Safe E-Commerce

In
The Private Sector
Enterprises
In
East Europe

Professor: Students:

Gregory Chondrokoukis Florin Manta

Adrian Moraret
 CONTENTS

1. What is Electronic Commerce?..........................................................3

2. The Present and the future of Electronic Commerce………………4
3. Security for Digital Economy……………………………………...17
3.1 Banking Network in Online Commerce………………………17
3.2 Smart Cards…………………………………………………..20
3.3 Online Safety …………………………………………………22
3.4 Internet Transactions.…………………………………………23
3.5 Basic Principles of Electronic Coin-based Payment Systems...26
3.5.1. ECash………………………………………………..27
3.5.2. NetCash ……………………………………………..28
3.5.3. Millicent …………………………………………….29
4. Introduction and definition of the information technology industry..9
4.1 Location of investment..............................................................10
5. E-Commerce in East Europe………………………………………14
6. E-Commerce In The Private Sector Enterprises In Romania…...…16
6.1 General remarks …………………………………………..30
6.2 Internet banking……………………………………………30
6.3 Present situation of the electronic commerce in Romania –
data and statistics……………………………………………..31
6.4 Adopted and planned legislation and regulation necessary for
the development of e-commerce in Romania…………….…..35
6.5 Obstacles in the development of the electronic commerce in
Romania……………………………………………………...38
7. Conclusion………………………………………………………...40
7.1 General conclusions………………………………………..40
7.2 Suggestions for e-commerce in Romania…………………41

APPENDIX A - Romanian Online Stores…………………………...43

APPENDIX B - Notes……………………………………………….45

Bibliography………………………………………………………….47

2
3
 1. What is Electronic Commerce?

Electronic commerce is the buying and selling of goods and

services, and the transfer of funds, through digital communications. It also
includes buying and selling over the Internet, electronic fund transfers, smart
cards, digital cash and all other ways of doing business over digital networks.
It also could be described like the exchange of business information by
electronic means or business transactions conducted over the Internet.
Electronic commerce offers companies the opportunity to exchange,
electronically, data and services. These can include product information,
orders, payments, e-mail messages, supply chain management for inventory,
distribution and ware housing, tracking of shipments, and instructions. Often
referred to as e-business. It is the integration of electronic mail, Electronic
Funds Transfer (EFT), Electronic Data Interchange (EDI), and similar
techniques into a comprehensive, electronic-based system encompassing
business functions such as procurement, payment, supply management,
transportation and facility operations.

Broadly, electronic commerce (e-commerce) includes the delivery

of information, products, services, or payments by telephone, computer, or
other automated media. More narrowly, it is business-to-consumer and
business-to-business transactions conducted over computer networks, whether
public (such as over the Internet) or private.

E-Commerce is the generic name for the communication of business

or environmental data between trading partners, usually involving the
paperless exchange of business information via electronic data interchange
(EDI), electronic mail (e-mail), electronic bulletin boards (EBBs), electronic
funds transfer (EFT), and other similar technologies. It is the use of
communication technologies to transmit business information and transact
business. Taking an order over the telephone is a simple form of EC. Internet
commerce is also EC, but is only one of several advanced forms of EC that
use technology, integrated applications and business processes to link
enterprises.

It includes transactions done by telephone, fax, ABM, credit card,

debit card, television shopping, EDI and the Internet.

A more formal definition of electronic commerce is commercial

activity that takes place by digital processes over a computer network, usually

4
the Internet, between and among entities in the private sector, government
institutions, and/or members of the public. These activities generally involve
the electronic exchange of information to acquire or provide products or
services, to place or receive orders, to provide or obtain information, and to
complete financial transactions.

Electronic commerce can occur between a user and a vendor

through an online information service or the Internet. It is accomplished
through the use of encryption with digital certificates, and digital signatures.
Normally involves the creation of a catalogue of products or services
accessible through the World Wide Web. May also include components for
payment processing, automated notification and fulfilment and EDI.

Electronic commerce is a system that includes not only those

transactions that centre on buying and selling goods and services directly to
generate revenue, but also those transactions that support revenue generation,
such as generating demand for those goods and services, offering sales
support and customer service, or facilitating communications between
business partners.

E-commerce allows business transactions over the Internet with a

defined methodology for exchanging money for good and/or services.

Companies are hoping these transactions will gain popularity as

secure means of transmitting personal information, including credit cards
information becomes more secure.

Any transaction where a customer purchases a product or service at

a Web site, as opposed to calling a telephone number to purchase the product
or service, is considered electronic commerce.

2. The Present and the future of Electronic

Commerce

E-commerce was one of the first "killer apps" of the World Wide
Web, enabling scores of companies to extend their reach dramatically to

5
potential customers around the world. And venture capitalists invested a great
deal of money in the wide array of dotcoms that sprung up to take advantage
of the e-commerce revolution. While most of us can still recall the first time
we bought an item off the Internet, e-commerce markets have taken a beating
in recent years. These markets have been impacted to a large degree by the
dotcom bomb and the generally depressed economic conditions in North
America and beyond. Although e-commerce didn't live up to the promise and
hype of the late 90s, it remains an important part of any enterprise business
plan.

E-commerce: a phrase for the future:

In reality, e-commerce is a phrase every business should be well

acquainted with because e-commerce is here to stay.

E-commerce works when established businesses and organizations

use it to complement their existing business practices and support their
customer base.

The biggest mistake many businesses make is thinking that e-

commerce must be an enterprise-level solution costing hundreds of thousands
of dollars to implement and maintain.

Successful e-commerce businesses are doing what works for their

business and their customers.

The need for e-commerce should be evaluated on a case-by-case

basis. Businesses should start by asking the following questions:
 Are our current customers asking for online sales?
 What products or services do we provide that are suitable for
online transactions?
 How will we handle orders once received?
 Are we willing to take orders outside our current service area?
 How will we ship products?
 How will we support products, especially if long-distance sales
are new to us?
 How will we support order inquiries?
 What types of payment will we accept online?
 How will we advertise this new sales venue?
 Will online sales help our bottom line significantly enough to
outweigh the drawbacks in establishing new in-house procedures?

6
 The success of any e-commerce enterprise depends on how it
handles customer service.

The Internet can have an even larger impact on smaller companies,

which typically do not face the same infrastructure difficulties of larger firms.
A small company that includes the Internet in its business model can achieve
greater market share and visibility and can reach new markets more
effectively. Smaller businesses can, and should, portray a clean, professional
image to effectively compete with larger companies.

Unfortunately, too many smaller businesses fall into the trap of

thinking that they will test the e-commerce waters by putting together a
quickly done, very inexpensive, Web site of questionable quality.

By not thinking the process through, or spending time on the design,

they often set themselves up for failure before the online storefront even
opens.

Contrary to some beliefs, when a customer spends a lot of time on a

Web site, there could be problems.

It could be that customers are having a hard time finding what they
are looking for.

Customers should be able to quickly find the product or service they

need. An analysis of the Web site logs should be able to quickly tell a
business if customers are exploring the site in a logical manner, or if those
customers are just clicking away hoping to find what they need. In order to
succeed, online-only enterprises will need to spend their time building
credibility, establishing excellent customer service procedures and providing
competitive pricing on the products and services customers need.

In today's competitive online environment, e-commerce is a phrase

that makes good business sense for businesses willing to take the time to think
the process through and do it right.

The glory days of e-commerce might be a thing of the past, but there
are still opportunities in the market for those who plan ahead.

The e-commerce software industry will also experience some

changes. Over the next five years the market will witness a dramatic decline

7
in "pure plays" devoted singularly to e-commerce product strategies. Those
vendors that manage to survive will need to refocus on vertically oriented
functionalities and become market specialists. This will significantly
strengthen the market position of vendors who are able to offer e-commerce
products and services as part of larger e-business platform suites. You can
expect companies such as Microsoft, IBM, Oracle, SAP, and a short list of
others to leverage e-commerce as a service among many products, within a
comprehensive stack of back office solutions.

Microsoft, in particular, is well positioned to exploit this market

shakeup with its Commerce Server product family. However, this means that
companies looking toward Microsoft for e-commerce solutions should also be
open to the prospect of leveraging Commerce Server with other Microsoft
back office products, such as SQL Server and Windows. Although absolute
lock-in isn't dictated, the complete stack strategy will pay a higher return on
investment (ROI) than individual best-of-breed adoptions. Microsoft has also
provided clear signals about its plans for future e-commerce products with the
announcement of Jupiter. It will combine the functionality of Commerce
Server, BizTalk Server, and Content Management Server into one offering
and enable developers to choose just the components they need for their
specific solution. Microsoft isn't alone in this position; companies such as
Oracle and IBM have similarly positioned their offerings in these "families."

