Bachelor of Computer Applications (BCA)

E Commerce
Technologies

Yashwantrao Chavan Maharashtra Open University

Dnyangangotri, Near Gangapur Dam, Nashik 422 222
 Unit No. and Name Details

Unit 1 Introduction Enabling Technologies of the World Wide Web

 Internet Client/Server Applications
 Networks and Internets
 Internet Service Provider (ISP)
 Broadband Technologies
History of E-Commerce
 Early Business Information Exchange Efforts
 Emergence of the Internet and World Wide Web
 The Milestones
 Advantages of E-Commerce
 Online Extension of BAM Model
 Transition to E-Commerce in India
 The Information Technology Act 2000
Business Models for E-Commerce
 based on Relationship of Transaction Parties
 based on Relationship of Transaction Types
Unit 2 Marketing  Traditional Marketing
 Identifying Web Presence Goals
 Online Marketing
 Internet Marketing Trends
 Target Markets
 Marketing Strategies
Unit 3 Security  Security on the Net
 E-Business Risk Management Issues
Unit 4 Payment Systems  Digital Payment Requirements
 Digital Token-based
 Classification of New Payment Systems
 Properties of Electronic Cash (E-Cash)
 Risk and E-Payment Systems
 Digital Signature
Unit 5 Customer  Customer Relationship Management
Relationship Management  Typical Business Touch-Points
Unit 6 Supply Chain  E-Supply Chain goals
Management  E Supply advantages and benefits
 E supply and value creation for customer
Unit 7 Strategy  Information and Strategy
 The Virtual Value Chain
 Seven Dimensions of E-Commerce Strategy
 Value Chain and E-Strategy
 Strategies for Web Site Development
Unit 8 Mobile Commerce  Origins of WAP
 WAP Programming Model
 Wireless Technologies
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Unit.1 Introduction to E-Commerce and Internet Technology. (Structure)

Enabling Technologies of the World Wide Web

- Internet Client / Server Applications.
- Networks and Internets.
- Internet Service Provider (ISP).
- Broadband Technologies.
History of E-Commerce
- Early Business Information Exchange Efforts.
- Emergence of the Internet.
- Emergence of World Wide Web.
- The Milestones.
- Advantages of E-Commerce
- Online Extension of BAM Model.
- Transition to E-Commerce in India.
- The Information Technology Act 2000.
Business Models for E-Commerce.
- E-Business Model based on Relationship of Transaction Parties.
- E-Business Model based on Relationship of Transaction Types.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Enabling technologies of World Wide Web:

WWW or simply as "the Web" is able not only to access the entire spectrum of
information available on the Internet, but also to present it to the user using a single
consistent easy-to-use interface.

The ideas behind the World-Wide Web were formulated at CERN in 1989,
leading to a proposal submitted in November 1990 by Tim Berners-Lee and Robert
Cailliau for a "universal hypertext system." In the next four years the growth of World
Wide Web was expanded in various areas like science, commerce, research, government,
semi-government and now in private business and people‘s homes also.

This article describes the basic concepts behind the World-Wide Web, traces its
development over the past four years with examples of its use both inside and outside of
the high energy physics community and goes on to describe some of the extensions under
development as part of the World-Wide Web project.

World-Wide Web Concepts

The World-Wide Web is designed around two key concepts: hypertext documents
and network based information retrieval. Hypertext documents are simple documents in
which words or phrases act as links to other documents.
Typically hypertext documents are presented to the user with text that can act as
a link highlighted in some way, and the user is able to access the linked documents by
clicking with a mouse on the highlighted areas.

The World-Wide Web extends the well-established concept of hypertext by

making it possible for the destination document to be located on a completely different
computer from the source document, either one located anywhere on the network.

This was made possible by exploiting the existing capabilities of the Internet, a
world-wide network of interconnected computers developed over the preceding 20 years,
to establish a rapid connection to any named computer on the network.

To achieve this, the World-Wide Web uses a client-server architecture. A user

who wants to access information runs a World-Wide Web client (sometimes referred to
as a browser) on their local computer.

The client fetches documents from remote network nodes by connecting to a

server on that node and requesting the document to be retrieved. A document typically
can be requested and fetched in less than a second, even when it resides on the other side
of the world from the requester. (Or at least it could be in the early days of the Web; one
of the drawbacks of the enormous success of the Web is that sometimes transactions are
not as fast now as they were in the earlier, less heavily trafficked days. One of the
challenges of the Web's future is to overcome these scaling problems.)

The client-server model offers advantages to both the information provider and
the consumer. The information provider is able to keep control of the documents he
maintains by keeping them on his own computer.

Furthermore the documents can be maintained by the information provider in any

form, so long as they can be transformed by the server software into the format the client
software expects to receive. This model can naturally be extended to allow documents to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

be dynamically created in response to request from users, for example, by querying a

database and translating the result of the query into a hypertext document.

From the information consumers' perspective, all the documents on the Web are
presented in the form of hypertext. The consumer is totally unaware of how the
documents are maintained by the information provider and, unless he really wants to
know, from where the documents are being accessed

Growth of the Web:

The initial implementation of the Web client at CERN was for the NeXT
platform. This earliest browser was able to display documents using multiple fonts and
styles and was even able to edit documents, but access was limited to users.
This was followed by development of the CERN "linemode" browser, which
could run on many platforms but which displayed its output only on character-based
terminals. These early browsers were followed by the first browsers designed for X-
Windows Operating system, Viola developed at the University of California, Berkeley,
andMidas developed at the Stanford Linear Accelerator Center.

Initially the growth of the World-Wide Web was relatively slow. By the end of
1992 there were about 50 hypertext transfer protocol (HTTP) servers. At about the same
time, Gopher, a somewhat similar information retrieval tool as WWW but based on
menus and plain text documents rather than hypertext, was expanding rapidly with
several hundred servers.

During 1993 this situation changed dramatically, driven in large part by the
development of the Mosaic client by a talented and extremely enthusiastic group at the
National Center for Supercomputer Applications (NCSA) at the University of Illinois in
Champaign-Urbana.
The Mosaic client for World-Wide Web was originally developed for X-
Windows under UNIX, with subsequent versions released for both the Macintosh and PC
platforms.

The Mosaic client software added a few new key features to the World-Wide
Web:
The ability to display embedded images within documents, enabling authors to greatly
enhance the artistic of their documents; the ability to incorporate links to simple
multimedia items such as short movie and sound clips; and the ability to display forms.
Forms greatly enhanced the original search mechanism built into WWW by
allowing documents to contain fields that the user could fill in, or select from a list of
choices, before clicking on a link to request further information.
The introduction of forms to the WWW opened a new arena of applications in
which the World-Wide Web acts not only as a way of viewing static documents, but also
as a way of interacting with the information in a simple but flexible manner, enabling the
design of web-based graphical interfaces to databases and similar applications.

During 1993 the usage of WWW began to grow exponentially. As new people
discovered the Web they often became information providers themselves, and as more
information became available new users were attracted to the Web.
In comparison to Gopher (Internet Service) and FTP traffic during the same
period (FTP stands for file-transfer protocol, one of the earliest protocols developed for
the Internet and still the most widely used for transferring large files). Then after few new
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
protocols for, FTP, e-mail and NNTP (Network News transfer protocol) traffic were
developed.

Owing to the distributed management of the Internet and the World-Wide Web, it
is very difficult to obtain hard numbers about the size of the Web or the number of users.
(The number of users on the Internet, often estimated to be in the tens of millions, is itself
a contentious issue, with some estimates claiming this number to be an overestimate by
perhaps as much as an order of magnitude.) One illustration of the size of the Web came
in early 1994 when a server was set up to provide information and up-to-the minute
results from the Winter Olympics being held in Lillehammer, Norway.
The implementation of the server wasn't started until the day before the Olympics
were scheduled to start, but two weeks later the server ( they arranged mirror server in the
United States) had been accessed 1.3 million times, by users on somewhere between
20,000 and 30,000 different computers in 42 countries.

NCSA now estimates that more than a million copies of the Mosaic software
have been taken from their distribution sight, and approximate counts of the number of
HTTP servers indicates there are more than 3000 servers currently operating (Stanford
University alone has over 40 HTTP servers.

As the size of the web has increased, so has the interest in the WWW from
outside the academic community. One of the first companies to take an active interest in
the World-Wide Web was the publisher O'Reillyand Associates.
For over a year they have provided an online service, the Global Network
Navigator, using the World-Wide Web. This includes regularly published articles about
developments in the Internet, the "Whole Internet Catalog," an index of information
available on the Web, a travel section, business section and even daily online comics and
advertising, all illustrated with professionally designed icons.

The Global Network Navigator is now only one of many examples of

commercial publishers making information available on the Web, including a number of
print magazines and newspapers which are available partially or in their entirety on the
Web.
Another interesting example of commercial use of the World-Wide Web is the
CommerceNet organization. This organization, based in northern California and funded
by a consortium of large high technology companies with matching funds of $6 million
from the U.S. government's Technology Reinvestment Project, aims to actively
encourage the development of commerce on the Internet using WWW as one of its
primary enabling technologies.
CommerceNet aims to encourage companies to do business on the Internet by
making catalogs available and accepting electronic orders, and also by encouraging
electronic collaboration between companies.
One specific way that CommerceNet is enhancing WWW is by the proposed
introduction of a "secure-HTTP," which would enable encrypted transactions between
clients and servers.
This would ensure privacy, but perhaps more interestingly would also enable the
use of digital signatures, effectively ensuring that when you fill in an order form on the
Internet and submit it, it really goes to the company you believe you are ordering from
(and only them), and that they know when they receive the order that it really came from
you (and can prove it at a later date if necessary).
This mechanism also begins to address a problem of great interest to commercial
publishersthat of billing for information accessed through the Web. CommerceNet has
ambitious plans to incorporate thousands of member companies in the first year or two,
primarily in Northern California, but eventually to expand towards the much broader
horizons of the Internet.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

What Is A Client/Server?

Fig 1.1: Client Server Machines

Client A client is a single-user workstation that provides presentation services, database

services and connectivity along with an interface for user interaction to acquire business
needs.

Server A server is one or more multi-user processors with a higher capacity of shared
memory which provides connectivity and the database services along with interfaces
relevant to the business procedures. Client/Server computing provides an environment
that enhances business procedures by appropriately synchronizing the application
processing between the client and the server.

Benefits of Client Server Architecture:

Organizations often seek opportunities to maintain service and quality
competition to sustain its market position with the help of technology where the
client/server model makes an effective impact.
Deployment of client/server computing in an organization will positively
increase productivity through the usage of cost-effective user interfaces, enhanced data
storage, vast connectivity and reliable application services.
If properly implemented its capable of improving organizational behavior with
the help of the knowledgeable worker-who can manipulate data and respond to the errors
appropriately. Following are few of the applications of client server architecture.

 Improved Data Sharing:

Data is retained by usual business processes and manipulated on a server is available for
designated users (clients) over an authorized access.
The use of Structured Query Language (SQL) supports open access from all
client aspects and also transparency in network services depict that similar data is being
shared among users.

 Integration of Services:
Every client is given the opportunity to access corporate information via the desktop
interface eliminating the necessity to log into a terminal mode or another processor.
Desktop tools like spreadsheet, power point presentations etc. can be used for access of
information.

 Shared Resources Amongst Different Platforms:

Applications used for client/server model is built regardless of the hardware platform or
technical background of the entitled software (Operating System S/W) providing an open
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
computing environment, enforcing users to obtain the services of clients and servers
(database, application, communication servers).

 Inter-Operation of Data:
All development tools used for client/server applications access the back-end database
server through SQL, an industry-standard data definition and access language, helpful for
consistent management of corporate data.
Advanced database products enable user/application to gain a merged view of
corporate data dispersed over several platforms. Rather than a single target platform this
ensures database integrity with the ability to perform updates on multiple locations
enforcing quality presentation and recovery.

 Data Processing Capability:

Despite the location we are in an era which undergoes a transformation of machine-
centered systems to user-centered systems.
Machine-centered systems like mainframe, mini-micro applications had unique
access platforms and functionality keys, navigation options, performance and security
were all visible.
Through client/server users can directly log into a system despite of the location
or technology of the processors. In other words information is stored and processed in
centralized manner.

 Easy Maintenance:
Since client/server architecture is a distributed model representing dispersed
responsibilities among independent computers integrated across a network, it‘s an
advantage in terms of maintenance. It‘s easy to replace, repair, upgrade and relocate a
server while clients remain unaffected. This unawareness of change is called as
encapsulation.

Security:
Servers have better control access (Read, Write, Execute/ R-W-X) rights to users and
resources to ensure that only authorized clients can access or manipulate data and server-
updates are administered effectively. So that security is maintained and not compromised
easily.

The Purpose of Client/Server Architecture:

We are in an era where information technology plays a critical role in business
applications, considered as an area an organization would highly invest in order to widen
the opportunities available to compete the global market. ―A competitive global economy
will ensure obsolescence and obscurity to those who cannot or are unwilling to
compete‖, according to this statement it‘s necessary for organizations to support its
market position by reengineering the superior powerful organizational structures and
business practices to achieve their business goals.
In short it‘s a basic need to evolve with the change of technological aspects.
Therefore organizations should undergo a mechanism to retrieve and process its
corporate data to make business procedures more efficient to excel or to survive in the
global market.
The client/server model brings out a logical perspective of distributed corporative
processing where a server handles and processes all client requests. This can be also
viewed as a revolutionary milestone to the data processing industry.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Internet / Client Server Applications:

Client-server architecture, architecture of a computer network in which many clients
(remote processors) request and receive service from a centralized server (host
computer). Client computers provide an interface to allow a computer user to request
services of the server and to display the results the server returns. Servers wait for
requests to arrive from clients and then respond to them.
In hospital data processing, for example, a client computer can be running an
application program for entering patient information while the server computer is running
another program that manages the database in which the information is permanently
stored.
Many clients can access the server‘s information simultaneously, and, at the
same time, a client computer can perform other tasks, such as sending e-mail.

The users of the Internet interact through one of the several client-server applications. As
the name suggest, in a client-server application there are two major classes of software
the client software, which usually exists on an end-user‘s desktop and provides
navigations and display.
The other software is the Server Software, which usually exists on a workstation
or a server-class machine and provides back-end data access services, where the data can
be something simple like a file or complex like a relational database. The most widely
used client-server applications are listed below in table.

TABLE 1.1
CLIENT-SERVER APPLICATIONS

APPLICATIONS PROTOCOL PURPOSE

World Wide Web Hypertext Transport Offers access to hypertext
Protocol (HTTP) documents, executable
programs, and other Internet
resources.
E-mail Simple Mail Transport Allows the transmission of
Protocol (SMTP) text messages and binary
attachments across the
Post Office Protocol Version Internet.
(POP3)

Multipurpose Internet Mail

Extension (MIME)
File Transfer File Transfer Protocol (FTP) Enables files to be uploaded
and downloaded across the
Internet.
Chat Internet Relay Chat Protocol Provides a way for users to
(IRC) talk to one another in real-
time over the Internet.
The real-time chat groups are
called channels.
User Net Newsgroups Network News Transfer Discussions forums where
Protocol (NNTP) users can asynchronously
post messages and read
messages posted by others.

Email allows computer users to exchange messages worldwide. Each user of e-

mail has a mailbox address or user account identity, with which all main transactions are
done. Messages sent via e-mail reach their destination within a matter of seconds.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
A powerful aspect of e-mail is the option to send electronic files to a person‘s e-
mail address. Non-ASCII files known as binary files, may be attached to e-mail
messages. For example, a document created in Microsoft Word can be attached to an e-
mail message and retrieved by the recipient in any e-mail program such as pine, Netscape
messenger or Outlook Express.

Telnet
Telnet is a program that allows you to log into computers on the Internet and use
online databases, library catalogs, chat services and more. To Telnet to a computer, you
must know its address.
This can consist of words (www.yahoo.com) or numbers (204.71.200.67). Some
services may require connection to a specific port on a remote computer. In this case,
type the port number after the Internet address, for example telnet dte.vsnl.net.in to access
your Web server.
Probably the most common Web-based resource available through telnet are
library catalogues. A link to a telnet resource may look like any other link, but it will
launch a telnet session to make the connection. A telnet program must be installed on
your local computer and configured to your Web browser in order to work.

File Transfer Protocol (FTP)

This is both a program and method used to transfer files between computers on
the Internet. Anonymous FTP is an option that allows users to transfer files from
thousands of host computers on the Internet to their personal computer account.
File transfer is quite rapid. FTP sites contain books, articles, software, games,
images, sounds, multimedia, course work, data sets, and more. FTP files via search
engines such as FAST FTP search,Located at http://ftpsearch.lycos.com/.This option is
convenient because you do not need to know FTP program commands.

Chat on the Web

For the most part, businesses have ignored the potential economic outcome from
online communications. Except for e-mail, the Internet and the Web have been treated as
a medium with information flowing in only one direction—either pulled by or pushed to
the end user.
Most recently, businesses have begun to recognize that the Internet and the Web
offer the ability to engage customers in a dialogue and create virtual communities where
customers can also communicate with one another.
Chat programs are now common on the web. They are sometimes included as a
feature of a website, where users can log into the ―chat room‖ to exchange comments and
information about the topics addressed on the site. Chat may take other, more wide-
ranging forms. For example, America Online is well known for sponsoring a number of
topical chat rooms.
A variation of chat is the phenomenon of instant messaging. With instant
messaging, a user on the web can contact another user currently logged in and type a
conversation. The most famous in America Online’s Instant Messenger.

IRC
IRC is the Internet Relay Chat service in which participants around the world can
―talk‖ to each other in real-time on hundreds of channels. These channels are usually
based on a particular topic.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
While many topics are frivolous or carefree, substantive conversations also take
place. To have access to IRC, you must use an IRC software program. This program
connects you to an IRC server and allows you to visit IRC channels.
The largest nets are EFnet (the original IRC net, often having more than 32,000
people at once), Undernet, IRCnet, DALnet, and NewNet.
Generally the user (such as you) runs a program (called a ―client‖) to connect to a
server on one of the IRC nets. The server relays information to and from other servers on
the same net. Some of the recommended clients are:
UNIX / shell : ircII
Windows : mIRC or PRICH
Macintosh : Ircle

Once connected to an IRC server on an IRC network, you will usually join one or
more ―channels‖ and converse with other. On EFnet, often thereare more than 12,000
channels, each devoted to a different topic. Conversations may be public (where everyone
in a channel can see what you type) or private (messages between only two people, who
may or may not be on the same channel).

Networks and Internet:

The network is two or more connected computer which can share resource like a
printer, plotter, a file server, an internet connection, application, etc. It is a collection of
computer systems and devices which are linked together using a wireless network or via
communication devices and transmission media.

Fig 1.2 : Network and Internet

Figure : A Network with a server, a router, and a switch and clines with a shared printer.
The internet is a massive network of networks, a networking infrastructure. It
connects millions of computers together globally, forming a network in which any
computer can communicate with any other computer as long as they are both connected
to the internet. Information that travels over the internet does so via a variety of
languages known as protocols.
The internet is a worldwide network of computers that gives customers access to
information and documents from distant sources.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Figure 1.3 : Internet connecting static and dynamic (Remote) clients

Internet has the capability to transform society. With the appearance of the
internet, distance is not that big an obstacle for commerce. Internet is the most important
communication medium to have come along in the last few decades, and businesses have
to make wise use of this medium.

The value of internet lies in the connections it enables. 3 types of networks can be
created on the internet. The first type of network is the one-to-many or broadcast
network, in which a supplier provides information to a large number of users.

Figure 1.4 : Types of Networks.

For example, a website delivers news to a large number of users. The second type
of network is the one-to-one or transactional network, in which one individual connects
with other individuals to exchange information or complete transactions. For example, an
individual can send e-mails to his friends.
The third type of network is the many-to-many or group- forming network, in
which members form and maintain communicating groups. Examples of group- forming
networks are online communities and business-to-business exchanges.
In a broadcast network, the value of the network increases as the number of users
increases, but the value increases only linearly, i.e., every new member adds the same
amount of value—it does not matter how large the network has become. Therefore, the
value of the network is directly proportional to number of users (n).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In contrast, value grows at a faster pace in a transactional network. The value of
each member increases as the network becomes larger because all the members of the
network can connect with the new member—therefore, larger the number of members,
more are the number of new connections formed with the new member.
This relationship is governed by Metcalfe’s law which states that the value of
transactional network grows proportionally to the square of the number of users (n2). In
a group-forming network, if all the potential two-person groups, three-person groups and
so on are added, the total number of possible groups equals 2n.
A network-platform business like America Online uses all the 3 types of network.
When it is delivering news to its visitors, it is using the broadcast network, and hence its
value is proportional to the number of visitors to its website (n).
It provides messaging services by using transactional network, and hence its
value is proportional to the square of the number of users (n2). It also allows users to form
groups through chat rooms and online communities, and hence its value is proportional to
(2n). All the 3 types of network contribute to the overall value that AOL is able to create.
User attention shifts from accessing content to group-forming activities.
Group-forming networks can be very useful in business-to-business relationships.
Customers can organize themselves into groups and deal with companies as groups rather
than as individuals. Similarly, suppliers can form groups to collaborate among
themselves on new technologies and processes. The value that such networks generate
increases as the number of members in the network increase.

Communication Switching
Through the use of communication switching, computer networks allow
computers to transfer data using shared lines of communication such as a cable.
Communication switching works similar to telephone switching networks.
A telephone switching network eliminates the need to connect a wire between
your telephone and every telephone you may ever call Instead, the phone company
connects your phone (and everyone else‘s phone) to a set of phones.
Without a telephone switching network, if you needed to call 1000 different
people, you would need to connect 1000 lines to your phone. In a similar way, computer
networks rely on communication switches. Networks use two common methods of
communication switching to transfer data—circuit switching and Packet Switching. In
circuit switching, the switches create a single, ubnroken path between devices that want
to communicate.
Most computer networks, includeing the Interent, do not use circuit switching.
They use a technique called packet switching. In a typical terminal-to-host data
connection, the line remains idle for most of the time. Thus, with data connections, a
cuicuit-switched approach is inefficient.
In a circuit-switched network, the connection provides for transmission at a
constant data rate. Thus, each of the two devices that are connected must transmit and
receive at the same data rate as the other. This limits the utility of the network in
interconnecting host computers and terminals.
In packet switching, that are transmitted in short packets. A typical upper limit on
packet length is 1 kilobyte. If a source has a longer message to send, the message is
broken up into a series of packets. Each packet contains a portion (or all for a short
message) of the user‘s data, plus some control information. The control information, at a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
minimum, includes the information that the network requires in order to be able to route
the packet through the network and deliver it to the intended destination.

Figure 1.6 : A Packet Switching Network With a Broken Path

At each node on the route, the packet is received, stored briefly, and passed on to
the next node. In packet switching, programs break data into small pieces, called packets,
and then transmit the packets between computers. Packets are pieces of data that stay
attached to a standard set of rules (protocols) that define their size and format. Unlike
circuit switching, in a packet-switched network, data can frlow along multiple paths, as
shown in figure.
In packet-switched networks, breaking one path does not prevent the data from
reaching its destination. The Packet will simply find a different path. Each packet must
contain its destination address. As the packet travels from one computer to another, each
computer examines the packet‘s address and routes the packet to its next intermediate
hop or directly to the destination. The internet is a packet-switched network.
Think of a packet in a packet-switched newotk as a traveller flying from New
Delhi to Mumbai. Depending on the available flights, the traveller may be able to fly
non-stop (if the packet is lucky enough to get a direct connection). In most cases,
however, the traveller must stop at airports along the way (possibly in Ahmedabad or
Jaipur).
In a similar way, a packet may visit several computers as it travesl across the
Internet. As signals travel through network media (cables and wires), they become weak.
Engineers refer to this weakening of signals as attenuation. To overcome this, the
network designers use special networking devices called repeaters which amplify
network data.
Developments in Transmission
Today, the Internet is measured by the capacity of its cables ot carry information
bits to users; this carrying capacity is called bandwidth. Universities and corporations
typically connect directly to the Internet with dedicated leased lines of either 1,5,44,0000
or 45,000,000 bits per second (bps).
Each of these lines must support hundreds or even thousands of simultaneous
users. In contrast, most home users dial into Internet through the telephone network, at
narrowband rates. The modems on their computers are connected to a ―twisted pair‖ of
copper phone wires that can transmit at the rate of 14,000 to 56,000 bps. At such speeds,
the text scrolls quickly down the screen, but a large image can take several minutes to
appear.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The Internet can also be accessed at mdband speeds of 128,000 bps or more. At
midbank speeds, still images open on the screen quickly, and it becomes possible to
transmit moving pictures too, though still fuzzier or not clear and foolish.
Two of the midband technologies—Asymmetrical Digital Subscriber Line
(ADSL) and Integrated Services Digital Network (ISDN)—use wires to connect users to
the Internet through a telephone system. Another competing technology beings the
Internet to home PCc, using coaxial cables of cable television.
Network Routers
Network designers use routers to transrfer or route data between networks that
use different network technologies. Since the Internet is comprised of various networks
that use many different network technologies, routers are an integral part of the Internet.
A router has an address on the network. Using the addressing capabilitiy of
routers, the nodes on a network can send packets destined for another network to a router.
The router, in turn, will transfer the packet to the other network. To manage network
traffic, network designers also use routers to segment large sections of a Local Area
Network (LAN) to smaller segments, called subnets.
Using a routing table, routers can look-up the correct path (or the best route) from
the packet‘s current location to any destination on the network. Depending on the
network‘s requirements, a designer can implement routing tables as static or dynamic.
Connectionless versus Connection-oriented Protocols
Connectionless protocol differ from connection-oriented protocols in the way
requests and responses to requests are handled. With a connectionless protocol, clients
connects to the server, make a request, get a response, and then disconnect.
With a connection-oriented protocol, clinents connects to the server, make a
request, get a response, and then maintain the connection to service future requests.
Example of Connection-Oriented Protocol is FTP, when you connect to an FTP server,
the connection remains open after you download a file. In contrast, HTTP is a
connectionless protocol. When client connect to the servers are only limited to active
conntctions and can generally do thousands of transactions with low system overhead.

Internet Service Provider (ISP):

The US Government‘s 1991 decided to contribute in the NSFNET Backbone
beginning in 1995, sparked a massive restructing aimed at shaping the internet into a
faster and more productive tool for the business. The InterNIC corporation of public
access dial-up providers listed 80 vendors in December 1993. A year later, the list cited
more than 1500 providers. Following figure illustrates how the providers work.
Figure 1.6 : Working of ISP‘s
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Commercialization of the internet has taken place in two spheres:
commercialization of users and commercialization of ISPs. At first companies that
accessed the Internt through the existing non-profit mid-level networks were offered a
lower level of membership than the academic members.
As restrictions were break up, commercial use of the Internet became more
common, as soon as the commercialization was announed, ISPs came into companies and
individuals. Established telecommunications, cable and commercial online companies
began to offer this service. Soon, others followed.
From a physical standpoint, the internet is a network of thousands of interconnected
networks. Included among the interconnected networks are:
1. The interconnected backbones that have international reach.
2. A multitude of access / delivery sub-networks.
3. Thousands of private and institutional networks connecting various
organizational servers and containing much of the information of interest. The
backbones are run by Networks service providers (NSPs). The delivery
subnetworks are provided by the local and regional ISPs. The ISPs exchange data
with the NSPs at the Network Access Points (NAPs).

Figure 1.8: ISP‘s and NAP‘s

When a user issues a request on the internetFrom a computer, the request traverses or
visits an ISP network, moves over one or more of the backbones and across another ISP
network, to the Computer containing the information of interest.
The response to the request follows a similar path. For any given reuest and
associated response, there is no preset (Predecided) rout, in fact, the request and response
are each broken into packets, and the packets can follow different paths. the paths
traversed by the packets are determined by special computers called routers.

ISPs in india :
Internet access, in a sense, came into India in the early 1990s. ERNet, a division
of Department of Electronics (DoE), and NICNet (Department of Statistics) made the
intial role in this field. Both ERNet and NICNet are government projects, but with very
different charaters and growth histories.
The ERNet (Educational and Research Network) project was designed to provide
Internet Connectivity to the premier educational and research institutions of India. While
NICNet was assigned the provision of Internet Services Primarily to government
departments and organizations.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
NICNet was designed to provide V-SAT and dial-Up Internet access primarily to
government departments. It began with shell-only access, at 2400 bps, but now provides
high speed TCP/IP access through 64kbps V-SAT Links.
ERNet and NICNet are thus India‘s first ISPs, though their operations have been
shakled by the restrictions imposed on them by the government in the form of regulations
and policies of the DoT. Despite this, they were doing quite well in providing essential
Internet services to an Internt-Started India, until the advent of VSNL Internet services
and the restrictive clampdown / crackdown that followed.
Another provider of Internet serice that preceeded Videsh Sanchar Nigam
Limited (VSNL) is the Software only Technology Parks of India (STPI) internet service.
Again, this service was permitted only to a restricted audience, essentially the software
exporters who fall under the STP scheme of the DoE, STPI has been providing high-end
internet services through leased lines and dial-up links, in and around several parts of the
country, through the respective softNET networks.
On August 15, 1995, VSNL launched the Gateway Internet Access Service, for
providing public internet access. Starting with only dial-up shell and PPP access in the 4
metros, VSNL followed with leased-lin access to subscribers, followed by the setting up
of Points of Presence (POP) in Bangalore and Pune, VSNL has, since the inception of
GIAS, portrayed / Drawing itself in the press as India‘s only legitimate ISP, while forcing
many restrictions on the other ISPs through DoT regulations and the telecom policy.
There is no bar on the number of companies which will be given licences and
licence free is virtually non-existent –none for the first five years and apply minor rates
Rs 10 for the next 10 years. The equity for foreign investment has been kept at 49 percent
as is the norm with other telecom services opened to the private sector.
The interested companies are free to fix their tariff and there is no insistence on
coverage. E-mail companies have been decided to automatically become Internet Service
Providers (ISPs). However, pending a more defined policy, ‗conditional licences‘ will be
given to companies which have defaulted on licence fees in other services such as
cellular, radio paging and basic phone services.
The present policy is not very different from the previous one prepared by a
committee headed by Dr.Bimal Jalan and announced by a previsous government. The
policy based on Dr.Jalan Committee recommendations was announced on January 15,
1998.
The categories of ISPs have been specified. In the category A, licences are given
on an all-india basis, under the second category fall the 20 territorial (rural) circles (3-12
mile limited area) and the four metro telephone systems of Delhi, Mumbai, Chennai, and
Calcutta as well as Bangalore, Hyderabad Ahemadabad and Pune, Any secondary
switching area (equivalent to a district) from a separte category C service area with the
exception of the eight cities defined in B category. The security deposit has been fixed at
Rs 2 crores, Rs 20 lakhs and Rs 3 lakhs (Note: 1 lakh = 1000000,000, 1 crore = 100
lakhs) respecitively.
Private companies have been allowed to establishe their own gateways in
addition to using the gateways of DoT, VSNL or authoriesed public/government
organisations. But this concept is only in principle because the Government has set up an
inter-ministerial or ministry committee which will first go into security-related issues
before granting permission to ISPs to set up alternate internation gateways. Till then
subscribers to ISPs will have to grapple or make fast with the problem of congestion
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
facing existing Internet Subscribers unless the VSNL dramatically increases the number
of access nodes.
In addition to leasing transmission linkes from the DoT, ISPs are also allowed to
utilise the infrastructure planned to be set up by the Railways, State Electricity Boards,
Power Grid Corporation etc. A point of disagreement might arise over the lease charges
with the DoT likely to insist that these organisations should charge the same amount as
DoT. The railways is planning two optical fiber-based networks between Chennai and
Mumbai and Delhi and Mumbai with branches at a number of places.
There are in all 183 operating Insternet Service Providers in India. Of them 41*
ISPs are listed below.

ISPs Having All-India Licence Indclude

BSNL CMC RPG Infortech Essel Shyam

Communications

SIFY Siti Cable Network Gateway System (India) World Phone Internet
Services

VSNL Guj Info Petro Hughes Escorts Astro India Networks

Communications.
Reliance Primus Telecommu- ERNET India RailTel Corporation
nications India
Data Infosys GTL Jumpp India L&T Finance
HCL Infinet Primenet Global Tata Internet Services Tata Power Broadband
Bharti Infotel Pacific Internet India In2Cable (India) Reliance
Engineering Associates
BG Broad India Swiftmail Estel Communication Bharti Aquanet
Communications
Trak Online Spectra Net Reach Network India i2i Enterprise
Net India
Tata Tele-Services Comsat Max Gujrat Narmada Vally HCL Comnet Systems and
Services.
(Maharashtra)Fertilizers
Corporation

Terms Related to ISPs

There are some terms exclusive for ISPs.
Shell Access
Internet acess supporting only textual interfaces, with Unix or Unix-line
operating system commands. This requires ―logging in‖ to a Unix-type user account, and
then operating via textual commands or text-based menu systems. Shel access does not
use the TCP/IP network protocols between the user (client) end and the servers.
Therefore, applications like Netscape, NFS file sharing, and Internet Telephony cannot be
used.
Dial-up Modem
As opposed to leased-line modems, this device is connected between a computer
or a Data Terminal Equipment (DTE) and a conventional POTS analog telephone line.
This is used to dial in to a corresponding modem at the service provider, and connect to
the Internet or other services (e.g. INET X.25 network).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Serial Line Internet Protocol (SLIP)
SLIP is one of the popular protocols for IP access over dial-up and analog leased
lines, Now commonly authorized by Point-to-Point Protocol (PPP), it is still used by
some ISPs. SLIP and PPP are two similar methods of encapsulating TCP packets to go
over a modem line. PPP is simpler to set up, as compared to SLIP, and can handle more
types of traffic, these two enable the PCs to become part of the Internt.
Very Small Aperture (Opening) Terminal (V-SAT)
V-SAT is a satellite-base digital communication system usually consisting of 1.8
meter diameter satellite dishes establishing point-to-point connections, often via a V-SAT
Hub, a central switching system. Bandwidths can be from 2400 bps to 256 kbps.
Communcation delay is high, due to the two satellite moves between end points, and hub
latency or discontinuation.
ISP Policy of the Government of India
Given the rapid growth of Internet across the world and in india (about 0.25 million
accounts), the government came out with an Internet plicy to promote the same. The key
features are:

 Any company incorporated in India is eligible to set up an ISP.

 The foreign equity holding should be limited to 49 percent.
 Licence period would be for 15 years.
 There is no licence fee for the first five years and Rs 1 Per anum for subsequent
years.
 There will be different licences for different areas. For this purpose, the entire
country has been divided into three categories.

Category ‗A‘—the whole india.

Category ‗B‘—companies 20 telecom circles in cities like Delhi, Mumbai,
Kolkata, Chennai, Ahmedabad,
Bangalore, Hyderabad, and Pune.
Category ‗C—covers the secondary-switching areas of DoT.
 A company can get any nuumber of licences.
 There shall be no limit on number of licences that can be granted a company in a
particular area.
 International connectivity would be through gateways of DoT, VSNL or
authorized public/government organizations.

Broadband Technologies

Broadband refers to the transmission medium or the physical connection with

which users can access the internet . at speeds faster than the ones currently
prevalent. Broadband access can be through any medium—copper, fiber or wiress.
In early 1999, the US Federal Communications Commission (FCC)—which
regulates, telecommunications and broadcasting in the USA—issued a definition of
broadband, which is widely accpeted.
The FCC has defined broadband as the capabilitiy of supporting, in both the
providers to consumer (downstream) and the consumer to provider (upstream), a
speed (or in technical terms, bandwidth) in excess of 200 kbps in the last mile.
More bandwidth is needed to download a photograph in one second than one
page of text in one second. Computer programs and animated video require even
more bandwidth if they are to be downloaded in the same period of time it takes to
download a text.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The explosion in the demand for broadband can be due to various reasons.
Mediums capable of supporting broadband, such as fiber optic, have been around
since the 1950s. and for the first time, telecom companies began to pay attention for
providing broadband services in the so-called last mile—the final link between the
end user and the provider of the service.

Types of Broadband Networks.

Digital subscriber Line (DSL)
Faced with the limitations of their cable infrastructure, the telecommunications
industry needed a technology that could deliver high-bandwidth Internet access over
existing phone wiring. Integrated Services Digital Network (ISDN) was offered in the
mid 1990s with moderate success.
However, the telephone companies soon found their switched voice networks
saturated with data traffic. DSL has gained wide success. Tit is comprised of two basic
parts: a head-end device, called a Digital Subscriber Line Access Multiplexer, and a DSL
modem / router, which is found at the subscriber location.
The human ear can detect sonic waves upto the frequency of about 20 kHz. DSL
essentially modulates binary data into sonic frequencies above 20 kHz. Thus data can
―ride‖ the phone lines alongside an active voice transmission, undetected by the caller.

Cable Modems

Faced with competition as well as an increading number of customers who are

switching to digital satellite service, cable Multiple Service Operators (MSOs) needed to
quickly adopt value added services to capture and retain their customer base. One of
these services is high speed Internet Access via a cable modem.
Cable modem technology utilizes the Hybrid Fibre Coax (HDC) or the all-
coaxial infrastructure of the local cable provider. Cable modems and cable head-end
devices usually adhere to the Data Over Cable Service Interface System (DOCSIS)
initiative, This system consists of a head-end device located at the MSO and a cable
modem located on the customer‘s premises. The cable modem provides an Ethernet port
for connectivity to the customer‘s PC or network.
Bandwidth capabilities have undergone several evolutions, from 500 kbps to 4
mbps, then to 10 mpbs, and finally to 30 mbps. Manufacturers are now promising even
further bandwidth increases. However, while bandwidth on this scale may be adequate
for today‘s applications, it will suffer serious scalability issues in the future.

Passive Optical Networks (PON)

Passive Optical Networks are access networks in which fiber trunks are fed
towards end points and split into multipoint trees along the way, until reaching a
termination of the fibre run. A PON consists of Optical Line Termination (OLT) and
Optical Network Unit (ONU) equipment.
It is deemed ―passive‖ because the physical connection between the OLT and
ONUs, referred to as the Optical Distribution Netwrok (ODN), consists only of passive
components such as optical fibres, connectors, splitters, combiners, and splice points.
One OLT typically supports up to 32 ONUs; the ITU recommendation states a desired
support for up to 64 ONUs.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Wireless LAN and LMDS

Local Multipoint Distribution Service (LMDS) and IEEE 802.11 represent a

growing popularity of non-terrestrial network systems. While they both employ the use of
radio frequencies, they are vastly different in both intent and deployment.
Early in 1998, the FCC held an auction of the wireless spectrums in the rang of
28-31 GHz, which were to be utilized for LMDS implementations. This accomplishded
two things generating over a half-billion dollars of revenue for the FCC, and opening up
real competition in the local loop. While LMDS is not specifically being deployed for
local broadband services to date, it is conceivable that it will be in the near future.
The major applications being considered for the future of LMDS are wireless
consumer video and wireless Internet access. some providers are placing fixed antennae
throughout bandwidth of these systems is comparable to the sub 300 kbps DSL service
that ILECs are providing. However, the frequency band utilized is so large that the
bandwidth could be scaled much higher.

Asynchronous Transfer Mode (ATM)

ATM emerged in the early to mid-1990s as a telecommunication grown

technology that was being pushed to the enterprise LAN. Simply explained, ATM is a
Layer 2 technology that establish connection-oriented Virtual Circuits (VC) across the
network VCs can either be manualy configured, using permanent virtual circuits (PVCs),
or set up and tear down dynamically as needed, using Switched Virtual Circuits (SVCs).
Once a connection is established, data packets are segmented into 53-byte cells.
These cells are transmitted across the VC to egress ATM switch, reassembled into the
original packet, and delivered to the intended destination. This process is called as
segmentation and reassembly. ATM is a very successful telecommunication carrier space,
because it has the end-end Quality of Service (QOS) throughout the network.

10/100/1000 Mbps Ethernet

Ethernet has enjoyed phenomenal success in enterprise LANs since its inception
in the early 1980s. today, well over 90 percent of deployed networks are based on this
solid and standarized technology. It has grown from a shared 10 mbps technology, where
all users on the network contend for the same pool of bandwidth, into a switched
technology providing dedicated bandwidth to each subscriber at up to a full gigabyte of
throughput. Thosands of Ethernet devices are available to handle everything from small,
home-based networks, to wiring closets and even 500 backbones. World-Wide shipments
of Ethernet devices measure in tens of millions of interfaces.
The IEEE 802.3 committee, which is responsible for the ethernet standard, is
broken into sub-committees based on different versions of Ethernet. The following are
the specific committees:
IEEE 802.3—Ethernet (10 Mbps)
IEEE 802.3u—Fast Ethernet (100 Mbps)
IEEE 802.3z—Gigabyte Ethernet (1000 Mbps)
IEEE 802.3ae—10 Gbps Ethernet (10 Gbps): standard under
development.

E-business Models Based on the Relationship of Transaction Parties

Electronic markets are emerging in various fields. Different industries have
markets with different characteristics. For example, an information B2C market differs in
many respects from the automotive B2B market. The former represents companies that
sell digital information goods, such as news, articles, music, books, or digital videos.
In the information B2C market, the electronic infrastructure not only helps match
customers and sellers, but also acts as the distribution channel, delivering products to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
customers. In this case, the infrastructure, such as servers and networks, must support the
delivery of large files, streaming or flowing media and other types of digital goods in an
efficient way.
This B2C market over the Internet can be viewed as an open system, where the
numbner of participants is unknown. In the automotive B2B market, the products traded,
such as parts and components of cars, have a high degree of specificity. The market
infrastructure used is to be mainly based on Electronic Data Interchange (EDI)over
expensive VAN services. EDI involves the exchange of standarized, structured
information between organizations, permitting direct communication between computer
systems.
At the heart of B2B applications is the strong integration of diffeent applications.
Servers, networks, and software should provide the infrastucture to integrate Web-based
applications with mainframe and legacy systems. B2B is also a closed market in the sense
that the number of participants involved in trading is limited and known a priori or
independent.
Understanding the nature of the market‘s requirements critical for creating the
underlying e-business infrastructure. The relation between B2B and B2C models is
clearly shown below, folliwng figure B2B covers business transactions along the various
interactions existing in the value chain from procedures of raw materials to retailers and
consumers including manufacturers and distributors.

Figure 1.9 : Relation between B2B and B2C models.

In Contrast, B2C reflects only the interactions between a customer and a retailer.
Basically, B2C transactios include the following steps; (i) Account Acquisition, (ii)
Product discovery through search and browse, (iii) Price negotiation, (iv) Payment, and
(v) Product delivery. In some cases, dispute resolution and customer services may also
exist.
E-commerce can be classified according to the transaction partners such as
business-to-consumer (B2C), Business-to-Business (B2B), Business-to-Government
(B2G), Consumer-to-Consumer (C2C), and Consumer-to-Business (C2B). within these
broad categories, there are a number of variations in the way the models are
implemented. Following table summarizes some of the current e-business models. The
contents of this table are illustrated in the folrm of a diagram in figure.

TABLE 1.3
SUMMARY OF E-BUSINESS TRANSACTION MODELS

MODEL DESCRIPTION EXAMPLES

B2C Self products or services direclty to consumers. amazon.com,

B2B sells products or services to other business or MaterialSite.com,

Brings multiple buyers and sellers together VerticalNet.com,
In a central marketplace. SHOP2gether.com

B2G Businesses selling to local, state, and federal agencies. iGov.com

C2C Consumers sell directly to other consumers. ebay.com,

InfoRocket.com
C2B consumers fix price on their own, which businesses Priceline.com
Accept or decline.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Figure 1.10 : E-Business Transaction Model

Business-to-Consumer (B2C)
Consumers are increadingly going online to shop for and purchase products,
arrange financing, arrenge shipment or take delivery of digital products such as software,
and get service after the sale. B2C e-business includes retail sales, often called e-retail (e-
tail), and other online purchases such as airline tickets, entertainment venue tickets, hotel
rooms, and shares of stock.
Many traditional brick-and-mortar retailers such as Barnes and Noble are now e-
tailers with a Web storefront. These combined brick-and-mortar/online businesses are
also known as brick-and-click companies.
Some B2C e-business provide high-value content to consumers for a subscription
fee. Examples of e-business following this subscription model Include the Wall Street
Journal (financial news and articles), Consumer Reports (Product reviews and
evaluations), and eDiets.com (nutritional counselling).
B2C e-business models include virtual malls, which are websites that host many
online merchants. Virtual malls typically charge setup, listing, or transaction fee to online
merchants, and may include transaction handling services and marketing options.
Examples of virtual malls include excite.com, choicemall, women.com, networkweb.com,
amazon.com, Zshops.com, and yahoo.com.
E-trailers that offer traditional or Web-specific products or services only over the
Internet are sometimes called virtual merchants, and provide another variation on the
B2C model. Example of virtual merchants include amazon.com (books, electronics, toys,
and music), eToys.com(children’s books and toys), and ashford.com (personal
accessories).
Some businesses supplement a successful traditional mail-order business with an
online shopping site, or move completely to web-based ordering. These businesses are
sometimes called catalogue merchants, Examples include avon.com (cosmetics and
fragrances), chefs (cookware and kitchen accessories), Omaha Steaks (premium steaks,
meats, and other gourmet food), and Haary and David (gourmet food gifts).
Many people were very excited about the use of B2C on the Internet, because
this new communication medium allowed businesses and consumers to get connected in
entirely new ways. The opportunities and the challenges posed by the B2C e-commerce
are enormous. A large amount of investment has gone into this and many sites have either
come up or are coming up daily to tap this growing market.
Some of the reasons why one should opt for B2C are:

1. Inexpensive costs, big opportunities. Once on the Internet, opportunities are

immense or in large extend as companies can market their products to the whole
world without much additional cost.

2. Globalization. Even being in a small company, the Web can make you appear to be a
big player which simply menas that the playing field has been levelled by e-business.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The Internet is accessed by millions of people around the world, and definitely, they
are all potential customers.

3. Reduced operational costs. Selling through the Web means cutting down on paper
costs, customer support costs,advertising costs, and order processing costs.

4. Customer convenience. Searchable content, shopping carts, promotions, and

interactive and user-friendly interfacesfacilitate customer convenience, thus
generating more business. Customers can also see order status, delivery status, and
get their receipts online.

5. Knowledge management. Through database systems and information management

you can find out who visited your site, and how to create, better value for customers.

How does B2C work?

B2C e-commerce is more than just an online sotore. It really is about managing the entire
process, but just using technology as a tool for order processing and customer support.
Following figure depicts the processes in B2C. the B2C process is now explained in
greater detail.
1. Visiting the Virtual mall. The customer ‗visits‘ the mall by browsing the online
catalogue—a very organized manner of displaying products and their related
information such as price, description, and availability. Finding the rights product
becomes easy by using a keyword search engine. Virtual malls may includes a basic
to an advanced search engine, product rating system, content management, customer
support systems, bulletin borads, newletters and other components which make
shopping convenient for shoppers.

2. Customer registers. The customer has to register to become part of the site‘s shopper
registery. This allows the customer to avail of the shop‘s complete services, the
customer becomes a part of the company‘s
growing database and can use the same for
knowledge management and data mining.

3. Customer buyes products. Through a shopping

card system, order details, shpping charges, taxes,
additional charges and price totals are presented in
an organized manner. The customer can even
change quantitiy of a certail product. Virtual malls
have a very comprehensive shopping system,
complete with check-outforms.

4. Merchant processes the order.The merchant then

processes the order that is received from the
previous stage and fills up the necessary forms.

5. Credit card is processed. The credit card of the

customer is authenticated through a payment
gateway or a bank. Other payment methods can be
used as well, such as debit cards, prepaid cards, or
bank-to-bank transfers.
Figure 1.11: Processes in B2C
6. Operations management. When the order is passed on to the logistics people, the
traditional business operations will still be used. Things like inventory management,
total quality management, warehousing, optimization and project management should
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
still beincorporated even though it is an e-business. Getting the product to the
customer is still the most imprtant aspect of e-commerce.

7. Shipment and delivery. The product is then shipped to the customer. The customer
can track the order/delivery as virtual malls have a delivery tracking module on the
website which allows a customer to check the status of a particular order.

8. Customer receives. The product is received by the customer, and is verified. The
system should then tell the firm that the order has been fullfilled.

9. After-sales service. After the sale has been made, the firm has to make sure that it
maintains a good relationship with its customers. This is done throught customer
relationship management or CRM.

Business-to-Business (B2B)
B2B is that model of e-commerce whereby a company conducts its trading and
other commercial activity through the Internet and the customer is another business itself.
This essentially means commercial activity between companies through the Internet as a
medium.
This is supporsed to be a huge opportunity area on the Web. Companies have by
and large computerized all the operations worldwide and now they need to go into the
next stage by linking their customers and vendors.
This is done by supply chain software, which is an integral part of your ERP
application. Companies need to set up a backbone of B2B applications. Which will
support the customer requirement s on the web. Many B2B sites are company and
industry specific, catering to a community of uses, or a re a combnination of forward and
backward integration. Companies have achieved huge savings in distibution-related costs
due to their B2B applications.

Major Advantages of B2B

1. Direct interacaction with customers. This is the greatest advanted of e-business. The
unkown and faceless customer including other businesses, buying the products of a
large MNC like say HLL or Procter and Gamble through distibutors, channels, shops
and the lime, now has a name, face, and a profile. Large MNCs pay a fortune for this
information on customer buying patterns.

2. Focussed sales promotion. This information gives authentic data about the likes,
dislikes and preferences of clients and thus helps the company bring out focusses
slaed promotion drives which are aimed at the right audience.

3. Building customer loyalty. It has been observed that online customers can be more
loyal than other customers if they are made to feel special and their distinct identity is
recognized and their concerns about privacy are respected. It has also been fund that
once the customer develop a binding relationship with a site and its product, they do
not like shift loyalties or faithfulness to another site or product.
4. Scalability. This means that the web is open and offers round-the-clock access. This
provides an access never known before, to the customer. This access is across
locations and time zones. Thus a company is able to handle many more customers on
a much wider geographical spread if it uses an e-business model.
The company can set up a generic parent site for all locations and make regional
domains to suit such requirements. Microsoft is using this model very successfully.
The additional cost of serving a large segment of customers comes down drastically
once a critical mass is reached.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

5. Savings in distribution costs. A company can make huge savings in distribution,

logistical and after-sales support costs by using e-business models. Typical examples
are of computer companies, airlines, and telecom companies. This is because the e-
business models involve the customer in the business incteraction to such a level that
companies are able to avoid setting up the huge backbone of sales and support force,
which ordinarily would have to be set up.

Tools and techniques at the Disposal of B2B Enterprises

It is important to know the right marketing strategies, which would be required to sell
successfully and profitably over the Web. The Web as a medium provides you with a
unique platform to enable various strategies, which would not have been possible to
execute in a conventional scenario. Some of these are;
1. Use of pricing as a tool, there is a wealth of research on pricing used as a tool to
generate sales on the Internet. The biggest e-tailer of them all, amazon.com, made it
big by giving substantial discounts. Part of these heavy discounts is attributed to the
distributor level commiissions, which are now being passed on to the customer. Aprt
from this, companies have started giving things free on the Internet in order to get a
critical mass of subscribers, which helps in getting advertising revenues. The best
example is the Apple IMac computer machine being given free if the buyer agrees to
make a certain amount of purchase using the Apple’s e-commerce website.

2. Use of application service provider model, this is an old model of the 1970s, which
was used among mainframes, and dumb terminals, and which is being revisited with
a re attempt. Software companies are offering their packages not in CDs and boxes
but through the Web. The customer can log in over the Internet and access the
software from the web server of the company and need not download it into his PC.
This goes one step further in the age of the networked PCs where one need not use
even a hard disk and all critical application data is kept on the Web and can be
accessed from anywhere in the world. These service (which are not products) are
being offered at, say $5 an hour.

3. Use of generic models which are known for efficiency as well as personalized
attention to various business customers. The Web has given rise to a new
partnership between brick-and-mortar manufacturer, e-trailers, and express delivery
companies like FedEx. These organizations take care of the individual elements of
the customer, the order fulfillment and the post sale complaints, if any.

4. Use of compariosn shopping. The Internet has brought in a whole new concept of
price matching and comparison-shopping. Today there are sites, which will take you
to hundreds of sites to fine the cheapest product to suit your specifications. This
would never have been possible without the Internet.

Business activities between companies can be transacted over an extranet. An

extranet consists of two or more intranets connected via the Internet, where
participating companies can view each other‘s data and complete business
transactions such as purchasing.
Like B2C models, B2B models take a variety of forms. There are basic B2B
Internet storefronts, such as Staples and office depot, that provide business customers
wih purchase, order fulfillment, and other value added services.
Another B2B model is a business trading cummunity also called a vertical Web
community, that acts as a central source of information for a vertical market. A
vertical market is a specific industry in which similar products or services are
developed and sold using similar methods.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Examples of broad vertical markets include insurance, real estate, banking, heavy
manufacturing, and transportation. The information available at a vertical Web
community can include buyer‘s guides, supplier and product directories, industry
news and articles, schedules for industry trade shows and events, and classified
advertisements. MediaSpeciality.com (healthcare), HotelResource (hospitality), and
NetPossibilities (building trades) are examples of virtual vertical marketspaces.
B2Bexchanges are websites that bring multiple buyers and seller can buy from and
sell to each other at dynamic prices determined buy the exchange rules.
Following table illustrates some common elements of B2B exchanges. B2B
exchanges can be further categorized into severl ways as aggregators, trading hubs,
post and browse markets, auction markets, and fully automated exchanges.

TABLE 1.4
COMMON ELEMENTS OF B2B EXCHANGES
Elements Benefits
Centralized markspace Neutral and nonaligned with
either sellers or buyers.

Standarized documentation Users are prequalified and

regulated.

Price quotes, price history, and after-the-sale Pricing mechanism is self-

Information providedregulating.

Confidential transactions between businesses. Clearing and settlement services

provided.

B2B aggregators provide a single marketspace for company purchasing by providing

many like-formatted supplier product catalogues in one place. Examples of B2B
aggregators include e-chemicals (industrial chemicals), chemdex (chemicals), MetalSite
(steel and other metlas), and freightquote.com (shipping services).
Trading hubs are B2B sites that provide a marketspace for multiple vertical markets.
Horizontal trading hubs support buyers and sellers from many different industries.
verticalNet is an example of a horizontal trading hub.
A poineer in providing virtual vertical market-spaces, it maintains business trading
communities for many different industries, including comminications, energy, healthcare,
food service, and manufactureing. Diagonal trading hubssupport specific types of buyers
or sellers, or specific types of products across multiple industries. SHOP2gether.com is
an example of a diagonal tradin g hub.
Post and browse markets such as CATEX (insurance, reinsurance, and risk
management), CreditTrade (credit derivatives), and TechEx (life sciences intellectural
property)enable participants to post buy or sell opportunities on an electronic bulletien
board. Instreseted parties meet through the postings and negotiate transactions for
thermselves.
B2B auction markets enable multiple buyers or sellers to enter competitive bids on a
contract, Examples of B2B auction markets include e-STEEL (steel and other metals),
HoustonStrect.com (energy), Altra (energy), and Macheim Online (auto dealer auctions).
Auction markets may include reverse auctions or ―name your price‖ auctions.
In a reverse auction, a product‘s selling price continues to decline until the product is
purchased. ―Name your Price‖ auctions, which allow buyers to enter a bid for a product
or service that a seller can then provide at the bid price, are also called reverse auctions.
FreeMarkets is an exmaple of a B2B site conducting reverse auctions.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Business-to-Business transactions and Models

B2B interactions involve mush more compexity than B2C. for instance, typical
B2B transactions include, among others, the following steps: (i) Review catalogues, (ii)
Identify specifications, (iii) Define requirements, (iv) Post request for proposals (REP),
(v) Review vendor reputation, (vi) Select vendor, (vii) Fill out purchase orders (PO),
(viii) Send PO to vendor, (ix) Prepare invoice, (x) Make payment, (xi) Arrange shipment,
and (xii) Organize product inspection and reception. Due to the large number of
transacitons involved, business-to-business operations can be too risky if e-business sites
cannot guarantee adequate quality of service in terms of performance, availability, and
security.
Several models and classifications have been proposed for B2B commerce.
Following figure illustrates an electronic marketplace for B2B trading. The model could
be oriented to a vertical market (e.g. wholesale trade, chemicals, construction, and
electronics) or to a horizontal approach (e.g. office supply and logistics).

Figure 1.12 : Business-Business (B2B) marketplace.

The model can now be described as follows:

1. Aggregators. In the aggregation model, one company aggregates buyers to form

virtual buying entity and / or aggregates suppliers to constitute a virtual distributor.
For example, in the science marketplace, one compnay became the central buying
location for thousands of buyers to implement their own purchasing rules and obtain
volume discounts.
The aggregator takes the responsibility for selction and fulfillment, pricing, and
marketing segmentaion. Another example is an electronic company that offers a total
home buying service, from search to financing, under one site.

2. Hubs or process integration. Hubs or process integration focusses on producing a

highly integrated value proposition through a managed process. Hubs have been
defined as neutral Internet-based intermediaries that focus on a specific industry or a
specific business process. Hubs host electronic markets and create value by reducing
the costs of transactions between sellers and buyers.
There are examples of vertical hubs that serve a vertical market or a specific
industry, such as energy, steel, telecommunications, and plastic. In contrast,
functional hubs specialize in horizontal markets across different industries.
Functional Hubs focus on Business processes such as project managemeng and MRO
(Maintenance, Repair and Operating, and procurement). An electronic business
company that provides office supplies to many industries is a good example of a
functional hub in B2B commerce.

3. Community or alliance. In the community model, alliances are used to achieve high
value integration without hierarchical control. Members and ene-users paly key roles
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
as contributors and customers. Basically, communities produce knowledge with
economic value, such as Linux, MP3, and Open Source.

4. Content. Content is the end product of this model of B2B commerce. It has the
purpose of facilititating trading. Revenue can be generated from subscriptions,
membership or advertising. For example, there are e-companies that sell information
about contracts to bid market intelligence and analysis, and jobs by industry.

5. Auctions or dynamic pricing markets. Auctions or dynamic pricing markets handle

complex exchanges between buyers and sellers in B2B commerce. Auctions (e.g.
English, Dutch, Vickery, Reverse) are dynamic and efficient mechanisms for
mediating and brokering in complex marketplaces, like supply-chain and
procurement systems Bundle auctions allow agents to bid for bundles of items and
are useful for B2B applications such as automatic supply-chain or procurement.
In a fully automated B2B exchange, multiple buyers and sellers competitively bid on
commondities or standaradized products, and the buy and sell orders are matched
automatically paperexchange.com is a fully automated B2B exchange. A summary of
B2B models is given in following table.

Table 1.5 : B2B Summary

Type Description Example

B2B storefronts Provide businesses with purchase, Staples.com

order fulfillment,
And other value-added services. OfficeDepot.com

B2B vertical markets Provide a trading community for a HotelResource.com

specific industry.

B2B aggregators Provide a single marketspace for MetalSite.com

business purchasing
From multiple suppliers.

B2B trading hubs Provide a marketspace for multiple VerticalNet.com

vertical markets.

B2B Post and browse Provide a marketspace for buyersCATEX.COM

and sellers to entermarkets CreditTrade.com competitive bids
on contracts. TechEx.com

B2B autction markets Provide a marketspace for buyers e-STEEL.com

and sellers to enter competitive bids
on contracts HoustonStreet.com
Altra.com
FreeMarkets.com

B2B fully automated Provide a marketspace for the automatic PaperExchange.com

Matchingexchangesof standardized buy
and sell contracts

Another business model similar to B2B exchange model is the Business-to-

Government, or B2G procurement model, B2G e-business such as eFederal.com and
Gov.com in the US are hoping to tap the $18 billion per year market for governemtn
procurements that do not require a bid.
Not only do businesses sell directly to consumers and other businesses online, but
consumers are now interacting with each other to buy, sell, or trade products, personal
services, or information.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Consumer-to-Consumer (C2C)
With the C2c e-business model, consumers sell directly to other consumers via online
classified ads and autctions, or by selling personal services or expertise online. Examples
of consumers selling directly to consumers are ebay.com (auction) and TraderOnline.com
(classified ads).
There are also a number of new consumer-to-consumer expert information
exchanges that are expected to generate $6 billion in revenue by 2005. Come of these
exchanges, such as AskMe.com and abuzz, are free, and some allow their experts to
negotiate fees with clients, InfoRocket.com, one of the first question-and-answer
marketplaces, is driven by a person-to-person auction format. The InfoRocket.com
bidding system allows a person who submits a question to review the profiles of
―experts‖ who offer to answer the question. When the person asking the question accepts
an ―experts‖. Who offer to answer the question. When the person asking the question
accepts an ―expert‖ offer, InfoRocket.com bills the person‘s credit card, delivers the
answer, and takes a 20 percent commission.

Consumer-to-Business (C2B)
The C2B model, also called a reverse auction or demand collection model, enables
buyers to name their own price, often binding, for a specific good or sergice generating
demand. The website collects the ―demand bids‖ and then offers the bids to the
participating sellers. ReverseAuction.com (travel, consumer electronics) and
priceline.com (travel, telephone, mortgages) are examples of C2B e-business models.

E-business Models Based on the Relationship of Transaction Types

This business model is essentially ruled by the following two parameters:

On the basis of value addition. Value addition is the addition of value to a product or
service because of the opportunities that it offers on the Web.

On the basis of Control. At the high end of control there is hierarchical control and at the
low end there is no control, so that it is self-organizing. Normally, the control is done
throught the policies of the website.
Based on these, nine types of transactions can be identified as listed below:
 Brokerage
 Aggergator
 Info-mediary
 Community
 Value chain
 Subscription
 Manufacturer
 Advertising
 Affiliate
These transaction types take place in a variety of ways. Moreover, any
given firm may combine one or two of these as part of its Web business stragegy
, following fiture dipicts the Transaction Model.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Figure 1.13: Transaction Model

.

Brokerage Model
The characteristics of the brokerage model are as follows:
 The price-discovery mechanism is its key-principle
 It is a meeting point for sellers and buyers
 Auctions and exchanges are the modes of transactions
 It is a ‗Free Market‘
 It consists of Global Network of Buyers and sellers
 It is a virtual Marketpace enabled by the Internet
 If ecompasses all types of organization now

Advantages of the Brokerage Model

Following are the advantages of the brokerage model:

 C2C trading
(a) Allows buyers and sellers to trage directly bypassing intermediaries, and
(b) Reduces cost for both the parties.
 Global reach
 Trading convenience, which
(a) Allows trading at all hours, and
(b) Provides continuity updated information.
 Sense of cimmunity through direct buyer and seller communication.
 Efficient access to information
 Alleviation of the risks of anonymous trading.

Brokerage—Price Discovery Mechanisms

There are three kinds of price discovery mechanisms, which from the basis for the
brokerage model. They are:
1. Auction
2. Reverse Auction
3. Market Exchange
Some examples of price discovery mechanism based models are:
 B2B
 B2B sell side FastParts.com
 B2B buy side FreeMarket.com
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 B2B exchanges Covisint.com
Some Indian Brokerage sites are:
www.baazee.com
www.automartindia.com
www.steelexchangeindia.com
www.indiacar.com

Of the three mechanisms listed, the first two—auction and reverse auction—can be
discussed below.

Auction broker. Many different auction formats have emrged since the first
auction occurred in Babylon in about 500B.C Today, different auction formats are
aggregated on certain common attributes. There are open and sealed-bid auctions. There
are auctions where the price descends at regular intervals. There are single auctions and
double auctions.

English auction. The english auction is one of the most common auction
formats. It is also known as the open-outcry auction (a type of auction made by group of
people) or the Ascending-Price Auction. It is frequently used for selling art, wine, and
other physical goods, which do not have a limited lifetime.
The english auction is defined in the following way: the auctioneer starts off
auction with the lowest acceptable price or the reverse price. He then reserve bids from
the bidders until the point from which there is not raise in the bid. At that point, the
auctioneer ‗knocks down‘ the item, which indicates theat the highest bidder will receive
the item in exchange for the sum of money he bid for. Sometimes, the reserve price will
not be made known to the public. This may happen when the auctioneer is uncertain
about the price expectation of the bidders and when he wishes the bidders to totally set
the price level. As a consequence of not giving the reserve price, the item will never be
sold if the highest bid is lower than the reserve price. He then receives bids from the
bidders until the point from which there is no raise in the bid. At that point, the auctioneer
‗knockes down‘ the item, which indicates that the highest bidder will receive the item
exchange for the sum of money he bid for, sometimes, the reserve price will not be made
known to the public. This may happen when the auctioneer is uncertain about the price
expectation of the bidders and when he wishes the bidders to totally set the price level.
As a consequence of not giving the reserve price, the item will never be sold if the
highest bid is lower than the reserve price.
The bidders are often anonymous, especially if the bidding occurs through
electronic means, this is done to preserve the identity of the bidders. A well-known
bidder may increase the price expectation of the product just because a person known to
him has entered a bid. He may be his business rival. Therefore this kind of bidding will
not be beneficial for the bidders. The seller might benefit from a ‗non-anonymous‘
bidding process, if he wants to acquire the highest price possible. We must neverthless
keep in mind that some bidders might not join this bidding process which can result in a
lower finel price for the seller.
In a traditional physical auction, the auctioneer can hightgly influence the
bidding process. He can manipulate bidders with his voice, his gestures, and his
personality. Manipulation can to know each other, discuss topics of mutual interest, and
petition one another for information. These bulletin boards are public forums that
encourage open communication between users. eBay also encourages open and honest
communication between the community and the company. Frequently, the members of
the community organize grass-root movements to improve the environment in which they
work and play. More than 60 million auctions have been completed on eBay since its
inception. Following figure describes the eBay model.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig : eBay Model

The key to eBay‘s success if the trust between the buyers and sellers who make
up the eBay community, and the trust between the user and eBay, the company. To
overcome electronic information exchange exclusive to one-to-one trading, the Feedback
Forum.

How Does one bid?

First, the user needs to register as an eBay member. The registration is free and takes only
a couple of minutes. The user can then enter the auction field using his id and password.
The person has to carefully look for what he is bidding on. Consider, for example, an
item which costs $20.00. enter the maximum bid in the bid box at the bottom of the page.
Then click on the ―Review Bid‖ button. eBay will now bid on behalf of the person, up to
his maximum bid. The credit card should be placed on file with eBay. The seller, for his
part, can sit back (after entering his id and password) and watch the auction.

Security. You can insantly check the reputation or business practices of anyone at
eBay.the Feedbaack Forum is a place where users leave comments about each other‘s
buying and seling experiences at eBay. A bidder checks his seller‘s Feedback Profile,
before he places a bid, to learn about the other person‘s reputation with the previous
buyers. If a person is a seller, he follows the same procedure with the bidders.
Every eBay purchase is covered by insurance, free of charge under the terms of
eBay‘s program. If a person paid for an item and did not receive it (or if hs has received
the item in a form unline), eBay will reimburse or pay back money to buyers up to $200,
less the standard $25 deductible.
An escrow (an agreement of money between two person or organisations) service
provides added security to both the buyer and the seller, in transactions involvong
expensive items. eBay‘s escrow partner i-escrow, will hold the payment and send it to the
seller only after the merchandise has been inspected and given approval by the buyer.
The seller also is given the opportunity to inspect and approve a returned item before the
buyer gets the refund.

Reverse Auction
The reverse auction business model is decribed on the priceline website.
Priceline.com has pioneered a unique type of e-commerce known as a ―demand
collection system‖ that enables consumers to use the internet to save money on a wide
range or products and services while enabling sellers to generate incremental revenue.
Using a simple and compelling consumer proposition—―name your price‖, they collect
consumer demand (in the form of individual customer offers granateed by a credit card)
for a particular product or service at a price set by the customer and cummunicate that
demand directly to participating sellers or to their private databases. Consumers agree to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
hold their offers open for a specified period of time to enable priceline.com to fulfill their
offers from the inventory provided by the participating sellers. The fulfilled offers
generally cannot be cancelled. By requiring consumers to be flexible with respect to
brands, sellers and / or product features, they enable sellers to generate incremental
revenue without disrupting their existing distribution channels or retail pricing structures.
Priceline.com was founded in October 1997. It launched its website in april 1998,
trumpeting or announcing the idea of buyer-driven commerce as a way to use the Internet
to secure the lowest possible price on airline fares. Patent claims have been a key factor
in driving with customers in areas of airline service industry, automobile industry, hotel
reservation services industry, home financing services industry, adaptive marketing
programs, and through website banner referral.
By creating these alliances, priceline.com has been able to capture the market in these
various service ares, using their patented ―name your price‖ business model. With
competition growing, such alliances have merely given priceline.com an advantage.
Alliances formed in the automobile industry are with both new and used car dealers and
with car rentals. Ford, Honda, Nissan are a few brands available on priceline.com. some
firms have allied with priceline.com for their rental car business. The Affiliate Network
Program enables the qualified independent websites to place the priceline.com hyperlink
on their site, any referral from an independent website to priceline.com that results in
business for priceline.com, receives $10 for first time qualified user and $1 for
subsequent users.
Priceline.com has adaptive marketing programs with numerious companies. These
programs facilitate a revenue stream based on a referral programs with numerous
companies. These programs facilitate a revenue stream based on a referral basis. There
are also thrid-party participants who enable priceline.comto develop. These third parties
are indirect alliances. Priceline.com depends on the use of the third party‘s computer
systems. Some of these computer systems include: the central computer system for hotel
and airline reservations, Lending tree Inc. for home financing, the fact of experience
&communication for infrastructure, Web and database servers, and CallTech
Communications Inc. for call centre. Priceline.com‘s major sourses of revenue are
derived from the following areas:

 Airline ticket reservation services

 Hotel ticket reservation services
 New auto purchasing
 Home financing, Including mortgages, refinancing, and equity loans
 Licensing patents

Priceline‘s competitive advantages lies in its ―name your price‖ business model. It is the
world‘s first buyer-driven commerce system, and benefits both consumers and sellers by
providing a unique platform where demand and supply meet. The model is fundamentally
different from any other form of electronic commerce and it seems to revolutionize the
way people shop for products.

Aggregator Model
Classic wholesalers and retailers of goods and services are increasingly referred to as ―e-
tailers‖. Sales can be made based on list prices or through auctions. In some cases, the
goods and services are unique to the web and do not have a traditional ―Brick-and-
Mortar‖storefront.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

following are some of the aggregator models:

1. Virtual merchant. This is a business that operates only from the Web and offers
either traditional or Web-specific goods and services. The method of selling may
be by list price or auction. An example of a service merchant is Facetime, which
calls itself an ―application service provider‖. It offers live customer support for e-
commerce websites (e.g. amazon, eToys, Eyewire and OnSale).

2. Catalogue merchant. Catalogue merchant is the migration of mail order to a

Web-based order business (e.g. Levenger).

3. Surf-and-turf. This is a traditional brick-and-mortar establishment with Web

storefront. The model has the potential for channel conflict.

4. Bit Vendor. This is a merchant that deals strictly in digital products and services
and, in its purest form, conducts both sales and distribution over the Web.

5. Subscription model. In this, the users pay for access to the site. High value-
added content is essential (e.g. WallSt. Journal, ConsumerReports). Generic
news content, viable on the news-stand, has proven less successful as
subscription model on the Web.

What Do Aggregators Do?

Based on the electronic marketplace, theaggregator model by passes distributors so that

the buyers and sellers come together. Following figure can help you form an idea about
the model

To be more precise, the aggregators are the connectors between the buyers and the sellers.
They are involved in the overall process of selection, organization, matching the buyers‘
requirement with the particulars of the available goods, fulfillment of the orders and enabling
the customers to create a value about the sellers.

there are four types of aggregators such as the following:

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
1. Content aggregators. They are among the first Large-Scale sites on the Web and mostly
represent large publishing companies, e.g. pathfinder.com. their basic challenge is that
content has to be attractive enough to make the site viable. For example, CANOE and
Hockeyplus, that provide extensive statistics, analysis, pool information or cricinfo.com.

2. Mainstream aggregators. These include sites like yahoo providing a Web directory and a
search engine, along with a bunch of attractive tools like e-mail addresses, home pages,
reminders, and many others. The most attractive feature of these sites is that they have an
‗Easy-to-Remember‘ URL which is one of the reasons for them to be the top traffic sites
on the Web.

3. Event aggregators. These are site that provide in-depth content and tools tailored to the
needs of a particular group, which doubles as a clearly defined customer base, for
example, mortgages—build tools, rates, advise, and the ability to purchase mortgage
online in the same place (Microsoft‘s HomeAdvisor or HomeShark).

4. Shopping aggregarors. Shopping aggregators let consumers roam through hundreds of

sites and catalogues and find the best price in seconds. They help comsumers sift through
dozens of e-commerce sites. For example, compare.com and bizrate.com evaluate their
quality on independent basis as in the case of consumer reports.

E-commerce is forcing changes in the distribution channels that require all parties—
manufacturere, distributors, retailers,consumers and logistics companies—to evaluate their
value proposition and develop capabilities that will meet the evolving demands of the Internet
age.Implications for manufactureres, other challenges and opportunities of e-commerce are
that, it:

1. Requires investment in marketing directly related to the consumers so as to sustain

customer loyalty to their brands.
2. Relies on consumers support for the sale of products.
3. Requires brick-and-mortar enablers to function as a distribution center for local delivery
and returns, and for regular retail activity.

The distribution channel and logistics infrastructure remains largely unchanged for
products that are either perishable (a food product needed to kept in cool place) or require
contact with the product prior to selection.
The changes generated by e-commerce present equally significant opportunities and
challenges for logistics and transportation companies such as GATX, ASD Systems, Logistix,
Clickship.com, and a host of others that have sprung up or started to leverage the capabilities
of the Internet.
The implications of the model are that, for the growth of the ability to realize the
potential for Internet-generated demand for delivery from local brick-and-mortar enablers, the
same-day pickup and delivery infrstructure, will need to evolove rapidly. The fragmented
nature of the same-day puckup and delivery service has limited acheivement of delivery
density, productivity and proper marketing to reduce the cost of service.
Logistics and transportation enable who can use the same levelof technology, marketing,
operational planning, management talent to same-day service that has fuelled the growth of
the express market, will find that the pent-up demand for this service with e-commerce
models can be greater than what Frederick Smith envisioned for overnight service when he
launched Federal Express.

