CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes...
Transcript of CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes...
![Page 2: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/2.jpg)
Objectives of Module
Lifecycles
PeopleInvolved
QualityAttributes
Differences
TypesOf
Systems
Definition
E-CommerceSystems
![Page 3: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/3.jpg)
Introduction to E-Commerce Systems
![Page 4: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/4.jpg)
Introduction
� “We live in an era of e-everything” – David Chaffey
� Everywhere we look, we are likely to see an e-something:
� E-Commerce
� E-Banking
� E-Dating
� E-Government
� E-Learning
� E-Logistics
� …
![Page 5: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/5.jpg)
What are E-Commerce Systems?
� Viewing a product list online?� Ordering products online and paying by cheque or in
person?� Ordering and paying online plus having the product
delivered?� Getting information (e.g. share prices) from a
website for free?� Using your mobile to get online news or even
topping up your prepaid balance?
!!All of the above are examples of e-commerce systems!!
![Page 6: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/6.jpg)
Definition of E-Commerce Systems
“the exchange of information across electronic networks, at any stage in the supply chain, whether within an organisation, between businesses, between businesses and consumers, or between the public and private sectors, whether paid or unpaid”
-The Prime Minister’s Strategy Officewww.number-10.gov.uk/su/ecomm/ec_body.pdf
![Page 7: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/7.jpg)
Benefits of E-Commerce
� Businesses� 24-hour operation� High cost-savings� No geographical
boundaries� Potential access to millions
of customers
� Consumers� Conveniance� Easy to compare products
and prices� Easy to find reviews� Much more choice� …
![Page 8: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/8.jpg)
What is being bought online?
80%
32%30%29%
26%25%24%
13%13%11%
9%8%8%5%4%
1%0%
10%
20%
30%
40%
50%
60%
70%
80%
Products
Books
Software
Hardware
Music
Holidays
Videos/DVDs
Electronics
Cinema/Theatre
IP Telephony
Clothes
Business Supplies
Business Travel
Toys/Games
Shares/Stocks
Food
Jewelry
![Page 9: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/9.jpg)
Players in E-Commerce
� Business
� Typically provide products and/or services online
� Products available to consumers or even other businesses
� Consumers
� Interested in information/products/services and are willing to obtain them online
� Government
� E-Government Services
� Facilitates access to government services for both consumers and businesses
![Page 10: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/10.jpg)
Main Types of E-Commerce Systems
E-Commerce Systems
Business-to-Business Business-to-Consumer Consumer-to-Consumer
Sell-Side Buy Side Marketplace Collaborative
![Page 11: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/11.jpg)
Business to Business (B2B)
� Interdependent Businesses conduct business amongst themselves online
� Usually does not take the form of the traditional website e-Commerce system
� Usually fully (or almost fully) automated (e.g. automatic online ordering when stock levels are low)
![Page 12: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/12.jpg)
Types of B2B Systems
� There are 4 main types of B2B Systems
� Sell-Side
� Buy-Side
� Electronic Marketplace (or Exchange)
� Collaborative
![Page 13: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/13.jpg)
Sell-Side B2B Systems
Seller
Company A
Company B
Company C
Buyers
•One-to-Many Relationship
![Page 14: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/14.jpg)
Buy-Side B2B Systems
Buyer
Company A
Company B
Company C
Sellers
•One-to-Many Relationship
![Page 15: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/15.jpg)
Electronic Marketplace (or Exchange)
An Exchange
Company A
Company B
Company C
Sellers
Company X
Company Y
Company Z
BuyersServices
•Many-to-Many Relationship
•Exchange is usually owned and operated by a 3rd party
•Businesses meet to exchange goods/services
![Page 16: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/16.jpg)
Collaborative B2B Systems
HubManager
GovernmentBuyers
Sellers
Universities Community
Others
IndustrialAssociations
•Many-to-Many Relationship
•Only business partners participate
•Facilitates communication, sharing of designs, planning information, etc
![Page 17: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/17.jpg)
Business to Consumer (B2C)
� Businesses sell products/services to consumers
� Usually take on the form a website through which consumers can browse through products/services, order and pay online
� Typical Examples:
� Amazon.com
� Extending your internet subscription online
![Page 18: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/18.jpg)
Consumer to Consumer (C2C)
� Consumers buying/selling products and services amongst themselves
� Typical Examples:
� E-Bay
� di-ve.com Classifieds
![Page 19: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/19.jpg)
Differences between E-Commerce Systems and
Other Systems
![Page 20: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/20.jpg)
Introduction
� A number of differences exist between e-commerce systems and other types of systems
� The most important ones are:
� They are content-driven
� They are exposed to the world
� They are Browser Based
� Enormous User Base
� They are likely to change quite often
![Page 21: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/21.jpg)
Content Driven (1/2)
� Most e-commerce sites are connected to a database� View product lists
� Compare prices
� View orders
� …
� What information should my site display?
