CHAPTER 1 - INTRODUCTION TO E-COMMERCE

 E-commerce -- electronic commerce or EC -- is the buying and selling of goods and services, or
the transmitting of funds or data, over an electronic network, primarily the internet.
 E-commerce, also known as electronic commerce, refers to the buying and selling of products
or services over the internet. It is a type of online transaction that involves the use of electronic
data interchange (EDI), electronic funds transfer (EFT), and other technologies to facilitate
online transactions between buyers and sellers.
E-Commerce Fundamentals and Media Convergence:
E-commerce fundamentals refer to the basic principles and practices of conducting business
transactions online. These include setting up an online store, accepting payments online, managing
inventory, and using digital marketing tactics to drive traffic and sales.
Media convergence refers to the merging of traditional media with digital media, resulting in new
forms of media that are more interactive, personalized, and accessible. E-commerce and media
convergence are closely related, as e-commerce relies on digital media to reach customers and
conduct transactions.
Here are some examples of how e-commerce fundamentals and media convergence intersect:
1. Personalized Marketing: With the rise of digital media, businesses can now collect vast amounts
of data on consumer behavior, preferences, and demographics. E-commerce companies can use this
data to create personalized marketing campaigns that target specific audiences with relevant offers
and promotions. For example, Amazon uses data on customers' past purchases and browsing history
to suggest products they might be interested in.
2. Mobile Commerce: The increasing use of smartphones and tablets has led to a rise in mobile
commerce, or m-commerce. E-commerce companies must now optimize their online stores for mobile
devices to provide a seamless shopping experience for customers. For example, Walmart's mobile app
allows customers to browse products, make purchases, and track orders from their smartphones.
3. Social Media Integration: Social media platforms have become an integral part of many people's
daily lives, and e-commerce companies can use these platforms to reach customers and drive sales.
For example, Instagram allows businesses to create shoppable posts that link directly to their online
stores, making it easier for customers to make purchases.
4. Virtual Reality: As technology advances, e-commerce companies are exploring new ways to
provide immersive and engaging shopping experiences. Virtual reality (VR) is one such technology that
allows customers to interact with products in a more lifelike way. For example, IKEA has developed a
VR app that allows customers to visualize how furniture would look in their homes before making a
purchase.
In summary, e-commerce fundamentals and media convergence are closely intertwined, as businesses
must use digital media to reach customers and conduct transactions in today's digital age. As
technology continues to evolve, e-commerce companies must stay up to date on the latest trends and
innovations to remain competitive in the market.
Seven Unique features of E-commerce: (SUPRISE)
1. Ubiquity – internet/web technology is available everywhere: at work, home and elsewhere via
mobile devices.
 Marketplace extended beyond traditional boundaries
 “Marketspace” is created, available 24/7/365
 Customer convenience increased, costs reduced.
 Ubiquity reduces transaction cost – the cost of participating in a market
2. Everywhere (Global Reach) – the technology reaches across national boundaries, around the
earth.
 The potential market size is roughly equal to the size of the world’s online population
 The total number of users or customers an e-commerce business can obtain is a measure of its
reach
3. Universal standards – there is one set of technology standards, namely internet standards that is
shared by all nations around the world.
 Promotes technology adoption
 Reduces costs of adoption
 Greatly lower market entry cost for merchants
 Reduce search cost for consumers
4. Richness – Refers to the complexity and content of a message
 Video, audio, and text messages are integrated into a single marketing message
 The Internet has the potential for offering considerably more information richness than traditional
media like printing press, radio, and television because it is interactive and can adjust the message
to individual users
5. Information Density - Internet and Web vastly increase the total amount and quality of
information available to all market participants
 Information processing, storage and communication costs drop dramatically.
 Accuracy and timeliness improve greatly.
 Information becomes plentiful, cheap and accurate.
6. Interactivity – the technology allows active user involvement.
 Enable two-way communication between merchant and consumer
 Traditional televisions cannot ask viewers any questions or enter into conversations, and it cannot
request that customer information be entered into a form
 Interactivity allows an online merchant to engage a consumer in ways similar to a face-to-face
experience on a global scale where consumers engage in dynamic dialog
7. Social Technology – the technology allows the persons to create communities of their own
interest.
 The Internet and e-commerce technologies have evolved to be much more social by allowing users
to create and share content in the form of text, videos, music, or photos with a worldwide
community.
 Using these forms of communication, users are able to create new social networks and strengthen
existing ones
8. Personalization/Customization – the technology reaches allows personalized messages to be
delivered to individuals as well as groups.
 E-commerce technologies permit personalization by targeting of marketing message to specific