The capabilities needed for this model are:

 Greater investment in the brick-and-mortar infrastructure.
 Handling of inbound freight for finished goods.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Management of a more traditional distrubution network with truckload and less-than-
truckload deliveries to local distribution centers.
 Optimization of stores to support customer visits to view new products and to handle
exchanges and returns.
 Integration of the existing retailers with the online channel for sales to e-consumers.
 Handling the same-day delivery of goods and pickup returns.

Chennaibazaar.com
Chennaibazaar was officially launched on 28th Dec. 1998, initilaly offering e-commerce
services to chennaites. It is a B2C gifting and a retail shopping website. This was the first
shopping mall to be launched from Tamil Nadu. The name chennaibazaar was coined,
keeping in mind that its services and operations would be conrfined only to chennai.
Chennaibazaar started with a listing of more than 2000 departmental products, which a
chennaite could select from and get delivered at his doorstep anywhere in chennai, absolutely
free of cost. This was a cash-on-delivery model.
In june 1999, chennaibazaar was completely restructed to target only the chennai-based
NRIs, who could send gifts like cakes, flowers and sweets to their friends and relatives in
chennai. This concept became a major hit with a hign growth rate in terms of the number of
customers. Chennaibazaar.com from then onwards started to be known as the green site.
Gradually, chennaibazzar extended this service all over india and now it is very popular
among NRIs from all over the world. Through the domain says chennai, it has exteded its
service to more than 45 cities all over india.
Therefore, even though the website was set up on a modest scale, its operations now are
spread all over the world, manily helping indians living abroad to stay connected with their
people and their homeland. Chennaibazaar is also now associated with Pioneer Tradings Ltd.
In the United Kingdom, where it is operating in the name of Reachhindustan.com.
Though chennaibazaar offers a wide variety of goods for thecustomer to choose from, it
also provides the customers with the facility of goods for the customer to choose from, it also
provides the customers with the facility of mentionaning any special commodity in their
―Request a Product‖. Chennaibazaar then gets back to the customer to confirm whether the
requested commodity can be arranged by it and what would be its price.
The commodity is also then included in their shopping cart to enable the customer to
place an order for it.
Most products are purchased from the best known shops in the city, those renowned for their
quality. In case a customer wants the item to be purchased from any specific place,
chennaibazaar also provides him with the facility of placing a request in their ―Request a
Product‖. The website gets back to the customer, confirming the availability and the price of
executing this demand.
Website generally askes for a time peiord of 72 hours to complete the delivery withing
chennai and for a period of 5 days otherwise, through in some special cases like delivery in
talukas and villages the time span may be up to 7 days.
Since the site is an online merchant, it provides a variety of goods and services to its
customers. But these goods are not their own. Once the order is placed, the company secures
the products ordered from its business partners.

Some of its partners in the various segments are:

 Perfumes: Avon, Gillete, Park Avenue
 Jewellery: Oyzterbay
 Chocolates: Cadbury
 Sarees: Apoorva
 Clothing: Furore, Vanford
 Watches: Casino, Titan, Timex
 Electronics: Carrier, Kodak, Godrej, Phillips, Sumeet, BPL, Samsung, LG
 Health Checkup: Apollo Health Checkup
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Chennaibazaar.com’s merchant Banker is securetrading.com and they follow stcrict srcurity
guidelines as follows:

1. Digital signatures. Digital signatures are used throughout the system in order to ensure
that transactions arriving at a gateway are from an identifiable merchant, and that any
information passed back to the merchant is from a SECURETRADING gateway.
Each signature uniquely identifies it s source. Gateways also communicate with
each other and with the control system using such digital signatures. In the event that a
merchant‘s digital signature becomes a security risk (e.g. if their server is stolen), the
appropriate signature is immediately revoked and it will no longer function within the
system.

2. Encryption. All communication within the system is strongly encrypted using 2048-bit
RSA encryption with variable 168-bit session keys (i.e., each transaction uses a new key).
This is significantly (many billions of times) more secure than the standard browser SSL
security provided by, for example, Internet Explorer.
SECURETRADING encryption is also much more secure than that specified for
the SET (Secure Electronic Transaction) protocol. The high level of encryption used is
forecast as not being a requirement until the year 2015. The encryption is of course
totally transparent to the merchant and his / her customers.
All payments are accepted through credit cards only. The credit card details are
accepted throught the SSL protocol. All transactions are secured, powered by CGI script
capable of procesing credit card transactions, ensuring that the information is encrypted
before it is transmitted. The credit cards accepted are Amerian Express, VISA, Master
Card, and Discover.
Goods are delivered all over the would through FedEx. For delivereis in India,
items are delivered through the courier service. Every care and precaution is taken to
ensure proper quality and timely delivery of the items. Delivery is made on the date
specified. Deliveries on Sunday are available only for chennai.
Special delivery charges have to be incurred by the customer in case of delivereis
to places like the USA, Canada, etc. In case of any delay delivering the product, the
company is liable only to the extent of the price of the product.

Automortindia.com

Founded in August 1999, Automartindia Ltd. Is a typical brick-and-click joint venture,

floated by the Mahindra Group, Mahindra Information Technology Services Ltd (MITS),
Housing Development Finance Corporation (HDFC) and the established auto dealers,
Sah and Sanghi. The company is headquartered in Mumbai. The company has outlets at
prime locations in mumbai, Delhi, Bangalore, Chennai and Pune.

Automartindia Ltd lists two primary objectives:

 To simplify the process of buying and selling automobiles in the Indian automotive
space.
 To provide a high level of transparency and credibility in the used car market:
Virtues sorely lacking in the current scenario.
To this end, Automartdindia Led. Offers its customers a range of services—from choice
of a certified vehicle, to certification, finance and registration, insuarance, insurance,
valuation, etc.—that simplify the entire process and helps them make informed sales and
purchase decisions. Automartindia Ltd. Is in a unique position to leverage its intrinsic
strengths and create a unique alignment of the interests of purchasers, sellers, dealers,
automobile associations, and manufacturers.
Automartindia recognizes that a car in the India context is much more than just
transportation. It is a symbol of achievement, recognition of value and a major milestone
in the life of most of our targe groups. Hence automartindia has positioned itself as a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
companion that helps its customers achieve this milestone with the least possible
discomfort.

Services Offered

The services offered by Automartindia are:

1. Used Vehicles. Automartindia has the largest online inventory of used cars from over 70
cities in india. Moreover, its retail outlets are equipped to display at least 50 small,
medium and premium segment cars at any given point of time.
Towards providing credibility and transparancy in the highly disorganized used
car market, automartindia certification program works at two levels. While the used car
buyers can ensure what they pay for is what they get, the sellers can actually sell their
vehicles faster by avoiding prolonged negotiations and haggling once they have put all
their cards on the table.
2. New vehicles on the site. Automartindia offers its users a range of new cars from small
family cars to premium sedans (a car with seats for 4-5 people). This is coupled with
other helpful services like online reviews and technical statistics that users can avail of on
the site. They can also run a dealer search to find the dealer closest to them.
Perhaps the most daunting task in the transaction of used vehicle is the
paperwork that needs to be done. Automartincia ensures complete documentation at the
time of procurement itself. Besides this, a check on accident history is also done.
Automartindia has tie-ups with financial institutions for consumer. Loans.
This product has also been developed to plug a huge need gap in the used car
business. Warranty is provided for a period of 6 months or 8000 kms (which ever is first).
This is provided as per the original manufacturer guidelines, thus ensuring that the same
service standard is maintained for the car. This is a comforting factor for consumers of
used cars. All this comes free to a consumer, through its ―portal‖, automartindia offers:

1. C2C trading: sellers put their offerings online, buyers browse for the best possible
opportunities, the buyer contacts the seller and then the two close the
deal offline.

2. B2C trading: Dealers put their offerings, both new and used cars, on the website,
offering special discounts. The buyers may choose from this range as
well.

3. Online Store: The website offers accessories online through its dealer network.

4. Physical presence: The company has a dealer network spread across the contry and
company-owned outlets in 5 cities, where the buyers can physically
verify the condition of the cars.
Partnerships and Tie-ups
---------------------------------------------------------------------------------------------------------------------
Partner Value added
---------------------------------------------------------------------------------------------------------------------
Hyundai Motors HTML has tied up with automartindia for its exchange
programmes.

India Ltd. Under this programme, any customer walking into a Hyundai
showroom can get his card valued cand choose a brand new
Hyundai product of his choice. This scheme compliments both
companies because a customer walking into the showroom can
sell his vehicle to automartindia and in excyhange drive away
in a brand new Hyundai car.

General Motors India(GMI) automartindia has tied up a strategic relationship with General
Motors tolaunch used car outlets with GMI and its dealers.
Automartindia would provide their skill and expertise, and
 Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
GMI and its dealers would provide the infrastructure.
Indiatimes.com For developing the used car market, automartindia has tied up
with the horizontal portal, indiatimes, to operate the car sales
channel for them. This way, automartindia caters to the
registered users of Indiatimes as well.
---------------------------------------------------------------------------------------------------------------------

Info-mediary model
An organizer of virtual community is called an information intermediary or info-
mediary, who helps sellers to collect, manage, and maximize the vaue of information
about consumers. Data about consumers and their buying habits are extremely valuable,
expecially when that information is carefully analyzed and used to target marketing
compaigns. Some firms are able to function as info-mediaries by collecting and selling
information to other businesses. An info-mediary may offer users free Internet access
(e.g. NetZero) or free hardware (e.g. eMachines.com) in exchange for detailed
information about their surfing and purchasing habits. Thie is more likely to succeed than
the pure advertiseing model (Refer the Figure).
The info-mediary model can also work in the other direction, i.e. providing
consumers with useful information about the websites in a market segment that competes
for their dollar. Info-mediaries are in information business, implying that they competes
on their ability to capture and manipulte information in a manner that adds value for their
clients, who could be sellers or buyers.

Figure 1.14 : Info Mediary Model

A real info-mediary provides information services by capturing information from

both sides of a transaction. They do not own the products or services thatare shipped
directly from suppliers to customers. Many info-mediaris roday follow business models
that generate revenue from the deeper pockets on the seller side.
These models could be in the form of exclusive contractural arrangements whereby
the info-mediary is the leader in finding customers for a seller. Membership fees for
participating in an electronic market could be another source of revenue.
However, more common models involve advertising (screen) space, number of user
page views, and transactional revenue, whereby a certain percent of sales goes to the
info-mediary.
Buyer-based revenue sources are relatively rare but can be expected to increase
over the next few years as info-mediary services become valued in online shopping
environments characterized by increasing choice, complexity, and information overload.
Such sources could include membership of subscription fees, allowing access to
valued information or services, a transactional percentage, or fees based on services, such
as connecting a seller to a buyer and ensuring privacy protection. An infor-mediary front
end to the web could help protect consumers from unsolicited mailings and confusing
product selection.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Value Addition
An analysis of the general info-mediary business model reveals that info-
mediaries create and add value for the customer duding several critical phases from the
initial search of the supplier and product comparision (as to whether it fulfils the
requriements) to the actual transaction and ultimate product or service delivery (sales
fulfillment). To support the initial phase, info-mediaries leverage the potential of the
Internet to provide almost unlimited expansion of search space for consumers, thus
overcomig the limitation of physical space inherent in traditional brick-and-mortar
operations. Whilc the conventional store carry only the most popular items, amazon.com
offers millions of items, most of which are sought only by a relatively few customer with
specialized tastes.
Buyers can certainly expand their search space through search engines, but a
more organized universe provided by info-mediaries is generally preferable. For example,
at yahoo.com’s shopping area andamazon.com’szShops.com, buyers can search thousands
of stores and millions of products. Aggregating a large number of suppliers, these info-
mediaries save buyers‘ invaluable hours on tedious piecemeal searches through direct use
of search engines. Ironically, the bringing toghether of buyers and sellers becomes
increadingly necessary as the search space grows larger. In this sense, info-mediaries
create and prepetuate or to cause something to continue their own demand.
Finally, info-mediaries also provide valuable assistance to buyers to make their
purchasing decisions, by offering ―suitable‖ suggestions. This function is supported by
technology for one-to-one marketing based on online customer profiling. Amazon.com
not only anticipates book-buyers‘comments about the bok on sale.
This analysis reveals how info-mediaries help buyers expand, organize, and
optimize their search spaces with information and information technologies. For some
products, including books, CDs and flowers that are small in size and relatively easy to
ship, info-mediaries provide support through bot the requirements and the axuisition
phases. Thus, we identify two dimensions—vertical and horizontal—underlying the
manner in which info-mediaries add and create value, as represented in the form of an
info-mediary value grid: the vertical dimension is the acquisition cost.
The text ‗products‘ in figure of info-mediary model (the bottom-most block)
refers to typically information-intensive items such as books, CDs, and houses. Flowers
are not information-intensive, but infor-mediareis like 1-800-Flowers.com expand
buyers‘ search spaces by locating a florist to deliver flowers anyshere in the world on
their behalf.
Similarly, the search space for PCs is also enlarged, since buyers readily specify
any desired PC configuration, often impossible to work out in a brick-and-mortar store.
Home buyers can also benefit from info-mediaries such as Realtor.com, to navigate rhe
range of selections. To complete an acquisition however, they need to work with local
realtors collaborating with Realtor.com. for certain segments of the population (such as
people who are just too busy), frequent trips to local stores to buy common household
items and other daily necessities are inconvenient.
Start-up info-mediaries like Kozmo.com and Webvan.com provide value to busy
people by helping them save time in doing their daily chores. Kozmo.com advertise itself
by saying:‖Delivery to you in under an hour.‖

Classification of Info-mediaries

Info-mediaries like Kozmo.com can be classified, in terms of their relatiohships with

sellers and buyers, into four types based on whether these relationships are open (non-
proprietary, giving anyone free access) or closed (proprietary, restricting access). Closed
relationships imply a certain relationship-specific investment (such as membership fee),
and parties making that investment expect a return. The four types of relationships are:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
1. Specialized agents. The related proprietary network are sectioned off the broader
Internet by having closed relationships with both buyers and suppliers. Entering the
info-mediary‘s domain requires incurring cost on the part of buyers and sellers alike,
usually in the form of a fee or a certificate that they satisfy a certain membership
profile. These info-mediaries usually manage a specialized market; their business
performace depands on their ability to deliver value through scope (sufficient
numbers of sellers and buyers), specialization (a well-defined and lucrative niche),
and infrastructure (a platrofm for transactions).

2. Generic Agents. These info-mediaries maintain open relationships with both buyers
and suppliers and involove no relatoinship-specific investment. Examples include
search engines Hotbot.com and Google.com that provide open search capabilities to
any buyer looking for a supplier. The info-mediaries create valuable through their
comprehensive and unbiased service, often generating revenue from advertising,
which is priced based on eyeballs or number of unique user clicks, and the value of
screen real estate, some info-mediaries like Yahoo.com attempt to create additional
stickness by providing community and personalization service. Others like
Bizrate.com provide customers a rating system on various e-tailers‘ ability to deliver
promised services.

3. Supplier agents. Many info-mediaries start off in this quadrant, sponsored either by
specific companies with a vested interest in selling their products or by close
affiliation to the core group of sellers. Thus, they do not provide unbiased or able to
judge options for buyers. Major auto manufacturers, for example, host their own
websites.

Prior to offering other stock and mutual funds from a number of direct
competitots, the Charles Schewab website started off as a supplier agent providing
access to only its own products. The sustainability of these info-mediaries depends on
the quality of suppliers they include, provision of benefits to buyers, and the ability to
maintian a good infrstructure and seamless exchange platforms.

4. Buyer agents. These info-mediaries establish relationships with a core set of

buyers. Working on their behalf and any number of suppliers. To succeed, they must
build a large base of clients, at the same time, winning their trust. However,
extracting valuable information and constructing information pforiles, deep and
broad enough, to create substantial value for clients is a slow process. The value of
each client increases as more and more clients join the service.
Since trust is often correlated with branding, and the ability to build profile (the
strength of some pure-play Internet companies), we can see alliances between
branded companies like Disney and pre-plays like Infoseek.com in order to create
info-mediaries like Go2Net.com.

Evolution of Info-mediaries

Many early info-mediaries were sponsored by a seller or a group of sellers

wanting to participate in the e-commerce environment, where it is the agent‘s best
interest to sell the supplier‘s products. Their affiliations with suppliers are strong but
weak with buyers, who may not value a biased market of limited scope.
The negative spiral could force such info-mediary, effective in providing value-
added services, establishing partnerships that extend its product line and promoting its
website, could generate a critical mass of both consumers and suppliers sufficient to
reverse the cycle greater product and service scope attracts more buyers, and in turn more
suppliers.
A larger supplier base naturally reduces the affiliation of the info-mediary vis-à-
vis the few original sponsors. In contrast, the info-mediary does not compete on margin
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
but on its ability to deliver information and provide navigation and other value added
services to buyers. It might therefore be expected that info-mediary evolution will be
towards greater buyer affiliation and buyer sources of revenue.

Some Examples of Info-mediaries

1. Typical of generic agents, yahoo.com provides comprehensive search facilities for

both suppliers and buyers. However,l such services eventually favour buyers. For
example, if you search for the Prudential Insurance Co. from yahoo.com, you will
find the company‘s web address.
Also, you will also be linked to yahoo‘s ―Insurance Center‖ where you can fill
out a form to get quotes from insurance companies other than Prudential. The extend
to which the process for obtaining quotes is tryly competitive is the extend to which
yahoo acts as a buyer‘s agent. To be truly effective in helping clients expland,
organize, and optimize their search spaces, info-mediaries inventably evolve to be the
buyer agent.
2. In response to the Information explosion challenge for the chain-pharmacy industry,
chainDrugStore.net entered the B2B marketplace as a state-of-the-art ―info-mediary‖
hub and the wholly-owned subsidary of the NACDS. Through the
chainDrugStore.net, retailers and manufacturers will be able to streamline and target
the flow of communications, saving time and money in the current way they do
business.
For product buyers, this means being able to analyze better and manage
information and make more effective purchasing decisions. They can instantly
receive the product information they require when they ask for it. Suppliers can also
reach the right person with the right message at the right time.
3. Deja.com is the first website to unite all of the essential product research and buying
tools that consumers seek in one integrated, intelligent and intuitive or based on
feelings rather than facts service. Several product ratings and reviews, professional
reviews, in-depth product specifications, hightly intuituive product comparision tools,
discussion forums for personalized product inquiries and a comparision shopping
service, far surpass competitive services currently available to consumers.
Deja.com is a leading provider of comparision shopping resources, the company
offers consumers two powerful web-based services—the Precision Buying Service
and the Usenet Discussion Service. It is widely known for its franchise in consumer-
generated content, its role as a trusted intermediary, reliable brokering, and unbiased
information on products avilable for purchase on the Web. Its Precision Buying
Service is the company‘s promary offereing and is a full-featured buyer‘s portal that
provides consumers with a complete set of tools and resources for determining what
products to buy and where to buy them. This service is the first to bring together in a
highly integrated environment, all of the components that consumers need to make
smart buying decisions. Deja.com offers its services to sonsumers free-of-charge, and
derives its revenue from advertisers and e-commerce merchants.

Community Model
―Community‖ is an Internet buzzword these days. The dictionary defines it as
(a) A unified body of indivduals….
(b) The people with common interest living in a particular area, broadly, the area itself.
(c) An iteracting population of various kinds of individuals in a common location….

E-communities (or electronic communities) are formed when groups of people meet
online to fulfil certain needs, which include personal interests, trade goods and services,
entertain and, seek help. The viability of the community model is based on user loyalty
(as opposed to high traffic volume). Customer loyalty can be achieved by building e-
communities. First, visitors come and look for information.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Then, they start to contribute to the website by, for instantce, suggesting ways to
improve the site or its services. Finally, they work inside website by, for instance
volunteering as editors for a message board or by serving on a customer advisory board.
Users make a high investment in both time and emotion on the site. In some cases, users
are regular contibutors of content and / or money.
Having regular visitors contributes to advertising on info-mediary or specialized
portal opportunities. The community model may also run on a subscription fee for
preminum services.

Functions of Communities on the Web

1. Most people long to be accepted and loved and concered about. These along with a
desire to learn cause online communities to attract prople. Word goes around about a
discussion going on or about a place to make personal or business contracts and
visitors thus are attracted. They may end up joining the community.
2. Communities on the Internet provide information. Since they tend to revolve around
around about a particular interest of common task or hobby, they can be the sources
for sharing information. And can become deep reservoirs of technical information.
3. Communities also begest loyalty. Members develop the habit of visiting one
particular site again and again. They get so used to the site, that they develop a sense
of ownership, especially if they are involved in online communication.
4. Communities also build your business. Once people become used to a site, they are
quite comfortable making a purchase through it rather than going into unknown
territory. Communities build ―stickness‖ (the tendencey to spend a long session at a
particular site), and that in turn builds joyalty, which is return builds traffic and trust,
and trust is the common currency of business.

Community Structures

Newsletters. Newsletters, can be found structured in several predictable ways as

follows:

Newsletters. Newsletters, by definition are one-way communication. They generally use

listsever software that sends the same message to an entire list of people, and handles
new subscribers and those who wish to unsubscribe. Listserver software (sometimes
called a ―listserv‖) is also the backbone for e-mail discussion lists.

Discussion lists. One of the best ways to build a sense of community is by e-mail
discussion lists. In a typical discussion list, the listever software allows a member to send
a message to the list address, and then sends that message to all the list members, all
within a few minutes.
There are three types of discussion lists:

E-mail discussion list. all messages from the members are forwarded to other
members as soon as they are received. If a particular list is not active several hundred
messages could be on such a list. but a larger list with lots of discussion can easily
generate 50 to 100 e-mails per day and swamp many users. Lists can be configured so
that a moderator approves a message before it is sent to the members. The larger lists
usually offer a digest option.

E-mail discussion list digest. The digest collects all the messages sent to the list,
bundles them, and e-mails them in one-email to subscibers, either daily or when the
accumulation reaches a certain size, depending on how the list is set up. A digest helps
control the level of e-mail, but tends to inhibit spontaneous interactions among members
on the list.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Moderated discussion list digest.Large discussion lists are eventually forced to
limit the quantity and screen the quality of message that go out to the list members. When
people receive e-mail from the discussion list nearly every day, they begin to get
acquainted with other list subscribers and recognize them by their comments and hobby-
horses and idiosyncrasies or way of their behavirous.These various points of view make
for a rich sense of community and commonality. If one member shares a problem,
another will jump in with a solution that may work out well for the member.

Discussion lists on the Internet number in hundreds of thousands, on every

conceivable kind of topic. They are often used for product support and troubleshooting.
They can also become support groups. If you sell orthopedic equipment, for example you
discussion list could be very valuable to people who share the same need and encounter
similar problems.
If you sell hobby items, a discussion list could be a magnet for hobbyists who are
happy to share their stories about radio-controlled airplane models, dollhouse (a small
house) collectables (things that people want to collect as a hobby), antiques(something
that is special and prior). Training groups and online class discussions are another use.

Bulletin Boards

One of the struggles of e-mail-based communities is keeping ―threads‖ (different topics

of conversation) separate, sure, the subject line usually includes the topic, but if you are
reading 15 messages a day that are not sorted by topic, things will look disjointed. One
solution to this is a web-based bulletin board system. Their great strengths are:
1. Keeping threads separate
2. Allowing posts to be read, searched, and researched later by individuals who may not
have been part of the original conversation.

Chat Rooms

Another significant type of community building tool is the chat room. This is a useful
source of knowledge and information for any user. As for business people, it has a great
utility value sometimes even people from public relations schedule chats and interviews
with famous personalities. Such chats may have overwhelming (difficult to fight against
something) respeonses and may also gear up businesses for nearly every business, it is
prefered that the chats are scheduled ahead of time so thatenough people gather around
for the same topic and have a meaningful discussion.
This may give fruitful results for business starters. If a small business needs a
chat room, web hosting services often have no-or-low-cost rooms available. eGroups has
a Java-based chat rooms built into their online list areas, if there is a need for occasional
facility, but all participants need to register as group members to use the chat room. This
gives additional security for the participants.

Necessary Elements for the Community Model

What is really necessary to build a successful community? A lot of care and planning are
involved. But be sure to have:
1. A clear focus for the community that makes sense to prospective members.
2. The requisite technicial capability through your own software and hardware or a free
service.
3. A proper structure, guidelines, and parameters for the discussion to keep the group on
target.
4. A moderator responsible for each group or list.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
5. A clear strategy on how the community will benefit your business. Since
communities care a lot for maintenance, it has to achieve something to make it worth
your while.

The Bottom Line

What effects can you expect a community to have on your business‘s profit and loss
statements? Let us list them out as follows:

1. Customer statisfaction though effective customer support is difficult to believe with,

although the availability of customer support will make the product or service more
attractive, and therefore enhance sales.
2. Increased traffic leads to increased publicity. Participants or visitors to the site will
circulate the word around, and news media will write stories about the site.
3. Repeated use will develop layalty among the users towards the site.

4. Moderating or sponsoring a group puts you in the role of an expert in the industry,
and gives you and your business high visibility.
5. Narrowly focussed groups you sponsor (those who have a clear interest in your
product or service).
6. When your list is well developed you can earn some advertising revenue from e-mail
ads or banner ads, but do not start a list expecting this to be your primary revenue
stream—it probably will not develop this way for at least a year or two, if at all.

Building a community can be an extremely valuable stragey in developing your

online business. But one warning: if you treat communities as a tool of publicity and
betray them later, they will soon become a negatinve force rather than a positive one.
Make sure your community building strategy is part of carefully designed business plan
that you are committed to maintain over the long term.
The viability of the community model is based on user loyalty (as opposed to
high traffic volume). Users make high investments of both time and emotion on the site.
In some cases, users are regular contributors of content and / or money. Having users
who visit continuously offers advertising, info-mediary, or specialized portal
opportunities. The community model may also run on a subscription fee for preminum
services.

E-communities—an Indian Overview

For indian surface, the starting point of community is served by the portals, by building
community features into their sites, hopes to increase retension stickness, and
transactions. Rediff and Sify are the most active in this regard, either building community
‗channels‘ or outsourcing them the idea is to build a community around something
Indian. Sify, a typical city-community area. However, horizontal communities tend to be
loos-knit while the vertical one tend not to be.
Another major sub-category is general interest communities, focussed on sports,
music, medicine, finance, and the like. A plethora or believable of cricket-driven sport
sites have been launched. Of these, it is sure that only a few will survive, and they will be
the ones with the strongest content alliances, and while there are specialized sites on, say,
carnatic music, online medical resources have just got off the starting blocks. The bottom
line is that there are few general interest communities that have made a mark with Indian
sufers.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Sulekha.com
Anchored aournd the conepts of ‗expression‘, ‗interaction‘ and ‗community‘ that set it
apart from scores of other ‗portals‘, ‗sulekha‘ is sustained by contributions of tens of
captures like no other, the amazingly diverse and dynamic portriate of the world of
modern India and Indians.
The driving theme of Sulekha is ‗community‘. In addition to building the
definitive online Indian community, Sulekha is a pioneer in enabling offline communities
through its comprehensive and popular network of city hubs, launched for 25 US cities
and with designs to cover other cities around the world soon. Sulekha is the leading
provider of integrated online event promotion and management, membership and fund-
raising services to offline organizations. Sulekha today is the buggest ticketer of events
and movies of interest to Indians, with a successful track record.
Sulekha is part of Smart Information Worldwide, Inc. a fully funded company
with operations in Austin, USA and Chennai, India. Sulekha can easily boast of:
o Thousands of contributors from over 50 countries.
o Hundreds of thousands more who enjoy reading, watching and writing for
sulekha.
o 500,000+ pages of content, more than 90% contributed by members.
o Discussions, photographs, articles, art, events, news, reviews, recos, and much
more—all of them updated, lates,
analytical, informative, and thought provoking.

Sulekha is one of the biggest creatinve and vibrant online communities of Indians and ‗a
whole cauldron (a round container) teeming (full of people) with creativity, wit and
fun‘(free press journal). Sulekha offers several ways to contribute. It does not matter if
one is a not experienced, everyone is welcome to contribute to sulekha and become a
member of its global family of contributors.

History of Sulekha

Sulekha founded in 1998, had a humble beginning. Content for the site has grown purely
by word-of-mouth and the intense loyalty of its members. Online participation by
thousands evidently helps make the site a vibrant, loyal and dynamic platform.
Sulekha realizes the goal in a profitable manner by creating a flexible and
powerful, interactive platrofm that connects Indians worldwide through a variety of
popular and powerful services. Here are some concrete examples of how it does it:

Social Capital: Sulekha provides the most popular platform for expression and
discussions (articles/columns, coffeehouse, Web logs) that allows exchange of thoughts
and opinions. Sulekha has helped raised over $1 million / Rs 5 crores for hundreds of
cultural and charitable organizations by promoting and selling tickets for their funds and
events.

Economic Capital: Sulekha runs one of the most popular online classifieds services
worldwide, which allows for the exchange of products and services among Indians.

Political Capital: Sulekha provides a powerful platform for Indian organizations

worldwide to promote and find support for petitions advocating their causes. Sulekha has
become a highly sought-after online advertising medium because of its unparalleled
reach, unprecendented targeting (by age, gender, city, sub-ethnicity, and income), and
integrated offline / online promosions through any of the following avenues:

1. Online Advertising
2. In-theater Advertising
3. Direct Marketing
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
4. Event Sponsorship
5. Market Research

Sulekha today attract more than 500,000 unique visitors every month using one or more
of the services that it offers. Like
1. Event promotion and online ticketing.
2. Membership online
3. Fund-Raising online
4. Integrated website and community development
5. Insurance planes

Value Chain Model

Value chain moves businesses away from discrete streams of data about the product
being made to one unified pool of information—one that even extends outside the
compnay to suppliers and customers. The goal is to develop full and sealmess interaction
among all members of the chain, resulting in lower inventories, higher customer
satisfaction, and shorter time to the market.

Generalized Portal: AltaVista as a value chain Model

AltaVista company is the premier knowledge resource on the Internet. With its strong
search engine tool and patented technology, AltaVista opens up avenues in the maze of
Internet to the richest and the most relevant information on any subject from any nook of
the Web world, Web pages, shopoing, up-to-the-minute news, live audio and viedo, and
community resources.
By capitalizing on the unique Web-wide features and services, the AltaVista
network procides and distinct Internet experience through multiple integrated platforms,
as in the following:

1. AltaVista search. The world‘s fastest, most comprehensive search service available
in 25 languages with 8 distinct search dimenstions.
2. AltaVista shopping.com. The first Web-wide comparision shopping services on the
Internet, providing objective price and product comparison features to help users
make intelligent purchasing decisions.
3. AltaVista Live. The only real-time, customizable contents source on the Web,
linking content channels on topics such as money, news, sports, entertainment, and
more.
4. AltaVista raging bull. The Web‘s stickiest site, which has the Web‘s most active
community of message boards, with an emphasis on finance.
5. AltaVista free access. One of the fastest growing ISP services in the world, with
over 2 million registered users in the US and Canada.
6. AltaVista internation. Currently over half of its traffic ocmes from outside the US.
To further encourage this growth, AltaVista has recently created local sites in France,
Germany, Italy, the Netherlands, Sweden, and the UK.

The portal gives the website owner access to online traffic reporting through
Reporting.net site. With reports available at any time, the owner can assess how
effectively his affiliate network site is marketing AltaVista‘s products.

1. Search Catalogues, invetory database, auctions, classifieds, job listenings, and even
suppliers.
2. Imrove the success rate of incoming searches—new linguistic query processing tools
let customers find products even when they do not know exact product names or
model numbers.
3. Allow users to sort results by brand, price, availability, or any method.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
With these, we can tailor the search to fulfil specific requirements. They build
communities on deep and rich topics and region-specific contents. They also present
search results with the help of a customized interface. Added to all these, they
leverage AltaVista‘s global index of images, new articles, and audio and video clips.
These create a central knowledge source to help make your enterprise more
competitive. The company could link business partners, suppliers and others to the
network.

Personalized Portal : My yahoo! As a value chain Model

My Yahoo! Is the user‘s own personalized version of Yahoo! After the user gives
his personal information, My Yahoo! Allows him to collect all his favourite sections of
Yahoo! In one place. He can choose what he wants to surf, as news, weather, stock
prices, sports scores, TV and movie listings, horoscopes, and much more. It is like having
a personal secretary who would collect the favourite sections of the newspapers, give
information about mail and appointments for the day, and so on.
My Yahoo! Is absolutely free. To register, just click ‗Get your Own My Yahoo!‘
on the My Yahoo! Home page and feed in your favourite sections. My Yaho is also
completely portable, which means, a person can check My Yahoo! From work, home,
school, a friend‘s house, or a cyber café. These are just some of the things that makes My
Yahoo! A great home page. My Yahoo! Allows a user to have two pages—a home page,
and another page. The important and frequently accessed in information may be stored
here. All secondary information may be stored on the other page.
Some of the tpics that Yahoo!
 Pick your weather cities
 Track your stock quotes
 Read your choice of news
 Find local movie showtimes
 Follow your favourite sports team

Manufacturer Model
The Manufacturer or ―direct model‖, is predicated on the power of the Web to allow a
manufacturer (i.e. a company that creates a product or service) to reach buyers directly and
thereby compress the distribution channel, the manufacturer model can be based on
efficiency, improved customer service, and a better understanding of customer
preferences. In this model, the manufacturere sells its products throught the use of its
website.

Purchase. The sale of a product in which the right of ownership is transferred to the
buyer.

Lease. In exchange for a product in which the right to use the product under a ―terms of
use‖ agreement. The product is returned to the seller upon expiration or default of the
lease agreemennt may include a right-of-purchase upon expiration of the lease.

Licence. The sale of a product that involves only the transfer of usage rights to the buyer,
in accordance with a ―terms of use‖ agreement. The ownership rights remain with the
manufacturer. (e.g. in case of software licensing).

Branded Integrated content. In contrast to the sponsored-content approach (i.e. the

advertising model), brand-integrated content is created by the manufacturer itself for the
sole basis of product placement.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Tata Steel
Established in 1907 at Jamshedpur, the company is one of india‘s best known symbols of
inductrial growth. It represents the country‘s single largest, integrated steel works in the
private sector, with a market share of about 13 percent. The company is india‘s single
largest exporter of high-quality, value-added stell products. It is the producer of one of the
cheapest HR coils in the world. A blue-chip company, Tata Steel Ltd has successfully
raised $100 million through Euro bonds.
The company offers a diverse range of products and services. These include HR /
CR coils and sheets, tubes, construction bars, forging qualifity steel, rods, structureal strips
and bearings, steel plant and material handling equipment, Ferro alloys and other minerals,
software for process controls and cargo handling services. Sister companies offer tinplate,
wires, rolls, refractories, project management services, and material handling equipment.
The company has technological and strategic tie-ups with world leaders such as
thyssen, Nippon Steel, Hitachi, Posadata, and McKinsey.

E-business

Tata Steel establishes e-busines throught its website www.tatasteel.co.in

E-sales

Building a trusting, long lasting, and mutually beneficial relationship with their customers
has been Tata Steel‘s fundamental belief and driving force. This hs formed the cornerstone
of all their intiatives. In line with this, their latest offering is the self-help customer
service.
Their site offers you a collection of reports on an online basis anywhere—
anytime, easy to read directly from their SAP R/3 system. As a valued customer, you can
now access information ranging from your order status to delivery status, invoices to
credit notes, payment dues to credit status, and many more, through exclusively tailored
reports.

E-procurement

The e-procurement site is Tata Stell‘s Business-to-Busines (B2B) procurement platform.

Among the many forward looking initatives being undertaken by Tata Steel to tap the
tremendous opportunities offered by Information Technology, especially the Web, e-
procurement is one of them being used to conduct business with the suppliers.
The supliers of Tata Steel, who would become e-partners, are expected to reap lot
of benefits through this sytem.

E-auction and Tenders

The Tata Iron & Steel company was founded by the visionary Indian Industrialist
Jamshedji Nusserwanji Tata in 1907. Today, the company consists of steel works at
Jamshedpur with its own capative colliereis (a coal mine) at Jharia and West Bokaro and
ore (rock or soil from metal) mines and quarries (an artificial hole in the ground for sand)
at Noamundi and Joda. It has a wide product range that includes billets, structural bars,
strips, tubes and bearings, H-R coil, C-R coil, GP sheets and plates.
The secondary products profit Center focusses its attention on marketing of
products which are secndary to the company‘s main business. It encompasses selling of
steel scrap, used and rejected material, by-products, raw materials from works, under size
and extra generation from their collieries, and obsolete capital equipment and spares. The
division has its headquarters at Jamshedpur and the marketing office at Kolkatta.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In order to meet the customer‘s demand in the best possible manner, this site has
been launched for Tender Information and online quoting, which is the quickest method to
serve the customers.

Advertising Model
The web advertising model is an extension of the traditional media broadcast model. The
broadcaster, in this case a website, provides content (usually, but not necessarily, for fee)
and services (like e-mail, chat, forums), together with advertising messages in the form of
banner ads. The banner ads may be the major or sole source of revenue for the
broadcaster. The broadcaster may be a content creator or a distributor of content created
elsewhere. The advertiseing model only works when the volume of viewer traffic is large
or highly specialized.
Advertising-driven sites are currently one of the cornerstones of e-commerce.
The principles is simple and well known. A site offers free access to something and shows
advertisements on every page. When a user clicks on an advertisement (eyeballs) or for
every time someone clicks on the advertisement (click-through).
The same idea is popular in computer programs. Users can download and use the
program for free but advertisements are shown during operation or startu-up of the
program. In particular, advertisements can be shown when the user needs to wait for some
time consuming operation, such as printing or scanning.
It is well known that an advertisement related to the topic at hand on the site will
get higher exposure and click –through since such advertisemetns are targeted to the siet
visitors. So, the site operator earns more money if he places on the site such targeted
advertisements. When displaying advertisements in a computer program, it is possible to
targeted advertisements to the purpose of the program, e.g. a spreadsheet shows
advertisements for a stock brokering services.
Search engines use this idea as well, but relate the advertisements to the
keywords entered in a query. For instance, if someone searches information on hilidays, an
advertisement is shown for a hotel chain on the page with search results. The
advertisement can further be targeted based on the use profile for the user doing the
search.
The existence of advertising-driven sites created a business opportunity for
companies such as DoubleClick, which collects advertisements from many sources and
arranges for placements on different sites. The sources pay DoubleClick for placing their
advertisements, and this revenue is then shared with the site owners. Additionally,
DoubleClick tracks the users that view all the advertisements, which allows it to build a
user profile. This profile can then be used to more accurately target advertisements to
these users.

Web pricing Models

1. CPM or impression only (sets cost-per-thousand of guaranteed ad views)

2. Click-through (the advertiser pays based on the number of times the banner is clicked
by the user)
3. Sponsorships (package deals of impression and click-throughs)
4. Cost-per-lead (the advertiser pays when a viewer registers or submits personal
information)
5. Cost-per-Sale (agreed upon charge for the viewers who actually purchase a product or
service based on the ad)
6. Straight revenue sharing deals (the publisher receives a commiision which is paid
upon sale from an ad)

Types of Advertising on the Internet

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
1. Portals. A search engine that may include varied conttent or services. A high volume
of user traffic makes advertiseing profitable, and permits further diversification of site
services. A personalized portal allows customization of the interface and content to
user. Example: yahoo!
2. Classifieds. Lists items for sale or wanted for purchase. Listning fees are common but
there also may be a membership fee. Example: Monster.com
3. User-based paid placement. Sells favourable link positioning (i.e. sponsored links)
or advertising keyed to particular search eterms in a user query. Example: eZula.

Different Web Advertising Formulas

1. Banners. An ad appering at the top of a web page.

2. Vertical columns. On a frame web page positions alongside requested content (often
as form of sponsorship).
3. Pop-up Windows. Java script opens a browser window with an ad.
4. Interstitials. Full screen ads that appear on a web browser while a page is loading.
5. Advertorials. Content-based advertising related to an article or other site contents.
6. Intermercials. Animated full-screen ads placed at entry of a site before a user reaches
the intended content (CBS Market watch).
7. Ultramercials. Interactiver online ads that requrie the user to repond intermittently in
order to wade through the message before reaching the intended content.

Formats that permit more effective online ads.

1. Richer ad conten through sight, sound, and motion.

2. More information (larger files)
3. More interactivity
4. Larger screen size
5. More prominent screen positions
6. Less content competition
7. Reliable measurement and reporting to enable each advertiser to determine its ad
ROI—impressions, interactivity, brand sell
8. Accurate audience measurement
9. Meaningful user targeting
10. Cost-effective advertising model with rates reflecting advertiser value

Sify.com
Sify is india‘s pioneer in Internet and e-commerce, and offers integrated end to end
solutions with a comprehensive range of products and services, for both the Business-
Consumer (B2C) and Buiness-to-Business (B2B) segments, that cover the four critical
cornerstones of the Net: Connectivitiy, Content, Commerce, and Community.
Their mission is ―Making the Internet Work For You.‖
Sify enables this through the products, services and technology that they offer in
the comprehensive suite of Business-to-Business e-commerce solutions and expertise that
they provide in assiciation with global leaders. They delight customers with innovative
B2C solutions like Satyam Online, the instant Internet access package and www.sify.com,
one of India‘s most popular portals.
Sify established the first private TCP/IP public data network between all the
major cities in the country. This revolutionized business computing in india, with its
interconnectivity between multi-location offices, flexibility of platforms, addplication
software, and smooth transfer of data. theirs is the first frame relay service, the first ATM
backbone, the first public data network with 2Mbps backbone, and the first authorized
Notes public network.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Sify was the first private ISP to operate when the ISP policy was announced in
1998, pioneering this category of service with a customer focus that has made them the
qualitative leader in Internet access services. They were also the first to offer Internet
telephoney in April 2002, after the change in policy allowed it.
Sify is india‘s first and largest private Internet Service Provider. Sify pioneered
the first-off-the-shelf, ready-to-use Internet connection in a tamper-proof CD Pack.
Available in a wide range of usage packs, SatyamOnline today enables thousands of
subscribers to benefits from the power of the Internet.
Their consumer portal www.sify.com aims to enhance the quality of user‘s lives
by making them more efficient, connected, and aware of the world around them. The
portal has many pioneering initiatives with regard to shopping, managing one‘s financial
portfolio and brand promosions, in addition to mail, messaging, and search.
As sify, their objective is to be a one-step, e-solutions shop with a range of
innovative and cost-effective IT solutions, products, and services. That is why they hve
formed alliances with leaders in e-commerce, Internet commerce, and network solutions.
And they are strategically poised to give their clientele the best there is .
Sify‘s customer care processes are ISO 9002 certified—the first and only
national Internet Service Provider to have such a certification.
So, at sify, you‘ll find Customer Care Centers across the country, providing
anytime, anywhere support. These 24-hours Centers have dedicated teams of tranied
customer care executive who address and diagnose all queries and problems related to
SatyamOnline Internet access, swiftly and accurately.
In theirpursuit towards making organizations and the economy Internet driven,
they are allied with those providing IT solutions, sales partners of our Internet-based
products and services, Web-based solution providers including website designers and web
hosting service providers, and online content providers.

Subscription Model
Usera are charged a periodic—dily, monthyl, or annual-fee to subscribe to a service. It is
not uncommon for sites to combine free content with ―preminum‖ (i.e subscriber or
member-only) content. Subscription fees are incurred irrespective of actual usage rates
subscription and advertising models are frequently combined.

Content services provide text, audio, or video content to users who subscribe for a fee to
gain accessto the service. Example: Netflix.com

Person-to-person Networking Services are conduits for the discribution of user-

submitted
information, such as individuals searching for former schoolmates. Example:
Classmates.com code of conduct, and in which members pay asubscription fee. Example:
Truste.com montyly subscription.

Internet Services Providers offer network connectivity and related services on a montyly
subscription. Example: America Online.The organization makes money on the basis of
membership / subscription.

Some popular topics of subscription model are

o Existing newsletter topics
o Trade associations.
------------------------------------------------------------------------------------------------------------
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

eGrucool.com
NIIT‘s vast experience in the field of educaion and eGurucool‘s expertise and in depth
understanding of the curricula have come together to make this a good site for e-eduction.
Students are assured of a holistic learning experience that ensures a rewarding
performance in school and board examinations, apart from the building up of a strong
concepturla foundationfor later life.
The salient features and benefits of the eGrucool way of learning are:

 Weel structured lesson plans that generate interest, curiosity, and provide clarity
about the objectives that sould be achieved through the lessons. This ensures that
students are drawn towards the lesson and derive maximum benefit from it.

 The lesson is not overloading, and is administered step-by-step. It is build

textual. It incorporates the attributes of a very good teacher who asks, stimulates,
prods, cajoles, and ispires.

 Technology is used wherever necessary—not to dazzle or distract but to provide

greater insight through interactivity—without distrupting the flow of the lesson.

Courses offered

An array of courses from eGrucool for students and teachers, course help and test
preparation modules plus value-added services that enhance the qualitiy of education.

 CBSE Programs
 ICSE Programs
 Maharashtra Board Programs
 IIT JEE Programs

eConnect

This is a service that empowers schools by connecting students, teachers and parents
24 hours a day and 7 days a week! It includes creation and maintenance of school
websites, onlie classnotes and assitgnments, and performance tracking. Through
eConnect, eGrucool has tie-ups with over 1600 schools across the country and is here
to change the way schools look at education.

Course Structure

The program is designed to cover the entire syllabus prescribed for a class:

 The theory and concepts of each chapter are covered in detail in the class,
illustravtive examples are used to reinforce concepts.
 Regular assignements and tests with ‗ideal‘ solutions.
 Mid-course assessment is done through a set of section tests.
 A set of full length tests that closely simulate the board pattern. A minimum of 7
tests.
 In addition to lectures, students also get printed booklets as study material.

E-Services

This is a web-based service that connects students, teachers and parents round-the-
clock, 7 days a week. It allows student to access classnotes and assignements
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
prepared by teachers and track their academic performance. Besides, eConnect
provides an online marking tool for multiple choice questions.

Within an year of its launch, the eConnect offers:

1. eAssignments. Homework gets exciting. eAssignemtns give students access to their
assignemetns wherver they are.
2. eClassnotes. Notes are just a click away. eClassnotes provide value-based synopsis
and insight into the forthcoming topics.
3. Online MCQ test. Allows students to take MCQ tests online and gauge their
performance instantly.
4. Performance tracker. This allows studetns and their parents to access their
performance graphs.
5. Online Quizzes. Subject and chapter-specific quezzes are available for all students
from Class IX to Class XII.

eAssignments

eAssignements allow teachers to put up their assignemtns for the class on eht web. So
studetns can access it anytime….wherever there is a computer. This makes learning
exciging, and helps students learni beyond the confines of their classrooms.
In short, eAssignments are an extension of value added information that teachers
provide in classrooms. It increases pace of learning, integrates concept learning and test
preparation, and undoubtedly gives a better forum for discussion.
eAssignemtns are supported by onjective type questions which the students can
answer online and get an instant evaluation. The subjective assignments can be submitted
online or in class.

Benefits for students

 Assignments provide theoretical and conceptual clarity.
 Assignments integrate concept understanding and test preprataion.
 Assignments facilitate avenues for self-assessment by providing instant
evaluation of objective questions.

Benefits for teachers

 Assingments facilitate effective classroom discussions.
 Assignments allow closer interaction among the teachers and students.
 Automatted checking of objective questions saves time.

Benefits for Parents

 Makes it easy for their wards to access reference material.
 Objectives and subjective questions provide easy testing facility at home.
 Parents can keep tracking of what is taught in the class and also follow up on
their ward‘s performance.

eClassnotes

eClassnotes are a compilation of notes. A value-based synopsis, eClassnotes also offer

students an insight into the forthcoming topics. The notes are also archived to facilitate
revision. Prepared by school teachers, these notes are password protected and can be
accessed at a convenient time.
eClassnotes provide an extension of value added information that teachers give in
classrooms. It increases the pace of learning, integrates concept understanding and test
preparation, and undoubtedly provides a better forum for discussions tna interaction
amonges teachers and students.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Online MCQ Test

This allows student to take MCQ test online. Not only this, an automated in-buil tool
does an instant evaluation. Students get a fair idea of their preparation as both the
questions and the answers are provided by their school teachers.
An extension of value added information that teachers provide in classrooms,
MCQ tests provide ease of accessibility, besides incoreasing the pace of learning while
integrating concept internatlization and test preparation.

Performance Tracker

An automated, user-friendly and efficient online systm, the performance tracker keeps
track of a student‘s academic perfmance througout the year.
It generates descriptive report cards—class, student, test and subject-wise—and
provides information on a student‘s individual performance. Besides, it provides a
comparative analysis vis-à-vis the class for all the exams and class test conducted in a
year. The performance tracker archives all the marks saved.
Moreover, teachers are saved from all the labourious calculations that are
associated with the preparation of report cards. The teacher simply has to login and feed
in the marks for every exam and test conducted. The in-built tool in the performance
tracker automatically makes new calculations for grand total, aggregate percentage, and
class average, and accordingly updates the report card. While making calculations, it
even takes into account the weightage awarded to class test and term-exams. Teachers
can subsequently take printouts of the results for reference and qualititive feedback to the
parents.
Performance trakcer, being online, can be referred to without the constraints of
time. Separate login IDs are provided to teachers, students and parents to access the
same.

Course activation

Course activation is a one-time process. Once you have activated your course, you can
access it straightway from the ‗My Account‘ area.
Enter the order number and course code for the course given in your strater kit.
Enter course activation pin and the click SUBMIT button.
----------------------------------------------------------------------------------------------------------

Affiliate Model
In contrast to the generalized portal, which seeks to drive a high volume of traffic to one
site, the affiliate mode provides purchase opportunities wherever prople may be surfing.
It does this by offering finantial incentives (in the form of a percentage of of revenue) to
affiliated partner sites. The affiliates provide purchase-point click-through to the
merchant. It is a pay-for-performance model—if an affiliate does not generate sales, it
represents no cost to the merahcnt. The affiliate model is unherently well-suited to the
Web, which explains its popularity. Variations include banner exchange, pay-per-click,
and revenue-sharing programs.

Banner exchange. it trades banner placement among a network of affiliated sites.

Pay-per-click. It offers a percent-of-scale commission based on a user click-through in

which the user subsequently purchases a product.
The affiliate saves the expense of handling inventory, advertising and promoting
the produt, and processing the transaction. In fact, the affiliate risks no funds whatever.
Cdnow.com and amazon.com were two of the first companies to create successful affiliate
programs on the web. CDnow‘s Web Buy program, which includes more than 250,000
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
affiliates, is one of CDnow‘s main sources for new customers. The amazon.com program
has over 4000,000 affiliate sites. Most of these affiliate sites are devoted to a specific
issue, hobby, or other interest. Affiliate sites choose books or other items that are related
to their visitor‘s interests and include links to the seller‘s site on their Web pages.
Books and CDs are natural for this type of shared promotional activity, but
sellers of other products and services also have successful affiliate marketing programs.
One of the more interesting marketing tactics made possible by the Web is cause
marketing, which is an affiliate marketing program that benefits a charitable organization
(and, thus, supports a ―cause‖).
In cause marketing, the affiliate site is created to benefit the charitable
organizaion. When visitors click a link on the affiliate‘s web page, a donation is made by
a sponsoring company. The page that loads after the visitor clicks the donation link,
carries advertising for the sponsoring companies. Many companies have foind that the
click-through rates on these ads are much higher than the typical banner ad click-through
rates.
A leading retail Web florist, proflowers.com, has had excellent results
advertising on the Hunger site page. When a visitor clicks the button on this page, a
group of sponsoring advertisers donates food to a hungry person a page appears in the
visitor‘s browser with ads for the sponsors.

History of E-Commerce and Indian Business

Context
When the technology bubble burst in 2000, the crazy valuations for online
companies vanished with it, and many businesses folded up. The survivors plugged on as
best they could, encouraged by the growing number of Internet Users. Now valuations
are rising again and some of the dotcoms are making real profits, but the business would
has become much more Watchful about the Internet‘s potential. An surprising thing is
that the wild reasoning about future was made the height of the explosion, namely that
vast chunks of the world economy would move into cyberspace, are in one way or the
other coming true.
According to America‘s department of commerce, online retail sales in the US
market in 2007 was about 130 billion. But the commerce dapartment‘s figures deal with
only part of the retail industry. For instance, they exclude online travel services, financial
services, ticket sales agencies, (a$2 billion business in America in 2003), online dating
and a host of other activities, from tracing founders to gambling (worth perhaps $6 billion
worldwide).
The commerce department‘s figures include the fees earned by internet auction
sites, but not the value of goods that are sold an surprisingly $7 billion worth of trade was
done in 2006 one e-Bay, nor by definition, do they include the billions of dollars worth of
goods bought and sold by businesses connecting to each other over the internet. Some of
these B2B services are proprietary for example, WalMart tells its suppliers that they must
use its own system if they want to be part of its annual turnover of $350 billiion.
The interent is profoundly changing consumer behaviour. One in five customers
waling into a dry department store in America to buy an electrical appliance will have
researched their purchase online—and most will know down to a dime (a US Coin) what
they intend to pay. More surprisingly, three out of four Ameriancs start shopping for new
cars online, even though most end up buying them from traditional dealers.
The difference is that these customers come to the showroom armed with
information about the car and the best available deals, sometimes they even have
computer printouts identifying the particular vehicle from the dealer‘s stock that they
want to buy.
People seem to enjoy shopping on the internet, if high customer-satisfaction
scores are any guide. Websites are doing ever more and cleverer things to serve and
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
entertain their customers, and seem set to take a much bigger share of people‘s overall
spending in the future. This has enormous implications for business.
A company that neglects its website may be committing commercial suicide. A
website suggests a useless company, and arival is only a mouse-click away. But even the
coolest website will be lost in cyberspace if people cannot find it, so companies have to
ensure that they appear high up in internet search results.
The other way to get noticed online is to offer goods and services through one of
the big sites that already get a lot of traffic. Ebay, Yahoo! And Amazon are becoming
huge trading platrofms for other companies. But to take part, a company‘s products have
to stand up to intense price competition.
People check online prices, compare them with those in their local high street and
may well take a peek at what customers in other countries are paying. Even if websites
are prevented from shipping their goods abroad, there are plenty of web based
enterpreneurs ready to oblige.

Early Business Information Interchange Efforts

The Emergence of large business organizations in the late 1800‘s and early 1900‘s
triggered the need to create and maintain formal records of business transactions. In the
1950s, companies began to use computers to store and process internal transaction
records, but the information flows between businesses continued to be on paper, Purchase
orders, invoices, bills of lading, cheques, remittance advices, and other standard forms
were used to document transactions.
The process of using a person or a computer to generate a paper form, mailing
that form, and then having another person enter the data into the trading partner‘s
computer was slow, inefficient, expensive, redundant, and unreliable, by the 1960s,
businesses that engaged in large volumes of transactions had begun exchanging
transaction information on punched cards or magnetic tape. Advances in data
communications technology eventually allowed trading partners to transfer data over
telephone lines instead of shipping punched cards or magnetic tapes to each other.
Although these information transfer agreements between trading partners
increased efficiency and reduced errors, they were not an ideal solution. Since the
translation programs that one trading partner wrote usually would not work for other
trading partners, each company participating in this information exchange had to make a
substantial investment in computing infrastructure. Only large trading partners could
afford this investment, and even those companies had to have a signinificant number of
transactions to justify the cost. Smaller or lower volume trading partners could not afford
to participate in the benefits of these paper-free exchanges.
In 1968, a number of freight and shipping companies joined together to form the
Transportation Data Coordinating Commiittee (TDCC), which was charged with
exploring ways to reduce the paperwork burden that shippers and carriers faced, the
TDCC created a standarized information set that included all the data elements that
shippers commonly included in bills of lading, freight invoices, shipping manifests, and
other paper forms. Instead of printing a paper form, shippers could transrorm
information about shipments into a computer file that conformed to the TDCC standard
format. The shipper could electronically transmit that computer file to any freight
company that had adopted the TDCC format. The freight company translated the TDCC
format into data it could use its own information systems, the savings from not printing
and haldling forms, not entering the data twice, and not having to worry about error-
correction procedures, were significant for most shippers and freight carriers.
After a decade of fragmented attempts ar setting broader EDI standards, a
number of industry groups and several large companies decided to make a major efforts
to create a set of cross-industry standards for electronic components, mechanical
equipment, and other widely used items. The American national standards Institute
(ANSI) has been the coordinating body for standards in the United States since 1918.
ANSI does not set standards, though it creates procedures and organizational standards
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
for the development of national standards and accredites committees that follow those
procedures.
In 1979, ANSI chartered a new committee to develop uniform EDI standards.
This committee is called the Accredited Standards Committee (ASC X12). The
committee meets three times a year to develop and maintain EDI standards. The
committee and its subcommittees include information technology professionals from over
800 business and other organizations. Membership is open to organizations and
individuals who have an interest in the standards. The ASC X12 standard has benefitted
from the participation of members from a wide variety of industries. This standard
currently indludes specification for sevel hundred transation sets, which are the names of
the formats for specific business data interchanges.
In 1987, the United Nations published its first standards under the title EDI for
Administration, Commerce, and Transport (EDIFACT, or UN/EDIFACT). As the
internet gained a chance as a tool for conducting business, the trading partners who had
been using EDI began to view the internet as a potential replacement for the expensive
leased lines and dial-up connections they had been using. Companies that were unable to
afford EDI began to look at the internet as an enabling technology that might get them
back
in the game of selling to a large number of customers who demanded EDI capabilities of
their suppliers.
The major hurdles or expected obstacles to conducting EDI over the internet
initially were general concerns about security and the intern‘s general inability to provide
audit logs and third-party verification of message transmission and delivery, the lack of
third-party verification continues to be an issue, since the internet has not built-in facility
for that, because EDI trnasactions are business contracts and often involve large amounts
of money, the issue of non-repudiation causes significant concern.

Emergence of the Internet:

The role of the internet in the evolution of e-commerce has been so cruicial or
has highest priority that the history of e-commerce will remain incomplete without the
inclusion of the history of the internet.
Using the internet, read Online Versions of Newspapers, Magazines, Academic
Journals, and Books, join Discussion Groups on almost any Conceivable Ttopic,
Participate in Games and Simulations, and obtain free computer Software. In recent
years, the internet has allowed Commercial Enterprises to connect with one another and
with customers.
Today, all kinds of businesses provide information about their products and
services on the internet. Many of these businesses use the internet to market and sell their
products and services. The part of the internet known as the world wide web, or more
simply, the web is a subset of the computers on the internet that are connected to each
other in a specific way that makes those computers and their contents easily accessible to
each other.
The most important thing about the web is that it includes an easy to use standard
interface. This interface makes it possible for people who are not computer experts to use
the world wide web to access a variety of internet resources.
In the early 1960s, the US Department of Defense(DoD) became very much
concerned about the possible effects of a nuclear attack on its computing facilities. The
Defense Department realized the need for powerful computers for coordincation and
control. The powerful computers of that time were all large mainframe computers. So the
Defense Department began examining ways to connect these computers to each other and
also to weapon installations that new distributed all over the world.
The Defense Department agency, charged with this task, hired many of the best
communications technology researchers and funded research at leading universities and
institutes to explore the task of creating a worldwide network that could remain
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
operational even if parts of the network were destroyed by enemy military action or
demolition.
These reaserchers worked to arrange ways to build networks that could operate
independently–that is, networks that would not require a central computer to control
network operations.
The world‘s telephone companies were the early models for networked
computers, because early networks of computers used leased telephone company lines for
their connections. Telephone company systems of that time established a single
connection between sender and receiver for each telephone call, and that connection
carried all the data along a single path. When a company wanted to connect computers it
owned at two different locations, it placed a telephone call to establish the connection and
then connected one computer to each end of that single connection.
The Defense Department was concerned about the inherent risk of this single-
channel method for connecting computers. So its researchers developmed a different
method of sending information through multiple channels, in this method, files and
messages are broken into packets and labelled electronically with codes about their origin
and destination. The packets travel from computer to computer along the network until
they reach their destination. The destination computer collects the packets and
reassembles the original data from the pieces in each packet. Each computer that an
individual packet encounters on its trip through the network, determines the best way to
move the packet forward to its destination.
In 1969, these Defense Department researchers used this network model to
connect four computers—one each at the University of California at Los Angeles, SRI
International, the Univerisity of California at Santa Barbara, and the University of Utah.
During the subsequent years, many researchers in the academic community connected to
this network and contributed to technological developments that increased the speed and
efficiency with which the network operated. At the same time, researchers at other
universitites were creating their own networks using similar technologies.
The upshot was the Internet Protocol (IP), which enabled any number of
computer networks to link up and act as one—and eventually it was given the name, the
Internet. This meant that the communication network among the computers was not
dependent on any single computer to operate, and so could not be shut down by
destroying one or even several of the computers. Thus, the Defense Department got what
it wanted. And a new, growing system of computer networks was created.
Although the goals of the Defense Department network were still to control
Defense systems and transfer researche files, other uses of this vast network began to
appear in the early 1970s. in 1972, a researcher wrote a program that could send and
receive messages over the network. Thus was born the e-mail which came to be widely
used very quickely.
The number of network users in the military and education research communities
continued to grow, Many of these new participants used to netowking technology to
transfer files and access remote computers. The network software included two tools for
performing these tasks. File Transfer Protocol (FTP) enabled users to transfer files
between computers, and Telnet let users log on to their computer accounts from remote
sites. Both FTP and Telnet are still widely used on the Internet for file transfers and
remote logins, even though more advanced techniques are now available that allow
multimedia transmissions such as real-time audio and video clips.
The first e-Mail mailing lists also appeared on these networks. In 1979, a group
of students and programmers at the Duke University and the University of North Carolina
started Usenet, an abbreviation for User News Network, Usenet allows anyone who
connects the network to read and post articles on a variety of subjects.
The Defense Department‘s networking software became more widely used as
academic and research institutes realized the benefits of having a common
communications network. The explosion of personal computer use during that time also
helped more people become comfortable with computing. In the late 1980s. these
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
independent academic and research networks merged into one infrastructure—the
Internet that links today hundreds and thousands of networks to one another.

Commercial Use of Internet

As personal computer became more powerful, affordable, and available during

the 1980s, companies increasingly used them to construct their own internal networks.
Although these networks included E-mail software theat enabled the employees to send
messages, businesses wanted their employees to be able to communicate with people
outside their corporate networks for promoting business. The Defense Department
network and most of the other academic networks that had teamed up with it were
receiving funding from the National Science Foundation (NSF). The NSF Prohibited
Commercial Network traffic on its networks and so businesses turned to commercial e-
mail services providers to handle their e-mail needs larger firms built their own networks
that used leased telephone lines to connect field offices to corporate headquarters.
In 1989, the NSF permitted two commercial e-mailservices, MCI Mail and
CompuServ to establish limited connections to the internet for the sole purpose of
exchangeing e-mail transmissions with users of the internet.
These connections allowed commercial enterprises to send e-mail directly to
internet addresses and allowed members of the research and education communities on
the Internet to send e-mail directly to MCI Mail and CompuServ addresses. The NSF
Justified this limited commercial use of the Internet as a service that would primarily
benefit the Internet‘s non-commercial users.

Growth of the Internet

In 1991, the NSF further eased its restrictions on Internet commercial activity and began
implementing plans to privatize the Internet.
The Privatization of the Internet was substantially completed in 1995, when the
NSF turned over the operations of the main Internet Connections to group of privately
owned companies. The new structure of the Internet was based on four Network Access
Points (NAPs), each operated by a separte company. These companies, which are known
as network-access providers, sell Internet access rights directly to large customers and
indirectly to smaller firms through other companies, called Internet Service Providers
(ISPs).
The Internet was a phenomenon that truly sneaked into an unsuspecting world.
The researchers who had been so involved in the creation and growth of the Internet just
accepted it as a part of their working environment, people outside the research
community were largely unaware of the potential offered by a large interconnected set of
computer networks.
Within 30 years, the Internet became one of the most amazing technological and
social accomplishments of the 20th century. Millions of people are using today this
complex, interconnected newtork of computers.
These computers run thousands of different software packages. The computers
are located in almost every country of the world. Every year, billions of dollars change
hands over the Internet in exchange for all kinds of products and services. All of this
activity occurs with no central coordination point or control, which is especially
interesting, given that the Internet began a way for the military to maintain control while
under attack.
The opening of the Internet to business activities helped increase the Internt‘s
growth dramatically, however, there was another development that worked hand in hand
with the commercialization of the Internet to spur its growth. That development was the
World Wide Web(WWW).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Emergence of the World Wide Web

The web is more a way thinking about and organizing information storage and retrieval
than a technology. As such, its hisptory goes back tomany years. Two important
innovations played key roles in making the Internet Easier to use and more accessible to
people who were not research scientists. These two innovations were Hypertext and
Graphical User Interfaces (GUIs).

Origins of the Web

In 1945, Vannevar Bush, who was director of the US Office of Scientific Research and
Development (R&D), wrote an Atlantic Monthly Article about ways that scientist could
apply the skills they learned during World War-II to peacentime activities. The article
included a number of visionary ideas about future uses of technology to organize and
facilitate efficient access to information. Bush speculated that engineers would eventually
build a machine that he called the Memex (a memory extension device), that would store
all—a Persons‘s Books, Records, Letters, and research results—on microfilm. Vannevar
Bush described a system for associatively linking information in his July 1945 article in
The Atlantic Monthly, ‗As We May Think’2.
Hypertext, as implemented on the Web, however, has its origins in the start of the
electronic computer age, when ideas about associative linking could be married with the
possibilities of automated storage-and-retrieval systems. Douglas Engelbart, who also
invented the computer mouse, created the first experimental hypertext system on one of
the larges computers of the 1960s. in 1965, Ted Nelson coined the term hypertext to
describe a text that is not contrained to be sequential.
Hypertext, as described by Nelson, links documents to form a web of
relationships that draws on the possibilities for extending and augmenting the meaning of
a ‗flat‘ piece of text with links to other texts, Hypertext terefore is more than just
footnotes that serve as commentary or further information in a text.
Istead, it extends the structure of ideas by making ‗chunks‘ of ideas available for
inclusion in many parts of multiple texts, Nelson also coined the term hypermedia, which
is a hypertext not constrained to be text, it can include the combination of text, pictures,
graphics, sound, and movies.
The ideas of vannevar Bush, Ted Nelson and others, about information systems,
showed up in another project in the late 1980s. In March 1989, Tim Berners-Lee, a
researcher at the Conseil Europeen Pour la Recherche Nucleaire (CERN), the European
Laboratory for Particle Physics in Geneva, Switzerland, Proposed a Hypertext system to
enable efficient information sharing for members of the higher-energy physics
community. This proposal, called HyperText and CERN, was circulated for comments.
The important components of the proposal follow;
 A user interface that would be consistent with all plateforms and that would allow
users to access information from many different computers.
 A scheme for this interface to access a variety of document types and information
protocols.
 A provision for universal access, which would allow any user on the network to
access any information.

In October of 1991, a gateway from the web to Wide Area Information Server (WAIS)
software was completed. On 15 January 1991, the WWW interface became publicly
available from CERN, and the CERN team demonstrated the Web to researchers
internationally throughout the rest of the year.
By 1993, there were about 50 Web Servers in existence, and the first graphical
interfaces (Called Clients or browsers) for the X window system and the Machintosh
became available in Switzerland. Until 1993, most of the development of Web
technologies came out CERN. In earyly 1993, however, a young undergraduate, Marc
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Andreessen, at the University of Illinois at Urbana-Champaign shifted the stage to the
United States.
Working on a project for the National Center for Supercomupting APlications
(NCSA), Andreessen led a team that developed an X Window System Browser for the
Web and Called it Mosiac. Marc Andreessen and his colleagues then left NCSA in March
1994 to form a company that later came to be known as NEtsape Communications
Corporation. By May 1994, the interest in the Web was so intense that the first
internation conference on the WWW, held in Geneva, overflowed with attendees.
By mid 1994, it was clear to the original developers at CERN that the stable
development of the web should fall under the guidance of an internation organization. In
July, the Massaechusetts Insititute of Technology (MIT) and CERN announced the
World Wide Web Organization (which was later known as the World Wide Consortium,
or W3C). Today, the W3C guides the technical development and standards for the
evolution of the Web.
In 1995, the web development was marked by rapid commercialization and technical
change, Netscape Communication‘s browser, called Netscape Navigator (nicknamed
Mozilla) contined to include more extension s of the Hypertext Markup Language
(HTML), and at the same time the issues of security for commercial cash transactions
garnered much attension. By May 1995, there were more than 15,000 known public Web
servers—a ten-fold increase over the number that existed only a year before.
Hypertext Transfer Progocol (HTTP) is the Internet Protocol responsible for
transferring and displaying web pages. HTTP runs in the application layer of the
Transmission Control Protocol/Internet Procotol (TCP/IP) model. Like the other Internet
Protocols, HTTP employs the client-server model in which a user‘s web browser opens a
HTTP session and sends a request to remote server for a Web Page. In repsonse, the
server creates an HTTP response message that is sent back to the user‘s Web browser.
After the client determines that the message it received is correct, the TCP/IP connection
is closed and the HTTP session ends. The Process demonstrated in following figure.

Figure 1.15 : Client-Server Architecture Using HTTP

The Milestones
--------------------------------------------------------------------------------------------------------------
1988 -- The number of hosts on the net became over 60,000.
1989 -- Over 10,000 hosts on the net were registered.
1991 -- The World Wide Web (WWW) was created by CERN in
Switzerland.
1992 -- One million hosts on the net were found.
1993 -- The InterNIc is created to handle domain name registration.
1995 -- There were a total of 6.6 million hosts or computers on the Internet.
July 1996 -- An estimated 12.8 million hosts, 212,155 websites and about 25
million users of the web. About 90%of the users of the web are in the
United States.
July 1997 -- 1.3 million domain names registered.
December 1997 -- 22 million servers, 40 million users on the WWW.
2000 -- 110 million users and 72 million domains names.
2003 -- 802.2 million users 233 million hosts.
2004 -- 817 million
2005 -- 1018 million users.
2006 -- 1093 million users.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
2007 -- 1350 million users.
-------------------------------------------------------------------------------------------------------

The number of World Wide Web users continues to double in size about every 12 to 15
months. All of these have had an impact. Perhaps the most significant factor, though, is
that the internet offers a range of messaging techniques, all of which work rapidly.
The standards used to make it work are not all ratified by international standards
bodies, but they do work. The factor of not having to wait for standards to be agreed has
surely accelerated the growth in the number of internet users.

An equally significant factor is that, with the existing level of awareness of e-

commerce practices, companies can easily identify the internet as a means of exchanging
business data. The growth of websites over the years4 is shown below.

Year Number of hosts advertised in the DNS

1993 1,313,000 1994 2,2,17,000
1995 4,852,000
1996 9,472,000
1997 16,146,000
1998 29,670,000
1999 43,230,000
2000 72,398,092
2001 109,574,429
2002 147,344,723
2003 171,638,297
2004 317, 6464,084
2005 353,284,187
2006 394,991,609
2007 433,193,199
2008 500,000,000

Figure 1.16 : Growth in the number of internet hosts over the years.