� Is it organised in the best possible way?
� Is it easy for a use to find what she wants
![Page 22: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/22.jpg)
Content Driven (2/2)
� 72% of users know beforehand what they are looking for
� This indicates we should provide an easy means by which users can search for the product they need
� Usability and Navigability of websites are very important issues.
� A customer who has a bad first impression of a site is not likely to return
![Page 23: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/23.jpg)
Importance of Navigability
43%
36%35%
33%
14%
4%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
Reasons
Decided agains buyingproduct
Website Error
Process too long
Site too slow
Delivery/Payment/PricingProblems
Browser CompatibilityProblems
Also more likely to
simply find another site
Why people abandon transactions online….
![Page 24: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/24.jpg)
Exposed to the world
� The internet is an open network of networks
� E-Commerce sites require the transfer of private information� Customer details
� Credit card numbers
� E-Commerce systems need to be secure
� In security circles, it is always assumed that whatever you send online can be seen by everyone else on the internet
![Page 25: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/25.jpg)
Enormous Userbase (1/3)
� Ideally, an e-commerce website will attract vasts amounts of visitors
� This is a mixed blessing
� Ideal scenario
� Thousands of people visit my e-commerce site daily
� They all see products they like and buy them
� I become very very rich
![Page 26: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/26.jpg)
Enormous Userbase (2/3)
� Some bad scenarios:
� Thousands of people visit my website
� The website cannot cope with the load and starts crashing every few minutes
� I get it fixed
� People come back
� They order items but my business models have not been adapted to e-commerce
� How do I deliver products?
� How do I deal with potentially many customer problems and enquiries?
![Page 27: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/27.jpg)
Enormous Userbase (3/3)
� 37% of users first judge a site by its reputation
� Only 18% of customers will remain loyal to a site if if becomes unstable or slow due to popularity
![Page 28: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/28.jpg)
Browser-Based (1/2)
� Most e-commerce systems are accessed through browsers
� This is good because:
� They are accessible from everywhere
� Browsers are widely available for free
� Browser-based applications do present some disadvantages
� A web application does not have access to event-driven programming like applications writing in C++ or Java for example
![Page 29: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/29.jpg)
Browser-Based (2/2)
� Scripting and Enhancing Technologies� Javascript
� CSS
� DHTML
� No standards
� Browsers interpret these technologies differently
� Websites may work fine on one browser but not on another
� Also the problem of different devices and OSs� Windows/LINUX
� Desktop PC, Laptop, PDA, Mobile phone
![Page 30: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/30.jpg)
Likely to Change Quite Often
� E-Businesses are dynamic by nature
� They need to keep one step ahead of the competition
� Constant change to e-commerce sites is inevitable� Changing of prices (simple change)
� Introducing new offers/schemes (not so simple)
� Introducing new features to the site (complex)
� Is my site built well enough to absorb these changes?
� Systems should mature rather than grow old and frail
![Page 31: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/31.jpg)
Important E-Commerce Quality Attributes
� Based on studies and the unique characteristics of e-commerce, one can say that the following quality attributes are important:
1. Security
2. Usability and Navigability
3. Performance and Scalability
4. Reliability
5. Portability
![Page 32: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/32.jpg)
Security in E-Commerce
![Page 33: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/33.jpg)
The Importance of Security
� Security is a very important consideration in e-commerce
� A major security incident would scare away many existing and potential customers
� Analogy: Imagine setting up a shop in a high-street and going home at night leaving it open with a sign saying “Owner not in”
![Page 34: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/34.jpg)
Common Reasons for not using e-commerce
30%
36%
14%
7%
5%
8%
0%
5%
10%
15%
20%
25%
30%
35%
40%
Touch Security Delivery Browse Trust Other
![Page 35: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/35.jpg)
How secure do online stores need to be before people use them?