individuals by adjusting the message to a person’s name, interests, and past purchases
 The technology also permits by changing the delivered product or service based on user’s
preferences or prior behavior
 Potential customer reach extended.
Advantages of ecommerce:
 A Larger Market: Ecommerce allows you to reach customers all over the country and around
the world. Your customers can make a purchase anywhere and anytime, especially more people
are getting used to shopping on their mobile devices.
 Customer Insights Through Tracking And Analytics: Whether you're sending visitors to
your ecommerce website through SEO, PPC ads or a good old postcard, there is a way to track
your traffic and customers' entire user journey to get insights into keywords, user experience,
marketing message, pricing strategy, and more.
 Fast Response to Consumer Trends and Market Demand: The streamlined logistics,
especially for merchants who do "drop ship," allow businesses to respond to market and
ecommerce trends and consumer demands in a nimble manner. Merchants can also create
promotions and deals on the fly to attract customers and generate more sales.
 Lower Cost: With the advance in ecommerce platform technologies, it has become very easy
and affordable to set up and maintain an ecommerce store with a low overhead. Merchants no
longer have to spend a large budget on TV ads or billboard, nor worry about the expense for
personnel and real estate.
 More Opportunities to "Sell": Merchants can only provide a limited amount of information on
a product in a physical store. On the other hand, ecommerce websites allow the space to
include more information such as demo videos, reviews, and customer testimonials to help
increase conversion.
 Personalized Messaging: Ecommerce platforms give merchants the opportunity to serve up
personalized content and product recommendations to registered customers. These targeted
communications can help increase conversion by showing the most relevant content to each
visitor.
 Increased Sales with Instant Gratification: For businesses that sell digital goods,
ecommerce allows the delivery of products within seconds of making a purchase. This satisfies
consumers' need for instant gratification and helps increase sales, especially for low-cost items
that are often "impulse buys."
 Ability to Scale Up (Or Down) quickly and Unlimited "Shelf Space": The growth of an
online business is not limited by the availability of physical space. Even though logistics can
become an issue as one grows, it's less of a challenge compared to those for running a brick-
and-mortar store. Ecommerce merchants can scale up or down their operation quickly, and take
advantage of the unlimited "shelf space," as a response to market trend and consumer
demands.
Disadvantages of ecommerce:
 Lack of Personal Touch: Some consumers value the personal touch they get from visiting a
physical store and interacting with sales associates. Such personal touch is particularly
important for businesses selling high-end products as customers not only want to buy the
merchandise but also have a great experience during the process.
 Lack of Tactile Experience: No matter how well a video is made, consumers still can't touch
and feel a product. Not to mention, it's not an easy feat to deliver a brand experience, which
could often include the sense of touch, smell, taste, and sound, through the two-dimensionality
of a screen.
 Price and Product Comparison: With online shopping, consumers can compare many
products and find the lowest price. This forces many merchants to compete on price and reduce
their profit margin.
 Need for Internet Access: This is pretty obvious, but don't forget that your customers do
need Internet access before they can purchase from you! Since many ecommerce platforms
have features and functionalities that require high-speed Internet access for an optimal
customer experience, there's a chance you're excluding visitors who have slow connections.
 Credit Card Fraud: Credit card fraud is a real and growing problem for online businesses. It
can lead to chargebacks that result in the loss of revenue, penalties, and bad reputation.
 IT Security Issues: More and more businesses and organizations have fallen prey to malicious
hackers who have stolen customer information from their database. Not only could this have
legal and financial implications but also lessen the trust customers have in the company.
 All the Eggs in One Basket: Ecommerce businesses rely heavily (or solely) on their websites.
Even just a few minutes of downtime or technology hiccups can cause a substantial loss of
revenue and customer dissatisfaction.
 Complexity in Taxation, Regulations, and Compliance: If an online business sells to
customers in different territories, they'll have to adhere to regulations not only in their own
states/countries but also in their customers' place of residence. This could create a lot of
complexities in accounting, compliance, and taxation.
 M-commerce
 M-commerce, also known as mobile commerce, refers to the buying and selling of goods and
services using mobile devices such as smartphones and tablets. It involves conducting commercial
transactions through mobile applications (apps), mobile-optimized websites, or other mobile
platforms.
 In other words, we can say that M-commerce (mobile commerce) is the buying and selling of goods
and services through wireless handheld devices such as smartphones and tablets. As a form of e-
commerce, m-commerce enables users to access online shopping platforms without needing to
use a desktop computer.
 M-commerce has gained significant popularity in recent years due to the widespread use of
smartphones and the increasing availability of mobile internet access. It offers a convenient and
accessible way for consumers to shop and make purchases on the go, without the need for a
physical store or a desktop computer.

