View
228
Download
2
Category
Preview:
Citation preview
Future of the InternetFuture of the Internet
Today
Faster & cheaper access
Web surfing Search engines Publishing
Future
Secure transactions Business-to-Business (EDI) Extranets Filters/constraints Bandwidth Collaborative Computing Widely available in-home
services Multimedia Majority ONLINE!
Definitions
Electronic Commerce ( EC )
A new concept covering buying and selling of products, services and information via computer networks, including the internet.
EC applies different technologies, varying from EDI till e-mail.
In fact we can also consider buying food at a POS automate using a smart card as a form of electronic commerce.
In 10 years from now the term will be completely obsolete.
O’Brien 210
Electronic Market
Buyers and sellers negotiate on an on-line or off-line sales transaction.
Network of interactions and relations where information, products, services and payments are exchanged.
The business center is not a physical building but a network-based location.
Participants: sellers, buyers, brokers they are on different locations sometimes they don’t know each other
Electronic Market: B2C
O’Brien 211
ElectronicMarket
•IInformation request•Ddelivery
Payment authorization request
Payment
•PPayment notice
EFT
PurchaserSeller
Order
Order reply
Bank of the purchaser Transaction Handlers bankTrusted party
bank Supplier
•PPayment order
Interactive Marketing
Marketing-process on the Internet1.Define market segment and potential clients (Websites)
2.Develop promotional material, order forms, …
3.Push technology towards client display (email, newsgroup, web-broadcasting, …)
4. Interactive dialog with the clients
5. Feed-back from clients
6.Online client service.
Push and pull oriented marketing
Client Centric
Clients
Commercialkernel functions
Competitorsenvironment
Internet
Web-sitesIn
tran
ets
Ex
tran
ets
CompetitorsWorld wide-
markets
Suppliers
Costcontrol
Potentialmarkets
Technological developments
Commercialpartners
Communicationwithin the enterprise
Systems
Clientservices
Sales
Marketing
O’Brien 221
Technological Components
O’Brien 228
Location or enterprise
specific data
Web-browser
Browser-extensions
Informationretrieval
Data andtransaction
management
SecureCommuni-
cations
Database serversfor data andmultimedia
Third party software
and services
Database serversfor data andmultimedia
Interorganisational Systems (B2B)
Information flow between two or more organisationsefficient transaction processingno bargaining, only executionpre-defined formats, no telephone calls nor paper
Drivers reduced cost for routine business transactions (SWIFT) improved quality of the procedures because of less errors reduced processing time (Singapore) lower cost for paper handlingbusiness process easier for the users
TypesEDI, EFT,XML, e-mailshared databases
O’Brien 211
Establishing Trust
Without trust between parties online, the value of electronic transactions remains limited.
The concept of a certificate authority, trusted by all parties involved in electronic transactions, is at the heart of new security practices for E-business.
Outsourcing trust is not always the best solution; it has consequences for vulnerability and the degree of comfort.
Role of the certificate Authority
Facilitate E-commerce among parties.
Identify and authenticate certificate requesters and users.
Maintain records on certificates issued.
Audit itself and (as appropriate) its subscribers.
Where possible, avoid or resolve disputes due to the use of certificates.
Absorb risk and take fiduciary responsibility for certificate issuance.
Advantages for the Organisation
Lower cost for handling, creation and storage of paper information
electronic purchasing system
electronic payment 95% cheaper than check
Reduced stock and overhead with “pull-type” delivery
Reduced time between sales and payment
Supports BPR efforts , leading to higher efficiency
Advantages for the Client
More alternatives from various vendors
Cheaper products and services
Often immediate delivery
24 hours service
Relevant information can can be obtained after seconds instead of after days
Constraints
Lack of security standards
Insufficient bandwidth
Problems with Interoperability
Accessibility of the internet
Remaining legal aspects (digital signature)
Still in full evolution
Clients do not like changes
Still limited number of buyers and sellers
Problems with human relationships.
SET Secure Electronic Transaction
1. Client initiates a transaction by sending a request and a signed, encrypted authorization. The supplier can not access the credit card number because it is encrypted.