44%42%
13%
1%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
Watertight
Security
Minor Risks Considerable
Risks
Security Not
Important
![Page 36: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/36.jpg)
Possible security breaches (1/2)
� Fraud resuting in direct financial loss� Transfer of funds
� Destruction of financial records
� Theft of information� Confidential
� Proprietry
� Technological
� Risk of intruder passing this information on to a competing company or people with malicious intend
![Page 37: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/37.jpg)
Possible security breaches (2/2)
� Disruption of service� E.g. Denial of Service Attacks
� Inconveniences to customers
� Loss of business
� Loss of customer confidence� Intrusions into customer files
� Dishonesty
� Human Mistakes
� Network Failures
![Page 38: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/38.jpg)
Security in brick-and-mortar stores
In tradional businesses:
� Merchants expect to be paid with real money
� When they accept credit, they require signatures
� At the end of the day:
� Alarm is set
� Security Guards employed
� Police available in case of a break in
Can we replicate this online?
![Page 39: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/39.jpg)
Paper-based Commerce vs E-Commerce
PaperPaper--Based CommerceBased Commerce Electronic CommerceElectronic Commerce
Signed paper documents
Person to person
Physical payment system
Merchant & Customer face-to-face
Easy detectability of modifications
Easy negotiability of documents
Digital signatures
Electronic via website
Electronic payment system
No face-to-face contact
Detectability is difficulty
Negotiablity via special protocols
Clear legal rules and protection Confusing legal issues
![Page 40: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/40.jpg)
Experiment
Ask yourself:
� Would I attempt to steal something from a shop in Valletta?
Then ask yourself:
� Would I try to hack into a website or online store to gain access to unauthorised information?
Most people say no to the first question but yes to the second.
Why?
![Page 41: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/41.jpg)
Identifying Security Principals
� Principals in online security are:
� People
� Processes
� Machines
� Keys, passwords, etc
� Principals participate in transactions
� Send, receive, access, update, delete, etc
![Page 42: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/42.jpg)
Security Concerns
� Confidentiality / Secrecy
� Ensuring that data remains private
� Authentication
� Making sure that message senders are who they say they are
� Integrity
� Make sure the messages are not modified during transmission
� Nonrepudiation
� Ensuring that principals cannot deny that they sent a message
� Access Control
� Restricting the use of a resource to authorised principals only
![Page 43: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/43.jpg)
Confidentiality / Secrecy (1/3)
PeterJames
Evil Hacker
sa@@!%&&dds#FFDE33@”:{}{PIHJGFs
InterceptsBut cannot Understand messages
aaTTyUIjhg^&bvv$%vDDDg*$$$csdad
Always assume that anyone can viewAlways assume that anyone can view
your electronic communications at will.your electronic communications at will.
????
![Page 44: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/44.jpg)
Confidentiality / Secrecy (2/3)
� Data needs to be encrypted in order for secrecy to prevail
� There are various encryption techniques and algorithms
� Security algorithms should be updated over time.
� One early popular algorithm was DES.� It is now crackable in 3 hours.
� Latest popular encryption algorithm is AES
![Page 45: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/45.jpg)
Confidentiality / Secrecy (3/3)
� SSL (Secure Sockets Layer) is the prevailing encryption mechanism for e-commerce today.
� Uses Public/Private Key Encryption Methods
� All major browsers support SSL
� SSL supports certificates and thus handles other aspects of security besides encryption
� It is beyond the scope of this course to enter into exactly how SSL works as this would require a whole course to trash out
![Page 46: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/46.jpg)
Authentication (1/2)
PeterJames
Evil Hacker
Hello James, this is Peter I have information 4u
Intercepts
Hello Peter, I am James.Give me the information.