The different types of Mobile Commerce are:

1. Browsing for stuff online on your mobile – This type deals with surfing for stuff online like
looking for Groceries, Daily essentials, and electronics. We’re talking about dedicated apps, optimized
websites, or even social media platforms like Facebook or Instagram that allow in-app purchases or
linking to online stores.

2. Purchasing app-delivery stuff (Food delivery or e-commerce apps) – This type deals with the
services related to ordering things like food, cab pickup, and others.

3. Mobile banking – Mobile banking is the method that involves accessing the features of the bank
using online methods. The transactions are made from specific apps designed by apps, though some
financial services companies are now experimenting with chatbot or messaging apps to deliver
customer service.

4. Mobile App payments (Google Pay or PayPal) – This type primarily focuses on making payment
transactions through apps. The user is required to register their credit or debit card and then use it
whenever they want.

5. Purchasing or renting digital content (Netflix, Spotify, etc.) on a mobile device – This
involves buying or renting online services like Music Streaming, Video Streaming, or commodity-based
on a rent basis.

6. Mobile person-to-person payments (Venmo or Xoom) – This type involves sending money
from one person to another, be it for buying stuff or sending it to someone in need. This type of
transaction can be made by sending money to someone’s number or to their bank account directly.

Application of Mobile Commerce

Mobile commerce, also known as m-commerce, refers to conducting commercial transactions using
mobile devices such as smartphones or tablets. It has gained significant popularity with the
widespread adoption of mobile technology. Here are some applications of mobile commerce:
1. Mobile Shopping: Mobile commerce enables users to browse and purchase products or services
directly from their mobile devices. Users can access online stores, view product catalogs, compare
prices, read reviews, and make secure payments, all within a mobile application or mobile-
optimized website.
2. Mobile Payments: Mobile commerce facilitates mobile payment methods, allowing users to make
transactions using their mobile devices. This includes various payment options such as mobile
wallets (e.g., Apple Pay, Google Pay, Samsung Pay), in-app purchases, mobile banking apps, or
contactless payment technologies like Near Field Communication (NFC) for in-store purchases.
3. Mobile Ticketing: Mobile commerce is widely used for purchasing and storing tickets for various
events, including concerts, movies, sports events, and public transportation. Users can buy tickets
 through dedicated mobile apps, receive electronic tickets on their devices, and present them for
validation or scanning.
4. Mobile Banking and Financial Services: Mobile commerce plays a crucial role in the banking
and financial sector. Mobile banking apps allow users to manage their accounts, check balances,
transfer funds, pay bills, and perform other banking operations using their mobile devices. It
provides convenient access to financial services on the go.
5. Mobile Food Ordering and Delivery: Mobile commerce platforms enable users to order food
from restaurants and have it delivered to their location. Dedicated mobile apps or websites offer
menus, customization options, payment processing, and real-time order tracking. This application
has become particularly popular with the rise of food delivery services.
6. Mobile Travel and Hotel Bookings: Mobile commerce is extensively used for booking flights,
hotels, car rentals, and other travel-related services. Travel aggregators, airlines, and hotel chains
provide mobile apps or mobile-optimized websites that allow users to search, compare prices,
make reservations, and manage their travel itineraries using their mobile devices.
7. Mobile Digital Content and Subscriptions: Mobile commerce enables the purchase and
consumption of digital content such as e-books, music, movies, and mobile applications. Users can
browse, purchase, and download or stream content directly to their mobile devices. Additionally,
subscription-based services like streaming platforms or online news subscriptions are commonly
accessed and managed through mobile commerce.
8. Mobile Auctions and Marketplaces: Mobile commerce platforms provide access to online
auctions and marketplaces where users can buy and sell a wide range of products or services.
Popular examples include auction platforms like eBay or online marketplaces like Amazon, where
users can engage in transactions directly from their mobile devices.
These are just a few examples of the applications of mobile commerce, which continue to expand and
evolve as technology advances. The convenience, accessibility, and personalized nature of mobile
devices have significantly transformed the way people engage in commercial activities.
Advantages of M-Commerce:
1. Increases the amount of customer retention by being easily accessible to them
2. Wider variety of commodities and services
3. More options for selecting the product
4. Convenient for the consumer to compare the pricing, product reviews, and making purchases
without the use of a computer.
5. Multiple options for payments like the credit card and debit card payments,
6. Better user experience