The move from storefront to online shopping cart may be happening

gradually, but these figures indicate that it is happening and should continue
to do so in the future.

The Internet economy will affect everyone. Some of us will be

customers who get a better price, product, or service experience thanks to a
company's more streamlined and efficient Internet-based process. This will
become more noticeable as more services move to the Internet. Others will
enjoy eBusiness as an employee. Some people worry that the Internet and
technology will eventually cost them their jobs, but the key is to find ways to
use technology to make you more valuable to your company and your
customers. As Barua put it, "The sales force isn't going to disappear. We'll
still need the human relations.

According to a new study from the Center for Research in

Electronic Commerce, eCommerce will become the industrial revolution of
the 21st Century. The Internet economy continues to grow robustly, with both
new and established companies reaping profits online. eBusiness still has

8
huge untapped potential, according to Anitesh Barua, associate professor of
information systems at the center. He believes that its effect on our industrial
economy will be as significant as the shift from the agricultural economy of
the 17th Century.

Barua discussed the Dell-sponsored study during the company's

press gathering in San Francisco. "Dot-coms are a visible but small part of the
Internet Economy, and their failings are overplayed in the media," he said.
"The dot-com economy is not crumbling. A great many dot-com businesses
are doing well. They're running with sound business practices, and they're
doing it without cash from venture capitalists. The future of E-commerce
looks bright as thousands of companies in hundreds of established industries
flock to a new kind of pay-for-performance marketing. One main difference
that we're going to see, going forward, is a shift from thinking of e-commerce
as just one among many components to the technology becoming the driving
force behind all of a company's business transactions".

Business-to-business commerce on the Internet is expected to grow

forty-fold, from $8 billion in 1997 to $327 billion in goods and services
traded between companies, by the year 2002, says Forrester Research. Mentis
Corporation predicts that by the year 2000, an estimated 50% of all banks and
40% of banks with less than $1 billion in deposits will offer online services to
their customers. The FDIC estimates that the number of financial institutions
with transactional websites will increase by more than 50% by the year 2000.
According to some industry sources, however, the future is not so bright.
Only an estimated 4-5% of online surfers currently bank on the Internet. In
addition, a recent poll by PSI Global found that out of 1,000 online users who
do not bank online, only 29 percent believe that online banking is safe. This
perception from consumers merely tells banks that educating consumers on
the safety and risks involved in Internet transactions is key to attracting and
retaining more online clientele. Despite the message from industry
soothsayers who predict that industry growth and consumer acceptance of
Internet banking is still decades away, Internet banking continues to spread
like wildfire.

9
 3. Security for Digital Economy

Ready or not, companies are getting Web’d for Commerce. But

Glitches remain-namley, Payment, Security and Integration.
The concept of electronic commerce, e-commerce or online
commerce relates to selling goods or services over the Internet. An integral
part of e-commerce is to make electronic paymantes over the Intenet.
Prior to setting up a business on the Intenet, it is prudent to study the
concept of e-commerce and determine the best way your business can benefit
from it. Some of the ways to provide unique capabilities are:

 Provide abundance of information online since there is no real-

time interactive session with the seller
 Be accessible to customers, such as through fax or phone. It is
possible that the consumer may want to ask question or make
payments through other means
 Be prepared to change, seek feedback from customers, and be
patient in expecting profits from online commerce

From the consumer viewpoint, several areas are inhibiting the success
of online commerce:

 It is not easy to find the shops on the Internet.

 It is hard to compare the prices and qualities of goods
 It is hard to find a large number of consumers willing to spend a
significant amount of money shopping on the Intenet
 It is not as much fun to shop on the Intenet compared to browsing
through the shopping malls with water fountains, ice cream and soda
shops.

3.1 Banking Network in Online Commerce

Figure 1 depicts an overview of the four elements of online

commerce and their relationship to banking network.

10
 1. The consumer and the associated browser to interact with the consumer
2. The merchant system residing on an online Web server with a
connection to Web browsers over the Internet
3. An online shopping mall that may help direct consumers to the
merchant server
4. the background banking network to support online payments from
consumer to the merchant.

Figure 1: Banking system in Online Commerce

Banking
System
7. Update consumer
with account 5.Obtain payment
status Authorization

3. Present home
4. Selectpage
goods, make payments
Browser Website
6. Confirm payment

Consumer Merchant System

1.Select 2.Link to
a store Merchant
Server

Web Site

Shopping
Mall

The banking network consists of several components. First there is

a bank that processes the on-line financial transactions for the given merchant.
This bank maintains the account for the merchant, authorizes and processes
the payments. The merchant’s bank also maintains a link with the consumer’s

11
bank for verifying the transactions. The link between the merchant and its
bank is often real–time so as to allow on-line authorization of consumer
payments.

In short, the following steps are executed to complete a transaction:

1. The consumer accesses the shopping mall and selects a shop for
purchasing certain items
2. The shopping mall server accesses the merchant system for the selected
shop
3. The merchant system presents the store’s home page to the consumer.
It also includes information on the various goods available from this
store.
4. The consumer selects the desired goods , interacts with the merchants
system and makes the payments.
5. The merchant system accesses its bank for authorization of the
consumer payment. For this discussion, we will assume that the
payment is authorized
6. The merchant system informs the consumer that the payment is
accepted and the transaction is completed.
7. The consumer’s bank informs the consumer of the money transfer
through mail such as monthly report on

A merchant system consists of the home page and related

software to manage the business.
Basically , there are three primary ways consumers pays for their goods:
 Cash
 Checks
 Credit

However, there are other forms of paymantes such as money orders,

bank checks, debit cards and traveler’s checks.

Electronic cash , e-cash ,digital money or digital cash provides the

means to transfer money between parties over a network such as Internet.
Electronic cash must satisfy some general properties of digital money:
 Independence
 Nonreusability
 Anonymity
 Transferability
 Divisibility
 Secure storage

12
 3.2 Smart Cards

The "smart" credit card is an innovative application that involves

all aspects of cryptography (secret codes), not just the authentication we
described in the last section. A smart card has a microprocessor built into the
card itself. Cryptography is essential to the functioning of these cards in
several ways:
 The user must corroborate his identity to the card each time a
transaction is made, in much the same way that a PIN is used with an ATM.
 The card and the card reader execute a sequence of encrypted
sign/countersign-like exchanges to verify that each is dealing with a
legitimate counterpart.
 Once this has been established, the transaction itself is carried
out in encrypted form to prevent anyone, including the cardholder or the
merchant whose card reader is involved, from "eavesdropping" on the
exchange and later impersonating either party to defraud the system.

This elaborate protocol is conducted in such a way that it is invisible

to the user, except for the necessity of entering a PIN to begin the transaction.

Smart cards first saw general use in France in 1984. They are now
hot commodities that are expected to replace the simple plastic cards most of
us use now. Visa and MasterCard are leading the way in the United States
with their smart card technologies.

The chips in these cards are capable of many kinds of transactions.

For example, you could make purchases from your credit account, debit
account or from a stored account value that's reloadable. The enhanced
memory and processing capacity of the smart card is many times that of
traditional magnetic-stripe cards and can accommodate several different
applications on a single card. It can also hold identification information, keep
track of your participation in an affinity (loyalty) program or provide access
to your office.

A smart card resembles a credit card in size and shape, but inside it
is completely different. First of all, it has an inside -- a normal credit card is a
simple piece of plastic. The inside of a smart card usually contains an
embedded 8-bit microprocessor. The microprocessor is under a gold contact
pad on one side of the card. Think of the microprocessor as replacing the
usual magnetic stripe on a credit card or debit card.

13
 Smart cards are much more popular in Europe than in the United
States. In Europe, the health insurance and banking industries use smart cards
extensively. Every German citizen has a smart card for health insurance. Even
though smart cards have been around in their modern form for at least a
decade, they are just starting to take off in the United States.

Magnetic stripe technology remains in wide use in the United

States. However, the data on the stripe can easily be read, written, deleted or
changed with off-the-shelf equipment. Therefore, the stripe is really not the
best place to store sensitive information. To protect the consumer, businesses
in the U.S. have invested in extensive online mainframe-based computer
networks for verification and processing. In Europe, such an infrastructure did
not develop -- instead, the card carries the intelligence.

The microprocessor on the smart card is there for security. The host
computer and card reader actually "talk" to the microprocessor. The
microprocessor enforces access to the data on the card. If the host computer
read and wrote the smart card's random access memory (RAM), it would be
no different than a diskette.