![Page 47: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/47.jpg)
Authentication (2/2)
� Passwords are a weak form of authentication
� Current mainstream technique for ensuring authentication is the use of certificates
� Individuals (and organisations) can obtain certificates from a certificate authority and use the certificate to encrypt their messages
� Recipients can verify the sender’s certificate with a certification authority so as to ascertain the identity of the person
![Page 48: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/48.jpg)
Integrity (1/2)
PeterJames
Evil Hacker
Hello James. Please give me your account num
InterceptsandModifiesMessage
Ok. My account number is 55421221
Ok. My account number is 332121221
![Page 49: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/49.jpg)
Integrity (2/2)
� Certificates and Public Key Infrastructure also cater for integrity
� Recipients can detect if the original message has been changed and request the sender to resend the message
![Page 50: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/50.jpg)
What needs to be secured? (1/2)
� Clients – They are vulnerable to � Viruses� Hackers
� Servers� Exposed to anothorised access� Intrusions could lead to a reducion in speed or worse� Server resourses may be used for purposes other than
those originally intended
![Page 51: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/51.jpg)
What needs to be secured? (2/2)
� Networks� The entry point to computer systems
� Can become the root cause for infringment if not secured
� A weak network can allow data to be easily tampered with
� Common cases occuring due to a loophole in network security:� Fradulent Identities
� Eavesdropping
![Page 52: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/52.jpg)
Common Threats on the Web (1/6)
� Accidental Threats
� Arise from human error
� Generally due to lack of awareness and training
� Poor password choices
� Accidental business transactions
� Accidental disclosure of information
� Use of incorrect software
� Physical accidents
� E.g. spilling of coffee, unplugging servers, etc
![Page 53: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/53.jpg)
Common Threats on the Web (2/6)
� Malicious Threats
� Specially intended to cause harm to people, systems and networks
� Malicious Software
� Viruses
� Trojans
� Worms
� Social Engineering Threats
� E.g. pretending to be an employee of a company and asking for private information
![Page 54: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/54.jpg)
Common Threats on the Web (3/6)
� Authorisation Threats� Hacker attempts to bypass security by posing as
an authorised user
� Needs to gain knowledge about a valid username and password combination
� Various techniques exist:� Dictionary Attacks
� Brute-Force Attacks
� Short Attacks
� …
![Page 55: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/55.jpg)
Common Threats on the Web (4/6)
� Application Threats
� Exploit vulnerabilities in applications deployed as part of a web system
� Applications can include
� Web Servers
� FTP Servers
� DNS Servers
� The operating system
� …
� Always keep software updated with the latest version and fixes
![Page 56: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/56.jpg)
Common Threats on the Web (5/6)
� Privacy Threats
� Two forms:
� Network Eavesdropping
� Monitor data being transmitted over networks
� Extract Information
� Radio Signal Evesdropping
� Listen to radio signals from computer hardware (e.g. computer monitors) and try to extract useful information from it
� Rarely used – Requires expensive equipment
![Page 57: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/57.jpg)
Common Threats on the Web (6/6)
� Access Control Threats
� Intruder gains access to a system for which (s)heis not authorised to use
� However, (s)he does not do it by posing as an authorised user
� E.g. Gain access to an unsecured modem
� E.g. Exploit some sort of network flaw
![Page 58: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/58.jpg)
Network Attacks (1/3)
� Denial of Service (DoS) Attacks
� Attempt to make a website or service unusable
� E.g. Uploading vast amounts of data to an FTP server so
as to take bandwidth away from other users
� SYN Flood Attacks
� Exploits the TCP 3-way handshake
� Attacker sends many SYN packets but never completes
the handshake
� Victim uses up a lot of resources and potentially crashes
![Page 59: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/59.jpg)
Network Attacks (2/3)
� SMURF Attacks
� Many ICMP ping requests sent to different with a spoofed source address of
the victim
� Victim receives a large number of ICMP replies which it did not send
� A similar attackcalled Fraggle works in the same way but uses the UDP
protocol
Hacker’s PCSpoofed Ping Requests
Replies to Victim
Victim
![Page 60: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/60.jpg)
Network Attacks (3/3)
� Ping of Death
� Hackers send thousands of ping requests per second to a victim