Disadvantages of M-Commerce:
1. The technology required to set up M-commerce at the moment is very expensive. The initial cost
to begin a business is very high.
2. In developing countries, the network signal is not very good and the providers are not capable of
providing good speed. Due to this, it is not suitable for data transfer.
3. There is a risk of security- Although it is quite safe these days, there is always a chance of data
leaking and intrusions.
4. A poorly designed app can lead to lesser number of purchases because of customer dissatisfaction.
5. Mobile payment is still not available across many locations in the world.
Internet’s influence on market and price
The internet has had a significant influence on markets and prices, transforming the way businesses
operate and consumers make purchasing decisions. Here are some key ways in which the internet has
impacted markets and prices:

1. Increased Market Accessibility: The internet has expanded the reach of markets, enabling
businesses to access a global customer base. It has removed geographical barriers and allowed
businesses of all sizes to enter new markets and target customers beyond their local regions. This
 increased accessibility has intensified competition and created more choices for consumers,
potentially impacting prices.
2. Price Transparency: The internet has greatly improved price transparency by allowing
consumers to easily compare prices across different sellers and platforms. Online marketplaces,
price comparison websites, and search engines provide consumers with the ability to quickly and
efficiently find the best prices for products or services. This transparency exerts pressure on
businesses to offer competitive prices to attract customers.
3. Dynamic Pricing: The internet has facilitated the implementation of dynamic pricing strategies.
Online retailers can use algorithms and data analytics to adjust prices in real-time based on factors
such as demand, competitor pricing, and customer behavior. This allows businesses to optimize
pricing and respond to market conditions, potentially resulting in price fluctuations.
4. Direct-to-Consumer Sales: The internet has empowered businesses to sell directly to
consumers, bypassing traditional distribution channels. By eliminating intermediaries, businesses
can reduce costs and offer products at lower prices. This direct-to-consumer model has disrupted
industries and led to price disruptions in various sectors, including electronics, fashion, and
household goods.
5. Online Auctions and Marketplaces: Online auctions and marketplaces, such as eBay and
Amazon, have revolutionized the way goods are bought and sold. These platforms enable
individuals and businesses to engage in competitive bidding, driving prices up or down based on
supply and demand dynamics. The open nature of online auctions and marketplaces can result in
both competitive pricing and opportunities for consumers to find lower-priced items.
6. Increased Price Competition: The internet has intensified price competition among businesses.
Online platforms provide consumers with easy access to a wide range of sellers, and businesses
need to remain competitive to attract customers. This competitive environment can lead to price
wars and downward pressure on prices as businesses strive to offer the best value.
7. Personalized Pricing and Offers: With the availability of vast amounts of data on consumer
behavior and preferences, businesses can employ personalized pricing strategies. Online retailers
can offer targeted discounts, promotions, and personalized offers based on individual customer
data. This allows businesses to tailor pricing to maximize customer loyalty and increase sales.

E-Commerce Framework
 The term e-commerce framework is related to software frameworks for e-commerce
applications. They offer an environment for building e-commerce applications quickly. E-
Commerce frameworks are flexible enough to adapt them to your specific requirements. As
result, they are suitable for building virtually all kinds of online shops and e-commerce related
(web) applications.
 An ecommerce framework is a software platform or set of tools that enables the creation and
management of online stores and facilitates the selling of products or services over the internet.
These frameworks provide a foundation for building and running an ecommerce website,
offering various features and functionalities to handle inventory management, product listings,
shopping carts, payment processing, order fulfillment, and more.
Here are some popular ecommerce frameworks:
1. WooCommerce: WooCommerce is a widely used ecommerce plugin for WordPress. It offers a
range of features and extensions to transform a WordPress website into an online store.
2. Shopify: Shopify is a hosted ecommerce platform that provides a complete solution for building
and managing online stores. It offers a user-friendly interface and includes features like
customizable themes, payment integration, and inventory management.
3. Magento: Magento is a robust and scalable ecommerce framework that caters to small
businesses as well as large enterprises. It offers extensive customization options, powerful
marketing features, and supports multiple stores and languages.
These are just a few examples of popular ecommerce frameworks available. The choice of framework
depends on factors such as the size and complexity of your business, budget, technical expertise, and
specific requirements. It's important to evaluate each framework's features, scalability, security, and
community support before making a decision.
An e-commerce framework must
 allow replacing all parts of the framework code
 forbid changes in the framework code itself
 contain bootstrap code to start the application
 be extensible by user-written code E-Commerce frameworks should
 define the general program flow
 consist of reusable components
 be organized in functional domains
They provide an overall structure for e-commerce related applications.
Furthermore, they implement the general program flow e.g. how the checkout process works. Contrary
to monolithic shop systems, existing program flow can not only be extended but completely changed
according to your needs.
The following architecture overview shows available framework components. The component
configuration takes place in the configuration node and a factory is responsible for resolving of the
implementations. For each component a custom implementation can be configured and used.