Smarts cards may have up to 1 kilobyte of RAM, 24 kilobytes of

ROM, 16 kilobytes of programmable ROM, and an 8-bit microprocessor
running at 5 MHz. The smart card uses a serial interface and receives its
power from external sources like a card reader. The processor uses a limited
instruction set for applications such as cryptography.

The most common smart card applications are:

 Credit cards
 Electronic cash
 Computer security systems
 Wireless communication
 Loyalty systems (like frequent flyer points)
 Banking
 Satellite TV
 Government identification

Smart cards can be used with a smart-card reader attachment to a

personal computer to authenticate a user. Web browsers also can use smart
card technology to supplement Secure Sockets Layer (SSL) for improved
security of Internet transactions. The American Express Online Wallet shows
how online purchases work using a smart card and a PC equipped with a

14
smart-card reader. Smart-card readers can also be found in mobile phones and
vending machines.
The alt.technology.smartcards FAQ has further information from a
variety of sources

3.3 Online Safety

Although the numbers are increasing, consumers are still not using
their credit cards on the Internet nearly as much as e-tailers (electronic
retailers) would like. That's why many cyber-merchants continue to offer a
toll-free order number so that shoppers have the choice of calling their order
in. Cyber-shopping may be convenient -- and some people do all of their
shopping online -- but credit-card fraud is always a threat, both on the Internet
and out in the real world. Hackers have found ways to steal credit-card
numbers from Web sites.

To illustrate the importance of tight security, a network TV reporter,

tipped off about loose security on an Internet Web-hosting site, was able to
gain access to about 1,500 customer records, which included everything from
credit-card numbers and payment records to comments about particular
customers.

These are the kinds of stories that deflate consumer confidence.

Some e-tailers blame consumer reluctance on the inability in cyberspace to
make the kind of personal contact that a shopper gets when he looks into the
eyes of a store merchant. Experts say that this kind of comfort level will be
boosted when online payment methods and security measures are
standardized -- much as they are in the retail and mail-order industries.

While Internet companies have taken responsibility for security

breaches and resulting losses to credit-card users, there remains the growing
problem of people who use stolen credit cards to make purchases on the
Internet. And while unfair or fraudulent practices by credit-card companies
are not commonplace, they do happen. The good news is that consumers are
protected by law -- in case of credit-card fraud online or off, you are only
liable for a maximum of $50 of the amount stolen.

And fortunately, the Federal Trade Commission (FTC) and the

media are watching closely. In 1994, the FTC ordered TransUnion credit-
reporting bureau to stop selling "sensitive" consumer data -- data on 160
million Americans -- to junk-mail producers. The FTC charged that

15
TransUnion violated the Fair Credit Reporting Act by selling consumer
information to target marketers who lack any of the allowable purposes listed
under the act. TransUnion denies that it sold information that could affect
customers' appealed the FTC's ruling, but lost.

If the mailing-list issue bothers you -- and it bothers most of us --

pay attention when you're completing that credit-card application. Some
application forms now provide a box that you can check to allow or disallow
the selling of your information to mailing lists. You can also protect yourself
by taking your name off the credit bureaus' mailing lists.

When you write to these companies, include your complete name,

name variations and mailing address, Social Security number and signature
and state clearly that you want your name removed from their mailing lists.
You can write or call either of these major reporting bureaus and they will
contact the other major bureaus with your request.

3.4 Internet Transactions

There are a large number of different financial transactions, like e.g.
customer payments, securities transactions applications for loans or insurance
acquisitions.

Due to the structure and the intention of the Internet to be an open

network high securityrisks are involved with financial transactions. Today,
various techniques and standards are offered in order to control or even avoid
these risks. Basic requirements are as follows:

 Customer and financial institution have to authenticate each other.

 Private data have to been coded. Cryptographic algorithms used need to
have certain characteristics. No third party should be able to quickly get
access to messages or even to divert financial transactions.
 A digital signature is necessary to get binding legal contracts. These
digital signatures have to secure the integrity of signed documents. It
needs to be guaranteed that sender and receiver have the same
intentions.

Base on these requirements HTTP is extended to S-HTTP. Because

the security level of this protocol still is not high enough various additional
techniques and standards have been developed. Examples are the home-

16
banking communication interface (HBCI), secure electronic
transactions(SET) or secure socket layer (SSL).

Different types of methods are used or currently tested. These

methods may be classified into hardware- and/or software-based solutions.
Hardware-based solutions use a chip that is physically located between
computer and keyboard. Such a chip is unique. Note, that the system is hardly
usable with laptop computers and/or with different financial institutions .

More often software-based methods are used. Personal identification

numbers (PIN) identify the user. For each transaction a transaction number
(TAN) is necessary .Data are encoded using algorithms like IDEA with a
128 bit-key or RSA with a 1.024 bit-key. A higher level of security maybe
reached by means of a so-called electronic fingerprint. This fingerprint is
taken before and after the transmission. Then, both versions are compared. In
case of any differences the transaction is aborted.

Actors Involved

New payment systems like digital coin-based money are only

successful if they are accepted by a large number of persons. To get this
acceptance all actors involved should have sufficient benefits that exceed their
costs.

 The primary interest of customers is to carry out purchases in a

comfortable manner. Associated payments should be possible from
home in a simple and efficient way.
 The dealer usually has to bear the costs of payment transactions. On the
other hand he may benefit through an improved image (being
innovative) and possibly higher sales. Also, he may be able to reduce
branch offices and sales personnel.
 System architects are responsible for the development of payment
systems. Their benefits consist of royalties and service fees. Wide
acceptance and usage of their system is an important requirement.
 System providers are intermediaries .Dealer's sales are forwarded to the
financial institution. The system provider is responsible for transaction
clearance. Moreover ,he provides supporting services (problem
management, user training).Again, revenues consist of fees and service
charges.
 Financial institutions may promote certain systems. As was already
mentioned, confidence in electronic payment systems is a key success
factor. Note, however, that a large number of financial institutions,

17
 typically smaller ones in regional markets, may have difficulties to
participate due to high costs and know-how required.
 Trust center control digital signature keys. They are responsible for the
integrity of transmitted data and the authenticity of contractors. Trust
centers help to secure confidence in a certain payment system. Their
revenues consist of royalties and other service fees.

System Requirements

The following requirements are implementation independent. They

are useful in comparing different payment systems.

 Open systems need security features to manage electronic payments.

Security may be realized by cryptographic methods in connection with
transaction numbers(TAN).
 A large number of customers have to be able to simultaneously carry
out payment transactions .The systems have to work with a large
number of customers and should be easily expandable. Hence,
scalability is an important criteria .
 Small and smallest payments(micro- and pico-payments) should be
possible. The corresponding accounting systems have to be efficient
and effective. Therefore ,it is necessary that costs per payment are low.
 The system has to be transparent .Customers have to be aware that
payment actually takes place. System usage has to be simple.
 Private households should be able to accept digital money (micro-
merchants).
 Electronic data transfers,as well as electronic payments may be
traceable. Then it is possible to analyze e.g. payment information and
to construct detailed customer profiles. In most cases customers wish to
stay anonymous.
 Digital coins consist of a number of bits. Hence, there is some
possibility that copies of the coins are made and eventually put into
circulation. This phenomenon is known as the double spending
problem. Hence, the payment system needs mechanisms to recognize
and/or prevent repeated payments with the same digital coin.
 Digital coin-based payment systems have a nominal value problem. In
order that a certain amount may be paid either coins with suitable
values are needed or the payment system has to generate change in the
form of new coins. Alternatively, all coins have the same smallest
possible face value (e.g. one cent or even a fraction in the US). The last
alternative requires that a large number of digital coins have to circulate
and to be checked for authenticity.

18
  Digital money should be convertible into "real" money, whenever this
is desired.
 Confidence in an electronic currency means that stable exchange rates
between electronic and "real" currencies are necessary. If the exchange
rates are unstable there is a chance of arbitrage profits. This, in turn,
would reduce confidence since losses due to value fluctuations are
possible.
 Digital money is stored locally on hard disks or other media. In case of
disk crashes or other problems mechanisms to recover the original state
are necessary.

3.5 Basic Principles of Electronic Coin-based Payment Systems

Due to the increasing importance of electronic commerce via the

Internet the importance of digital money increases. Representing "real"
money in an electronic world means that properties and functionalities like
anonymity ,authenticity , as well as availability of pico-payments are
considered .Like "real" money, digital coins have an inherent value.