� They send data which is beyond the 64k ICMP limit
� Can cause a total system crash
� Other Attacks
� DNS Attacks
� Spoofing
� Host Overflow
� Length Overflow
� Zone Transfer
� Distributed Denial-of-Service (DDoS)
� Same as DoS but involves hundreds (or thousands) of simultaneous attacks
![Page 61: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/61.jpg)
Security Counter-measures (1/5)
� Physical Security
� Make sure hardware is physcialy secure
� Security Guards
� Alarms
� Security Procedures
� Safety Procedures
![Page 62: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/62.jpg)
Security Counter-measures (2/5)
� Secure Authentication and Messaging
� Use of public key cryptography
� Ensure that
� Messages received from a user are actually from that
user
� Messages received from a user have not been
tampered with
![Page 63: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/63.jpg)
Security Counter-measures (3/5)
� Firewall Solutions� A firewall sits on the perimiter of your network
� Control network traffic flow
� System Administrator may close
� Ports / protocols
� Traffic from/to certain systems
� …
� Useful against
� Various network attacks
� Spyware
� Unauthorised usage
� Not the silver bullet of security
![Page 64: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/64.jpg)
Security Counter-measures (4/5)
� Bandwidth Managers� Limit the use of bandwidth by different
� Protocols
� Applications
� Particular Sources and Destinations
� Useful against DoS attacks
� Example:� Give high bandwidth to secure ports
� Give low bandwidth to unsecured ports (prevents DoSattacks)
![Page 65: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/65.jpg)
Security Counter-measures (5/5)
� Disaster Recovery and Backup
� Disaster recovery plan
� Everyone should know what to do if the worst-case scenario were to happen
� Regular backups are useful and essential
![Page 66: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/66.jpg)
E-Payments
How payments are made online
![Page 67: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/67.jpg)
Origins of Money and Payments
� Money began with the concept of bartering
� Economic System got more complicated and tokensstarted being used.� Items carried an intrinsic value
� E.g. Precious stones, shells, etc
� E.g. Silver dollar was made of $1 worth of silver
� After tokens, were detached from inherent value, notational money was adopted
� Credit system developed� People pay without actually having the money
� Credit cards
![Page 68: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/68.jpg)
Real-world Cash
� Medium of exchange to simplify transactions� Has a standard value and helps decide worth of goods� Electronic money must fulfill this criteria as well� Benefits of cash
� Convenience� Wide acceptance� Anonymity� No hidden or other cost of use� No audit trail
� Disadvantage of cash is in the cost of holding it� Loss of potential interest in bank� Cost of security� Cost of transport
![Page 69: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/69.jpg)
Electronic Money (E-Money)
� E-Money is an electronic medium for making payments
� Includes� Credit cards
� Smart cards
� Debit cards
� Electronic funds transfer
� Automated Clearinghouse (ACH) systems
� It is notational and can be� Online or Off-line
� Identified of Anonymous
![Page 70: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/70.jpg)
Types of E-Money (1/2)
� Identified and Online (+I+L)
� Unique to credit card and debit cards transactions
� Customer is easily identifiable
� Card is validated against a bank’s computer before payment is made
� Identified and Offline (+I-L)
� Purchasing by cheque, travelers cheques, money orders, etc
� Merchant asks for ID to make sure the identity of the purchaser is known
� No verification is made
![Page 71: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/71.jpg)
Types of E-Money (2/2)
� Anonymous and Online (-I+L)
� Cash transactions where the purchaser is anonymous
� Depositing money in an online account
� Purchase made on the spot for cash
� Anonymous and Offline (-I-L)
� Unique to electronic cash
� E.g. Transfering funds from a credit card to another account using an ATM which does not have a direct connection to the VISA/MasterCard network
![Page 72: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/72.jpg)
Analysing Cash, Cheques and Credit Cards
� Regardless of the form of money, two distinct sets of properties should be considered in a money transfer
� These are� The ACID Test
� Atomicity� Consistency� Isolation� Durability
� The ICES Test� Interoperability� Conservation� Economy� Scalability
![Page 73: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/73.jpg)
The ACID Test (1/2)
� Atomicity
� Transaction must occur completely or not at all
� E.g. A transfer €100 must result in the amount being credited from one account and debited to another. If one action fails, the whole transaction should be aborted.