Electronic commerce and media convergence

By now you must be familiar with the e-commerce framework. Let us now discuss the role of media
convergence in e-commerce.
Media Convergence is a process of interlinking of computing and information technology organizations,
telecommunication networks, and content providers from various media. These media include journals,
newspapers, music, television, radio, and entertainment software. Media convergence conveys jointly
the “three Cs” and they are computing, communications, and content.

Media convergence is the merging of previously distinct forms of media, such as television, radio,
newspapers, and the internet, into a single platform. This convergence has been facilitated by
advances in technology, such as the development of digital media and the internet, which have made
it easier to access and distribute information across multiple platforms. As a result, traditional media
outlets have had to adapt to new technologies in order to remain relevant, and new forms of media
have emerged. For example, newspapers now offer online versions of their content, television shows
are available for streaming on the internet, and radio stations now have podcasts. Media convergence
has created new opportunities for content creators and has changed the way people consume and
interact with media.

Convergence happens at two major levels:

● Technologies: Creative content is transformed into industry-related digital forms for delivery.
This is done via broadband or wireless networks to exhibit on various computer or computer-
related devices and also on cellular telephones to personal digital assistants (PDAs) to digital
video recorders (DVRs).
● Industries: Companies that are spread all over the business spectrum starting from media to
telecommunications to technology combine or create strategic agreements. The purpose of
these alliances is to expand new business models that can yield profit from the emerging
customer expectations of availability of content.
Information Superhighway (I-WAY)
 The term "information superhighway" was coined in the 1990s to describe the emerging global
network of interconnected computer networks that we now know as the internet. It was a
metaphorical concept used to convey the idea of a digital highway system that allows for the
rapid transmission and exchange of information.
 The information superhighway encompasses various technologies and infrastructures that
enable the sharing of data, communication, and access to resources on a global scale. It
includes technologies such as telephone lines, fiber optic cables, satellites, and wireless
networks that facilitate the transmission of digital information.
The development of the information superhighway has transformed the way we communicate access
information, conduct business, and interact with one another. It has revolutionized fields such as
commerce, education, entertainment, and research, providing new opportunities and challenges for
individuals, businesses, and governments.
Today, the information superhighway is synonymous with the internet and all the services and
technologies that are built upon it. It encompasses websites, email, social media, online shopping,
streaming platforms, cloud computing, and countless other applications and services that are an
integral part of our modern digital lives.
The information superhighway consists of several key components that work together to enable the
transmission, storage, and retrieval of digital information. Here are some of the main components:
1. Telecommunication Infrastructure: The information superhighway relies on a vast network of
telecommunications infrastructure, including telephone lines, fiber optic cables, satellite systems,
and wireless networks. These infrastructure components provide the physical means for
transmitting data over long distances.
2. Internet Protocol (IP): IP is a set of rules that govern the routing and addressing of data packets
across networks. It allows for the seamless transmission of information across the internet,
ensuring that data can flow between different devices and networks.
3. World Wide Web (WWW): The World Wide Web, commonly referred to as the web, is a system
of interconnected documents and resources that can be accessed over the internet. It is built on
technologies such as HTTP (Hypertext Transfer Protocol) and HTML (Hypertext Markup Language)
and enables the sharing of information through web pages, hyperlinks, and multimedia content.
4. Internet Service Providers (ISPs): ISPs are companies that provide internet connectivity to
individuals, businesses, and organizations. They offer various types of connections, such as
broadband, DSL, cable, and fiber, allowing users to access the internet and connect to the
information superhighway.
5. Web Browsers: Web browsers are software applications that allow users to access and view web
pages. Examples of popular web browsers include Google Chrome, Mozilla Firefox, Microsoft Edge,
and Safari. These browsers interpret HTML code and render web pages, providing users with a
graphical interface to navigate the web.
6. Servers: Servers are computers or systems that store and deliver web pages, files, and other
resources to clients upon request. They host websites, applications, and services, making them
accessible to users via the internet. Servers play a vital role in the storage and distribution of
digital content on the information superhighway.
7. Internet Protocol Addresses (IP addresses): IP addresses are unique numerical identifiers
assigned to devices connected to a network. They enable the identification and communication
between devices on the internet. IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol
version 6) are the two main versions of IP addresses currently in use.
8. Internet Applications and Services: The information superhighway encompasses a vast array
of applications and services that enable various online activities. These include email, social media
platforms, search engines, online shopping, video streaming, cloud storage, online banking, and
many other web-based services that facilitate communication, collaboration, and information
exchange.
Overview of Just in Time and Quick Response Retailing Inventory System
Just-in-Time (JIT)
Just-in-time (JIT) manufacturing is a production model in which items are created to meet demand,
not created in surplus or in advance of need. The purpose of JIT production is to avoid the waste
associated with overproduction, waiting and excess inventory, three of the seven waste categories
defined in the Toyota Production System (known in North America as the lean production model).
Toyota adopted JIT in the Toyota Production System (TPS), as a means of eliminating the seven wastes.
However, it was not at the Ford Motor Company that Toyota representatives saw the JIT model in
action. When Toyota toured plants in the United States in 1956, Ford had not yet fully implemented
the JIT model. It was at Piggly Wiggly, the first self-service grocery chain that Toyota representatives
saw JIT demonstrated and that was the model they based their system on.
In the major alternative to JIT manufacturing, inventory in excess of immediate need is managed. That
model is sometimes referred to as just-in-case (JIC) manufacturing.
Examples of just in time, or JIT, inventory processes are found in automobile manufacturing, drop
shipping retailers, fast food restaurant production and on-demand publishing. The JIT inventory system
was popularized by Toyota Motor Company in the 1970s. It is an alternative to the more traditional
"just in case" inventory system where manufacturers or retailers carry large amounts of inventory to
ensure always having a sufficient amount of inventory on hand to meet any reasonable increase in
demand or weather any reasonably anticipated supply shortages. In contrast, with the JIT inventory
system, materials or finished goods are procured or scheduled to be replenished only at the point in
time they are actually required, either for production or for retail sales.