Advantages of E-commerce
Some of the strengths of using the Internet for businesses include the following:
1. 24 x 7 Operation. Round-the-clock operation is an expensive proposition in the
‗brick-and-mortar‘ world, while it is natural in the ‗click-and-conquer‘ world.
2. Global reach. The net being inherently global, reaching global customers is
relatively easy on the net compared to the world of bricks.
3. Cost of acquiring, serving and retaining customers. It is relatively cheaper to acquire
new customers over the net; thanks to 24 x 7 operation and its global reach.
Through innovative tools of ‗push‘ technology, it is also possible to retain customers‘
loyalty with minimal investments.
4. An extended enterprise is easy to build. In today‘s world every
enterprise is part of the ‗connected economy‘; as such, you need to extend your
enterprise all the way to your suppliers and business partners like distributors,
retailers and ultimately your end-customers. The Internet provides an effective (often
less expensive) way to extend your enterprise beyond the narrow confines of your
own organization. Tools like enterprise resource planning (ERP), supply chain
management (SCM) and customer relationship management (CRM), can easily be
deployed over the Internet, permitting amazing efficiency in time needed to market,
customer loyalty, on-time delivery and eventually profitability.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
5. Disintermediation. Using the Internet, one can directly approach the customers and
suppliers, cutting down on the number of levels and in the process, cutting down the
costs.
6. Improved customer service to your clients. It results in higher satisfaction and more
sales.
7. Power to provide the ‘best of both the worlds’. It benefits the
traditional business side-by-side with the Internet tools.
8. A technology-based customer interface. In a brick-and mortar business,
customers conduct transactions either face-to-face or over the phone with store
clerks, account managers, or other individuals, In contrast, the customer interface in
the electronic environment is a ‗screen-to-face‘ interaction. This includes PC-based
monitors, ATM machines, PDAs, or other electronic devices such as the DoCopMo
iMode in Japan and the Nokia 7100 in Europe. Operationally, these types of
interfaces place an enormous responsibility on the organization to capture and
represent the customer experience because there is often no opportunity for direct
human intervention during the encounter. If the interface is designed correctly, the
customer will have no need for a simultaneous or follow-up phone conversation.
Thus, the ‗screen-to-customer‘ interface has the potential to both increase sales and
decrease costs. In fact, a number of innovators are entering the e-commerce markets
with solutions that reintroduce humans into the process, such as the service
representatives available on demand for Web users at www.liveperson.com when the
interface does not work, not only is the revenue lost but the organization also incurs
the technology costs. Thus, a poorly designed customer interface has both negative
revenue and cost implications.
9. The customer controls the interaction. At most websites, the customer is in control
during screen-to-face interaction, in that the web largely employs a ‗self-service‘
model for managing commerce or community-based interaction. The customer
controls the search process, the time spent on various sites, the degree of price /
product comparison, the people with whom he or she comes in contact, and the
decision to buy.
In a face-to-face interchange, the control can rest with either the buyer / seller or
the community member. At a minimum, the seller attempts to influence the buying
process by directing the potential buyer to different products or locations in the store,
overcoming price objections and reacting in real item to competitive offering.
The virtual store can attempt to shape the customer experience with uniquely
targeted promotions, reconfiguration of storefronts to reflect past search behavior,
recommendations based on previous behavior of other similar users, and access to
proprietary information. However, the seller has much less power in the online
environment due to the control and information flows that the online world puts in
customer‘s hands.
10. Knowledge of customer behavior.While the customer controls the interaction, the
firm has unprecedented access to observe and track individual consumer behavior
companies, through a third-party measurement firm such as Vividence and Accrue,
can track a host of behaviors on websites visited, length of stays on a site, page views
on a site, contents of wish lists and shopping carts, purchases, dollar amounts of
purchases, repeat purchases behavior, conversion rates of visitors who have
completed transactions and other metrics.
This level of customer behavior tracking, in contrast with tracking consumer
attitudes, knowledge or behavioral intensions, is not possible in the brick-and-mortar
world. Armed with this information, companies can provide one-to-one
customization of their offerings.
In addition, companies can dynamically publish their storefronts on the web to
configure offerings to individual customers. In a tactical embellishment, electronic
retailers can welcome a user back by name. In more strategic terms, an online
business can actually position offers and merchandise in ways that uniquely appeal to
specific customers.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
11. Network economics. In information intensive industries, a key competitive
battleground centers on the emergence of industry-standard products, services,
components, and or architecture. Network effects, as described by Metcalf‘s law, can
best be expressed as the situation where the value of a product or service rises as a
function of the number of other users who are using the product.
A classic example is the fax machine of other people who adopt the technology.
A key characteristic of network‘s economic is positive feedback, that is, as the
installed base grows, more and more users are likely to adopt the technology because
of the installed base.
Many commercial wares in the digital economy revolve around setting a
standard, growing the installed base and attempting to ‗lock-in‘ customers to the
standard because of rising switching costs. This applies to both hardware (e.g. cable
modems versus DSL lines) and software (e.g. MP3 versus streaming audio).
A key result of network effects and positive feedback is ‗increasing return‘
economies as compared to the traditional decreasing-returns model often associated
with the brick-and-mortar world. It also means that the traditional realities of
marketing such as the importance of world-of-mouth (WOM) among potential
customers, become greatly magnified in this new environment.
It is this turbocharged WOM phenomenon that makes viral marketing a reality
for consumer-oriented e-commerce business such as ICQ in instant messaging
system.

Disadvantages of E-commerce
Some business processes may never lend themselves to electronic commerce, For
example, perishable foods, and higher-cost items (such as jewelry, antiques, and the
like), may be difficult to inspect from a remote location, regardless of any
technologies that might be devised in the future.
Most of the disadvantages of electronic commerce today, however, stem from the
newness and rapidly developing pace of the underlying technologies. These
disadvantages will disappear as e-commerce matures and becomes more and more
available to and gets accepted by the general population. Many products and services
require a critical mass of potential buyers who are well-equipped and willing to buy
through the internet.
Business often calculate the return-on-investment before committing to any new
technology. This has been difficult to do with e-commerce, since the costs and
benefits have been hard to quantify.
Costs, which are a function of technology, can change dramatically even during
short-lived e-commerce implementation projects, because the underlying
technologies are changing rapidly. Many firms have had trouble in recruiting and
retaining employees with technological, design, and business process skills needed to
create an effective e-commerce atmosphere.
Another problem facing firms that want to do business on the internet is the
difficulty of integrating existing databases and transaction-processing software
designed for traditional commerce into a software that enables e-commerce.
In addition to technology and software issues, many businesses face cultural and
legal obstacles in conducting e-commerce. Some consumers are still somewhat
fearful of sending their credit card numbers over the internet. Other consumers are
simply resistant to changed and are uncomfortable viewing merchandise on a
computer screen rather that in person.
The legal environment in which e-commerce is conducted is full of unclear and
conflicting laws. In many cases, government regulators have not kept up with the
trends in technologies.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Online Extension of a BAM Model

Since most conventional brick-and-mortar (BAM) organizations have established
processes, people, structures and supply chains, they can become strong competitors
to the dot-coms (that have no offline presence) by e-enabling their supply chains.
Most BAM organizations will gain competitive advantage by creating more value for
the customers at the same cost or delivering the same goods at a lower cost by using
the Internet, For example, an automobile manufacturer can pass on the cost savings
achieved by e-procurement, a bank can reduce the need for physical branches by
making use of e-banking.
So leveraging the supply chain by making use of information, relationships, and
commerce and squeezing out more value out of it would enable BAM organizations
to have a level of efficiency, unparalleled by pure dotcoms, besides, dot coms
without any offline presence would have to set up their supply chains from scratch. In
this respect, they are greatly disadvantaged in comparison to their offline
counterparts.

Transition to E-commerce in India

The potential for e-commerce is enormous in India, owing to the rapid growth of the
number of Internet users. The enormous savings in time and money achieved by both
buyers and sellers is the principal advantage.

Indian Readiness for E-Commerce

A pertinent question arises here about the readiness of Indian buyers for e-commerce.
The proliferation of the Net at a rapid pace and the granting of private ISP Licenses
has put the market en route to a new phase. Even small and medium enterprises
(SMEs) have been increasingly realizing the potential of the net.
The technological advancements happening in all spheres of life in India will be
the driving factors for the spread of e-commerce in this country, as has happened
elsewhere in the world. NASSCOM (National Association of Software and Service
Companies), has recently released the findings of its survey to evaluate the e-
commerce scenario in India. E-commerce is dependent to a great extent, on the
number of internet users in India. The following tables give the rate of growth of
internet users in India.
GROWTH OF INTERNET IN INDIA

Year Internet Subscribers Internet Users

1997 25 45
1998 150 200
1999 359 1000
2000 650 2000
2001 1130 6668
2002 1763 10684
2003 3661 29000
2004 4403 31723
2005 6000 35000
2006 25000 37000

The Internet and India

The Internet has undergone a steady evolution from being a source of instant
communication in the early 90s to a rich source of internment and education. This
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
evolution has been driven by the growing customer expectations with the content of
Internet. Thus newer segments of Internet usage have emerged and there lie potential
user segments that are still unexplored and may emerge in the future.
Five years ago there was limited Internet access but only in a few major cities, all
in the hands of the government, VSNL, the agency responsible for Internet activities,
and the DOT (Department of Telecommunications) provided an agonizingly erratic
connectivity, with miserly bandwidth and far too few phone lines. Connection rates
ran as low as 5% and users were frequently cut off. And the rates for this pathetic
level of service were among the highest in the world. By the end of 1998, after three
years of government monopoly, there were barely 150,000 Internet connections in
India.
Presently, the government monopoly is largely over. Dozens of small to large
ISPs have set up shop, triggering a price war and an improvement of service. Users
are now estimated at over 37 million, with a growth predicted to reach more than 50
million in the next three years.
According to the Nasscom survey, the total volume of e-commerce transactions
in India was about Rs 450 crores in 1999-2000. Out of this volume, about Rs 50
crores were contributed by retail internet or Business-to-Consumer transactions
(B2C), and about Rs 400 transactions may seemto be negligible. However, given the
situation in India, this amount seems impressive in the background of an almost non-
existing regulatory framework to support e-commerce. Thus, if e-commerce-based
businesses can emerge as viable propositions working within the confines of the
existing not-so-conducive framework, imagine the potential that would be unleashed
once we have a suitable, catalyzing framework in place! With the passing of the I.T
Bill in both Houses of Parliament, a legal regulatory structure exists and what is now
required effective enforcement.

Figure 1.16:InternetandUsagein Indiais

Following table shows the Total E-Commerce Transactions in Inaia.

Year Total E-Commerce
Transactions
1998-1999 131
1999-2000 450
2000-2002 1400
2006 2300
2007 7000

According to the NASSCOM survey, considering the interest the Government is

taking in the growth of the market, e-commerce in India will witness a significant
jump over the next three years.
Based on these preliminary findings, experts have concluded that the penetration
of the Internet and e-commerce transactions in India will increase by leaps and
bounds. The survey findings also point to the fact that India‘s active Internet
population would spend close to 3.2 percent of its total regular household spending
through Internet purchase.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Revenue streams will increasingly be aligned with the emerging global model, it
is being anticipated. This would mean that themajor part of the revenues would come
from transactions, while a smaller amount would be realized from advertising.
It is expected that by 2003, more than 75 percent of the revenues of Internet
business-to-consumer businesses would come from transactions. The advertisement
revenues would amount to about 8 percent of the total ad spent by the companies.
Analysts also believe that one of every four nonresident Indians would make some
form of purchase from India-based sites.

E-commerce Opportunities’ for Industries

Following are some of the area where e-commerce is witnessing rapid growth in the
global markets. Indian software and services companies need to tap into some of
these vertical segments to gain the maximum advantage in the e-commerce solution
sector.

1. Financial services. A large number of users use the Internet for some form of
financial guidance.

2. Stock trading. Online stock trading is nowadays one of the most demanding e-
commerce utilities. The ability to offer market access at a competitive price is a
key advantage of online stock broking companies and this is slowly happening in
India too.

3. Banking. Internet banking is now growing. Many banks like ICICI and HDFC
are making inroads into this area.

4. Legal and professional services. Opportunities also exist for Indian companies
in legal and other professional services. There are significant legal and regulatory
implications of implementing an Internet business or of migrating from a
traditional off-line business. In terms of opportunities for Indian legal service
providers, the requirement for professional, legal and regulatory advice is
expected to increase as the number of e-commerce users increases.

5. Tour and travel. The travel industry has readily adapted to e-commerce. There
has been a growing emphasis on the search for alternative distribution channels
within the sector, particularly with the railways and the airlines, as they seek to
reduce within the sector, particularly with the railways and the airlines, as they
seek to reduce costs. These sectors have adapted well because of their online
reservation systems.

6. Healthcare. Healthcare represents one of the biggest expenditures of

governments worldwide. The Internet has the potential to enhance
communications, streamline processes and create new business opportunities, by
providing high-quality administrative services and integrating information
systems.

Asian Paints—E-transforming the Organization

Asian paints, India largest paint company, is reaping the benefits of its investments in
Internet-enabling its organization. Information Technology has been made use of
efficient data collection, demand forecasting, reduction in working capital and online
information about material flows across factories and other locations.
Given the complexity of the demand chain and the logistics and the seasonal
nature of the demand, the use of the Internet in connecting the 15,000 dealers and the
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
55 branch offices has improved the efficiency of the supply chain. It has also
increased the service levels and has cut down the working capital in the chain.
The company is also planning to do bulk transactions for its products through its
website by making it a one-stop virtual storefront. The use of a comprehensive
database of customers for e-relationship management is also being mulled.

ICICI Bank ---Comprehensive Transactions

ICICI Bank is using the Internet to acquire more customers by offering them a host of
services. Its idea is to become a one-stop site where the account holders can do all
their money transactions. On other sites one can trade online but all other transactions
still have be done physically. ICICI offers the entire chain, from the Demat account
in which a customer‘s shares are credited to the savings account from which the
money is debited to settle the transaction for access.
The bank has also launched an electronic bill payment service through its internet
banking service. The new payment system will do away with any paperwork since
the biller will be presenting his bills to customers through the bank‘s website, while
the customer will pay through the Internet. For this, the customers will have to
register foran Internet banking account with the bank. Thus the bank will be able to
target both the B2B and B2C markets.

The Information Technology Act, 2000

The parliament of India passed its first Cyber law on the 17th of October 2000, the
Information Technology (IT) Act, 2000 which provides the legal infrastructure for 3-
commerce in India.
The purpose of the IT Act, 2000, as mentioned in the language of the Act is:

To provide legal recognition for transactions carried out by means of electronic

data interchange and other means of electronic communication, commonly referred
to as “electronic commerce”, which involve the use of alternatives to paper-based
methods of communication and storage of information, to facilitate electronic filing
of documents with the Government agencies and further to amend the Indian Penal
Code, the Indian Evidence Act, 1872, the Banker’s Book Evidence Act 1891 and the
Reserve Bank of India Act, 1934, and for matters connected therewith or incidental
thereto.

The General Assembly of the United Nations, by its resolution A/RES/

51/162 dated 30th January 1997, adopted the Model Law on Electronic Commerce
adopted by the United Nations Commission on International Trade Law. The same
resolution recommends inter alia that all States give favorable consideration to this
Model Law when they enact or revise their laws, keeping in mind the need for
uniformity of law pertaining to alternatives to paper-based methods of
communication and storage of information. The Indian Information Technology Act,
2000, accordingly draws upon the Model Law.
The implementation of this Act has kick started a new era of e-governance and
will have a lot of impact on the way people do business in India and will also open up
new opportunities for e-business, as people would be less apprehensive about the
legal hassles and issues not under the jurisdiction of law, e.g. authenticity of digital
documents, hacking, digital signatures, and so on.
Therefore, it is essential for us to understand what the IT Act, 2000 offers and
what its various perspectives are.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Highlights of the IT Act, 2000

For a basic understanding of the IT Act by the layman, the salient features of the Act
and its relevant portions on e-business are enumerated below:

1. Electronic contracts are legally valid---EDI accorded legal recognition.

2. Legal recognition accorded to digital signatures.
3. Digital signature to be effected by use of asymmetric crypto system and hash
function.
4. Security procedure for electronic records and digital signature.
5. Appointment of Certifying Authorities (CAs) and the Controller of
Certifying Authorities (CCA) including recognition of foreign Certifying
Authorities.
6. Controller to be appointed, who will act as repository of all digital signature
certificates.
7. Certifying Authorities require to get license to issue digital signature
certificates.
8. Various types of computer crimes defined and stignet penalties provided
under the Act.
9. Appointment of Adjudicating Officer for holding inquiries under the Act.
10. Establishment of Cyber Appellate Tribunal under the Act.
11. Appeal from order of Adjudicating Officer to Cyber Appellate Tribunal and
not to any Civil Court.
12. Appeal from order of Cyber Appellate Tribunal to High Court.
13. Act to apply for offences or contraventions committed outside India.
14. Network Service Providers not to be liable in certain cases.
15. Power to Police officers and other officers to enter into any public place and
search and arrest without warrant.
16. Constitution of Cyber Regulations Advisory Committee to advise the Central
Government and Controller.
17. Amendments effected in:
(a) Indian Penal Code
(b) Indian Evidence Act
(c) Banker‘s Books Evidence Act
(d) Reserve Bank of India Act
Important Concepts Introduced in the IT Act, 2000

Some of the important concepts introduced in the IT Act, 2000 are:

o Electronic record
o Secure Electronic Record
o Digital Signature
o Secure Digital Signature
o Certifying Authority
o Digital Signature Certificate

The concept of electronic record, as envisaged by the Act has already been described. A secure
electronic record has been
Defined in the Act as follows:
Where any security procedure has been applied to an electronic record at a
specific point of time, then such record shall be deemed to be a secure electronic record
from such point of time to the time of verification.

The security procedures envisaged are not prescribed by the Act. The Act
specifies that the central government shall prescribed the security procedures. Thus
insofar as the Act is concerned, the secure electronic record is a purely legal concept and
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
not a technological one. The application of the prescribed procedure will create a
presumption, in the eyes of the law, relating to the authenticity and integrity of the record.
Therefore, not only must the security of the procedure be such that it indeed offers
adequate security, but it must also be demonstrated that the correct procedure has in fact
been applied.
The IT Act, 2000 prescribes that electronic records are to be authenticated by
means of affixing a digital signature. This digital signature must be effected by the use of
an asymmetric crypto system and hash function. In contrast, the European Electronic
Signature Standardization Initiative (EESSI) is technology neutral in its prescription of
how an electronic signature may be effected.
This point needs a little elaboration. Until fairly recently (about 1997) it was
believed that the use of asymmetric crypto systems would be the foundation for all
electronic authentication. However, there is an increasing awareness that other
technologies, such as biometrics, also offer the promise of electronic authentication.
Consequently, there is greater interest in technology-neutral legislation. This type of
technology-neutral specification tends to be called electronic signature as opposed to
digital signature, which is just one type of electronic signature.
The concept of a secure digital signature, as the Act puts it, is:
If, by application of a security procedure agreed to by the parties concerned, it
can be verified that a digital signature, at the time it was affixed, was
(a) Unique to the subscriber affixing it;
(b) Capable of identifying such a subscriber;
(c) Created in a manner or using a means under the exclusive control of the
subscriber and is linked to the electronic record which it relates in such a
manner that if the electronic record was altered the digital signature would
be invalidated, then such digital signature shall be deemed to be a secure
digital signature.

It can be seen that the concept of secure digital signature is a purely legal concept
rather than a technical one. The parties concerned must agree on a security procedure,
and once it is demonstrated that the security procedure was indeed applied, then the
digital signature will be deemed secure, and all the legal presumptions that stem from this
consideration, will then be applicable.
The technical requirements for effecting digital signatures by the use of an
asymmetric crypto system with has function are a private key to effect a digital signature
and a public key to verify such a signature. The Act stipulates that the association
between a subscriber‘s name and his public key should be made available by a duly
licensed certifying authority in the form of a digital signature certificate.
The Act provides for a controller of Certifying Authorities to be appointed by the
central government. The functions of the controller include licensing and regulating of
operations of organizations that may act as certifying authorities.
A certifying authority provides a subscriber for a fee, with a digital signature
certificate and a private key. The private key is known only to the subscriber. The
certifying authority is obliged to:
1. Make use of hardware, software and procedures that are secure from intrusion
and misuse.
2. Provide a reasonable level of reliability in its services which are best suited to the
performance of intended functions.
3. Adhere to security procedures to ensure that the secrecy and privacy of the digital
signatures are assured.
4. Observe such other standards as may be specified by regulations.

The digital signature certificate of any subscriber is used by anyone who wishes
to verify a digital signature purported to be affixed by that subscriber. Thus the basic role
of a certifying authority is to establish trust in the name---public key association that is
contained in the digital signature certificate.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Positive Aspects for corporate sector

From the perspective of the corporate sector, the IT Act, 2000 and its provisions contain
the following positive aspects:
1. The implications of these provisions for the corporate sector would be that e-mail will
now be a valid and legal form of communication in our country, which can be duly
produced and approved in a court of law, the corporates today thrive on e-mail, not only
as the form of communication with entities outside the company but also as an
indispensable tool for intra-company communication.
Till now it has been seen that the corporates in their intra-company
communications on e-mail have not been very careful in using the language in such e-
mails. Corporates will have to understand that they need be more careful while writing e-
mails, whether outside the company or within, as the same with whatever language could
be proved in the court of law, sometimes much to the detriment of the company.
Even intra-company notes and memos, till now used only for official purposes,
will also fall within the ambit of the IT Act and be admissible as evidence in a court of
law, a possible consequence of the same for a typical wired company would be that any
employee unhappy with a particular e-mail communication, whether received in an
official or personal form, may make the said e-mail as the foundation for launching a
litigation in a court of law. Further, when a company executive sends an e-mail to another
to another executive in the company with some defamatory or other related material and
copies the same to others, there are possibilities that he may land in a litigation in a court
of law.
2. Companies shall now be able to carry out electronic commerce using the legal
infrastructure provided by the Act. Till now, the growth of e-commerce was impeded in
our country basically because there was not legal infrastructure to regulate commercial
transactions online.
3. Corporates will now be able to use digital signatures to carry out their transactions online,
these digital signatures have been given legal validity and sanction in the Act.
4. The Act also throws open the doors for the entry of corporates in the business of being
certifying authorities for issuing digital signature certificates. The Act does not make any
distinction between any legal entities for being appointed as a certifying authority so long
as the norms stipulated by the government have been followed.
5. The Act also enables the companies to file any form, application or any other documents
with any office, authority, body or agency owned or controlled by the appropriate
government in the electronic form as may be prescribed by the appropriate government.
India is rapidly moving ahead in the field of electronic governance and it will to be long
before governments start their interactions with the public by taking applications or
issuing license, permit, sanction or approvals, online. This provision can act as a great
leveler as it will enable all kinds of companies to do a lot of their interaction with
different government departments online, thereby saving costs, time and wastage of
precious manpower.
6. Corporates are mandated by different laws of the country to keep and retain valuable and
corporate information. The IT Act enables companies legally to retain the said
information in the electronic form, if the
a. Information contained therein remains accessible so as to be usable for further
reference,
b. Electronic record is retained in the format in which it was originally generated,
sent or received,
c. Details which will facilitate the identification of the origin, destination, date and
time of dispatch or receipt of such electronic record are available in the electronic
record.
7. The IT Act also addresses the important issues of security which are critical to the
success of electronic transactions. The Act has also given a legal definition to the concept
of secure digital signatures which would be required to have been passed through a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
system of a security procedure, to be stipulated by the government at a later, in the times
to come, secure digital signatures shall play a big role in the new economy particularly
from the perspective of the corporate sector as it will enable a more secure transaction
online.
8. IT Act, 2000 has defined various cyber-crimes and has declared them penal offences
punishable with imprisonment and fine. These include hacking and damage to computer
source code. Often corporates face hacking into their systems and information. Till date,
the corporates were in a helpless condition as there was no legal redress to such issues.
But the IT Act changes the scene altogether.

However, despite the overwhelming positive features of the IT Act, 2000 for the
corporate sector, some new legislations need to be enacted by the government in related
areas.

Unresolved Issues in IT Act, 2000

The IT Act, 2000 does not cover the following legal issues:
 Taxation Issues that arise out of e-commerce, Internet and m-commerce, transactions.
 Domain Name Registration Policy, as Digital Copyright Issues, Trade Makers,
Patents,
 Privacy and Data Protection Issues.
 Rights to e-consumers, i.e. no provision for cover under COPRA.
The IT Act does not have any clause ensuring security and protection to the online
consumer while it is clear that consumers shall play possibly one of the most important
roles in the success of e-commerce.

IT (Amendment) Bill, 2006

The IT (Amendment) Bill, 2006, was introduced in the Lok Sabha (Lower House of
Parliament) on December 15, 2006 by Union Minister of State for Communication.
According to ‗Statement of Objects and Reasons‘ of the Bill the purpose of legislation is
(1) harmonization of electronic communication and services with the Information
Technology Act. (2) protection of Critical Information Infrastructure (3) to suggest penal
provisions in the IT Act, Indian Penal Code, Indian Evidence Act, and the Code of
Criminal Procedure to prevent the publication of sexually explicit material, video
voyeurism, breach of confidentiality and leakage of data by intermediaries, e-commerce
fraud like personation (phishing), identity theft, and transmission of offensive materials
through communication services. The bill also seeks to enable the government to
authorize service providers to collect service charges from customers as specified by the
government.

Computer-related Crimes

Section 43 of the principal Act (IT Act, 2000) deals with computer-related crimes
including unlawful access to computer resources, sending computer virus, damage
computer systems or disrupting communication systems, denial of authorized access to
computer resources to someone, manipulation of electronic money transfer. Section 66
deals with hacking while section 67 deals with publication of obscene materials in
electronic form. According to the new bill both section 66 and section 67 of the principal
Act will be totally substituted by new ones. Section 66 of the proposed legislation deals
with computer-related crimes and according to it ‗if any person, dishonestly or
fraudently, does any act referred to section 43, he shall be punishable with imprisonment
for a term which may extend to two years, or with fine which may extend to five lakh
rupees, or with both.‘ Section 66A makes sending offensive messages punishable which
reads ‗any person who sends, by means of a computer resource or communicative device
that is‘
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
a) Grossly offensive or has menacing character; or b) any content which he knows
to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction,
insult, injury, criminal intimidation, enmity hatred or ill-will shall be punishable with
imprisonment for a term which may extend to two years and with fine.

In order to prevent computer-related crimes and protect sensitive data The IT Bill, 206
proposes to insert a new Section (43A) to make IT Companies and service providers
make it mandatory to put in place reasonable ‗security practices and procedures‘
protection of sensitive personal data. Section (43A) says, Where a body corporate,
possessing, dealing or handling any sensitive personal data or information in a computer
resource which it owns, controls or operates, is negligent in implementing and
maintaining reasonable security practices and procedures and thereby causes wrongful
loss or wrongful gain to any person, such body corporate shall be liable to pay damages
by way of compensation, not exceeding five crore rupees to the person so affected.

Section (43A (ii)) also suggests the government discuss with various stake holders how to
define ‗reasonable security practices and procedures‘ as reads,

‗security practices and procedures designed to protect such information from

unauthorized access, damage, use, modification, disclosure or impairment, as may be
specified in an agreement between the parties or as may be specified in any law for the
time being in force and in the absence of such agreement or any law, such reasonable
security practices and procedures, as may be prescribed by the Central Government in
consultation with such professional bodies or associations as it may deem fit.‘

As per the new bill the punishment for computer-related crimes will be reduced to two
years imprisonment which was three years in the principal Act. However, fine has been
increased from Rs 2 lakhs to Rs 5 lakhs.
Even though the new bill has widened the scope for the punishment for
computer-related crimes, it does not address issues such as spam whereas the US has
passed a separate anti-spam legislation.

Identity Theft & Personation

The proposed legislation seeks to amend the Indian Penal Code to prevent identity theft
and cheating by impersonation by using information and communication technologies.
The amendment (Section 417A) targets ‗whoever, cheats by using the electronic
signature, password or any other unique identification feature of any other person, shall
be punished with imprisonment by using any computer resource or communication
device will be liable for imprisonment up to five years and shall also be liable to fine.‘
According to Section 419A, anyone cheats by personation by using any computer
resource or communication device will be liable for imprisonment up to five years and he
/ she shall also be liable to fine.

Publication of Obscene Material & Sexually Explicit Act

Publication or transmission of obscene material will continue to be publishable under

(Section 67) but the punishment has been diluted. In the principal Act anyone who
commits offence under Section 67 was liable for imprisonment up to five years but in the
new bill it has been reduced to two years. The guilty will also be liable for a fine up to Rs
500000 upon first conviction. In the event of second or subsequent conviction the
punishment can be up to five years imprisonment and also with a fine which may extend
to Rs 1000000. In the principal Act anyone convicted in the second time is liable for 10
years of imprisonment.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In the new Bill a new Section 67 has been included to deal with publication or
transmission of sexually explicit acts in electronic act form which covers child
pornography. According to this section.

Whoever publishes or transmits or causes to be published or transmitted in the electronic

form any material which contains sexually explicit act or conduct shall be punished on
first conviction with imprisonment of either description for a term which may extend to
five years and with fine which may extend to ten lakhs rupees and in the event of second
or subsequent conviction with imprisonment of either description for a term which may
extend to seven years and also with fine which may extend to ten lakhs rupees.

Bok, pamphlet, paper, writing, drawing, painting is exempted from liability if the
publication of which is ‗proved to be justified as being for the public good.‘ Publication
or transmission of materials which is the interest of science, literature, art or learning are
other objects of general concern or which is kept or used bona fide for religious purpose
are deemed to be of public good.

Intellectual Property Rights

The IT Act, 2006 has been subordinated by inserting a new clause in Section 81 of the
Principal Act which says, ‗Provided nothing that contain in this Act shall restrict any
person from exercising any right conferred under the Copyright Act, 1957 or the Parents
Act, 1970. This means any compliant with regard to violation of Intellectual Property
Right will be dealt according to the provisions of the Copyright Act or Patent Act.‘

Exercise
Q. 1 Define internet. Why is internet important in E-Commerce?
Q. 2What do you mean by e-com? Write difference between inter and intra organizational e-
com?
Q. 3 what are the types of e-com? OR what are ecommerce models
Q. 4 explain what are the forces behind the development of e-com?
Q. 5 explain the economic potential of e-com with example?
Q.6 what are the advantages of e-commerce to traditional businesses.
Q.7 what are the disadvantages or constraints of e-commerce.
Q.8 write short note on:-
A. peer to peer e-com,
B. business to business e-com
C. Consumer to consumer e-com
Q.9. Explain B2C ecommerce. OR Explain working process of B2C ecommerce model.
Q.10 what is Brick and mortar model of ecommerce.
Q.11 what are the main types of ecommerce.
Q.12 Explain the use of internet in evolution of ecommerce
Q.13 Define World Wide Web.
Q.14 what are the advantages of e-commerce
Q.15 Short note on-
a) ISP b) URL c)internet client server Application d)Internet naming conventions
Q.16 Explain online extension of BAM model.
Q.17 what is difference between dynamic IP and static IP addressing?
Q.18 what is broadband technology? Explain types of broadband technology.
Q.19 Explain business model based on relationship of transaction types for E-commerce.
Q.20 Explain business model based on relationship of transaction parties for E-commerce.
Q.20 Explain client server architecture.
Q.21 Explain Ecommerce opportunities in India OR
Applications of ecommerce in India.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Q.22 explain information technology act 2000. OR
Write a short note on IT Act 2000. OR
Explain the importance of IT Act 2000 for ecommerce or e-business.
Q.23 Explain few challenges for ecommerce business in Indian market OR
Explain e-transition challenges in Indian market. OR
Explain some internal or external factors in growth of ecommerce in Indian market.
Q.24 Write a short note on IPR. (Intellectual property rights)
Q.25 Write a short note on: ISP (internet service provider)
Q.27 what is the difference between EDI and E-commerce.
Q.28 what are the advantages of Business to consumer e-commerce model.
Q.29 Explain B2B ecommerce. OR Explain working process of B2B ecommerce model.
Q.30 what are the advantages of Business to Business e-commerce model.
Q.31 Write a short note on: Consumer to consumer e-commerce model.
Q.32 List down the E-business models based on relationship of transaction types.
Q.33 Define following: 1. Network 2. Router 3. Switch 4. Internet protocol
5. explain connectionless and connection -oriented protocol
Q.34 Explain TCP/IP Protocol.
Q. 35 State the origin and growth of e-commerce? Also explain different types of
E- Commerce.
Q.36 Discuss the Ecommerce architecture and its components in detail with the help of a
diagram
Q. 37 Discuss how E-Commerce is helpful to business success
Q. 38 Compare and contrast the traditional business with electronic commerce in a book shop
Business.
Q.39 With the help of any example web site explain the perspectives of the buyers and sellers
in a B2B Ecommerce web site.
Q.40 What is BAM Model in online extension?
Q.41 List the challenges in E-transition in India.
Q.42 Define E-Commerce with suitable example.
Q.43 Explain the importance of Information Exchange.
Q.44 What is Internet? What is WWW? Explain the suitable example.
Q.45 What are disadvantages of E-Commerce?
Q.46 Write a short note on Information Technology Act 2000.
Q.47 Draw a diagram for pure waterfall life cycle.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Unit-2 : E Marketing

Today‘s markets around the world are racing to take advantage of its interactive
nature, to communicate and foster exchanges and relationships with customers,
suppliers, and the public. Also, the amounts of transactions on the Internet are
increasing exponentially, as shown in the Table.

TABLE 2.1TOTAL WORLDWIDE E-COMMERCE REVENUES, 2004 (B2B &

B2C)
Region Total
North America $3.5 trillion
Asia Pacific $1.6 trillion
Western Europe $1.5 trillion
Latin America $81.8 billion
Rest of World $68.6 billion

The shopping patterns among the countries can be seen in table 2.2.

TABLE 2.2ONLINE SHOPPING PATTERNS IN TERMS OF INTERNET

PENETRATION2
Category Country Lowest Highest
Average
Internet users 27% 6% (Indonesia) 58% (USA)
Online shoppers 10% 1% (Thailand / 27% (USA)
Online Dropouts 15% Turkey) 32% (Korea)
Offline shoppers 1% (India)
(But Browse online) 13%
Future online shoppers 14% 1% (Portugal)
3% (Poland)

The accelerating confluence (just like a junction between two things) of

traditional print and broadcast media with new digital media like the internet has
created dynamic new channels for marketers. At the same time, advertisers have
begun demanding greater economic efficiency in reaching target customers. The
internet is changing the design and implementation of marketing strategies.
This dynamic technology provides marketers with efficient and powerful methods of
designing, Promoting, and distributing products, conducting research, and gathering
market information.
E-marketing can include any internet-based promotion, including websites,
targeted E-mail, Internet bulletin boards, sites where customers can dial-in and
download files, and so on. The term does not have a strict meaning though, and many
marketing managers use it to describe any computer-based marketing tool.

Traditional Marketing

If marketing is whatever you do to promote the sale of your products or services, then
it should include:
Market research—from competitive information-gathering to industry awareness to
soliciting customer opinions and preferences.Publicity from press releases to the
positioning of your company and its offerings in the marketplace.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Advertising that is text-based (classifieds) and graphic-based (display)Sales,
including distribution and merchandising Customer service and customer support.

Traditional marketing seems to fall far of three features. There are certain problems
associated with it, which can be listed as follows:

Traditional marketing is often expensive. It can cost a lot of money to produce

and print brochures, product sheets, and catalogues. It is also expensive to keep
support personnel on hand to answer inquiries from customers, and it costs a lot of
money in postage and shipping fees to send information to prospective customers.
Traditional marketing can be a very time-consuming process. Mistakes have to be
corrected; you have to wait for months for an ad that you have placed to appear in a
publication.
Traditional marketing often has a ―hit and miss‖ quality. Marketers often send out
bulk of mails to customers and yet receive a tiny response.
Moreover they feel that they do not cater to the taste of the consumers or rather
that they do not come across the right consumer.
Businesses have always made their presence felt by establishing shops, factories,
warehouses, and office buildings, an organization‘s presence is the public image it
presents warehouses, and offices buildings.
An organization‘s presence is customers, suppliers, employees, stockholders,
neighbors, and general public.
Companies tend not to worry much about the image they project until they make their
mark. Initially, they focus only on their survival.
On the web, making one‘s presence felt is much more important. The only contact
that customers and other stakeholders have with a firm on the web might be its
website or its web pages. Therefore, creating an effective and appealing web page is
essential even for the smallest and the newest firm operating on the web.

Identifying web Presence Goals

When a business creates a physical space in which to conduct its activities, its
managers focus on very specific objectives. Few of these objectives are image-driven.
An ambitious businessman must find a location that will be convenient for customers
to access, with sufficient floor space features to allow the selling activity to occur,
and they must take into consideration, the room space to store inventory and provide
working space for employees. An added feature is the interior decoration which could
enhance the business ambience, and at the same time attract customers.
The success of a business relies on fulfilling these objectives in a tangible,
physical location.
On the web, businesses and other organizations have the advantage of creating a
space of their own choice, design and other embellishments, good enough to make a
distinctive presence. A website can have images, and can activate them by animation,
thus making the customers feel and enjoy its presence. It can serve as a sales
brochure, a product showroom, a financial report, an employment ad, or a customer
contact point. Each entity that establishes a web presence should decide which tasks
the website must accomplish, and which tasks are most important and need to be
included for promoting their business.
Different firms, even those in similar business, may establish different web
presence goals, for example, Coca-Cola and Pepsi are two companies that have
established very strong brand images and are in the same business, but have
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
developed very different web presences. In figure 2.1, you can see the website of
Pepsi.
Now, have a look at their competitor‘s site, given in next figure 2.2. These two
companies change their web pages frequently.
Coca-Cola page usually includes its corporate image such as the Coke Bottles, while
the Pepsi page is usually filled with hyperlinks to a variety of activities and product-
related information.
These web presences project the image of each of these companies.
Each presence is consistent with other elements of the marketing efforts of these
companies. Coca-Cola is maintaining its long-drawn traditional position, and Pepsi,
as the upstart product favored by the younger generation.

Achieving Web Presence Goals

An effective site is the one that creates an attractive presence that meets the
objectives of the business or the organization. These objectives include:
 Attractive visitors to the website
 Making the site interesting enough so that visitors stay and explore
 Convincing visitors to follow the sit‘s links to obtain information
 Creating an impression consistent with the organization‘s desired image
 Building a trusting relationship with visitors
 Reinforcing positive images that the visitors
 Encouraging visitors to return to the site.

Figure 2.1 : The Pepsi Website

Figure 2.2 : The Coca-Cola Website

The Toyota website given in following figure is a good example of an effective

web presence. The site provides a product showroom feature, links to detailed
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
information about each product line, links to dealers, and links to information about
the company and ancillary services it offers, such as financing and insurance. The
page also offers a help link and contact information.
A good example of how Toyota has created a presence with this page that is
consistent with its corporate philosophy is the statement that appears on the page.
They build a website that illustrates why Toyota‘s Cars and Trucks are ideal for
customers.
The Toyota example illustrates that the web can integrate the opportunity to
enhance the image of a business with the provision of information. For some
organizations, this integrated image-enhancement capability is the key goal of their
web presence efforts. Non-profit organizations are an excellent example of this. They
can use their websites as a central resource for integrated communications with their
varied and often geographically dispersed constituencies.

Figure 2.3: The Toyota Website

The Uniqueness of the Web

When firms first started creating websites in the mid-1990s, they often built
simple sites that conveyed basic information about their businesses. Few firms
conducted any market research to see what kinds of things potential visitors might
want to obtain from these websites, and even fewer considered what business
infrastructure improvement would be needed to keep the site alive.
For example, few firms had e-mail address links on their sites, those firms that did
include an e-mail link, often understaffed the department responsible for answering
visitor‘s e-mail messages. Thus, many of the visitors‘ e-mails remained unanswered.
The failure to understand how the web is different from other presence-building
media is one reason why so many businesses fail to achieve their web objectives. The
scenario has changed for the better in the recent times with the prominence of Internet
technologies over others.
Now, most of the websites that are designed to create an organization‘s presence
in the web medium include links to a fairly standard information set. The sites give
visitors easy access to its history, statements about its objectives or mission,
information about products or services offered, financial information, and means of
communication with the organization. Such sites achieve varying levels of success,
depending largely on how they convey theses information. Presentation is important,
so also is realizing the fact that the web is an interactive medium.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Meeting the Needs of Website Visitors

Businesses that are successful on the web realized that every visitor to their
website is potential customer. Thus, an important concern for businesses crafting a
web presence is the variation in the visitors‘ characteristics. People who visit a
website seldom arrive at it by accident; they are at it for a specific reason. The web
designer who makes a site useful for everyone, needs to keep in mind some of the
possible reasons listed as follows:

 Learning about products or services that the company offers.

 Buying the products or services that the company offers.
 Obtaining information about warranties or service and repair polices for products
they have purchased.
 Obtaining general information about the company or organization.
 Obtaining financial information for marking an investment or credit-granting
decision.
 Identifying the people who manage the company or organization.
 Obtaining contact information of a person or a department in the organization.

E-marketing Value Chain

As such, e-marketing thrives with the maintenance of strong relationship between the
company and the customer. It is like a chain—the company acquires customers,
customers, fulfills their needs and offers support (before and after purchase), and gains
their confidence so that they return to it again. Thus the customer value is upheld. This is
illustrated in figure.

Customer Customer Customer Customer

Acquisition Support Fulfillment Support
(Pre- (Purchase (Post
(During
Purchase Dispatch) Purchase)
Purchase)
Support)

Figure 2.4 : E-Marketing value chain.

Site Adhesion : content format, and accessContent

A customer accesses a website for the content of that site. Initially a customer will
want to navigate quickly to gain a clear understanding of the site‘s progression to more
detailed information. The key to this is to match a user‘s psychological and technological
sophistication profile with that of the site‘s initial and subsequent impact.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Format
The format of an organization‘s site is important with respect to the customer‘s
technical sophistication. Vendors need to create a balance between information provision
and information delivery speed. The selection of data format is crucial, as initially the
goal is to create viewer interest and engage the viewer in a prolonged interaction.
Access
Online data access depends on the bandwidth requirement. The clear rule in the
initial interaction phase is to use as minimal a bandwidth as a feasible to facilitate as wide
an audience as possible.
Maintaining a Website
Creating a website that meets the needs of visitors with such a wide range of
motivations can be challenging. Not only do website visitors arrive with different needs,
but also they arrive with different experience and expectations levels. In addition to the
problems posed by the diversity of visitor characteristics, technology issues can also
arise.
These website visitors will be connected to the internet through a variety of
communication channels that different web browsers. Even those who are using the same
browser can have a variety of configurations. The wide array of browser add-in and plug-
in software‘s adds yet another dimension to visitor variability. Considering and
addressing the implications of these many visitor characteristics when building a website
can help convert those visitors into customers.
One of the best ways to accommodate a broad range of visitor needs is to build
flexibility into the website‘s interface. Many sites offer separate versions with and
without frames and give visitors the option of choosing either one. Some sites offer a
text-only version. As researchers at the trace center (http://trace.wisc.edu/) note, this can
be an especially important feature for visually impaired visitors who use special browser
software, such as the IBM Home Pager Reader, to access website content. The W3C Web
Accessibility Initiative site includes a number of useful links to information regarding
these issues
If the site design uses graphics, the site can give the visitor the option to select
smaller reasonable amount of time. If the site page will load on a low-bandwidth
connection in a reasonable amount of time. If the site includes streaming audio or video
clips, it can give the visitor the option to specify a connection type so that the streaming
media adjusts itself to the bandwidth of that connections.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
A good site design lets visitors choose among information attributes such as level
of detail, forms of aggregation, viewing format and downloading format. Many e-
commerce websites give visitors a selectable level of detail, presenting products
information by product line. The site presents one page for each line of products. A
product line page contains pictures of each item in that product line, accompanied by a
brief description. Using hyperlinked graphics for the product pictures, the site offers
visitors the option of clicking the product picture to get the page containing a detailed
description of that product.
Websites can also offer visitors, multiple information formats by including links
to files in those formats. For example, the page offering financial information could
include links to an HTML file, an Adobe PDF file, and an Excel spreadsheet file. Each of
these files could contain the same financial information formats, allowing visitors to
choose the format that best suits their immediate needs. Visitors looking for a specific
financial fact might choose the HTML file so that the information would appear in their
web browsers, other visitors who want to copy of the entire annual report as its was
printed would select the PDF file and either view it in their browsers or download and
print the file. Visitors who want to conduct analysis on the financial data would
download the spreadsheet file and perform calculations using the data in their own
spreadsheet software.
To be successful in conveying an integrated image and offering
information to potential customers, businesses should try to meet the following goals
when constructing their websites.
 Convey n integrated image of the organization.
 Offer easily accessible facts about the organization.
 Allow visitors to experience the site in different ways and at different levels.
 Provide visitors with a meaningful, two-way (interactive) communication link
with the
organization.
 Sustain visitor attention and encourage return visits.
 Offer easily accessible information about products and services and how to
use them.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Metrics Defining Internet Units of Measurement
Thee-commerce world has, since the establishment or starting point been
attempting to measure parameters associated with the Web and websites in order to
assess two things:
1. Advertising--how many people saw our banner ad?
2. Visitation-how many people came to our site?
For advertising, the metrics measured and their interpretation depend on the
position of the measurer. The advertising perspective is that metrics can give the
advertiser the most accurate interpretation of the customer-to-site usage ratio, but this has
come under increasing scrutiny as the technology and systems associated with Web
interfaces and networks become well understood by the advertisers. There is a problem
with using hits as a measuring tool.
What advertisers want to measure includes the number of unique visitations to a
site, as well as multiple other parameters, such as the duration of each visit. The number
of hits (visits) is calculated based on a frame of text or image file.
Sometimes, a single page may be made up of many of these. Thus, it distorts the
hit count. An alternative is to use a metric calculation which uses the whole page as a
metric. The problem with this is that a page is cached into the memory of a 'reader' or a
Web browser.
One visit to the page counts as one hit. But if the user then swaps between tasks
and pages, this page may actually be read many times, which should be counted as
multiple hits. Another problem is the user who utilizes a ‗bot‘ or a self-propelled search
engine to find some information.
This search agent will visit sites on the owner's behalf, but will not actually report
anything about the sites visited back to the owner, thus throwing off the hit count.
In-software metrics theory, one problem is the separation of direct and indirect
metrics or measurement. Direct measurement of an attribute is the measurement that does
not depend on the measurement of any other attribute. Indirect measurement of an
attribute is the measurement that involves the measurement of one or more other
attributes. Examples of direct metrics are shown in Table 4.3.
TABLE 2.3
EXAMPLES OF DIRECT METRICS
 Number of individual, authenticated user sessions.
 Authenticated user sessions by location.
 Authenticated user profiles by region.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Top 'entry' and 'exit' pages by authenticated users.
 Most-downloaded files.
 Advertising ‗captures‘
 Most-active, authenticated organizations accessing the site.
 Most-active countries, states, cities, and regions by authenticated users.
 Organizational breakdown of site access by authenticated users.
 Maximal, minimal, average number of authenticated users per period.
 Most-used browsers.
 Spiders or bot activity.
 Most-used platforms.
 Successful form submissions.
 Failed form submissions.
 Server error log (404 errors and the like)
 Top referencing sites.
&Examples of indirect metrics can be seen in Table 4.4.
TABLE 2.4
EXAMPLES OF INDIRECT METRICS
 Number of hits per page.
 Number of successful hits per page.
 Number of hits for total site.
 Number of hits per page, per session, per individual user.
 Average user session time in seconds.
 Most-accessed segments.
 Top paths through site.
 Views of banners.
 Hits by user groups.
 Total hits.
 Cached hits.
 Successful hits.
Failed hits
Many organizations are using the indirect metrics, as advertisedby the vendors of
packages and software tools, and this will significantly do something for the executives
of these firms to track directly the impact of their dollars being spent on their websites.
However, having some of these metrics even as partial views of the activities occurring in
a site, is better than having nothing.
Organizations in the online customer acquisition phase have attempted to refine
some of the indirect metrics to their needs, by understanding their limitations. These
include the following:

1. Click-through captures: -How many users click through to the next stage in
the customer acquisition process? .

2. Time spent. How long did the viewer stay at the site and which items, pages or routes
did the viewer select to navigate through the site?
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

3. Time spent searching.Did the viewer use the ‗site map' or 'search feature, and if so for
what and for how long?

4. Time spent before click-through.How long did a viewer linger in the opening stages
of the interaction and where?

5. E-mails and telephone calls.How many e-mails or calls did this section generate and
on what issues?

6. Registered users. If the site has a registration facility, what is the rate?

By assessing these metrics in conjunction with data from other sources such as the
direct sales and marketing channels, an organization can estimate the content, format, and
accessibility of the online site. Though not perfect, it does provide a useful set of
parameters from which to judge the site's effectiveness to retain eyeballs and potential
future customers.

The Browsing Behavior Model

Customers of an e-commerce site interact with it through a series of consecutive
and related requests made during a single visit called session. Within a session, customers
can issue requests of different types, such as Login, Browse, Search, Add to Shopping
Cart, or Pay.
Different customers may exhibit different patterns of navigation through an e-
commerce site and therefore may invoke the different functions provided by the site in
different ways and in different frequencies.
Some customers may be heavy buyers while others may be occasional buyers who
do extensive searching and browsing, but very rarely buy from the site. The customer's
behavior while interacting with an e-commerce site has impacts on the IT resources of the
site and on the revenue of the e-store. Thus, it is important to be able to characterize the
behavior of customers or groups of customers of an e-commerce site.
The customer model captures elements of user behavior in terms of navigational
patterns, e-commerce functions used, frequency of access to the various e-commerce
functions, and times between accesses to the various services offered by the site. A
customer model can be used for navigational and workload prediction, so that better
websites can be modelled.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Browsing Behavior Model of an Online Video Store

Let us use an example of an online video store to give an informal introduction to

the user behavior model of an e-commerce site. Consider an online video store in which
customers can perform the following functions:
1. Connect to the home page and browse the site by following links to bestseller
videos and promotions of the week per video category.
2. Search for titles according to various criteria including keywords and title.
3. Select one of the videos that results from a search and view additional
information such as a brief description of the product/products, price, shipping
time, ranking, and reviews.
4. Register as a new customer of the virtual video store. This allows the user to
provide a username and a password, payment information (e.g. credit card
number), mailing address, and e-mail address for notification of order status and
videos of interest.
5. Login with a username and password.
6. Add items to the shopping cart.
7. Pay for the items added to the shopping cart.

Thus, during a visit to the online video store, a customer issues requests that will
cause these functions to be executed. For example, a customer may cause a search to be
executed by submitting a URL that specifies the name of an application to be run at the
server through a server Application Programming Interface(API) and the keywords to
be used in the search.
The application will then execute a search in the site database and return an
HTML page with call the videos that match the search criteria. Remember that the
sequence of consecutive requests issued by the same customer during a single visit to an
e-commerce site is called a session.
A customer may be classified as being in different states, according to the type of
function (i.e. request) requested during a session. For example, the customer may be
browsing, searching, registering as a new customer, logging in, adding videos to the
shopping cart, selecting the result of a search, or paying for the order.
The possible transitions between states depend on the layout of the site. For
example, one customer may go from the home page to search, from search to select, from
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
select to add to cart, and from there to the payment area. Another customer may go from
the home page to the browse state before doing a search and leaving the online video
store without buying anything.

To capture the possible transitions between the states in which a customer may be
found, we need a model that reflects the navigational pattern of a user during a visit to an
e-commerce site (Figure 2.5).

Fig. 2.5 States and transitions of the BBMG for the virtual videostore.

The given model is in the form of a graph and is called the Browser Behavior
Model Graph (BBMG)." The nodes of the BBMG, represented by rectangles, depict the
states a customer is in during a visit to the e-commerce site. Arrows connecting the states
indicate possible transitions between them.

Entry
This is a special state that immediately precedes a customer's entry to the online
store. This state is part of the BBMG as a modelling convenience and does not
correspond to any action initiated by the customer.

Home
This is the state a customer is in, after selecting the URL for the site's home page.

Login
A customer moves to this state after requesting a login to the site. Sometimes,
even a home page may ask him to login.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Register
To have an account created by registering with the online video store, the
customer selects the proper link for the registration page, thus making a transition to the
Register state.

Search
A customer goes to this section after issuing a search request.

Browse
This is the state reached after a customer selects one of the links available at the
site to view any of the pages of the site. These links include the list of bestsellers and
weekly promotions.

Select
Asearch returns a list of zero or more links to videos. By selecting one of these
links, à customer moves to this state.

Add to Cart
Acustomer moves to this state upon selecting the button that adds a selected video
to the shopping cart.

Pay (Billing)
When ready to pay for the items in the shopping cart, the customer moves to the
Billing section.

Exit
Customers may leave the site from any state. Thus, there is a transition from all
states, except the entry state, to the exit state.

In the case of Figure 4.5, customers can enter the virtual video store at only three
states: Home. Browse, and Search. From the Home state, they can visit the Register,
Login, Browse, and Search states, as well as exit from the site.
This figure reflects all possible transitions between states. However, during a
single visit to the e-store, a customer may not visit all states, or there may be different
visits by the same customer to the site, or there may be visits from different customers in
terms of the frequency by which these states are visited.
Thus, to characterize the user behavior during a visit to the site, one must also
capture the frequency with which transitions occur.
Consider that during a visit to the e-commerce site, a customer visits the Select
state forty times. Out of these, the customer moves to the Search state sixteen times, to
the Browse state fifteen times, to the Add to Cart state eight times, and once to the Exit
state.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
We can then say that the transition frequencies out of the Select state are: 0.40
(=16/40) to Search state, 0.375 (=15/40) to Browse state, 0.2 (=8/40) to Add state, and
0.025 (=1/40) to state Exit.
In general, we label each transition in the BBMG with the frequency with which a
customer follows the path between two states. Since we use BBMGs to characterize the
behavior of many similar visits to the site, we refer to the transition frequencies as
transition probabilities.
For example, according to the BBMG of Figure 4.5, customers have a 10 per cent
probability of leaving the site after performing a search. This is indicated by a transition
from the Search state to the Exit state.
From the Search state, customers have a 20 per cent probability of going to the
Home state, a 25 per cent probability of doing another search, a 20 per cent probability of
selecting one of the videos that resulted from the search, and a 25 per cent probability of
going to the Browse state.
Different types of users may be characterized by different BBMGs in terms of the
transition probabilities. As an example, consider two customer profiles-occasional and
frequent buyers.
The first category is composed of customers who use the Web store to find out
about existing products, such as new books or best fares and itineraries for travel, but exit
most of the time without buying or selecting.
The second category is composed of customers who have a higher probability of
buying if they see a product that interests them and is affordable. Thus, workload
characterization for e-commerce entails in determining the set of BBMGs that best
characterize customer behavior.
Note that it is possible for the same customer to exhibit different types of
behavior during each visit to the site. Thus, a BBMG is in fact associated to a visit to the
site and not necessarily to a specific customer.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Aggregate Metrics for E-business Sites:
Since the Web became a widely used vehicle to support all sorts of applications,
including e-business, the need arose to devise metrics to measure a site's efficiency in
attaining its goals. Table 4.5 lists common e-business functions when customers get on to
an e-business website.
TABLE 2.5
AGGREGATE METRICS FOR E-BUSINESS SITES
Category Function Description
Common Login Login to the site. Register as a new user.
Register
Search site database. View one of the results
Search
Select of a search. Follow links within the site.
Browse
Retail Add Item Add item to shopping cart. Remove item from
Remove Item
shopping cart. Check contents and value of
See Shopping Cart
Create Registry shopping cart, Create a gift registry. Add item
Add to Registry
to gift registry. Check status of previous order.
Check Status
Pay Pay for items in shopping cart.
Information Download Download software/report/music. Subscribe to
Subscribe
regular downloads. Listen to real-time audio
Listen
Watch (e.g. lecture). Watch real-time movie.

Many metrics have been used to assess the success of sites in terms of popularity
and/ or revenue generated. Some of the standard metrics are as follows:

Hits/Second
This measures the number of requests for objects served in each second by a
website. A page is usually composed of one HTML file and several other embedded
image files that are automatically requested from the Web server when a user requests the
HTML document. So, hits/second counts not just the HTML pages but all embedded
objects in a page as separate requests, which does not give an exact idea of the number of
times a specific page, with its advertisement banners, was viewed.

Page Views/Day
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
This reflects the number of individual pages served per day. A company paying
for a banner ad to be posted on a page may be interested in the number of times its ad is
being seen. Very popular sites can display a few hundred million page views per day.

Click-troughs
This measures the percentage of users who not only view an online ad but also
click on it to get to the Web page behind it. This metric is oriented more towards
assessing the impact of online ads.
However, this measure can be misleading. If the message in the banner ad is too
general, it may draw a larger number of clicks than a more specific message. However,
users who respond to the more specific messages are more likely to be interested in the
product being advertised than those who react to the more general message.

Unique Visitors
This indicates how many different people visited a website during a certain period
of time. Many times it is more important to know how many different people visited your
site than the total number of visits received during a certain period.

Revenue Throughput :-
This is a business-oriented metric that measures the number of dollars/sec derived
from sales from an e-commerce site. This measure implicitly represents customer and site
behavior. A customer who is happy with the quality of service (e.g. response time) of an
e-business site will shop at the Web store, and the revenue throughput will increase.

Potential Loss Throughput

This is another business-oriented metric that measures the amount of money in
customers shopping carts that is not converted into sales because the customer leaves the
site due to poor performance or other reasons.

Online Marketing
Online marketing means using the power of online networks, computer
communications and digital interactive media to reach your marketing objectives. Online
marketing will not replace traditional forms of marketing anyway. Instead, it will both
add to and subtract from today's marketing mix.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
It will add more interactivity. But it will subtract costs. It will add more customer
choices. But it will remove, marketing's dependence on paper. It will add "information
value‖ to products and services. But it will take away barriers to starting a business or
extending a business into international markets.
And most importantly, it will turn upside down some old notions we have held of
what marketing is all about.
There are three new market segments which are as follows:

Cyber buyers
These are professionals who spend a good deal of time online, mainly at their
places of business. These professionals often have to make complex purchasing decisions
that require reams of data and difficult to locate sources of supply, all within a tight time
frame. That is a perfect fit with the capabilities of online technology.

Cyberconsumers
These are the home computer users wired up to commercial online services and
the Internet. This group represents the pot of gold, and marketers simply need to find
ways to make it more attractive to shop and buy online than to go to the local store.
Cybersurfers
They use online technology to expand their business future plans, challenge their
abilities, and for fun. This segment is typically younger, and possesses shorter attention
spans.
Some of the important aspects of marketing are advertising, sales, security of the
transactions and the mode of payment used for payments. And all of these have had to
adapt and change themselves according to the demands of the Internet.

How Should Buyers Pay Online?

The marketplace, as usual, is responding quickly to this concern. A few basic
models or approaches to net-based sales transactions are beginning to come into focus.
They are:
1. The consumer, responding to net-based marketing presentation, sends in a
cheque, or calls and verbally transmits a credit card number, over the
merchant's telephone. This is a fairly traditional approach, and no financial
transaction takes place on the Internet.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
2. The consumer (i) sets up an account with a merchant or a third party
organization, (ii) leaves his or her credit card number by means other than the
Internet, and (iii) gives the merchant the authorization to bill the account,
whenever the consumer chooses to buy something.
3. The consumer leaves his or her credit card number on an unsecure online
order form. With this approach, the consumer is put at some risk that the
credit card number will be compromised, but the risk is perhaps not much
greater than giving it out over the phone.
4. The consumer uses a secure (encrypting) client software program to transfer
his or her encrypted credit card number to a secure (decrypting) merchant
server.
5. The consumer exchanges traditional currency (cash, cheque, credit card
authorization) for some form of digital currency, and then spends units of that
currency whenever and wherever he or she likes. This requires some form of
―electronic wallet‖ to hold the currency and an account set up between the
currency provider and the participating merchants.

Advantages of Online Marketing

Some of the advantages of online marketing can be listed in the following manner: ...
1. Online marketing offers bottom-line benefits that tie in directly to the demands
placed on the organization trying to make a transition into the new economy.
2. Online marketing can save money and help you stretch your marketing
budget. Electronic versions of catalogues, brochures, and specification sheets do
not have to be printed, packaged, stored, or shipped. These can be updated online,
and hence, you need not have to send them back to the printer for changes. This
saves a lot of money.
3. Online marketing can save time and cut steps from the marketing process.
Marketers no longer have to wait for one of their sales representatives to give
them the desired information. They can get it online on their own. E-mail allows
you to exchange information with potential buyers quickly. It helps you get your
message out to the market in after a short time, with online brochures, catalogues
and so on.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
4. Online marketing gives customers another way to buy, while enabling them to
take control of the purchasing process. Today, customers want more. They want
more information about the products they buy; more input into the product itself,
and support after the sale. Smart marketers can expects maximum profit between
working together in online communications by encouraging the customer to get
engaged in making decisions about the product. They can choose the color, select
the shipping method, and place the purchase order themselves. The more you can
get the customer involved in the process of customizing the product and the
selling process to meet their particular needs, the more likely it is that you will get
the sale.
5. Online marketing can be information-rich and interactive. It appeals to
information hungry buyers and analytical buyers. It allows buyers and current
customers to search and locate the information they need quickly.
6. Online marketing can offer you instant international reach and indeed, online
networks have created an instant global community. Online marketing erases the
time and distance barriers (barrier i.e. a problem which prevents two groups from
agreeing or communication.) that get in the way of conducting business
transactions with customers in other countries.
7. Online marketing can lower barriers to entry and offer equal opportunity for
access. When you are doing business online, distinctions related to the ethnic
background or gender or even the size of business do not seem to matter as much.
The online world is a great leveller (leveller i.e. a situation where distinctions of
class, qualities are immaterial). And online marketing helps to lower many of the
marketplace barriers that have held some would-be entrepreneurs from full
participation in the free market system.
8. Online marketing can be continuously available. One of the best attributes of and
online information server is that it is always on the job, twenty four hours a day
365 days a year.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Various Businesses that Can Flourish(Flourish i.e. Attract you) on the
Internet:
Banking
The advent of Automated Teller Machines (ATM) has long extended banking into
a domain of activityof computer-network-enabled services. Now, online banks are being
set up exclusively to serve clients through the Internet, with the full range of banking
services –deposits, withdrawals, funds transfer, loans and other form of transactions.
Simultaneously, online financial services are being offered by other companies,
bringing investment opportunities to customers. And several companies are offering e-
cash services.

Databanks
In the information economy, pure data is emerging as a hot commodity. With the
ease and low cost of delivering information over the Internet pushing down prices, data-
vendors are building profitable businesses in the market space.
Convenient mechanisms for searching databases are making information services
use-friendly as well and importantly, businesses are also springing up to enable data-
shoppers to hunt for the information they need, in the form of search engines which
search millions of documents on the Internet to track down information.

Music
Since it is recorded and stored digitally, music as well as the other audio products
are the perfect products for distribution over the Internet. Instead of buying cassettes or
CDs, customers can simply download the recordings from the site.
The world‘s top music labels are setting up websites from which Internet
shoppers can buy their favorite pieces. They are also creating customer involvement by
setting up virtual communities of music aficionados who can access sample, value-added
information, such as lyrics and scores, directly through the Internet.

Retailing
Two genres of online shopping malls are being set up by digital entrepreneurs.
The first consists of multimedia catalogues which shoppers can download through the
Internet without taking physical delivery.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The second variety is a supermarket service that offers gateways to the websites
of scores of other shops, acting as a single window for virtual shoppers. With electronic
payment systems becoming secure, customers will soon complete entire retailing
transactions on the Internet.

E-advertising
Advertising is a $500 billion worldwide industry that, until now, has been mainly
a one-way street, with consumers passively absorbing advertising messages. Advertisers
hoped that potential buyers would remember their slogan or jingle long enough to make a
trip to the store and purchase the product.
This has changed with the advent of interactivity. The new concept of
'interactivity' has overpowered the traditional concept of advertising, by putting the buyer
in the driver's seat. Interactivity allows consumers to increase their control over the
buying process. We are all deluged with an overflow of data. We long for a sense of
mastery over the information that washes over us. Given the opportunity, we will be more
selective about the kind of information we choose to receive. Interactivity gives us that
option. Thus, the audience is not captive any more, and the marketers would have to work
harder than before to entice them. The marketing efforts will have to be information-rich
and user-friendly.
Web-based advertising has become an important part of a company's
media mix. Numerous companies are committing large advertising budgets to the
Internet.
Following are the reasons for the growing importance of e-advertisements:
1. People increasingly prefer to surf the Internet rather than watch TV.
2. The target audience goes to the advertisement, rather than the other way around.
3. Development of business search engines by companies such as C2B
Technologies, which aim to link buyers with online bargain sites for over a
million products for comparison-shopping purposes.
4. Yahoo! has a business unit which offers contests and prizes to online
participants, which drive players to the websites of different clients. To play,
participants must provide certain data, including their preference of
advertisements and tastes, which presents a valuable database as to customer
preferences.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
5. The growth of e-business. Dell Computers, for example, estimates that by
2005, 85 per cent of its sales will be through the Internet.
6. The Internet is not geographically restricted. Amazon.com sells 20 per cent of
its books to foreign destinations, whereas a physical book store serves an area of
only a few square miles.

Various Means of Advertising

E-mail:-
The advantages of e-mail are its low cost and its ability to reach a wide variety of
targeted audiences. Most companies develop & customer database, to whom they send e-
mails. E-mail is emerging as a marketing channel that affords cost-effective
implementation and better, quicker response rates than other advertising channels.
Marketers should be racing to embrace the medium. Sometimes, it may also happen that
when every marketer starts overflow of prospects and customers with e-mail, the
consumers may react negatively.

Banners:-
They make up 50 per cent of online ad revenues, but their effectiveness may be
waning. When IBM kicked off banner ads in 1994 on tech site Hotwire, 30 per cent of the
people who saw the ads clicked on them. Now the overall click-through rate for banner
ads has dropped to a measly 0.3 per cent.
But it is the most commonly used form of advertising on the Internet. As you surf
your way through the information superhighway, banners are everywhere. The smaller
the file size, the quicker it gets loaded.
Typically, a banner contains a short text or a graphical message to promote a
product. A major advantage of using banners is the ability to customize them to the target
audience. One can decide which market segment to focus on.

Skyscrapers :-
These are the extra-long skinny ads running down the right or left side of a
website.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Banner Swapping :-
Banner swapping is nothing but a direct exchange of links between websites. To
be precise, company A may agree to display a banner (in the form of a link) of company
B in exchange for company B displaying company A's banner.

Streaming Video and Audio :-

Companies and content networks including RealNetworks, NetRadio, and Music
Vision, insert ads for marketers into music and video clips, as consumers listen to them.
It is much more like the TV that marketing advertisers know and trust. You can get click-
through rates of about 3.5 per cent, according to RealNetworks. Its widespread use will
depend on high speed Internet connections.

Effectiveness Tracking :-
This is an upstart DynamicLogic designed by a pioneering service to help
traditional advertisers gauge the impact of their marketing by placing tiny files, called
cookies, on viewers' computers. This helps them track where people go after seeing their
ads.

Mini-sites, Pop-ups :-
These ads burst upon the screens, allowing companies such as Volvo and
SmithKline Beecham's Oxy acne medicine to dish up games and product information.
Mini-sites allow advertisers to market without sending people away from the site they are
visiting. This type of advertising also gets higher click rates. Sometimes, these can be
intrusive and annoying.

Interstitials :- (an advertisement that appears while a chosen website or page is

downloading.)
Visit the railway site (www.indianrail.gov.in). When the site uploads, a new
window will open in your browser from Citibank, asking you to apply for a loan. These
windows are called interstitials, and they demand your attention because you must click
on them, even if only to close the window. It is estimated that the click-through rates are
as high as 5 per cent.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Sponsorships :-
Sponsorships can vary from a simple sponsorship of an e-mail list to much more
sophisticated site sponsorship deals. For example, the e-retailer 800.com (www.800.com)
sponsored a list of the top 10 videos which appeared alongside the 800.com logo on the
Hollywood stock exchange(www.hsx.com). By clicking on one of the video titles, visitors
were transported to the 800.com site, where they could purchase the video. The
advantage of sponsorships is that they can help to build a sponsor's brand by presenting it
within the context of the sponsored site and by creating value for visitors to that site.

Coupons :-
Companies such as cool savings (www.coolsavings.com) offer their members
discount coupons which they can print out and then use for both online and offline
retailers. Coupons can be an attractive marketing mechanism because they encourage
product trial, and they are a way of selectively discounting prices to the most price
sensitive customers (those are willing to go to website and print out a coupon).

Pay Per Advertising View :-

Companies such as Cyber Gold "pay‖ customers to view advertisements. The
approach uses the accountability of the Web to reward consumers for processing the
"right" kind of information.

Loyalty Programs :-
Companies such as click rewards (www.clickwards.com) offer their members the
chance to earn a currency, such as airline miles, by shopping at their network of partner
sites. The economics of customer retention are well known. An existing, loyal customer
is much more profitable than a new one, so rewarding existing customers to encourage
them to remain loyal can be a good tactic.

Partnerships :-
While many offline companies arrange partnerships, the use of partnerships is
more widely in the New Economy. Similar to the manner in which complementary
companies often collaborate to push a new technology, Web companies often partner
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
with complementary sites to quickly provide a more value-enhanced service to site
visitors. One prevailing strategy is to select a customer niche and provide services that
encompass the customer's entire needs in that area.

Innovative Customer Acquisition :-

As the Internet market becomes more competitive, competitive advantage will be
derived from innovative marketing. One form of innovative marketing is to ally with
groups. (or associations, and provide a complementary service that benefits the group's
membership.. By creating such an alliance, a new site can launch with a large customer
base without incurring expensive and risky marketing fees. In such an arrangement, a site
generally says the group a fee for access to its membership.

Providing Information :-
The Web allows sites to instantly offer information that is relevant to their
customer base. Many sites provide instantly accessible information to their customers as
a form of marketing and product differentiation. The e-commerce market for travel
(airlines, hotels, etc.) is very competitive, with many well-funded players. Sites try to
differentiate themselves by offering vast amounts of information to their customers.
Travel information can range from top restaurant and hotel information targeted toward
expense account business travellers, to time sensitive travel information to budget-
minded leisure travellers. Customers evaluate the information they receive and establish a
relationship with the site that best meets their needs. Sites try to capitalize on this
relationship by offering e-commerce opportunities like travel reservation services.

Leverage the Customer Base :-

A primary goal of e-commerce businesses today is to invest heavily in creating a
large customer base and establishing a relationship of trust with their customers. Many
firms are trying to establish a reputation that conveys to its customer base that they are a
solid company that is good at fulfilling e-commerce orders.
Eventually, as a company establishes a large and loyal customer base, the goal is
to leverage this relationship by offering an expanded product/service selection to its
customers. Amazon has successfully leveraged its customer base. Within four months of
offering CDs and six weeks of offering videos, Amazon was the top-selling site for both
products.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Personalized Online Communications
Online companies have the opportunity to reduce mass-marketing expenses and
increase response rates by developing marketing strategies that center around each
individual customer.
The manner in which transactions occur on the Internet provides e-commerce
companies with detailed information on their customers. Information derived from
customers registering preferences and demographic information, as well as firms
analyzing past purchases and Web-surfing habits, provides e-commerce companies the
opportunity to create a one-to-one marketing relationship with each of their customers.
In addition to this information, many e-commerce companies use their sites to
establish a two-way dialogue with their customers. This dialogue provides additional
information regarding product desires and better avenues to market them. We categorize
personalized marketing into five primary forms: (1) permission marketing, (2)
personalized recommendations, (3) personalized advertisements, (4) personalized web
pages, and (5) personalized e-commerce stores.

1. Permission marketing. Seth Godin coined the term permission marketing to

describe how successful e-mail campaigns can result from creating relationships with
customers. Permission marketing has become the current rage of online marketers and
has led to increases in marketing response rates.
Permission marketing presumes that successful marketing campaigns can be
created by establishing a mutually beneficial and trusting relationship between the firm
and its customers. In exchange for some offered benefit, customers volunteer information
about themselves and, in essence, ask to be marketing targets.
Once customers initiate this relationship, they look forward to e-mail messages
because they know that these messages will be on relevant topics. By using the
permission marketing philosophy, online firms create a valuable database of customers
who have given the firm the permission to market to them and are receptive to marketing
messages.
Permission marketing e-mails must be relevant to the consumer. Relevance can
range from general interest to very specific interest. Response rates and trust can increase
by sending permission marketing e-mails that are highly specific to customers' interests.
Many online firms ask their permission marketing customers for detailed personal
information when they sign up for e-mails.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
This information allows them to send more targeted e-mails to specific segments
of the firm's customer base. Customers appreciate these targeted e-mails, and this
increases their relationship level with the firm. The associated increased trust level may
also induce customers to reveal additional information about themselves.

2. Personalized recommendations.Many e-commerce sites have personalized

services that make specific merchandise recommendations for each user based on past
purchases, web pages viewed, and survey information that the user has provided.

3. Personalized advertisements.Websites increasingly are using personalized

technology software to determine dynamically, in real time, which Web advertisements
should be exposed to viewers. ZDNET uses personalization technology that is based on
an analysis of five user profile and impression environment variables.
Variables used include the user's past click behavior, time of day, the page,
belonging to frequency of visits, and search keywords. Based on these variables, users are
given a relevancy score (i.e. indicator of the probability of a click), and ads that are most
likely to be of interest to the viewer are displayed.
4. Personalized Web pages.Many portals and e-commerce sites allow users to
create their own personalized Web page. This allows users to create a Web page that
caters exactly to their interests. Personalization encourages users to return more often and
increases the user's familiarity and trust with the Web page.
This leads to users spending more time on the website, thereby increasing
advertising exposure time. Since a creator/user of a personalized Web page reveals
detailed personal information, the site sponsoring the personalized Web page can deliver
more targeted consumers to advertisers. This results in an opportunity to charge increased
ad rates to reach specific customer groups.
At portal site Excite, users can create a personalized portal page using Excites
'My Excite service. Excite found that users who create a ‗My Excite' personal page come
back five times as often as others, and view twice the number of pages compared to
Excite users who do not have a personal page. This has allowed Excite to reap higher
advertising revenues. In addition, personalization
increases users' switching costs.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
5. Personalized e-commerce stores.One of the goals of online merchants is to
use Internet technology and their knowledge about individual consumers to tailor their
products and services for each of their customers.
Jeff Bezos, Amazon's chairman, has stated that one of his goals is to have his
"store redecorated for each and every customer.‖ However, he cautions that it could take
up to 10 years to achieve such individual customization. Office Depot offers its small-
business customers personalizedcatalogues, allowing businesses to create real-time
unique catalogues for their employees, based on their buying authority.
In addition to making their customers' shopping experience more pleasant,
personalization is a key tool for increasing switching costs. If a customer is satisfied and
becomes dependent on a site that offers personalized services, it will be more costly to
switch sites. Even if a competing site offers superior services, there is a certain inertia
that often slows users from switching sites.

Conducting Online Market Research

The Internet is a powerful and cost-effective tool for conducting market research
regarding consumer behavior, identifying new markets, and testing consumer interest in
new products. Interest in interactive Internet research methods is on the rise.
Market research that utilizes the Internet is frequently more efficient, faster, and
cheaper, and allows the researcher to access a more geographically diverse audience than
those found in offline surveys. Furthermore, the size of a market research sample is a key
determinant of research design.
The larger the sample size, the larger the accuracy and the predictive capabilities
of the results. On the Web, market researchers can conduct a very large study much more
cheaply than with other methods.
The Internet-based market research is often done in an interactive manner by
allowing personal contacts with customers, and it provides marketing organizations with
greater ability to understand the customer, market, and the competition.
For example, it can identify early shifts in products and customer trends, enabling
marketers to identify products and marketing opportunities and to develop those products
that customers really want to buy. It also tells management when a product or a service is
no longer popular. To learn more on market research on the Web, see the tutorials at
Webmonkey.com.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Online market researchers have to address numerous issues. For example,
customers may refuse to answer certain questions. Also, the administration of
questionnaires can be lengthy and costly.
Furthermore researchers risk losing people who do not complete online
questionnaires because they may not have the latest, fastest computers or a fast Internet
connection. For example, long download times and slow processing of Web-based
questionnaires lead only to frustration on the part of the customers; it can convince them
not to return to a site, leading to lost respondents and future sales.