� Consistency
� All parties involved must agree to the exchange
� E.g. Before a Joe buys a product from Mel, Joe must agree to buy it for €x and Mel must agree to sell it for €x
![Page 74: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/74.jpg)
The ACID Test (2/2)
� Isolation
� Each transaction is independent of any other transaction
� Treated as a stand-alone episode
� Durability
� Always possible to recover to a consistent state or reverse the state of an exchange
� E.g. Customer is not happy with the product so you refund him
![Page 75: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/75.jpg)
The ICES Test (1/2)
� Addresses four important properties of Money Transfer
� Interoperability� Ability to move back and forth between different
systems
� Conservation� How well money holds its value over time
(temporal consistency)
� How easy it is to store and access (temporal durability)
![Page 76: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/76.jpg)
The ICES Test (2/2)
� Economy� Processing a transaction should be inexpensive
and affordable
� Relative to size of transaction
� E.g. Paying a €1 charge to process a €10,000 transaction is acceptable. However, it is not acceptable if you are processing a €5 transaction
� Scalability� Ability of the system to handle multiple users at
the same time
![Page 77: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/77.jpg)
Comparing different systems
YN-NYNYY
Credit
Card
YNYNYNYYCheque
YYNYYYYYCash
ScalabilityEconomyConservationInteroperabilityDurabilityIsolationConsistencyAtomicity
![Page 78: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/78.jpg)
Internet-Based Payments
� Electronic payments are financial transactions made without the use of paper documents such as cheques.
� E.g. Having your stipends credited to your account, paying for a product with your smartcard
� Internet-based payment systems are a form of electronic payment
![Page 79: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/79.jpg)
Important Properties for E-Payments
� Besides, the ACID and ICES tests, other properties are important for e-payment systems
� Acceptability
� Ease of Integration
� Customer base
� Ease of use and ease of access
![Page 80: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/80.jpg)
Internet-Based Payment Systems Models
� There are four main models for processing payments on the internet:
� Electronic Currency
� Credit Cards
� Debit Cards
� Smart Cards
![Page 81: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/81.jpg)
Electronic Currency
� The network equivalent of cash
� E.g. Electronic funds transfer (EFT) moves cash from one account (e.g. employer’s account) to another (e.g. employees bank account). This happens regardless of the bank type, location, etc.
![Page 82: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/82.jpg)
Credit Cards (1/2)
� Credit cards are the most popular form of payment online
� Bank issues credit card to people
� Can be topped up
� Has an associated credit limit
� To sell things on the web, merchants must accept credit cards
� Merchants need to open a merchant account
� Allows them to process credit card transactions
� Merchant pays charges depending on the amount of money processed in a time period.
� If users are unhappy with product/service received, they can generate a charge-back
![Page 83: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/83.jpg)
Credit Cards (2/2)
� Credit cards leave a complete audit trail
� Can be a very insecure way of payment if the right security precautions are not taken
� No signatures required
� No face-to-face clues to interpret
� Third-party credit card processing services are available� Very useful when merchants fail to obtain a
merchant account
![Page 84: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/84.jpg)
Credit Cart Laundering
� Merchants sometimes let other merchants use their merchant account
� They do this for a commission
� This is a violation of the merchant agreement with banks
� The risk is enormous, even if your commission rates are very good
� Why couldn’t your ‘client’ merchant get his own merchant account?
� Bad credit history
� Bad management practices� Typical scenario: Merchant processes payments, closes down
account and does not sent his clients any products. All clientsgenerate charge-backs to YOUR merchant account.
![Page 85: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/85.jpg)
Debit Cards
� Similar to credit cards but the card holder is not borrowing money to purchase a product
� Processed through the issuing bank’s card network (as opposed to the global VISA or Mastercard Network)
� Safer for client if (s)he controls the amount of money in the account linked to the debit card.
� In case of theft, a thief cannot run up debts for the card owner.