Depending on the way digital money is implemented there exist

different cryptographic method sand organizational precautions to avoid the
usage of forged money. Basically, there are two different types of digital coin-
based money:
 Using specific cryptographic method the anonymity of digital money
may be achieved. Then, neither the financial institution nor the dealer
may build up a connection between the customer and coins used by
him. The financial institution only knows to which customer the coins
are transferred initially
 Coins with customer identifying characteristics allow the financial
institution to identify the customer and to follow up on payments where
the coin has been used in.

Also, the payment process may be classified into online and offline
transactions.  Figure 2 summarizes the different approaches.
 If an online payment takes place the coins will be checked immediately
for authenticity. This implies that a digital coin is used only once. The
financial institution needs to check the authenticity by using a list o fall
coins that have been issued or a list of all coins that have been sent in
for credit.

19
  In case of offline payments the coins may be used more than once. To
avoid double spending it is necessary to store information about the
user or the users on the coin in order to be able to perform checks later.
Anonymity may be guaranteed by so-called secret sharing. Then, the
financial institution only gets information in case of double spending.

Offline payments Online payments
Blinding and immediate
Secret sharing by storing
Anonymous digital coins check by the financial
some information on the coin
institution
Coins with identifying Storage of information about Immediate check by the
characteristics the transaction on the coin financial institution
Figure 2: Security approaches to avoid copying digital coins

Examples of Digital Coin-based Money :

3.5.1. ECash

ECash is anonymous digital money whose validity is checked online

by the corresponding financial institution. ECash is developed by DigiCash
and is offered by Mark Twain Bank, St. Louis since 1995. Deutsche ank AG,
Frankfurt (Main) offers eCash as a pilot project to its customers since October
1997.

The customer withdraws digital money from his eCash-account

using the so-called blinding method and stores it on its harddisk. The blinding
method works as follows .The client encodes a serial number and sends it to
the financial institution. The financial institution certifies the coin and
transfers it back to the customer. The customer then decodes the serial
number. Hence, the serial number is not known to the financial institution,
which guarantees anonymity. In order to avoid double spending the financial
institution has to record the serial numbers of all incoming coins. At each
purchase via the Internet the customer gives digital coins to the dealer. The
dealer immediately transfers the coins to his bank in order to check for
validity. The dealer's bank registers the numbers of the coins issued without
tracing them back to the customer. Finally, the dealer is credited and delivers
products and services ordered

Digital coins may be used only once. ECash may be considered to

be a currency of its own. Financial institutions have to use special accounts.

20
They also guarantee conversion into "real" money. As a consequence central
banks like the Bundesbank or the Federal Reserve Bank have difficulties in
controlling money supply (financial institutions may create additional money
and thereby increase the amount of money supplied; this is well-known in the
case of so-called check book or deposit money.

ECash security is achieved by using an asymmetric cryptographic

algorithm. Account access may be protected additionally by using personal
passwords. The storage of a coin's serial numbers does prevent double
spending .There may be a problem with scalability, however. The costs of
checking for authenticity of coins are relatively high because the check have
to be done online. This means that the suitability for micro- and pico-
payments has to be evaluated carefully. Eachperson who has an eCash-
account may accept eCash coins. The blinding method, as was already
indicated, guarantees anonymity.

3.5.2. NetCash

The NetCash method is developed at the University of Southern

California. One important goal ofthis project is the use of already existing
accounting systems and procedures in financial institutions. This reduces
initial investment costs. In contrast to eCash, this method is based ona
decentralized approach. Consequently, problems associated with a large
number of coins and participants may be solved more easily. Therefore,
reduced anonymity is accepted and the cooperation ofall participating
financial institutions is required.

The system is based on independent distributed currency servers.

Currency servers are locations to exchange anonymous into non-anonymous
money. Each currency server possesses an account on an accounting server.
Clearing is done by the currency server. It is necessary that the integrity of the
servers is certified and that currency servers accept coins from other currency
servers. NetCash-coins have a face value and a serial number. Also, the
address of the issuing server and an expiry date is stored .The customer gets
NetCash-coins from a currency server. These coins are encoded with a public
key and send to the dealer. Anonymity of the customer may be guaranteed by
using a new session key for each message. The dealer transfers the coins
received immediately to his currency server. From the currency server he
either receives new coins or the corresponding value will be credited to his
account. Final clearing is done by the currency server.

21
 The serial numbers of all coins that are not send back and are not yet
expired are stored on the currency server in order to avoid double spending.
Thismeans reduced anonymity. Anonymity may be increased by exchanging
the coins at another server. Security is reached by means of a hybrid
cryptographic algorithm. Like eCash we have a method that requires a lot of
communication. The usage for micro-payments ,however, should be more
efficient. Each person may accept NetCash-coins because the system allows
free exchange of coins.

3.5.3. Millicent

The Millicent method is developed by Digital Equipment

Corporation (DEC) to manage small and smallest payments (e.g. payment for
getting information from the Internet about news and stock quotations or
payment for small programs like Java-applets)

The customer buys a brokers crip with a defined value by using his
credit card or by debiting a suitable bank or broker account. Such a scrip is
like a telephone card. At the time of purchase the customer exchanges parts of
the scrip into a dealer's scrip. This scrip is then send to the dealer. The dealer
collects all scrips and exchanges them into "real" money.  Figure5 shows the
payment processusing Millicent. To guarantee the security of this method
one-way-hash-functions that may be evaluated quickly(e.g. MD-5) are used.
Furthermore, the costs of illegally decoding a scrip (this means finding the
inverse of the hash-function used)are much higher than the scrip's value. A
large number of transactions are possible at low costs compared to the other
two methods discussed .In principle, each person may be registered at a
broker and may then accept digital payments. There is no anonymity but there
is the possibility to buy scrips from different brokers. Then ,no
comprehensive user profile may be built.

22
 4 Introduction and definition of the information
technology industry

The IT industry provides essential instruments that make e-business

possible, including not only computer hardware and software but also fixed
telephones, mobile telephones, telecommunication equipment and wireless
transmission equipment. As chart 1 below shows, the availability of IT
equipment goes hand in hand with Internet connectivity and is therefore
clearly a prerequisite for e-business. Even though e-business impinges on IT
goods, this does not necessarily imply that having a local IT producing
industry would be an advantage for the local business sector when it moves
into e-business. However, when the business sector starts adopting new
information and communications technologies in its operations, it relies
heavily on local or locally available IT expertise in order to fully realize all
the efficiency gains that the Internet makes possible at the level of a single
firm as well as at the level of the industry and of the country’s economy as a
whole.
Chart 1

In this connection, the existence of a local IT sector or of investment

from IT multinationals might contribute to the take-off of e-business in
developing countries if it promotes IT wareness and culture in the local
business sector, if it advances the IT competencies of the workforce and if it
brings the technology closer to the local business community. In the light of
the above, this chapter sets itself two objectives. On the one hand, it tries to
present some long-term trends in the industry that produces the tools
necessary for conducting ’e-business’, in its widest possible meaning. On the

23
other hand, it attempts to present evidence about whether the conditions
outlined above are realized, or in other words, whether the IT industry can
contribute to development and growth by enhancing a country’s capacity to
engage in e-business. This chapter presents data on international trade in IT
products and the trade policy environment in which the industry operates, and
summarizes the debate on the impact of IT on growth and development. In
addition, it presents the results of an UNCTAD survey of the most influential
IT multinationals designed to obtain information about their investment in
developing countries and countries with economies in transition and their use
of e-commerce in general and in the latter countries in particular. Clearly, the
analysis does not aim to be exhaustive. It needs to be complemented by the
analysis – contained in other chapters of this report – of the experience of
companies from developing countries that are successfully engaging in the
production of IT goods, as well as of the IT-using business sector that is
turning the new technologies into new products and new ways of conducting
business.

Location of investment
The respondents were asked to provide details of the regions where
they invested or where they intended to invest in the near future, indicating
for what purpose they were investing or were intending to invest there (Chart
2). In order to keep the design of the questions simple, the companies were
offered six choices: Africa, Eastern Europe, Latin America, Middle East,

South-East Asia (ASEAN countries) and other developing countries

in Asia (including India and China). The majority of the respondents (70 per
cent) indicated that they invested in “other developing countries in Asia”,
while a slightly lower percentage (67 per cent) in South-East Asia. These
regions were followed at a distance by Eastern Europe and the Middle East,
and then by Africa and Latin America.

Next, in view of this strong concentration of IT investment, which

appears to be even more important than that encountered in many other
industries, it becomes interesting to see what are the factors that draw
investment to specific countries and what are the consequences of alternative
policy actions that countries can take in this regard.