Online Market/Research Process and Results

The steps in conducting online research are shown in Figure 2.6.

Problem Research Data Results,

definition methodology, collection, Data Recommendations,
and research Data collection analysis Implementation
objectives plan

Fig. 2.6 Steps needed in online research.

Steps in Collecting Market Research Data :-

1. Define the research issue and the target market.
2. Identify newsgroups and Internet communities to study.
3. Identify specific topics for discussion.
4. Subscribe to the pertinent groups; register in communities
5. Search discussion group topic and content lists to find the target market.
6. Search e-mail discussion group lists.
7. Subscribe to filtering services that monitor groups.
8. Enter chat rooms, whenever possible.

Content of the Research Instrument :-

1. Post strategic queries to groups.
2. Post surveys on your website. Offer rewards for participation.
3. Post strategic queries on your website.
4. Post relevant content to groups with a pointer to your website survey.
5. Post a detailed survey in special e-mail questionnaires.
6. Create a chat room and try to build a community of consumers.

Target Audience of the Study :-

1. Compare your audience with the target population.
2. Determine your editorial focus.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
3. Determine your content.
4. Determine what Web services to create.

Responses can be validated as they are entered, and other elements can be added
to the questionnaire, such as graphics, logos, and links to other Web pages. Also, data re-
entry errors are eliminated and statistical analyses can be done in minutes.
Data from prospective participants can also be collected across international
borders. In addition, the participants have the flexibility of responding at any time, at
their own convenience. Real-time information and reporting can also be accomplished.

Tracking Customer Movements on the Internet

Through the Internet, it is possible to learn about customers by observing their
behavior on the Internet rather than interacting with them and posing questions to them.
Many marketers keep track of consumers Web movements using cookie files
attached to a user's browser to help track a Web surfer's movements online, whether or
not consumers are aware of it.

Limitations of Online Research

Online research is not suitable for every client or product. Although the Web-user
demography (i.e. Statistically Studying) is rapidly diversifying (i.e. vary range of
products), it is still skewed (i.e. sudden change the direction) towards certain population
groups, such as those with Internet access.
If a company manufactures a consumer product such as laundry detergent.
Internet research may not be an ideal research tool, because it may not reach enough of
the company's target market which in this case may be uneducated women in Indian
villages.

Building Customer Relationship Based on One-to-One Marketing

One-to-one marketing is a type of relationship marketing. Relationship marketing
is the overt attempt of exchange partners to build a long-term association, characterized
by purposeful cooperation and mutual dependence on the development of social as well
as structural bonds. It includes the concepts of loyalty or support and trust.
To be a genuine one-to-one marketer, a company must be able and willing to
change its behavior towards an individual customer based on what they know about that
customer. So, one-to-one marketing is really a simple idea--"Treat different customers
differently." It is based on the fact that no two customers are alike.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
One-to-one marketing involves much more than just sales and marketing, because
a firm must be able to change how its products are configured or its services are delivered
based on the needs of individual customers. Smart companies have always encouraged
the active participation of customers in the development of products, services, and
solutions. For the most part, however, being customer oriented has always meant being
oriented to the needs of the typical customer in the market--the average customer. But in
order to build enduring one-to-one relationships, a company must continuously interact
with customers and address their needs individually.
The actual, detailed mechanics of building a one-to-one relationship depends on
understanding the various ways in which customers are different and how these
differences should affect the firm's behavior towards particular, individual customers.
One reason so many firms are beginning to focus on one-to-one marketing is that this
kind of marketing can create high customer loyalty and, as a part of the process, help a
firm's profitability.
Acompany increases loyalty in its own customers--one customer at a time—by
establishing a learning relationship with each customer, starting with the most valuable
customers. Think of a learning relationship as a relationship that gets better with every
new interaction.
A customer tells a company of some need (or they learn about it otherwise), and
the company customizes its product or service to meet this need. With each interaction
and re-customization, the company better fits its product to this particular customer.
Thus, the company makes the product more valuable to this customer. Then the customer
is more likely to remain loyal to the company.
One of the benefits of doing business over the Internet is that it enables companies
to better understand their customers' needs and buying habits, which in turn enables them
to improve and frequently customize their future marketing efforts.

Market Segmentation :-
For years, companies used direct mail to contact customers. However, they did it
regardless of whether the products or services were appropriate for the individuals on the
company's mailing list. The cost of the direct mailings was about $1 per customer, and
only 1 to 3 per cent responded. This meant that the cost per responding customer was
between $33 and $100. Obviously, this type of direct marketing was not cost-effective.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In segmentation, the company breaks thousands of customers into smaller
demographic segments and tailors its campaigns to each of those segments. Segmentation
is done with the aid of tools such as data modeling, warehousing, and mining. Using data
mining and Web mining, businesses can look at consumer buying patterns to slice
segments even finer.
Unfortunately, this is not an easy process, and it requires considerable resources
and computer support. Most of the segmentation success stories involve large companies.
For example, Royal Bank of Canada segments its 10 million customers at least once a
month to determine credit risk, profitability, and so on.
Their segmentation is very successful. The response to Royal Bank of Canada's
advertising campaigns has increased from 3 to 30 per cent. Segmentation is less
expensive than one-to-one personalization.
It is also easier to obtain and maintain the necessary data. Segmentation is
important when the Internet goes for localization for advertisement, especially in India
with so many different states and languages. See Table 4.6.
TABLE 2.6
CONSUMER MARKET SEGMENTATION IN INDIA
Segmentation Bases/Descriptors
Geographic Region and states
Size of state, city, district, village
Statistical area
Population density Climate
Demographic Age
Occupation
Sex Education
Family size
Religion
Family life cycle
Caste
Income
Linguistic groups
Psychosocial Social classes
Lifestyles
Personality
Cognitive, Affective, Attitudes
Behavioural Benefits sought
Loyalty status
Readiness stage
Usage rate
Perceived risk
User status
Innovativeness
Usage situation Involvement
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Problems of Internet Marketing in India

Internet marketing is now focused on urban and educated middle class population.
To understand the growth of Internet users in India. We need to channelize the numbers
appropriately by addressing the issue of ―Who is an Internet user in India?"
A typical Internet user in an Indian household is a male student who is studying in
graduation/post graduation and is aged between 19–25 years. Only 12 per cent of the
Internet users are traders/businessmen, which is probably explained by the low level of
web enablement of retailers in India.
Further only 4 per cent of the Internet users are housewives; this is a potential
segment that can be tapped by the family product segment using the Internet.
The Internet is being used for varied purposes. Surveys have been conducted to
determine the most important reasons for using the Internet. Table 2.7 is a representation
of the varied uses of the Internet in India.
www.coil.com 6 www.sify.com
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 2.7
USE OF INTERNET IN INDIA
Used for % of users % of time
E-mail 90 35
Information 50 9
Chat 43 9
Education Academic Info 41 11
Downloads 38 6
Music/Movies/Entertainment 27 4
Jobs 23 4

Educational and Age Profiles of Users? The educational and age profiles of users in
India are observed as shown in Figure 2.7 and Table 2.8 respectively.8

Undergraduates. ,
8

Postgraduates , 26

Graduates , 37

Professionals , 29

Fig. 2.7 Educational profile of users.

TABLE 2.8
AGE PROFILE OF INTERNET USERS IN INDIA
Age Users (%)
15-20 25
21-25 29
26–30 14
30+ 32
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Gender
Currently, the Internet use has been found to be male dominant.
Gender % of users
Male 76
Female 24

Points of Access
Regarding the region-wise distribution within India, more than two-thirds of the
Indian Internet users are found to be in 6 cities. See Table 2.9.

Delhi • Mumbai
Bangalore Hyderabad
Chennai Pune

TABLE 2.9
POINTS OF ACCESS FOR INTERNET IN INDIA
Internet accessed from % on a working day % on a holiday
Home 25 47
Cyber Cafe 30 27
Work 29 07
Others 16 19

Considering the trends in the Indian market, it can be concluded from the rate of
growth of Internet and computer usage that India has the potential to grow even more in
this field and finally emerge as one of the countries with an exceptionally high computer
and Internet user population.
However, right now, Internet marketing and advertising is very minimal; limited
to a small segment of the population.

Data Mining and Marketing Research

Customer data accumulates daily in an ever-increasing quantity. Large companies
such as retailers, telecommunication companies, PC makers, and car manufacturers build
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
large data warehouses to store such information. To sift through the large amounts of data
(e.g., in order to analyze buying habits), marketers use data mining tools.
Data mining derives its name from the similarities between searching for valuable
business information in a large database and mining a mountain for a vein of valuable ore
(i.e. valuable/profitable mineral from mine). Both processes require either sifting (i.e.
making separate or isolate)through an immense amount of material or intelligently
probing it to find exactly where the value resides. Given databases of sufficient size and
quality, data mining technology can generate new business opportunities by providing
these capabilities.
 Automated prediction of trends and behaviors. Data mining automates the
process of finding predictive information in large databases. Questions
that traditionally required extensive hands-on analysis can now be
answered directly and quickly from the data.
 Automated discovery of previously unknown patterns. Data mining tools
identify previously hidden patterns. An example of patter discovery is the
analysis of retail sales data to identify seemingly unrelated products that
are often purchased together, such as baby diapers and beer. Other pattern
discovery problems include detecting fraudulent credit card transactions
and identifying anomalous data that may represent data entry keying
errors.

The following are the major characteristics and objectives of data mining:
1. Relevant data are often difficult to locate in very large databases.
2. In some cases, the data are consolidated in data warehouses and data marts;
in others, they are kept in databases or in Internet and intranet servers. Data
mining tools help remove the information buried in corporate files or archived in
public records.
3. ―The "miner" is often an end-user empowered by ―data drills" and other power
query
4. Tools to ask ad hoc questions and get answers quickly, with little or no
programmingskills.
5. ―Striking it rich‖ often involves finding unexpected, valuable results.
6. Data mining tools are easily combined with spreadsheets and other end-user
software development tools; therefore, the mined data can he analyzed and
processed quickly and easily.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
7. Data mining yields five types of information: (a) association,
(b)Sequences, (c) Classifications, (d) Clusters, and (e) Forecasting.

Data miners can use several tools and techniques. The most well-known tools of
data
mining are:
 Neural computing.Neural computing is a machine learning approach by which
historical data can be examined for patterns. Users equipped with neural
computing tools can go through huge databases and, for example, identify
potential customers for a new product or search for companies whose profiles
suggest that they are headed for bankruptcy.
 Intelligent agents. One of the most promising approaches to retrieving
information from the Internet or from intranet-based databases is through the use
of intelligent agents.
 Association analysis. This approach uses a specialized set of algorithms that
sorts through large data sets and expresses statistical rules among items.

Data mining can also be used to analyze websites. Web mining is the application
of data mining techniques to discover actionable and meaningful patterns, profiles, and
trends from Web resources.
The term Web mining is being used in two different ways. The first, Web content
mining, is very similar to text mining. It is the process of information discovery from
millions of Web documents.
The second, Web usage mining, is the process of analyzing Web access logs (or
other information connected to user browsing and access patterns) on one or more Web
localities. Table 2.10 shows various industries where data mining can be used.

TABLE 2.10
DATA MINING APPLICATIONS
Industry Applications
Retailing and sales Predicting sales, determining inventory levels and
distribution schedules.
Banking Forecasting levels of bad loans and fraudulent credit
card use, predicting credit card spending by new
customers, predicting .customer response to offers.
Airlines Capturing data on where customers are flying and the
ultimate destination of passengers who change carriers in
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
mid-flight; thus, airlines can identify popular locations
that they do not service and check the feasibility of
adding routes to capture lost business.
Broadcasting Predicting what is best to air during prime time and how
to maximize returns by interjecting advertisements.
Marketing Classifying customer demographics that can be used to
predict which customers will respond to a mailing or buy
a particularproduct.

Intelligent Agents in Marketing and Customer-related Applications

As the number of customers, products, vendors, and information increases, it
becomes uneconomical, or even impossible, to match customers and products and
consider all relevant information. The practical solution to handle the information
overload is to use intelligent and software agents.
Agents are used to support many tasks. One of the primary reasons for using such
agents is to overcome the tremendous amount of information overload. When going
through the purchasing decision process described earlier, for example, a customer must
examine large numbers of alternatives, each of which is surrounded by considerable
amounts of information.
A search engine is a computer program that can automatically contact other
network resources on the Internet, search for specific information or keywords, and report
the results. This type of request is repetitive, and answering such requests is costly when
done by a human. Search engines deliver answers economically and efficiently by
matching questions with FAQ templates, which include standard questions and "canned'
answers to them.
Unlike search engines, an intelligent agent can do more than just ―search and E-
match.‖ For example, it can monitor movement on a website to check whether a customer
seems lost or ventures into areas that may not fit his or her profile, and the agent can
notify the customer and provide assistance. Depending on their level of intelligence,
agents can do manyother things, some of which are demonstrated here. Of the many
agent applications, we cover only several representative ones. See Figure 2.8.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig. 2.8 Agent-purchasing.

Need Identification
Agents can assist the buyer with need identification by providing product
information and stimuli. For example, amazon.com provides its customers with an agent
that continuously monitors sets of data (such as the arrival of new books) and notifies
customers when a book in their area of interest arrives. Similar agents watch for stocks to
go below or above a certain level, sending the customer an e-mail when that level is
reached. Expedia.com notifies customers about low airfares to a customer's desired
destination whenever they become available.

Product Brokering
Once a need is established, customers search for a product (or service) that will
satisfy this need. Several agents are available to assist customers with this task.
The pioneering agent in this category was firefly (a person with bright ideas). This
agent, which was purchased by Microsoft and is no longer available independently,
initially helped users find music they were likely to enjoy. Firefly (and similar agents)
use a collaborative filtering process to build profiles of people willvisit a website.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Firefly provided works with a tool that identified them when they visited sites
participating in the Firefly program and recommended products/ services to them. Based
on people's likes (favorite movies, music, interests), Firefly helped marketers predict
what customers were likely to want next. This allowed marketers to reach out to
consumers with a customized pitch that was cheaper and more effective than mass
advertising. It made product recommendations based on the prioritization of attributes,
such as price and delivery time, by users.

Merchant Brokering
Once a customer knows what product he or she wants, the customer needs to find
where to buy it. Bargain Finder (from Andersen Consulting) was the pioneering agent in
this category.
The agent, used in online CD shopping, queried the price of a specific CD from a
number of online vendors and returned a list of prices. However, this system has
encountered problems because vendors who do not want to compete on price only have
managed to block out the agent's requests.

Negotiation
The concept of "market" implies negotiation, mostly about prices. In B2B
transactions, negotiation is very common. The benefit of dynamically negotiating a price
is that the decision is shifted from the seller to the marketplace. In a fixed-price situation,
if the seller fixes a price that is too high, sales will suffer. If the price is set too low,
profits will be lower. Electronic support of negotiation can be extremely useful.
Kasbah also uses intelligent agents in the negotiation process. Kasbah agents
(kasbah.com) can negotiate with each other following specific strategies assigned by their
creators. However, this agent's usefulness is limited by the fact that price is the only
parameter considered.
Agents can negotiate in pairs, or one agent can negotiate for a buyer with several
sellers' agents. In such a case, the contact is done with each seller's agent individually, but
the buyers agent can conductcomparisons.
Purchase and Delivery
Agents are used extensively during the actual purchase, including arranging
payment and delivery with the customer. For example, if a customer makes a mistake
when completing an electronic order form, an agent will point it out immediately.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
When customers buy stocks, for example, the agent will tell the customers when a
stock they want to buy on margin is not marginable, or when the customer does not have
sufficient funds. Delivery options at amazon.com, for example, are posted by agents and
the total cost is calculated in real-time..

Measuring the Effectiveness of E-advertising

As more companies rely on their websites to make a favorable impression on
potential customers, the issue of measuring website effectiveness has become important.
Mass media efforts are measured by estimates of audience size, circulation, or
number of addressees. When a company purchases mass-media advertising, it pays à
dollar amount for each thousand persons in the estimated audience.
This pricing metric is called cost per thousand or cost per metric, and is often
abbreviated as CPM in short for cost per thousand impressions.
In reality, measuring Web audiences is more complicated because of the Web's
interactivity and also because the value of a visitor to an advertiser depends on how much
information the site gathers from the visitor (for example, name, address, e-mail address,
telephone number, and other demographic data).
Since each visitor voluntarily provides or refuses to provide these bits of
information, all visitors are not of equal value. Internet advertisers have developed some
web-specific metrics, described in this section, for site activity, but these are not
generally accepted and are currently the subject of debate.
When a visitor requests a page from the website, it is counted as one visit. Further
page loads from the same site are counted as part of the visit for a specific period of time.
This period of time is chosen by the administrators of the site and is dependent on
the type of the site. A site that features stock quotes, might use a short time period,
because visitors may load the page to check the price of one stock, and reload the page 15
minutes later to check another stock's price.
A museum site would expect a visitor to load multiple pages over a longer time
period during a visit, and would use a longer visit time window. The first time a
particular visitor loads a website page is called a trial visit; subsequent page loads are
called repeat visits. Each page loaded by a visitor counts as a page view.
If the page contains an ad, the page load is called an ad view. Some Web pages
have banner ads that continue to load and reload as long as the page is open in the
visitor's web browser. Each time the banner ad loads is called an impression, and if the
visitor clicks the banner ad to open the advertiser's page, that action is called a click, or a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
click-through. Banner ads are often sold on a cost per thousand impressions or CPM
basis.
Rates vary greatly and depend on how much demographic information the
website obtains about its visitors, but most are within the range of $1 to $100 CPM.
One of the most difficult things for companies to do as they move on to the Web
is to determine the costs and benefits of advertising on the Web. Many companies are
experimenting with new metrics they have created that consider the number of desired
outcomes that their advertising yields.
For example, instead of comparing the number of click-through that companies
obtain per dollar of advertising, they measure the number of new visitors to their site that
buy for the first time after arriving at the site via a click-through. They can then calculate
the advertising cost of acquiring one customer on the Web and compare it to the cost of
acquiring one customer through traditional channels.

Internet Marketing Trends :

Technology-enabled Relationship Management
The nature of the Web, with its two-way communication features and traceable
connection technology, allows firms to gather much more information about customers'
behavior arid preferences than they can using micro-marketing approaches.
Now, companies can measure a large number of things that are happening as
customers and potential customers gather information and make purchase decisions. The
idea of technology-enabled relationship management has become possible when
promoting and selling via the Web.
Technology-enabled relationship management occurs when a firm obtains
detailed information about a customer's behavior. Preferences, needs, and buying patterns
and uses that information to set prices, negotiate terms, tailor promotions, add product
features, and otherwise customize its entire relationship with that customer.
Although companies can use technology-enabled relationship management
concepts to help manage relationships with vendors, employees, and other stakeholders,
most companies currently use these concepts to manage customer relationships.
Thus, technology enabled relationship management is often called Customer
Relationship Management (CRM) or Electronic-Customer Relationship Management (E-
CRM). Table 2.11 compares technology enabled relationship management with
traditional seller-customer interactions in seven dimensions.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 2.11
E-CRM VS CRM
Dimensions Technology-enabled Traditional relationships
relationship management (E- with customers (CRM)
CRM)
Advertising Provide information in "Push and sell" a uniform
response to specific customer message to all customers
inquiries
Targeting Identifying and responding to Market segmentation
specific customer behaviours and
preferences.
Promotions Individually tailored to customer Same for all customers
anddiscounts offered
Distribution channels Direct or through intermediaries; Through intermediaries
customer's choice chosen by the seller
Pricing of products Negotiated with each customer Set by the seller for all
or services customers
New productfeatures Created in response tocustomer Determined by the seller
demands based on research and
development
Measurements Customer retention: total valueof Market share: profit
usedto manage the the individual
cus-tomer customerrelationship
relationship

Successful, new Web-marketing approaches involve enabling the potential

customer to find information easily and to customize the depth and nature of that
information, and encourages the customer to buy.
Firms should track and examine the behaviors of their website visitors, and then
use that information to provide customize, value-added digital products and services in
the marketspace. Companies that use these technology-enabled relationship management
tools to improve their contact with customers will be more successful on the Web, than
firms that adapt advertising and promotion strategies that were successful in the physical
world but that are less effective in the virtual world.
The results of a survey of global chief executive officers indicate significant
Internet growth and business usage over the next five years, with 92 per cent of
executives projecting revenues derived from e-commerce.
Although the information technology that supports electronic marketing currently
accounts for just 8 per cent of the United States' total economic output, over the last five
years, it has fuelled more than one-third of economic growth in the United States. The
remarkable growth and impact of the Internet and World Wide Web have spurred almost
every business to explore e-marketing strategies to enrich relationships with customers,
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
employees, and suppliers. In fact, the characteristics and availability of the e-commerce
infrastructure are driving strategic planning.

Target Markets
Marketing strategy involves identifying and analyzing a target market and
creating a marketing atmosphere that satisfies the individuals in that market. Increasingly,
marketers are reaching those individuals through the Internet. Currently, about 110
million Americans access the Internet either at home or at work. Although Internet access
outside the US has lagged behind in usage, people around the world are rapidly
discovering the Web's potential for communication and e-marketing. Internet use by
consumers in other countries-especially Japan (26.9 million users), Germany (19.1
million), the United Kingdom (17.9 million), China (15.8 million), and Canada (13.28
million)—is escalating rapidly..
Although men have long dominated Internet usage statistics, women are using the
Internet for work and to simplify their lives, especially to save time and money. There are
27 million women online in the US, about 46 per cent of American Internet users, but
some experts predict that women would have outnumbered men (60 per cent to 40 per
cent) on the Internet by 2002.
Women are also shopping online -53 per cent of women visitors make online
purchase. Internet access by American minority groups is also increasing, with 6.9
million Hispanics, 4.9 million blacks, and 4 million Asians online today.
Marketers are also interested in the increasing use of the Internet by teenagers and
seniors over the age of 55 years. The 11 million American teenagers using the Internet,
spent $161 million online this year, and experts project that their numbers will reach 15.3
million and $1.4 billion in 2002.
Seniors spent $3.5 billion online this year and are projected to reach $16.7 billion
in online spending by 2002. Such important target markets booming with Internet use,
more and more companies are finding market opportunities online.

Product Considerations
The exponential growth of the Internet and the World Wide Web presents
significant opportunities for marketing products to both organizationsand consumers.
Through e-marketing strategies, companies can provide products, including goods,
services, and ideas, that offer unique benefits and improve customer satisfaction.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Computers and computer peripherals, industrial supplies, and packaged software
are the leading organizational purchases online. Consumer products account for a small
but growing percentage of Internet transactions, with securities trading, travel/tourism,
and books among the hottest consumer purchases.
The online marketing of goods such as computer hardware and software, books,
videos, CDs, toys, automobiles, and even groceries is accelerating rapidly. Ideas such as
marriage counselling, medical advice, tax/legal advice, and even psychic services, are
being successfully marketed online as well.
Services may have the greatest potential for online marketing success. Many
websites have sprung up to offer or enhance services ranging from home and car-buying-
assistance to grocery shopping and travel reservations, and in the travel industry, for
example, the ease and relatively low cost of booking travel arrangements online has
fuelled online ticket sales, with bookings increasing from $276,000 in 1996 to $1.9
million in 1998. They are projected to reach $8.9 million by 2002.

E-branding
A known and respected brand name can present to potential customers, a
powerful statement of quality value and other desirable qualities in one recognizable
element. Branded products are easier to advertise and promote, because each product
carries the reputation of the brand name.
Companies have developed and nurtured their branding programmes in the
physical marketplace for many years. Consumer brands such as Ivory soap, Walt Disney
entertainment, Maytag appliances, and Ford automobiles have been developed over many
years with the expenditure of tremendous amounts of money. However, the value of these
and other trusted major brands far exceeds the cost of creating them.

Elements of Branding
The key elements of a brand are differentiation, relevance, and perceived value.
Product differentiation is the first condition that must be met with to create a product or a
service brand. The company must clearly distinguish its product from all others in the
market. This makes branding for products such as salt, nails, or plywood difficult, but not
impossible.
If a brand has established that it is different from competing brands and that it is
relevant, and inspires a perception of value to potential purchasers, those purchasers will
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
buy the product and become familiar with how it provides value. Brands become
established only when they reach this level of purchaser-understanding.
In traditional marketing, "branding" campaigns are designed to embed a company
or a product name in your consumer psyche. Firms often use a combination of persuasive,
emotional advertising campaigns and public relations to encourage a link between a
positive "feeling" and a product. If it works, it can make you want to spend your hard-
earned money as fast as possible. Online companies are putting branding to work with
remarkable success. Research shows the brand names of seven Internet companies are
already recognized by more than 50 million US adults, giving them ‗mega-brand' status.
According to Opinion Research Corporation International, the following Internet names
are top-of-mind with Americans: America Online, Yahoo!, Netscape, amazon.com,
Priceline.com, Infoseek, and Excite. Intelliquest a national computing survey was
conducted a research and asked 10,000 randomly selected Internet users (unaided by a list
of possibilities) to name the sites they associate with certain products. Following is the
result
 Books: Amazon.com (56%).
 Music: CDNow (24%)
 Computer Software: Microsoft (30%).
 Computer Hardware: Dell (20%) .
 Clothing: The Gap (12%).
 Travel: AOL, Yahoo!, Travelocity (each 8%)
 Autos: Yahoo! (6%)
This clearly shows the effect that e-branding has on the psyche of the consumer. This
e-branding criteria is summarized in Table 2.12..
TABLE 2.12
E-BRANDING CRITERIA

Element Meaning to the customer

Differentiation In what significant ways is this product or service
unlike its competitors?
Relevance How does this product or service fit into my life?
Perceived value Is this product or service good?
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
However, a debate still rages in the business departments of many Internet
companies over the importance of branding. How much effort should they spend on e-
branding initiatives, that is, building up an online brand? Will those resources be better
spent promoting e-commerce efforts which offer tangible returns?
Spiral Branding
The Internet does indeed open new possibilities and new dangers for anyone who
ignores the signs. The advent of Internet sites and mailings make possible a new form of
marketing called spiral branding.
There are two reasons. First, as consumers, it pays to be aware of the tactics
marketers are using to influence us. Second, many of us will need to understand and use
these techniques ourselves, in our own businesses.
The word ―spiral‖ describes the accelerating benefits of a positive feedback loop:
Bill Gates, for instance, often talks about the upward spiral of his Windows business.
Since there are more software, customers purchase more Windows machines and since
there are more customers, developers build more software which attract more customers.
And so goes the cycle.
Savvy (Able Marketers with good judgment of market) marketers use these
concepts to create a three-stage branding spiral. First, you use television, print or radio to
attract people's attention and send them to the Web.
Second, you use the Web to get those customers take interest (via specialized
content and interactive services) in your products. You also collect their e-mail addresses.
Third, you use e-mail to remind and induce them to return to the Web again. E-mail
closes the loop and takes people around the spiral again.
The keys to spiral branding are:
1. Use each media for its best purpose (for instance, don't try to create a
television experience on the Web).
2. Do it fast (get something up now and fine-tune as you go along).
3. Iterate constantly (make improvements each time around the spiral).

Branding is about controlling the free-association game to your advantage;

building an e-commerce powerhouse may be a company's stated objective, but it will not
get far unless it puts e-branding first.
The Internet is transforming customer buying behavior, with major consequences
for how the new breed of consumer develops familiarity with, and ultimately loyalty to,
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
the brand. Marketers who strive to capitalize on these shifts—as all successful marketers
must do—will have to better align their branding investments with new data about how
customers shop and buy online. Only by strategically recomposing the marketing mix can
marketers drive traffic, build brand equity and capture customer loyalty in the Internet
age.
While print, television, radio and related marketing vehicles are hardly
superfluous, the data does suggest that "old media― investments will be less effective in
building visibility and brand equity over the Web than a range of alternative programs
and tools that better align with online customer buying behavior.
Successful marketeers (i.e. people who sells goods in market) will experiment
with these emerging strategies to reach out to and connect with their Web-savvy
constituents. The following strategies appear particularly promising:

Search Engine Optimization

With nearly half of all Web users citing search engines as their primary portals to
new sites, marketers must re-examine their strategies for optimizing their rankings in
search results. Appearing among the first few pages of search results on the top search
engines is a black magic science practiced by (usually expensive) outsourcers who
specialize in the real-time adjustments that are the key to maximizing visibility on search
engines.

Affiliate Networks
Online marketers need to carefully plan and manage partner programs that give
them a broad reach of links on affiliate sites across the internet. Where 20 per cent of
Web users cite "random surfing‖ as their top means of finding new sites, marketers must
have extensive links in place, to maximize their reach to customers throughout the
Internet.
So-called ―affiliate networks‖—which typically reward referring to sites with a
commission or bounty based on click-through, sales leads or completed transactions are
generally much more cost-effective than standard cost-per-thousand banner campaigns.

Advocacy Marketing
Often the most powerful recommendation for a company is that of a satisfied
customer to a friend. With 20 per cent of surfers citing word of mouth from friends as
their top means of finding new sites, companies need to provide incentives (e.g.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
discounts, loyalty currencies) and simple mechanisms (e.g. Web-based e-mail forms,
pass-along e-mail newsletters) to enlist their customers as marketing advocates to their
friends—a strategy often referred to as "viral marketing" by online marketers.

Permission E-mail
When customers explicitly opt into permission marketing relationships, e-mail
can be one of the most cost-effective and brand-positive means of acquiring new
customers and remarketing to existing customers.
Savvy Internet marketers have realized that "e-mail marketing" does not need to
be synonymous with "spam‖. Instead, a range of strategies such as customer relationship
e-mail, corporate e-mail newsletters, reminder services, permission networks, sponsored
independent newsletters, discussion lists, and partner co-marketing can drive online
traffic and enhance brand equity.

Personalization and Mass Customization

Marketeers can dramatically enhance customers' online experience by personalizing their
Web presence and allowing customers to configure products and services (enabled by
mass customized back-end processes).
Sites can improve customer loyalty and build exit barriers with services such as
personalized customer interfaces, behavior-based recommendations and individual
product configuration. Personalization is the very essence of experiential branding,
whereby customers impact a product or service to reflect a bit of themselves through a
one-to-one interaction with the brand.

E-care
A key component of any brand experience is the quality of customer service and
support. While companies have long striven for customer service excellence in the offline
environment, they are finding that customer expectations for online service present many
unfamiliar challenges, such as managing a torrent of customer e-mail inquiries and
enabling efficient self-service knowledge bases.
With the proper allocation of resources, however, companies can experience bran
1-positive efficiencies, delivering quality customer service more efficiently online than
through traditional channels. Companies that disappoint the user's expectations, however,
will damage their online brand equity.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Conventional offline branding is a promise, a relationship built over time, across a
wide range of media, gradually giving customers and would-be customers an impression
of the organization and an expectation of its products or services.
E-branding is immediate. It is not based on the promise; it is based on that
dynamic flow of information or the transaction at hand. E-branding is the experience of
the words, images, and applications available on your site.
Creating the experience is creating what you wish users to feel and think about
you, as they operate quite independently from one on the digital frontier (i.e. separating
boundary). The experience, then, is your brand.
While existing brand equity can be brought to the online experience by your
customers, it can be destroyed in an instant through a negative interaction with your
website, banner ad, or multimedia presentation.

Marketing Strategies

Permission-marketing Strategies
Many businesses would like to send e-mail messages to their customers and
potential customers to announce new products, new product features, or sales on existing
products.
However, print and broadcast journalists have severely criticized some companies
for sending e-mail messages to customers or potential customers. Some companies have
even faced legal action after sending out mass e-mails. Unsolicited e-mail (i.e. voluntarily
or not called email) is often considered to be a spam.
Many businesses are finding that they can maintain an effective dialogue with
their customers by using automated e-mail communications.
Sending one e-mail message to a customer can cost less than one cent if the
company already has the customer's e-mail address. Purchasing the e-mail addresses of
persons who have asked to receive specific kinds of e-mail messages will add between a
few cents and a dollar 10 the cost of each message sent.
Another factor to consider is the conversion rate. The conversion rate of an
advertising method is the percentage of recipients who respond to an ad or promotion.
Conversion rates on requested e-mail messages range from 10 per cent 10 over 30 per
cent. These are much higher than the click-through rates on banner ads, which are
currently under 1% percent and decreasing.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The practice of sending e-mail messages to people who have requested
information on a particular topic or about a specific product is called opt-in e-mail and is
part of a marketing strategy called permission-marketing. Thus, a marketing strategy that
only sends specific information to persons who have indicated an interest in receiving
information about the product or service being promoted should be more successful than
a marketing strategy that sends general promotional messages through the mass media.
One website that offers opt-in e-mail services is yesmail.com.
To induce potential customers to accept or opt in to advertising information sent
via e-mail messages, the seller must provide some incentive.
This incentive could be entertainment, a chance to win a prize, or even a direct
cash payment. For example, AllAdvantage.com is a company that pays web users for
permission to monitor their web surfing activities.
After tracking these users, AllAdvantage.com presents targetted ads to them.
Advertisers are willing to pay a premium to have access to persons who have
demonstrated by their web surfinghabits thatthey are interested in the products or services
offered by the advertiser

Brand-leveraging Strategies
Rational branding is not the only way to build brands on the Web. One method
there working for well-established websites is to extend their dominant positions to other
are and services. Yahoo! is an excellent example of this strategy. Yahoo! was one of
directories on the Web.
It added a search engine function early in its development and has continued to
parlay (i.e. winning from previous bet)its leading position by acquiring other Web
businesses and expandingexisting offerings.
Then, Yahoo! acquired GeoCities and Broadcast.com, and entered into an
extensive cross-promotion partnership with a number of Fox entertainment and media
Yahoo! continues to lead its two nearest competitors, Excite and Infoseek, in ad revenue
by adding futures that Web users find useful and that increase the site's value to
advertisers..Amazon.com's expansion from its original book business into CDs, videos,
and auctions is another example of a website leveraging its dominant position by adding
features of existing customers.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Affiliate-marketing Strategies
Of course,this leveraging approach only works for firms that already have website
this dominate a particular market. As the Web matures. itwill be increasingly difficult for
new entrants (i.e. a group of participants)and attain dominance. A tool that many new,
entrants to identify unserved market segments and attain dominance.
A tool low-budget websites are using to generate revenue is affiliate marketing. In
affiliate marketing, one firm's (the affiliate firm's) website includes descriptions, reviews,
ratings, or other information about a product that is linked to another firm's site that
offers the item for the For every visitor who follows a link from the affiliate's site to the
seller's site, the affiliate
also obtains the benefit of the selling site's brand site receives a commission. The affiliate
site also obtains the benefit of the sell in exchange for the referral.
One of the more interesting marketing tactics made possible by the Web is con
marketing, which is an affiliate-marketing program that benefits a charitable organization
(and thus. Supports a "cause"). In cause marketing, the affiliate site is created to benefit
the charitable organization.
When visitors click a link on the affiliate's Web page, a donation is made by a
sponsoring company. The page that loads after the visitor clicks the donation linkcarries
advertising for the sponsoring companies. Many companies have found that the line
through rates on these ads are much higher than the typical banner ad click-through man
A leading retail Web florist, proflowers.com, has had excellent results advertising on the
Hunger Site page.
When a visitor clicks the button on this page, a group of
sponsoring advertisersdonates food to a hungry person and a page appears in the visitor's
browser with ads for the sponsors.

Viral-marketing Strategies
Traditional marketing strategies have always been developed with an assumption
that the company was going to communicate with potential customers directly or through
an intermediary that was acting on behalf of the company, such as a distributor, retailer,
or independent sales organization. Since the Web expands the types of communication
channels available, including customer-to-customer communication, another marketing
approach has become popular on the Web. Viral marketing relies on existing customers
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
to tell other persons—the company's prospective customers—about the products or
services they have enjoyed using.
Much as affiliate marketing uses websites to spread the word about a company,
viral marketing approaches individual customers to do the same thing. The number of
customers increases much as a virus multiplies, thus the name.

Website Naming Issues

Firms that have a major investment in branding a product or a service must
protect that investment. In previous chapter, you learned about the security issues
surrounding website naming.
The legal and marketing aspects of website naming can be very much
complicated. Although a variety of state and federal laws protect trademarks, the
procedure for creating and using website names that are not trademarks can present some
challenging issues.
Obtaining identifiable names to use for branded products on the Web can be just
as important as ensuring legal trademark protection for an existing brand investment.
In 1998, a poster art and framing company named Artuframe opened for business
on the Web. With quality products and an appealing site design, the company was doing
well, but it was concerned about its URL, which was www.artuframe.com. After
searching for a more appropriate URL, the company's president found the website of
Advanced Rotocraft Technology, an aerospace firm, at the URL www.art.com.
After finding out that Advanced Rotocraft Technology's site was drawing 150,000
visitors each month who were looking for something art-related, Artuframe offered to
buy the URL.
The aerospace firm agreed to sell the URL to Artuframe for $450,000. Artuframe
immediately changed its URL to Art.com and experienced a 30 per cent increase in site
traffic, the day after implementing the name change.
The newly named site however, did not rely on the name change alone. It has
since then entered a joint marketing agreement with Yahoo! that places an ad for Art.com
on art related search result pages. Art.com has also created an affiliate program with
businesses that sell art-related products and other organizations that have websites
devoted to art-related topics.
Another company that invested in an appropriate URL was Cars.com. The firm
paid $100,000 to the speculator who had originally purchased the rights for the URL.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Cars.com is a themed-portal site that displays ads for new cars, used cars, financing,
leasing, and other car-related products and services.
The major investors in this firm are newspaper publishers that wanted to retain an
interest in automobile-related advertising as it moved online. Classified automobile ads
are an important revenue source for many newspapers.
Table 4.13 lists domain names that have been sold for more than $1 million
each..
TABLE 2.13
DOMAIN NAMES THAT WERE SOLD
Domain name Price
Business.com $7.5 million
Altavista.com $3.3 million
Loans.com $3.0 million
Wine.com $3.0 million
Autos.com $2.2 million
Express.com $2.0 million
WallStreet.com $1.0 million

Although most domains that have high value are dot-com sites, the name
engineering.org sold at an auction to the American Society of Mechanical Engineers, a
not-for-profit organization, for just under $200,000.
Several legitimate online businesses, known as URL brokers, are in the business
of selling or auctioning domain names that they believe others will find valuable.
Companies selling ―good‖ (short and easily remembered) domain names include
Domains.com, DomainRace.com, GreatDomains.com, and HitDomains.com. Unclaimed
Domains sells a subscription to lists of recently expired domain names that it publishes
periodically, and the Netcraft website has a URL search function to search for words in
URLs.
The Internet Corporation for Assigned Names and Numbers (ICANN) maintains a
list of accredited domain name registrars, which are companies that have been authorized
by ICANN to sell the rights to use specific domain names ending in com, pet, and org.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Advertising-supported Model
The advertising-supported business model is the one used by network television
in the United States. Broadcasters provide free programming to the audience along with
advertising messages.
The advertising revenue is sufficient to support the operations of the network and
the creation or purchase of the programs.
Many observers of the Web in its early growth period, believed that the potential
for Internet advertising was tremendous. However, after a few years of experience trying
to develop profitable advertising-supported business models, many of those observers are
less optimistic.
The success of Web advertising has been hampered by two major problems. First,
as discussed earlier, no consensus has emerged on how to measure and charge for site
visitor views.
Since the Web allows multiple measurements, such as of number of visitors,
number of unique visitors, number of click-throughs, and other attributes of visitor
behavior, it has been difficult for web advertisers to develop a standard for advertising
charges, such as the CPM measure used for mass-media outlets.
In addition to the number of visitors or page views, stickiness is a critical element
for creating a presence that will attract advertisers.the stickiness of a website is its ability
to keep visitors at the site and to attract repeat visitors. People spend more time at a sticky
website and are thus exposed to more advertising.
The second problem is that very few websites have sufficient numbers of visitors
to interest large advertisers. Most successful advertising on the Web is targeted to very
specific groups. However, it can be difficult to determine whether a given website is
attracting a specific market segment or not, unless that site collects demographic
information, which the visitors are increasingly reluctant (i.e. unwillingly)to provide
because of privacy concerns.
Only a few general-interest sites have generated sufficient traffic to be profitable
based on advertising revenue alone. One of these is Yahoo!, which was one of the first
Web directories. Many people use Yahoo! as a starting point for searching the Web, and
the number of visitors increase day by day. This has made it possible for Yahoo! to
expand its Web directory into one of the first portal sites.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Because the Yahoo! portal's search engine presents visitors' search results on
separate pages, it can include advertising on each results page that is triggered by the
terms in the search. For example, when the Yahoo! search engine detects that a visitor
has searched on the term ―new car deals‖, it can place a Ford ad at the top of the search
results page.
Ford is willing to pay more for this ad because it is directed only at visitors who
have expressed interest in new cars. This example demonstrates one attractive option for
identifying a target market audience without collecting demographic information from
site visitors.
Unfortunately, only a few high-traffic sites are able to generate significant
advertising revenues this way. Besides Yahoo!, the main portal sites in this market today
are Excite, Infoseek, and Lycos.
Smaller general-interest sites, such as the Web directory refdesk.com, have had
much more difficulty than the larger search engine sites in attracting advertisers. This
may change in the future as more people use the Web.
Newspaper publishers have experimented with various ways of establishing a
profitable presence on the Web. It is unclear whether a newspaper's presence on the Web
helps or hurts the newspaper's business as a whole.
Although it provides greater exposure for the newspaper's brand and a larger
audience for advertising that the paper carries, it can also take away sales from the print
edition, a process called cannibalization. Newspapers and other publishers worry about
cannibalization (i.e. reduction of sales from company), because it is very difficult to
measure.
Some publishers have conducted surveys in to find out whether people have
stopped buying their favorite newspaper because the contents they want to see are
available online, but the results of such surveys are not very reliable.
Many leading newspapers, including The Washington Post and The Los Angeles
Times, have established online presences in the hope that they will generate enough
revenue to cover the cost of creating and maintaining the website. The Internet Public
Library Online Newspapers page includes links to hundreds of newspaper sites around
the world.
Although attempts to create general-interest websites that generate sufficient
advertising revenue to be profitable have met with mixed results, sites that target niche
markets have been more successful. For newspapers, classified advertising is very
profitable. Therefore, it is not a surprise that websites which specialize in providing
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
only classified advertising, have profit potential if they can reach a narrow enough
target market.
An implementation of the advertising-supported business model which appears to
be successful is web employment advertising. Firms with websites such as
CareerSite.com and JOBTRAK offer international distribution of employment ads.
As the number of people using the Web increases, these businesses will be able to
move out of their current focus on technology and higher-level jobs and include
advertising for all kinds of positions.
These sites can use the same approach that search engine sites use to offer
advertisers target markets. When a visitor specifies an interest in, for example,
engineering jobs in Dallas, the results page can include a targeted banner ad for which an
advertiser will pay more, because it is directed at a specific segment of the audience.
Employment ad sites can also target specific categories of job seekers by
including short articles on topics of interest. This will also ensure that qualified people,
who are not necessarily looking for a job, keep coming back to the site; such people are
the candidates most highly sought after by employers.

Marketing Strategy on the Web

Finally, it needs to be reiterated that strategy for marketing on the Internet should
follow rules such as those given in Table 2.14.
TABLE 2.14
MARKETING STRATEGIES FOR THE WEB
Strategy Rules
Brands Your website becomes your most important brand.
Change Keep in mind that the marketing rules on the Internet are
constantly changing.
Conciseness Keep your pages short, and spread information on several
pages. Content is the king and so make it interesting.
Content Dynamic Create dynamic sites that use new technologies to adapt
sites information based on user profiles.
Finances Free Try new markets with low advertising pricing schemes.
giveaways Global Create free offerings for your loyal customers.
village Live events Think global, but localize.
Niche markets Online events create quick awareness.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Promotion The Internet is a series of niche markets and mass markets.
Syndication Promote your site everywhere.
Technology Co-brand your services and products.
Use Internet technology to maximize your marketing
objectives.

The Times of India

Till 2002, The Times of India was just another newspaper competing to make its
mark and increase its readership. But today, the newspaper has transformed from what
was once a plain-looking national newspaper into a global one, which anybody in any
part of the world can access with just a click of the mouse.
To put consumers, i.e. the readers, in the center of the flagship media brand, The
Times Group had hired a seasoned advertising strategy professional, Rahul Kansal, as
Brand Director. The new position of Brand Director was to attempt to address the readers
as consumers and a brand person' (and not just a content person-Editor) needs to
constantly evolve the product offering.
When the TOI decided to revamp its brand image, it brought about a lot of
changes to its paper as well as its online edition. The Internet hence played a very
important role in its remodeling. They changed their page layout, broke the page up into
different sections, added pictures to break the monotony, and then went online.
Now, how did going online help them? It integrated the hard copy of the
newspaper with the online edition. They made the website a place where people came for
more than just news. They introduced the following online features:

 Classified advertisements: There is an option of online search. Since there is no

restriction like in the print, more ads can be accommodated. This is also
integrated with the printed version.
 Hot links: They provide links to the e-paper that makes the local paper
globally available for a subscription, and other favorite links like Bollywood, NRI
news, etc.
 News items: Links to the regular sections of the newspaper are also provided, like
India, sports, world, weather, entertainment, etc.
 Opinion section: In this section, the views of the various columnists, editor and
people on the various current affairs are given.
 Online copies of all supplements.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Online shopping, games, chats, e-mails.
 Lots of pictures and graphics to make it interesting.
 They also have links to other sites powered by the Times Group,
thereby promoting those as well.

Advantages of the Online Edition

 Accessibility--People from Bangalore to Boston, Hyderabad to Houston can
all have access to TOI.
 Hourly updates-Any breaking news can be easily found on the website,
and people need not wait for the next morning.
 Caters to a wide range of interests and needs-Current affairs, finances,
shopping, entertainment, astrology, travel bookings, etc.
 Platform to voice opinions-Opinion polls, letters to the editors, views
of columnists and editor.
 Show customers that they too are modern and on par with the changing trends.
 Incorporate features that keep bringing people back to their site-offering
the customer‘s more than just news.

All of this and more add up to the Brand- the Times of India.

Case Discussion
1. What are the advantages of having an internet version of the newspaper?
2. Visit the site of The Times of India and identify the difference between
the internet version and the actual newspaper?
3. How does the marketing model fit into the internet version of the newspaper?

Rediff.com 10
Founded in 1996, Rediff.com India Ltd., is one of India's leading Internet,
communications and media companies, serving Indians globally, both online and offline.
Through its online and offline product and service offerings, Rediff.com offers
interest specific channels, local language editions, sophisticated search capabilities,
online shopping, long distance calling cards and Internet based telephony services.
Its news publication, India Abroad, is one of the oldest and largest South Asian
weekly newspaper, serving the Indian American community in the United States. The
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Company also provides users extensive Internet community offerings, all tailored to the
interests of Indians worldwide. Rediff.com has offices in New York, Chicago, New Delhi
and is headquartered in Mumbai, India.11
At rediff.com, you can do almost anything that you would like to do on the
Internet. You could...
 Communicate better.
 Find useful information
 Have fun
 Enhance your career
 Simplify routine work
 Plan your life
 Stay informed. Buy and sell

You can begin communicating by exploring any of the several ways in which
rediff.com can help you communicate better.
 Send and receive e-mail
 Chat with people
 Send an instant message
 Send greetings
 Build your own home page
 Voice your opinions
 Send e-mail from your mobile

Rediffmail is a free e-mail service. Rediffmail also allows you to send e-mail in
most Indian languages. E-cards or electronic cards are the Internet's version of regular
paper greeting cards. E-cards can be sent to anyone with an e-mail address.
If you have strong opinions about issues at large, polls can serve to be the
platform where you can have your say. Polls have proved to be very popular because they
maintain your anonymity and at the same time help you compare your stand with the rest
of the world.
A poll could be question based, where you will have to answer one or more
questions. It could also be a statement, about which you can air your opinion.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
One reason why the Internet has made the world come closer together is because
it lets groups of people chat with each other in real time, no matter in which part of the
world they might be.
Chat facilities are there in Rediff. The name of the room will usually give you an
idea about what kind of discussions you will find going on inside. In the Metropolis
room, you can make friends and communicate with people from different parts of the
world.
You can now experience the power of the Internet on your mobile phone too.
Most of the communication between a mobile phone and the Internet can happen only if
your handset supports a technology standard called WAP, short for 'wireless access
protocol'.

Search Facilities :-
There is so much information on the Internet, that finding what you exactly want
becomes very difficult. That is why, to get the most out of the Internet, it is crucial that
you use the best search tools.
Here is how rediff.com makes it very simple to immediately find useful
information...
 Search the Internet
 Search rediff.com
 Find financial information.
 Find hotels and flight schedules
 Locate wedding resources
 Land a dream job
 Find the right car

RediffSearch has one of the best search tools in the world. It has been designed to
meet the needs of Indians worldwide. Rediff Travel can help you search for the hotels to
suit your budget at your desired destination. You can also find out about flight and train
availability by using Rediff Air/Rail Information. For train availability, you can follow a
link to a page that has a table of train schedules. For flight availability, there is a
sophisticated tool that will first ask you some information about your journey. On the
basis of what you have typed, it will let you know whether tickets are available.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Use the Internet to search for information related to jobs and career opportunities.
This means that you no longer have to depend only upon placement agencies or go
directly to the companies when you are job hunting. Rediff Jobs is a tool that helps you
search a job that matches your skills. Using this tool you can.
 Search for jobs posted by companies on their websites
 Search, for jobs openings within your industry
 Search for useful tips that will increase your chances of getting a job

You can search a database of over 10,000 job openings by specifying the category
and the city of your preference. If you are an employer, you can search through the
resumes posted online to find a suitable candidate. You will need to register to use this
service.
Here is how rediff.com tries to help you to plan your life.
 What the stars foretell.
 Manage your money.
 Pack your bags.
 Spice up your love life.
 Plan a perfect wedding.
 Improve your lifestyle.
All kinds of planning can be undone if your personal finances are in a mess.
Rediff Money covers the entire investment universe: stocks, mutual funds and
banking, taxation, insurance, loans, credit cards, and real estate. You can find these under
a subsection called 'personal finance'.
Rediff Romance offers you everything you ever wanted to know about love and
romance. You can pick up some valuable love lessons about:
 Getting your first date
 Dealing with heartbreak
 Shyness
 Jealousy
 Gifting
 Long distance relationships.

News on Rediff...
 Get the latest news and views
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 US edition keeps you in touch
 Read news in Indian languages.
 Keep track of money matters.
 Get the latest movie news.
 Catch the action.
 Keep abreast of tech advances.
 Catch sporting activities.
 Identify travel hotspots.
 Check out the hottest sites.
 Follow the weatherman.
 Step up your career.
 Track lifestyle trends.
 Stay informed on the go.

Rediff News publishes interviews, special features and reports. These cover local and
national events in politics, business, entertainment and sports, especially cricket. It also
features a cross-section of opinions through its galaxy of columnists.
There is a niche for photojournalism, and picture slide shows are a regular feature.
Video and sound clips are also published.
Rediff Newsletters gives you the option of subscribing to several newsletters. These
newsletters deliver the news via e-mail so that you do not have to visit the site all the
time. News and events from around the world are now accessible to you in four Indian
languages: Hindi, Tamil, Telugu and Gujarati. These language editions are not merely
translations of the Rediff News. They carry extensive features and news that would
specifically interest Hindi, Tamil, Telugu and Gujarati readers.

Rediff Technology :-
Information here is neatly slotted into news, reviews, business and technology, help
and how-to, Web life, Hindi zone, forum and events. You can also get access to new
downloads, read breaking news and check out the Editor's Pick of the Day.
Rediff Sports brings to you the highlights of all major sporting activities from all over
the world. You can catch the sporting action through interviews, columns, and slide
shows.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
However, cricket holds it prime position with a separate section for it. Rediff Cricket
is the most popular cricket site in the world. It is famous for having pioneered live cricket
commentary in a chat room. Also, here you can pick up details of the latest cricket
tournaments. There is an international cricket schedule to keep track of the season.
You can read match reports, statistics, columns, interviews and articles. There are
links to articles on other sites too. Besides, there is a photo gallery of cricket stars. You
can also pose a question to an expert and participate in a daily poll.

Case Discussion
 How does the advertising model fit rediff.com?
 What are the other business models that can be applied to rediff.com?
 What is the source of success of rediff.com?
 What are the benefits derived from being a user of rediff mail?
 Why would rediff.com offer free e-mail?

EXERCISES :-
1. Describe the process of Internet shopping. List the major steps involved.
2. What is direct marketing?
3. List the critical success factors of Dell.
4. Why are books such a natural target for e-commerce?
5. List the major methods of Internet advertisement.
6. Compare banner swapping and banner exchange.
7. Compare and contrast 'pulling information' and 'pushing information'.
8. Discuss why banners are important in Internet advertisement.
9. How is the chat room used for advertisement?
10. Why might the use of CPM to charge advertisers be inappropriate as a basis
for charting ads?
11. Why do customers like Web-based purchase? What cultural and social factors
would affect Indian Web-based purchases?
12. Enter the sites www.peapod.comand www.Netgrocer.com.Compare the services
offered by the two companies and evaluate their chances for success. If you had
money to invest, in which of these two companies would you invest?
13. There are many search engines. Try the following ones: www.jango.comand
www.compare.com. Try to find a Notebook computer, a vacuum cleaner and a
 Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
plain paper fax machine and compare the prices. Comment on the strong and
weak point of each of the search engines.
14. Almost all major car manufacturers allow you to configure your car online. Enter
www.toyota.comand www.ford.comand configure a car of your choice. After you
decide what you want, examine the payment options.
15. Enter the website www.ipro.comand find what Internet traffic management, Web
: results and auditing services are provided. What are the benefits of each?
16. Find information about banners in the following sites:
(a) www.linkexchange.com
(b) www.coder.com
(c) www.doubleclick.net/advertisers
17. Investigate the high volume items that are being retailed on the Internet. Some
examples are:
Toys(www.eToys.com)
Software(www.eggheads.com)
Movies(www.real.com)
Find more bestselling sites.
18. Study the site traveljini.com and analyses its marketing strategies. A brief history
of Traveljini is given below:
The tourism industry in India is fairly developed and there is scope for further
development. Traveljini.com provides a unique business proposition for the tourism
industry by using e-commerce, so as to give tourism in India a greater visibility that is
also cost-effective and reliable.
Traveljini.com Limited was established in June 2000 and is a portal dedicated to
the exciting business of travel. It is one of India's premier travel portal backed by strong
offline presence across the country.
Traveljini.com offers a complete solution relating to travel. Some of the services
they provide include the best deals on flights, hotels, car rentals, cruises, and
leisure holidays, and all these can be booked either online or offline. The site boasts of
the most exhaustive travel-related information and has a slew of unique support services
to ensure that a tourist's travel experience is unmatched. This guarantees that it is the one
site that discerning travelers must check before setting out.
In over two years, Traveljini has established itself as the India's leading Internet
travel company in terms of:
 brand recall
 Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 depth of content
 transaction capability
Traveljini aims to set benchmarks in customer service, using the latest
technologies in product development and delivery. They use fully-automated,
customized software. A brick-and-mortar travel agency and an efficient customer
service cell, which allows them to serve their clients to a hitherto unprecedented degree.
―To become the largest Travel Distribution Company in India by the simple
expedient of putting the customer first."
TJ Travel Services Limited is another wholly-owned subsidiary of
Traveljini.com. It is an IATA accredited travel agency, which provides back-end support
for corporate business travel as well as handling flight ticketing in both the domestic and
international sectors, for conferences, incentive travel and events.
Traveljini.com books domestic flights in India and international flights as well.
They have an application called the Smart Fare Finder for special fares to various
international destinations on the leading airlines of the world.
They also provide assistance in visa processing. They can also book hotel rooms
in India and abroad. To make it easy for the customer, they offer easy access to their
global hotel reservation system, so one can check real-time availability of rooms in
30,000 hotels around the world. They have every kind of holiday that a traveller might
want, from a cruise to a weekend to a romantic honeymoon.
If someone wants a holiday designed specially for him and his family, he can
access Customjini. They allow buying of foreign exchange through their network and
which is then delivered to the customer's doorstep. A service called Mapjini can be used
to find ways in over 60 Indian cities if the need be. Business travellers can seek their
services to organize a conference, a meeting, incentive travel or an exhibition. They also
book cars in India for all kinds of travelers.

Exercise
Q.1 Explain traditional marketing and online marketing.
Q.2 what are key difference between traditional commerce and E-commerce?
Q.3 Explain terms like Internet marketing trend, target markets and marketing supports.
Q.4 Explain different marketing strategies.
Q.5 Write a short note on affiliate marketing.
Q.6 What is E-shopping? What are the advantages and disadvantages of e-shopping?
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Q.7 Discuss the various available strategies of Internet advertisement
OR Explain various methods of internet advertising.
Q.8 Describe Internet advertisement. List out the advantages of Internet advertisement.
Q.9 What is e-retailing? Explain its advantages to consumer and business.
Q.10 Illustrate the process of online marketing with suitable example.
Q.11 What are the desirable characteristics of an Electronic Market Place.
Q.12 Discuss the different online marketing strategies in E-commerce.
Q.13 What types of Internet standards used in WWW?
Q.14 Explain the role of Software Agent in E-commerce.
Q.15 Differentiate between E-Marketing and traditional Marketing in details.
Q.16 write a note on: Target market.
Q.17 What are the advantages and disadvantages of online marketing?
Q.18 Write a short note on Browsing Behavior Model.
Q.19 Define intelligent agent and how it can be used in E-marketing.
OR
Explain the tasks performed by intelligent agents in E-marketing.
Q.20 Write a short note on E-marketing value chain.
Q. 21 write a short note on: Achieving Web Presence Goals.
OR
How you can use web to increase customers.
Q.22 Explain Aggressive Matrices for E-business sites.
Q.23 Explain advantages of online marketing.
Q.24 Write a note on: Market Segmentation.
Q.25 Explain the use of One-to-One marketing in building customer relationship.
Q.26 Explain E- branding. Explain elements of branding.
Q.27 Explain spiral branding.
Q. 28 what is data mining? Explain how it can be used for market research.
Q.29 Explain different marketing strategies on the web.
Q.30 write a short note on: Internet marketing trends.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

CHAPTER 3
E-security
Information System Security:-

Any business, whether it is a traditional brick-and-mortar business, a brick-and-

click e-business, or a pure-play e-business, needs to be concerned about network security.
The Internet is a public network consisting of thousands of private computer networks
connected together. This means that a private computer network system is exposed to
potential threats from anywhere on the public network. Protection against these threats
requires businesses to have stringent security measures in place. In the physical world,
crimes often leave evidence finger prints, footprints, witnesses, video on security cameras
and so on. Online, a cyber-crime also leaves physical, electronic evidence, but unless
good security measures are taken, it may be difficult to trace the source of a cyber-crime.
As seen in Figure 3.1 the goals of security are:

confidentily

Integrity availability

Fig. 3.1 Security goals.

1. Integrity of the data sent and received.
2. Confidentiality of the data so that it is not accessible to others.
3. The data ought to be available to the people for whom it is meant.
As shown in Figure 3.2, the data sent from the source ought to reach in destination
without any tampering as shown in Figure 3.2(a). But the above criteria shown in Figure
3.2(a) may be violated by the following.
1. Interrupt the data and cut it off as shown in Figure 3.2(b).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
2. Intercept the data with the intent of spying on it as shown in Figure 3.2(c).
3. Interrupt the data and modify it and send a different data to the receiver as
shown in Figure 3.2(d).
4. Obstruct the data and fabricate new data and send it to the receiver as shown
in Figure 3.2(e).
 Encryption.
 Software Controls (access limitations in a data base, in operating system
protect each user from other users).
 Hardware Controls (smartcard).
 Policies (frequent changes of passwords)
 Physical Controls

Additionally, e-businesses must protect against the unknown. New methods of

attacking networks and websites and new network security holes are being discovered
with disturbing

Fig. 3.2 Methods of defense.

Frequency. By carefully planning its network and website security system, an e-business
can protect itself against many known and as yet unknown threats. An e-business must
always he prepared for network and website attacks, or risk the loss of assets.
Another very important reason. To protect an e-business's network and website is
to protect the e-business's relationships with its customers. Many Internet users perceive
that there is a large risk to their privacy and security when they buy products and services
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
or submit personal information online. Although the perception of risk may be greater
than the actual risk, it is still a cause for concern. An e-business must address customers'
perceived risks just as much as any actual risks.
An e-business cannot expect to achieve perfect security for its network and
website. The important issue for an e-business is to have adequate security to protect its
assets, revenue stream, customer privacy, and its own reputation.
Determining adequate security depends on an individual e-business's situation.
For example, a website providing information on flavors of dog food may not require the
same level of security as an online banking website. An e-business must determine its
security needs according to the risk involved, the value of the assets at risk, and the cost
of implementing a security system.
How does an e-business identify the security issues to be addressed? First, the e-
business must thoroughly understand its business and how all its systems, not just its web
servers, are used. Several aspects of e-business computer systems security need to be
addressed.
Security has become one of the primary concerns when an organization connects
its private network to the Internet. Regardless of the business, an increasing number of
users on private networks are demanding access to Internet services such as the World
Wide Web (WWW), Internet mail, Telnet, and File Transfer Protocol (FTP).
In addition, corporations want to offer web home pages and FTP servers for
public access on the Internet.

Security on the Internet

Looking at Table 3.1, one can see the amount of money being spent on security of
computer systems.

TABLE 3.1
GLOBAL SPENDING ON INTERNET SECURITY SOFTWARE 1998–20031

Year Revenues (in billion)

1998 $3.2
1999 $4.4
2003 $8.3

Network administrators have increasing concerns about the security of their

networks when they expose their organization's private data and networking
infrastructure to Internet crackers. To provide the required level of protection, an
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
organization needs a security to prevent unauthorized users from accessing resources on
the private network and to protect against the unauthorized export of private information.
Even if an organization is not connected to the Internet, it may still want to
establish an internal security policy to manage the user access to certain portions of the
network and protect sensitive or secret information.
The fundamental problem may be that the Internet was not designed to be very
secure i.e. open access for the purposes of research was the prime consideration at the
time theInternet was implemented. However, the phenomenal success of the Internet,
combined the introduction of different types of users, including unethical users, has made
more seriousexisting security deficiencies to the extent that wide-open Internet sites risk
inevitable break-ins and resultant damages. Other factors include the following:
1. Vulnerable TCP/IP services.A number of the TCPAP services are not
secure an can be compromised by knowledgeable intruders; services used
in the local area networking environment for improving network
management are especially vulnerable
2. Ease of spying and spoofing.A majority of Internet traffic is unencrypted;
e-mail passwords, and file transfers can be monitored and captured using
readily available: software. Intruders can then reuse passwords to break
into systems.
3. Lack of policy. Many sites are configured unintentionally for wide-open
Internet access, without regard for the potential for abuse from the
Internet; many sites permit more TCP/IP services than they require for
their operations, and do attempt to limit access to information about their
computers that could prove valuable to intruders.
4. Complexity of configuration.Host security access controls are often
complexto configure and monitor; controls that are accidentally
misconfigured often result unauthorized access.

Sites that ignore these problems face some significant risk that they will be
attacked by intruders and that they may provide intruders with a staging ground for
attacks on other networks. Even sites that do observe good security practices, face
problems with new vulnerabilities in networking software and the persistence of some
intruders.
Some of the problems with Internet security are the result of inherent
vulnerabilities in the services (and the protocols that the services implement), while
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
others are a result of host configuration and access controls that are poorly implemented
or overly complex to administer. This is further aggravated by the tremendous growth of
the Internet and the way it is used. Businesses and agencies now depend on the Internet
for communications and research, and thus have much more to lose if their sites are
attacked. The following sections describe the problems on the Internet and the factors that
contribute to these problems.

1. How secure is the server software?Security, should be in place to prevent

any unauthorized remote logon to the system. It should be extremely
difficult to make changes to the server software. The servers themselves
should be physically located in a secure environment.
2. How secure are communications?Customer credit card information, and
other sensitive data that is being transmitted across the Internet must be
protected.
3. How is the data protected once it is delivered to the e-business? Is it
stored in unencrypted text files at the website? Is it moved to
offlinestorage?
4. How are credit card transactions authenticated and authorized?Credit
card transactions must be authenticated and authorized, so as to make it
more secure for the users.

Besides implementing secure technologies, an e-business should develop security

policies and procedures. Everyone working in an e-business should understand his or her
responsibilities for keeping the business secure. Also, a plan of action should be ready to
deal with any potential security problem.
The biggest potential security problem in an e-business is of human, rather than of
electronic origin. The weakest link in any security system is the people using it. The
employees of an e-business may not understand the security policy. Sometimes, the
security policy is so burdensome that the employees are not able to follow.it, or refuse to
follow it because it makes it difficult for them to get their work done. For example,
employees may get annoyed at having to make frequent changes to logon passwords. At
times, they may not understand the importance of security measures. Educating
employees about the need for security and their role in the security processes is essential.
Table 3.2 summarizes the general security issues that e-businesses must consider.
.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 3.2
GENERAL SECURITY ISSUES
Issue Comment
Connection to the Internet Private computer networks are at risk from
potential threatsTM from anywhere on the public
Internet network.
Unknown risks. New security holes and methods of attacking
networks are being discovered with alarming
frequency.
Customer privacy and security Not only must steps be taken to protect the privacy
of customer information of customer information, but also customers must
be made aware of those steps and have confidence
in them.
Security consciousness Management and employees must understand the
importance of security policies and procedures.

Security risks associated with a network and a website can be addressed in some
ways as follows:

Network and Website Security Risks:

As part of planning a startup e-business' security, management should become
familiar with network and web server security risk terminology. Originally, hacker was a
term used to describe gifted software programmers.
Today, hacker is a slang term used to refer to someone who deliberately gains
unauthorized access to individual computers or computer networks. Ethical hackers use
their skills to find weaknesses in computer systems and make them known, without
regard for personal gain.
Malicious hackers, also called crackers, gain access to steal valuable information
such as credit card numbers, attempt to disrupt service, or cause any other damage. Since
there is a wide press coverage of computer system security breaches (i.e. breaks), the
terms "hacker‖ and ―cracker‖ are now generally used interchangeably for those involved
in malicious, unauthorized computer system access.
An e-business must protect itself against unauthorized access to its computer
network, denial-of-service traffic overloads, and the intrusion of destructive viruses.

Denial-of-Service Attacks:-
A Denial-of-Service or DoS attack is an attack on a network that is designed to
disable the network by flooding it with useless traffic or activity. A distributed denial-of-
service, or DoS, attack uses multiple computers to launch a DoS attack. While a DoS
attack does not do any technical damage, it can do substantial financial damage to an e-
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
business, because every second an e-business's network or a website is down, it may
result in lost revenues.
The attacker first breaks into hundreds or thousands of random, insecure
computers on the Internet and installs an attack program. Then he coordinates them all to
attack the target simultaneously. Thereafter, the target is attacked from many places at
once; the traditional defenses just do not work, and the system crashes.
These attacks are incredibly difficult, if not impossible, to defend against. In a
traditional denial-of-service attack, the victim's computer might be able to figure out
where the attack is coming from and shut down those connections. But in a distributed
attack, there is no single source. The computer should shut down all connections except
the ones it knows to be trustworthy, but that does not work for a public Internet site.
So far, these attacks are strictly denial-of-service. They do not affect the data on
the - websites. These attacks cannot steal credit card numbers or proprietary information.
They cannot transfer money out of your bank account to trade stocks in your name.
Attackerscannot gain financially from these attacks. Still, they are very serious. For most
big corporations, the biggest risk of a security breach is loss of income or loss of
reputation, either of which is achieved by a conspicuous denial-of-service attack. The real
problem is that there are hundreds of thousands, possibly millions, of innocent, naive
computer users who are vulnerable to attack. They are using DSL or cable modems,
they're always on the Internet with static : IP addresses, and they can be taken over and
used as launching pads for these attacks.

Viruses :-
Viruses are the most common security risk faced by e-businesses today. A virus is
a small program that inserts itself into other program files that then become ―infected‖,
just as a virus in nature embeds itself in normal human cells.
The virus is spread when an infected program is executed, and this further infects
other programs. Examples of virus effects include inability to boot, deletion of files or
entire hard drives, inability to create or save files, and thousands of other possibilities.
A logic bomb is a virus whose attack is triggered by some event such as the date
on a computer's system clock. A logic bomb may simply release a virus or it may be a
virus itself. Viruses are generally introduced into a computer system via e-mail or by
unauthorized network access. Virus examples include Stoned, Michelangelo, and
AutoStart 9805.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Trojan horse. This takes its name from a story in Homer's Iliad, and is a special
type of virus that emulates a benign application. It appears to do something useful or
entertaining but actually does something else as well, such as destroying files or creating
a "back door" entry point to give an intruder access to the system. A Trojan horse may be
an e-mail in the form of attachment or a downloaded program. Trojan horse examples
include BackOrifice, VBS/Freelink, and BackDoor-G.

Worm :-
This is a special type of virus that does not directly alter program files. Instead, a
worm replaces a document or an application with its own code and then uses that code to
position itself. Worms are often not noticed until their uncontrolled replication consumes
system resources and slows down or stops the system. Worm examples include
VBS/Loveletter, a VBS/Godzilla.worm, and Happy99.
A macro is a short program written in an application such as Microsoft Word or
Excel to accomplish a series of keystrokes. A macro virus is a virus that infects Microsoft
Word or Excel macros. Macro viruses can be introduced into a computer system as part
of a Word or an Excel document received as an e-mail attachment, or as a file on disk.
Opening the e-mail attachment or file triggers the macro virus.
Some viruses are, however, just hoaxes. Several antivirus software vendors
maintain up-to-date information such as the Virus Information Library at McAfee.com,
the Anti Viral Pro Virus Encyclopedia on viruses, worms, Trojan horses, and hoaxes. E-
businesses also face other security issues related to doing business on the Web, such as
website defacement,information theft, and data spills.

How Are Sites Hacked?

Distributed systems based on the client/server model have become common. In
recent months, increase in the development and the use of distributed sniffers, scanners,
and denial-of-service tools. Attacks using these tools can involve a large number of sites
simultaneously and focus to attack one or more victim hosts or networks.
In a typical distributed attack system, the 'intruder' controls a small numb which
in turn control a large number of daemons'. These daemons can be used to launch packet
flooding or other attacks against the victims' targeted by the intruder.
In the incidents that have occurred so far, daemons were installed on several
hundred sites, typically through the exploitation of well-known vulnerabilities that lead to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
root privileges on the compromised machines. Though some implementations of the
daemon program do not require root privileges to launch attacks, in practice most of the
daemons are concealed by the installation of 'root kits' designed to hide evidence of
intrusion. There are indications that the processes for discovering vulnerable sites,
compromising them, stalling daemons, and concealing the intrusion are largely
automated, with each step being 'informed in 'batch' mode against many machines in one
session. Daemons have been discovered on a variety of operating systems with varying
levels of security and system management:
Once installed and operated, the daemon announces its presence to several
(usually three or four) predefined masters and waits for further commands. The master
program records that the daemon is ready to receive commands in an internal list, which
can be retrieved by the intruder.
Masters can cause daemons in the list to launch attacks, shut down gracefully, or
even announce themselves to a new master server. Intruders have used cryptographic
techniques to conceal the information recorded by the master and daemons.
At the command from an intruder, the master can issue attack requests to the
daemons in its list. These requests contain information about the requested attack such as
the address of the victim, the duration, and other parameters. The master programs
frequently operate as ordinary user programs on compromised hosts, where their activity
can easily be hidden.

Security Incidents on the Internet:-

As an evidence of the above, three problems have occurred within a short period
of time. In the first, persistent vulnerabilities in the UNIX sendmail program were
discovered. Sites which had not corrected their sendmail programs, were forced to
scramble to correct the programs before their vulnerabilities were attacked.
However, due to the complexity of the sendmail program and networking
software in general, three subsequent versions of sendmail were found to still contain
significant vulnerabilities. The sendmail program is used widely.
And sites without firewalls to limit access to sendmail are forced to react quickly
whenever problems are found and vulnerabilities revealed.
In the second, a version of a popular and a free FTP server was found to contain a
Trojan horse that permitted privileged access to the server. Sites using this FTP server,
but not necessarily, the contaminated version, were again forced to react very carefully
and quickly to this situation.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Many sites rely on the wealth of free software available on the Internet, especially
security-related software that adds capability for logging, access control, and integrity
checking that vendors often do not provide as part of the operating system. While the
software is often of high quality, sites may have little recourse other than to rely. On the
authors of the software if it is found to have vulnerabilities and other problems.
The third problem has the strongest implications: intruders had broken into
potentially thousands of systems throughout the Internet, including gateways between
major networks, and installed sniffer programs to monitor network trafficfor usernames
and static passwords typed in by users to connect to networked systems. The intruders
had used various known techniques for breaking into systems, as well as using passwords
that had been ―sniffed‖.
One of the implications of this incident is that static or reusable passwords are
obsolete for protecting access to user accounts. In fact, a user connecting to a remote
system across the Internet may be unintentionally placing that system at the risk of attack
by intruders who could be monitoring the network traffic to the remote system. :)

Weak Authentication:
Security handling teams estimate that many incidents stem from the use of weak,
static passwords. Passwords on the Internet can be "cracked‖ in a number of different
ways. However, the two most common methods are by cracking the encrypted form of
the password and by monitoring communications channels for password packets.
The UNIX operating system usually stores an encrypted form of passwords in a
file that can be read by normal users. The password file can be obtained by simply
copying it. It can also be obtained by à number of other intruder methods.
Once the file is on hand, an intruder can run readily available password cracking
programs against the passwords. If the passwords are weak, e.g. less than 8 characters,
and so on, they could be cracked and used to gain access into the system.