![Page 86: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/86.jpg)
Smart Card (1/2)
� Card with a built-in chip capable of storing information in its memory
� Contains programmable chip, RAM and ROM storage
� Handles a variety of applications
� Encrypts digital cash on chip
� Can be refilled by connecting to a bank
� Digital Key to an office
� Prescription authorisation
� Voting purposes
![Page 87: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/87.jpg)
Smart Card (2/2)
� In e-commerce can be used for:
� Digital Cash
� Authenticating access to secured encrypted transactions
� Digital signatures
� Key storage
� Authenticating user by use of special devices
� Safer when compared to the credit-card number system
� Devices not yet popular so smart cards cannot really be as
successful as credit cards for the time being
![Page 88: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/88.jpg)
Electronic Funds Transfer (EFT)
Computer-based system that:
� facilitates the transfer of money or the processing of financial transactions
� between two financial institutions
� same day or overnight
� one of the earliest forms of electronic payment systems on private networks
![Page 89: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/89.jpg)
Automated Clearinghouse (ACH)
� Routes bank transactions involving more than one financial institution
� Ensures the correct accounts held by the correct institutions can be debited and credited
� Consider an example where you go to your bank (e.g. BOV) and deposit a cheque of €300 which originated from another bank (e.g. HSBC) to your bank account which previously had a €100 balance� Bank teller will give you a receipt saying your new balance
is €400� However, the new balance will not be available until that
cheque clears through an ACH system
![Page 90: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/90.jpg)
ACH Example
Cheque’s Account
100,000
3001Cheque deposited
Your Account
100
300
On hold until cleared via ACH
Bank A
2“Not on Us”
Deposit
ACH
3. Cheque goes to ACH for
processing
Bank B
4. ACH Queries Bank B
5. Bank B Approves
6. ACH Credits Bank A with €300
7. Bank B Debits Account
with €300
8. Bank A
releases “Hold”
![Page 91: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/91.jpg)
Secure Electronic Transactions (SET)Protocol (1/2)
� An emerging standard protocol for handling transactions on the Internet
� Administered jointly by VISA and MasterCard
� Covers all aspects of online commerce
� Various services� Cardholder and merchant registration
� Purchase request
� Payment authorisation
� Payment Capture
� Autorisation Reversal
� Credit Reversal
![Page 92: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/92.jpg)
Secure Electronic Transactions (SET)Protocol (2/2)
� Authenticates parties involved using cryptography systems and trust hierarchies of digital certificates
� Based on 4 important goals
� Confidentiality
� Integrity of transmitted data
� Authentication of the card holder and merchant
� Interoperability across network providers
� Very complex and detailed protocol
� Not economical for small payments (micro payments)
![Page 93: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/93.jpg)
SET Example
SETPaymentGateway
Merchant Bank
Customer with SET Wallet Issuing Bank
Acquiring Bank
SecureCardholderCertificate
Network Interchange usingVISA, Mastercard,
American Express, etc
1. OrderDetails 2. Request for
Payment
3. Authorisation
4. ElectronicReceipt
5. Payment
![Page 94: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/94.jpg)
Examples of payment systems
� BankNet(http://mkn.co.uk/bank)
� CheckFree(www.checkfree.com)
� Credit Card Network (http://creditnet.com)
� CyberCents(www.cybercents.com)
� Ecash(www.ecashtechnologies.com)
� PayPal (www.paypal.com)
� QuickCommerce(www.qc123.com)
� WebMoney(www.webmoney.ru)
� Millicent (http://research.compaq.com/SRC/articles/199705/Millicent.html)
� Ziplock(www.portsoft.com.au)
![Page 95: CS2070 - ECommercestaff.um.edu.mt/ecac1/files/ECommerce.pdf · People Involved Quality Attributes Differences Types Of Systems Definition E-Commerce Systems. ... Buy-Side B2B Systems](https://reader033.fdocuments.us/reader033/viewer/2022060406/5f0f77d97e708231d4444fec/html5/thumbnails/95.jpg)
Conclusions
� E-Payments are an essential component of e-commerce systems
� By now, you should
� understand the origins of money and how payment systems evolved
� appreciate different types of e-payment systems
� know how to analyse payment systems using tests such as ACID and ICES
� be familiar with different types of internet payment systems
� be familiar with various e-payment terms, concepts and protocols such as SET and ACH