default server login credentials, or else attackers can change your DNS servers
to their malicious servers, or even worse, they can infect your router with malicious software.
Using public key pair-based authentication also helps to ensure that you are communicating
with the right person.
Trojan horses and SQL injections
Trojan horse is a commonly used, and somewhat misused, term to refer to a malicious
program that, when executed, may cause damage or data loss without the user’s knowledge.
In general, Trojan horses are used to steal data that is stored on a computer system or to
install malware that disrupts the functionality of the computer system. Although a Trojan

89
horse is normally written to inflict harm on a computer system, it can be used for good, as
well. A Trojan horse that lures users into clicking on an attachment or visiting a website with
malicious content may infect their computer with malware. Word Press sites that use Woo
Commerce and Shopify are regularly targeted by malware via plugins and widgets upgrades.
SQL injections are a technique where hackers inject malicious code to target your database
using query submission forms. Attackers can read, change, collect, add or delete data.
Your problem is resolved by anti-malware software, which finds dangerous viruses and
unwanted or unsafe applications that compromise the security of your e-commerce website.
Additionally, it aids in the restoration of already corrupted files caused by viruses and guards
against additional dangerous code modifications to software.
Malware And Ransom ware
Malware is malicious software used by hackers to exploit, disrupt, damage, or gain
unauthorized access to your Ecommerce website. Ransom ware is a type of malware that
locks you out of your critical systems until you pay the hacker to neutralize the threat.
Social Engineering
It is a type of confidence trick to coax people into divulging confidential information. For
example, phishing techniques are used against reputed Ecommerce brands luring them into a
fake business platform to steal their credit card or login details. Apart from cheating
consumers, the technique also puts a brand’s reputation or goodwill in harm’s way.
Cross-site Scripting (XSS)
Though this type of cyber-attack doesn’t impact your whole website but exposes customer
data on that page to malware and phishing. How does it work? XSS manipulates a vulnerable
website by planting a malicious code into its webpage, thus making the website vulnerable to
security threats.

API attack
Since ecommerce architecture involves extensive use of APIs, it becomes an easy target of
cyber-attacks. An API attack refers to the malicious usage of API from automated threats,
like access violations. There is always a lingering threat for malicious API usage and data

90
breach under such circumstances. Unfortunately, it results in massive data losses and service
disruption for an Ecommerce website

7.3 Security Techniques

Security measures need to be taken in e-Commerce systems to prevent compromising the

systems. Some of these measures include building firewalls, incorporating cryptography and
authentication, and using secure connections.
A. Firewall
A firewall is hardware and software that are used to secure a private computer network
system from uninvited intruders. A firewall is used to control whether a client is permitted to
connect to the private network it protects.
Use effective e-commerce software and plugins to bar untrusted networks and regulate the
inflow and outflow of website traffic. They should provide selective permeability, only
permitting trusted traffic to go through.
You can trust the Astra firewall to stop Spam, XSS, CSRF, malware, SQLite, and many other
attacks on your website. It ensures that the only traffic that accesses your ecommerce store
consists of the real users. Moreover, we have specialized WAF solutions for Word Press,
Magneto, Open cart, Prestashop, Drupal, Joomla, and custom made PHP sites.
B. Cryptography
Cryptography is a science that provides secure communication over vulnerable channels.
Cryptography is fundamental to the success of the Internet and e-Commerce. Governments
regulate cryptographic technology because of its importance to national security.
In cryptography a message, like a credit card number, is encrypted using a key and the
encrypted message is transmitted. The receiver uses the key to decrypt the message and
convert it back to its original form. The basic elements of a cryptographic system are
algorithms, protocols and key management.