Ease of Spying:-
It is important to note that when a user connects to her account on a remote host
using Telnet or FTP, the user's password travels across the Internet unencrypted or in
plain text. Thus, another method for breaking into systems is to monitor connections for
P packets bearing a username and a password, and then using them on the system for
normal login. If the captured password is to an administrator's account, then the job of
obtaining privileged access is made much easier. As noted previously, hundreds and
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
possibly thousands of systems across the Internet have been penetrated as a result of
monitoring for usernames and passwords. E-mail, as well as the contents of Telnet and
FTP sessions, can be monitored and used to learn information about a site and its
business transactions. Most users do not encrypt e-mail. Since they assume that e-mail is
secure and thus safe for transmitting sensitive information.
Ease of Spoofing:-
The IP address of a host is presumed to be valid and is therefore trusted by TCP
and UDP services. A problem is that, using IP source routing, an attacker's host can
masquerade as a trusted host or a client. Briefly, IP source routing is an option that can be
used to specify a direct route to a destination and return path back to the origin.
The route can involve the use of other routers or hosts that normally would not be
used to forward packets to the destination. An example of how this can be used such that
an attacker's system could masquerade as the trusted client of a particular server is as
follows:
1. The attacker would change her host's IP address to match that of the trusted client.
2. The attacker would then construct a source route to the server that specifies
the direct path the IP packets should take to the server and should take from the
server back to the attacker's host, using the trusted client as the last hop in the
route to the server.
3. The attacker sends a client request to the server using the source route.
4. The server accepts the client's request as if it came directly from the trusted
client, and returns a reply to the trusted client.
5. The trusted client, using the source route, forwards the packet on to the
attacker's host.

Many UNIX hosts accept source routed packets and will pass them on as the source route
indicates. Many routers will accept source routed packets as well, whereas some routers
can be configured to block source routed packets.
E-mail on the Internet is particularly easy to spoof and, without enhancements
such as digital signatures, generally cannot be trusted. As a brief example, consider the
exchange that takes place when Internet hosts exchange mail.
The exchange takes place using a simple protocol consisting of ASCII-character
commands. An intruder could easily enter these commands on Telnet to connect directly
to a system's Simple Mail Transfer Protocol (SMTP) port.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The receiving host trusts this sending host, and thus the origin of the mail is
spoofed easily by entering a sender address that is different from the true address. As a
result, any user, without privileges, can falsify or spoof e-mail.
Other services, such as Domain Name Service (DNS), can be spoofed, but with
more difficulty than e-mail. These services still represent a threat that needs to be
considered when using them.
How Vulnerable Are The Internet Sites?
The Internet, while being a useful and a vital network, is at the same time
vulnerable to attacks. Sites that are connected to the Internet face significant risk in some
form by intruders. The following factors would influence the level of risk:
 Number of systems connected to the site
 Services utilized by the site.
 Interconnectivity of the site to the Internet.
 Site's profile, or how well-known the site is.
 Site's readiness to handle computer security incidents.

The more the number of systems that are connected, obviously the harder it is to
control their security. Equally, if a site is connected to the Internet at several points, it is
likely to be more vulnerable to attacks than a site with a single gateway.
At the same time though, how well prepared a site is, and the degree to-which the
site relies on the Internet, can increase or decrease the risk. A site's high profile could
attract more potential intruders who wish to do some harm to the site's image: It should
be mentioned though, that "quiet", less-frequently used sites are also attractive to
intruders since they can more easily hide their activity:
Sites that use recommended procedures and controls for increasing computer
security have significantly lower risks of attack. Firewalls, combined with one-time
passwords that are immune from monitoring or guessing, can increase greatly a site's
overall level of security and make using the Internet quite safe.

Website Defacement:-
Website vandalism or defacement can be the result of a hacker breaking into a
network, accessing the website files, and modifying the HTML to physically change Web
pages.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Not only do website defacements embarrass an e-business, but some website
defacements can have serious financial repercussions. Aastrom Biosciences. Inc., a
Michigan based medical products company, experienced a serious defacement created to
manipulate its stock price. In February 2000, a bogus news release announcing a merger
with a California biopharmaceutical company, Geron Corporation, was posted on
Aastrom's website. Stock prices for both companies rose: Aastrom shares rose from $4 to
$4.41 and Geron shares rose from $47.19 to $51.
After discovering the defacement, Aastrom notified Geron, and representatives of
both companies advised officials with the NASDAQ index, where both stocks are traded,
that there was no merger.
Electronic Industrial Espionage It is a major risk and a big dollar issue that most
companies are reluctant to discuss openly electronic industrial espionage. Often, e-
businesses that have been hacked and had business.
Secrets stolen are too embarrassed to admit the break-in. However, in late October
2009, one. very high-profile company, Microsoft, found itself scrambling to deal with
first rumors and published reports of a serious hacking incident within industrial
espionage overtones.
The apparent culprit was a Trojan horse virus named QAZ Trojan that was first
identified in mid-July in China. The QAZ Trojan virus infects à computer system when a
user opens an e-mail attachment containing the virus.
Then the virus replaces the system's Notepad text editor with its own code,
searches for other shared hard drives to infect, and sends the IP addresses of infected
computers to an outside e-mail address. This creates a "back door" a hacker can use to
enter a system, search for passwords, and install software programs to allow remote
control of the computer.
Although by August 2000, all major antivirus software makers had included the
QAZTrojan information in their downloadable virus updates, somehow the QAZ Trojan
virus was used to create a "back door" in Microsoft.

Credit Card Fraud and Theft of Customer Data:

Almost all B2C purchase transactions involve credit cards. An e-business that
accepts credit cards in payment for goods and services, must secure the credit card
information in transit to its website, and it must secure stored credit card information.
Also, systems must be in place for credit card transaction authentication
(verifying that the person placing the order : really is the holder of the credit card used in
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
the transaction), and credit card authorization .: (verifying that the charge can be made to
the card number).
A hacker can break into a database server and steal thousands of credit card
numbers and other information in a matter of moments, and an e-business might not even
recognize that the hacker was there.
For example, one of the largest reported cases of stolen credit card information
took place in January 1999 (but was not reported until much later) when information on
485,000 credit cards, including card numbers, expiration dates, names, and addresses,
was stolen from an e-business website and stored at a US government agency's website,
where the agency's website administrator discovered the data. There was no reported
evidence of fraudulent use, and some of the accounts were not active: But this event
highlights the risk to a vulnerable e-business of the theft of sensitive information.

Security and E-mail :-

E-mail users who desire confidentiality and sender authentication use encryption.
Encryption is simply intended to keep personal thoughts personal. There are two good
programs to encrypt e-mails and they are: Pretty Good Privacy (PGP), and Privacy
Enhanced Mail (PEM).
E-mail is typically encrypted for the reason that all network correspondence is
open for eavesdropping. Internet e-mail is obviously far less secure than the postal
system, where envelopes protect correspondence from casual snooping.
In contrast, the header area of any e-mail message will show that it has passed
through a number of nodes on its way to you. Each of these nodes presents the
opportunity for snooping.

Privacy Enhanced Mail Standard:-

PEM is the Internet Privacy Enhanced Mail standard, designed, proposed, but not
yet officially adopted by the Internet Activities Board, to provide secure electronic mail
over the Internet.
Designed to work with -current Internet e-mail formats, PEM includes encryption,
authentication, and key management, and allows use of both public-key and secret-key
crypto-systems. The system supports multiple cryptographic tools: for each mail
message, the specific encryption algorithm, digital signature algorithm, hash function and
so on, are specified in the header.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
PEM explicitly supports only a few cryptographic algorithms; others may be
added later. It uses the DES algorithm for encryption and the RSA algorithm for sender
authentication and key management. PEM also provides support for non-repudiation,
which allows the third-party recipient of a forwarded message to verify the identity of the
message originator (not just the message forwarder) and to verify whether any of the
original text has been altered.

Pretty Good Privacy (PGP) :-

Pretty Good Privacy (PGP) is the implementation of public-key cryptography
based on RSA. It is a free software package developed by Phillip Zimmerman that
encrypts e-mail. Since being published in US as freeware in June 1991, PGP has spread
rapidly and has since become the de facto worldwide standard for encryption of e-mail.
It is freely available for DOS, Macintosh, UNIX, Amiga, VMS, Atari, and OS/2
systems. PGP provides secure encryption of documents and data files that even advanced
supercomputers are hard pressed - to "crack‖. The process is so simple that anyone with a
PC can do it with almost no effort. : For authentication, PGP employs the RSA public-
key encryption scheme and the MD5 (Message Digest version 5) developed by Rivets, a
one-way hash function to form a digital signature that assures the receiver that an
incoming message is authentic (that it comes from the alleged sender and that it has not
been altered).

Network and Website. Security:-

The best way to recognize when a hacker is attempting unauthorized network
access is to monitor network performance. Setting up, logging, and monitoring
established network reference points, called benchmarks, can alert an e-business to
security problems.
A skilled system administrator and other well-trained technicians, who use these
benchmarks to monitor and manage the network and servers, are critical: Other tools such
as passwords, firewalls, intrusion detection systems, and virus scanning software should
be used to protect an e-business' network and website.
A password is a code, or more often a common word, used to gain access to a
computer network. Passwords are only effective when used properly. Often a computer
user chooses a bad password, such as a short, common word-a name, or birthdayso that
the user can remember the password easily. One way hackers penetrate network security
is by using software that ―guesses" a password by trying millions of common words until
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
one of the words that require a minimum length of six characters in a mix of letters and
numbers increase the number of potential passwords into billions and make it more
difficult for a hacker to guess them. A computer user should also change passwords
regularity. If a user has access to multiple systems, it is a good idea to have different
passwords on each system.
A firewall is a software or a hardware used to isolate and protect a private system
or á network from the public network. A firewall provides an easy-to-manage entry point
to multiple systems behind it.
Firewalls" can control the type of information that is allowed to pass from the
public network to the private network, as well as what services inside the firewall are
accessible from the outside. Firewalls can also log activity, to provide an audit trail in
case the network is penetrated.
Intrusion detection is the ability to analyze real-time data to detect, log, and stop
unauthorized network access as it happens. Businesses can install intrusion detection
systems that monitor the network for real-time intrusions and respond to intrusions in a
variety of user-detected ways.
An intrusion detection system can defend a website against DoS attacks by adding
more servers to increase the traffic the website can handle, by using filters and routers to
manage traffic, and by having a backup plan to reroute legitimate traffic during an attack.
Cisco's Secure Intrusion Detection System, and Network ICE'S ICEpacSecu Suite
are two examples of intrusion detection systems. : Virus scanning software, including e-
mail virus scanning, should be installed on all network computers. Antivirus software
should be kept updated. Communication ports should be used to allow data to enter and
exit the network.
The system administrator should close all unused communication ports. Up-to-
date security patches for operating systems should be installed as soon as the patches are
available, to prevent hackers from exploiting built-in system weaknesses.
Transaction Security and Data Protection Transaction security, especially for
credit card transactions, and the protection of customer data are as important as website
and network security. Tools to protect transaction data and customer data include:

 Using a predefined key to encrypt and decrypt the data during transmission.
 Using the Secure Sockets Layer (SSL) protocol to protect data transmitted over
the Internet.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
SSL provides encryption of data between the browser on the
customer's computer and the software on the Web server, allowing data such as
credit card information to be transmitted securely.
SSL uses digital certificates so that a Web browser can authenticate the
server it is connected to, making sure that credit card data is going to the
appropriate server;
 Moving sensitive customer information such as credit card numbers offline, or
encrypting the information if it is to be stored online;
 Removing all files and data from storage devices, including disk drives and tapes,
before getting rid of the devices; and
 Shredding all hard-copy documents containing sensitive information before
trashing them.

Of course, an e-business's security solutions are only as strong as its weakest link
often its employees. An e-business must maintain a security-oriented culture, starting at
the top, in order for employees to take security seriously. An e-business should also
consider having its security systems tested or audited.

Security Audits and Penetration Testing:-

Security audits can provide an overall assessment of an e-business' systems and
security issues by checking for vulnerabilities in those systems and providing
recommendations for fixing those vulnerabilities. Security consultants such as DefendNet
Solutions Inc., Internet Security Systems, and Pinkerton Systems Integration offer
security auditing services.
Accounting firms, such as Ernest & Young, also offer security auditing services.
Some of the Big Five international accounting firms use the American Institute of
Certified Public Accountants (AICPA) Web Trust seal and audit criteria.
The WebTrust seal indicates to customers that the website is verified as being safe
and secure by the AICPA. The AICPÅ audit criteria cover best business practices, site
security, and customer information privacy. Some accounting firms use their own audit
seal instead of, or in addition to, the AICPA WebTrust seal.
When evaluating security consultants who will perform the penetration testing,
there are several factors to consider. They can be listed as follows:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
1. Get evidence that the security consultants have insurance to protect against
accidental
2. System damage or down time.
3. Have everyone on the consultant's penetration team sign a non-disclosure
agreement.
4. Consider requiring a third-party background check on each member of the
consultant‘s penetration team.
5. Decide whether it makes sense to use a security consultant who employs
former,hackers.
6. Determine if the consultant's team is going to use packaged security scanning
software that could be employed by the in-house staff, or if they are using custom
tools.
7. Develop a clear scope for the penetration test and a workable time frame.
8. Determine whether to have a DoS attack done, and if so, when to schedule it to
least disrupt customer access.
9. Make sure the final report from the consultant includes an accounting of all
attacks attempted and whether or not they were successful, a return of all the
paper or electronic information gathered by the consultant, and recommendations
on how to fix up any problems discovered during the tests.

Individual PC Security Risks :-

Often managers in an e-business use stand-alone personal computer during the
startup phase, until funds are available to build and operate a network or until the e-
business can outsource its IT operations. Additionally, some e-businesses offer their
employees the opportunity to telecommuteallowing an employee to use his or her home
computer, or installing a business-owned personal computer in the employee's home.
Certainly, business employees often work on business files at home. Due to these
factors, it is important for an e-business to understand that individual PCs are also at risk
from hackers.

E-business Risk Management Issues:-

An e-business should manage its e-business risks as a business issue, not just as a
technology issue. An e-business must consider the direct financial impact of immediate
loss of revenue, compensatory payments, and future revenue loss from e-business risks
such as:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

1. Business interruptions caused by website defacement or denial-of-service attacks;

2. Litigation and settlement costs over employees' inappropriate use of e-mail and
the Internet.
3. Product or service claims against items advertised and sold via a website.
4. Web-related copyright, trademark, and patent infringement lawsuits; and
5. Natural or weather-related disasters.

An e-business should put in place an effective risk management program that

includes the following:
 Network and website security and intruder detection programs
 Antivirus protection
 Firewalls
 Sound security policies and procedures
 Employee education.

Another important component of a risk management program is the transfer of

risk via insurance. Table 3.3 illustrates some of the different kinds of insurance coverage
an e-business should consider when developing an effective risk management program. It
is a good idea for an e-business's management to consult with a commercial insurance
broker that offers e-risk management services, to help develop a risk management plan
including insurance coverage. :

TABLE 3.3
E-RISK INSURANCE

E-risk insurance Coverage

Computer Virus Transmission Protects against losses that occur when employees
open infected e-mail attachments or download
virus-laden software.
Extortion and Reward Responds to Internet extortion demands and/or
pays rewards to help capture saboteurs.
Unauthorized Access Covers failure to protect against third-party access
Unauthorized Use to data and transactions.
Specialized Network Security Responds to breach of network security and
resulting losses.
Media Liability Protects against intellectual property infringement
losses.
Patent Infringement Covers defensive and offensive costs when
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
battling over patent infringement issues.
Computer Server and Services Protects e-businesses against liability for errors
Errors & Omissions and omissions when their professional advice
causes a client's financial loss.

The Firewall Concept:-

An Internet firewall is a system or group of systems that enforces a security policy
between an organization's network and the Internet. The firewall determines which inside
services may be accessed from the outside, which outsiders are permitted access to the
permitted inside services, and which outside services may be accessed by insiders.
For a firewall to be effective, all traffic to and from the Internet must pass through
the firewall, where it can be inspected. The firewall must permit only authorized traffic to
pass, and the firewall itself must be immune to penetration. Unfortunately, a firewall
system cannot offer any protection once an attacker has got through or around the
firewall.
It is important to note that an Internet firewall is not just a router, a bastion host,
or a combination of devices that provides security for a network. The firewall is part of
an overall security policy that creates a perimeter defense designed to protect the
information resources of the organization. This security policy must include published
security guidelines to inform users of their responsibilities; corporate policies defining
network access, service access, local and remote user authentication, dial-in and dial-out,
disk and data encryption, and virus protection measures and employee training.
All potential points of network attack must be protected with the same level of
network security. Setting up an Internet firewall without a comprehensive security policy
is like placing a steel door on a tent.
A firewall is an approach to security. It helps implement a larger security policy
that defines the services and access to be permitted, and it is an implementation of that
policy in terms of a network configuration, one or more host systems and routers, and
other security measures such as advanced authentication in place of static passwords. The
main purpose of a firewall system is to control access to or from a protected network, i.e.
a site. It implements a network access policy by forcing connections to pass through the
firewall, where they can be examined and evaluated. .
A firewall system can be a router, a personal computer, a host, or a collection of
hosts, set up specifically to shield a site or a subnet from protocols and services that can
be abused from hosts outside the subnet. A firewall system is usually located at a higher-
level gateway, such as a site's connection to the Internet. However, firewall systems can
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
be located at lower level gateways to provide protection for some smaller collection of
hosts or subnets.

Why Firewalls?
The general reasoning behind firewall usage is that without a firewall, a subnet's
systems expose themselves to inherently insecure services, and to probes and attacks
from hosts elsewhere on the network. In a firewall-less environment, network security
relies totally on host security and all hosts must, in a sense, cooperate to achieve a
uniformly higher level of security.
The larger the subnet, the less manageable it is to maintain all hosts at the same
level of security. As mistakes and lapses in security become more common, break-ins
occur not as the result of complex attacks, but because of simple errors in configuration
and inadequate passwords.
A firewall approach provides numerous advantages to sites by helping to increase
overall host security. The following sections summarize the primary benefits of using a
firewall.

Protection of Vulnerable Services:-

A firewall can greatly improve network security and reduce risks to hosts on the
subnet by filtering inherently insecure services. As a result, the subnet network
environment is exposed to fewer risks, since only selected protocols will be able to pass
through the firewall.
For example, a firewall could prohibit certain vulnerable services such as
Network File System (NFS) from entering or leaving a protected subnet. This provides
the benefit of preventing the services from being exploited by Outside attackers, but at
the same time permits the use of these services with greatly reduced risk of exploitation.
Firewalls can also provide protection from routing-based attacks, such as source
routing, and attempts to redirect routing paths to compromised sites via Internet Control
Message Protocol or ICMP redirects. A firewall could reject all source-routed packets
and ICMP redirects and then inform administrators of the incidents.

Controlled Access to Site Systems:-

Afirewall also provides the ability to control access to site systems. For example,
some hosts can be made reachable from outside networks, whereas others can be
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
effectively sealed off from unwanted access. A site could prevent outside access to its
hosts except for special cases such as mail servers or information servers.
This brings to the fore an access policy that firewalls are particularly adept at
enforcing: do not provide access to hosts or services that do not require access. If, for
example, a user requires little or no network access to her desktop workstation, then a
firewall can enforce this policy.

Concentrated Security:-
A firewall can actually be less expensive for an organization in that all or most
modified software and additional security software could be located on the firewall
systems as opposed to being distributed on many hosts. In particular, one-time password
systems and other add on authentication software could be located at the firewall as
opposed to each system that needed to be accessed from the Internet.

Enhanced Privacy:
Privacy is of great concern to certain sites, since what would normally be
considered innocuous information, might actually contain clues that would be useful to
an attacker. Using a firewall, some sites wish to block services such as finger and
Domain Name Service.
Finger displays information about users, such as their last login time, whether
they have read mail, and other items. But, finger could leak information to attackers
about how often a system is used, whether the system has active users connected, and
whether the system could be attacked without drawing attention.
Firewalls can also be used to block DNS information about site systems; thus, the
names and IP addresses of site systems would not be available to Internet hosts. Some
sites feel that by blocking this information, they are hiding information that would
otherwise be useful to attackers.

Need for Usage Statistics on Network:-

If all access to and from the Internet passes through a firewall, the firewall can log
accesses and provide valuable statistics about network usage. A firewall, with appropriate
alarms that sound when suspicious activity occurs, can also provide details on whether
the firewall and network are being probed or attacked.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
It is important to collect statistics about network usage and evidence of probing
for a number of reasons. Of primary importance is, knowing whether the firewall is
withstanding probes and attacks, and determining whether the controls on the firewall are
adequate. Network usage statistics are also important as input into network requirements
studies and risk analysis activities.

Policy Enforcement :-
Lastly, but perhaps most importantly, a firewall provides the means for
implementing and enforcing a network access policy. In effect, a firewall provides access
control to users and services.
Thus, a network access policy can be enforced by a firewall, whereas without a
firewall, such a policy depends entirely on the cooperation of the users. A site may be
able to depend on its own users for their cooperation. However, it cannot or it should not
depend on the Internet users in general.

Firewall Components:-
The primary components (or aspects) of a firewall are:
1. Network policy.
2. Advanced authentication mechanisms
3. Packet filtering.
4. Application gateways.

The following sections describe each of these components in detail.

Network Policy:-
There are two levels of network policy that directly influence the design,
installation and use of a firewall system. The higher-level policy is an issue-specific
network access policy that defines those services which will be allowed or explicitly
denied from the restricted network, how these services will be used, and the conditions
for exceptions to this policy.
The lower level policy describes how the firewall will actually go about
restricting the access and filtering the services that were defined in the higher level
policy. The following sections describe these policies in brief.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Service access policy :-
The service access policy should focus on Internet-specific use issues as defined
above, and perhaps all outside network access (i.e., dial-in policy, and SLIP and PPP
connections) as well. This policy should be an extension of an overall policy regarding
the protection of information resources in the organization.
For a firewall to be successful, the service access policy must be realistic and
sound, and should be drafted before implementing a firewall. A realistic policy is one that
provides a balance between protecting the network from known risks, while still
providing users access to network resources. If a firewall system denies or restricts
services, it usually requires the strength of the service access policy to prevent the
firewall's access controls from being modified on an ad hoc basis. Only a management-
backed sound policy can provide this.
A firewall can implement a number of service access policies. However, a typical
policy may be to allow no access to a site from the Internet, but allow access from the site
to the Internet. Another typical policy would be to allow some access from the Internet,
but perhaps only to selected systems such as information servers and e often implement
service access policies that allow some user access from selected internal hosts, but this
access would be granted only if necessary and only if it could be combined with
advanced authentication.
Firewall design policy. The firewall design policy is specific to the firewall. It
defines the rules used to implement the service access policy.
One cannot design this policy in a vacuum isolated from understanding issues
such as firewall capabilities and limitations, and threats and vulnerabilities associated
with TCP/IP. Firewalls generally implement one of the following two basic design
policies.

 Permit any service unless it is expressly denied

 Deny, any service unless it is expressly permitted.

A firewall that implements the first policy allows all services to pass into the site
default, with the exception of those services that the service access policy has identified
disallowed. A firewall that implements the second policy denies, all services by default,
passes those services that have been identifiedas allowed. This second policy follows
classic access model used in all areas of information security.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The first policy is less desirable, since it offers more avenues for getting around
firewall, i.e. users could access new services currently not denied by the policy (or even
addressed by the policy) or run denied services at non-standard TCP/UDP ports that are
not denied by the policy. Certain services such as X Windows, FTP, Archie, and RPC can
be filtered easily and are better accommodated by a firewall that implements the first
policy. The second policy is stronger and safer, but is more difficult to implement and
may imp. Users in that certain services such as those just mentioned may have to be
blocked restricted.
The relationship between the high-level service access policy and its lower level
counterpartis reflected in the discussion above. This relationship exists because the
implementation the service access policy is heavily dependent upon the capabilities and
limitations of t firewall system, as well as upon the inherent security problems associated
with the want Internet services. For example, wanted services defined in the service
access policy may ha to be denied if the inherent security problems in these services
cannot be effectively control by the lower level policy and if the security of the network
takes precedence over other factors. On the other hand, an organization that is heavily
dependent on these services meet its mission may have to accept higher risk and allow
access to these services. This relationship between the service access policy and its
lower-level counterpart allows for an iterative process in defining both, thus producing
the realistic and sound policy initial described.
The service access policy is the most significant component of the four described
her the other three components are used to implement and enforce the policy. (And as
noted above, the service access policy should be a reflection of a strong overall
organization security policy.) The effectiveness of the firewall system in protecting the
network depends on the type of firewall implementation used, the use of proper firewall
procedures, and service access policy.
Advanced Authentication Security lapses on the identity of Internet users have
occurred in part due to the weaknessesassociated with traditional passwords. For years,
users have been advised to choose password that would be difficult to guess, or not to
reveal their passwords. However, even if user follow this advice and many do not), the
fact that intruders can and do monitor the Interne for passwords that are transmitted in the
clear has rendered traditional passwords obsolete
Advanced authentication measures such as smartcards, authentication tokens,
biometrics and software-based mechanisms are designed to counter the weaknesses of
traditional passwords while the authentication techniques vary, they are indeed similar in
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
one aspect. The password. Generated by advanced authentication devices cannot be
reused by an attacker who hasmonitored a connection. Given the inherent problems with
passwords on the Internet, an internet accessible firewall that does not use or does not
contain the hooks to use advanced authentication makes little sense.
A firewall that implements the first policy allows all services to pass into the site
by default, with the exception of those services that the service access policy has
identified as disallowed. A firewall that implements the second policy denies all services
by default, 'but passes those services that have been identified as allowed. This second
policy follows the classic access model used in all areas of information security.
The first policy is less desirable, since it offers more avenues for getting around
the firewall, i.e. users could access new services currently not denied by the policy (or
even addressed by the policy) or run denied services at non-standard TCP/UDP ports that
are not denied by the policy. Certain services such as X Windows, FTP, Archie, and RPC
cannot be filtered easily and are better accommodated by a firewall that implements
the The second policy is stronger and safer, but is more difficult to implement and may
impact users in that certain services such as those just mentioned may have to be blocked
or restricted.
The relationship between the high-level service access policy and its lower level
counterpart is reflected in the discussion above. This relationship exists because the
implementation of the service access policy is heavily dependent upon the capabilities
and limitations of the firewall system, as well as upon the inherent security problems
associated with the wanted Internet services. For example, wantedservices defined in the
service access policy may have to be denied if the inherent security problems in these
services cannot be effectively controlled by the lower level policy and if the security of
the network takes precedence over other factors. On the other hand, an organization that
is heavily dependent on these services to meet its mission 'may have to accept higher risk
and allow access to these services. This relationship between the service access policy
and its lower-level counterpart allows for an iterative process in defining both, thus
producing the realistic and sound policy initially described.
The service access policy is the most significant component of the four described
here. The other three components are used to implement and enforce the policy. (And as
noted above, the service access policy should be a reflection of a strong overall
organization security policy) The effectiveness of the firewall system in protecting the
network depends on the type of firewall implementation used, the use of proper firewall
procedures, and the service access policy.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Advanced Authentication :-
Security lapses on the identity of Internet users have occurred in part due to the
weaknesses associated with traditional passwords. For years, users have been advised to
choose passwords that would be difficult to guess, or not to reveal their passwords.
However, even if users follow this advice (and many do not), the fact that intruders can
and do monitor the Internet for passwords that are transmitted in the clear has rendered
traditional passwords obsolete.
Advanced authentication measures such as smartcards, authentication tokens,
biometrics, and software-based mechanisms are designed to counter the weaknesses of
traditional passwords. While the authentication techniques vary, they are indeed similar
in one t. The passwords generated by advanced authentication devices cannot be reused
by an attacker who has monitored a connection. Given the inherent problems with
passwords on the Internet, an Internet-accessible firewall that does not use or does not
contain the hooks to use advanced authentication makes little sense.
Some of the more popular advanced authentication devices in use today are called
one time password systems. A smartcard or authentication token, for example, generates
a response that the host system can use in place of a traditional password.
The token or card works in conjunction with software or hardware on the host,
and therefore, the generated response is unique for every login. The result is a one-time
password which, if monitored, cannot be reused by an intruder to gain access to an
account.
Since firewalls can centralize and control site access, the firewall is the logical
place for the advanced authentication software or hardware to be locate. Although
advanced authentication measures could be used at each host, it is more practical and
manageable to centralize the measures at the firewall. Figure 3.3 illustrates that a site
without a firewall using advanced authentication permits unauthenticated application
traffic, such as Telnet or FTP, directly to site systems.
If the hosts do not use advanced authentication, then intruders could attempt to
crack passwords or could monitor the network for login sessions that would include the
passwords. The figure also shows a site with a firewall using advanced authentication,
such that Telnet or FTP sessions originating from the Internet to site systems must pass
the advanced authentication before being permitted to the site systems.
The site systems may still require static passwords before permitting access.
However, these passwords would be protected against exploitation, even if the passwords
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
are monitored, as long as the advanced authentication measures and other firewall
components prevent intruders from penetrating or bypassing the firewall.

Fig. 3.3Advanced authentication on a firewall to pre-authenticate Telnet, FTP

traffic.
Packet Filtering:-
IP packet filtering is done, usually, using a packet filtering router designed for
filtering packets, as they pass between the router's interfaces. A packet filtering router
usually can filter IP packets based on some or all of the following fields:

1. Source IP address
2. Destination IP address
3. TCP/UDP source port
4. TCP/UDP destination port.

Not all packet filtering routers currently filter the source TCP/UDP port, though
vendors have now started incorporating this capability. Some routers examine the router's
network interfaces in which a packet arrives, and then use this as an additional filtering
criterion. Some UNIX hosts provide packet filtering capability, although most do not.
Filtering can be used in a variety of ways to block connections from or to specific
hosts or networks, and to block connections to specific ports.
A site might wish to block connections from certain addresses, such as from hosts
or sites that it considers to be hostile or untrustworthy. Alternatively, a site may wish to
block connections from all addresses external to the site (with certain exceptions, such as
SMTP for receiving e-mail) (see Figure 3.4).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig. 3.4 Representation of packet filtering on Telnet and SMTP.

As an example of packet filtering, consider a policy to allow only certain

connections to a network of address 123.4.**. Telnet connections will be allowed to only
one host, 123.4.5.6, which may be the site's Telnet application gateway, and SMTP
connections will be allowed to two hosts, 123.4.5.7 and 123.4.5.8, which may be the
site's two electronic mail gateways. NNTP (Network News Transfer Protocol) is allowed
only from the site's NNTP feed system, 129.6.48.254, and only to the site's NNTP server,
123.4.5.9, and NTP Network Time Protocol) is allowed to all hosts. All other services,
and packets are to be blocked. An example of the rule-set is in Table 5.4.

TABLE 3.4
PACKET FILTERING TABLE
Type Source Destinatio Sourc Destination por Action
address n e port t
Address
TCP * 123.4.5.6 >1023 23 permit
TCP * 123.4.5.6 >1023 25 permitpermitpermitpermi
TCP * 123.4.5.6 >1023 2 t
TCP 129.6.58.25 123.4.5.6 >1023 119 *
UD 4 123.4.* * >1023 123
P * * * *
* *

The first rule allows TCP packets from any source address and port greater than
1023 on the Internet to the destination address of 123.4.5.6 and port of 23 at the site. Port
23 is the port associated with the Telnet server, and all Telnet clients should have
unprivileged source ports of 1024 or higher. The second and third rules work in a similar
fashion, except packets to destination addresses 123.4.5.1 and 123.4.5.8, and port 25 for
SMTP, are permitted.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The fourth rule permits packets to the site's NNTP server, but only from source
address 129.6.48.254 to destination address 123.4.5.9 and port 119 (129.6.48.254 is the
only NNTP server that the site should receive news from, thus access to the site for
NNTP is restricted to only that system). The fifth rule permits NTP traffic, which uses
UDP as opposed to TCP, from any source to any destination address at the site. Finally,
the sixth rule denies all other packets-if this rule is not present, the router may or may not
deny all subsequent packets. This is a very basic .example of packet filtering. Actual
rules permit more complex filtering and greater flexibility.
While some of these services such as Telnet or FTP are inherently risky, blocking
access to these services completely may be too drastic a step for many sites. Not all
systems · generally require access to all services. For example, restricting Telnet or FTP
access from the Internet to only those systems that require the access can improve the
security of users at no cost. Services such as NNTP may seem to pose little threat, but
restricting these services to only those systems that need them helps to create a cleaner
network environment and reduces the likelihood of exploitation from yet-to-be-
discovered vulnerabilities and threats.

Application Gateways :-
To counter some of the weaknesses associated with packet filtering routers,
firewalls need to use software applications to forward and filter connections for services
such as Telnet and FTP. Such an application is referred to as a proxy service, while the
host running the proxy service is referred to as an application gateway. Application
gateways and packet filtering routers can be combined to provide higher levels of
security and flexibility than if either were used alone.

What Should a Firewall Contain?

Once the decision is made to use firewall technology to implement an
organization's security -policy, the next step is to procure a firewall that provides the
appropriate level of protection and is cost-effective. However, what features should a
firewall have, at a minimum, to provide effective protection? One cannot answer this
question entirely with specifics, but it is possible to recommend that, in general, a
firewall should have the following significant features or attributes.

1. Be able to support a ―deny all services except those specifically permitted"

design policy, even if that is not the policy used;
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
2. Support your security policy, not impose one;
3. Be flexible and able to accommodate new services and needs if the security
policy of the organization changes;
4. Contain advanced authentication measures, or should contain the hooks for
installing advanced authentication measures;
5. Employ filtering techniques to permit or deny services to specified host systems,
as needed;
6. Use proxy services for services such as FTP and Telnet, so that advanced
authentication measures can be employed and centralized at the firewall. If
services such as NNTP, http, or gopher are required, the firewall should contain
the corresponding proxy services;
7. Contain the ability to centralize SMTP access, to reduce direct SMTP
connections between site and remote systems. This results in centralized handling
of site e-mail;
8. Accommodate public access to the site, such that public information servers can
be protected by the firewall but can be segregated from site systems that do not
require the public access;
9. Contain the ability to concentrate and filter dial-in access;
10. Contain mechanisms for logging traffic and suspicious activity, and also
mechanisms for log reduction so that logs are readable and understandable;
11. Be developed in a manner that its strength and correctness is verifiable. It should
be simple in design so that it can be understood and maintained;
12. Be updated with patches and other bug fixes, at regular time intervals.

If the firewall requires an operating system such as UNIX, a secured version of

the operating system should be a part of the firewall, with other security tools as
necessary to ensure firewall host integrity. The operating system should have all patches
installed.
The IP filtering language should be flexible, user-friendly to program, and should
filter on as many attributes as possible, including source and destination IP address,
protocol type, source and destination TCP/UDP port, and inbound and outbound
interface.
There are undoubtably more issues and requirements, however many of them will
be specific to each site's own needs. A thorough requirements definition and high-level
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
risk assessment will identify most issues and requirements; however it should be
emphasized that the Internet is a constantly changing network.
New vulnerabilities can arise, and new services and enhancements to other
services may represent potential difficulties for any firewall installation. Therefore,
flexibility to adapt to changing needs is an important consideration.

Benefits of an Internet Firewall:-

Internet firewalls manage access between the Internet and an organization's
private network. Without a firewall, each host system on the private network is exposed
to attacks from other hosts on the Internet. This means that the security of the private
network would depend on the ―hardness" of each host's security features and would be
only as secure as the weakest system.
Internet firewalls allow the network administrator to define a centralized "choke
point that keeps unauthorized users such as hackers, crackers, vandals, and spies, out of
the protected network, prohibits potentially vulnerable services from entering or leaving
the protected network, and provides protection from various types of routing attacks. An
Internet firewall simplifies security management, since network security is consolidated
on the firewall systems rather than being distributed to every host in the entire private
network.
Firewalls offer a convenient point where Internet security can be monitored and
alarms generated. It should be noted that for organizations that have connections to the
Internet, the question is not whether attacks will occur but, when do they occur? Network
administrators must audit and log all significant traffic through the firewall.
If the network administrator does not take the time to respond to each alarm and
examine logs on a regular basis, there is no need for the firewall, since thenetwork
administrator will never know if the firewall has been successfully attacked! Few years,
the Internet has been experiencing an address space crisis that has made registered IP
addresses a scarce resource.
This means that organizations wanting to connect to the Internet may not be able
to obtain enough registered IP addresses to meet the demands of their user population. An
Internet firewall is a logical place to deploy a Network Address Translator (NAT) that
can help alleviate the address space shortage and eliminate the need to renumber when an
organization changes its ISPs.
An Internet firewall is the perfect point to audit or log Internet usage. This permits
the network administrator to justify the expense of the Internet connection to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
management, pinpoint potential bandwidth bottlenecks, and provide a method for
departmental charge backs if this fits the organization's financial model.
An Internet firewall can also offer a central point of contact for information
delivery service to customers. The Internet firewall is the ideal location for deploying
World Wide Web and FTP servers. The firewall can be configured to allow Internet
access to these services, while prohibiting external access to other systems on the
protected network.
Finally, some might argue that the deployment of an Internet firewall creates a
single point of failure. It should be emphasized that if the connection to the Internet fails,
the organization's private network will still continue to operate though the Internet access
is lost. If there are multiple points of access, each one becomes a potential point of attack
that the network administrator must firewall and monitor regularly.
By adequately securing little corners of cyberspace, you can instil and maintain
the right levels of trustworthiness that your customers both demand and deserve. We have
seen that e-security requires a holistic approach.
It is as much a set of behaviors as it is a bundle of software tools and network
sniffers which, by themselves, might leave us with a false sense of security. Analogies
abound in our everyday lives. We buy expensive alarm systems for our homes, move
around elite communities, opt for a German Shepherd or a Doberman Pinscher, and yet
we know that these are only partial solutions.
True security requires that you educate your staff, develop manageable security
policies and procedures, and create a secure organization (whether it be one or many
employees) that enforces those policies. It requires that you properly configure your
network for your organization, without assuming that off-the-shelf configurations are
right for you.
It also means investing in the tools and expertise that you deem necessary to
evaluate and monitor your network in order to detect intrusions before they actually
happen, as well as develop a clear strategy for dealing with an intrusion when it
inevitably happens.
Finally, a secure network calls for constant vigilance. This means keeping up with
the technological changes around you by reading trade journals and periodicals, joining
user groups that discuss security issues and disseminate the latest security information,
and attending conferences, seminars, and any relevant training that will keep you abreast
of evolving security needs.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Defining an Enterprise-wide Security Framework:-

Traditionally, organizations have relied on policies to communicate high-level
directives from the management. These documents, once issued, provide a top-down
influence for everyone in the company-from business units to departments to individual
employees. Furthermore, these policies typically were developed at one time in the
organization's evolution to capture the current environment.
One of the major challenges for an organization in this area is the continued
growth and adaptation of the policies to mirror the transformation within the
organization. The fastest area of growth and change within an organization is Information
Systems.
With the rapid development and push towards new technologies, organizations
find themselves striving to maintain current technical environments with outdated
policies. Secondly, with the emergence of new technology strategies such as Intranets and
Extranets, security and protection of informational assets has become paramount.
The first step is an enterprise-wide Information Systems security policy that is
consistently enforced even as business needs change. Unfortunately, most companies
have only bits and pieces of security scattered throughout the organization.
These may make some departments or individuals feel safe, but they do little to
protect the enterprise as a whole. A security policy should include People, Policy, and
Technology. The security process is a mixture of these three elements. Each element
depends in some manner on the other elements. Also, issues receive greater coverage
when the elements are combined. The controls environment is greatly enhanced when
these three elements work in concert. A simple diagram will suffice to illustrate this (see
Figure. 3.5). This diagram shows the basic elements and also the coverage areas.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig. 3.5 People, policy and technology model.

As you move towards the union of these elements, the controls environment
increases there is greater coverage. Let us understand these three elements individually.

People - This core clement is the most important. The people element comprises the
people and various roles and responsibilities within the organization. These are the
people that are put in place to execute and support the process. A few key roles include
senior management, security administrators, system and IT administrators, end users, and
auditors.

Policy - This element comprises the security vision statement, security policy and
standards, and the control documentation. This is basically the written security
environment—the bible that the security process will refer to for direction and guidance.

Technology - This element includes tools, methods, and mechanisms in place to support
the process. These are core technologies--the operating systems, the databases, the
applications, the security tools-embraced by the organization. The technology then is the
enforcement, monitoring, and operational tools that will facilitate the process.
The concept is that each core element could be measured for effectiveness and
coverage. Also, issues can be measured against the model to determine what controls
coverage for that issue. The objective then is to move issues into the intersecting areas of
the elements, with the final objective of moving the issue into the middle area of greatest
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
coverage. As risk issues are identified, each step to manage the risk will fall into one of
the core elements of people, policy, or technology.
If the issue is resolved with one of the elements, addressing one of the other
elements can enhance this resolution. As the core elements are added to the controls
environment and utilized in concert, the issue is then resolved on several fronts the
controls coverage is greater.

The People, Policy, and Technology (PPT) Model:-

The PPT model can be illustrated with a few simple examples. Figure 3.6 shows
the PPT model with regards to Internet usage and misuse. Users are educated on the
proper usage of the Internet. The controlsenvironment relies solely on the user. An
Internet usage policy is written to document proper use of the Internet and the
consequences of misuse. The controls environment now is supported by two of the three
core elements.

Fig. 3.6 Internet connection: coverage by three elements.

The PPT model is simply the analysis of a risk issue. If the issue is broken down
into the three core elements, action items can be determined for each core element: In this
manner, control coverage can be moved from one element to two, and ultimately to
coverage by all of the elements.

Understanding the Security Framework

Key elements, also referred to as the ―Four Pillars‖ to Information Security,
include:
 Solid Senior Management Commitment.
 An overall Security Vision and Strategy.
 A comprehensive Training and Awareness Program.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 A solid Information Security Management Structure including key skill sets
and documented responsibilities as depicted in Figure 3.7.

Within the four ―pillars‖ of the program, several phases are included.

The first is the Decision Driver Phase, which contains factors determining the
business drivers of security. These include Technology Strategy and Usage, Business
Initiatives and Processes, and Threats, Vulnerabilities and Risk. All these combine to
form a unique "Security Profile‖ of the organization. The "profile" needs to be reflected
in the Security Policies and Technical Controls.

The next facet of the Information Security Framework includes the design of the
security environment, also called the Design Phase. This is the stage where the
organization documents its security policy, the control environment and deals with
controls on the technology level. A key element in this process is not only the clear
definition of security policy and technical control information, but also the "Security
Model" of the enterprise. Information Classifications and Risk Assessment methods fall
under this component. These processes.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig. 3.7 Information security management structure.

Allow the organization to manage risk appropriately and identify the risks and value of
information assets.
The final facet of the Information Security Framework is the Implementation
Phase. This begins by documenting the Administrative and End-User guidelines and
procedures. These guidelines must be succinct and flexible for the changing environment.
Enforcement, Monitoring, and Recovery processes are then layered on for the
operational support of the security program. These processes are "where the rubber hits
the road". All the benefits of the Security Program design and documentation are
diminished if it is not put into effect on an operational day-to-day basis.

Secure Physical Infrastructure:-

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
All of us are concerned about physical and environmental security. We may not
always do a formal risk assessment exercise, but intuitively, we try to ensure that we are
secure. BS 7799 is very explicit about the requirements of this domain, which is
applicable to the business premises and business information processing facilities.
Design, implementation and monitoring of many controls for this domain will
have to be jointly done with the physical security department.
Security can be best achieved by ensuring multiple layers of security and not
depending on a single measure. This principle is very evident here. The controls for
physical and environmental security are defined in three areas:
Security of the premises
Security of the equipment.
Secure behavior

Security of the Premises:-

Physical security perimeter. We begin by defining the boundary of the premises
and examining the security requirement, based on the risk assessment. The best way to do
this will be to walk around the premises and 'case the joint.' Evaluate all the entry points
through which an intruder could come in. Take help of a security agency to do this. Do
not depend on your skills as an armchair detective. The classical approach to securing the
premises is to create multiple barriers.
Start with the outermost perimeter. How much resistance this perimeter is
expected to provide? Based on risk assessment, you need to decide all the physical
specifications like height, width for the protective wall. Next, consider all the entry
points.
Are the doors strong enough? Are the door frames strong enough? Are the
windows, ventilators, air-conditioning firmly secured with grills? Do the physical barriers
extend from real floor to real ceiling, or is there a gap between false ceiling and real
ceiling through which somebody could crawl in? We need to detect the weakest link
while assessing the perimeter defense. How are the access points guarded? Are they
controlled through card-controlled entry gates? Are watchmen, guards or receptionist
monitoring the entry points?
Physical entry controls. Only the authorized persons should be allowed access to
the secure areas. This objective could be achieved by having a clear access control policy
defining the access rights. Based on this policy, appropriate measures should be in place.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
These measures may take the form of access control devices like swipe card
controlled doors, logging information about visitors and visible identification badges.
Securing offices, rooms and facilities. Location of the secure office within the
physically secure perimeter should be chosen with care. All the risks pertaining to fire,
flood, explosion, civil unrest and other forms of natural or man-made disaster should be
considered.
There could also be threat from neighboring premises, caused by leakage of
water, spreading of fire, or storage of toxic/inflammable/explosive material. Even bulk
supplies like stationery should not be stored within the secure premises.
The secure location should not be publicized in any manner. No display board,
banners, signs to indicate the presence of any important information processing activity.
Even the internal telephone directories should not be readily accessible to outsiders.
Support facilities like photocopier, fax machines, which are constantly accessed
by everyone, should be located away from the secure area. Suitable intrusion detection
systems like CCTV, motion sensors etc. should be installed and regularly tested.
Working in secure areas. Security equipment like CCTV and swipe-card controlled
gates are of no use if the persons working in these locations are not trustworthy, or are
incompetent, or simply lack awareness of their responsibility. They should be hand-
picked and trained for these operations. They should not brag about their nature of work
or location.
Also, information should be provided on need-to-know basis. Segregation of
duties should be scrupulously followed with strict supervision. Third-party personnel
should be granted restricted access. No photographic, video, audio or other recording
equipment must be allowed inside the premises, unless authorized.
Isolated delivery and loading areas. We have taken care of every aspect of physical
security in the above paragraphs, but do we know how canteen facilities get into secured
premises? How the trash is taken out? How the courier delivers the parcels? In industrial
premises, there could be constant movement of incoming and outgoing material. All this
traffic needs to be isolated from the secure office area, so that it does not pose a threat.

Security of the Equipment:-

Equipment setting and protection. Our next concern is the appropriate security of the
equipment. Information processing equipment needs to be handled carefully. The first
level of equipment protection depends on physical location.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The location should minimize the need for unnecessary access, as well as prevent
snooping. It should be such as to minimize the risk of theft as well as the risk from
natural disasters like fire, flood, chemicals etc. Also, consider risks like electrical and
electromagnetic interference, humidity etc.

Power supplies. Information processing will come to halt in the absence of a suitable
power supply. This could be the worst type of a denial-of-service attack. A
thorough business risks assessment is necessary to understand the impact on non-
availability of power for certain durations. Based on the evaluation, appropriate measures
need to be taken.
These could be:
1. Taking power from multiple feeds of electric supply.
2. In case all the electric supplies fail simultaneously, you need to have an
uninterruptible power supply (UPS) with adequate battery capacity capable of
sustaining the initial load.
3. The UPS could in-turn be supported by backup generator sets.
4. The backup generator would require adequate supply of fuel, which also needs to
be stored with replenishment, assured by the suppliers.
5. Proper installation of emergency lights should also be planned; lightning
protection should be provided to the power installation and the communication
lines.

Cabling security. We really need to remember every detail, including the proverbial last
nail. Do we know the physical layout of power cables and communication cables in our
premises? The first step will be to obtain wiring diagrams and update them. Then, do a
physical inspection and assess the protection needs against damage, interference or
interception, establish the best practices for laying the network cables as well as power
cables, and ensure that these are actually implemented. The next step is to decide on
additional security protection required for the network.
This could be expensive for an old installation. Safety measureslike use of
armored conduit cables, underground ducts, or fiber optic cabling will require huge
investment and need to be justified based on risk assessment.
But simple measures like providing locks to the communication cable patch
board, which are often over-looked, should be immediately implemented.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Equipment maintenance. It is normally expected that due care is taken for equipment
maintenance, and proper records are maintained. From a security angle, two more
measures are required. One is to maintain record of faults that were noticed, and the
second step is to maintain records of all equipment sent off the premises for
maintenance.

Security of equipment off premises. Shrinking size of computers and expanding wide
area networks have made the computer equipment extremely mobile. Processing as well
as storage capacity of mobile devices has been following Moore's law of doubling every
18 months.
Securing these devices is as important as securing the data center. Various
controls that should be considered are: administrative controls like permissions and
corporate policy on use of mobile computers in places like airplanes, physical controls
like securing the devices with security chains, alarms, and storing them at non-obvious
places, using access control devices like USB tokens, and finally taking adequate
insurance cover.

Secure disposal or reuse of equipment. Storage devices have long memory, unless
specifically destroyed. Mere deletion is not enough. This becomes important when an old
computer equipment is disposed off or transferred to another location.
Equipment sent for repair are equally susceptible to reading of data from the
'deleted' storage devices. Every such device should be subjected to a thorough erasing
and overwriting to destroy the data. Since some reports claim that the data could be
recovered even after multiple overwriting and formatting, it may be desirable to
physically destroy the media containing top secret information.

Secure Behavior:-
Clear desk and clear screen policy. Our concern for information security should not
stop at securing the premises and equipment. Sensitive information could be accessible in
many forms, and it is necessary to identify and protect the information in all its
incarnations.
Classification of information will help to identify the sensitivity, but having an
organizational "clear desk and clear screen policy‖ could ensure actual protection. In
brief, it means keep everything under lock and key and do not allow anybody to snoop.
The following guidelines should be issued:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Lock up all documents and media when not being used.
 Protect the computers and terminals through use of key locks, passwords, and
screen
 Savers.
 Fax and telex machines used for confidential information should not be left
unattended.
 Access to photocopiers and scanners is restricted after office hours.
 Printing of classified information should be supervised and all printouts must
be removed immediately.

Removal of property. Any movement of equipment, information or software should be

only with proper authorization. All these movements should be logged and records
maintained for all outgoing and incoming items.
In these days of storage media capable of containing gigabytes of information,
this procedure becomes very important. Employees should be made aware that spot
checks would be carried out to ensure full compliance.
Security is being paranoid about threats. Physical security is very demonstrative
about this paranoia. But, it also sets the tone about the organization's concern about
information security.

Information Security Environment in India?

Most Indian companies that are aiming to go global will require certifying their
ability to maintain proper security levels when scouting for international clients.
Information security is no more a mere legal requirement but it is fast becoming a factor
for companies to compete on and grow businesses. A "secure and reliable‖ environment-
defined by strong copyright, IT and cyber laws-is an imperative for the growth and future
success of the ITES--BPO industries.
NASSCOM has been proactive in pushing this cause and ensuring that the Indian
Information Security environment benchmarks with the best across the globe. Indian
ITES BPO companies today adhere to international best practices—they are regularly
audited by independent certified auditors, comply with international standards at the
highest levels, update procedures and practices regularly and meet, is not exceed the
worldwide information security standards to ensure that data and personal information of
international customers is adequately protected.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Security Environment in India:-

Indian companies are known for their quality deliverables. International
certifications like ISO 9000 went a long way in establishing this reputation. Likewise
following international standards in information security is also helping Indian
companies build credibility among customers. While most Indian BPO firms are
recognized for high quality processes and services, information security practices need to
be constantly reviewed and updated according to the rapidly changing environment.
Customer data demands special focus.
Indian companies have robust security practices comparable to those followed by
western companies. Indian companies primarily comply with BS 7799—a global
standard that covers all domains of security.
Companies sign Service Level Agreements (SLA), which have very strict
confidentiality and security clauses built into them at the network and data level. Such
SLAs also cover all relevant laws that the companies want its offshore providers to
comply with and actions that can be taken in case of breaches.
Laws such as the IT Act, 2000, Indian Copyright Act, Indian Penal Code Act and
the Indian Contract Act, 1972 provide adequate safeguards to companies offshoring work
to US and UK. Most of the BPO companies providing services to UK clients ensure
compliance with UK Data Protection Act, 1998 (DPA) through contractual agreements.
Companies dealing with US clients require compliance depending upon the
industry served, e.g. Healthcare requires compliance with HIPAA, and financial services
require compliance with GLBA.
To ensure compliance with such laws, Indian vendors follow security practices as
specified by clients such as security awareness, protection of information, non-disclosure
agreements, screening of employees, etc. Further, clients conduct periodic audits to
ensure compliance. Many companies in India are undergoing/have undergone SAS-70
Audit. SAS-70 assignments helps service companies operating from India to implement
and improve internal controls, ensure minimal disruptions to business from clients'
auditors, and is potent marketing tool in the face of increasing competition.

NASSCOM's Security Initiatives:-

NASSCOM has taken a holistic view of Information Security through its ‗Trusted
Sourcing'3 Initiative to strengthen the regulatory framework and further improve India's
attractiveness as an outsourcing destination.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
This multi-pronged initiative is targeted at employees, organizations, enforcement
agencies and policy amendment, through a '4E Framework' - Engagement, Education,
Enactment and Enforcement.
NASSCOM has been working closely with the ITES-BPO industry in India, to
create a, robust and secure Information Security culture, and in association with other
stakeholders like the Indian Government on the issue of creating a relevant regulatory
environment. All these initiatives aim to further strengthen information security
environment, together with initiatives being rolled out by NASSCOM and the ITES-BPO
industry.
NASSCOM, with the Indian government has also laid the foundation for the
required legal framework through the proposed Amendments to the Indian IT Act of
2000 which includes laws and policies concerning data security and cybercrimes and the
Indian Copyright Act of 1972 which deals with copyright issues in computer programs.

Trusted Sourcing Initiative:-

This initiative seeks to reinforce India as a secure and reliable technology partner.
NASSCOM has also instituted the 4E framework to establish India as a trusted sourcing
destination. This framework ensures highest standard of information security in the
outsourcing industry in India.
As part of the trusted sourcing initiative, the following activities have been
undertaken until now:

4Es Activities planned Status

Engage Creation of Global and National Advisory Board operational
National Advisory Boardson fromDecember 2004
Security Engaged with the following
Meet all stakeholders in stakeholdersDepartment of Homeland
India and key markets Security
Treasury--Infrastructure Compliance
Federal Reserve Board --New York
Industry bodies-- ITAA, FSTC, BITS
Think tanks-Heritage, CSIS, IPI
Academia-CMU
Educate Reports to members on model Focus on NASSCOM members-created
contracts, SLAs,security awareness about secure sourcing
practices andstandards, Commissioned research reports on
industrylegislation like security Educated members on Model
HIPAAGLB, DPA Seminars to contracts, SLAs, best practices through
educatemembers, lawmakersand reports and meetings Educational collateral
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
judiciaryCreate intellectual for judiciary and police in India Set up
capitalfor members and training labs-currently 4 cyber labs
otherstakeholders operational Mumbai, Pune, Thane, Bangalore
Imparts one-week training module to officers
Organized awareness seminars for senior
police leadership in Pune, Nasik, Jammu,
Gandhinagar, Barrackpore, Aurangabad,
Nagpur, Goa, Bhopal, Indore, Jaipur and
Gujarat.
Addressed workshops and seminars for trial
judges Organized workshops for public
prosecutors Cyber Safety Awareness Week
being organized in Mumbai every year since
2003, also conducted
in Hyderabad in July ‘66
Enact Examine areas to strengthen Working with Ministry of IT and Ministry of
legal framework in India Work LawIT Act, 2000 being strengthened to bridge
with coalitions and regulators in the gapUS India Gap Analysis in place—
key markets to identify areas rangingfrom hacking to credit card theft
relevant provisions to health information to children's
information.
Consensus that IT Act, Contracts A Relief
Act, Indian Penal Code, Consumer Protection
Act, Arbitration & Conciliation Act, are
largely sufficient to meet concerns The
proposed Self-RegulatoryOrganization (SRO)
for the industry is underway.
Best security practicesin member Working with members to enact secure
companies practices Physical security-access codes,
security guards, fire suppression systems, etc.
Network security-technological solutions like
firewalls. Anti-virus at various levels,
encryption methodologies, authentication and
access controls, Intrusion Detection System,
VPN etc. Information security
- Employee background checks
- No access to internet, cell phones, e-mail,
instant messaging, not even paper and pens
- Stringent customer audits to ensure
compliance with GLBA, HIPAA, and other
regulatory provisions Few cases of
infringement-inter-agency co-operation
between FBI and CBE-cases in court
-Liaised with law enforcement to follow up
cases involving data security to ensure
adequate and prompt response.
Enforce Established Cyber Labs in 4 NASSCOM has formed an alliance with
cities—to be extended to other BusinessSoftware Alliance (BSA), and
citiesSecurity audit of members, recently launchedtoll-free numbers to report
security certification for software piracyOrganized workshops for
employees public prosecutors atMumbai.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Meetings with all India police officers to
Focus on personnel security educate on cyber-security and how to
recognize and prosecute cybercrime.
NASSCOM launched the National Skills
Registry of IT and BPO employees in January
2006.

NASSCOM'S Flagship Initiatives:-

Proposed Self-Regulatory Organization (SRO):-

The Self-Regulatory Organization has been conceptualized following an in-depth
gap analysis of the Indian law and various international standards (like US and EU laws),
identifying the loopholes and then attempting to amend the Indian law to make it
equivalent to the global standards which exist. SRO is an independent, self-regulatory
body that proposes a basic set of security and privacy standards, to which companies can
choose to adhere. This SRO would establish, monitor, and enforce privacy and data
protection standards for India's ITES-BPO Industry.

National Skills Registry (NSR):-

NSR is a centralized database of all employees of the IT services and BPO
companies in India. This database contains third party verified personal, qualification and
career information of IT professionals.
The objective of NSR is to improve recruitment practices in IT and BPO industry,
which will in turn help in maintaining India's global competitive advantage.
It is an employee-friendly measure to minimize any misuse of employee identity,
where employers will be able to view the verified resume of the IT professional, if
authorized by the professional.

Amendments to the Indian IT ACT :-

The Union Cabinet (on October 16, 2006) has approved the amendment to the IT
Act, 2000. NASSCOM worked with the government to evolve recommendations for
amendments to further strengthen the Indian IT Act, 2000. The recommendations are
focused around protecting overseas customer data and tightening the punishment for
defaulters. We understand that these amendments have incorporated most of the
recommendations, and are hopeful that this will lead to better handling of cybercrime by
enforcement authorities. We expect this to be discussed in the winter session of the
Parliament.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Additionally, most Indian IT and BPO companies conform to global standards
such as BS 7799 and also specific standards depending on the country/sector they cater
to. For example in the US, Healthcare requires compliance with HIPAA, Financial
services require compliance with GLBA.

EXERCISES
Q.1 Explain security on the internet.
Q.2 How to provide security to email and website.
Q.3 How vulnerable is the internet sites?
Q.4 Explain firewall component and what should firewall contain.
Q.5 Give benefits of internet firewall.
Q.6 Discuss the security requirements of Internet and E-commerce applications and how
these
Requirements are fulfilled by various hardware and software systems.
Q.7 What are the security issues of E-commerce?
Q.8 Discuss password schemes and Biometric systems for implementing client server
network
Security.
Q.9 Discuss various threats posed by servers in a client server environment.
Q.10 Write short note on: (i) Biometric Systems. (iv) Digital Signatures.
Q.12 Discuss the various threats involved in client server communications and how are
they
Encountered in EC business.
Q.13 Explain how SSL(secure socket layer ) helps an Ecommerce system to be secure.
Q.14 Explain intrusion mechanisms and intrusion detection techniques.
Q.15 What is the functionality of antivirus programs? How are viruses detected and
fixed?
Q.16 Describe the Risk Management issues in E-Commerce.
Q.17 Explain about the E-Security
Q.18 Explain in brief E-security and E-payment.
Q.19 Explain how are websites hacked.
Q.20 Write a short note on: Network and Website Security risks.
Q.21 Write a short note on network security and its types.
OR explain strategies or methods to provide network security.
Q.22 Explain few methods to provide security to email.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
CHAPTER - 4
E-payment Systems
E-banking at ICICI Bank :-
The banking industry in India is facing unprecedented competition from non-
traditional banking institutions, which now offer banking and financial services over the
Internet. The deregulation of the banking industry coupled with the emergence of new
technologies, are enabling new competitors to enter the financial services market quickly
and efficiently.
Internet banking for E-banking) means any user with a personal computer and a
browser can get connected to his bank-s website to perform any of the virtual banking
functions. In internet banking system the bank has a centralized database that is web
enabled.
All the services that the bank has permitted on the internet are displayed in menu.
Any service can be selected and further interaction is dictated by the nature of service.
The traditional branch model of bank is now giving place to an alternative delivery
channels with ATM network.
Once the branch offices of bank are interconnected through terrestrial or satellite
links, there would be no physical identity for any branch. It would a borderless entity
permitting anytime, anywhere and anyhow banking.
The Internet banking is changing the banking industry and is having the major
effects on banking relationships. Internet banking involves use of Internet for delivery of
banking products & services.
It falls into four main categories, from Level 1 - minimum functionality sites that
offer only access to deposit account data--to Level 4 sites--highly sophisticated offerings
enabling integrated sales of additional products and access to other financial services
such as investment and insurance. In other words a successful Internet banking solution
offers

 Exceptional rates on Savings, CDs, and IRAs

 Checking with no monthly fee, free bill payment and relates on ATM surcharges
 Credit cards with low rates
 Easy online applications for all accounts, including personal loans and mortgages
 24-hour account access
 Quality customer service with personal attention
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

ICICI Bank is India's second-largest bank with total assets of Rs 3,446.58 billion
(US$ 79 billion) at March 31, 2007 and profit after tax of Rs 31.10 billion for fiscal 2007.
The bank has a network of about 950 branches and 3,300 ATMs in India and presence in
17 countries.
ICICI Bank offers a wide range of banking products and financial services to
corporate and retail customers through a variety of delivery channels and through its
specialized subsidiaries and affiliates in the areas of investment banking, life and non-life
insurance, venture capital and asset management. The bank currently has subsidiaries in
several other countries.
ICICI Bank was originally promoted in 1994 by ICICI Limited, an Indian
financial institution, and was its wholly-owned subsidiary. ICICI's shareholding in ICICI
Bank was reduced to 46% through a public offering of shares in India in fiscal 1998, an
equity offering in the form of ADRs listed on the NYSE in fiscal 2000, ICICI Bank's
acquisition of Bank of Madura Limited in an all-stock amalgamation in fiscal 2001, and
secondary market sales by ICICI to institutional investors in fiscal 2001 and fiscal 2002.
ICICI was formed in 1955 at the initiative of the World Bank, the Government of India
and representatives of Indian industry.
The principal objective was to create a development financial institution for
providing medium-term and long-term project financing to Indian businesses. In the
1990s, ICICI transformed its business from a development financial institution offering
only project finance to a diversified financial services group offering a wide variety of
products and services, both directly and through a number of subsidiaries and affiliates
like ICICI Bank. In 1999, ICICI become the first Indian company and the first bank or
financial institution from non-Japan Asia to be listed on the NYSE.
Banking without borders has become an established concept as customers become
increasingly sophisticated and international in their outlook. Banks across the globe have
swiftly embraced this change by offering electronic banking across multiple channels.
However, in this transition from branch banking to multi-channel banking, the key fact
that has been overlooked is, customer convenience. As banks have adopted technology
for electronic banking, the limitation of technology, to integrate with existing systems of
the banks to provide a unified relationship view of the customers, has been a challenge.
Further, the lack of flexibility in systems built on obsolete technology has pushed
banks to move with the times and offer varied products to meet the changing needs of
today's customers.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
What banks need today is, a new generation electronic banking solution built on
open architecture with robust security features that provides true relationship banking
functionality.
The solution should not only meet today's business requirements but also be
scalable and flexible enough to meet the changing demands of the retail customer.

Automated Teller Machine (ATM) :-

ATM is designed to perform the most important function of bank. It is operated
by plastic card with its special features. The plastic card is replacing cheque, personal
attendance of the customer, banking hours restrictions and paper based verification.
There are debit cards.
ATMs used as spring board for Electronic Fund Transfer. ATM itself can provide
information about customers account and also receive instruction's from customers-ATM
cardholders.
An ATM is an Electronic Fund Transfer terminal capable of handling cash
deposits, transfer between accounts, balance enquiries, cash withdrawals and pay bills. It
may be on-line or off-line. The on-line AFM enables the customer to avail banking
facilities from anywhere.
In off-line the Internet banking (or E-banking) means any user with a personal
computer and a browser can get connected to his bank -s website to perform any of the
virtual banking functions.
In internet banking system the bank has a centralized database that is web-
enabled. All the services that the bank has permitted on the internet are displayed in
menu.
Any service can be selected and further interaction is dictated by the nature of
service. The traditional branch model of bank is now giving place to an alternative
delivery channels with ATM network. Once the branch offices of bank ace
interconnected through terrestrial or satellite links, there would be no physical identity for
any branch. Any customer possessing ATM card issued by the Shared Payment Network
System can go to any ATM linked to Shared Payment Networks and perform his
transactions.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Credit Cards/Debit Cards :-
The Credit Card holder is empowered to spend wherever and whenever he wants
with his Credit Card within the limits fixed by his bank. Credit Card is a post paid card.
Debit Card, on the other hand, is a prepaid card with some stored value.
Every time a person uses this card, the Internet Banking house gets money
transferred to its account from the bank of the buyer. The buyers account is debited with
the exact amount of purchases.
An individual has to open an account with the issuing bank which gives debit
card with a Personal Identification Number (PIN). When he makes a purchase, he enters
his PIN on shops PIN pad.
When the card is slurped through the electronic terminal, it dials the acquiring
bank system-either Master Card or VISA that validates the PIN and finds out from the
issuing bank whether to accept or decline the transactions.
The customer can never overspend because the system rejects any : transaction
which exceeds the balance in his account. The bank never faces a default because the
amount spent is debited immediately from the customers account:
ICICI Bank' Corporate Internet Banking (CIB) is a one stop shop for all your :
online banking needs. It gives you the power to execute critical bank transactions
instantly from your office locations with no time lags and hence is an indispensable tool
in today's 24 x 7 high-speed business world.
With CIB, you can dramatically cut your paperwork and enjoy the triple benefits
of 'efficiency, ease of use and economy'.

Non-Transaction Services
 Real Time Account Balance Information
 Download or Account Statements in six formals
 Subscription for Account Statements by E-mail
 Request for Cheque Book, Stop Payment and FD Opening
 Trade MIS to view all your trade-relater! banking information.

Transaction Services
 Transfer funds within own ICICI account (Self account transfer)
 Transfer funds to channel partners ICICI account (Own to External transfer.)
 Transfer funds from channel partners ICICI account (External to Own)
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Transfer funds to non-ICICI Bank accounts using EFT/NEFT/RTGS.
 Utility Bill Payments to more than 85 billers across India
 Online Tax payment facility
 e-payment gateways.

Mobile Banking :-
In today's hectic corporate world, it may not be always easy to keep track of
everything related to your finance and banking. Now with ICICI Bank's secured Mobile
Banking Service, you can access your bank accounts and carry out transactions through
your mobile.
Get alerts and reminders at the right moment and more. Our secured Mobile
Banking Service answers your business needs, all through the push of a few buttons.

Push-based Alerts :-
 You will receive alerts for following transactions:
 Daily Closing Account balance
 Inward cheque returns above Rs 5000.00
 Outward cheque returns above Rs 5000.00
 Debit above Rs 5000.00
 Credit above Rs 5000.00
* Charges-as per schedule of charges.

Pull-based Alerts :-
You can register for Pull-based alerts only through Corporate Internet Banking (CIB).
The corporate users can avail the following banking services:

 Retrieve account balance.

 Retrieve last five transactions.
 Change SMS password.
 Unsubscribe from Mobile Banking.
 Status of issued cheque.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
A powerful, scalable and flexible technology platform is essential for banks to
manage growth and compete successfully. Finacle provides just the right platform to
ICICI Bank, thereby fuelling its growth.
The bank has successfully leveraged the power of Finacle and has deployed the
solution in the areas of core banking, consumer e-banking, corporate e-banking and
CRM. With Finacle, ICICI Bank has also gained the flexibility to easily develop new
products targeted at specific segments such as ICICI Bank Young Stars-a product
targeting children, Women's Accountaddressing working women and
Bank@campustargetting students.

Main Concerns In Internet Banking :-

In a survey conducted by the Online Banking Association, member institutions
rated security as the most important issue of online banking.
There is a dual requirement to protect customers' privacy and protect against
fraud. Banking Securely: Online Banking via the World Wide Web provides an overview
of Internet commerce and how one company handles secure banking for its financial
institution clients and their customers.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Some basic information on the transmission of confidential data is presented in
Security and Encryption on the Web. A multi-layered security architecture comprising
firewalls, filtering routers, encryption and digital certification ensures that your account
information is protected from unauthorized access:
 Firewalls and filtering routers ensure that only the legitimate Internet users
are allowed to access the system.
 Encryption techniques used by the bank (including the sophisticated public
key encryption) would ensure that privacy of data flowing between the browser
and the Infinity system is protected.
 Digital certification procedures provide the assurance that the data you receive
is from the Infinity system.

The growth of e-commerce is dependent, among other factors, on the existence of

secure, user-friendly and cost-effective payment systems. Handling payments is a costly
process that has been a central part of bank business for the past century.
However, it is now being transformed by technological developments, and in
particular, the Internet. The importance of the payment function lies in the fact that it
could encourage convergence between sectors with disparate objectives, since payment
systems are the common denominator of all e-commerce transactions.
Conceptually, the alternative means of payment available for e-commerce may be
classified as either electronic money (e-money), or electronic access products. The
difference between them is that whereas electronic access products basically provide
Internet access to traditional products (credit card payments, bank transfers, and the like),
e-money is a new concept, and in particular is considered to be "private money not
depending on central bank reserves.‖
Table 4.1 shows the payment systems in the US and Table 4.2 depicts the comfort
levels of consumers with regard to various payment methods.

TABLE 4.1
PAYMENT SYSTEMS IN THE US, 1999–20102

Volume ($ trillion) 1999 2005 2010

Paper $3.3 (69%) $3.4 (50%) $3.6 (36%)
Cards $1.4 (28%) $2.7 (39%) $4.3 (49%)
Electronic $0.2 (3%) $0.7 (11%) $1.3 (15%)
Total $4.9 (100%) $6.8 (100%) $8.7 (100%)
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 4.2
CONSUMER COMFORT LEVELS OF USING VARIOUS PAYMENT
METHODS3

Method Comfortable Uncomfortable

Billed later 68% 18%
Credit card 55% 27%
Debit card 32% 49%
Checking account 25% 57%
Debit card with PIN 20% 66%

Consolidated methods of payment used for distance selling mostly at national

level, such as cheque, cash-on-delivery and credit-transfer mechanisms, have proven easy
to adapt to electronic transactions.
The credit card system has to date been the usual payments instrument for goods
ordered over the Internet. This is despite security concerns and relatively higher
transaction cost.
Nevertheless, the lack of a widely accepted e-payment system is not considered to
be a major barrier for the gearing up of e-commerce. The most important factors are
undoubtedly user trust and user confidence.
E-payment systems are becoming central to e-commerce as companies look for
ways to serve customers faster and at lower cost. Emerging innovations in the payment
for goods and services in electronic commerce promise to offer a wide range of new
business opportunities.
The current state of online electronic payments is in many ways reminiscent of
the medieval ages. The merchants of Asia and Europe faced a similar problem while
trying to unlock the commercial potential of the expanding marketplace. Those ancient
traders faced a number of obstacles, such as conflicting local laws and customs regarding
commercial practices, and incompatible and nonconvertible currencies that restricted
trade.
To circumvent some of these problems, traders invented various forms of
payment instruments, such as promissory notes, bills of exchange, gold coins, and barter.
The merchants also developed commercial law surrounding the use of these instruments,
that proved to be one of the turning points in the history of trade and commerce. We are
on the verge of a similar sort of development today with regard to e-payment systems.
Table 4.3 shows trends in online payments.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 4.3
ONLINE BANKING HOUSEHOLDS AND THOSE THAT PAY ONLINE4

Year Banking online (million) Paying online

2003 29.6 50%
2004 35.3 57%
2005 40.9 64%
2006 46.2 71%
2007 51.3 78%
2008 56.0 85%

Everyone agrees that the payment and settlement process is a potential bottleneck
in the fast-moving electronic commerce environment, if we rely on conventional payment
methods such as cash, cheques, bank drafts, or bills of exchange. Electronic replicas of
these conventional instruments are not well-suited for the speed required in e-commerce
purchase processing.
For instance, payments of small denominations (micropayments) for bits and
pieces of information must be accepted by vendors in real time. Conventional instruments
are too slow for micropayments, and the high transaction costs involved in processing
them add greatly to the overhead.
Therefore, new methods of payment are needed to meet the emerging demands of
e-commerce. These new payment instruments must be secure, have a low processing
cost, and be accepted widely as global currency tender. -

History's Lesson About Payments: People Drive Change :-

The development of money is not dependent solely on objective characteristics.
Subjective valuations play a critical role. Ultimately consumers determine what form of
money is most desirable people simply substitute cheaper and more convenient forms of
money for expensive and inconvenient forms. It is ultimately through this substitution in
use that new money forms embed themselves in the marketplace.
Up until that time, it was assumed that money and payment systems had been
invented and imposed by the state.
Money is a social phenomenon, with its roots in the barter economy; payment
systems evolved out of the barter economy—and empowered buyers and sellers—with
the development of money as a medium of exchange. Buyers and sellers recognized that
doing business became much more efficient if everyone used a commonly accepted form
of payment.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The notion of money continues to evolve, driven by overwhelming marketplace
preference for increased convenience and efficiency, and decreasing risk and costs.
The modem payment card system is an excellent example of this organic,
socially-driven growth-the creation of new forms of exchange that continue to make life
easier and more efficient.
So long as the human condition continues to change, payment systems will
continue to evolve, driven by those powerful market forces.