Just in Time (JIT) and Quick Response (QR) inventory systems are both designed to improve the
efficiency of inventory management in retail businesses.
JIT is an inventory management approach that aims to reduce inventory costs by only ordering and
receiving goods when they are needed in the production or sales process. This system involves
ordering small quantities of goods and receiving them just in time for production or sale. JIT relies on a
close collaboration between suppliers and retailers to ensure that goods are delivered on time and in
the right quantity. This system can help to reduce inventory costs, minimize waste, and improve cash
flow.
QR, on the other hand, is an inventory management approach that aims to improve responsiveness to
customer demand by quickly replenishing inventory in response to changing demand patterns. QR
relies on real-time data analysis to identify changes in demand and quickly respond by replenishing
inventory. This system involves keeping inventory levels low, but continuously monitoring sales data to
quickly order and receive goods when demand increases. QR can help to improve customer
satisfaction by ensuring that products are always available and can reduce the risk of stockouts and
overstocking.
Both JIT and QR systems require a high level of coordination between retailers and suppliers and rely
on accurate demand forecasting and inventory management. When implemented successfully, these
systems can help to improve efficiency, reduce costs, and improve customer satisfaction.

Advantages of JIT:
● There should be minimal amounts of inventory obsolescence, since the high rate of inventory
turnover keeps any items from remaining in stock and becoming obsolete.
● Since production runs are very short, it is easier to halt production of one product type and switch
to a different product to meet changes in customer demand.
● The very low inventory levels mean that inventory holding costs (such as warehouse space) are
minimized.
● The company is investing far less cash in its inventory, since fewer inventories is needed.
● Fewer inventories can be damaged within the company, since it is not held long enough for
storage-related accidents to arise. Also, having fewer inventories gives materials handlers more
room to maneuver, so they are less likely to run into any inventory and cause damage.
● Production mistakes can be spotted more quickly and corrected, which results in fewer products
being produced that contain defects.
Disadvantages of JIT:
● A supplier that does not deliver goods to the company exactly on time and in the correct amounts
could seriously impact the production process.
● A natural disaster could interfere with the flow of goods to the company from suppliers, which
could halt production almost at once.
● An investment should be made in information technology to link the computer systems of the
company and its suppliers, so that they can coordinate the delivery of parts and materials.
● A company may not be able to immediately meet the requirements of a massive and unexpected
order, since it has few or no stocks of finished goods.
Quick Response Retailing
The gap between demand for consumer goods and their efficient supply is greater now than at any
other time, and is widening as consumers' wants become less predictable, and suppliers struggle to
meet them. Quick Response (QR) is both a management paradigm and a methodology that allows
supply systems to react quickly to changes while improving their performance. QR aims to help
organize a business in the face of problems associated with the vast array of goods and services now
to be found in consumer markets. It is particularly relevant to the Fast Moving Consumer Goods
(FMCG) and Fashion industries. QR works by compressing the time between product or service design
concept and appearance on the retail shelf. It then takes advantage of such recent technologies as
Point of Sale (PoS) tracking and Electronic Data Interchange (EDI) to constantly up-date estimates of
true consumer demand, and then places intelligent re-orders for goods with flexible manufacturers and
their suppliers.
Quick Response (QR) is a version of JIT purchasing tailored for retailing. Most often, keeping a store
filled with merchandise is task of most shoppers, never consider-until the product they want is out of
stock. The frustration that shoppers experience sometimes gives way to thoughts of “How do retailers
buy and stock products anyway?” The process is quite complex, given that a single retailer may
purchase merchandise from thousands of vendors in a global market. The failure to stock merchandise
that matches customer demand can be extremely costly. For example, in the soft goods industry
alone, excess inventories, inadequate information, and related inefficiencies resulted in lost sales of
more than $25 billion in 1994. To reduce the risk of being out of stock, retailers are implementing QR
systems. QR system provides for a flexible response to product ordering and lowers costly inventory
levels. QR retailing focuses on market responsiveness while maintaining low levels of stocks. It creates
a closed loop encompassing the retailer, vendor, and customer chain, and as consumers make
purchases the vendor automatically orders new deliveries from the retailers through its computer
network.