In the first place, as Chart 3 shows, the location of the investment

was influenced by the location of the mother company’s headquarters. On the
Asian and Latin American markets, the bulk of the investment was from

24
United States’ firms, while in Eastern Europe it was from European
companies. In the African and Middle East markets the percentages of
European and American companies were identical. A surprisingly high
percentage of investment in Latin America and the Middle East came from
Japanese companies, and equally interesting was the involvement of Asian
companies in the African market.

Chart 2

In which of the following regions does your company currently invest or

intend to invest (percentages)?

Chart 3
Percentage of companies that invest in the different regions according to
the location of their headquarters

25
 As for the other factors that directed IT investment to specific
markets, the most important was access to markets (market size and potential,
proximity to larger markets, participation in regional/bilateral free trade
areas), followed by general policy environment (political stability, trade
policy, tax policy), cost of production, workforce IT competence, workforce
education and investment incentives (see chart 4).
Chart 4

Factors that your company considers in choosing a developing country

as a potential location for investment

This ranking basically reflects the findings of other surveys – see,

for instance, the Foreign Direct Investment Survey – but shows that IT
companies attach particular importance to the competences of the workforce.
The most important message from chart 3 is that IT multinationals will select
the location of their subsidiaries according to fundamental macroeconomic
variables, which the country can alter only in the medium to long term. For
instance, the most important factor in TNCs decisions appears to be “access to
markets”: while access is a geographical factor over which the policy maker
has little control, partially, it can be enhanced by signing free trade area
agreements at the regional level and marketing the country as the potential
production hub to service the regional market. The case is similar for factors
such as “general policy environment” and “cost of production”: Governments
can influence them by making the country an enabling environment for
investment – both local and foreign – but clearly this can only be a long-term
policy goal. Factors such as investment incentives, which can be altered in the
short term, are instead likely to have less effect on companies’ decisions on
the location of investment. Next, it is interesting to analyze the purpose for
which the respondent companies invest in developing regions (see chart 5).
The questionnaire gave the companies five choices: Customer Support
Service (CSS), Distribution, Production for export on the world markets,

26
Production for local or regional markets, Research and development (R&D)
and other. The most important reason for investment in developing countries
was customer support service and distribution, followed by R&D, and
production.
Chart 5
For what purpose does your company invest or inted to invest?
(percentages)

Since customer support service and distribution are critical factors

that draw IT investment to the different markets, it is safe to assume that IT
multinationals will invest more heavily in the very regions in which they are
more intensively exporting. Thus, as e-commerce and e-business lead the
business sector in developing countries to make more intensive use of the new
technologies, more IT investment will flow to those regions. The relative
importance of customer support service also points to the growing market
which tends to the needs of corporate clients for the customization of
hardware and software and which also offers business opportunities for
developing countries.

Chart 6 makes a cross-analysis of the reasons why multinationals

invest in the different regions, according to the purpose of investment. It
appears quite clearly that investment in production facilities and in research
and development – which is the one that most facilitates the transfer of
technology from multinationals to local companies – is still heavily
concentrated in South and South-East Asia. In fact, while R&D represents 20
per cent of all investment in those two regions, the percentage is only 6 per
cent in the Middle East and 7 per cent in Africa. Similarly, investment in
production facilities represents 37 per cent of total investment in South-East
Asia and only 23 per cent of total investment in Africa.

27
 Chart 6
Percentage of companies that invest in the different regions according to
the purpose of investiment

To summarize, the findings from the questionnaire point to an

intensive concentration of IT investment in South and South-East Asia and in
particular to the concentration of investment for productive and research
purposes in those regions. Furthermore, it appears that government policies
can only alter investment decisions on location in the medium to long term.
We turn now to the last set of questions, which focused on what actions
Governments could take in order to maximize the positive fallback of IT
investment, in terms of use of local labour by TNCs and enhancement of
workforce skills and in terms of deepening the linkages between TNCs and
the local industry.

5. E-Commerce in East Europe

The accession countries are the European Union’s newest members

and until now have received little analyst attention. A deeper understanding of
local cultures is important. For example, online shopping in Cyprus fails to
appeal to those who like haggling. Some accession countries are just
discovering the ‘shopping mall’ experience and prefer it to online shopping.
internet and credit card penetration are low. At the same time it is naïve to
assume that the region as a whole is unsophisticated in its online habits while,

28
for example, Estonia has high online banking usage and advanced e-
government.

Here is a brief outline of online retailing in selected accession

countries:
 Bulgaria: Credit card penetration is limited as is confidence in
the banking system. Three quarters of all retail is through small privately-
owned shops. Shopping from foreign sites is unattractive because of the
country’s low purchasing power. Retail websites include books.bg (books),
margaritaflowers.com (flowers) and get.bg (electronics).
 Cyprus: Online shopping remains small, partly as a result of the
residential proximity to most shops and working hours not making shopping
inconvenient for professionals. The main attraction of online shopping is for
goods not available on the island. Key sites include mathisis.com (books),
redrose.com (flowers) and netdrinks.com (grocery).
 Hungary: Most online purchases are paid for on delivery and
there is limited online banking. Retail sites include viragneked.hu (flowers),
butoruzlet.hu (furniture), hazipatika.hu (health) and fokuszonline.hu (books).
 Latvia: Credit card penetration is very low in Latvia, though
growing. Cash on delivery is a popular form of payment, making online sales
more convenient for local merchants than international chains. Retailers
include musicshop.lv (music), shop24.lv (electronics) and enaplus.com
(grocery).
 Poland: Tough economic conditions have shut down many
businesses particularly those without a major financial backer. Poland has a
large relatively large population but online access is limited - it is still
expensive due to a lack of competition. Online shops include ws.pl (books),
officedepot.com.pl (office goods) and emarket.pl (electronics). Online
grocery is advanced for the region, though deliveries are generally restricted
to the more populated areas. Grocery websites include leclerc.com, bomi.pl,
mojesklepy.com and dodomku.pl.
 Romania: Till recent, the country had a low level of credit card
ownership, limited online banking and no legislation securing online
transactions. Most payment was offline for orders placed online. Indeed key
websites have only started accepting credit cards recently. Shops include
emania.ro (electronics and grocery, free delivery), domo.ro (electronics) and
megamarket.ro (grocery). Recently, new websites in the IT area appeared, like
flamigo.ro (computer components, electronics, audio-video), verasys.ro
(computer & multimedia components)
 Turkey: Turkey would become one of the largest markets in
Europe though its online pentration is low. Web shops include

29
hepsiburada.com (electronics, backed by media group Dogan who also own
leading ISP kolay.net), ideefixe.com (books) and gima.com.tr (grocery).

The opportunities for foreign retailers to sell into accession

countries are limited, as internet and credit card penetration are low. On the
other hand, there is often little competition for the sophisticated style of
website common in existing EU countries. Examples of foreign entrants
include Barnes & Noble (books.bg), Otto (otto.ee), OfficeDepot
(officedepot.hu) and Migros (online.migros.com.tr).

6. E-Commerce In The Private Sector Enterprises

In
Romania

Under communism the Romanian government invested strongly in

technology sector skill-building, leaving a skilled workforce, particularly in
software development, when the communist government fell in 1989. The
country is known for this skilled pool of software technicians and investors
compare Romania to India and Ireland in its potential in the software industry.
Analysts call for greater governmental support for education and training in
this area in order for that sector to remain competitive.

During the country's economic transition after 1989, the shaky

economy has left much fewer government funds to support research and
development and education and training. In 1990, the Romanian government
established the National Commission for Informatics (NCI) to oversee IT
policy. NCI coordinates IT research and development, computer network
creation and connection to international networks, and education programs
with the Ministries of Research and Technology, Telecommunications and
Education. The Romanian government initiated the National Strategy for the
Information Society in 1992, which became law in 1997, and calls for
strategic public-private partnerships, development of IT standards,
development of infrastructure, and investment in IT R&D. Under
Romtelecom, telecommunications is still a state monopoly and phone service
outside Bucharest is still unreliable.

30
 Recent events cast a more optimistic light on the IT sector in
Romania. In early 2001, Romtelecom halved the cost of daytime dial-up
Internet access in order to increase daytime Internet use and the government
announced plans to establish a parliamentary commission, led by Varujan
Pambuccian, a major proponent of e-commerce in Romania, to take charge of
any legislative developments in IT policy.