Digital Payment Requirements:-

For any digital payment system to succeed, the criteria given in Table 6.4 ought to
be satisfied.
TABLE 4.4
DIGITAL PAYMENT REQUIREMENTS
Criteria Need for the criteria
Acceptability Payment infrastructure needs to be widely accepted.
Anonymity Identity of the customers should be protected
Convertibility Digital money should be convertible to any type of fund.
Efficiency Cost per transaction should be near zero.
Integration Interfaces should be created to support the existing system.
Scalability Infrastructure should not breakdown if new customers and
merchants join.
Security Should allow financial transactions over open networks.
Reliability Should avoid single points of failure.
Usability Payment should he as easy as in the real world,

Online Payment Categories

Online payments can be broadly divided into three categories as shown in Table 6.5.

TABLE 4.5 ONLINE PAYMENT CATEGORIES

Category Description
Micropayment Transaction value less than 5 euros or dollars. Transaction costs
are nearly zero.
Consumer payments Transaction value between 5 and 500 euros or dollars.
Payments are executed by credit card transactions. Transaction
Business payments value more than 500 euros or dollars.
Debit cards or invoices are appropriate solutions in this system.

E-payment systems are proliferating in banking, retail, healthcare, online markets,

and even in government–in fact, anywhere money needs to change hands. Organizations
are motivated by the need to deliver products and services more cost-effectively and to
provide a higher quality of service to customers. Research into e-payment systems for
consumers can be traced back to the 1940s, and the first applications, the credit cards,
appeared soon after. In the early 1970s, the emerging electronic payment technology was
labelled electronic funds transfer (EFT). EFT is defined as:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
any transfer of funds initiated through an electronic terminal, telephonic
instrument, or computer or magnetic tape so as to order, instruct, or authorize a
fine new institution 10 debit or credit an account,

EFT utilizes computer and telecommunication components, both to supply and to

transfer money or financial assets. Transfer is information-based and intangible. Thus
EFT stands in marked contrast to conventional money and payment modes that rely on
physical delivery of cash or cheques (or other paper orders to pay) by truck, train, or
airplane.
Since 1947. significant changes have taken place in funds transfer. You can find
them listed here, in Table 6.6.

TABLE 4.6
SIGNIFICANT INNOVATIONS IN MODERN PAYMENT SYSTEMS
Year Innovations
1947 Flatbush National Bank issues first general-purpose credit
card, for use in select New York shops.
1950 Diners Club Charge Card introduced.
mid-1950s The development of magnetic ink character recognition
(MICR) facilitated more timely processing of cheques, sealed
the cheque's standing as the preferred non-cash payment
option.
1958 BankAmerica, in Fresno, California, executes the first mass
mailing of credit cards.
1967 Westminster Bank installs the first automated teller machine
at Victoria, London branch.
1970 The New York Clearing House launches CHIPS--the
Clearing House Interbank Payments System which provides
US dollar funds transfer and transaction settlements online
and in real time.
late 1970s Chemical Bank launches its Pronto system providing 3000
computer terminals to customers' homes linked to its central
computers by telephone. It offers a range of facilities: balance
inquiries, money transfers between Chemical Bank accounts,
and bill payments to selected local stores. The stumbling
block for first-generation home-banking systems in general
was, who is to pay for the terminals at home?
1985 Electronic Data Interchange (EDI) extensively used in bank-
to-bank payment systems.
1994 Digital cash trials by DigiCash of Holland conducted online.
1995 Mondex electronic currency trials begin in Swedon, England.

Digital Token-based E-payment Systems :-

The introduction of charge cards in the early 1900s, beginning with western union
in 1914, represented a breakthrough in payments. But while these cards enhanced
customer loyalty and stimulated repeat behaviour, they were generally limited to the local
market, or in store use.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In 1958, Bank of America took a major step forward, introducing what eventually
became the modern credit card. Based on extensive test marketing in Fresno, California,
it became clear there was a large market for a general purpose bank card featuring a
revolving credit facility and wide acceptance.
With the launch of Bank of America's card, the consumer was not tied to one
merchant or product, but was now free to make credit purchases at a wide range of
outlets. As the adoption of the bank card grew, the potential size of the market for
transactions expanded geometrically. It was a profound turning point in the history of
money.
The development of the modern electronic payment network took an important
step forward in the mid-1970s, with the creation of a global joint venture that would
eventually be known as visa.
Through shared investments, the visa association created a global system to
authorize transactions, clear and settle electronic payments, codify operating regulations
to protect consumers and merchants alike, and set interoperability standards to ensure
that, unlike cash and cheques, a visa card could be used anywhere in the world.
Two developments in the 1990s further broadened the utility of electronic
payments.
Debit cards, a popular "pay non product, allowed consumers to access funds in a
demand deposit account to conduct transaction at the point of sale; and e-commerce
emerged as mainstream business channel, both relying on and stimulating electronic
payments.
The rapid adoption of these relatively recent developments demonstrate the speed
at which the payments landscape is changing. Looking forward, there is broad
experimentation in ways to migrate electronic payment functions into consumer devices
such as mobile phones, PDAs, and other popular electronic products.
This process is well underway in some European and Asian markets where mobile
phones are nearly as ubiquitous as payment cards. Visa describes this new range of
payment choices as "u-commerce," or universal commerce the ability to conduct
commerce anywhere, anytime, or any way.
This shift in consumer preference is driving major changes in personal consumer
expenditures (PCE). The growth in card usage as a share of PCE continues to expand
relative to cash and cheques.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Also, in most markets around the world, the use of cash and cheques is declining-
a trend that is likely to continue. The trend away from cash and cheques is driven by well
established benefits of electronic payments to all parties.

Benefits to Buyers :-
 Convenience of global acceptance, a wide range of payment options, and
enhanced financial management tools.
 Enhanced security and reduced liability for stolen or misused cards.
 Consumer protection through an established system of dispute resolution.
 Convenient and immediate access to funds on deposit via debit cards.
 Accessibility to immediate credit. Intuitively, the comparative cost of arranging
for a consumer loan relative to the ability to obtain credit at the point of sale is
substantial in considering both the direct processing costs as well as the implicit
opportunity costs to borrower and lender.

Benefits to Sellers:-
 Speed and security of the transaction processing chain from verification and
authorization to clearing and settlement.
 Freedom from more costly labour, materials and accounting services that are
required in paper-based processing.
 Better management of cash flow, inventory and financial planning due to swift
bank payment.
 Incremental purchasing power on the part of the consumer.
 Cost and risk savings by eliminating the need to run an in-house credit facility.

A dramatic example of the efficiencies created by electronic payments can be

seen in the public sector, where governments have used innovations such as purchasing
card to reduce paperwork, enhance financial controls, and create more robust accounting
and financial data.

Convenience :-
Anyone who has searched through pockets for exact change for parking, fumbled
with foreign currency, paid exorbitant foreign exchange commissions, tried to cash a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
cheque in another country or been concerned about carrying a large roll of banknotes can
appreciate the convenience of payment cards.
Fundamental to this convenience is the virtually ubiquitous acceptance and utility,
whether it is an apparel store in Paris or a crafts shop in Nepal. Payment cards work in
brick and mortar environments, over the phone, on the Internet, and through the post.
Applications are underway that support new uses such as recurring payments,
insurance and payroll disbursements, rent and utility bills, and small ticket transactions
such as vending machines and car parks.
Consumers place an enormous value on convenience, although this paper has not
attempted to measure it. The sheer convenience of being able to access cash at an ATM
or conduct a transaction directly at the point of sale with a credit or debit card clearly has
had an impact on economic growth.
None of the banking or retailing payment methods in their present form are
completely adequate for the consumer-oriented e-commerce environment. Their
deficiency is their assumption that the parties will, at some time or other, be in each
other's physical presence or that there will be a sufficient delay in the payment process
for frauds, overdrafts, and other undesirables to be identified and corrected.
These assumptions may not hold good for e-commerce and so, many of these
payment mechanisms are being modified and adapted for the conduct of business over
networks.
Entirely new forms of financial instruments are also being developed. One such
new financial instrument is electronic tokens, which are available in the form of
electronic cash/ money or cheques. Electronic tokens are designed as electronic
analogues of various forms of payment backed by a bank or a financial institution.
Simply stated, electronic tokens are equivalent to cash that is backed by a bank.

Credit Cards as E-payment Systems :-

Without doubt, the basic means of payment used and initiated via the Internet for
consumer transactions till date is the credit card. Credit cards have proved popular for a
number of reasons as the following:
1. The system is familiar to users and was widely used before the advent of e-
commerce, thus bolstering the users' confidence.
2. Transaction costs are hidden from users (i.e. basically met by sellers, and passed
on to all customers, not just credit card users).
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
3. Payment is simple anywhere and in any currency, thus matching the global reach
of the Internet.
4. The credit-issuing company shares the transaction risk; helping overcome
consumers' fear and reluctance to buy goods they have not actually seen, from
sellers they do not know (in the physical world this function was important
because it enabled sellers to take payment from buyers they do not know; online
this trust relationship is needed in both directions).

The disadvantages of credit cards for e-commerce include the fact that they cannot be
used directly for small value payments or peer-to-peer transactions.

Disadvantages of Credit Cards :-

Credit cards have their own disadvantages. First, the relatively high transaction
cost makes them impractical for small-value payments. Second, they cannot be used
directly by individuals to make payments to other individuals (peer-to-peer transactions).
Third, protecting the security of transactions is vital, especially in the virtual
world where there is no payment guarantee to the merchant by a bank. Users' fears about
security issues seem to be a consequence of the newness and relative unfamiliarity of the
medium, rather than the real risks involved in the system.
E-payments in India :-
India's payment system is evolving to support e-payments in tandem with paper-
based payments after the Reserve Bank of India started promoting automation in the
banking industry in the 1990s.
The RBI initially set up an electronic clearing service (ECS) to clear low-value,
large-volume payments such as direct credits and debits within four days, and this drive
succeeded despite the varying automation levels of India's banks.
Just recently, the RBI also built out the national EFT system for a special EFT
(SEFT) system to act as a key component of India's e-payment system and to resolve last-
mile connectivity issues between entities, according to FinanceAsia.com.
Payment systems such as ECS and SEFT will in turn promote credit and debit
card use in India, while the issuance of chip-based payment cards is expected to take off
quickly.
Once the RBI rolls out its real-time gross settlement system (RTGS), India's
banks and businesses will be better able to use the Internet to realize the value of e-
payments to their operations.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
For greater automation in India's payment system, the RBI has also linked
clearing houses via Infinite (Indian Financial Network, a telecom network), set up a
centralized funds management system (CFMS), and centralized the payments and
settlement systems.
While India is unlikely to achieve a national e-payment infrastructure in the
immediate future, ―banks that do not invest or are unable to upgrade their technology will
be at a significant disadvantage‖, according to FinanceAsia.com.
New e-payment systems will enable banks to offer their clients value-added
services and support the propagation of e-payments to their suppliers.
Banks doing so optimize the management of their funds and boost their
productivity, while enterprises improve their receivables management for greater
payments efficiency, reduced operating costs and better risk management.
Credit card issuers have solid opportunities in the Indian market, with projections
for 2005 ranging from 10 million to 14 million cards, up from about 6 million in early
2003, according to Electronic Payments International. Merrill Lynch also reports that
card transaction volumes have risen 41 per cent in 2003 over 2002, to $2.2 billion, with a
total of $5.3 billion likely by 2005.
In terms of card numbers, annual growth of 20 per cent to 25 per cent is expected
through 2005, when some analysts expect 14 million to 15 million credit cards to be in
issue, even though debit cards are overtaking credit cards in popularity.
India's payments market is still dominated by cash and cheques, but almost every
bank issues credit cards, with MasterCard being the acknowledged leader in terms of
market penetration, at 4.21 million, or 84 per cent of cards.
Visa leads in terms of card usage, and in 2002 had 64 per cent of transaction
volume, EPI reports, with a similar ratio in the debit card market, in which MasterCard
has 57 per cent of cards issued, but only a 29 per cent share of transaction volume. Debit
cards are fuelling India's cards market, given its credit averse consumers, and the country
was Visa's fastest-growing market for card issuance in 2003.
Merchant and consumer use of credit cards in India has been restricted both by
government laws requiring credit cardholders to lodge a tax return, and by the anonymity
of cash, which does not leave audit trails.
Most merchants are small, family-run businesses, and do not see credit card
acceptance as beneficial, while cardholders must pay a 5 per cent tax on all transactions
made. Credit card issuers are however on standby to tap an expanded market for credit
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
cards that is expected to result from strong growth in India's economy, which is in turn
boosting average household incomes and demand for credit cards.

Security Issue and Encryption :-

What has proven to be a problem from the security point of view is not
interception, but authentication. Some of the most serious cases of online fraud seem to
be involved with the use of details of cards used in traditional ways (e.g. payments slips
collected from among paper wastes).
Having collected the card numbers, by some means, fraudsters exploit the
anonymity of the Internet to use the details and make untraceable purchases (when
making cross-border purchases, they may be further aided by the fact that the address-
verification system used by merchants to compare billing and delivery information in the
US is useless overseas).
In response to this threat, credit-issuing companies are planning to implement
measures such as the use of smart cards to improve authentication. Also in the US, Visa
and MasterCard and others have joined forces to develop the Secure Electronic
Transactions (SET) standard for online payments; a single technical specification for
safeguarding payment card purchases made over open networks. It includes digital
signatures and digital certificates for all parties involved: customers, merchants, and
financial institutions.
SET combines a range of cryptographic means, using algorithms based on DES
(Data Encryption Standard) and RSA (the encryption algorithm invented by Rivest,
Shamir and Adlem: n in 1976).

US Credit Card Fraud Statistics, 2000-2007

Year Total fraud (USD Online fraud rates Amount of online

mn) fraud (USD mn)
2000 1,663.7 3.0% 823.65
2001 1,750.5 2.5% 852.63
2002 1.823.7 2.1% 857.85
2003 2.373.2 2.5% 1,227.88
2004 2.664.9 2.4% 1,456.92
2005 2.745.4 2.2% 1,611.39
2006 3.028.8 2.0% 1,729.00
2007 3.212.7 2.0% 1,988.35

Source: Celent Communications, via. Lafferty Publications.

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
How Online Fraud is Committed
How Online Fraud is Committed in the US.

Method Percentage
Lost or stolen card 48%
Identity theft 15%
Skimming (or cloning) 14%
Counterfeit card 12%
Mail intercept fraud 6%
Other 5%

Source: Celent Communications, January 2003.

E-payment Security in Indian Banks :-

Five banks in India-ICICI Bank, State Bank of India, Bank of Baroda, IndusInd
Bank and Citibank (India) have started a pilot EMV program in partnership with Indian
tech consortium, Zero-Mass, and Bell ID.
The State Bank of India is to provide clearing and settlement for the pilot, which
will use Bell ID's ANDIS4EMV solution to manage the lifecycle of the chip-based credit
and debit cards. Even after the cards are issued. issuers can use the card management
software to add, modify and delete applications, while managing data preparation, risk
parameter management, and key processing.
Separately, MasterCard, POS terminal provider. Dione, and ATM supplier, NCR,
are to equip the Indian market for debit cards which local banks are starting to issue to
their savings and current accountholders.
Dione and NCR will offer their turnkey solution to banks and third-party
processors, while MasterCard members in India are expected to issue over 5 million debit
cards by the end of 2003.
The Dione POS terminal to be used in this partnership is a compact countertop
EMV level 1 and 2 model, which enables either the cardholder cr the cashier to enter the
card, and accepts both mag-stripe and PIN-secured chip cards
India's KarurVysya Bank has meanwhile launched Smart Cash, a global debit
card that is powered by the Visa Electron platform, to enable its ATM customers to use
their cards as debit cards.
Since Visa South Asia has 10 million debit card members in India, and over
70,000 affiliated merchants, Visa is keen to extend its Electron debit operations to rural
and semi-rural locations in India.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
United Bank of India (UBI) is also to offer a debit card to all its savings account
holders from January 2004, to help customers better manage their finances and reduce the
use of paper cash or cheques.

Encryption and Credit Cards :-

Encryption is instantiated when credit card information is entered into a browser
or other e-commerce device and sent securely over the network from a buyer to a seller as
an encrypted message.
This practice however, does not meet the important requirements of an adequate
financial system, such as non-refutability, speed, safety, privacy, and security. To make a
credit card transaction truly secure and non-refutable, the following sequence of steps
must occur before actual goods, services, or funds flow:
1. A customer presents his or her credit card information (along with an
authenticity signature, or other information such as mother's maiden name)
securely to the merchant.
2. The merchant validates the customer's identity as the owner of the card account.
3. The merchant relays the credit card charge information and signature to its bank
or online credit card processors.
4. The bank or processing party relays the information to the customer's bank
for authorization approval.
5. The customer's bank returns the credit card data, charge authentication, and
authorization to the merchant.

In this scheme, each consumer and each vendor generates a public key and a
secret key. The public key is sent to the credit card company and put on its public key
server. The secret key is re-encrypted with a password, and the unencrypted version is
erased.
To steal a credit card number, a thief would have to get access to both a
consumer's encrypted secret key and password. The credit card company sends the
consumer a credit card number and a credit limit.
To buy something from vendor X, the consumer sends vendor X the message, ―It
is now time T. I am paying Y dollars to X for item Z.‖ Then the consumer uses his or
her password to sign the message with the public key.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The vendor will then sign the message with its own secret key and send it to the
credit card company, which will bill the consumer for Y dollars and give the same
amount (less the fee) to X.
Nobody can cheat in this system. The consumer cannot claim that he did not agree
to the transaction, because he has signed on it (as in everyday life). The vendor cannot
levy fake charges, because he does not have access to the consumer's key.
He cannot impose the same charge twice, because the consumer has included the
precise time in the message. To become more useful, credit card systems will have to
develop distributed key servers and card checkers. Otherwise, a concentrated attack on
these sites could bring the system to a halt.
Support for Privacy Enhanced Mail (PEM) and Pretty Good Privacy (PGP)
encryption 'has been built into several browsers. Both of these schemes can be
substantially bolstered with the addition of encryption to defeat snooping attacks.
Unfortunately, whether existing credit card companies will accept digital
signatures as real signature is not clear. And so, vendors will have a difficult time when
customers dispute the charges made using encrypted credit card numbers over the
Internet.
When credit card companies do decide to accept digital signatures, they also need
to maintain a public server with all the public keys. This method assumes that the credit
card company will keep the vendor honest, as is the case with traditional credit card
transactions. E-payment processing is not an inexpensive proposition, however. But
neither is it fraudulent.
If e-commerce takes off and small transactions increase without a fully encrypted
system in place, fraud will become expensive all the more.
Providing credit card processing service for numerous half-dollar and one-dollar
transactions may not be financially attractive, compared to the average credit card
transaction of about $60.
If this process is extended to all of the micropayment services that are ultimately
available over the Internet (e.g. 20-cent file transfers and $1 video game rentals), the
overall processing load on key system components are likely to become unmanageable or
commercially non-viable unless a significant amount of automation takes place. To solve
this problem, third-party payment processors can be undertaken.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Business Pros and Cons of Credit Card-based Payment :-
Third-party processing for credit cards entails a number of pros and cons. These
companies are chartered to give credit accounts 10 individuals and act as bill collecting
agencies for businesses. Consumers use credit by presenting them for payment and then
paying an aggregate bill every month. Consumers pay either by flat fee or individual
transaction charge service.
Merchants get paid for the credit card drafts that they submit to the credit card
company. Businesses get charged a transaction charge ranging between 1 per cent to 3
per cent for each draft submitted.
Credit cards have advantages over cheques in that, the credit card company
assumes a larger share of financial risk on both the buyer and the seller in a transaction.
Buyers can sometimes dispute a charge retroactively and have the credit card company
act on their behalf.
Sellers are ensured that they will be paid for all their sales and they need not
worry about the fraud. This becomes a convenience for the buyer in that, the credit card
transactions are usually quicker and easier than cheque (and sometimes even cash)
transactions. One disadvantage to credit cards is that their transactions are not
anonymous, and credit card companies do in fact compile valuable data about spending
habits.
Record keeping with credit cards is one of the features consumers value most,
because of disputes and mistakes in billing. Disputes may arise because different services
may have different policies.
For example, an information provider might charge for partial delivery of a file
(the user may have abandoned the session after reading a part of the file), and a movie
distributor might charge depending on how much of the video had been downloaded.
The cause of interrupted delivery needs to be considered while resolving disputes.
In general, implementing payment policies will be simpler when payment is made by
credit card rather than by cash.
The complexity of credit card processing takes place in the verification phase, a
potential bottleneck. If there is a lapse in time. between the charging and the delivery of
goods or services (for example, when an airline ticket is purchased well in advance of the
date of travel), the customer verification process is simple because it does not have to be
done in real time.
In fact, all the relaying and authorizations occur after the customer merchant
transaction is completed, unless the authorization request-is-denied. However, if the
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
customer wants a report (or even a digital airline ticket) to be downloaded into a PC or
other information appliance immediately at the time of purchase, many message relays
and authorizations take place in real time, while the customer waits.
Such exchanges may require many sequence-specific operations, such as staged
encryption and decryption and exchanges of cryptographic keys.
Encryption and transaction speed must be balanced however, as research has
shown that online users get impatient and typically wait for 20 seconds before pursuing
other actions. Hence, online credit card users must find the process to be accessible,
simple, and fast.
Speed will have design and cost implications, as it is a function of network
capabilities, computing power available at every server, and the specific form of the
transaction. The infrastructure supporting the exchange must be reliable.
The user must feel confident that the supporting payment infrastructure will be
available on demand and that the system will operate reasonably well, regardless of
component failures or system load conditions. The builders and providers of this
infrastructure are aware of customer requirements and are in fierce competition to fill
those needs.

The Mobile Payments :-

The biggest wildcard in the e-commerce and e-payment field at the moment is the
way mobile Internet access develops.
Already schemes such as Internet access via SMS (short message service), and
pre-paid re-loadable cards are in place, allowing payment to be made via a mobile phone.
The use of the SIM card in the user's mobile phone as part of a payment system implies a
shift in the roles of both banks and telephone operators.

Classification of New Payment Systems :-

For the time being, the New Payment Systems can be roughly divided into 2
groups: one, using smart cards, and the other using the Internet. Traditional payment
instruments such as cash, cheques, credit cards, EFT/POS, and account transfer have
strong points convenience and ease of circulation—but they are weak due to their high
handling costs.
The New Payment Systems are an experiment to augment payment instruments
with the use of networks and electronics, while maintaining the strength of the older
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
systems. The methods to be used by the New Payment Systems as in Table 6.7 can be
classified in the following manner:
1. Cash substitution
2. Cheque substitution
3. Credit card substitution
4. Account transfer substitution systems.

TABLE 4.7
GROUPS AND EXAMPLES OF THE NEW PAYMENT SYSTEMS

Technology Substitution Circulation within the banking Circulation outside

system the banking system
Smart Card Cash Visa International: Visa Cash Mondex
Electronic Payment Services: International:
SmartCash Mondex
Cash CyberCash: CyberCoin Digicash: e-cash
Cheque Checkfree:Check:Free Payment
Services
FSTC: Electronic Check
Internet Credit Card CyberCash: Credit Card Service
First Virtual Holdings: Internet
Payment System
EFT Intuit: Quicken
Microsoft: Money
Meca Software:
Managing Your Money
Cardinal Bancshares;
Security First Network Bank

Smart Card Cash Payment System :-

We will first look at the smart card-based cash payment system. In the early
1990s, a payment system for low value amounts using smart cards was first introduced in
Europe.
Most of these methods are known as stored value cards or electronic purse
system. Units of prepayment or currency value are electronically stored on an IC chip
imbedded in these cards. When purchases are made, the payment is effected through
these units of electronic value.
Smart cards are credit au debit cards and other card products enhanced with
microprocessors, capable of holding more information than the traditional magnetic
stripe. The chip, at its current state of development, can store significantly greater
amounts of data, estimated to be 80 times more than a magnetic stripe.
The smart card technology is widely used in countries such as France, Germany,
Japan and Singapore to pay for public phone calls, transportation, and shopper loyalty
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
programmes. The idea has taken longer to catch on in the United States, since a highly
reliable and fairly inexpensive telecommunications system has favoured the use of credit
and debit cards.
Smart cards are basically of two types: relationship-based smart credit cards and
electronic purses. Electronic purses, which replace money, are also known as debit cards
and electronic money.
The benefits of smart cards will rely on the ubiquity of devices called smart card
readers that can communicate with the chip in a smart card. In addition to reading from
and writing to smart cards, these devices can also support a variety of key management
methods. Some smart-card readers combine elements of a personal computer, a point-of-
sale terminal, and a phone to allow consumers to quickly conduct financial transactions
without leaving their homes.
In the simplest form, the card reader features a two-line with a 16-character
display that can show both the prompt and the response entered by che user. Efficiency is
further enhanced by colour-coded function keys, which can be programmed to perform
the most frequently used operations in a single key stroke. It can communicate via an RS-
232 serial interface with the full range of transaction automation systems, including PCs
and Electronic Cash Registers (ECRs).
Card readers in the form of screen phones are becoming more prominent.
Proponents of screen phone applications have long stated that consumers, familiarity with
phones gives screen phones an entry that computers cannot match. Some screen-based
phones feature a four-line screen, a magnetic stripe card reader, and a phone keypad that
folds away to reveal a keyboard for use in complex transactions. The phone prompts the
users for transactions, using menus patterned on those found on automated teller
machines.
Smart card readers can be customized for specific environments. The operating
environment allows programmers to use the C programming language to create and
modify applications without compromising the device's security functions.
The development system for most card readers even comes with pre-coded
modules for accelerated application development. To promote smart card usage, the
Smart Card Forum—a group of about 130 businesses and government agencies is
drawing up common specifications to promote the use of multiple application smart cards
useable for every kind of payments.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Micropayment Systems
VISA Cash of Visa International :-
Visa International, the world's largest credit card company, introduced their own
stored value card (VISA Cash) in 1995 under license from and incorporation of the
technology developed by Danmont in Denmark.
In the system of VISA Cash, the transaction is made on an existing financial
network of Visa, where large value payments are also transacted. The level of security is
quite high. However, as all transaction data go through the data centres of Visa
International, anonymity could be jeopardized.
The transactions handled here are different from transactions by credit card. The
user's identification and authentication are not required at the time of payment. Each bank
does clearing of units of prepayment and deposit; thus the person concerned cannot be
identified. In this manner, it provides anonymity. The operational cost is relatively high,
since all transactions pass through the network for settlement at banks.

Mondex of MondexInternational :-
We will now explore the system of Mondex which has been developed by
National Westminster Bank (hereafter, Nat West Bank), a major commercial bank in
Britain.
In December 1993. Nat West Bank announced an electronic low value payment
system. calledMondex. Mondex can be classified as a cash substitution system using
smart cards, which in a sense is the same as VISA Cash, but the concept is notably
different. In the Mondex system, there is one issuing body—the originator of electronic
value in the currency of the country.
This originator basically serves as an issuing bank in the Mondex system and
issues to the Mondex member banks, the equivalent amount of electronic Mondex Value
in exchange for prime negotiable instruments or cash. Consumers as cardholders load
Mondex value on their card from a bank ATM, or a Mondex telephone.
It can then be used as cash for shopping. Using a wallet, which resembles a
pocket calculator, customers can also exchange electronic value between individuals.
Therefore, once the electronic value has been drawn from a bank, only the person
involved in the transaction knows the history of the monetary movement.
No one else can trace it. In addition, using a private or a public telephone
connected to the Mondex system. the electronic value can be withdrawn, deposited, or
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
sent to a person at a remote location over the telephone network. By adding reader/writer
functions to a personal computer, it will also be possible to send money over the
Internet.

Properties of Electronic Cash (E-cash)

There are many ways of implementing an e-cash system. Specifically, e-cash
must have the following four properties: monetary value, interoperability, retrievability,
and security.
E-cash must have a monetary value; it must be backed by either cash (currency), a
bank-authorized credit, or a bank-certified cashier's cheque. When e-cash created by
one bank is accepted by other, reconciliation must occur without any problems. Stated
another way, e-cash without proper bank certification carries the risk that when
deposited, it might be returned for insufficient funds.
E-cash must be interoperable, that is, exchangeable as payment for other e-cash,
paper cash, goods or services, lines of credit, deposits in banking accounts, bank notes or
obligations, electronic benefits transfers, and the like. Most e-cash proposals use a single
bank. In practice, multiple banks are required with an international clearing house that
handles the excharige ability issues because all customers are not going to use the same
bank or even be in the same country.
E-cash must be storable and retrievable. Remote storage and retrieval (e.g. from a
telephone or a personal communications device) would allow users to exchange e-cash
(e.g. withdraw from and deposit into banking accounts), from home or office or while
travelling.
The cash could be stored on a remote computer's memory, in smart cards, or in
other easily transported standard or special-purpose devices. Since it is easy to create
counterfeit cash that is stored in a computer, it is preferable that cash is stored on a
dedicated device that cannot be altered.
This device should have a suitable interface to facilitate personal authentication
using passwords or other means and a display so that the user can view the card's
contents. One example of a device that can store e-cash is the Mondex card—à pocket-
sized electronic wallet.
E-cash should not be easy to copy or tamper with while being exchanged. This
includes preventing or detecting duplication and double-spending. Counterfeiting poses a
particular problem, since a counterfeiter may, in the Internet environment, be anywhere
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
in the world and consequently be difficult to catch without appropriate international
agreements.
Detection is essential in order to audit whether prevention is working or not.
Then there is the tricky issue of double spending. For instance, you could use your e-cash
simultaneously to buy something in Japan, India, and England. Preventing double-
spending from occurring is extremely difficult is multiple banks are involved in the
transaction. For this reason, most systems rely on post-fact detection and punishment.

E-cash in Action :-
E-cash is based on cryptographic systems called digital signatures. This method
involves a pair of numeric keys (very large integers or numbers) that work in tandem: one
for locking (or encoding), and the other for unlocking (or decoding).
Messages encoded with one numeric key can only be decoded with the other
numeric key and none other. The encoding key is kept private and the decoding key is
made public.
By supplying all customers (buyers and sellers) with its public key, a bank
enables customers to decode any message (or currency) encoded with the bank's private
key.
If decoding by a customer yields a recognizable message, the customer can be
fairly confident that only the bank could have encoded it. These digital signatures are as
secure as the mathematics involved and have proved over the past two decades to be
more resistant to forgery than handwritten signatures.
Before e-cash can be used to buy products or services, it must be procured from a
currency server.

Purchasing E-cash from Currency Servers :-

The purchase of e-cash from an online currency server (or bank) involves two
steps: (i) establishment of an account, and (ii) maintaining enough money in the account
to back the purchase. Some customers might prefer to purchase e-cash with paper
currency, either to maintain anonymity or because they do not have a bank account.
Currently, in most e-cash trials, all customers must have an account with a central
online bank. This is too restrictive for international use and multicurrency transactions,
for customers should be able to access and pay for foreign services as well as local
services. To support this access, e-cash must be available in multiple currencies backed
by several banks.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
A service provider in one country could then accept tokens of various currencies
from users in many different countries, redeem them with their issuers, and have the
funds transferred back to banks in the local country.
A possible solution is to use an association of digital banks similar to
organizations like VISA to serve as a clearing house for many credit card issuing banks.
And finally, consumers use the e-cash software on the computer to generate a
random number, which serves as the "note―. In exchange for money debited from the
customer's account, the bank uses its private key to digitally sign the note for the amount
requested, and transmits the note back to the customer.
The network currency server, in effect, is issuing a "bank note" with a serial
number and a dollar amount. By digitally signing it, the bank is committing itself to back
that note with its face value in real dollars.
This method of 'note' generation is very secure, as neither the customer (payer)
nor the merchant (payee) can counterfeit the bank's digital signature (analogous to the
watermark in paper currency).
Payer and payee can verify the validity of the payment since each knows the
bank's public key. The bank is protected against forgery, the payee against the bank's
refusal to honour a' legitimate note, and the user against false accusations and invasion of
privacy.
How does this process work in practice? In the case of DigiCash, every person
using e-cash has an e-cash account at a digital bank (First Digital Bank) on the Internet.
Using that account, people can withdraw and deposit e-cash.
When an e-cash withdrawal is made, the PC of the e-cash user calculates how
many digital coins and of what denominations are needed to withdraw the requested
amount. Next, random serial numbers for those coins will be generated and the blinding
(random number) factor will be included.
The result of these calculations will be sent to the digital bank. The bank will
encode the blinded numbers with its secret key (digital signature) and at the same time
debit the account of the client for the same amount.
The authenticated coins are sent back to the user and finally the user will take out
the blinding factor that he or she introduced earlier. The serial numbers plus their
signatures are now digital coins whose value is guaranteed by the bank.
E-cash can be completely anonymous. Anonymity allows freedom of usage to
buy illegal products, such as drugs or pornographic material, or to buy legal products and
services. This is accomplished in the following manner.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
When the e-cash software generates a note, it masks the original number or
"blinds" the note using a random number and transmits it to a bank.
The "blinding" carried out by the customer's software makes it impossible for
anyone to link the payment to the payer. Even the bank cannot compare the signature
with that of the payment, since the customer's original note number was blinded when it
was signed.
In other words, it is a way of creating anonymous, untraceable currency, What
makes it even more interesting is that the users can prove unequivocally that they did or
did not make particular payment. This allows the bank to sign the "note‖ without even
actually knowing how the issued currency will be used.

Using the Digital Currency :-

Once the tokens are purchased, the e-cash software on the customer's PC stores
digital money undersigned by a bank. The user can spend the digital money at any shop
accepting e-cash, without having to open an account there or having to transmit credit
card numbers, As soon as the customer wants to make a payment, the software collects
the necessary amount from the stored tokens.
Two types of transactions are possible: bilateral and trilateral. Typically,
transactions involving cash are bilateral or two-party (buyer and seller) transactions,
whereby the merchant checks the veracity of the note's digital signature by using the
bank's public key.
If satisfied with the payment, the merchant stores the digital currency on his
machine and deposits it later in the bank to redeem the face value of the note.
Transactions involving financial instruments other than cash are usually trilateral or
three-party (buyer, seller, and bank) transactions, whereby the "notes" are sent to the
merchant, who immediately sends them directly to the digital bank.
The bank verifies the validity of these "notes" and that they have not been spent
before. The account of the merchant is credited. In this case, every "note" can be used
only once.
In many business situations, the bilateral transaction is not feasible because of the
potential for double spending, which is equivalent to bouncing a cheque. Double
spending becomes possible because it is very easy to make copies of the e-cash, forcing
banks and merchants to take extra precautions.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
To uncover double spending, banks must compare the notes passed on to it by the
merchant against a database of spent notes. Just as paper currency is identified with a
unique serial number, digital cash can also be protected.
The ability to detect double-spending has to involve some form of registration so
that all ―notes‖ issued globally can be uniquely identified. However, this method of
matching notes with a central registry has problems in the online world. For most systems
which handle high volumes of micropayments, this method would simply be too
expensive.
In addition, the problem of double-spending means that banks have to carry added
overhead because of the constant checking and auditing of logs.
Double spending would not be a major problem if the need for anonymity is
realized. In such situations, when the consumer is issued a bank note, it is issued to that
person's unique license.
When he or she gives it to someone else, it is transferred specifically to that other
person's license. Each time the money changes hands, the previous owner adds a tiny bit
of information to the bank note, based on the bank note's serial number and his or her
license. If somebody attempts to spend money twice, the bank will now be able to use
the two bank notes to determine who the cheater is.
Even if the bank notes pass through many different people's hands, the culprit
will get caught, and none of the other people will ever come to know of it.
The downside is that the bank can tell precisely what your buying habits are since
it can check the numbers on the e-cash and the various merchant accounts that are being
credited: Many people feel uncomfortable, letting others know this personal information.
One drawback of e-cash is its inability to be easily divided into smaller amounts.
It is often necessary to get small denomination change in business transactions. A number
of variations have been developed for dealing with the ―change‖ problem.
For the bank to issue users with enough electronic coins‖ of various
denominations is cumbersome in communication and storage.
To overcome this problem, customers are issued a single number called an "open
cheque", that contains multiple denomination values sufficient for transactions up to a
prescribed limit.
At payment time, the e-cash software on the client's computer would create a note
of the transaction value from the ―open cheque‖.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Operational Risk and E-cash :-
Operational risk associated with e-cash can be mitigated by imposing constraints,
such as limits on (i) the time over which a given electronic money is valid, (ü) the amount
than can be stored on and transferred by electronic money, (iii) the number of exchanges
that can take place before money needs to be re-deposited with a bank or a financial
institution, and (iv) the number of such transactions that can be made during a given
period of time.

Legal Issues and E-cash :-

Electronic cash will force bankers and regulators to make tough choices that will
shape the form of lawful commercial activity related to e-commerce. As a result of the
very features that make it so attractive to many, cash has occupied an unstable and an
uncomfortable place within the existing taxation and law enforcement systems.
Anonymous and virtually untraceable cash transactions today occupy a place in a
kind of underground economy. This underground economy is generally confined to
relatively small-scale transactions because paper money in large quantities is
cumbersome lo use and manipulate, organized crime being the obvious exception.
As long as the transactions are small in monetary value, they are tolerated by the
government as an unfortunate but largely insignificant by-product of the modern
commercial state.
As transactions get larger, the government becomes more suspicious and enlists
the aid of the banks through the various currency reporting laws in reporting large
disbursements of cash, so that additional oversight can be ordered.
Consider the impact of e-cash on' taxation. Transaction-based taxes (e.g. sales
taxes) account for a significant portion of state and local government revenue.
But if e-cash really is made to function the way that paper money does, payments
we would never think of making in cash-to buy a new car, or as a down payment on a
house-could be made in this new form of currency, because there would be no problem of
bulk and no risk of robbery.
The threat to the government's revenue flow is a very real one, and officials in
government have started to take cognizance of this development and prepare their
responses.
To prevent an underdeveloped economy, the government through law, may
prevent a truly anonymous and untraceable e-cash system from developing. Just as
powerful encryption schemes permit the design of untraceable e-cash systems, so too, do
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
powerful electronic record-keeping tools permit the design of traceable systems-systems
in which all financial transactions are duly recorder! in some database, allowing those
with access to know more about an individual than anyone could know today.
Anything that makes cash substantially easier to use in a broader range of
transactions, holds the potential to expand this underground economy to proportions
posing ever more serious threats to the existing legal order.
Under the most ambitious visions of e-cash, we can see a new form of currency
that could be freely passed off from one computer to another with no record, yet
incapable of being forged.
A consumer can draw such e-cash electronically from his or her bank. The bank
has a record of that transaction, just as a withdrawal or a cheque is recorded now. But
after that, the encrypted e-cash file could be handed off without the knowledge of anyone
but the parties involved in the transaction.
However, as politics and business play their role, technology is forcing legal
issues to be reconsidered. The question e-cash poses is not, ―Should the law take notice
of this development?‖' but rather, "How can it not?‖ By impacting revenue-raising
capabilities, e-cash cannot escape government scrutiny and regulation; but it is going to
take some serious thinking to design a regulatory scheme that balances personal privacy,
speed of execution, and ease of use.
Without a functioning system, what the government will do, remains a mystery.
Moreover, it is not even clear yet that the markets as a whole will adopt an anonymous e-
cash standard.

Cheque Payment Systems on the Internet :-

Magnetic Ink Character Recognition (MICR) :-

In this system, data are printed at the bottom of cheques in magnetic ink, for an
electronic read is a typical use of electronics for cheque processing.

Check Free Payment Services of Check Free :-

In September 1995, CheckFree offered the electronic cheque service CheckFree
Payment Services on the Internet. Upon customer request, this service issues an
electronic cheque and executes settlement between customer and retailer. If needed, à
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
paper cheque can also be issued to the retailer. This system implements not only cheque
processing but also electronic cheque issuance.

Electronic Cheque (E-cheque) :-

FSTC is a consortium of 60 organizations in the US including financial
institutions, clearing houses, universities, and companies. It was founded in 1993 for the
development of payment systems for E-commerce (EC). Bank of America, Citibank, and
Chemical Bank are a few of the well-known participants.
In September 1995, FSTC commenced an electronic cheque system on the
Internet called electronic cheque. This is one of FSTC's five major development projects,
the others being
1. Cheque truncation
2. Electronic commerce
3. Security measures
4. Smart card system.
In this electronic cheque system, a consumer possesses an electronic chequebook
on a Personal Computer Memory Card International Association (PCMCIA) card. As
needed cheques are written electronically from the e-chequebook on the card. They are
then se over the Internet to the retailer, who in turn sends the e-cheques to the customer's
bank Settlement is made through a financial network such as an ACH.
In addition to payment data commercial data such as invoice number and date of
receipt can be enumerated, thereby achieving a higher degree of efficiency by eliminating
duplication. With a view to increasing the practicality of the system, FSTC is
experimenting with the adoption of a smart card an electronic cheque-book. An electronic
signature with public key encryption has been adopted by FSTC for ensuring data
security over the Internet.

Risk and E-payment Systems :-

In Figure 6.1, the risks of e-commerce model are shown. There are three major risks: 1.
Data Protection-The abuse of data related to users
2. Data Reliability-The authentication of parties involved
3. Taxation-Issues related to tax.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Related to the above main issues is the type of legal framework in which this
model work Fraud, financial misdemeanours, and tax avoidance are not found just in
electronic commerce, but e-commerce presents new ways to commit old crimes.
Electronic commerce is difficult to regulate for two main reasons:

1. The scope of electronic commerce, and the technology involved changes

rapidly Traditionally, the formulation of the law has been an evolutionary process,
adapting to suit the needs of society. Where electronic commerce is concerned,
the pace of change is and has been too great for this process to take place. This
result in a situation where there is a choice of either applying current legislation or
enacting new legislation specifically formulated to meet the challenge of
electronic commerce
2. The very nature of the technology involved means that it is transnational. This
leads to problems as to which legal-system has jurisdiction over e-commerce
transactions

Fig. 4.1 Risk and e-payment systems.

Data Protection :-
Although the number of businesses on the Internet has grown, many of these
organizations are simply maintaining a 'Web presence? by providing information about
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
themselves and their products, and have not yet undertaken Internet-based transactions.
This inertia is probably due to concern about the security of transactions and user
authorization.
Technologies concerned with authorization include firewalls, password access,
smart cards, and biometrics fingerprinting. However, in order to provide secure electronic
transactions (SET), encryption technologies are used.
Encryption technologies, which are supported by the appropriate legal
mechanisms, have the potential to allow global electronic commerce to develop.
One essential challenge of e-commerce is risk management. Operation of e-
payment systems incurs three major risks: fraud or mistake, privacy issues, and credit
risk. Preventing mistakes might require improvements in the legal framework.
Dealing with privacy and fraud issues requires improvements in the security
framework Curtailing credit risk requires devising procedures to constrict or moderate
credit and reduce float in the market.

Risks from Mistake and Disputes: Consumer Protection :-

Virtually, all e-payment systems need some ability to keep automatic records, for
obvious reasons. From a technical standpoint, this is not a problem for electronic
systems. Credit and debit cards have them, and even the paper-based cheque creates an
automatic record.
Once information has been captured electronically, it is easy and inexpensive to
keep it might even cost more to throw it away than to keep it). For example, in many
transaction processing systems, old or blocked accounts are never purged and old
transaction histories can be kept forever on magnetic tape.
Given the intangible nature of electronic transactions and dispute resolution
relying solely on records, a general law of payment dynamics and banking technology
might be that no data need ever be discarded.
The record feature is an after-the-fact transcription of what happened, created
without any explicit effort by the transaction parties. Features of these automatic records
include: (i) permanent storage, (ii) accessibility and traceability, (iii) a payment system
database, and (iv) data transfer to payment maker, bank, or monetary authorities.
The need for record keeping for purposes of risk management conflicts with the
transaction anonymity of cash. One can say that anonymity exists today only because
cash is a very old concept, invented long before the computer and networks gave us the
ability to track everything.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Although a segment of the payment-making public always desire transaction
anonymity, many believe that anonymity runs counter to the public welfare because too
many tax, smuggling, and/or money laundering possibilities exist. The anonymity issue
raises the question: can e-payments be done without an automatic record feature?
Many recent payment systems seem to be ambivalent on this point. For instance,
the Mondex electronic purse touts equivalence with cash, but its electronic wallets are
designed to hold automatic records of the card's last twenty transactions with a built-in
statement.
Obviously, the card-reading terminals, machines, or telephones could maintain
records of all transactions. With these records, the balance on any smart card could be
reconstructed after the fact, thus allowing additional protection against loss or theft. This
would certainly add some value versus cash.

Managing Information Privacy :-

The e-payment system must ensure and maintain privacy. Every time one
purchases goods using a credit card, subscribes to a magazine, or accesses a server, that
information goes into the database.
Furthermore, all these records can be linked so that they constitute in effect, a
single dossier. This dossier would reflect what items were bought, and where and when.
This violates the unspoken law of doing business, that privacy of customers should be
protected as much as possible.

Managing Credit Risk :-

Credit or systemic risk is a major concern in net settlement systems, because a
bank's failure to settle its net position could lead to a chain reaction of bank failures. The
digital central bank must develop policies to deal with this possibility. Various
alternatives exist, each with advantages and disadvantages.
A digital central bank guarantee on settlement removes the insolvency test from
the system because banks will more readily assume credit risks from other banks.
Without such guarantees, the development of clearing and settlement systems and money
markets may be impeded.
A middle road is also possible: for example, setting controls on bank exposures
(bilateral or multilateral) and requiring collateral. If the central bank does not guarantee
settlement, it must define, at least internally, the conditions and terms for extending
liquidity to banks in connection with settlement.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Designing E-payment Systems :-

Despite cost and efficiency gains, many hurdles need to be overcome for the
spread of e-payment systems. These include several factors, mostly non-technical in
nature, that must be addressed before any new payment method is made successful. They
are as follows:
1. Privacy. A user expects trustworthiness of a secure system; just as the telephone
is a safe and a private medium, free of wiretaps and hackers, electronic
communication must merit equal trust.
2. Security.A secure system verifies the identity of two-party transactions
through "user authentication‖, and reserves flexibility to restrict
information/services through access control. Tomorrow's bank robbers will need
no getaway cars-just a computer terminal, the price of a telephone call, and a little
ingenuity. Millions of dollars have been embezzled by computer fraud. No
systems are yet foolproof, although designers are concentrating closely on
security.
3. Intuitive interfaces.The payment interface must be as easy to use as a
telephone. Generally speaking, users value convenience more than anything.
4. Database integration.With home banking, for example, a customer wants to
play with all his accounts. Separate accounts are stored on separate databases. The
challenge before banks is to tie these databases together and allow customers
access to any of them while keeping the data up-to-date and error-free.
5. Brokers.A ―network banker"--someone to broker goods and services, settle
conflicts, and facilitate financial transactions electronically-must be in place.
6. Pricing.One fundamental issue is how to price payment system services. For
example, should subsidies be used to encourage users to shift from one form of
payment to another--from cash to bank payments, from papers based to e-cash?
The problem with subsidies is the potential waste of resources, as money may be
invested in systems that will not be used. Thus, investment in systems not only
might not be recovered, but also substantial ongoing operational subsidies will be
necessary. On the other hand, it must be recorded that, without subsidies, it is
difficult to fix up an affordable price to all services.
7. Standards. Without standards, the welding of different payment users into
different networks and different systems is impossible. Standards enable
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
interoperability, giving users the ability to buy and receive information, regardless
of which bank is managing their money.

None of the above hurdles are insurmountable. Most of these will be overcome
within the next few years. These technical problems, experts hope, will be solved as
technology is improved and experience is gained. The biggest question concerns how
customers will take to a paperless and (if not cashless) a less-cash world.

The Key to Security: Cryptography :-

Cryptography relies on two basic components: an algorithm (or cryptographic
methodology) and a key. Algorithm is the method used to encrypt the message, and key
is the object used to decrypt the message. For instance, in a system where letters are
substituted for other letters, the ―key" is the chart of paired letters and algorithm is the
substitution.
In modern cryptographic systems, the algorithms are complex mathematical
formulae, and keys are strings of bits. If two parties want to communicate, they must use
the same algorithm. In some cases, they must also use the same key. Many cryptographic
keys must be kept secret. Sometimes algorithms are also kept secret, as the method of
encryption may hold the very method used to decrypt the message.
Cryptosystems are being increasingly used in encryption, authentication,
integrity; non-repudiation, and management of other crypto systems like key
management. A crypto system is a mathematical function for processing data, and there is
nothing secret about the function except the key.

Examples of Encryption Techniques :-

Caesar's Method :-
This is one of the oldest known techniques of encryption. It traces its history back
to Roman times. It is a really simple method of encrypting a message. It involves shifting
each letter of the message to a letter that appears k letters after it. In the method that was
first devised by the Romans, k was equal to 3. What this meant was that each letter was
shifted 3 places to the right. For example, 'A' would be transformed to 'D', 'B' to 'E', 'C' to
'F', and so on.
So, starting with ABCDEFGHIJKLMNOPQRSTUVWXYZ and sliding
everything up by 3, you get DEFGHIJKLMNOPQRSTUVWXYZABC where, D = A, E
= B, F = C, and so on. Using this scheme, the plain text "SECRET" encrypts as
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
―VHFUHW‖. To enable someone else to read the cipher text, you tell him or her that the
key is 3. This is clearly a secret key system, the secret key being the value of k. Clearly,
this is not a very safe system of encryption, as, trying all possible values of k, namely 1
through 26, can easily crack it.

Letter Pairing :-
This method is similar to Caesar's method. Here, instead of shifting each letter to
some places to its right, letters are paired off with each other in a random manner. For
example, consider the pairing A , B Y, C X , and so on.
The method overcomes the limitation of Caesar's method and cannot be encrypted
even by using various values of k. Yet, this is not a safe method at all, and can easily be
decrypted by using techniques such as frequency analysis. If a large enough message is
intercepted, then by counting the number of times a letter appears, the third party can
judge which letter stands for which by comparing the data with the average frequencies
of usage of letters of the language. For example, we know that 'E' is the most often used
letter, and hence the most repeated letter would probably stand for 'E'.
The two examples given above are simple yet interesting encryption techniques.
In the following few pages, we will discuss some of the latest and most widely used
encryption techniques.

RSA :-
RSA stands for Rivest; Shamir and Adleman—the three cryptographers who
invented the first practical commercial public key cryptosystem. Today it is used in Web
browsers, e-mail programs, mobile phones, virtual private networks, secure shells, and
many other places. With sufficiently large keys, you can be confident of foiling the vast
majority of attackers.
Until recently, the use of RSA was very much restricted by patent and export
laws. However, the patent has now expired and US export laws have been relaxed. RSA
encryption uses large prime numbers for its purposes.
It works on the basic fact that large numbers are extremely difficult to factorize. If
we take the product of two arbitrarily large (but secret) prime numbers of say, 50 digits
each and multiply them, then using the most current supercomputing technology it would
take more than a thousand years to factorize them. This method has brought to the fore a
branch of mathematics called 'number theory that is till now considered to have no
practical applications.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
RSA uses two large prime numbers. Numbers must be quite large in length, 100
to 300 bits, and must have a prime value. Only the person who wants to decrypt the
message should know these. Using these, a mathematical algorithm is developed which
produces a public key. Anyone who wants to encrypt a message uses this algorithm. The
key is based on the two large primes used, and is known only to the person who has
developed the particular algorithm.
RSA seems to be a reliable and a fast algorithm, but the serious persisting flaws
consist of the hiding of two initial numbers chosen from the IP table. Once discovered,
intruders can use these numbers to reconstruct the message and the keys.

DES :-
This is an example of a widely used secret key encryption system. In 1972, the
National Institute of Standards and Technology (NIST) decided that a strong
cryptographic algorithm was needed to protect non-classified information. The algorithm
was required to be cheap, widely available, and very secure.
NIST envisioned something that would be available to the general public and
could be used in a wide variety of applications. So they asked for public proposals for
such an algorithm. In 1974, IBM submitted the Lucifer algorithm, which appeared to
meet most of NIST's design requirements.
The modified Lucifer algorithm was adopted by NIST as a federal standard on
November 23, 1976. Later its name was changed to Data Encryption Standard (DES).
The algorithm specification was published in January 1977, and with the official backing
of the government it became a very widely employed algorithm in a short time.
DES encrypts and decrypts data in 64-bit blocks, using a 64-bit key (although the
effective key strength is only 56 bits, as explained below). It takes a 64-bit block of plain
text as input, and outputs a 64-bit block of cipher text. It always operates on blocks of
equal size, and it uses both permutations and substitutions in the algorithm.
Unfortunately, over time, various short cut attacks were found that could
significantly reduce the time needed to find a DES key by brute force. And as computers
became progressively faster and more powerful, it was recognized that a 56-bit key was
simply not large enough for high security applications.
As a result of these serious flaws, NIST abandoned their official endorsement of
DES in 1997 and began work on a replacement, to be called the Advanced Encryption
Standard (AES). Despite the growing concerns about its vulnerability, DES is still widely
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
used by financial services and other industries worldwide to protect sensitive online
applications.

Attacks on Crypto Systems :-

One of the most important perspectives of key management is to prevent attacks
or to make attacks practically infeasible. Theoretically, all crypto systems are susceptible
to direct key search attacks and, from a theoretical perspective, all keys are breakable.
But from a practical point of view, this is not always the case for most of the widely used
crypto systems around. There are basically two types of crypto systems:

Symmetric Key Crypto Systems :-

This is historically known as the secret key system. In this crypto system, the key
for the underlying mathematical function can be used to reverse this mathematical
function (hence symmetric').
There are two types of symmetric key crypto systems: 'stream ciphers are used in
mobile communication, and 'block' ciphers are used for
encryption/authentication.Examples of some block ciphers are Data Encryption Standard
(DES), International Data Encryption Algorithm (IDEA), and SAFER.
Symmetric systems are built by repeatedly using simple mathematical operation
involving the key. Thus, they can be executed at a high speed. These crypto systems" find
their use in systems where a large amount of data is processed.

Asymmetric Key Crypto Systems :-

This is also known as public key system. The key for the underlying mathematical
function cannot be easily used to reverse the mathematical function: A separate key is
required to do this (hence the name 'asymmetric'). Participants in such a system will have
a key pair public and private key.
This system is based on a one-way mathematical function-easy in one direction
but very difficult to reverse, as for example, multiplying two large numbers is easy but
factorizing this product can be very difficult. Diffie-Hellman, RSA, El Gamal are based
on this theory.
Asymmetric key crypto systems are flexible to implement as compared to secret
key systems, but are much slower to execute. This system is widely used in digital
signature, key management, and entity authentication.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
A Matter of Keys :-
The key for anycrypto system is a string of binary digits (bits) that holds
information. For a symmetric system, a key is usually a given length of binary string, and
any binary string of this length can be a valid key. For example, DES has a 56-bit key (in
fact 64, of which 8 are parity check bits). So, any bit string of length 56 can be a DES
key.
For asymmetric systems also, the key is a string of binary digits but all such
strings are not valid keys. Some RSA versions use 512-bit keys, but every possible 512-
bit key is not a valid key. For example, even numbers are not valid. Key lengths of
symmetric and asymmetric keys are not directly comparable, and techniques for finding
out unknown keys are different for the two systems.
In symmetric system, the technique for finding unknown key for block and stream
ciphers is the same. For block ciphers, key can usually be of any binary string of given
size. For example, DES has a 56-bit key, Triple DES has a 112-bit key, and it is 128-bit
for IDEA and SAFER. So DES has 256 possible keys, triple DES has 2,112 possible
keys, and .JDEA and SAFER have 2,128 possible keys.
For some data processed by block ciphers, one has to try all possible keys until
one finds out a small collection of keys that work. One of these keys would be the
unknown key. This form of attack is known as a brute force attack/exhaustive key search
and requires a. minimum of information to perform such an attack.
The objective for strong block .cipher design is to ensure that exhaustive key
search takes far longer time and is far more expensive than it is feasible, and that there is
no other way of getting the unknown key more quickly and more cheaply than exhaustive
search. The complexity of such an attack is quantified by comparing the number of
applications of the block cipher in the attack with an exhaustive key search.
Even in cases where the attack compares. favourably, there are other points to be
considered, such as the amount of data that needs to be processed by the block cipher
with the unknown key. While such attacks are specific to the block ciphers, there are two
types of attack that have wide applicability: differential cryptanalysis, and linear
cryptanalysis.
Some carefully chosen data are processed by the block cipher to be analyzed to
find the unknown key in differential cryptanalysis. In linear cryptanalysis, the underlying
algebraic structure is used to analyze data processed by the block cipher.
For the widely used block ciphers such as DES, these attacks are currently
impractical, as they require the generation of vast amount of data with the unknown key.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
For example, differential attack on DES requires the processing of 250 bytes of data and
a linear- attack, requires processing of 246 bytes of data.
Exhaustive Search:
An exhaustive attack on a block cipher is very complex. This is because one has
to look for all the keys for an exhaustive search, and the larger the number of keys, the
harder this is. As an illustration, consider an exhaustive key search for a 56-bit DES key.
An exhaustive key search for a DES keywill require 256 tests, which is equal to
7.2 x 1016 tests. Assuming 106 testing devices are employed, each capable of performing
106 tests per second, the complete 'test cycle will require 7.2 x 104 seconds, which is
equivalent to 20 hours.
In such a scenario, the key might be expected in 10 hours. Obviously,
computation of such magnitude is beyond the limit of average desktops. Approximate
figures for other block ciphers with different key sizes can be derived by multiplying by
an appropriate factor.
Clearly, the feasibility of an attack depends on the computing resources of the
attacker. In March 1997, RSA Data Security Inc. issued test challenge DES-I to find a 56-
bit DES key (with a $10,000 prize). There were 256 or 72 quadrillion possible DES keys.
The key was found 140 days later by an effort distributed over the Internet. It
involved 70,000 Internet addresses, each searching through different keys until the
correct one was found. At the peak rate, 7 billion keys were being tested per second. At
this rate, it would have taken a minimum of 32 days to find the key.
In 1998, RSA DES Challenge II was solved in 56 hours. This time again the effort
involved massive computing resource. Electronic Frontier Foundation (EFF) designed
DES Breaker at an estimated cost of $80,000. The manufacturing cost of the machine was
$130,000.
The complete key search took 220 hours. The peak search rate this time was a
massive 90 billion keys per second: The latest DES challenge, DES Challenge III was
solved in January last year in 22 hours and 15 minutes. It involved the combined efforts
of EFF'S Deep Crack and distributed.net to find the key.

Private Key and Public Key.

In Figure 4.2, the message is encrypted with a public key and sent to the recipient.
The recipient opens it with his public key.
 Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
For asymmetric key crypto systems, the situation is different. It is generally
believed that the difficulty of finding an unknown private key depends upon the difficulty
of some well-known mathematical problems. The problem of finding an RSA private key
is believed to be equivalent to factorizing a large number that is the product of two large
primes. From
“Hey Ravi, The terms HNFmsEm6Un
getting too hectic. I’m BejhhyCGKOK
having too many JUxhiygSBCEiC0QYih/H
sleepless nights” n3xgiKBcyLK1UcYiYlxx2
ICFHDC/A

HNFmsEm6Un “Hey Ravi, The terms

BejhhyCGKOK getting too hectic. I’m
JUxhiygSBCEiC0QYih/H having too many
n3xgiKBcyLK1UcYiYlxx2 sleepless nights”
ICFHDC/A

Fig. 4.2 Role of public and private key.

the invention of asymmetric cryptography (mid-1970s) until recently, there were a

number of algorithms that could factor such numbers and they all took roughly the same
time. In the last few years, a new algorithm—the General Number Field Sieve (GNFS)-
has been invented that can factor a number more quickly than the previous algorithms.
The discrete algorithm problem used for El Gamal and DSS has a similar complexity.
As with DES, a RSA Data Security challenge number (RSA-130) with 430 bits
was issued. This number has been factorized (April 1996), ' again using an effort
distributed over the Net. The total effort used in factorizing RSA-130 is believed to be
500 Mipsyears (equivalent to a computer running 500 million instructions per second for
a year).
Such figures make it just about conceivable that with concentrated effort
distributed over the Net, it is just possible to factorize a 512-bit number as the product of
two primes. This means RSA system with-512-bit private keys are potentially vulnerable
to such attacks.
In future, increase in computing speed will make it possible to factorize larger-
sized numbers. However, it is entirely possible that overnight someone will invent a new
algorithm and all the figures will have to be revised.
Although popular media has floated the perception that DES keyspace is so small
that it is possible for anyone with a PC to break any DES-based crypto system, it is far
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
from the truth. Well, it is true that 56-bit key is too small; but not for the computing
power of a PC. DES is vulnerable when attacked with an immense computing power.
Even after AES becomes the new standard, we will see DES in use for some time to
come.

Digital Signature :-
Digital signatures provide information regarding the sender of an electronic
document. The technology has assumed huge importance recently, with the realization
that it may be the remedy to one of the major barriers to growth of electronic commerce:
fear of lack of security.Digital signatures provide data integrity, thereby allowing the data
to remain in the same state in which it was transmitted. The identity of the sender can
also be authentication by third parties.
The most widely used type of cryptography is public keycryptography, where
thesender is assigned two keys-one public, one private. The original message is encrypted
using the public key while the recipient of the message requires the private key to decrypt
the message. The recipient can then determine whether the data has been altered.
However, although this system guarantees the integrity of the message, it does not
guarantee the identity of the sender public key owner). In order to remedy this, a
Certificate Authority is required.
In Figure 4.3, Ravi (the sender) uses his private key to compute the digital
signature. In order to compute the digital signature, a one-way hashing algorithm may be
used to first calculate a message digest, as is done by RSA.
The message digest is an efficient way to represent the message, as well as being
a unique number that can only be calculated from the contents of the message. The
sender's private key is used at this point to encrypt the message digest. The encrypted
message digest is what is commonly called a digital signature.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Fig. 4.3 Digital signature process.

A certification authority (CA) performs the task of managing key pairs, while the
verification of the person or entity bound to that key pair is initially ascertained at the
time of application by the registration authority. A certificate is issued by a CA and links
an individual or entity to its public key, and in some cases to its private key. Certification
authorities can offer different grades of certificates, depending upon the type of initial
identification provided by the individual.
From an information security viewpoint, these simple electronic signatures‖ are
distinct from the "digital signatures‖ and in the technical literature, although "digital
signature‖ is sometimes used to mean any form of computer-based signature. These
guidelines use "digital signature" only as it is used in information security terminology,
as to mean the result of applying the technical processes. :

Legal Position of Digital Signatures :-

Although the digital signature technology has been available for some time, it has
only recently become feasible to use digital signatures to authenticate a document. This
breakthrough has made digital signatures one of the most important areas of development
within electronic commerce. It is important because the technology and the law
governing it must develop in a way that promotes or at the very least does not inhibit--the
growth of electronic commerce.
A substantial amount of legislation regulating the use of digital signatures and
their legal status has been enacted. So far, this has been enacted on a state by state basis,
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
resulting in those countries taking contrasting legal positions. International law on digital
signatures has yet to be formulated.
Developments are also taking place at a global level. Bodies such as the Internet
Engineering Task Force (IETF), the International Organization for Standardization (ISO),
and W3C are currently working on standardization of digital signatures. The OECD has
issued 'Guidelines for Cryptology Policy', which includes a guide for states on the
creation of legislation governing the use of digital signatures. UNCITRAL has also
released draft legislation on electronic commerce, including guidelines for digital
signatures.

Signatures and the Law :-

A signature is not a part of the substance of a transaction, but rather its
representation or form. Signing writings serve the following general purposes:

Evidence :-
A signature authenticates the writing by identifying the signee with the signed
document. When the signer makes a mark in a distinctive manner, the writing becomes
attributable to the signer,

Legality :-
The act of signing a document calls to the signer's attention, the legal significance
of the signer's act, and thereby helps prevent "inconsiderate" engagements.

Approval :-
In certain contexts defined by law or custom, a signature expresses the signer's
approval or authorization of the writing, or the signer's claim that it has legal validity.

Efficiency and Logistics :-

A signature on a written document often imparts a sense of clarity and finality to
the transaction, and may lessen the subsequent need to inquire beyond the face of a
document. Negotiable instruments, for example, rely upon formal requirements,
including a signature, for their ability to change hands with ease, rapidity, and minimal
interruption.
Authenticity:-
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The formal requirements for legal transactions, including the need for signatures,
vary in different legal systems, and also vary with the passage of time. There is also
variance in the legal consequences of failure to cast the transaction in a required form.
The statute of frauds of the common law tradition, for example, does not render a
transaction invalid for lack of a ―writing signed by the party to be charged‖, but rather
makes it unenforceable in the court, a distinction which has caused the practical
application of the statute to be greatly limited in case law.
During this century, most legal systems have reduced the formal requirements, or
at least have minimized the consequences of failure to satisfy formal requirements.
Nevertheless, sound practice still calls for transactions to be formalized in a manner
which assures the parties of their validity and enforceability.
In current practice, formalization usually involves documenting the transaction on
paper and signing or authenticating the paper. Traditional methods however, are
undergoing fundamental change. Documents continue to be written on paper, but
sometimes merely to satisfy the need for a legally recognized form. In many instances,
the information exchanged to effect a transaction never takes paper form. Computer
based information can also be utilized differently than its paper counterpart.
For example, computers can "read‖ digital information, and transform the
information or take programmable actions based on the information. Information stored
as bits rather than as atoms of ink and paper can travel near the speed of light, may be
duplicated without limit and with insignificant cost.
Although the basic nature of transactions has not changed, the law has only begun
to adapt to advances in technology. The legal and business communities must develop
rules and practices which use new technology, to achieve and surpass the effects
traditionally achieved from paper forms.
To achieve the basic purposes of signatures outlined thus, a signature must have
the following attributes:

Signer authentication. A signature should indicate who signed a document, a message

or a record, and should be difficult for another person to product without authorization.

Document authentication.A signature should identify what is signed, making it

impracticable to falsify or alter either the signed matter or the signature without
detection.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Signer authentication and document authentication are tools used to exclude
impersonators and forgers, and are essential ingredients of what is often called a "non-
repudiation service" in the terminology of information security profession.
A non-repudiation service provides assurance of the origin or delivery of data in
order to protect the sender against false denial by the recipient that the data has been
received, or to protect the recipient against false denial by the sender that the data has
been sent.
Thus, a non-repudiation service provides evidence to prevent a person from
unilaterally modifying or terminating legal obligations arising out of a transaction
effected by computer-based means:
Optimally, a signature and its creation, and its verification processes should
provide the greatest possible assurance to both the signer's as well as the document's
authenticity with least possible expenditure.

Affirmation :-
The affixing of the signature should be an affirmative act, which serves the
ceremonial and approval functions of a signature and establishes the sense of having
legally consummated a transaction.
Digital signature technology generally surpasses paper technology in all these
attributes. To understand why, one must first understand how digital signature technology
works.

How Digital Signature. Technology Works :-

Digital signatures are created and verified by cryptography. Digital signatures use
public key cryptography, which employs an algorithm using two different but
mathematically related "keys‖: one for creating a digital signature or transforming data
into a seemingly unintelligible form, and another key for verifying a digital signature or
returning the message to its original form. Computer equipment and software utilizing
two such keys are often collectively termed an ―asymmetric crypto system‖.
The complementary keys of an asymmetric crypto system for digital signatures
are arbitrarily termed private key, which is known only to the signer, and used to create
the digital signature, and the public key, which is ordinarily more widely known and is
used by a relying party to verify the digital signature.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
If many people need to verify the signer's digital signatures, the public key must
be available or distributed to all of them, perhaps by publication in an online repository or
directory, where it is easily accessible. Although the keys of the pair are mathematically
related, if the asymmetric crypto system has been designed and implemented securely it
is "computationally infeasible‖ to derive the private key from the knowledge of the public
key.
Thus, although many people may know the public key of a given signer and use it
to verify that signer's signatures, they cannot discover that signer's private key and use it
to forge digital signatures. This is sometimes referred to as the principle of
"irreversibility".
Another fundamental process, termed hash function, is used in both creating and
verifying a digital signature. A hash function is an algorithm which creates a digital
representation or "fingerprint‖ in the form of a "hash value‖ or ―hash result‖ of a standard
length which is usually much smaller than the message but nevertheless substantially
unique to it.
Any change to the message invariably produces a different hash result when the
same hash function is used. In the case of a secure hash function, sometimes termed as a
―one-way hash function‖, it is computationally infeasible to derive the original message
from the knowledge of its hash value.
Hash functions therefore enable the software to create digital signatures to operate
on smaller and predictable amounts of data, while still providing robust evidentiary
correlation to the original message content, thereby efficiently providing assurance that
there has been no modification of the message since it was digitally signed.
Thus, the use of digital signatures usually involves two processes--one performed
by the signer, and the other by the receive, of the digital signature. They can be discussed
as follows:

Digital Signature Creation :-

This uses a hash result derived from and unique to both the signed message and a
given private key. For the hash result to be secure, there must be only a negligible
possibility that the same digital signature could be created by a combination of any other
message and a private key.

Digital Signature Verification :-

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
This is the process of checking the digital signature by reference to the original
message and the given public key, thereby determining whether the digital signature was
created for that same message using the private key corresponding to the referenced
public key.
To sign a document or any other item of information, the signer first delimits
precisely the borders of what is to be signed. The delimited information to be signed is
termed ―message‖ in these guidelines. Then a hash function in the signer's software
computes a hash result unique (for all practical purposes) to the message.
The signer's software then transforms the hash result into a digital signature using
the signer's private key. The resulting digital signature is thus unique to both the message
and the private key used to create it.
Typically, a digital signature (a digitally signed hash result of the message) is
attached to its message and stored or transmitted with its message. However, it may also
be sent or stored as a separate data element, so long as it maintains a reliable association
with its message. Since a digital signature is unique to its message, it is useless if it is
wholly disassociated from its message.
Verification of a digital signature is accomplished by computing a new hash result
of the original message by means of the same hash function used to create the digital
signature. Then, using the public key and the new hash result, the verifier checks: (i)
whether the digital signature was created using the corresponding private key, and (ü)
whether the newly computed hash result matches the original hash result which was
transformed into the digital signature during the signing process. The verification
software will confirm the digital signature as "verified‖ if: (i) the signer's private key was
used to digitally sign the message, which is known to be the case if the signer's public
key was used to verify the signature because the signer's public key will verify only a
digital signature created with the signer's private key, and (ii) the message was unaltered,
which is known to be the case if the hash result computed by the verifier is identical to
the hash result extracted from the digital signature during the verification process.
Various asymmetric cryptosystems create and verify digital signatures using
different algorithms and procedures, but share this overall operational pattern.
The processes of creating a digital signature and verifying it, accomplish the
essential effects desired of a signature for many legal purposes:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Signer Authentication :-
If a public and a private key pair is associated with an identified signer, the digital
signature attributes the message to the signer. The digital signature cannot be forged,
unless the sign loses control of the private key (a "compromise‖ of the private key), such
as bydivulging (i.e. Private or sensitive information) it or losing the media or device in
which it is contained.

Message Authentication :-
The digital signature also identifies the signed message, typically with far greater
certain and precision than paper signatures. Verification reveals any tampering, since the
comparison of the hash results (one made at signing and the other made at verifying)
shows whether message is the same as when signed.

Affirmative Act :-
Creating a digital signature requires the signer to use the signer's private key. This
act perform the "ceremonial" function of alerting the signer to the fact that the signature
consummating a transaction with legal consequences.

Assurance :-
The processes of creating and verifying a digital signature provide a high level of
assurance that the digital signature is genuinely the signer's. As with the case of modern
Electronic Data Interchange (EDI), the creation and verification processes are capable of
complete automation (sometimes referred to as machinable), with human interaction
required only in exceptional cases. Compared to paper methods such as checking
specimen signature cards methods so tedious and laborious that they are rarely used in
practice-digital signature yield a high degree of assurance without adding greatly to the
resources required for processing.
The processes used for digital signatures have undergone thorough technological
peer review for over a decade. Digital signatures have been accepted in several national
and international standards developed in cooperation with, and accepted by many
corporations, banks, and government agencies. The likelihood of a malfunction or a
security problem in a digital signature cryptosystem designed and implemented as
prescribed by the industry standards is extremely remote and is far less than the risk of
undetected forgery or alteration on paper or of using other less secure electronic signature
techniques.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Digital Signature and Indian Websites

Some of the websites which use digital signatures are given in Table 6.8.

TABLE 4.8
INDIAN WEBSITES THAT USE DIGITAL SIGNATURE

Shopping and Auctions sites SifyMall

Bazee
Fabmall
Rediff
Bookings and Reservations All major airlines
Indian Railways
Service Companies e-payments Celluar Providers.
ISPs
Net Banking ICICI
HDFC

Following is the list of certifying authorities in India

 SafeScrypt (A Sify-Verisign venture) was the first CA in India.
 National Informatics Centre:
 Tata Consultancy Services.
 Institute of Development and Research in Banking Technology, Hyderabad
(IDRBT), the technology arm of the Reserve Bank of India.
 Mahanagar Telephone Nigam Ltd (MTNL).
 ICICI Infotech, which has the contract for the supply and installation of the
National Root Certification Authority, with an aim to bring uniformity amongst
the different : certifying authorities in India.