Advantages of QR:
 Increased responsiveness to changes in consumer demand
 Reduced inventory holding costs
 Improved cash flow due to reduced inventory investment
 Improved efficiency and productivity due to reduced inventory handling and storage
Disadvantages of QR:
 High degree of coordination and communication required with suppliers
 Requires real-time data and demand forecasting capabilities
 Greater risk of disruption from unforeseen events such as natural disasters, strikes, or supplier
bankruptcy
 In summary, both JIT and QR systems aim to reduce inventory holding costs and improve supply
chain efficiency. However, they require close coordination with suppliers and real-time data
analytics capabilities. The key difference between the two systems is that JIT focuses on
minimizing inventory levels, while QR focuses on improving supply chain responsiveness.
Overview of Supply Chain Management System:
A supply chain is a network between a company and its suppliers to produce and distribute a specific
product, and the supply chain represents the steps it takes to get the product or service to the
customer.
Supply chain management (SCM) is the active management of supply chain activities to maximize
customer value and achieve a sustainable competitive advantage. It represents a conscious effort by
the supply chain firms to develop and run supply chains in the most effective & efficient ways possible.
Supply chain activities cover everything from product development, sourcing, production, and logistics,
as well as the information systems needed to coordinate these activities.
The concept of Supply Chain Management (SCM) is based on two core ideas:
● The first is that practically every product that reaches an end user represents the cumulative effort
of multiple organizations. These organizations are referred to collectively as the supply chain.
● The second idea is that while supply chains have existed for a long time, most organizations have
only paid attention to what was happening within their “four walls.” Few businesses understood,
much less managed, the entire chain of activities that ultimately delivered products to the final
customer. The result was disjointed and often ineffective supply chains.
Example: Amazon's Supply Chain Management
Amazon is one of the largest e-commerce companies in the world, with a complex supply chain that is
carefully managed to ensure timely delivery and customer satisfaction. Here is how Amazon uses SCM
in its operations:
 Procurement: Amazon sources products from thousands of suppliers around the world, using a
range of procurement methods including online marketplaces and direct relationships with
manufacturers. The company uses sophisticated algorithms and analytics tools to forecast demand
and manage inventory levels.
 Warehousing: Amazon operates a vast network of warehouses and fulfillment centers around the
world, which are strategically located to minimize shipping times and costs. The company uses
advanced automation and robotics technology to manage inventory and fulfill orders quickly and
accurately.
 Transportation: Amazon uses a range of transportation methods, including air, sea, and land, to
move products between warehouses and to customers. The company operates its own logistics
network, which includes a fleet of delivery trucks and planes, as well as partnerships with major
carriers such as UPS and FedEx.
 Customer Service: Amazon places a strong emphasis on customer service and has built its
supply chain around delivering a seamless and convenient shopping experience. The company
offers a range of delivery options, including same-day and two-day shipping, and provides real-
time tracking and updates to customers throughout the delivery process.
By effectively managing its supply chain, Amazon is able to offer customers a wide range of products
at competitive prices, while also ensuring timely and reliable delivery. The company's SCM practices
have been widely praised for their efficiency and innovation, and have helped to establish Amazon as a
leading player in the e-commerce industry.
 Types of Supply Chain:
● Integrated make-to-stock:
The integrated make-to-stock supply chain model focuses on tracking customer demand in real
time, so that the production process can restock the finished goods inventory efficiently. This
integration is often achieved through use of an information system that is fully integrated (an
enterprise system). Through application of such a system, the organization can receive real-time
demand information that can be used to develop and modify production plans and schedules. This
information is also integrated further down the supply chain to the procurement function, so that
the modified production plans and schedules can be supported by input materials.
● Build-to-order model:
Dell Computer is best known for its application of the build-to-order model. In this model the
company begins assembly of the customer’s order almost immediately upon receipt of the order.