6.1 General remarks

From the beginning of 2003, with the total liberalization of the
electronic communication market, no specific licence per se is necessary to
provide any electronic communication services. A simple notification to
ANRC (National Regulatory Authority for Communications) is sufficient. By
the middle of 2004, 2032 companies had registered notifications at ANRC in
order to operate in accordance with the General Authorization. Among these,
1148 are now authorized to provide electronic communication networks and
services. 191 companies are authorized to provide telephonic services, 425
data transmission services and 475 Internet access. However, not all of these
are offering services on a commercial basis. (see updated situation at
http://www.anrc.ro/en/situatii.htm). 49 Telephony Operators received
Numbering Resources from ANRC.

The turnover of the communications services and public networks

providers who notified to ANRC the beginning of their activity until the end
of March exceeds Euro1.8 billion. 

In the beginning of 2004 there were 60 000 registered .ro domain

names. At the end of 2002, it is estimated that 10% of the total traffic over the
fixed network was used for Internet connections

6.2 Internet banking

In present, in Romania exists virtual cards (Taifun, emitted by

BancPost; Visa virtual, emitted by Banca Transilvania), which are accepted
even in some foreign shops. Also, different banks accepts internet banking.

Internet Banking is a banking service, which offers the possibility to

perform on-line banking operations in ROL (Romania Leu – national
currency) and foreign currency, at a distance. This application takes over all

31
the functions of the eBank service and slows any Bank client to perform a
wide range of banking operations.

Internet Banking is a service structures in 8 functional modules:

Management, Accounts, Statements of account, Payment Orders in ROL,
Payment orders in foreign currency, Financial and Banking Information,
Cards and taxes. The main function of the INTERNET BANKING system is
the processing of payment orders, in the two types: Compensation and
Treasury. Payment orders also allow intra-bank transfers from the current
accounts into the card accounts of the same holder. The Accounts module
presents the balance of the client's accounts; the Statements of Account
module allows the client to obtain a statement of account for the present day
and a retroactive one; the Information module offers the clients data about the
exchange rates and about the interests practiced by the Bank. The Card
module allows, in addition to the balance check and the statement of account,
the possibility to perform intra-bank transfer operations from the card
accounts into the current accounts and between the cards of the same owner.
The clients, whose residence is assigned to a Town Hall that concluded a
agreement with the Bank for the payment of taxes and fess by electronic
means, have the Tax module at their disposal.

For the purpose of ensuring a high level of safety, the service was
developed on the infrastructure which respects the requirements of
international standards of information security. The connection to the Internet
is permanently monitored, and in order to access the computer system of the
Bank, each member must have a user name and password. From the moment
the authorized client is connected, any exchange of data will be performed
under a secured protocol +SSL3, which uses an encryption key of 128 bites
(the most powerful product on the market at present time) and a 3DES
algorithm. At each working session, the client authenticates by means of a
Digipass 300 security device (token). The site for this service is insured and
secured by the company Verisign, so that the client may recognize and verify
easily the client's authenticity.

6.3 Present situation of the electronic commerce in Romania – data

and statistics
Statistics on the number of computers, Internet users or e-commerce
users existing in Romania are rather scarce. Various estimations show that the
number of computers connected to the Internet is between 700.000 –

32
1.000.000, and that of the Internet users is between 9% (according to
Pricewaterhouse – see the graph below) and 13% (according to a study
performed during January-July 2002 by GfK Romania[1]). Other sources
indicate a smaller number of Internet users.[2] However, the annual increase
rate of the Internet users is rather high, reaching even 39% during the last
period.
 

The same GfK study mentioned above states that most of the
Romanian users access Internet from public places and very few from the
education institutions. Also, public places – such as Internet cafes – are the
solution chosen by 50% of those accessing the Internet, and only 20% enter
the information highway from home.

33
 Under the conditions mentioned above it is normal that only 4% of
the Internet users use it for shopping in the last year. [3]

The initiatives of the Ministry of Communications and Information

Technology, but also of other ministries, to implement various e-government
solutions have stimulated the access to Internet by the citizens[4] and by
companies. Such a project is the e-procurement system available at www.e-
licitatie.ro where over 7 000 private companies are bidding for selling their
products to the 900 public institutions. The e-procurement system has been a
great success for the IT&C Ministry in Romania, but also abroad. It is
estimated that 35 millions euro were saved through obligatory public
electronic acquisition procedure in just one year. The system has proofed to
be an effective solution to combat corruption.

Unfortunately, there are no data regarding the use, especially by

SMEs, of computers or Internet or regarding their presence in the online
environment, at least through their own web pages.

The electronic payment methods are only at the beginning. The use
of debit/credit cards is not very extended for buyers. About 80% of the 4,1
million card owners[5] in Romania use the cards only to cash money from
ATM. There are 6,900 locations accepting cards for payment, out of which
only 4,000 have PoS terminals [6]. Starting 2002 more banks began
implementing and promoting Internet Banking services, including account
interrogation methods by means of mobile phones (a sort of m-banking). [7]

The remote supply systems are usually developed by the Romanian

Post, which has several services in this sense. (The rapid post service –
Prioripost, cash on delivery etc.) International fast delivery companies, such
as DHL or UPS, are present in Romania, but are usually not used by the
online shops due to the prices that are considered rather high. Certain shops
have developed their own distribution system for Bucharest or other major
cities. The number of online shops is not high (only about 50 shops have over
2000 visitors/month), and the number of accesses to them is not
encouraging[8]. None of them allows the payment of the products online in
Romania. 

Usually the payment is done by cash on delivery at the receipt of the

respective goods or by post office order, which means a rather high risk for
the shops (fake orders) and that money gets blocked in the system. This
means that there is practically only a primitive e-commerce activity. Although
there are enough Romanian companies having created on-line payment

34
systems for the shops abroad and they know the necessary steps to implement
such a method, the application in Romania has not yet succeeded. According
to these companies, the main reason is most likely that the banking system
has not yet been „connected” to e-commerce. 

However in 2002 the number of online stores increased

dramatically. A recent article from Biz review – no 62 /March 2003 showed a
full expansion image of the electronic commerce in Romania. They reviewed
the major Romanian online magazines and the total online sales figure for
2002 was estimated between 1-5 millions USD.[9] An extensive presentation
of the online shops statements, according with Biz review, is presented in the
Annex.

 The sites dedicated to the B2B systems are still in an incipient

phase, but there is no relevant statistics available. Examples are
www.rtcoffice.ro, a well-known office supplies and stationary supplier and
www.premierbc.com - B2B type virtual market created in several
international languages. It is now decided that the Romanian e-procurement
system e-licitatie.ro will be extended this year in order to be available for any
private company that wants to purchase its goods or services through this
website. The system will be designed to conclude up to 100 000 transactions
per day. With such an application, the government initiative could have a
considerable impact on the expansion of the B2B e-commerce.  

Although the number of Internet users is rather low, the banks, as

well as the on-line traders have promoted a series of services proving some
interest, although incipient, in this domain. Thus, during the last year the
following services occurred:

 Payment from Romania to foreign online stores: the introduction by the

banks in Romania of virtual cards dedicated for the payment on the
Internet abroad (Taifun card issued by BancPost which has an
associated virtual card– Taifun Virtual – 5,400 cards issued within the
5 months from the introduction on the market of this new product; a
card especially destined for payment on the Internet - VISA Virtual -
issued by Banca Romaneasca). It must however be mentioned that, due
to multiple frauds originated in Romania, these cards are sometimes not
accepted by the foreign traders (e.g. www.amazon.com )

35
  Payment from foreign countries to Romania online stores: various on-
line payment methods developed by the Romanian traders to allow for
the payment from abroad:
o Possibilities to make payments on-line by credit card for the
Romanians located abroad by the shop opening an account with a
foreign processor (e.g. 2checkout.com). The major disadvantage
is the one related to the high charges required to open the
account and the typically Romanian accounting problems created
by selling abroad - Solution implemented by
www.libraliilehumanitas.ro
o Possibilities to make on-line payments for the Romanians located
abroad by bank transfer – by the shop opening an account with a
bank transfer site (e.g. Moneybookers.com). Disadvantage: the
impossibility to make the payment of the products from
Romania, the high charges, the accounting problems. Solution
implemented by www.cartea.ro

 Micro-payment systems – developed to allow for the payment of small

amounts of money especially for the access to the content of certain
sites – usually in the form of value added SMS– solution implemented
by www.zf.ro or www.aman2.ro

6.4 Adopted and planned legislation and regulation necessary for

the development of e-commerce in Romania.