Public Key Certificates

To verify a digital signature, the verifier must have access to the signer's public
key and have assurance that it corresponds to the signer's private key. However, a public
and a private key pair has no intrinsic association with any person; it is simply a pair of
numbers. . Some convincing strategy is necessary to reliably associate a particular person
or entity to the key pair.
In a transaction involving only two parties, each party can simply communicate
(by a :. relatively secure "out-of-band" channel, such as a courier or a secure voice
telephone) the public key of the key pair each party will use.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Such an identification strategy is no small task, especially when the parties are
geographically far away from each other, conduct communication over a convenient but
insecure channel such as the Internet, are not individuals. but rather corporations or
similar artificial entities, and act through agents whose authority . need to be ascertained.
As electronic. commerce increasingly moves from a bilateral setting to the many-
on-many architecture of the World Wide Web on the Internet, where significant
transactions will occur among strangers who have no prior contractual relationship and
will never deal with each other again, the problem of authentication/nonrepudiation
becomes not merely one of efficiency, but also of reliability. An open system of
communication, such as the Internet; needs a system of identity authentication to handle
this scenario.
To that end, a prospective signer might issue a public statement, like: ―Signatures
verifiable by the following public key are mine.‖ However, others doing business with
the signer may for good reason be unwilling to accept the statement, especially where
there is no prior contract establishing the legal effect of that published statement with
certainty. A party relying upon such an unsupported published statement in an open
system would run Na great risk of trusting a phantom or an imposter, or of attempting to
disprove a false denial of a digital signature (non-repudiation), if a transaction should turn
out to prove disadvantageous for the purported signee.
The solution to these problems is the use of one or more trusted third parties to
associate an identified signer with a specific public key. That trusted third party is
referred to as a certification authority in most technical standards and in these guidelines.
To associate a key pair with a prospective signer, a certification authority issues a
certificate, an electronic record which lists a public key as the ―subject‖ of the certificate,
and confirms that the prospective signee identified in the certificate holds the
corresponding private key.
The prospective signee is called the subscriber. The certificate's principal function
is to bind a key pair with a particular subscriber. A recipient of the certificate desiring to
rely upon a digital signature created by the subscriber named in the certificate
(whereupon the recipient becomes a relying party) can use the public key listed therein to
verify if the digital signature was created in corresponding to the private key. If such
verification is successful, this chain of reasoning provides assurance that the
corresponding private key is held by the subscriber named in the certificate, and that the
digital signature was created by that particular subscriber.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
To assure both message and identity authenticity of the certificate, the
certification authority digitally signs it. This can be verified by using the public key of the
certification authority listed in another certificate by another certification authority
(which need not be on a higher level in a hierarchy), and that certification can in turn be
authenticated by the public key listed in yet another certificate and so on, until the person
relying on the digital signature is adequately assured of its genuineness. In each case, the
issuing certification authority must digitally sign its own certificate during the operational
period of the other certificate used to verify the certification authority's digital signature.
A digital signature, whether created by a subscriber to authenticate a message or
by a certification authority to authenticate its certificate (in effect a specialized message),
should be reliably time-stamped to allow the verifier to determine whether the digital
signature was created during the operational period stated in the certificate, which is a
condition upon the verifiability of a digital signature under these guidelines
To make a public key and its identification with a specific subscriber readily
available for use in verification, the certificate may be published in a repository or made
available by other means. Repositories are online databases of certificates and other
information available for retrieval and use in verifying digital signatures. Retrieval can be
accomplished automatically by having the verification program directly inquire the
repository to obtain certificates as needed.
Once issued, a certificate may prove to be unreliable, such as in situations where
the subscriber misrepresents his identity to the certification authority. In other situations,
a certificate may be reliable enough when issued but come to be unreliable sometime
thereafter.
If the subscriber loses control of the private key ("compromise‖ of the private
key), the certificate becomes unreliable, and the certification authority (either with or
without the subscriber's request depending on the circumstances) may suspend
(temporarily invalidate) or revoke (permanently invalidate) the certificate.
Immediately upon suspending or revoking a certificate, the certification authority
must publish notice of the revocation or suspension ornotify persons who inquire or who
are known to have received a digital signature ;verifiable by reference to the unreliable
certificate.

The Secure E-payment Process Method :-

Secured payment transaction system is critical to e-commerce. Without a secured
payment transaction system, e-commerce will be a castle built on sand.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
There are two common standards used for secure e-payments--SSL and SET.
Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) are two major
players in the secured payment transaction market. Both use RSA public-key
cryptography for encryption and authentication, but SSL and SET are very different
protocols to approach payment transaction security.

SSL :-
SSL is a secured socket layer between HTTP and TCP on a Web server. It is a
transport layer security protocol. SSL provides a simple encrypted connection between
the client's computer and merchant's serverover Internet. It also provides authentication
for the merchant's server with its digital certificate from a certificate authority.
This is a secured connection for cyber shoppers 'to send payment information to
e-tailor's Web-shop. It can be used as a simple order form including payment information
on the Web. But it does not include the payment process protocol with credit card
company and issuing banks.
Currently, the fast growing Internet consumer commerce is mainly based on
acceptingcredit card over SSL. One of the reasons for the growth in this direction is that
SSL provides secured connection with encryption and authentication between two
computers over the Internet: SSL provides a security handshake in which the client and
server computers exchange a brief burst of messages.
In these messages, they agree upon the level of security they will use to exchange
digital certificates and perform other tasks. Each computer unfailingly identifies the
other. It is not a problem if the client does not have a certificate, because the client is the
one who is sending sensitive information. On the other hand, the server with whom the
client is doing business ought to have a valid certificate.
Otherwise, you (the " client) cannot be certain that the commerce site actually
belongs to the one whom it refers to. After identification, the SSL encrypts and decrypts
information flowing between the two computers. This means that information in both the
HTTP request and the HTTP responses are encrypted.
Encrypted information includes the URL the client is requesting, any form
containing information the user has completed (which might include a credit card
number), and HTTP access authorization data such as user names and passwords. In
short, all communication between SSL-enabled clients and servers is encoded. When SSL
encodes everything flowing between the client and the server, an eavesdropper will
receive only the unintelligible information.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Is SSL really secure? Yes, SSL indeed provides the secured connection for
payment transaction between customers and merchants. It is more secure than phone and
postal mail delivery. But the security ends at the merchant's site. It does not keep the
credit card numbers after the transaction is completed.

SET :-
SET is a messaging protocol designed by VISA and MasterCard for securing
credit card transactions over open-networks, such as the Internet.
In the SET protocol, a transaction has three players--the customer, the merchant,
and the merchant's bank. SET protocol has three principal features as listed in the
following:

 All sensitive information sent within the three parties are encrypted.
 All three parties are required to authenticate themselves with certificates from
the SET certificate authority.
 The merchant never sees the customer's card number in plain text.

The third feature actually makes Internet commerce more secure than traditional
credit card transactions, such as pay by credit card in-store, over phone, or through mail
order form. It is also more secure than SSE.
To implement SET in e-commerce on Internet, it requires the SET point-of-sale
client software such as SET ―electronic wallet‖ implemented widely in the client's Web
browser. It is a big challenge to make such a point-of-sale software widely available to
the Internet community.

Online Financial Services in India :-

Web-based banks figured their pitch was irresistible-by eliminating physical
branches, tellers, and bankers' hours, they could slash costs and offer customers higher
interest rates and more convenience. But in reality, customers want human contact, or at
least an ATM. The multichannel strategy is what is important to people.
They want to be able to use the Web. Online banks have also learned that
convenience means more than just twenty-four hour banking. In fact, some aspects of the
virtual banking model are flat-out inconvenient. For example, online banks require that
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
deposits be made by cheque or money order, eliminating the cash option available at
traditional banks.
Adding physical infrastructure, though, adds to an on line bank's operating costs
and may force it to lower interest rates paid on savings. Online banks maintain that they
still run more efficiently than traditional banks because of practices such as online
account managers, loan officers, and so on. That allows them to manage a branch with a
smaller staff than a traditional bank.
Although a multichannel approach may appeal to customers, the strategy
undermines the very premise of online-only institutions, and makes them less
distinguishable from traditional banks that also offer Web banking services. It is a lot
easier and cheaper for an existing bank to roll out Internet services than is for an Internet
bank to buy enough ATMs or branches to compete on a national level.
Online banking is also known as cyber banking, home banking, virtual banking,
and includes various banking activities that can be conducted from anywhere instead of at
a physical bank location. Consumers can use e-banking to pay bills online or to secure a
loan electronically.
Electronic banking saves a lot of time and money for users. For banks, it offers an
inexpensive alternative to branch banking and a chance to enlist remote users. Many
physical banks offer home banking services, and EC is used as a major competitive
strategy. Online banking is growing in India.

Features of E-banking in India

1. Can access current account balances at any time.
2. Can obtain charge and credit card statements.
3. Can pay bills online.
4. Can download account transactions.
5. Can transfer money between accounts.
6. Can keep a track of accounts online.
7. Can send e-mails to the bank.
8. Customers have a flexible schedule.
9. Can also use additional services like free phone banking, ATM withdrawals, bill
paying.

International banking, and the ability to handle trades in multiple currencies are
critical for international trade. Although some international retail purchasing can be done
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
with a credit card number, other transactions require international banking support. Many
banks offer such services online.

Personal Finance :-
Online Often electronic banking and portfolio management are combined with
personal finance. However, specialized personal finance vendors offer more diversified
services, with features like:

1. Bill tracking
2. Tracking of bank accounts, expenditures, and credit cards
3. Portfolio management, including reports and capital gain (losses) computations
4. Investment tracking and monitoring of securities
5. Stock quotes
6. Personal budget organization
7. Record keeping of cash flow, and profit and loss computations
8. Tax computations and preparations
9. Retirement goals, planning, and budgeting.

Online Billing and Bill Paying :-

People prefer to pay monthly bills like telephone, utility, electricity etc., online.
More so the recipients of such payments are even more eager to receive money online, as
the processing costs are lower! In India, banks like ICICI and SBI make it easier with a
facility of paying bills from online accounts.
ICICI provides this feature absolutely free of cost and offers customer to view the
bill, status checks, and queries. For certain billers, one can see the bill online and pay
immediately or schedule the payment of bills. Now there is no more hunting around for
the right amount to be paid.Paying these Bills online will ensure that one does not miss
any due dates. It acts as a reminder
SBI on the other hand also provides a feature called Autopay. One can set up
AutoPayinstructions with an upper limit to ensure that bills are paid automatically
whenever they are due. The upper limit ensures that only bills within the specified limit
are paid automatically, thereby providing the customer complete control over these
payments.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Auxiliary Services :-
ICICI offers a few auxiliary services online as part of their online services, apart
from bill payment and e-banking.
Online shopping: using the Internet banking ID and transaction password, one can
visit affiliated shopping sites online and make online transactions.
Online Trading7: one of the most popular features of ICICI is their online trading
feature. Their products and services offer the following features:

1. Trading in shares
2. Trade in derivatives
3. Investing in mutual funds
4. IPOs and bonds online
5. Personal finance and portfolio, risk management
6. Customer servicing
Some banks like SBI also offer other features like telephone and SMS alerts.

Mutual Funds Online :-

Mutual funds online are very useful in providing financial assistance and
predictions, offering services like8
1. Funds fact sheet
2. New launches of Public Offerings.
3. Portfolio. Trackers and Fund Monitors

These services are available online and provide useful advice on fund
management and investments.
While online services are useful and easy to handle, they are definitely not risk
free. There are repeated cases of fraud, carding cash, and liquidity risks, etc. which
probably deter many. Again, while these are few online financial services available in
India, they are definitely not exhaustive, as many we still in the pipeline and yet to hit the
market, but the day is not far away!

Online Stock Trading: The High Speed Alternative :-

One can now buy and sell shares online with speeds comparable and at times
better than NSE's NEAT Terminal. This speed and reliability comes only with
perseverance of a pioneer backed by huge investment in technology! Intra-day price
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
alerts that you can set, customize market. watch screen, intra-day tick-by-tick time and
price data with chart, for any number of scripts. Technical experts make live calls, the
news desk supplying you with the fastest information updates. Even if you load CNX 500
with 500 scripts, it will appear with all live prices in a fraction of a second.9

No More Paper Hassles :-

Mutilated certificates, lost certificates, postal delays, and counterfeit shares are a
thing of the past. Enter a world of safe, secure and convenient buying, selling and
transacting without suffering endless paperwork and delays. Convert your securities to
electronic format with the demat account. It is as easy as opening a bank account.10

E-banking for Funds Transfer :-

Buying and selling of shares online can now be done with the help of Internet
Banking". E-banking in India is guided by the Information Technology Act, 2000.
The Act provides legal recognition to electronic records, electronic contracts and
digital signature. Specifically the Act says ―Subject to the provisions of this section, any
subscriber may authenticate an electronic record by affixing his digital signature."

Exercise :
Q.1 what is Digital Payment Requirements?
Q.2 Explain Classification of New Payment Systems.
Q.3 Explain smart card cash payment systems.
Q.4 Explain Properties of Electronic Cash (E-Cash) and how to manage electronic
cheque on internet.
Q.5 How to manage risk in E-payment system
Q.6 explain how u can manage information privacy in e-payments systems.
Q.7 explain how you can manage credit risks in e-payment systems.
Q.8 Explain the characteristics of online payment system?
Q. 9 explain different online payment categories.
Q.10 what is electronic cash? Explain its properties and how it can be used in e-
payment systems.
Q.11 what are the advantages of E-cash.
Q.12 explain different types of electronic money.
Q.13 Discuss about legal issues and operational risks in electronic cash.
Q.14 What are the factors for design of electronic payment system?
Q.15 What is electronic cash? Present the properties of it.
Q.16 Write about credit card based electronic payment systems.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Q.17 Write about debit card based electronic payment systems.
Q.18 Explain about digital token based electronic payment system.
Q.19 Discuss about the risks in electronic payment systems.
Q.20 Explain digital signature. How it can be used to provide security to E-payments
System.
Q.21 The public is highly concerned with the safety of e-payment. What are the
Specific measures put forward in the Guidance in this respect?
Q.22 What is e-payment? Why is orientation and standardization required for e-
Payment businesses?
Q.23 What are the risks involved in Electronic Payment Systems?
Q.24 What are the advantages and disadvantages of a Smart Card?
Q.25 Briefly explain the various electronic payment systems.
Q.26 What are the security requirements for using online e-cash services?
Q.27 Define Digital Token Based E-payment system.
Q.28 What are the different method of Online payment.
Q.29 Illustrate the concept of Digital signature.
OR
Explain the working of digital signature
Q.30 Explain the advantages of Electronic cash.
Q.31 What does the verification require for electronic transaction on the internet?
Q.32 Explain the advantages of digital token based electronic payment system to
Buyer‘s and sellers.
Q.33 Explain the classification of payment system in detail.
Q.34 Explain in detail public key certificates.
Q.35 explain in detail digital wallet.
Q.36 explain in detail web-based money.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

UNIT 5

Customer Relationship Management

Customer Relationship Management (CRM) is defined as the aligning of business
strategy with the corporate culture of the organization, along with customer information
and a supporting information technology of the customer interactions that promote a
mutually management is a business strategy, but it is a business strategy enabled by the
advances in technology. Widespread implementation of customer information. Enterprise
Resource Planning (ERP) systems, sales force automation, and integrated pint-of sale
systems have made customer information readily available in large volumes. Reduced
costs and higher levels of performance for database management platforms allow us to
gain access to this customer information and gain new insights into our customers and
their behavior through a variety of analysis methods. Advances in contact management
technology and supporting infrastructure allow us to take advantage of this information in
increasingly cost-effective and creative ways. Perhaps most significantly, the Internet
provides a completely new way for an enterprise to interact with its customer-the
electronic channel, or the e-channel. With consumers buying everything-from groceries
to automobiles-on the Internet and the businesses beginning of customer interaction are
constantly changing. In the business environment, the focus is being shifted to customer
retention.
The link between customer satisfaction and the return on investment is the profit
for a company, as shown in Figure 5.1

Customer Customer Profit

Customer
commitment retention
satisfaction

Fig.5.1 Customer satisfaction and profit

Customer Relationship Management

Beyond the glamour of developing the e-channel, business is investing heavily to

deploy customer relationship management in traditional channels. In most cases, these
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
capabilities are developed independently, requiring expensive integration later on to
achieve the vision of true customer relationship management on an enterprise-wide scale.
Integration of these resources is one of the key challenges of successful deployment of
CRM across the enterprise- wide scale. Integrations of these resources is one of the key
challenges of successful deployment of CRM across the enterprise. This is because it has
a direct impact on the consistency of the customer experience with the enterprise. So how
does the enterprise integrate systems across functions and channels? It does not happen
by accident, but through provision and planning. All the functions and the channels must
come together to develop an enterprise-wide strategy for CRM. Only then can the
enabling information technology be fully integrated with maximum efficiency and
effectiveness. This technology spreads customer information throughout the enterprise
and it must be based. On unified information architecture.
Independently developed CRM capabilities within the various parts of the
enterprise usually begin based on function-specific short-term needs. Marketing begins to
implement CRM with a variety of products offer combined with integrated suites to plan,
execute, and monitor marketing campaigns and perform database marketing. Lead
management and sales force automation capabilities are deployed to support the field
sales force. Systems that mange the supply chain and product delivery are deployed to
support mass customization and to provide up-to-the minute information about the goods
in transit, to the customer. Field service representatives and contact centers deploy
sophisticated telephony and information systems to provide ongoing customer service
and cross-selling.
These separate capabilities do provide a means to support function-specific and
channel-specific CRM strategies. Business culture can shift from product-focus to
customer-focus. Sales and marketing can focus on retention and increase of share of
customers instead of and up-sell opportunities. However, customer information does not
freely flow across the enterprise. To obtain the vision of customer relationship
management, information must move about freely. This requires integrations.
Only through the integration of marketing, sales, fulfillment and service across
business partnerships, the direct sales force, the telechannel and the e-channel. Is the
vision of customer relationship management realized?Customer information must flow
like water within, around and through these functions and channels to ensure that the
enterprises can build mutually beneficial relationship with the customers, and even
amongst their customers. Everyone in the enterprise participating in the conversation with
the customer needs access to the latest information on the customer‘s profile, behavior,
and expressed needs. Marketing provides the latest promotions and offers for individual
customers, based on their interactions on the website, Products are customized to meet
specific customer needs and customer service is fully done, resulting in increased levels
of customer satisfaction and duty. With an enterprise- wide view of each customer, the
value of each relationship is measurable,and each relationship is managed based on this
value. Every customer touch becomes an opportunity disposal of the enterprise.
Achieving this vision results in unprecedented competitive advantage in some
industries.Or mere survival in other industries.

E-CRM Solutions

E-Customer Relationship Management or E-CRM solutions are especially valuable to

companies that face the following circumstances:
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
1. Business is driven by mission-critical customer service requirements
2. Current costs for CRM run high
3. Large volumes of information is distributed
4. A complete customer care solution is needed.

E-CRM solutions can be deployed and managed to provide increased revenues

and decreased costs for companies while improving customer service. E-CRM goals can
be achieved with Internet business strategies, web-based CRM specification
development, web systems design and project management, interactive interface design
and electronic publishing.
The strategy for E-CRM can be visualized in three stages, as given in Figure 5.2

Stage 3
Stage 2
Stage 1 Customer Loyalty
Customer Value
* Communities
Orientation
Customer information *Learning organization
Environment
* Behavior analysis
*Profitability analysis
* Metrics programmer
* Lifecycle modeling
* Customer
*Tuned marketing
Information
Repository
*Customer profiles
* Transaction and
Behaviors

Fig. 5.2 Strategies of a Customer focused business.

Customer Information Environment

In the first stage, building up of a customer information environment and acting on it

forms the starting point. It consists of Metrics programmers, Customer information
repository, and monitoring customer behaviors.

Customer Value Orientation

In the second stage, operational effectiveness is the focus. Customers want value for their
money. They believe that they have got value, when the perceived benefits they receive
from something exceed the costs of owning it. These components are represented in
Figure 5.3

Customer Loyalty

In the third stage, the focus is on the integration of internal process of the organization
with the customer in creating a community.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Core product and

benefits
Perceived quality

(Obtained)
Customized service
benefits

Perceived value

Price

Perceived sacrifice
(given)
Costs other than
price

Figure 5.3 Perceived value.

Moving costly customer services to the Internet is critical to staying competitive.

Providing customer services to the Internet means a lot more than just having a website.
With users demanding more services via the Internet, leading companies have realized
the importance of their e-services strategies on the Web.
Most companies are focused on today‘s most critical business challenge-
attracting and retaining customers. These companies require customer- directed e-
business solutions and E-CRM to meet those requirements. Companies benefit from huge
cost savingsand increasedwealth Customers benefit from on-demand access to
information, less hassles with better support, and less expensive services.
The strategy of the portals is to become global supermarkets providing everything
for individuals, families and organizations. Their customer base is what stock market
considers to be the most important aasset of these companies. Table 5.1 summarizes the
customer relationship valuations As seen in the table, each customer is worth $4000 for
Amazon. So increasing the number of customer, in itself is an aim of the portal.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 5.1

VALUATION OF COMPANIES BASED ON CUSTOMER BASE

Company name Electronic customer Market Value of each

relationships Capitalization relationship
( In million) (In million) ($)
AOL 50 $ 100 2000
Yahoo! 40 $ 40 1000
Amazon 13 $ 26 4000
eBay 5 $ 20 4000

When Humans Are Not Enough- Or when There Are Not Enough
Of Them

For many e-customers, the Web is like an infinitely large shopping mall they have all to
themselves. Although the absence of long lines at the checkout counter and the freedom
form the difficulty of parking are welcome, the lack of other shoppers and even
salespeople can make them feel lonely. For a Social shopper- a woman who enjoys
shopping with friends- looking for a product on the Web can be similar to going a movie
all alone. Then fun factor is missing, regardless of how great the move is. On the other
hand, if she‘s mission shopper- she enters, extracts the goods, and then makes her exit as
soon as possible-than shopping on a highly structured website can be a welcome respite
from the time-consuming task of searching the malls. In either case, even a potentially
annoying salesperson can be a welcome sight when the woman simply cannot find the
product she is looking for.
These two aspects highlight several important elements in human customer
service interactions. The most obvious is variability. What constitutes a good customer
service in one and individual levels. For example, an individual may have different
expectations of what constitutes a good customer service in the airline, hotel, and
restaurant industries. He probably has specific expectations about his favorite airline or
hotel chain. Furthermore, he no doubt expects different levels of service at each location.
Variability in service can result from a variety of factors. Perhaps the staff in one
location has insufficient training to understand their customer‘s needs. May be, they just
do for three months in the marketplace, making it virtually impossible for a salesperson
to become an expert on a particular product before another replaces it. Clearly, with
some products and services, it is simply absurd to expect a salesperson without extensive
training to become proficient in interfacing with customers in more than a superficially
way.
If someone were to ask the person who manages the customer service division of
a business to name his greatest assets and liabilities, he will say it is the people, it is a
challenge to attract people and keep them attentive and educate them, but it is usually
worth the effort. Good customer service representatives can provide personal, empathetic,
quality, reassuring service, especially when they interact with the customer in person.
Nothing beats an attentive, knowledgeable sales or support person in terms of bonding
customers to a company. Great sales and service representatives create a loyal following
that is often independent of the company they represent.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Although there are situations when only a live customer service representative is
required, this is not always possible. With today‘s busy lifestyle, there is simply not
enough time to have face-to-face interaction. Increasingly, sales and support interactions
occur with the assistance of communications and computer technology, even for costly
items. For Example, when time is a scarce resource and a unstructured conversation can
resolve things in a few seconds, telephone is of great help, especially since it is
universally available.
Against these advantages of personal service sales and service representatives are
expensive from a practical perspective, especially in a 24 hours, 7 days support model. In
addition, there is the aforementioned variability in service, due to dozens of possible
issues, such as a representative‘s disinterest in a particular product because there are
dozens of other products he needs to know about. One of the major limitations of human
customer service representatives is that they normally work with customers on a one-on-
one basis. Scalability, the ability to work with multiple customers at once, is possible in
group presentation situations, but then the personal, one-on-one interaction. Suffers.
There are also errors, of both omission and commission, which can appear in any human-
mediated transaction, regardless of the touch point. This is especially true when the
transaction involves the manual entry of data.
As the effective interaction distance between customer and support staff increases
from personal to phone, to live Web chat, to e-mail interactions, many of the positive
qualities of personal interaction normally ascribed to a good customer service
representative decrease. The potential for using the touch point in an emotionally
intelligent interface diminishes as well. For example, it is much easier to foster an
emotional bond with a customer through personal interaction than through e-mail. In
addition, human- mediated interactions tend to Often; this is simply because someone has
to take time to record the data. Furthermore, it may be impossible for some employees to
fulfill their data- logging requirements because they may lack the education needed to
understand the product or service. For example, a new employee may not be able to
understand the product or service. For example, a new employee may not be able to
differentiate between fabric types, sari styles, or designer labels. Another characteristic of
human customer representatives is that they bring with them a variety of security and
confidentiality issues, from both an employee and a technology perspective. That is the
equipment the support staff uses must be protected from viruses and break-ins, and
employees must be trusted or guarded as well.

How Technology Can Help

Interactive computer and communications technology can assist in the sales and support
process in several ways. Telephone, live chat and e-mail can enhance the effectiveness of
customer service representatives. Computer- mediated e-mail, chat and animated chat can
take over when a human representative is exhausted. They can serve as a filter, answering
all but the most difficult questions for the representatives.

Web technology can also help offload the support issue to customers who enjoy
helping each other on the Web. For example, Lands‘ End adds to the fun of shopping
with its shop with FriendTM option. Two shoppers can browse together and add items to
the same shopping cart. For example, two friends working in different companies can go
shopping during their lunch break, just as though they had met and gone shopping in the
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
same brick-and mortar retail outlet. There is no busy date warehousing or cluster analysis
involved, just a two-way Web chat connection and a slight modification in their shopping
cart model. The customers take care of navigating the Web and helping each other with
product selection.
In a similar vein, several vendors, including Cahoots, Hyper nix, ICQ, My ESP
com, and Third Voice, and Web Side Story, offer live-chat technology to make online
shopping less sterile and more emotionally engaging. Their idea is to create a sense of
Community for a particular website by allowing prospective customers to communicate
with each other at any time, even without knowing each other‘s name.
For example, customers shopping for widgets on a particular website could ask if
other customers had a good or bad experience with widgets purchased there, anyone
visiting that website could respond to the query and discuss the merits and demerits of
those widgets. The goal is to improve upon the Web‘s record of two-thirds cart
abandonment. That is about two- thirds of all shopping carts are abandoned at some point
before final checkout. From the perspective of a website owner and the one paying for the
live-chat capabilities, the danger is that the discussions may become critical and out of
control.
Human-mediated personal contact, phone contact, live web chant, e-mail, and
animated Web chat are representatives of the range of possibilities currently available,
where animated Web chat represents the greatest level of technological involvement.
There are also several technologies on the horizons, such as two-way Web-based video
links, but the realities of current bandwidth limitations of the Internet are holding these
technologies at bay. Also, the value for each characteristic attributed to a touch point
represents a typical case. As with any measurement or estimate, there is variability in the
actual value shown.

Reducing Cost Per Contact:-

One of the effects of adding the appropriate technology to the customer support or sales
mix is that there is often a reduction in the cost per contact, i.e. the money spent to
connect with each customer. The cost per contact tends to be highest for personal. One-
on-one interactions, simply because the representative‘s full attention is necessarily
focused on a single customer. The customer receives the full benefit of the
representative‘s training during the period of contact, as well as many of the resources
that result in direct and indirect costs to the company.
With the addition of phone technology, the support representative is freed
somewhat from dealing with one customer to the exclusion of all others. For example, he
might be on potential customer or client, filing papers, cleaning up his desk, or in some
way contributing to his own and the company‘s future success.
Similarly, live, Web-based that and e-mail have a relatively low cost per contact,
in part because the support representative can multitask. For example, in the case of a
live chat, the representative can communicate with potential customers on the Web in
spurts, and in between sessions, handle other support issues. Furthermore, since e-mail is
normally handled in batches, often with canned responses, a customer service
representative has time between email runs to perform other functions.
Moving from primarily human to computer- mediated interactions, the cost per
contact is potentially even lower. Computer-mediated e-mail is generated by a bot, can
respond to hundreds of e-mails during the time it takes a human to answer one or two.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Similarly, computer- mediated chat, where real-time chat bots help customers, can reply
to hundreds of queries per second. The same rationale holds for animated chat bots that
incorporate emotive animated graphic characters. The marginal cost of handling an
additional customer is an insignificant increase in the server power and Internet
bandwidth requirements.

Decreasing Development Time

Customer representatives are expensive to train, to keep motivated, and to retain,

especially in this state of the economy. Training a representative for a new product or
service may take a few days or up to several weeks, depending on the complexity and the
number of products and services the representative is expected to sell or support.
Development time is the greatest for representatives who work face-to-face and
representatives with fascinating manners, speech, dress, and charisma are hard to find. A
business may be lucky enough to locate a representative who has excellent live chat
skills, but whose squeaky voice may not do in phone support and whose green hair might
not present the image the business is looking for in person-to person sales.
Characteristics of human versus computer-mediated customer service
representatives very over a variety of touch points. This is illustrated in Table 5.2 As you
can find; variability in service is the greatest with personal, one-on-one contact and
telephone service.
With computer-enabled tools, such as liberty of canned phrases, customer service
representatives can be trained to become proficient users of live chat and e-mail even if
they are slow typists. As long as the representative can recognize which phrases or
responses to use in specific circumstances, even minimal keyboard skills will do. E-mail
is one of the most forgiving touch points, since the dialogue does not occur in real time.
A customer service representative has time to refer an unintelligible e-mail to a
supervisor who can then answer it or route it to the appropriate person to handle.
In comparison to training human customer representatives, computer- mediated e-
mail and chat have moderate development times. The likely questions and the
corresponding answers have to be gathered and compiled into a knowledge base. The
normal software development cycle of testing, modifying, and again testing and re-
modifying the code and the knowledge base until everything checks out can take weeks,
even with a simple support problem.

TABLE 5.2

COMPARISON BETWEEN HUMAN AND COMPUTER INTERACTION2

Characteristic Human Computer

Personal Phone Live E- E-mail Chat Anim
chat mail chat
Cost per contact O ∆ * * * * *
Development time O ∆ * * ∆ ∆ O
Emotional bond O ∆ ∆ * * ∆ ∆
Emotive O ∆ ∆ * * ∆ ∆
Empathetic O ∆ ∆ * * * ∆
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Error prone O O O O * * *
Flexibility O O O O ∆ ∆ ∆
Interactivity O O ∆ * * ∆ O
Continuity * * ∆ ∆ ∆ ∆ ∆
Personal O O O O O O O
Personality O ∆ ∆ * * ∆ ∆
Quality O ∆ ∆ ∆ O O O
Reassuring O O ∆ * * ∆ ∆
Reliability ∆ ∆ ∆ ∆ O O O
Responsive ∆ ∆ ∆ * ∆ O O
ROI * ∆ ∆ ∆ O O O
Scalability * * * ∆ O O O
Transference O O * * * * ∆
Variability O O ∆ ∆ * * *

O High∆ Medium* Low

Creating Emotional Bonds

Although the golden standard for creating an emotional bond between the customer and a
company is to have dedicated. Charismatic salesperson or a representative, technology
can be of great help in creating an emotional bond. As illustrated in Table 5.2, personal
contact is capable of creating the most profound emotional bond. Live chat is also
capable of supporting a meaningful dialogue that can help create an emotional bond, but
it is not as powerful as the phone or direct contact. Since e-mail lacks most of the cues
we normally associate with a conversation, such as immediacy, it has the lowest
likelihood of creating a meaningful emotional bond.
Computer-mediated chat and animated chat, when appropriately implemented,
have the best chances of creating an emotional bond with the customer.

Presenting Emotive

Human beings are emotional creatures. We react to not only language and voice
intonation and the subject, but also to dozens of subtle cues, in the form of physical
gestures. For this reason, it can be stated that personal interactions convey the most
emotive content. E-mail has the lowest emotive content capacity, in part because of the
time factor. Both chat and e-mail can enhance the messages with the use of emotive icons
or emotions. Of the computer-mediated options available, animated chat has the greatest
potential for conveying emotive message to a customer.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Displaying Empathy

Great salespeople and customer representatives are sensitive; they can understand the
customer‘s situation or at least give the impression that they do. It is the impression that
matters to customers; they want to feel that they have been listened to. This felling can be
communicated best in person, but to some degree over a phone conversation and to a
lesser extent over a live chat conversation. Because it lacks immediacy, e-mail tends to be
a poor communications conduit for sensitive thoughts and feelings. Computer-mediated
communication, such as e-mail and live chat, do not very well when the goal is to
communicate feelings that may be difficult for a computer to convey. In this regard,
animated chat communications can sometimes convey a sense of understanding, when
used as the touch point.

Reducing Human Error

Humans are simply more error-prone than computers when it comes to manipulating
symbols and values. Assuming there is an accurate customer data to work with;
computer-mediated customer communications can have a much lower error rate than
human-mediated communications in tracking orders, verifying charges, and identifying
repeat customers.

Increasing Flexibility

While computers might excel in flawlessly following human instructions, good customer
service representatives excel in flexibility. Regardless of the touch-point, a good
representative, when properly trained, can help rectify errors or retrieve missing data that
current computer-mediated systems cannot.

Improving Interactivity

Interactivity, the ability of representatives to respond to customer‘s queries in near real-

time, is best in person and over the phone. E-mail interactivity suffers from an inherent
lag from the time a problem statement is made to the response, but the lag time tends to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
be smaller when the e-mail is computer-mediated. Chat, whether live or computer-
mediated, can support a moderate level of interactivity.

Increasing Continuity

From the customer‘s perspective, continuity can be extended with computer-mediated

chat and e-mail. Continuity is important in forming a bond with customers, especially
with personal, and to lesser extent, phone interactions. Computer- mediated
communications can provide infinite continuity. For example, the names used to identify
a chat bot can be held constant, and the appearance of animated figures used in animated
chat communications can remain constant as well.

Adding a Personal Touch

Even human-mediated communications tend to rely on computer-generated or

warehoused customer data to the same extent that computer-mediated communications
do. In other words, most touch-points are already leveraging computer technology to
provide a personal touch.
Communicating Personality touch.

Communicating Personality

Computer hardware, programs and websites, all have personalities, However, just as
personal interactions tend to have a great potential to exhibit personality, animated chat,
where an anthropomorphic figure can communicate with visual cues, text and even voice,
has a much greater chance of communicating personalities to customers. The challenge is
to create personalities that customers can relate to in a positive way.

Increasing Quality

The quality of customer dialogue tends to be highest when it is controlled by a good

salesperson or motivated customer service representative. Phone, live chat, e-mail, and
other touch-points can also be of high quality, but are usually not as high as of a good
salesperson. Computer technology can help with these other touch-points by minimizing
variability and otherwise contributing to quality control. Computer-mediated
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
communications can have consistent, high-quality dialogues with customers, because all
possible responses can be validated before they are presented to customers.

Providing Reassurance
An important aspect of the sales process is reassuring customers that their purchase
decisions are correct, their problems have been solved, and that their products are on the
way. Computer technology can be used for something as ordinary as helping reassure
customers about the status of their order, or as sophisticated as creating a personal profile
of customers and using it to explain why the products they just ordered are in their best
interest.

Increasing Reliability

Humans vary in their reliability from person to person and from day to day. Computers
are reliable machines as long as human-generated viruses to not attack them. A business
can rely on computer mediated communications with customers as long as it has tightly
controlled parameters. In short, computers excel where reliability is an issue.

Improving Responsiveness

Properly trained sales and support staff can do a good job of responding to customer
needs in a timely manner. E-mail has the lowest responsiveness of the human-mediated
communication, simply because of the inherent delays in e-mail communications. By
definition, e-mail carries with it, a perceptible delay that is not noticed or at least is not
significant in a live chat, for example. Because of the rapid 24 X 7 response made
possible by computers, computer-mediated chat and animated chat are potentially much
more responsive that a customer representative or salesperson could be.

Improving Return on Investment (ROI)

Generalizing the Return on Investment (ROI) for a customer representative or computer

technology is complicated. There are always specific circumstances, such as the cost of
money and the specifications of the people or computer technology involved. However,
in today‘s economy, it is generally understood that the turnover is high. This is
especially true in the customer-support area, where temporary and seasonal workers fill a
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
relatively large number of representative jobs. It is because of the variable nature of the
labor supply and the low cost per contact for computer- mediated dialogue, that the ROI
for computer-mediated support of all types is potentially greater than for human-mediated
support.

Increasing Scalability
In general, humans do not scale very well. Most interactions are on a one-on-one basis,
such as personal, phone. And live-chat communications. E-mail is scalable because it
may be handled in batchers, with same generic answer being applied to hundreds of
questions. In contrast, computer-mediated touch points are virtually infinitely scalable,
given an adequate infrastructure, including supporting server hardware.

Controlling Transference

Transference is, ascribing the characteristics of one person to another, often at a

subconscious level. This may be the result of similarities in appearance, style of speech,
or mannerisms and can be a positive or a negative factor in the sales and customer-
relations process. For example, a salesman may subconsciously remind a woman of a
trusted relative, and she will instinctively believe everything he says. Conversely, the
same salesman could remind her of an unscrupulous sales person she dealt with in the
past, and the develops the same negative attitude towards this one. In human-mediated
communications, transference occurs primarily with personal contact, but may also occur
in phone conversations.
Transference can be an asset in computer-mediated interactions. For example, a
business can provide customers with the ability to modify the animation and synthesized
speech to suit their preferences. It could present customers with a menu of animated
figures including male, female, young and old, from which they could choose. In
addition, it could allow customers to specify the speaking style of each figure, from
businesslike to casual. Customers do not generally create figures to learn from or deal
with what they do not relate to positively.

Decreasing Variability

Variability is a characteristic of human-mediated communications that is virtually absent

in properly designed computer-mediated dialogues. This variability may be a nuisance, as
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
for example, if the customer inquires about tax code information. An animated chat bot
may not be as engaging as a human, but a business will know, to what information its
customers are being exposed.

Where Interactive Web Technology Shines

From the above discussion, it is apparent that of the characteristics listed in Table 5.2
web-based customer support has the following advantages.
1. Lower cost per contact
2. An emotional bond with the customer
3. An ability to communicate with more emotive content
4. Fewer errors
5. Greater customer interactivity with a website
6. Improved reliability
7. Greater responsiveness
8. Greater return on investment
9. Improved scalability
10. Less variability in the quality and content of communications.
What really matters is how businesses apply these potential benefits of interactive
technology to their Web presence. If the goal is to create an Emotionally Intelligent
Interface, then a business could use these technologies towards setting the tone of
interaction, involving
Its customers in a mutually beneficial dialogue, and using interactivity to establish a
meaningful relationship
When potential customers visit a website, they should be made to feel
comfortable with the company and confident that it can fill their needs efficiently and
economically. At a brick- and –mortar store, the sales staff and the layout and decoration
of the reception area of the store perform this function. The environment established by
the technologies incorporated in the website can dictate customer‘s responses to the
business, and how long their visit to the website lasts. Creating a welcoming
environment can entail something as simple as creating a panel of potential customer
service representatives and allowing customers to choose which one they would like to
interact with, whether the representatives are real or virtual.

E-CRM Toolkit

An E-CRM ‗toolkit‘ covers a wide diversity of channels (see Figure 5.4) In order to bring
true customer management across online business; one needs the E-CRM Products to
fulfill the following criteria:

E-mail management
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Store front Customer

Services Management
Customer

Content E-marketing

Assisted selling

Fig 5.4 E-CRM Toolkit

Content
Is the system delivering the contents a customer wants to see? How is being managed on
the IT Platform?
Storefront and Merchandising Services
With large numbers of visitors failing to complete transaction at the checkout, it is
needed to ensure that your storefront services propel your customers to the cash point.
E-mail Management
Are e-mail campaigns focused to provide an offer that customer cannot refuse? How are
these tied in with websites so that customers enjoy a seamless experience?
Customer Management
Is the company managing date across all the sales and marketing functions to its best?
E-marketing
How well are e-marketing efforts targeted? How well do they combine with online
selling operation?
Assisted Selling
One needs only to look at the Dell business model to see how assisted selling can
enhance the shopping experience and achieve business success. But what assisted selling
approach will work best for any company?

Typical Business Touch-points

Typical business touch-points from a consumer perspective include: Media-TV, Radio,

Newspaper and flyers; Physical- the physical plant, such as a showroom or retail outlet;
Personal-direct people contact, including salespeople and customer representatives; Mail-
correspondence, bills, and payments through postal service; Phone-telephone
communications with sales, marketing, and customer service representatives; E-mail-
Communications via computer regarding orders and services; and web-information and
ordering through the Web.

Media

Web Physical

Business
E-Mail
Personal
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Mail
Fax

Phone

Fig 5.5 Touch-points for normal CRM.

Figure 5.5 illustrates the state where every touch-point is significant. The arrows therein
indicate the relative significance of each touch-point. For any company, it simply is not
enough to know ―who buys what?‖ order to build a successful, profitable marketing
campaign. It needs to know who its customers are, and how much it should invest on
them. This necessitates the maintenance of a consolidated database. The Components of
the data warehouse can be found in Figure 5.6

Flexible view of the customers

Segments leading to innovation

Consolidated Payment
Database Cash
Bank account
Defaults

Delivery Controlling
TrackingPack Targets
aging Actuals
delivery Revenues
information Costs

Order Inventory
CRM
Entry Items in
Marketing Stock
Order
Campaigns Threshold Procurement
Data
Sales for Suppliers Lead times
Prices
Contacts reordering Costs

Fig. 5.6 Data warehouse architecture.

Converting clicks to customers

To leverage technology and thereby realize the greatest benefit from a web presence, a
business must first know what it is after, in terms of relationship with its customers.
Assuming that the goal is to provide a website with an Emotionally Intelligent Interface,
management also has to appreciate the possibilities within the business resource and
technology constraints. Note that the technologies with the greatest degree of interactivity
provide the greatest potential for a sale. A business needs to pull everything together in a
way that harmonizes with its customers; the business should use the technology at its
disposal so that the odds of creating a loyal customer following are maximized.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Managing Customer Value Orientation and Life Cycle

The CRM industry has matured rapidly over the past few years. Contact managers have
evolved into full-function sales force automation systems. CRM front-office suites now
support marketing, sales and service. Integration between CRM systems and enterprise
resource planning (ERP) systems is becoming more common. If not commonplace.
The E-CRM market is new and rapidly evolving. Implementing CRM for
traditional front-office marketing. A sales and service operation is becoming the top
priority for most companies. That prospect has been challenging enough, being
formidable to the new touch-point such as the Web. Integration is still the key. Online or
offline, client/server technology is still a major factor. Anyone who has implemented
client/server applications between the various contact centers and touch points within an
enterprise can afford the complexity and the cost involved in them. In short, CRM is a
square peg and e-business is a round hole. However, everything is changing with the
introduction of new, Web-based CRM solutions.
To help organize the chaos, E-CRM solutions can be grouped into two categories
Web-based solutions and Web-extended solutions.
The Web-based CRM solutions are designed from the bottom up, exclusively for
the Internet. These are very innovative products, initially focused on the sales (e-
commerce) function, more marketing and service capabilities will be soon added.
Web-extended CRM solutions are established (primarily client/server-based)
CRM suites, originally designed for enterprise users with extensions, to include web-
interface functions. There are three phases of CRM:

1. Acquisition
2. Enhancement
3. Retention
Each has a different impact on the customer relationship, and each cans more
olooelytie a company with its customer‘s life.

Acquisition
You acquire new customers by promoting product/service leadership that pushes
performance boundaries with respect to convenience and innovation. The value
proposition to the customer is the offer of a superior product backed by excellent service.

Enhancement
You enhance the relationship by encouraging excellence in cross-selling. This deepens
the relationship. The value proposition to the customer is an advantage with greater
convenience at low cost (one-stop shopping).

Retention

Retaining profitable customers for life should be the aim. Retention focuses on service
adaptability, i.e. it delivers not what the market wants, but what the customers want. The
value proposition to the customer enhances a proactive relationship that works well with
the best interest of the customers. Today, leading companies focus on retention of
existing customers much more than on attracting new customers. The reason behind this
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
strategy is simple: If you want to make money hold on to your good customers. But do
not be fooled: it is not as easy as it seems.
All the phases of CRM are interrelated as shown in Figure 5.7 However,
performing the tasks well in all the three phases is a difficult proposition even for the best
of companies. Companies often have to choose which one on these dimensions will be
their primary focus.

Acquisition

Innovation

Convenience

Enhancement

Reduce Cost

Products
Listening New

Retention
Customer Service

Customer Service

Fig 5.7 Thethree phases of CRM3

The Customer Retention Goal

Attracting and retaining customers has rapidly emerged to be the most mission-critical
function of leading businesses. Everything (Products, services, pricing, and the like) is a
commodity. Customer retention has replaced cost-effectiveness and cost- competitiveness
as the greatest concern of business executives today. It costs five to ten times more to get
new customers than to retain the existing ones. It is going to involve more efforts than
web interactions to keep the customer brand-loyal.

The Power Shift

Give customers what they want. This can be a challenge, or it can be an opportunity. The
same technology that has made it more difficult can also make it easier. Customers are
more important than business people. Companies need to do business with customers in
their own way. The key is integration of the various points of customer contact, including
Web, contact centers, wireless (field) and others. All customer interactions must be
consistent, with clear value delivered to the customer and the company.
E-CRM is not the single answer to attracting and retaining customers, nor is e-
customers the only valuable customers. Indeed, Internet is not the only point of contact
with the customers, nor are the other digital.
Customers should not be segmented, based on the assumption that they will
predominantly choose one point of contact with business. More likely, customers will
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
have multiple points of contact, including our website, contact centre, sales and field
service representatives. They expect a consistent experience from point to point. They
expect the company to be easy to do business with.
Very soon, the ―e‖ fancy will subside. Executives in every industry will recognize
that the next major phase of the Web phenomenon is actually integration with other
points of contact. Blended media is the true killer solution for business.
In the past, if marketers wanted to incorporate technology into their environment,
they often looked outside the enterprise for help. Sales frequently outsourced lead
management separated from each other and the enterprise. There were a number of
reasons for this, such as the following:
1. Their internal IT department did not understand what was needed.
2. The IT department had other priorities and would take too long to develop the
needed technology.
3. The functional areas did not trust their own internal data, believing it to be of
too poor a quality to be useful.
4. The business people did not understand the technology, and so could not
explain what was needed, technologically, to their IT personnel.
To support the transition of the enterprise from a customer focused approach to
doing business, individuals throughout the enterprise must have access to a set of
capabilities necessary to plan and manage customer interactions or customer touches.
These capabilities can be categorized in two ways.
1. Operational, Tactical, or Strategic capabilities to the enterprise.
2. Acquisition, Retention, and Expansion of a Customer Relationship
These two categories represent the business perspective of the capabilities and
how they relate to the customer. However, it is probably more useful to look at
capabilities from the customer‘s perspective. After all, the purpose of these capabilities is
to gather customer information and use this information to modify customer behavior in a
mutually beneficial way. To look at these capabilities from the perspective of the
customer, it is necessary to way. To look at these capabilities from the perspective of the
customer, it is necessary to realize how the customer interacts with the enterprise over
time, as the enterprise:

1. Acquires the initial customer relationship

2. Works to earn the customer‘s persisting loyalty; and
3. Expands the relationship to gain a greater share of each customers purchasing
potential.

These activities represent a cyclic process of interactions between each customer

and the enterprise, represented as the Customer Life Cycle (CLC). Using CLC as a tool,
we can see how CRM capabilities affect customer interactions at various points in the life
cycle. Figure 5.8 explains the concept.

CRM Capabilities and the Customer Life Cycle

Customer acquisition consists of the business processes in the CLC leading up to

the customer moment, when consumers become customers... Or not. This includes
awareness generation knowledge transfer, consideration, pre-sales, and evaluation.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Capabilities include consumer surveys in business operations, tracking enterprise-wide
customer interactions in business management, and market basket analysis in business
intelligence.

Global Marketplace

Acquisitio
n

Attrition
Consumers
Evaluatio
Prospective n
Customers

Retention

Service

Fig. 5.8 Customer life cycle.

CRM Capabilities and the Customer Life Cycle

Customer acquisition consists of the business processes in the CLC leading up to the
customer moment, when consumers become customers...Or not. This includes awareness
generation knowledge transfer, consideration, pre-sales, and evaluation. Capabilities
include consumer surveys in business operations, tracking enterprise-wide customer
interactions in business management, and market basket analysis in business intelligence.
The enterprise clearly requires customer acquisition to maintain and expand revenues and
profits. A business without new customer acquisition will shrink and eventually fail. But
compared to customer retention and expanding ―share of customer‖ customer acquisition
can be expensive.
Expanding the ―share of customer‖ is gaining the largest portion of acquisitions
made by each individual customer in the global marketplace. The proportion of a
customer‘s money that goes to a particular enterprise is known as the share of customer.
Example capabilities include delivery of new information to customer through business
operations management capabilities, and identifying cross-sell opportunities through
business intelligence additional sales without the cost of acquiring a new customer.
However, expanding the share of customer is as valuable as customer retention. Most
companies find that their most profitable customers are the ones that spend the largest
percentages of their budgets with the enterprise. For example, one bank recently
indentified that every one of their most profitable customers (the top 20 per cent) gave
their business to the bank. What is new is the customer-centered nature of applications,
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
which means organizing CRM processes around the customer rather than marketing,
sales, or any other internal function. Measurements and feedback from the customer
enable improvements in the CRM process. The customer‘s viewpoint becomes an integral
part of the process, allowing it to change with the customer‘s needs. In other words,
companies base their actions not on the priorities of functional fiefdoms, but on the
overall corporate objective of providing customer satisfactions.
However, before aggressively deploying CRM applications (see Figure 5.09),
managers might have to restructure customer-interaction processes. Functional and
organizational structures tend to compartmentalize the various activities that go into
serving the customer. Such fragmentation prevents customer information from being
dispersed far enough within the organization to be useful; in fact, it often stands in the
way of efforts to build a relationship. As a result, customized service is difficult and
consequently. Organizations tend to treat all customers the same – a damning impediment
to building closer relationships.
To counter fragmentation, leading-edge companies strive to take a more customer
centered approach to CRM. There is a growing trend towards managing all the activities
that identify, attract, and retain customers in an integrated fashion that is, managing them
as a CRM processes, organizations can create end-to-end communications and
performance accountability for entire sets of activities. In short, a CRM infrastructure is
really a portfolio of process competencies.

Customer
Life cycle Acquire Enhance Retain

Direct marketing

Cross-sell and Up-sell

Partial
Functional Proactive service
Solutions
Customer support

Sales force automation

Fig. 5.09Integrated CRM applications.

CRM capabilities supported by business operations Include:

 Consumer surveys and focus groups

 Delivering information to consumers
 Tracking promotional materials
 Tracking samples
 Managing coupons
 Managing the point of sale
 Billing
 Invoicing
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Fulfilling orders
 Mass customizing products and service
CRM capabilities supported by Business Management Include:

 Managing customer touches

 Managing marketing campaigns
 Monitoring marketing campaign performance
 Managing inventory levels
 Driving mass customization
 Managing cross-sell and up-sell Opportunities
 Customizing marketing channels, such as the Web
 Personalizing communications
 Driving contact centre scripts
 Capturing key performance metrics

CRM capabilities supported by Business Intelligence include:

 Click stream analysis

 Market basket analysis
 Customer segmentation
 Cross-selling analysis
 Lifetime customer Value (LTV) analysis
 Dimensional ―What if‖ analysis
 Customer profiling
 Cluster analysis
 Factor analysis
 Conjoint analysis
 Discriminant analysis
 Pricing analysis
 Market channel profiling

Each of these capabilities can play a key role in the interaction of the enterprise and the
customer. Functions of business operations include some capabilities that are not always
associated with CRM, such as billing. But a bill is a regular, predictable customer touch.
Why not include a cross-sell offer or product coupon with the bill? Many companies now
to this, requiring coordination of billing with CRM capabilities. After all, a consumer
who often moves an unsolicited mail directly from the mailbox nearly always opens a
bill.

Privacy Issues and CRM

The most sensitive aspect of customer relations is privacy. All of us have boundaries, and
don‘t trust people who become too familiar too soon.
From the business perspective, ubiquitous data and information that flow
seamlessly from one touch point to another represents a kind of selflessness, regardless of
the business from one touch point to another represents a kind of selflessness, regardless
of the business model. The goal of every service-conscious business is to understand not
only all customers, but their circumstances as well, and this requires information. In
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
addition to the obvious business opportunities, there are numerous consumer benefits for
ready access to personal information, no matter where the location is.
Paradoxically, Internet initially gave the illusion of privacy and anonymity.
People could voice their opinions on any subject, view pornography, and read any topic
they wanted, without disclosing their identity. However, it was a very short, temporary
illusion. In the workplace, e-mails as well as the employees activities on the Web are
often monitored.
There is currently a hot debate over the rights of companies to create dossiers on
consumers without their knowledge and then sell the information to third parties. Other
companies such as America Online, which have much more consumer information at
their fingertips, have maintained a low profile, America Online, for example, maintains
information on 21 million subscribers, including demographics, credit card numbers, and
their whereabouts. Although America Online is not currently in the business of selling
consumer data, it sells names and addresses to bulk mailers, and buys information about
subscribers for targeted advertisements. Some service providers intentionally track
subscriber movements with subscribers‘ knowledge, and sell the information to third
parties. Subscribers are given free Internet access and extensive personal profiles.
Tracking consumer –purchasing patterns is not always used with the consumer‘s
best interest in mind. For example, personal tracking data are often used in yield
management, a technique designed to maximize reverence and profitability. The idea is
that some customers are more profitable than others, especially those placing orders with
short lead times. Since suppliers can charge higher prices for orders with short lead times,
they reserve capacity for such orders and turn down less profitable, long-range orders. As
customers are ranked in terms of profitability and system compatibility, less-profitable
customers are deleted from the list and their orders declined. For example, a company
may not be able to purchase hotel rooms in bulk for conferences, unless its conferences
are to certain minimum size. This mechanism is great for businesses. But may not be
appreciated by some customers.
It is now clear that customer relations re based on a timeless, technology-
independent, triad-service, trust, and loyalty. Customers have to trust, and loyalty.
Customers have to trust that a business is working with their best interests in mind.
Without trust. Which is a major contributor to the emotional bond between a business and
its customers, there can be no relationship. Furthermore, even the best intentions are
worthless without action. A business must repeatedly provide a valuable, consistent
service to prove its customers that the company stands behind its marketing rhetoric. If a
business provides its customers with a valuable service and develops a trusting
relationship, the business can do all it can to galvanize a loyal customer following.

Data Mining in CRM

Over the past few decades, there has been a constant shift in the way the companies react
with their customers. Companies have found that they need to know the customers
better. And for that they need to quickly respond to their needs and wants. It is no longer
possible to wait until the signs of customer dissatisfaction are obvious, before taking
action. To succeed, companies must be proactive and anticipate what a customer desires.
This has made the companies to invest heavily into CRM.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
To be successful, database marketers must firs identify market segments
containing customers or prospects with high-profit potential. They then build and execute
campaigns that favorably impact the behavior of these individuals.
The first task, i.e. identifying market segments, requires significant data about
prospective customers and their buying behaviors. In practice, massive data stores often
impede marketers, who struggle to sift through the minutiae to find the nuggets of
valuable information. Data mining applications automate the process of searching the
mountains of data to find patterns that are good predictors of purchasing behaviors.
After mining the data, marketers must feed the results into campaign management
software that, as the name implies, manages the campaign directed at the defined market
segments. In the past, the link between data mining and campaign management software
was mostly manual. Successful companies need to react to each and every one of these
demands in a timely fashion. The market will not wait for your response, and customers
that you have today could vanish tomorrow. Interacting with your customers is also not
as simple as it has been in the past. Customers and prospective customers is also not as
simple as it has been in the past. Customers and prospective customers want to interact
on their terms,

1. Do we know and understand our supply chain priorities.

2. How should we structure Web-enabled linkages with our customers and suppliers
for
a. Pre-eminent supply chain performance?
3. What e-supply chain approaches can we appropriately invest in for near and
longer term business performance gains?
4. Do we have an executive-level champion providing the necessary linkage to to
management for effective implementation of e-supply chain management?
5. Have we carefully defined an action plan for pre-implementation preparation
activities?
6. What are the missing technical links in our current system or our choice of
software?
7. What planning and implementation tasks will be accomplished and when?
8. Do we understand the real benefits of an e-supply chain versus the cost to
develop?
9. What e-supply chain strategy will give us the leverage to transform ourselves into
marketplace leaders?

Undoubtedly, spending time in the upfront strategy development to improve

order-to-
Delivery cycle and supply chain management will pay big dividends. The hard part is the
prerequisite tasks of discovering and thinking through supply chain opportunities and
then developing a strategy and plan for an e-supply chain that will improve a company‘s
performance more than its competitors. But without an e-supply chain roadmap, the
direction taken may not take the company to its desired destination. The biggest loss of
missing the target can never be regained. It is essential to do it right the first time.
In these days of ERP, information technology and other high-tech systems, the
tips presented here may seem too simple. These things are simpler to talk about than to
actually execute. But put into effect, their pay off can be tremendous.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

E-logistics of UPS

United Parcel Service has introduced UPS e-logistics, a provider of integrated, end-to-
end supply chain management packages for e-business. UPS e-logistics is marrying the
expertise of its partners Oracle, Price Waterhouse Coopers and EXE Technologies with
its global fulfillment and distribution network, information technology infrastructure and
logistics expertise of the UPS Logistics Group, to offer a complete range of services
tomanage the back-end of the e-business supply chain.
The company‘s services include warehousing and inventory management, order
fulfillment, inbound and outbound transportation, returns management, customer call
centre and management reporting. UPS e-logistics said that the pre-built services are
standardized, can be bundled and configured, and are scalable for future growth.
UPS e-logistics serve both business-to-business and business-to-consumer-
commerce clients, ranging from e-business start-ups to the dot-com divisions of
established corporations. Nearly a year in the marking, it is the first business to be
lunched by the UPS e-ventures incubator.
Partners Price Waterhouse Coopers provides over all systems integration
consulting and project management services; software maker Oracle Corp. offers full
enterprise resource planning with integral order management and advanced planning and
scheduling functionality EXE Technologies, a leading provider of multi-channel
fulfillment, warehouse and distribution software, provides warehouse management
systems at all ups e-logistics distribution centers. United Parcel Service is extending its
reach to services traditionally performed by distributors and integrators: logistics
fulfillment, call centre support and website development and implementation. And the
delivery giant‘s move could pave the way for other carriers, such as Federal Express,
DHL and Airborne Express, to enter or boost their presence in this space down the road.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Question Bank

Q1 Explain E-CRM Solution.

Q2 How technology can help in E-CRM?
Q3Explain typical businesses touch points.
Q4Explain Customer relation goal.
Q5 Explain integrated CRM application.
Q6 once a company has acquired customer the key to maximize revenue is keeping
Them. Explain how e-commerce is helpful in customer relation.
Q7 Discuss about how search engine can be used to reach the customer.
Q8 what is E-Branding? Why it is popular in recent years.
Q9 Write a short note on E-CRM toolkit OR Define purpose of E-CRM toolkit.
Q 10 What is Data Mining. How it is useful in CRM.
Q11 Explain Challenges or Privacy issues in E-CRM.
Q12 Explain Customer life cycle in E-CRM.
Q13 Define CRM capabilities in business point of view.
Q14 Explain E-CRM solution.
Q15 Write a short note on: converting clicks to customers.
OR
How you can use clicks as a business touch point to increase customers
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Unit 6

E-Supply Chain Management

Supply Chain Management- It Is All About Fulfilling Customers‘ Needs

Supply Chain Management covers all aspects of a business. From the stage of raw
material to the end user, each and every aspect of the cycle is covered by the management
system be it sourcing product design, production planning, order processing, inventory
management, transportation and warehousing, and customer service. This complex
sequence of steps used to be very difficult to manage efficiently and in the days when
organizations have to fight hard to maintain their bottom-line, optimizing these steps
become a necessity.
While you enter a store to buy a certain material, just try to imagine the sequence
of steps that had brought the material where you see it. On the material, you will find a
price tag with all the details of its date of manufacture, date of expiry, lot number, etc.
The shop that you have entered has carefully placed it on the shelf after procuring it from
a distributor and noting all these details for billing and tracking future complaints. The
store also maintains an inventory of this material and hundreds of similar materials that
are available in the store and along with this a minimum stock level and a reorder level.
This product, like all other products in the store, has been sourced from a distributor who
sourced it from the manufacturer. The manufacturer had procured the raw materials
required for the production from one or many of his suppliers. A third-party transport and
warehousing infrastructure was utilized to ship the material from the manufacturer to the
distributor and from the distributor to the store that you have just entered.
After your purchase is complete, the point-of sale updates this information at
various places-the stock level comes down and revenue increase. The information of
decrease in stock level should reach the distributor who has to refill the stock before it
becomes zero and the distributor is also to be paid his due amount. This chain is again
pushed backwards to the lowest level of the supplier who has to supply the material in
time. So, there is a constant flow of money and material between these establishments in
order to satisfy the needs of the customer.
The Supply chain Management manages the flow between different stages to
maximize productivity and minimize stock-outs or overstocking. The solution spans
across the different companies involved, and the system used by these companies should
be able to talk to each other and understand each other‘s requirement. An SCM system is
a combination of many applications- demand, inventory and transportation planning –
covering the stages of the supply chain. The increase in product variety and demand for
customized products increases demand

Smart Chains, Smarter gains

An efficient supply chain management can bring down the prices of seller by as high as
40 per cent. This is not with the help of a budget sop, but by reducing average inventory
levels, lowering transport costs, lowering warehousing costs, lowering warehousing
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
costs-among others. Children will be excited on having Maggi at Rs. 6 against the
prevalent price of Rs. 10.
Industry estimates show that a company spends between 17 per cent and 50 per
cent of the price for just moving the goods from their manufacturing plant to shop
shelves. This includes the margin of the retailer and of the distributors. Most of it is taken
up by logistics and holding inventory and these costs can be controlled, optimized and
reduced, thus reducing price or increasing profit.
Now if we can practically apply this model on a Rs. 50,000 crores FMCG
company with thousands of wholesalers and retailers, the result will be mined
disorganized. This will not only give the company a cost benefit but will also result in
improved customer service levels, improved competitiveness and an overall gain in
profitability for the organization.
Managing logistics is a nightmare for all company executives in the sales and
purchase departments. Handling logistics not only adds cost to the business but also
increase the number of business processes and involves lot of resources. The logistics
chain starts from the supplier end, continues to the customer end involving members in
surface, air, sea express, couriers, brokers, customs, excise, etc. This is for the sales part.
Later it will also include similar contacts for the after sales support, repair and
maintenance. Many of the companies cannot take up this load and outsource these
activities to experts, and many companies manage this efficiently and make huge profits.
Technology in logistics has been advancing in three phases. The first phase is to
monitor the logistics chain. Herein, technology helps companies monitor orders,
inventory and shipments with all parties. Since logistics is a business a process at the
most basic level. It is used to automate the process to gain visibility. This is primarily
done through enterprise-wide software developed in-house or procured from the solutions
already available. Companies like Blue Dart, an integrated air express carrier, use an in-
house developed package called COSMAT-II (Computerized Online System for
Monitoring and Tracking) They started using this software way back in 1989 when very
few standard solutions were available, and have improved it all through these years with
changing needs of business.
Gati, another Indian pioneer multimodal express cargo company, also uses an in-
house system that links their various processes in the logistics chain. Over the years, they
have included features like vehicle monitoring system, web enabled access to various
applications etc., and TheLemur group has further included warehousing, transportation
and distribution system with full visibility of the processes. They found it very useful as
they could adapt to any internal or external changes or requirements within hours.
Wal-Mart, starting with P&G has incorporated vendor-managed inventory,
category management, and other inter-company innovations. In order to build this strong
SCM infrastructure, Wal-Mart entered into an alliance with P&G and in return got a
dedicated account team representing key P&G functions of sales/marketing, distribution /
supply chain management, IT and Finance. P&G had one Vice President dedicated for
this project, who made the CFO of Wal-Mart as his customer. Customer value
maximization was their only drive. Over the past decade, Wal-Mart has invited more of
its major suppliers to jointly develop powerful supply chain partnerships. These are
designed to increase product flow efficiency and, consequently, Wal-Mart‘s profitability.
Top managers have learned how to integrate their supply chains with major
customers like Wal-Mart. What most companies have not sorted through, however, is
what to do with all of their other customers. A common answer to the question of how to
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
structure relationships with other customers is to try to apply the Wal-Mart relationship to
all customers. This approach is implicit in commonly shown Power Point slides that
offer a view of a company‘s evolving supply chain role. In one version of this view, the
company starts as a stable supplier, evolves into a reactive supplier, then an efficient
reactive supplier, then an efficient proactive supplier, and finally becomes a revenue and
margin driver. This seems logical, with the company‘s supply chain capabilities
inexorable increasing in experienced over time, enabling the company to develop even
more effective integration with its customers.
The problem, however, is that developing Wal-Mart-like supply chain
partnerships requires a lot of resources and management attention. It also requires
willing, innovative partners. Pursuing this approach too widely would be both costly and
stuffy. In the past, Suppliers to the retail trade typically had rather monolithic supply
chains. The order fulfillment process was designed with a ―one size fits all‖ approach.
Customer generally received the same list price, regardless of ordering efficiency. There
was very little effective forecasting. Some inventory priority was given to major
customers in the event of allocations. Products were delivered in the manner that
customers requested, regardless of the inefficiency entailed.
But today, the retailers themselves are changing dramatically. There is very
visible consolidation, with the top ten retailers expected to comprise about half of the
industry‘s revenues in a few years. Retailers have very different degrees of willingness
to innovate, and the innovators are growing fast. Most retailers were used to having
significant buyer power, and many are still very focused on exerting price pressure on
their suppliers rather than seeking increased profitability through process innovations. At
the same time, the leading retailers are consolidating their supplier bases they are looking
more to major suppliers for supply chain innovations and prioritization, and in return,
they are giving them increasing shelf space.
As a result of this history, major retail suppliers find themselves stretched. They
are forced to meet the increasing needs of their largest customers while they are forced to
meet the increasing needs of their largest customers while they are devoting
disproportionate resources to their smaller customers. This untenable situation is forcing
major suppliers to rethink their account relationships and extended supply chains. The
key to providing excellent, consistent service at a reasonable cost is service
differentiation. This concept can be adapted to guide the development of an appropriate
set of broader supply chain policies. It is essential for successful profitability
management, because it enables a supplier to match its cost structure and innovation
initiatives to account potential. Service differentiation is also goodfor the customers. It
enables them to plan their operations around a very high and consistent level of service.
However, it does require that customers establish well-disciplined operations, as the
supplier should adhere to a specific set of agreed-upon processes.

What Happens at Dell?

An outstanding example of e-supply chain is the one in force at Dell Computers, the Us-
based PC manufacture. The company publicizes its products through the Internet. Any
customer can order a PC of a configuration of his choice and pay for it online, using his
credit card. Once the order is registered, the e-supply chain takes control of the
execution. The system triggers three actions simultaneously- one to Dell‘s suppliers in
Taiwan for providing parts, second to its assembly shop in Singapore, and third to its
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
courier company, with all the data being transferred through the extranet. The intranet
takes care of internal transactions relating to realization of collections from customers
and effecting payments to the suppliers/service providers. Dell‘s success lies in reducing
costs and improving customer satisfaction. Figures 6.5 and 6.6 explain how the model for
supply chain operates.

Manufacture

Distributor Distributor

Customer Reseller

Customer

Fig. 6.5 industry model for supply chain

Manufacture

Customer

Fig. 6.6 Dell model for supply chain management

Every company aims at reducing costs and cycle time and increasing revenue. E-supply
chain supports these objectives. Companies find that enterprise integration leads to a new
level of relationship, be it with its customers or suppliers. Customers can quite literally
check the status of their orders, and suppliers can gain access to inventory levels to find
out whether they need to replenish stock, all through the extranet. The benefits of reduced
cycle time provide measurable competitive advantage in terms of both cost and
performance. When we speak of cycle time, we refer to the time it takes to react to a new
demand from the customers. The faster we move a critical data through the Internet, the
quicker we can react and deliver the end product to the customer. This leads to enhanced
customer satisfaction and promotes revenue growth.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Seven Ways to Reduce Inventory
How much inventory does he need to run a business effectively, is a perpetual concern of
every manager. If he has too much, he may find himself confronted with cash-flow
problems; if too little, he runs the risk of customers accusing him of poor service. So
what is the way out? Here are seven tips that can help him strike the right balance.
1. Improve data accuracy. Introduce a well-designed cycle counting system. It will
help you know how much of inventory to have and where you are. A well-
designed and implemented cycle counting system pays for itself within a short
time.

2. Cut your lead-time. If lead-time is long, you cannot but have more inventories in
your system. Think of a ‗rush‘ order in one week for a valued customer. The
rush order does not wait in the long queue of WIP (Work-in Progress) inventory
for something to happen.

3. Increase the velocity of your operation. The amount of inventory you have has
a lot to do with how fast you can replace it. If for instance, you can replace the
same item in one day, a two-day supply will be more than enough to fill any order
and, a stock out- if it occurs-will be for only one day. Not until the next batch is
produced. On the other hand, if it takes six weeks to replace an item, you will
need to re-order with at least six weeks (plus safety stock and Just in Case
inventory) supply or be at the risk of a stock out.

4. Eliminatemisalignment from your process. It is not unusual for companies to

buy raw material in thousands, produce product in hundreds, and sell in units.
The result is the piling up of inventory that runs the risk of slow movement,
outdate and damage, and tie up of valuable cash. ‗Just in time‘ techniques are
aimed at eliminating such misalignments.

5. Clean your attic. There are companies, which carry an item that typically may
be ordered once a year, if at all. Some companies may keep an item in the fond
hope that someone will buy it someday or other, or hold on to an item because too
most of money was spent on it. The answer to all this is simple, donate or his
sale.

6. Eliminate variation. Erratic vendors may have product quality related problems
to the shop floor, which can cause unnecessary inventory to pile up. The typical
was of dealing with such situations is to order early, order more than needed, a
increase safety stocks throughout the system.

7. Replenish based on market demand. Forecasts may seem advantageous but it

may be remembered that many are no more than informed guesses. Using market
demand as reference for replenishing finished goods is a better approach to keep
your inventory level aligned with what customers are actually buying.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

E-SCM Provides ―Real-time‖ Benefits

E-SCM is being transformed by the rapid growth of Internet-based communications; the
movement to Internet- based communications represents a paradigm shift from the client
server model. The power of Web-based applications is their ability to allow people
communicate mission-critical, real-time information anywhere in the world instaneousl
This migration has precipitated the widespread adoption of Internet software application
utilizing the latest technology to fulfill these new and complex communication needs.
These applications emerge, their immediate and measurable benefit make them essential
business tools. With the increasingly competitive business landscape, it has become a
strategy necessity to optimize a company‘s supply chain in a fashion that leverages the
potential of the Internet. Some of these are:
 Global trading capabilities
 Mass personalization and customization
 Global knowledge exchange
 Global communities
 Collaborative workflow
 Industry specific (vertical) marketplaces
 Horizontal marketplaces
 Enterprise- to Enterprise connectivity
 E-marketplace-to-E-marketplace connectivity

E-SCM-The Strategic Advantage

Repaid Deployment and Scalability
The E-SCM suite of applications is based on an ―open‖ Internet Application Architecture
them to provide enterprise-wide scalability and rapid deployment to numerous end-users.
Real-Time Processing
E-SCM creates an open, integrated system that addresses the complex e-business and
supply chain management needs and requirements by allowing the exchange of ―real-
time‘ information to take place with employees and their trading partners (customers,
suppliers, distributors, manufacturers) regarding product configuration order status,
pricing, and inventory availability. Such function improves order accuracy and provides
100 per cent order fulfillment through accurate inventory information.
Return on Investment
In addition to increasing productivity and reducing overall operating expenses, e-SCM
maximizes selling opportunities by capturing valuable customer information-buying
patterns, frequency of visits, preferences, order history-and then uses this information for
up-selling, cross-selling and promotional opportunities, E-SCM provides the tool sets to
achieve new business by reaching out to customers that you never could before.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Benefits
Some of the benefits of e-SCM are enumerated below:
1. It is web-based (client and server) not Web-enabled :
2. It incorporates broadcast and active messaging to proactively notify an individual
of a condition that requires attention :
3. It supports the exchange of ―real-time‖ information through trading communities
such as employees, customers, suppliers, distributors and manufacturers;
4. It has open Internet Application Architecture which allows for rapid deployment
and scalability, combining unlimited internal/ external users in a ‗real-time‘
environment;
5. It has an interface capability with any third party software:
6. It is platform independent;
7. It is a fully integrated system;
8. It has web visibility and processing capability -24x7;
9. It is rules-based.

E-Supply Chain Components1

The components of e-supply chain are as follows;
Advanced Scheduling and Manufacturing Planning Programme
This automated programmer provides detailed coordination of all manufacturing and
supply efforts based on individual customer orders. Scheduling is based on real-time
analystchanging strains throughout the process, from equipment malfunctioning to supply
interruptions. Scheduling creates job schedules for managing the manufacturing process
as well as logistics.

Demand Forecasting Programme

This module supports a range of statistical tools and business forecasting techniques. It
constantly takes into account changing market scenarios and economic factors while
making decisions.

Transportation Logistics Programme

This programme facilitates resource allocation and execution to ensure that materials and
finished goods are delivered at the right time and at the right place, according to the
planning schedule , at minimal cost. It considers such variables as transportation mode
and availability of each mode such as airlines, trains, and trucks.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Distribution Planning Programme

This is integrated with demand forecasting, manufacturing schedules and transportation

logistics to teach the customer.