91
An example of key management is the secret-key encryption algorithms. These algorithms
are ‘secret’ because only the receiver and sender know the secret key.
Cryptography is used to provide secure transmission of data over the Internet. Private data
like credit card details or digital signatures are encrypted and then transmitted over the
Internet. Cryptography can keep a message secret and act as a gateway for identifying
senders and receivers. It provides the secure electronic transaction technology for credit card
transactions on the Internet.
C. Authentication
Authentication procedures are used to establish the identity of an individual or another
computer system. Authentication procedures can be hardware-or software based.
Authentication procedures make use of personal items of knowledge or possession such as
secret names or birth dates. Good authentication systems make use of two-factor
authentication, such as a place name and memorable date known to the user. Some banking
systems make use of three-factor authentication before allowing customers to make online
account transfers. Secure socket layer
The secure socket layer (SSL) is a layer of security between the application and the transport
protocol. The purpose of SSL is to enable secure and reliable data transmission and
communication over the Internet. The SSL provides private connection, making use of
encryption and secret-key cryptography. Authentication in SSL is achieved using public-key
cryptography, which consists of a private key that is never made public chosen by one
participant in the data exchange, and a public key chosen by the other participant in the
exchange. Either key may be used for encryption. Reliability of data transmission is achieved
by using secure hash functions like SHA or MD5. Secure hash functions check the integrity
of a message. SSL is commonly used in e-Commerce systems.
D. Use Multi-Layer Security
It is helpful to employ various security layers to fortify your security. A Content Delivery
Network (CDN) that is widespread can block DDoS threats and infectious incoming traffic.
They use machine learning to keep malicious traffic at bay.
E. Get Secure Server Layer (SSL) Certificates
One of the primary benefits of SSL Certificates is to encrypt sensitive data shared across the
internet. It ensures that the information reaches only the intended person. It is a very crucial
step because all data sent will pass through multiple computers before the destination server
receives it.
7.4. Security for Client Computer

92
From the user’s point of view, client-side security is typically the major concern. In general,
client-side security requires the use of traditional computer security technologies, such as
proper user authentication and authorization, access control, and anti-virus protection. With
regard to communication services, the client may additionally require server authentication
and non-repudiation of receipt. In addition, some applications may require anonymity (e.g.,
anonymous browsing on the Web). The data analysis on common online banks in shows, that
the client side security protection for online banking does need improvement. Most banks use
single cipher security setting system is vulnerable to virus and cyber-attacks. One of the
important characteristic of online banking is that it can offer safe and personalized customer
service anytime, anywhere and anyhow. Without sound security protection will cause online
banking transaction fail. Client side safety protection is the weakest part for online banking
service providers. The application of encryption to provide authentication and privacy of
online transactions, strong cryptography provides the basis for achieving access control,
transaction authorization data integrity and accountability.
7.5. Communication Channel Security
Communications security (COMSEC) is that measures and controls taken to deny
unauthorized persons information derived from telecommunications and ensure the
authenticity of such telecommunications. Communications security includes crypto security,
transmission security, emission security, traffic-flow security and physical security of
COMSEC equipment.
Crypto security: The component of communications security that results from the provision
of technically sound cryptosystems and their proper use. This includes insuring message
confidentiality and authenticity.
Emission security (EMSEC): Protection resulting from all measures taken to deny
unauthorized persons information of value which might be derived from intercept and
analysis of compromising emanations from crypto-equipment, automated information
systems (computers), and telecommunications systems.
Physical security: The component of communications security that results from all physical
measures necessary to safeguard classified equipment, material, and documents from access
thereto or observation thereof by unauthorized persons.
Transmission security (TRANSEC): The component of communications security that
results from the application of measures designed to protect transmissions from interception
and exploitation by means other than cryptanalysis (e.g. frequency hopping and spread
spectrum).

93
This is measure that protects private information from being disclosed to third parties.
One risk to document confidentiality is eavesdropping by unauthorized third parties
who will intercept documents as they cross the network. The main technological fix
in this category is cryptography, although simpler measures, such as the use of
passwords to identify users also play an important role.
7.6. Security for Server Computers
A server is usually a computer that contains information to be shared with many client
systems. For example, web pages, documents, databases, pictures, video, and audio files can
all be stored on a server and delivered to requesting clients. In other cases, such as a network
printer, the print server delivers the client print requests to the specified printer. Different
types of server applications can have different requirements for client access. Some servers
can require authentication of user account information to verify whether the user has
permission to access the requested data or to use a particular operation. Such servers rely on a
central list of user accounts and the authorizations, or permissions (both for data access and
operations), granted to each user. When using an FTP client, for example, if you request to
upload data to the FTP server, you might have permission to write to your individual folder
but not to read other files on the site.

94