 The international legal practice indicates that the following issues

have to be taken into consideration for the development of the e-commerce. 

 a) Telecommunication liberalisation

Is an important step in improving the e-commerce climate as the
Internet largely depends on the communication system. The introduction of
competition leads to a reduction of costs for the access to the Internet and
promotes innovation and service quality. Romania, starting with January 1,
2003, has a completely liberalised electronic communication market that will
contribute to an increase of access to the Internet in Romania.

b) Recognition of the electronic documents

The purpose of which is to create a legal framework for the
recognition of electronic contracts, the allowance of electronic proof and the
acceptance of sending electronic documents to the governmental authorities.

36
These aspects are covered by the provisions of the Electronic Signature Law
no. 455/2001, the technical and methodological standards for the application
of the electronic signature law of December 13, 2001 and the Electronic
Commerce Law no. 365/2002. There are certain delays related to their
application (such as the regulatory and monitoring Authority stipulated by
Chapter IV of the Electronic Signature Law), but this does not in itself
prevent the development of commercial trades by Internet.

c) Consumer Protection 
The consumer has to be properly protected through legislation
concerning for example misleading advertisements liability for defective
products. There must also be adequate regulation on financial services.
Furthermore, in relation to online contracts and other distance contracts, the
regulations have to provide the consumers with:
- the right of withdrawal
- the performance of the distance contract within 30 days
- the protection against fraudulent charges
Such provisions are covered by the Romanian legislation through
the Law of Distance Contracts – Gov. Ordinance 130/2000, as well as through
the Electronic Commerce Law. Regarding the protection of consumers related
to the use of electronic payment that is provided for by BNR (National Bank
of Romania) 4/2002 on the transactions performed by means of electronic
payment instruments. The provisions in art 26 of the above mentioned
regulation limits the liability of the owner to 150 euro, in case of a fraudulent
use of the card. The provision will come into force on July 12, 2003. The
IT&C Ministry has also drafted procedure for the approval of the distance
access payment instruments, such as home-banking and Internet-banking
applications and should be issued by the Minister before the end of February
2003.    

d) Electronic funds transfer and the use of debit/credit cards

One of the challenges in establishing an operational electronic
commerce regime is to identify a payment mechanism that can safely be used
on the Internet. The development of an on-line payment system implies a
series of complex problems related to security, liability and taxation. There
are several on-line payment methods presently in the world: fund transfer
through Automated Clearing House (ACH) – including electronic cheques,
payment by credit/debit cards and stored value or e-money payments. Yet, the
solutions to be adopted depend from country to country, and relate to the
usual payment methods for the respective area.

37
 Romania does not have a long experience as regards electronic
payment methods. The most extended is the payment by debit/credit card but
even in this area the figures are not yet encouraging although on the market
there are about 4 million cards (the debit ones are predominant covering 85 %
of them), more than 80% of their owners use them only to withdraw money
from ATMs. However, the large number of cards is primarily an effect of the
government decision obliging the public institutions to pay wages on debit
cards. The number of shops accepting such payment is not significant (only
6,900 at the level of the entire country- out of which 4,000 have PoS
terminals). A recent emergency ordinance (no. 193 of Dec.12, 2002) obliges
the companies providing public utility services as well as the public
institutions collecting taxes, charges, fines, penalties and other payment
obligations to accept payment also by means of debit/credit cards. However
the implementation of the ordinance is due 1 January 2004.
The regulations concerning the electronic funds transfer is provided by
Regulation no. 4 of June13, 2002 of the National Bank of Romania on the
transactions carried out by means of electronic payment instruments and the
relations between the participants in these transactions. The regulation is
primarily based on 97/489/EC Commission Recommendation of July 30,
1997 concerning transactions by electronic payment instruments and in
particular the relationship between issuer and holder.

e) Dispute resolution
Problems can occur between sellers and buyers in any commercial
activity. The uncertainty regarding the way to settle disputes can make the
parties hesitant to use on-line acquisitions. When a small amount of money is
involved, going to the court is not a practical option for most part of the
consumers and SMEs. Usually, an option that can solve part of the problems
is to use a rapid dispute resolution mechanism, easily accessible by electronic
means and with low costs. These alternative dispute resolution systems can be
a practical solution, useful for the development of the on-line commerce.
Unfortunately in Romania these systems are not very well known as yet.
Arbitration is still very little used (mainly through the Arbitration Tribunals
set up by the Chambers of Commerce and Industry in the major cities), and
mediation is at a very timid level. The Electronic Commerce Law no.
365/2002 – see art.20 provides however for the possibility to use such kind of
systems.

f) Liability of Internet Service Providers

Another significant element on which a proper environment for e-
commerce depends is providing mechanisms that should limit the civil and

38
criminal liability of the Internet Service Providers (ISP) in case these entities
act as intermediaries allowing access to the Internet. This approach is
necessary in order to protect the ISPs from potential actions in court against
them, in the case when illegal activities are performed by third parties using
their services. This issue is clearly regulated by the Electronic Commerce
Law no. 365/2002 – Chap IV, as well as the methodological standards for the
application of the electronic commerce law of November 20, 2002 - chap. III.

g) Domain Names
RNC, as part of ICI – Institute for Informatics Research, is the
institution designated to manage the domain name .ro Until now, there have
not been major problems related to this, the only references being related to
the modality to contest a domain name. The arbitration regarding domain
name under .ro may be done at the Arbitration and Mediation Centre of the
World Intellectual Property Organisation (WIPO), but RNC intends to create
a Romanian arbitration system – which would solve part of potential
dissatisfactions.

In addition, it has proved effective to regulate many e-commerce

activities through codes of conduct developed by relevant professional
associations. Such codes of conduct could cover spam issues, rating the
content, user assistance or personal data processing.

6.5 Obstacles in the development of the electronic commerce in

Romania

 No further needs for legislation on electronic commerce have so far

been identified. The major obstacles that make the electronic commerce lag
behind are more related to the present situation of the next issues: 

 · Present situation of the Romanian banking system

The Romanian banking system, although lately much improved, still shows
major problems as regarding the electronic inter-bank payment clearing. A
clearing system between the banks is not yet implemented; thus clearing can
take up to 5 working days. The lack of such a system makes the inter-bank
payments rather difficult, implies large commissions and hence the banks are
rather disadvantaged in accepting cards from other banks in their ATM or PoS
terminals. This is valid even more for their use on the Internet where
additional security and authentication problems may occur. For the
administration of the national payment system, starting with 2000, The

39
National Society for Fund and Clearing Transfer - TransFond was created by
the central bank (BNR), which owns 33% of the its shares, and 28
commercial banks owning 67% of its shares. But an electronic payment
clearing system will be operational only in 2004 at the earliest. This system
will allow the clearing of amounts below 500 million lei in real time and for
the rest in maximum 1 working day.[10] This is also one of the
recommendations the Foreign Investors Council made in the presentation
regarding Romania’s economy in May 2002 – Implementation of the
Electronic Clearing System to eliminate the current delays and the excessive
transaction costs and to make TransFond operational.

Nevertheless – the implementation of this electronic clearing system

will not automatically mean the cards will be easy to use and accepted on the
Internet. Almost each bank uses a different card processing solution without a
real interaction between the different solutions:
· through Romcard – a company set up by certain banks in view of
performing this service (such as BCR, Raifaissen, BCIT etc)
· their own system (e.g.. BancPost or BRD – Societe Generale)
· through private card processors (Paynet or Provus)

 There is also a certain fear regarding the risk of the transactions,

especially as no one seemed to be prepared to offer an insurance service
covering transactions made by cards.

Under the circumstances the banks are not interested in the

development of a system that would allow on-line payments by means of
cards issued by other banks due to the low commission they can gain on this
type of payments or the difficulties related to authentication the card in real
time. BancPost had however announced that they will offer an e-commerce
service started in 2003, by means of which the companies interested may
implement a computer system, based on the one developed by Softnet for the
E-tax application. Payments are thus possible from Romania but only through
Taifun virtual cards issued by this bank. This application, as well as the e-tax
system developed by Softnet, demonstrates how software companies are
committed to make online payments possible even though the banking system
is not yet designed for that service.

 The low penetration rate of Internet, together with the very

limited use of cards for shopping makes the interest of the companies in the
electronic commerce rather low.

40
  Mistrust and lack of information on electronic commerce. The
Romanian users, as well as the companies show no trust in an e-commerce
system partly due to the lack of information in the domain. The news on the
subject is mostly related to on-line frauds, fact which creates reservation and
doubt regarding the success of such an approach. Banks do not recommend
and in some cases even forbid the use of the issued credit/debit cards on the
Internet, due to the fears related to data security.