Order Commitment

Order commitment is linked to all the other modules so that accurate delivery of goods
and services can be guaranteed. These are illustrated in Figure 6.7

Advanced scheduling

Order Demand
Commitment Customer Order forecasting

Distribution Transportation
Planning logistics

Fig.6.7 E-SCM Components

p
E-supply Chain Architecture2
Historically, the elements in the supply chain have consisted largely of separate legacy
applications at the headquarters, factory, store and distribution levels. These applications
have targeted only distinct levels of supply chain and not the entire supply chain levels.
So this three- tier architecture as found in Figure 6.8 shows a bottom-up view of the
entire supply chain management.
Complete
Order life Commit Schedule Make Deliver
Cycle

Partial Order Commitment Demand Forecasting Advanced Scheduling

Functional
Solutions Transportation Distribution

Complete
Integrated Integrated E-SCM Application
Solution

Fig. 6.8 E- supply chain architecture

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
For food and other quick-turnaround businesses. As their time quotas shrink,
customers look for companies that serve them fast. The message to the marketplace is
clear; to succeed, companies must reduce the processing time between search, selection,
order entry, and order fulfillment. Delays at any step of the process are unacceptable!

Major Trends in E-SCM

What does e-SCM trend mean for e-business? When one considers the challenge of
meeting the demands of busy, time-starved, dissatisfied consumers in an environment of
hostile competition, low margins and countless sales outlets selling similar products, it
becomes clear that changing the entire business model is the only plausible strategy (see
Table 6.1). E-business applications must cut the time customers wait for service.
Customers now penalize companies that infringe on their time through delays, mistakes,
or inconveniences. If companies do not dispatch processes, customers will go to
someone who does it faster. It is very important that managers understand and diagnose
the cause behind service delays. They need to analyze if an integrated system can speed-
up service. If so, they need to strategize, design and implement such systems as soon as
possible. Unfortunately for some

TABLE 6.1
MAJOR TRENDS IN E-SCM

Trends Characteristics
Consumer trends Speed of service
Self-service.
Integrated solutions, not piecemeal products.

Service/ Process trends Convergence of sales and services; Customization and integration
Ease of use: Making service consistent and reliable
Flexible and convenient service delivery.
Streamlining the supply chain

Organizational trends Contract manufacturing: Becoming brand-intensive, not capital-

intensive
Business process outsourcing: retain the core, outsource the rest.
Increasing process transparency and visibility.
Constant innovation and employee retention

Enterprise technology trends Enterprise applications: Connect the corporations:

Infrastructure convergence: Increase merge of voice, data
and video
Multichannel integration: Computer telephony integration and
voice recognition wireless applications.
Leveraging legacy investments : The rise of middleware for
Application integration.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Companies, their managers may wake up too late to heed the sound of their customers
fists pounding on the counters for faster service. These companies will not be in
business for long.
In the e-business world, innovation is derived from spotting the trend well before
anyone else does and from the sophisticated exploitation of information and technologies
to create value. It is the senior managers in particular who will be called on to lead the
innovation charge. Today, every manager is wondering how the Internet can remake his
or her business. In a concerted search for growth, corporations are intent on mastering the
art of trend spotting in order to discover new products and services, design new business
processes and structures, even to create completely new businesses.

QUESTION BANK

Q.1 Explain E Supply advantages and benefits.

Q.2 Explain E-supply value creation for customer.
Q.3 What are E-Supply Chain goals?
Q.4 Enumerate the advantages and disadvantages in using Internet and Web Technology in
supply chain management.
Q.5 Explain how enterprise resource planning and supply chain management software Differs in
their goals and implementations.
Q.6 Discuss on Agile Manufacturing in supply chain management
Q.7 Write notes on pull based and push based supply chain management.
Q.8 Write about Efficient Customer Response in supply chain management
Q.9 Present various characteristics of supply chain management.
Q.10 Explain the role of marketing and distribution in supply chain management
Q.11 What is Supply Chain Management? Why is it important in e-business environment?
Q.12 what is supply chain management? Discuss how it is advantageous to E-commerce.
Q.13 Explain the role of EC in i) Supply chain management ii) Retailing
Q.14 Describe the E-Supply Chain management
Q.15 Explain seven ways to reduce inventory in E-SCM.
Q.16 what are the real-time benefits of E-SCM.
Q.17 what are the strategic advantages of E-SCM.
Q.18 Explains in detail E-supply chain components.
Q.19 Explain in detail E-supply chain architecture.
Q.20 Explain major or new trends in E-supply chain management.
Q.21 Explain benefits of E-supply chain management.
Q.22 Explain E-logistics.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Chapter- 7
E-strategy
Introduction

Whether they call it ―the post-industrial society‖, ―the third wave‖ or ―the knowledge
era‖ most policy makers, academics and business leaders would agree that we have
recently entered a new era. Undoubtedly, some of the defining characteristics of this era -
which shall here be referred to as ―the information age‖ – are still to emerge and develop.
However, we now recognize that the information age differs markedly from the industrial
age in several important respects. These differences can be summarized as in Figure 7.1.

Industrial Age Information

Age

Marketplace Marketplace
Doing business

Hierarchies Organizing business Networks

Scare physical Economics in business Limitless

digital
Resources resources

Machine/craft Knowledge/
Populating business
Workers intelligent
workers

Real estate and Information

Infrastructure technology
Infrastructure in business

Fig. 7.1 Industrial age vs. information age.

Over the past 40 year or so, many business analysts have tried to determine what
has been driving these changes. The consensus has shifted over time. At first, it was
thought to be the automating power of computers and computation. Then, it was the
ability to collapse time and space through telecommunications. More recently, it is found
to be the value- creating power of information, a resource which can be reused, shared,
distributed or exchanged without any inevitable loss of value; indeed, value is sometimes
multiplied. And today‘s fascination with competing on invisible assets means that
people now see knowledge and its relationship with intellectual capital as a critical
resource, because it undermines innovation and renewal.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Information and strategy

All these claims are valid in some ways and therefore, there are diminishing returns to
arguing which is the critical motive force. But we can recognize that today every
business is an information business. Let us first take the perspective of industrial
structure. We see battles in the marketplace all the time, as ―content‖ companies try to
acquire related content businesses, not only because of their thirst for information but
also because of the opportunities for synergy created by repackaging, reuse and
navigation. More significantly perhaps, content companies acquire or build alliances
with communication companies, and vice versa. Both sides recognize that to command
the airwaves is to command the distribution channels of the information age, and that the
high value added opportunities are likely to rely on selling content and repackaging and
reusing it in manifold ways. Sometimes, novels are made into television films. That is
an example of repackaging opportunity.
It is not just the obviously information-intensive companies that are trying out
these when smith Kline Beecham acquired Diversified Pharmaceutical Services in 1994,
the purchase was as much about buying the data embedded in prescriptions and
healthcare administration processes- which could then guide research and development
programmers and sales management – as about more conventional synergies.
When India world was bought by Satyam Online, the sale soon turned out to have
a similar information thread. So, we need to rewrite, or at least re-examine, the industrial
economic rules of vertical integration and diversification.
Indeed, it becomes difficult in the world of intangible assets and electronic
distribution channels to be clear to define vertical or horizontal integration. Microsoft
takes stakes in software, communications and information-providing businesses, and
America Online acquires Netscape. Are these ―horizontal‖ or ―vertical‖ man oeuvres?
If you choose to take an information perspective, businesses converge, partly
because of the integrated e-strategy, true in Figure 7.2. In other words, brand,
technology, market and service are the four aspects of e-strategy. In some cases this
happens because the product is information-based, as in the cased of Disney and ABC, in
other cases, it is because processes are information-based, such as in our pharmaceuticals
examples. In still other cases, it is simply because market understanding or decision-
making is information-based. So retailers, financial services, organizations and airlines
will form alliances because of the information (and sales) Potential of customer cards.

Technology

Brand Integrated E-strategy Service

Market

Fig. 7.2 Convergence

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

While the price-system coordinates the economy, managers integrate activity

inside the firm. Increasingly, strategic advantage requires the integration of external
activities and technologies. So, an integrated e-strategy implies integration of
technology, brand standing, customer-service and meeting the needs of the market.

The Virtual Value chain

Information can be captured at all stages of the physical value chain. Such information
can be used to improve performance at each stage of the physical value chain and to
coordinate across it. However, it can also be analyzed and repackaged to build content-
based products or to create new lines of business. Thus, insurance companies, for
example, are becoming adept at analyzing customer and claims information and then tele-
selling both financial and physical products. A company can also use its information to
reach out to other companies, customers or operations, thereby rearranging the value
system of an industry; if you like, sectors become ―value jigsaws‖ which can be
rearranged so that traditional sector boundaries disappear.
As digital technologies converge, the whole concept of physical value chain
undergoes a change. Today the focus is on the virtual value chain, which can be seen in
Figure 7.3
And while entrepreneurs are often adept at collecting and processing information
about threats and opportunities-by networking, observing and getting about- many look
to information and IT as their source of new products and services. The promoter of the
future are ―infopreneurs‖
Figure 7.4 summarizes the discussion so far. From at least six perspectives, every
business is an information business. One consequence of this is that either no business

Inbound Operations Outbound Marketing Services Value

Logistics Logistics & Sales

Logistics

Gather Organize Select Synthesize Distribute Value

Fig 7.3The new value chain and the physical value chain.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Industrial Logic Managers are

becoming based information
on information processor

Value chains Information Business

are virtual as Business operations are
well as physical information

Entrepreneurs Organizations are

are infopreneurs information’s
design

Fig 7.4 Every business is an information business.

Strategy is complete without an information strategy. Or that business strategy and

information strategy need to be integrated. It information systems and information as a
resource no longer just support business strategy; they indeed help to determine it. But
what does an information strategy look like?
Figure 7.5 is a conceptual framework which distinguishes Information Systems
(IS) strategy from IT strategy. IT, which was about the ―how‖-the technology
infrastructure or platform-often seemed to distract attention from IS which was the
―what- the identification and prioritization of systems or applications for development.
Then comes information management strategy, which was about the ―who‖- the
all important question of roles and responsibilities in the delivery, support and strategic
development of IS and IT. All of these were influenced by the business or organizational
strategy, which was concerned with strategic intent (―why‖) and organizational
architecture. In a perfect world, corporations strove for a good fit between these four
domains.

What ? Where ?
Information systems /??????
Information resource
strategy ?//.???/
strategy
?
Why ?
Organization
Strategy

Who ? How ?

Information Information technology

management strategy strategy

Fig 7.5 Information strategy framework

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Now we can see that a fifth domain is missing-one we still find difficult to
formalize but in which companies increasingly have objectives, principles and policies.
The fifth domain is the domain of information as a resource, or of Information Resource
(IR) strategy. It is perhaps the ―where‖ question; where are we going? Much value
creation can come from information, but it is not always clear what the end result will
look like.
In more traditional content companies, such as advertising agencies, broadcasters
and move companies, you will find policies about not giving away or even releasing
content that other could reuse. And in financial services companies, you will find
executives scratching their heads as to ―Why they never collected critical data such as
date of birth when their customers registered with them? And ―Why information resellers
make money out of their transaction data;
One aspect of IR strategy is the increasing interest in the distinction among data,
information and knowledge. Some chief information officers and chief knowledge
officers believe that such classifications are of little help, and some academics have
certainly put their careers behind by agonizing over such questions. Others, however,
feel that conceptualizations such as that tin Figure 7.6 offer the solution.

Data Information Knowledge

Content Events Trends Expertise
Form Transactions Patterns Learning‘s
Information task Representation Manipulation Codification
Human element Observation Judgment Experience
Organizational Automation Decision-making Action
intent Building block Uncertainty New understanding
Value test reduction

Fig 7.6 from data to knowledge

1. To some degree, information is derived from data, and knowledge from
information, and thus we are reminded that data has enormous potential- far
beyond just being representative of a transaction.
2. Information has characteristic, particularly of human interpretation above and
beyond data. Knowledge has something more than information, perhaps learning.
A logical test of the value of an additional piece of knowledge could be whether it
provides new understanding.
3. Articulating and seeking to classify these intangible resources at least alerts
people to their value and, more particularly, to the different sorts of investments
they require. Technology is suited to data processing knowledge processing is
much more of a human activity.

What are clear are that such frameworks and the past works of philosophers,
economists, political scientists, computer scientists, psychologists and management
scholars on the nature age. There are some old lessons to be re-learnt but some new rules
and ideas are also required, for the world of information and intangible assets is very
different from that of the industrial age and physical assets.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Seven Dimensions of E-commerce Strategy1

In order to understand the process of e-commerce strategy, systematic examination of the

strategic factors involved has to be considered. Looking at the most successful e-
commerce companies, we see a strategy emerging, which is modeled in Figure 7.7

Leadership

Technology Service

Infrastructure

Brand Markets

Organizational
Learning

Fig 7.7The seven dimensions of e-strategy.

It can be argued that this model can be applied to all forms of organizations in the
traditional sectors. However, this model is especially applicable to assisting the needs of
e-commerce strategies. The bonds of an e-strategy lie in the preparation of the ground
before the functional issues are addressed. Leadership, organizational learning, and
infrastructure form the bonds as shown in Figure 7.8 Clearly; there is a strong interaction
among these three components.

Leadership

Organizational learning Infrastructure

Fig 7.8 The bonds of e-strategy

The primary drivers and the creators of strategic vision in an organization are the
CO and the senior executives. The market for intellectual capital in the form of
experienced, proven, and successful leadership has never been more extreme. Once the
need to develop e-strategy is identified, the single most important issue facing the
executives is the IT infrastructure. These spas the technology spectrum from a single
internet file serve connected to an ISP to the information-intense online transaction
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
processing. Leadership with vision facilitates, encourages and allows an environment to
develop within the organization, where institutional learning and memory thrive.

Internal Technology Leadership: The 75 Frame work

The essence of the McKinsey‘s 75 model is that a firm is the comprehensive sum of its
parts, and the internal dynamics of an organization clearly determine that organization‘s
ability to compete, the premise being that both the strategy and the structure of the
organization determine the management‘s effectiveness. The McKinsey 75 model
attempts to create an awareness of the factors that, when utilized together, will assist in
the formation of an organization that is greater than the sum of its parts. The hub and
spokes unite the seven factors, as can be seen in Figure7.9 The factors are defined in
Table 7.1
The Alignment of Technology and Corporate Planning
The whole basis of technology formulation is the ability of the organization‘s executive
to achieve alignment between the technology strategy and the strategy of the enterprise as
a whole
Structure
The second key issue that organizations need to address in leveraging technology towards
reaching a position of market space leadership is their ability to manage their internal
structural

Structure

Strategy Systems

Shared Values

Style
Skill

Staff

Fig. 7.9 The Mckinsey 75 framework2

Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 7.1
SEVEN FACTORS OF THE MCKINSEY 75 FRAMEWORK
Component of the Definition
75 framework
Strategy Strategy can be defined as the determination of a course of action
to be followed in order to achieve a desired goal, position or
Structure vision.
An organization‘s structure is the interrelationship of processes
Systems and human capital in order to fulfill the enterprise‘s strategic
Staff objectives.
Style The organization‘s information systems and infrastructure.
Human resources management.
Corporate style is a synthesis of the leadership philosophy of
Skills executive management, the internal corporate culture generated,
and the orient- ation the organization adopts to its markets,
Shared Values customers, and competition
The unique or distinctive characteristics associated with an
organization‘s human capital.
The concepts that an organization utilizes to drive towards a
common goal through common objective and a common value
set.

Dimensions, generally characterized by a company‘s organizational chart. Organizations

must ensure that their structural characteristics facilitate their ability to be flexible and
agile enough to effectively and efficiently meet the needs of their markets as they change.
Systems
This is the nervous system through which the organization communicates to its
environment. In developing an e-strategy, one of the hidden strength an organization can
create is a flexible systems infrastructure. The three major dimensions of technology
infrastructure are.
 Enterprise Resource Planning (ERP) systems
 Data warehousing
 Knowledge management

ERP systems can help cut costs across the value chain by re-engineering their processes.
For this, the ERP systems should incorporate flexibility without complexity. And to
improve their relationships with customers, organizations need to generate information
and content that add value from the processes themselves.
Data warehousing can be seen as the basis of a knowledge repository that, when
used effectively, enables cost reduction strategies to be identified, added-value services to
be achieved at a manageable cost, and the delivery of improved data effectiveness within
the organization.
The third dimension of an organization‘s e-commerce infrastructure is that of
knowledge management, an area that can be defined as the formal management of an
organization‘s knowledge resources.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Staffing:
Human capital is the bedrock of any organization. As organizations evolve towards
becoming knowledge-based, the value of an organization‘s intellectual assets cannot be
overstated and magnified by a scarcity of IT skills. So outsourcing has been a trend in
many organizations.
Skills
The two skills that form the pillars between which the Information Systems structure is
supported are the technical skills and relationship management skills.
Style
Style can be defined as ‗characterization of how key managers behave in achieving the
organization‘s goals, and also the cultural style of the organization‘. Managers succeed
and fail in inspiring peak performance, not only according to their ability to appreciate
the values and motives of those they direct, but also according to their willingness to
align their own managerial styles to the personal, situational and organizational
environment. The bottom line for every effective manager is to deliver results. Since
management is also an art, every manager has a personalized way of doing things.
Shared Values
Shared values can be defined as the significant meaning or concepts that on organization
utilize to drive towards a common goal through common objectives and a common value
set. Key to achieve these is the driver for flexibility in process, for lower transaction
costs, and for achieving mass customization for the customers.

Value Chain and E-strategy

This intensity of information in the value chain and in the product offers some clues to
the role of e-commerce in an industry. Industries that have information intensity are much
more likely to develop quickly into e-commerce than those that do not. An industry with
high information intensity, like the computer business, is much more likely to depend on
e-commerce than one with low information intensity, like the sand and gravel business.
To determine the intensity of information in one‘s industry, he has to look at his
value activities and value chain. These concepts willhelp in figuring out what may
happen in the future.

Value Activities
Value chain activities are the things that the company does to design, produce, sell, and
service products. Typical value activities for a manufacturing firm would be things like;
 Gathering customer needs
 Designing products
 Purchasing materials
 Producing products
 Promoting products
 Selling products
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
 Servicing Products
 Servicing customers

Assessment of Information Intensity

Assessment of the intensity of information in the value chain and value activities takes
the next priority. The industry that has high information intensity in the value chain
would have characteristics like those listed below.
 A large number of direct suppliers or customers
 A complex product line
 A product that needs a lot of information to sell
 A product composed of many parts
 Many steps in the production process
 A long order fulfillment cycle time

Next, if there is high information intensity in the products of your industry, it is

reasonable to adopt e-commerce. Characteristics of high information intensity in the
product would be a product that:

1. Provides information
2. Involves information processing
3. Requires the buyer to process a lot of information
4. Has high user training costs

The Validity of This Technique

Most of the early adopters of e-commerce have come from industries that would score
highly if rated on the information intensity scale; those with low scores have not
participated so far.
Software business embraced the Web from the beginning and today, much of the
business is conducted online. Products are promoted on the Web and sales leads are
generated. Product information is supplied to prospective customers on the Internet- not
just online brochures but rich, interactive information via demonstrations. Sales
transactions are initiated electronically by buyers, orders are fulfilled in some cases by
immediate download payment is quickly made electronically via credit, and customer
service is delivered by e-mail and Web-based tool.
How do software companies rate on the information intensity scale? The
typically need a large customer base to survive. Their products are complex and
customers expect a lot of information before they buy. The product mainly provides
information and information processing. It typically has a high learning curve and many
uses.
As shown in Figure 7.10 we have a very general value chain for Internet
commerce. This value chain3 is focused on the interactions of a business with its
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
customers. The details will certainly be different for different businesses (and for some
different business models.)
But we have found this general approach to be very effective in organizing an approach
to do business online. The components of this general value chain are the following:
1. Attract customers by means of advertising and marketing; invite and retain the
interests of the customers;
2. Interact with customers by means of sales, and convert their interests into
‗orders‘.
3. Act on customer instructions and manage orders such as order capture, payment
and fulfillment.
4. React to customer requests and involve in customer service and offer technical
support.

Get and keep Turn interest Manage Service

Customer interest into orders orders customers

Attract Interact Act React

Advertising Catalogue Order capture

Customer
Marketing Sales Payment Service
Fulfillment Order tracking

Fig. 7.10 The commerce value chain.

Locking at the value chain for a business helps to define areas of focus such as
what the business is best at or where the most emphasis should be given. Even in
businesses that may appear to be very similar, differences in emphasis can have major
effects, both for Internet commerce and for more traditional forms.

Components of the commerce value chain

The key components of the value chain can be very different for different industries, and
even among different businesses within a particular industry, such as in the following
example. In this section, we will look at a generic value chain for Internet commerce. In
part it serves as an example of how one might break down a value chain to analyze it
more closely, and in part it exemplifies some of the most important components of
business on the Internet, throughout this section, we use catalogues for consumer retail
purchases as examples. In the next chapter, we will look at several different kinds of
business and how the commerce value chain applies to them.

Attract customers:

The first component of the generic Internet commerce value chain is to attract customers.
By this we mean, whatever steps we take to draw customers into the primary site,
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
whether by paid advertisements on other websites, e-mail, television, print, or other forms
of advertising and marketing. The point here is to make an impression on customers and
draw them into the detailed catalogue or other information about products and services
for sale. Instead of attract, the catchword today is ‗addict‘ the customers.

Interact with customers

The second component is integration. By this we mean, turning customer interest into
orders. This phase is generally content oriented and includes the catalogue, publication,
or other information available to the customer on the Internet. The content may be
distributed by many different mechanisms, such as the World Wide Web or e-mail. In
some cases, there may be links between Internet commerce and contents distributed by
other media, such as CD-ROMs.
Editorially, contents may change infrequently or frequently. Technically, content
may be static or dynamic. Static content typically consists of prepared pages, such as
those from a catalogue, that are sent to a client upon request. These pages must be
recreated and updated whenever the information on them changes. Dynamic content, on
the other hand, is generated at the time of the request, drawing upon request. Upon one
or more information sources to produce an appropriate page of information for the client.
Some sources of information for dynamic content include databases, such as a parts
database with pricing information, the capabilitieswith pricing information, the
capabilities of client software, such as what graphic formats can be used or even who the
clients are, or what organizations they are with. Dynamic content is often used when the
editorial content changes frequently, or when the natural storage medium for the
information is a database, or when the information, is used for multiple purposes.

Act on Customer Instructions

The next component in the commerce value chain is to act. Once a buyer has searched
through a catalogue and wishes to make a purchase, there must be a way to capture the
order process payment, handle fulfillment and other aspects of order management.

Order processing: - Often a buyer wishes to purchase several items at the same time, so
the order processing must include the ability to group items together for later purchase.
This capability, sometimes called a shopping cart in the case of retail transactions,
usually includes the ability to modify the contents of the shopping cart at any time. Thus,
the buyer is able to discard items, add new ones, change the quantities, and so on. When
the buyer is ready to complete the purchase, it is often necessary to compute additional
charges, such as sales tax and shipping costs. The order processing system then presents
the buyer can pay for the items.

Payment – Depending on the terms of the order, the buyer may pay for it (or provide
payment instructions) as part of the order capture. Once an order is finalized, the buyer
can of the methods may be online analogies developed especially for a networked system.
For example, in an online publishing system, it may be feasible to charge a small amount
for a single magazine article, rather than requiring someone to purchase the entire
magazine.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The most important property of an online payment system is that the seller can
use it to collect payment from the buyer. That is, no matter which payment mechanisms
each one may be capable of their must be at least one they can agree on. This property
has several suggestions. First, the seller‘s system must be able to handle the kinds of
payment important to the seller‘s business. For example, credit cards are commonly used
for consumer retail transactions, but businesses often buy from each other using purchase
orders. There may also be non-technical control on what payment methods can be used.
To accept credit cards, a merchant must have an account with an acquiring bank that
handles the transactions. Without such an account, creating the technical infrastructure to
allow for credit card payment is useless.
Second, the seller must be careful about imposing requirements on the buyer‘s
system. If the buyer must have a particular software package to handle a particular kind
of payment system, the universe of possible buyers is likely to be much smaller than it
would be otherwise. In some cases, of course, all of the desired customers will have such
software, or be willing to obtain it. Again the key point is to keep the customer and the
business in mind when selecting the technology.
Note also that completing this stage does not necessarily mean that funds have
been transferred into theseller‘s bank account. Some payment instruments, including
both credit cards and purchase orders, extend credit to the buyer who will make the actual
payment later. In such cases, it is common for the seller‘s system to authorize the
transaction, whether by requesting such authorization from a third party (such as the bank
that issued a credit Card.) or its own internal rules (such as whether a purchase order
relationship has been established). As such, final settlement of a transaction may not take
place until the item has been shipped.

Fulfillment. Now the order has been placed and the payment made (or at least a
satisfactory promise of payment). The next step is fulfilling the order. How that happens
depends on the type of thing purchased. If the item ordered is a physical good
(sometimes, called a hard good), it will be delivered to the buyer. The order is usually
forwarded to a traditional order processing system, with the result that someone picks up
the object, packs it, and ships it. In this case, the online commerce system must have a
method for forwarding orders. This step could be as simple as printing out or faxing an
order form form fora person to handle, or it may use a more complicated interface, such
as EDI, with another computer system. The precise mechanism, of course, depends on
how orders are handled by the rest of the business.
A second kind of order is a request for a service to be performed in the real world.
For example, one might order a singing telegram online although the fulfillment happens
in the physical world; this is a service, not a physical good. For our purposes, however,
we can think of these as being handled like physical goods. The order is passed on to a
system or a person who fulfils it.
The third kind of order is more closely tied to the Internet commerce system. We
call this category, digital goods. Digital goods include a wide variety of online delivery,
including software that is delivered online, magazine or news articles, reports, access to
database for a period of time, and so on.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
React to Customer Inquiries

Finally, after a sale is complete, the customer may have some questions or difficulties
that require service. Although many questions require persons to answer, others can be
answered with the appropriate information system. For example, a transaction system.
Customers, who wonder whether or not their orders have been shipped, might check back
with the system. A more complicated example is how the system handles a failure when
delivering a digital good.

Suppose that a customer buys software packing online. While the software is
being downloaded to the customer‘s computer, an error in the network cause the
download to fail what can the customer does? Clearly they should not buy the item
again, so they need some allow the customer to attempt another download.
Using people to answer customer service calls can be very expensive, so it is
worth investing in systems that eliminate questions that do not require the capabilities of
a person. As noted previously, these systems often provide routine (or even exceptional)
information in response to simple queries. But it is very important to design the system
to cater to the needs of the customer in solving any problems that may arise in the process
of transaction.

The Quantitative Approach for E-strategy

Speed, round-the clock availability and security are the most common indicators of
quality of service of an e-business site. Management faces a two-fold challenge. On the
one hand, companies must meet customer expectations in terms of quality of service. On
the other reliability, scalability, and security are key issues to e-business site managers E-
business sites are complex computer-system architectures, with multiple interconnected
layers of software and hardware components, such as networks, caching proxies, routers,
high speed links, and mainframes with large databases. The nature of e-business sites are
complex computer-system architectures, with multiple interconnected layers of software
and hardware components, such asnetwork, caching proxies, routers, high speed complex
due to its transactional nature, secure requirements, payment protocols, and the
unpredictable characteristics of service requests over the Internet. Planning the capacity
of e-business sites requires more than just adding extra hardware. In requires more than
intuition. Ad hoc procedures and rules of thumb. There are many possible alternatives
and one has to be able to determine the most cost-effective architecture. This is where
the quantitative approach of this book and capacity planning techniques for e-businesses
come into pay.

Planning the E-commerce Project

A successful business plan for an e-commerce initiative should include the following
activities.
1. Identifying the initiative‘s specific objectives
2. Linking objectives to business strategies.
3. Managing the implementation of business strategies.
4. Overseeing the continuing operations of the intuitive, once it is launched.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
In setting the objectives for an e-commerce initiative, managers should consider
the strategic role of the project, its intended scope, and the resources available for
executing it.

Identifying Objectives

Businesses undertake e-commerce initiatives for a wide variety of reasons. Common

objectives that a business might hope to accomplish through e-commerce could include
increasing sales in existing markets, opening new markets, serving existing customers
better, indentifying new vendors, coordinating more efficiently with existing vendors, or
recruiting employees more effectively.
Resource decisions for e-commerce initiative should consider the expected
benefits and expected costs of meeting the objectives. These decisions should also
consider the risks inherent in the e-commerce initiative and compare them to the risks of
inaction a failure to ac could concede a strategic advantage to competitors.

Linking Objectives to Business Strategies

Businesses can use downstream strategies, which are tactics that improve the value that
the business provides to its customers. Alliteratively, businesses can pursue putrefies that
focus on reducing costs or generating value by working with suppliers or inbound
logistics.
You have already learnt about the different things that companies do on the Web.
Although the Web is a tremendously attractive sales channel for many firms, companies
can use e-commerce in a variety of ways to do much more than selling; they can use the
Web to improve their business strategies and their competitive positions. As described in
earlier chapters of this book, e-commerce opportunities can inspire businesses to
undertake activities such as:
 Building brands
 Enhancing existing marketing programs
 Selling advertising
 Improving after-sale serviced and support
 Purchasing products and services
 Managing supply chains
 Operating actions
 Creating virtual communities and web portals.
Although the success of each of these activities is measurable to some degree,
many companies have undertaken these activities on the Web without setting specific,
measurable goals. In the mid 1990s the early days of e-commerce- businesses that had
good ideas could start a business activity on the Web and not face competition. Successes
and failures were measured in broad strokes. A company would either become the
amazon.com or the eBay of its industry, or it would disappear, either slipping into
bankruptcy or be acquired by another company.
As e-commerce is now beginning to mature, more companies are taking a closer look
at the benefits and cost of their e-commerce projects. Measuring both benefits and costs
is program at the Massachusetts Institute of Technology, funded by Procter & Gamble,
Gillette, Wal-Mart, Unilever, Tesco, Target, and other corporations. One of the goals of
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
the Auto- program is to keep store-shelves full. On any given afternoon. 8 per cent of the
items that US shoppers are looking for are out of stock. Auto-ID uses passive tags that
respond to a specific radio signal. A tiny capacitor on the chip stores enough energy from
the incoming signal to send out a response. The tags only respond when near device.
The tags also have a miniature chip and enough memory to keep track of a digital
identity. The memory is of 96 bits, tiny by computer standards but provides a huge
number of combinations of ones and zeros.
The technology is set up to identify more than 268 million manufacturers with
more than a million individual products each. The memory stores an electronic product
code. Or EPC.

Mobile Health services

There is a growing need for the wireless services in health care and medicine. In
the US, the Institute for Safe Medication Practices has called for the elimination of
handwritten prescriptions by 2003. The provision of wireless hand-held devices means
that prescribing can be done electronically. In addition, other tasks that can be carried
out wirelessly include billing, lab ordering, referrals, and clinical decision support. The
same technology could be used to reduce medical error or give health care providers the
information resources to make life-critical decisions whilst on the move.
The benefits of the wireless technology can be illustrated with a number of
different examples. Patient information can be obtained by health care professionals
from any given location because they can be connected wirelessly to the institution‘s
information system. Physicians access to patient histories, lab results, pharmaceutical
information, insurance information and medical resources would be enhanced
immeasurably, thus drastically improving the quality of patient care. Hand-held devices
can also be used in home healthcare as for example, effective monitoring of blood sugar
and blood pressure levels.
Connecting hospitals wirelessly does not impersonalize medicine or change the
way a physician interacts with a patient. Yet it gives opportunity for efficient collection
of information. Entered on hand-held devices-information which is then easily made
available to any health care professional who is able to access it from the hospital‘s
wireless LAN. In exactly the same way, a change in the status or location of a patient can
be immediately documented wirelessly, and medication profiles can be checked. The
ultimate effect of Wireless local Area Network (WLAN) is to free hospital staff from the
tether of a stationary PC. Where handhelds are in use, there are two operating systems
vying for market share-Palm OS and Windows CE. The Palm OS is currently the most
popular, a likely reason being its comprising over 90 per cent of all new WLAN
installations. In 2001, the 802, 11b standard became the format of choice within the
hospital segment. Network unit sales in this marked continued. To be brisk into 2002,
with a noticeable demand increase for the newly released 802.11 a chipset-equipped
hardware.
The sensitive nature of patient‘s medical records has made information protection
a genuine concern among buyers of 802.11b products. Currently, the only native wireless
encryption system that exists to safeguard data during transmission is the Wireless
Equivalent Protocol (WEP) that utilizes basic access control mechanisms such as user
authentication. Keys. The reported design flaws in WEP architecture are now forcing
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
802.11 working group committees to consider viable add-on encryption schemes for the
ultimate goal of a secure WLAN environment.

TABLE 7.2
PROJECTED USE OF WIRELESS DATAAPPLICATIONS 2000-20054
(In millions)
Application 2000 2001 2002 2003 2004 2005
Messaging 100 230 399 611 916 1268
E-commerce / retail 12 36 107 195 318 469
Financial services 50 123 225 357 529 798
Intranet (corporate) 5 20 49 81 129 206
Internet, WAP 4 20 85 183 344 614
Entertainment 61 143 246 372 554 775
Navigation 47 146 239 345 488 785

Technologies for Mobile Commerce

Wireless Spectrum

The electromagnetic spectrum, or simply spectrum, is the entire range over which
communicating devices transmit energy waves. The electromagnetic spectrum is assigned
common groupings of energy waves, commonly called airwaves that make bands of the
spectrum. Over the airwaves, TV, radio, cell phones, or any wireless Internet devices
communicate with a transceiver, Each kind of transceiver uses dedicated frequency
ranges that are measured in hertz (Hz); I Hz is one cycle per second.
An interesting property of the spectrum is that higher frequencies travel shorter
distances. They take more power to transmit. With enough power, they can be life-
threatening Higher frequencies can be modulated to carry more bits per second than
longer waves, but they are subject to atmospheric interference. Broadcasters generally
prefer owning a lower frequency because it costs less to transmit a signal, it carries
farther, and it is generally ―safer‖.
The US federal communications Commission (FCC) and similar agencies around
the world break up the spectrum and assign bands for specific purposes. Bands are
ranges of frequency with common mames. Worldwide bodies. Such as the International
Telecommunications Union (ITU), also make frequency agreements, so that devices will
operate clearly worldwide, Regulating radio interference is necessary so that wireless
devices do not interfere with one another. To prohibit interference from a neighboring
transmitter, the FCC restricts bands of coverage.
The owner of popular mobile cellular bands must obtain an FCC license, which
guarantees the owner, exclusive use in territory. Other parts of the spectrum go
unlicensed, such as the Instrument Medical Scientific (ISM) at 2.4 GHz and Unlicensed
National Information Infrastructure (U-NII) at 5 GHz. Unlicensed sections of the
spectrum are open to use by any transmitting device. It may interfere with, and- to
express colorfully -it may step on the signal of another wireless devices. With intelligent
signal processing, interference conflicts can be minimized.
Over the time, the FCC has been licensing higher spectrum with wireless
technology. In the 1980s. The FCC licensed 800 MHz for cell phones; this part of the
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
spectrum sits above the established AM and FM spectrum. When cellular spectrum was
used up in 1996, the FCC auctioned off the higher-spectrum 1900 MHz licenses to
operate at a lower power range called Personal Communications Services (PCS). Your
cell phone today typically uses either the 800 MHz or the newer 1900 MHz band of
spectrum to transmit signals. A ‗DUAL-band‘ cell phone can use either of these parts of
the spectrum.

Strategies for website development

When companies began establishing their presences on the Web the typical website was a
static brochure that was not updated frequently with new information and seldom had any
capabilities for helping the company‘s customers or vendors transact business. As
websites have become the home not only of transaction processing but also of automated
business processes of all kinds, these websites have become important parts of
companies‘ information systems infrastructures.
The transformation occurred rapidly, taking only a year or two for most
companies. But very few businesses have caught up with the changes in terms of how
they develop and businesses today manage them as the dynamic business applications
they have now become. The tools that companies have developed over the years to
manage software development projects are designed to help those companies meet the
needs of their current customers, and operate more effectively within existing value
chains.
Many large and medium-sized companies have found it extremely difficult to
develop few information systems and websites that work with such systems to create new
markets new ways of working with their customers and suppliers by reconfiguring supply
chains have had the luxury of time- in many cases, years to complete those
reconfigurations. However, the speed at which the Internet has changed markets and
marketing channels throughout entire industry value chains precludes lengthy
reconfigurations. Now companies that want to successfully adapt to the changed
business environment of the information age must explore alternatives to traditional
systems development methods.

Internal Development vs. Outsourcing

Although many companies would like to think that they can avoid electronic commerce
site development problems by outsourcing the entire project, savvy leaders realize that
they cannot. No matter what kind of e-commerce3 initiative a company is contemplating,
the initiatives success depends on how well it is integrated into and supports the activities
in which the business is already engaged. However, few companies are large enough or
have sufficient in house expertise to launch an electronic commerce project without some
external help Even Wal-Mart, with an annual sale of more than $150 billion, did not
undertake is 2000 website prelaunch all alone. The key to success is finding the right
balance between outside and inside support for the project. Hiring another company to
provide the outside support for the project is called outsourcing.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The Internal Team

The first step in determining which parts of an e-commerce project to outsource is to

create an internal team that is responsible for the project. This team should include
people with enough knowledge about the Internet and its technologies. To know what
kinds of things are possible. Team members should be creative thinkers who are
interested in taking the company beyond its current boundaries, and they should be
people who have distinguished themselves in some way contributing exceptionally to the
company. If they are not already recognized by their peers as successful individuals, the
project may suffer from lack of credibility.
Some companies make the mistake of appointing as e-commerce project leader. A
technical wizard who does not know much about the business and is not well known
throughout the company. Such a choice can greatly increase the likelihood of failure.
Business knowledge, creativity, and the respect of the firm‘s line managers are all much
more important than technical expertise in establishing successful e-commerce.
Measuring the achievements of this internal team is very important. The
measurements do not have to be monetary. Achievement can be expressed in whatever
terms are appropriate to the objectives of the initiative. Customer satisfaction, number of
sales leads generated, and reductions in order- processing time are examples of metrics
that can provide a sense of the teams, level of accomplishment. The Measurements
should show how the project is affecting the company‘s ability to provide value to the
consumer.
Increasingly, companies are recognizing the value of the intellectual capital they
have built up in the form of employee‘s knowledge about the business and its processes.
In the past many companies ignored the value of their human assets because they do not
appear in the accounting records or financial statements. Lief Envision has pioneered the
use of human capital measures at Skandia Group, a large financial services company in
Sweden of customer loyalty and business partnerships as part of the company‘s
intellectual capital. This networking approach to evaluating intellectual capital shows
promise as a tool for assessing and tracking the value of internal teams and their
connections to external consultants. These measurements are just now being adapted for
use in measuring systems development efforts.
The internal team should hold ultimate and complete responsibility for the e-
commerce initiative, from the setting up of objectives to the final implementation and
operation of the site. The internal team will decide which parts of the project to outsource
(and to whom hire for the project. Consultants, outsourcing providers, and partners can be
very important early in the project because they often develop skills and expertise in new
technologies before most information systems professionals do.

Early Outsourcing

In May e-commerce project, the company outsources the initial site design and
development to launch the project quickly. The outsourcing team then trains the
company‘s information systems professionals in the new technology before handing the
operation of the site over to them. This approach is called early outsourcing. Since
operating an e-commerce site can rapidly become a source of competitive advantage for a
company, it is best to have the company‘s own information systems professional in the
new technology before handling the operation of the site over to them this approach is
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
called early outsourcing. Since operating an e-commerce site can rapidly become a
source of competitive advantage for a company, it is best to have the companies own
information systems in which people work closely with the out-sourcing team and
develop ideas for improvements, as early as possible, within the tenure of the project.

Late Outsourcing

In the more traditional approach to information systems outsourcing, the company‘s

information systems professionals do the initial design and development work,
implement the system, and operate the system until it becomes a stable part of the
business operation. Once the company has gained all the competitive advantage provided
by the system, the maintenance of the e-commerce system can be outsourced so that the
company‘s information systems professionals can turn their attention and talents to
developing new technologies that will provide further competitive advantage. This
approach is called late outsourcing. Although for years late outsourcing has been the
standard for allocating scarce information systems talent to projects, e-commerce
initiatives lend themselves more to the early outsourcing approach.

Partial Outsourcing

In both the early outsourcing and the late outsourcing approaches, a single group is
responsible for the entire design, development, and operation of a project group-either
inside or outside the company. This typical outsourcing pattern works well for many
information systems projects. However, electronic commerce initiatives can benefit from
a partial outsourcing approach too. In partial outsourcing, which is also called
component outsourcing, the company identifies specific portions of the project that can
be completely designed, developed, implemented, and operated by another firm that
specializes in a particular function.
Many small websites outsource their e-mail handling and response function.
Customers expect rapid and accurate responses to any e-mail inquiry they make of a
website with which they are doing business. Many companies like to send an automatic
order confirmation via e-mail auto-response functions on an outsourcing basis.
Another common example of partial outsourcing is an electronic payment system.
Many vendors are willing to provide complete customer payment processing. These
vendors provide a site that takes over when customers are ready to pay and returns the
customers to the original site after processing the payment transaction.
Internet service providers (ISPs) offer Web hosting services to companies that
want to operate e-commerce site but that do not want to invest in the hardware and the
staff needed to create their own Web servers. ISPs are usually willing to accommodate
requests for a variety of service levels. Small businesses can rent space on an existing
server at the ISP‘s location. Larger companies can purchase the server hardware and
have the ISP install, and maintain it at the ISP‘s location. Larger companies can purchase
the server hardware and have the ISP install, and maintain it at the ISPs Location. ISPs
provide the continuous staffing and expertise needed to keep an e-commerce site up and
running 24 hours a day, seven days a week. Most ISPs offer a wide range of services,
including personal Web access for individuals. Some ISPS specialize in services to
business. These larger ISPs cater to companies that want to operate e-commerce sites.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
They usually offer wider bandwidth connections to the Internet than smaller ISPs, and
offer more reliable and continuous service.
A number of ISPs and other firms offer services beyond basic Internet
connectivity to companies that want to do business on the Web. Many of these services
were described earlier as candidates for partial outsourcing strategies, and include
automated e-mail response, transaction processing, payment processing, security,
customer service and support, order fulfillment, and product distribution.

Selecting a Hosting Service

For larger website implementations, the team will want to obtain the advice of
consultants or other firms that rate ISPs and CSPS, such as Keynote Systems and the
Directory of Internet Service Providers published by Board watch Magazine. The most
important factors to evaluate when selecting a hosting service include:
 Functionality
 Reliability, hand width and server scalability
 Security
 Back-up and disaster recovery
 Cost

Companies that sell hosting services provide different features and different levels of
service. The functionality offered by a service provider can include credit card
processing and the ability to link to existing databases that store customer and product
information. Some tracking software provides much more detailed information and easy-
to-use report generators than other tracking software. You should determine the
functionality offered by a hosting service and carefully evaluate whether that
functionality will be sufficient to meet the needs of your website.
The service should offer a guarantee that limits possible down time. E-commerce
buyers expect hosting services to be up and running 24 hours a day, every day. Of
course, no hosting service can promise never-to-fail service, but some can provide
staffing and back-up hardware that minimizes reliability problems. Coordination of this
function with the service provider can be very important. Usually, a business must have
some round-the clock staff available or on-call to work with the service provider when an
interruption occurs.
The bandwidth of the service‘s connection to the Internet must be sufficient to handle
the peak transaction loads that its customers require. Sometimes a service provider will
sign up new accounts faster than it can expand the bandwidth of its connections, resulting
in access bottlenecks. A guarantee that specifies bandwidth availability or server
response times is worth negotiating into a service provider contract. If you expect your
site‘s traffic to increase rapidly, it is important that your service provider increases
rapidly the server capacity and the bandwidthprovided. In general larger hosting services
can scale up more easily than smaller hosing services. Again, it is worth negotiating
some scalability into the service provider contract in such situations.
Since the company‘s information on customers, products, pricing, and other data
will be placed in the hands of the service provider, the vendor‘s security policies and
practices how it implements security. No matter what security guarantees the service
provider offers, the company should monitor the security of the e-commerce operation
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
through its own personnel or by having a security consulting firm. Security consultants
can periodically test the system and launch attacks on the security features used by the
service provider to determine whether they are easily breached.
The hosting service should be able to guarantee close to 100 per cent reliability by
having a workable disaster recovery plan in place. In addition to having off-site data
back-up or mirroring, the hosting service should have a way to restore your site very
quickly in the case of a natural disaster? Service providers offer many different pricing
plans for will require, and having a goods estimate of the range of transaction loads the
site is likely to generate, can help in negotiating a price for the hosting services a price for
the hosting service.

Question Bank

Q.1 what is the virtual value chain and information strategy framework?
Q.2 Explain Seven Dimensions of E-Commerce Strategy.
Q.3 Explain following-Value Chain and E-Strategy, Strategies for Web Site Development
Q.4 Explain E- strategy/IT strategy
Q.5 what is IT Strategy and Why it is Important?
Q.6 Explain Alignment of IT Strategy to Corporate and Business Strategies
Q.7 Explain the relationship between Value Chain and E-Strategy.
Q.8 Explain strategies for Web Development.
Q.9 Write a short on Virtual Value Chain.
Q.10 Explain the importance of values chain and E-strategy
Q.11 Write down step by step procedure of web site development in detail.
Q.12 what are the planning require for E-commerce business?
Q.13. Explain value activities in Virtual Value Chain.
Q.14 Explains components of commerce value chain.
Q.15 Explain different strategies or steps in planning the E-commerce project. OR Write down
step by step procedure of E-commerce web site development in detail
Q.16 what is data mining. Explain its applications in E-business.
Q.17 what is data warehousing. How it is useful in E-business.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Chapter 8
Mobile Commerce
Wireless Application Protocol (WAP)

Wireless Application protocol (WAP) was invented and driven by the WAP Forum – a
group originally formed by Nokia. Ericsson, Motorola and Phone. Com in 1997. WAP
is an open specification that offers a standard method to access Internet- based content
and services from wireless devices such as mobile phones and PDAs ( personal Digital
Assistants) The embedded browser , and the operators network that optimizes the
transmission of the content software that connects to a WAP Gateway (software
infrastructure residing in for the wireless URL. The content for wireless devices can be
stored on any Web server on the Internet. Content must be formatted suitably for the
mobile phone‘s small screen and low bandwidth/ high latency connection. Content is
written in a markup language called Wireless Markup Language (WML) WML script
enables client side intelligence.
The main benefits of WAP include:
1. Non-proprietary method to access Internet-based content and services.
2. It is network independent
3. It has been adopted by 95 per cent of handset manufacturers and being
implemented by the majority of carriers.
4. WAP browsers can be built on top of any operating system, including PalmOS,
FPOC, Windows CE, FLEXOS, OS/9, JavaOS, etc.

Origins of WAP

While all the four companies that founded the WAP Forum had a hand in the currently
available WAP technology set, its basis was a gift from Phone. Com the company
incorporated in 1994 as Libras Inc., changed its name twice: first to Unwired Planet and
then to Phone. Com. By November 1995 the company hosted the first public
demonstrations of its U. P. Browser a micro-web browser for cellular phones.
While HTML and related technologies such as Java Script, Java, and Flash work
well for desktop computers and laptops with large displays, it is a poor markup language
for devices with small screen and limited resolution. Color graphics, animation, and
sound, challenge the developers under the best of conditions. Additionally, these types of
devices lack the processing power and memory to handle multimedia.
To combat this, Phone.Com developed a set of technologies related to HTML but
tailored to the small screens and limited resources of hand-held, wireless devices, Most
notable is Handheld Device Markup Language (HDML) HDML on paper looks similar to
HTML, but has a feature set and programming paradigm tailored to wireless devices with
small screens.
Between November 1995 and June 1997, Unwired Planet negotiated major
contracts with many prominent cellular phone makers to use their HDML-based U P.
Browser, and with cellular phone infrastructure companies to install U P Link Servers to
handle requests from the UP Browser. Mitsubishi demonstrated the U P Browser running
on their Mobile Access Phone in January 1996. AT & T wireless, Bell Atlantic Mobile
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
Samsung, QUALCOMM, and GTE quickly followed with announcements that they too
would utilize Unwired Planet‘s technology.
In June 1997, Unwired Planet, along with Ericsson, Nokia, and Motorola,
announced the formation of the WAP Forum. Instead of fighting imminent competition
from other companies offering their own standards, these companies sought to make their
technologies the standard for mobile Internet access. Unwired Planet offered HDML- the
markup language, and the Handheld Device Transport Protocol (HDTP); Nokia brought
their Smart Messaging protocol; Ericsson offered their Intelligent Terminal Transfer
Protocol (ITTP). This alphabet specification. This specification is a set of documents
describing the protocol. There are several of them and, they are long and technical. They
cover everything from the overall architecture and security information to the binary
format of a WAP application and a description of WML Script (similar to Java Script).
The documents contain enough information for any developer to learn the minutiae
needed for creating WAP- based products.

PHILOSOPHY of WAP5

WAP take a client / server approach. It incorporates a relatively simple micro-browser

into the mobile phone, requiring only limited resources on the mobile phone. This makes
WAP ____
Suitable for thin clients and early smart phone. WAP puts the intelligence in the WAP
Gateways whilst adding just a micro-browser to the mobile phones themselves. Micro-
browser-based services and applications reside temporarily on servers, not permanently
in phone. The WAP is envisaged as a comprehensive and scalable protocol designed for
use with any mobile phone- from those with a one-line display to a smart phone-and any
existing or planned wireless service, such as the Short Message Service, Circuit
Switched Data, Unstructured Supplementary Services Data (USSD) and General Packet
Radio Service (GPRS) Indeed the importance of WAP can be found in the fact that it
provides an evolutionary path for application developers and network operators to offer
their services on different network application developers and network operators to offer
their services on different network types bearer, and terminal capabilities. The design of
the WAP standard separates the application elementsfrom the bearer being used. This
helps in the migration of some applications form SMS or CSD to GPRS for example
WAP has been designed to work with all cellular standards and is supported by major
worldwide wireless leaders such as AT&T Wireless and NTT DoCoMo, and multiple
input terminals such as keypads, keyboards, touch screens and styluses.
WAP embraces and extends the previously conceived and developed wireless data
protocols. Phone. Com created a version of the standard HTML Internet protocols
designed specifically for effective and cost-effective information transfer across mobile
networks. Wireless terminals incorporated HDML (Handheld Device Markup Language)
micro-Brower, and phone. Com‘s Handheld Device Transport Protocol (HDTP) then
linked the terminal to the Uplink server suite that connected to the Internet or intranet
where the information being requested, resides. The Internet site content was tagged with
HDML. This technology was incorporated into WAP, and then renamed using some of
the many WAP related acronyms such as WMLS, WTP, and WSP, Someone with a
WAP- compliant phone uses the in-built micro-browser to make a request in WML, a
language derived from HTML especially for the information from an Interest in WML, a
language derived from HTML especially for wireless network characteristics. If the
 Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
content being retrieved is in HTML format, a filter in the WAP Gateway may try to
translate it into WML. A WML scripting language is available to format data such as
calendar entries and electronic business cards for direct incorporation into the client
device.
As we explore the the WAP transaction model, shown in Figure 8.4, you will find
that it is fundamentally the same as the Web transaction model in Figure 8.3. But with a
few key differences.
The most significant difference is the need for what is called a gateway between
the client and the web server, which contains the information you are interested in
accessing. The gateways duties include the translation of WAP formatted messages
received from the WAP server responds, it will most likely send a file containing WML
and WML Script, the WAP equivalents of HTML and Java Script. It is the gateways job
to change that next

Client

Request (URL) CGI

script
servlets
User
agent
Response Document

Content

Fig. 8.3 The WW transaction model

Client Gateway Origin server

Encoded request Request (URL) CGI

scripts
services
WAP user Encoders
agent and
decoders

Content
Encoded response Response (document)

Fig. 8.4The WAP transaction model

File into a WAP binary file and encrypt it. A file in this format is more suitable for
wireless transmission to the device that requested the information.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
The gateway is also responsible for knowing the character sets and languages of
the WAP devices that use it. Whether it is an English WAP device talking to German
Web server or a Japanese WAP device requesting information from a French Web server,
the gateway needs to ensure that the requester receives a coherent message.

WAP Step – by –Step

Let us walk through a typical WAP transaction. So as to understand the steps involved in
retrieving information from the Web server.
 A user requests a URL by entering into a WAP device (Alternately, an already-
running WAP program requests a URL on behalf of the user.)
 The WAP device encodes the request into an encrypted. Compact binary format
suitable for transmission over a wireless link and sends it to the WAP gateway.
 When wmlserver.com receives the request, it fulfils it by returning the requested
documents back to the gateway.
 The gateway converts the HTTP response back into an encrypted binary format
and ships it off to the WAP device.
 The WAP device decodes the response and displays the results on the WAP
device‘s screen.

As you can observe, there are some similarities between the Web and the WAP
transactions. For instance, they both use a request-response process, whereby the browser
initiates the process. They both also use Web servers to deliver the requested content.
These similarities let companies with investments in Web technology and resources
leverage that knowledge to design WAP based systems.

WAP Architecture:
Figure 10.5 shows the Wireless Application Protocol in a series of layers. This layered
format mimics the International Standards Organization (ISO) Open systems
Interconnection (OSI) network model. The OSI Model defines a layered framework for
generically describing and designing protocols. The OSI model has seven layers. WAP
device start at the application layer.

Application layer (WAE)

Other services and
applications

Session Layer (WSP)

Transaction layer (WTP)

Transport layer (WDP)

Bearers: GSM, CDMA, CDPD, FIEX and many others

Fig. 8.5 the WAP architecture
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

And get processed until the request goes out over a bearer network to the gateway
Responses enter the device at bearer level, and are transformed and finally displayed at
the applications layers.
WAP request from an application must be transformed into a certain format
before being sent wirelessly to a gateway and finally off to a web server to have the
request fulfilled. The response on the return trip is unencrypted and decoded before
being displayed on the screen each request and response must precede through the set of
layers in Figure 8.5 in the correct order each and every time. With all these in mind. Let
us analyze the WAP architecture layers.

WAP Application Environment (WAE)

The Wireless Application Environment layer is the one you are most likely concerned
with if you are considering deploying WAP applications. It encompasses the devices, the
content- development languages you use (WML and WML Script) the telephony APIs
(WTA) for accessing telephony functionality from within WAE programs, and some
well- defined content formats for phone book records, calendar information, and
graphics.

Wireless Session Protocol (WSP)

WSP layer provides a consistent interface to WAE for two types of session services: a
connection mode, and a connectionless service. Without getting bogged down into the
details. It is important to note the services this layer enables, such as the following:
 Creating and releasing a connection between the client and server.
 Exchanging data between the client and server using a coding scheme that is
much more compact than traditional HTML text.
 Suspending and releasing sessions between the client and server.

Wireless Transaction Protocol (WTP)

Now we are getting a bit more technical. WTP provides transaction services to WAP; it
handles acknowledgements so that you can tell if a transaction succeeded. It also
provides retransmission of transactions in case they are not successfully received, and
removes duplicate transactions.
WTP manages different classes of transactions for WAP devices; unreliable one-
way requests, reliable one-way requests, and reliable two-way requests. A reliable
request means that acknowledge are sent from the receiving device. An unreliable
requests from a makes it to the server. You might think that this is a ludicrous
transaction type. Why would anyone request something, but not care if it was actually
fulfilled? One-way paging networks work is in this fashion. If you page someone and the
pager is off or out of range, that person does not receive the message. Since these
commands are routed back to the home mobile network‘s Home Location Register
(HLR), services based on USSD work just as well and in exactly the same way when
users are roaming. USSD works on all existing GSM mobile phones. Both SIM
Application Toolkit and the WAP, support USSD, USSD stage has been incorporated
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
into the GSM standard. While USSD was previously a one-way bearer useful for
administrative purposes such as service access, Stage 2 is more advanced and interactive.
By sending in a USSD2 command, the user can receive an information services menu. As
such, USSD Stage2 provides WAP-Like features on existing phones.
USSD strings are typically too complicated for the user to remember. Involving
the use of the * and # charters to denote the start and finish of the USSD string. However,
USSD strings for regularly used services can be stored in the phone book, reducing the
need to remember and re-enter them. As such, USSD could be ideal bearer for WAP on
GSM networks.

General Packet Radio Service (GPRS)

GPRS is a new packet-based bearer that has been introduced on many GSM and Time
Division Multiple Access (TDMA) Mobile networks from the year 2000 onwards. It is an
exciting new bearer because it is immediate (there is no dial-up connection), relatively
fast (up to 177.2 Kbps in the very best theoretical extreme), and supports virtual
connectivity. Allowing relevant information to be sent from the network as and when it is
generated.
There are two efficient means of proactively sending (―pushing‖) content to a
mobile phone; by the Short Message service, which is of course one of WAP bearers; or
by the user maintaining more or less a permanent GPRS (mobile originated) session with
the content server. However, mobile terminated IP traffic might allow unsolicited
information to reach the terminal Internet sources originating such unsolicited content
may not be chargeable. A possible worst case scenario would be that mobile users would
have to pay for receiving unsolicited junk content. This is a potential reason for mobile
vendors to not support GPRS Mobile Terminate in their GPRS terminals. However, by
originating the session themselves from their handset, users confirm their agreement to
pay for the delivery of content from that service. Users could make their requests via a
WAP session, which would not therefore need to be blocked. As such, a WAP session
initiated from the WAP micro-browser could will be the only way that GPRS users can
receive information onto their mobile terminals. Since all but the early WAP-enabled
phones will also support the General Packet Radio Service, WAP and GPRS could well
be synergistic and be used together widely. For the kinds of interactive, menu-based
information exchanges that WAP anticipates, CSD is not immediate enough because of
the need to set up a call. Early prototypes of WAP services based on CSD were therefore
close to unusable. SMS on the other band. Is immediate but is always stored and
forwarded, such that even when a subscriber has just requested information from their
micro-browser, the SMS Centre resources are used in the information transfer. As such,
GPRS and WAP are ideal bearers for each other.
Additionally, WAP incorporates two different connection anodes WSP
connection mode, or WSP connectionless protocol. This is very similar to be two GPRS
Point-to Point services – connection oriented, and not connection- oriented. The
predominant bearer for WAP- based services will depend on delays in the availability of
WAP handsets and delays in the availability of GPRS terminals.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Applications

WAP is being used to develop enhanced forms of existing applications and new versions
of today‘s applications. Existing mobile data software and hardware supplies are adding
WAP support to their offering, either by developing their own WAP interface or more
usually, partnering with one of the WAP Gateway suppliers profiled above. Previously,
application developers wrote proprietary software applications and had to port that
application to different network types and bearers within the same platform. By
separating the bearer from the application, WAP facilitates easy migration of applications
between networks and bearers. As such, WAP is similar to Java in that, it simplifies
application development. This reduces the cost of wireless application development and
therefore, encourages entry to the mobile industry by software developers.

WAP Programming Model

Pull Architecture

Push and Pull are two ways of transferring information to and from a phone, via WAP.
Pulling occurs when the sure opens an Internet connection and initiates a request through
the phone. Push does not require the use to initiate the request instead a third-party
application begins the information transfer. Whether the user is the one to open the
Interned connection or not, depends on the network being used. Figure 10.6 illustrates a
simple pull transaction and the steps involved in it.

Step 1 :- The client (1) marks a request to a URL through his or her device.
Step 2:- The URL request is encoded and sent over the airwaves through a wireless
protocol (2)
Step 3:- The URL is received by the WAP gateway (3) and is decoded.
Step 4:- The info is transferred to a web server via a normal HTTP request (4)
Step 5:- The Web server (5) retrieves an answer to the request using CGI scripts, ASP, or
WML script. Calls to databases or other websites might be made to retrieve
the
Answer.
Step 6:- A WML or HDML packet is sent back to the gateway via HTTP.
Step 7:- The packet is encoded once more and sent back to the client via wireless
protocol.
Step 8:- The phone interprets the packet and displays the response on its display screen.
Note: This Study material is still under development and editing process. This draft is being made
1 Client
available 3
for the sole purpose of reference. Final edited copies will be made available once ready. 5

WAP Gateway Web Server

WML WAP Gateway 4HTTP Web Server

2 WSP
WML Script WML encoder WML CGI scripts
WTP
script compiler content WML
protocol

Fig. 8.6 Pull architecture

Micro-browser

We have already discussed what the general duties of a micro-browser are. Like a
regular Web browser, it submits requests for information, receives results, and interprets
and displays those results on screen. There are also some secondary tasks associated with
the job of a micro-browser.
The micro-browser includes both WML and WML Script interpreters. As the
phone receives binary information in this format, the micro-browser interprets that data
decides how to display and execute WML Script.
Though not specified in the WAP specification, the micro-browser may have
additional capabilities. For example, the phone may include RAM for caching
information in the same way computer hard drives cache information for regular Web
browsers. If so, the micro-browser will have the software that helps it decide when a page
should be cached, how log the information in the cache is valid, and when to remove
items form the cache
The micro-browser is also responsible for understanding the HTTP I.I. protocol.
As already described, the gateway is responsible for much of the translation between the
WAP and HTTP protocols, However, when a request is sent from a WAP device, the
micro-browser must be able to include valid HTTP information in the request so that the
Web server knows how to interpret the request.
Finally, the micro-browser needs to know how to manage the limited resources of
the WAP device. These devices are limited in screen size, processing power, RAM,
ROM, and input/output capabilities. The micro-browser is responsible for juggling the
demands of this limited environment.

WML

WML is similar to HTML. However, WML borrows heavily from the constructs of the
Extensible Markup Language (XML) the Internet successor to HTML. The creators of
WML accounted for the limited resources of WAP devices. However, they kept the tag-
based design of HTML and in some areas, built more robust features into WML than
those provided by HTML.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
To see what we are talking about, look at the following snippet of HTML;
<Html>
<Head>
<Title> Empyrean Design Works</title></head>
<Body>
<Hl> Welcome </hl>
<p> Empyrean Design works is a firm for mobile, wireless
Full service software design and strategy, and handheld technologies.
<Html>
Now, here is an example of WML code.
<Wml>
<card id= ―first‖ title = ―Empyrean Design Works‖>
<p> Empyrean Design Works is a full service software design and strategy from
for mobile, wireless, and handheld technologies </p>
</card>
</wml>

While the two pieces of code do not look identical, notice the similarities between
HTML and WML Instead of starting and ending the document with < html > and < /
html >, a WML document uses < wml > and < /wml > . Also notice that <p > is used in
both languages as a way to mark a new paragraph within the document.
Both WML and HTML render similarly in their respective browsers. WAP
browsers are just much more screen size challenged.
WML as a language has the following general features.

Support for text and images. This includes presentation hints like line breaks,
formatting (bold, italic, and emphasis) and other placement clues. Not all devices support
all text styles. WAP- compliant devices are not required to support images (this should
change over time as devices become more capable), although the protocol does support
them.

Support for user input.WML includes text entry fields, choice lists, and controls that
invoke tasks. For instance, you can assign a URL to a specific button on a device such
that when the user presses the button, a request is sent for a new document. The WAP
specification has no specific definitions on how user input is accomplished. For example,
if a WML program includes a list of options, the user may have to make their choice by
pressing hardware buttons, tapping an on-screen button, or using voice input. It is up to
each device manufacturer to determine how an options list is implemented.

A variety of navigation mechanisms. Based on the Internet-standard URL naming

scheme, WAP lets you move between documents. Each WAP device may also
incorporate a history mechanism for documents already visited, so that the user can
revisit a previous document just by pressing a Back button, much like revisiting a
previous page in a web browser.

Support for multiple languages and dialects. WML provides support for multiple
languages and dialects by using the 16-bit Unicode character set.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
State and context management features. State management implies that variable
values can be passed from document to document. Additional capabilities include
variable substitution and caching of variables and documents to maximize cache hits on
the device and minimize wireless server requests.

WML Script

WML Script adds a lightweight procedural scripting language to each WAP device.
Loosely based on JavaScript, WML Script lets programmers add intelligence to WAP
programs. And reduces the necessity for requesting information from the Web server.
Programmers can use WML Script for the following:

Input validation. As users enter data like their name, a dollar amount, or a phone
number, WML Script can validate the input against some template. For example, it can
check that the dollar amount entered is under $100 and includes two digits after the
decimal.

User interaction. WML Script lets an application interact with a user without constantly
needing to contact a Web server for more documents, For instance, the If…… then
………else capability lets the program logic decide which document to show next or
display an error message of some sort without first going over the network.
WML Script also includes libraries that provide a wide range of functionality,
including math calculations, string processing, and URL manipulation, for instance.

Wireless Telephony Application Interface (WTAI)

WTAI is designed to let network operators access the telephony features of a WAP
device. They can do such things as initiate phone calls using WML and WML Script
accept incoming calls, hang up calls, send and receive text messages and manipulate
phone book entries on the device. Besides those functions that are common to all WAP
devices, WTAI supports telephony extensions that are specific to certain wireless
telephone networks like GSM and Personal communication Services (PCS).
WAP is a feature-rich application environment. It programmability and telephony
features make it very suitable for creating mobile applications. Its compact form.
Encryption and error-handling make WAP suitable for the challenges of wireless
transactions.
WAP will undoubtedly continue to evolve to support advanced features and
functionality that will appear in smart phones in the near future.

Wireless Technologies

AMPS and European Analog Cellular

Advanced Mobile Phone Service or AMPS, is the analog cellular transport used
throughout North America and in other parts of the world, notably Central and South
America, New Zealand, and Australia. It has the best coverage of all North American
Systems.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
AMPS operate at 800 MHz It is a voice-only analog transport. You can also use it
with a cellular modem for circuit-switched data communications. AMPS are slowly being
replaced with various competing digital networks. For the foreseeable future however, it
will be the most readily available cellular network in North America.
At the same time AMPS systems were being built in the United States, a variety
of incompatible analog systems were when being promoted in Europe and the rest of the
world. Although they all operated in the 900 MHz frequency range, the European
systems did not work well with each other. These 900 MHz European analog systems,
which we do not identify individually, are rapidly being phased out in favor of all-digital
systems.

TDMA

Time Division Multiple Access (TDMA) is a digital transport that divides the frequency
range allotted to it into a series of channels. Each channel is then divided into time slots.
Each conversation within that channel gets a time slot hence the term ―division‖ in the
name.
TDMA has been in use for quite some time in Europe as the basis for the GSM
(Global System for Mobile Communications. More recently, it is being adopted in North
America, in some PCS systems.
It is possible to overlay TDMA on top of an AMPS transport, converting an
analog network to a hybrid analog/digital network. Some AMPS carriers in North
America have been doing this to add security, capacity, and data capabilities to their older
voice systems. This type of network has several names, such as Digital AMPS (D-
AMPS) and North American TDMA (NA-TDMA)

CDMA

Code Division multiple Access (CDMA) is a digital transport that has been in use by the
US military since the 1940s. However, as a commercial wireless transport, it is the new
kid on the block compared to TDMA and AMPS.
Pioneered by US-based QUALCOMM a CDMA transmitter assigns a unique
code to each wireless connection and then broadcasts its data out on the channel
simultaneously with all other connections. The receiver is able to decode each
conversation by knowing the unique code assigned to each connection.
CDMA is offer described as a party in a room where everyone speaks a different
language. If everyone speaks at approximately the same volume, you should be able to
hear all the conversations. If you know the unique code (language) used by each speaker,
you can hear and understand all the conversations.
CDMA advocates the claim that it has some definite advantages over TDMA.
First and foremost, CDMA enables simultaneous usage: approximately 10-20 times
AMPS, and three times TDMA. It uses less power, giving you much better phone battery
life. It is also more secure, because it hops from one frequency to another during a
conversation, making it less prone to eavesdropping and phone fraud. Other benefits
include fewer dropped calls and better voice quality.
CDMA is being widely deployed in North America in new PCS systems, but less
widely throughout the world. Like TDMA, it can also be overlaid on top of AMPS
systems to create hybrid analog/digital networks.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

GSM

In the late 1980s, noting the wide disparity of analog cellular systems in Europe, various
European political, trade, and academic interests started collaborating on an all-digital
cellular communications network, Eventually called GSM, it has gone on to be the most
widely deployed digital network in the world to date. It is used by millions of people in
more than 200 countries.
Using an all-digital, TDMA-based network, every GSM phone has access to a
variety of data functions at speed limited to 9600 bps (the effective throughput is
typically about half that speed). These services include direct-connect Internet access
(both circuit-switched and packet data) without requiring a modem, mobile fax
capabilities, and short message service.
GSM started operating in the 900 MHz frequency range in all European countries.
Additional networks are being deployed in the 1800 MHz frequency range. An alternate
name for GSM in PCN (personal Communication Network) the European equivalent of
PCS (Personal Communication Services.

CDPD

Cellular Digital Packet Data of CDPD is a TCP/IP based mobile data-only service that
runs on AMPS networks. Since CDPD runs on analog networks, it requires a modem to
convert friendly networks offer analog voice, circuit-switched data (made possible by the
modem), and packet data service.
CDPD has a raw throughput of 19,200 bps. Unfortunately, the TCP/IP protocol
consumes about half of that, giving you an effective data throughput of about 9,600 bps.
CDPD is designed for relatively quick set-up and tear down, making it similar to packet
data connections. However, it is not as efficient as digital-only networks for short, burst
data communications.
CDPD is a uniquely North American protocol that is not widely used elsewhere in
the world in fact; it has not been widely deployed in the US. CDPD will most likely be
replaced by various all- digital networks in the coming years.

Voice/ Data Networks

Table 10.3 lists each of the major cellular voice communications networks that also
support data. The table lists alternate names, the type of technology (analog, digital, or
hybrid) the frequency range used by the network, and the part of the world where it‘s
predominant.
Note that the locations are either US or Europe, which indicate that most of these
networks are most popular in either the United States or Europe. However, they also
enjoy some degree of success in other parts of the world. This is indicated by the word
―global‖ in the location column.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.
TABLE 8.3
VOICE/DATA NETWORKS

Network names Classification Frequency Location

AMPS Analog 800 MHz US/global
AMPS/CDPD Analog 800 MHz US
CEMA Analog / digital 800 MHz Us/global
IDEN Analog/digital 800 MHz Us
TDM/D-AMPS/NA-TDMA Analog/digital 800 MHz Us/global
GSM/GSM900 digital 900 MHz Europe/global
GSM/GSM1800/PCN digital 1800 MHz Europe/global
CDMA/PCS/PCS/1900 digital 1900 MHz US
TDMA/PCS/PCS/1900 digital 1900 MHz US
GSM-NA/GSM 1900/PCS 1900 digital 1900 MHz US

Note that the locations are either US or Europe, which indicate that most of these
networks are most popular in either the United States or Europe. However, they also
enjoy some degree of success in other parts of the world. This is indicated by the word
―global‖ in the location column.
A network is a unique combination of a spectrum block, a transport, and a
protocol, Different networks offer have multiple common names and transport, and
protocol names are often used interchangeably. This can make things a bit confusing.
All of these networks support circuit-switched data connections. You can use
circuit-switched connections to access WAP data, but it‘s very inefficient. All of these
networks, except for pure AMPS, support packet data connections or SMS, both of which
can be used for WAP.
In spite of the fact that the cellular communications landscape is currently a mess,
particularly in North America, proponents of the various networks are hard at work on
two more generations of their respective technologies, insuring that things will get even
more chaotic. What is being promised is an increase in speed. By 2005, speeds should
reach up to 2 Mbps (million bits per second) letting us do such things as quickly send
photographs from digital cameras to our friends and family, and receive real-time video
using portable wireless devices.
Like the current state of affairs, there are several high-speed wireless data
technologies with names such as GPRS, CDMA2000, and EDGE that are being touted as
the next have of wireless data. Several of these systems are currently being tested in
limited trials in various parts of the world. This means that the current confusing
wireless communications landscape will get even more complicated as current
technologies are replaced by their younger siblings. In general, data speeds will get
faster. Data connections with cell phones (or data-only devices like two-way pagers)
should also get easier and less expensive. That is great news for WAP.
In stark contrast to other technologies and markets, these companies created the
WAP Forum to share information and to create an open standard. Each of the companies
independently recognized the imminent convergence of voice and data communications.
Due to this openness WAP has escaped the tragic end that other technologies often
encounter as companies and alliances struggle to establish their standard. Additionally,
this openness has fostered a rapid adoption rate by the majority of handheld paging and
cellular phone companies.
Note: This Study material is still under development and editing process. This draft is being made
available for the sole purpose of reference. Final edited copies will be made available once ready.

Question Bank
Q.1 what do you mean by mobile commerce.
Q.2 Explain about WAP origin.
Q.3 Explain applications of mobile commerce
Q.4 Explain wireless technologies for mobile commerce.
Q.5 what are technologies used in Mobile Commerce?
Q.6 Write notes on secure messaging in e-commerce.
Q.7 Write a short note on Wireless Application Programming Model
Q.8 Write down the concept of WAP Model.
Q.9 Explain the basic concept of wireless technology.
Q.10 Describe the metrics for the design model of a WAP.
Q.11 Write a short note on GPRS (General Packet Radio Service)
Q.12 Write a short note on WDP (Wireless Datagram Protocol)
Q.13 Write a short note on SMS (short message service)
Q.14 Write a short note on USSD (unstructured supplementary services data)
Q.15 Write a short note on CDC (circuit switched data)
Q.16 Explain mobile web payments (WAP)
Q.17 Write a short note on: Mobile Wallets
Q.18 define cellular network.
Q.19 Explain different types of mobile payment methods
Q.20 explain challenges/ security issues to cellular technology in India
Q.21 explain broadcast messaging and paging in cellular networks.
Q.22 Write a short note on direct mobile billing payment method.
Q.23 Write a short note on SMS/USSD based mobile payment method.
Q.24 Write a short note on Direct Operator Billing mobile payment method.
Q.25 Explain micro-browser.
Q.26 Explain different generations of wireless communication.
Q.27 Explain WAP Architecture.
Q.28 Define Web Applications. Give suitable examples