2. The supplier passes on authorization. The bank can decrypt this and see the credit card number. It can also check the signature.
3. Acquiring bank checks credit card with card issuer.
4. Card issuer authorizes and signs transaction.
5. Bank authorizes merchant and signs transaction.
6. Customer gets goods or service and a receipt.
7. Supplier asks to capture the transaction and get the money.
8. Supplier gets paid according to its contract.
9. Customer gets monthly bill from card issuer.
E-cash Electronic Cash
1. Customers open an account with a bank and either buy or receive free special software for their PC,s.
2. The customers buy electronic money by using the software. Their accounts are debited accordingly.
3. The bank sends an electronic money note to this customer, endorsing it with a digital signature (made with its private key). Customers then inquire whether the money is available by using the bank’s public key.
4. The money is stored on the buyer’s PC and can be spent in any store that accepts E-cash.
5. The software is used to transfer the E-cash to the seller’s computer. The seller uses the bank’s and customer’s public keys to verify that the money belongs to the specific buyer and is indeed at hand.
6. The seller then deposits the E-cash in the bank, crediting his regular or electronic account.
Electronic Credit CardsEncrypted payments
1. Customer sends the encrypted credit card information and digital signature to the supplier.
2. The merchant validates the customer’s identity as the owner of the credit card account.
3. The supplier checks the information with his own bank or credit card processor. Authorization is obtained by contacting the customer’s bank.
4. When the authorization is sent to the supplier’s bank, the deal can be concluded.
5. The customer’s account is debited and the supplier’s account is credited.
Electronic Credit CardsPayment using a third party
More secure since card details aren’t transmitted over the net. Expensive but fast. Using a trusted party like “First Virtual Holdings Company” (FV).
1. Customer opens a bank account with FV.
2. The customer buys an item and provides the supplier with his FV number and an authorization to access this account.
3. The supplier accesses FV to request fund authorization in the customer’s account.
4. FV verifies the customer and checks for sufficient funds.
5. FV sends an electronic message to the buyer: “Do you agree to pay?”
6. If customer approves, FV tells the merchant to proceed.
7. Customer’s account is debited.
Electronic checks
similar to regular checks, secured by public key cryptography.1. The customer establishes a checking account with a bank.
2. The customer contacts a supplier, buys a product or service and e-mails an encrypted electronic check.
3. The supplier deposits the check in his account; money is debited in the buyer’s account and credited to the seller,s account.
E-checks carry an encrypted digital signature and additional information.
Can be exchanged between financial institutions via electronic clearinghouses.
Can be used as payment instruments in EDI-applications. The NetCheck system.
Accept paper checks in exchange for crediting customer’s NetCheck account.
Integrated with financial institutions.
Electronic Payment Cards
Traditional bank cards
Payment cards for specific companies
(transportation)
Smart cards: electronic purse
NNE New Network Economy
500 million citizens and companies will soon use the internet
Internet technology becomes very user friendly
Competitive power of a country depends also on its internet penetration
Barriers are mainly mental and cultural (wait and see mentality)
85% of e-commerce is B2B
Sources of problems
Unstable softwareBugs are exploited
Uncareful system administrationSecurity optionsBad passwords
TipsWork with recent software (applications and operating
system)Install security options in your browserMake backups (long enough because they can contain
virusses)
Hackers
Internet financial transactionsnot more unsafe than FAX, telephone, regular mail, … Intrusion: also possible in normal shops or domicilesCertainly safer than credit cards Intrusion immediately reported worldwideEasier to encrypt than other communication techniques
Economy can not wait until the ultimate secure system is available
The critical value of NNE is already reached in US and Scandinavia
The value of a network increases with the square of the number of participants
The risk of e-mail
Reading an e-mail is not dangerous The risk is in the attachments
Can contain executable files that can import virussesA word or excel file can contain dangerous macrosVirus scanners
• McAfee• Norton Antivirus• F-prot• Thunderbyte scanner
Encrytion products also for authentication• PGP pretty good privacy
Risks of surfing the internet
Downloaded files should be scanned for virusses
Pages with active contents like Java applets or Actve-X controls can also import virusses
Recent browsers warn you if page contains active elements
Static pages are very safe
Recommended