There is no national awareness programme for SMEs concerning the

economical aspects of electronic commerce and the ways in which they can
be implemented, although some initiatives in this respect were supported by
European Union. No campaign to inform users has been organised regarding
what using electronic commerce means and involves.

The SME Ministry together with representatives from other

Ministries initiated a national strategy on e-commerce during 2002, which,
however, has not been concluded yet.

7. Conclusion

7.1 General conclusions

Currently most financial institutions use the Internet as a
presentation medium. Often there is a possibility to request additional
information or to perform individual calculations.Business transactions are
rather rare at least in most European countries. On the other hand, a lot of
effort is devoted to construct solutions to manage financial routine
transactions like money transfers , opening and closing of accounts,
implementation and deletion of standing orders and much more.

Payment systems are developed to facilitate electronic commerce. In

order to realize significant rationalization potentials no isolated but integrated
solutions that support existing business processes are required Collaboration
between competing financial institutions may be necessary to cut down
development costs .

In general, financial institutions have to decide on their Internet

presence. Is it worth to invest significant sums? It can be shown that there are
not necessarily first mover advantages On the other hand, fast reactions to

41
actions of competitors are difficult since significant know-how is required to
quickly build up an Internet presence. This implies that waiting too long may
be extremely harmful and expensive .Consequently, a good strategy should be
to build up know-how by means of small or medium pilot projects. Actions of
competitors ,as well as the development of the Internet should be monitored
closely.

Now we are in the midst of worldwide rush toward digital

commerce that could ultimately result in many people’s lives being conducted
largely online, encompassing creation and distribution of propertary
multimedia information and other forms of intellectual property ,
merchandising ,cashless financial transactions , and general electronic
communications.

The Internet is attracting the best innovations in the areas of

computer usability and network exploitation. Internet browsers and servers
continue to rush forward to include access to existing information resources
as well as innovative ways to access the Internet.

7.2 Suggestions for e-commerce in Romania

I. The elaboration by bank specialists of a study regarding the way

in which, within the Romanian banking system, a solution accepted by all
banks to perform payments on the Internet may be developed. The study
should also focus on the part that TransFond could play in this respect. A full
collaboration between the IT associations, National Bank of Romania and
Romanian Banks Association should be developed in order to implement a
functioning electronic commerce system. It would be valuable to the process
if the Romanian Government, preferably through the IT&C Ministry and
SME’s Ministry, could participate as well, creating a functioning Public /
Private Partnership Dialogue.

II. The support of national programmes to inform SMEs on the

advantages of electronic commerce.

III. The promotion of programmes to increase the number of Internet

users, especially by the access from home and to increase the number of
computers for personal use. Experience could be gained from other countries
that have used schemes such as the deduction from the global income tax of
the costs related to the acquisition of a computer. Another solution could be
the creation of further incentives for the citizens to use the Internet, such as

42
the effect the extension of the e-procurement system will have for promoting
B2B. Possible action may be the payments through Internet for public utilities
or the obligation for the national and local public administration to use e-mail
as an official tool of communication with citizens and companies.

IV. The support and the creation of alternative methods to solve

disputes related to e-commerce.

V. The initiation of various measures to create the trust of the users

in digital economy, such as the initiation of a trust mark system for the e-
commerce websites. These measures should be correlated with what is
envisaged at the European Union level.

VI. A strengthening by the National Bank of Romania of the

regulations on protection for consumers as regarding the use of credit/debit
cards on the Internet

VII. Improvements or additions related to the electronic signature

domain or others considered as related ones (such as the cryptography
regulation, the electronic notary, time stamping) can be taken into
consideration, but they are not of prime importance for the development of
electronic commerce.

43
APPENDIX A
Romanian Online Stores [11]

1. Website : www.magazinultau.ro
Launched : November 2001
Products : PC’s, electronics, toys, sport articles, office supplies, computer
supplies
Sales 2002 : 400 000 USD
Estimated sales for 2003 : 800 000 USD

2. Website : www.emania.ro
Launched : September 2000
Products : various ( electrical devices, computers, tourism, sport gadgets,
DVDs, etc)
Sales 2002 : 8 billions lei = approx 240 000 USD

3. Website : www.casadecomenzi.ro
Launched : December 2000
Products : Various ( 22 categories)
Estimated Sales 2003 – 300 000 USD

4.      Website : www.elanko.ro

Launched : December 2002
Products : electrical devices, computers
Estimated sales 2003 : 2-4 billions lei = approx. 60 000 – 120 000 USD
 
5.      Website : www.shift.ro
Launched : December 2002
Products : car accessories, constructions materials , sport, audio-video, office
supplies, food
Sales 2002 : 506.2 millions lei = approx. 15 000 USD
Estimated sales 2003 : 6 billions lei = approx. 180 000 USD
 
6.      Website : www.itshop.ro
Launched : 2001
Products : computers components, software, accessories
Sales increase in 2002 : + 50 %
 
7.      Website : www.buy-on-line.ro
Launched : April 2002

44
Products : IT based products(computers, printers, software, etc)
Sales 2002 : 150 000 Euro
Estimated Increase 2003 : 50-100%
 
8.      Website : www.eflamingo.ro
Launched : December 2001
Products : computers, PC components, printers, office supplies
Sales 2002 : 600 000 USD (sales from all 11 virtual shops of Flamingo
Company)
Estimated sales 2003 : +200%

9.  Website : www.stilo.ro

Launched : March 2002
Products : watches, perfumes, porcelain, CDs
Sales 2002 : 15 000 USD
Estimated sales 2003 : 70 000 USD
 
10.  Website : www.emag.ro
Launched : January 2002
Products : PCs, computer components, printers, office supplies
Sales 2002 : 150 000 USD
Estimated Sales 2003 : 1 000 000 USD
 
11.  Website : www.baduc.store.ro
Launched : November 2000
Products : construction materials and installations
Sales 2002 : over 100 millions lei = approx 3 000 USD
Estimated sales 2003 : 2-5 billions lei = approx 60 000 – 150 000 USD
 
12.  Website : www.bebelusultau.ro
Launched : April 2002
Products : designated for babies and their mothers
Sales 2002 : 25 000 USD
Estimated sales 2003 : 75 000 USD
 
13.  Website www.libraliilehumanitas.ro
Launched : November 2002
Products : Books and E-books
Estimated sales for 2003 : + 50%

45
APPENDIX B
Notes

1[1]This study was performed on the Romanian population over 14

years old
1
[2] A statement from the ANISP President Mr. Gheorghe Rusu on
the end of January 2003 estimated the number of Internet users around 1 000
000 – 1 500 000.
i
[3] To the number of Romanian Internet users we should add some
of the 2.5 millions Romanian natives who live in North America and Western
Europe (estimation by Ministry of Foreign Affairs). A lot of them have access
to Internet and they were targeted by online newspapers and some online
shops from Romania – see also the e-payment procedures developed for
foreign customers.
2
[4] The project making 150 local and central public administration
forms available on-line at http://formulare.mcti.ro or Law 291/2002
stipulating the obligation of the local public administration authorities to
implement electronic systems to collect local taxes and charges in every town
or city
3
[5] Statement by Mr. Radu Ghetea , President of the Romanian
Banks Association on 12 02 2003
4
[6] A point-of-sale (POS) terminal is a computerized replacement
for a cash register. Much more complex than the cash registers of even just a
few years ago, the POS system can include the ability to record and track
customer orders, process credit and debit cards, connect to other systems in a
network, and manage inventory.
5
[7] In February 2002, there were 7 banks who offered Internet-
banking services and 17 banks who offered home-banking
6
[8] According to visitors’ counting site www.trafic.ro , the first
10 web pages of the e-commerce section had together, during the first week of
the year about 55.000 unique visitors, about the same number with the one
registered by the main daily sports newspaper in Romania

1
2
3
4
5
6

46
 7
[9] My opinion is that the figure is too high, but it may be possible
for some people to command online and to pay and get the products offline
directly from the store.
8
[10] Now an operation lasts, as an average, 3,67 days. The auction
organised by the National Bank of Romania to designate the company that
will introduce the electronic payment system was concluded only on 15
January 2003 when the winning company was designated.
9
[11] All the data was recorded by Biz Review no 62/ March 2003

7
8
9

47
 Bibliography
E-Commerce And Development Report 2002, New York and Geneva, 2002
http://www.e-lo-go.de/html/modules.php?name=News&file=article&sid=2861
http://www.onlinewbc.gov/docs/techno/what_is_Electronic_Commerce.html
www.ecommercetimes.com/

48
i