This model requires careful management of the component inventories and delivery of needed
supplies along the supply chain. A solution to this potential inventory problem is to utilize many
common components across several production lines and in several locations. One of the primary
benefits of this type of supply chain model is the perception that each customer is receiving a
personalized product. In addition, the customer is receiving it rapidly. This type of supply chain
model supports the concept of mass customization.
● Continuous replenishment:
The idea of the continuous replenishment supply chain model is to constantly replenish the
inventory by working closely with suppliers and/or intermediaries. However, if the replenishment
process involves many shipments, the cost may be too high, causing the supply chain to collapse.
Therefore very tight integration is needed between the order-fulfillment process and the
production process. Real-time information about demand changes is required in order for the
production process to maintain the desired replenishment schedules and levels.
● Channel assembly:
A slight modification to the build-to-order model is the channel assembly supply chain model. In
this model, the parts of the product are gathered and assembled as the product moves through
the distribution channel. This is accomplished through strategic alliances with third-party logistics
(3PL) firms. These services sometimes involve either physical assembly of a product at a 3PL
facility or the collection of finished components for delivery to the customer.
Effective Supply Chain Management (SCM) systems provide the following benefits to optimize the
organization’s performance.
● Improve the customer service by delivering them the right product at the right time and at the
right location, which in turn increases the organization’s sales.
● Enable the companies to bring the products to the market at a quicker rate. Thus, the companies
get their payment sooner than those who lack an efficient supply chain.
● Lower the total supply chain cost, including procuring materials cost, transportation cost, inventor,
carrying cost, etc. The reduction in supply chain cost helps to increase the firm’s profitability.
Functions of Supply Chain Management:
● Aligning flows: As money, materials, and information are passed between customers and
suppliers, supply chain management keeps them flowing up and down a supply chain.
● Integrating functions: Supply chain management connects the activities of logistics, purchasing,
and operations to ensure that they focus on goals that benefit overall performance.
● Coordinating processes: Supply chain management increases profitability by aligning the
processes used to plan, source, make, deliver, and (when necessary) return a company’s products
and services.
● Designing complex systems: Simulation tools can predict how a supply chain will behave and
show how small changes can cause major disruptions in the flow of materials.
● Managing resources: Supply chain managers are responsible for using people, processes, and
technology to meet the needs of customers.
● Supply Management: The goal is to reduce the number of suppliers and get them to become
partners in business in a win /win relationship. The benefits are seen in reduced purchased order
processing costs; increased numbers of POS processed by fewer employees, and reduced order
processing cycle times.
● Inventory Management: The goal is to shorten the order- ship-bill cycle. When a majority of
partners are electronically linked, information faxed or mailed in the past can now be sent
instantly. Documents can be tracked to ensure they were received, thus improving auditing
capabilities. The inventory management solution should enable the reduction of inventory levels,
improve inventory turns, and eliminate out-of-stock occurrences.
● Distribution Management: The goal is to make documents related to shipping (bills of lading,
purchase orders, advanced ship notices, manifest claims). Paperwork that typically took days to
cycle in the past can now be sent in moments and contain more accurate data, thus allowing
improved resources planning.
● Channel Management: The goal is to quickly disseminate information about changing
operational conditions to trading partners. In other words, technical, product, and pricing
information that once required repeated telephones calls and countless labor hours to provide can
now be posted to electronic bulletin boards, thus allowing instant access. Thus electronically
linking production with their international distributor and reseller networks eliminates thousands of
labor hours per weeks in the process.
● Payment Management: The goal is to link the company and the suppliers and distributors so
that payments can be sent and received electronically. Thus this process increases the speed at
which companies can compute invoices, reducing clerical errors and lowering transaction fees and
costs while increasing the number of invoices processed.
● Financial Management: The goal is to enable global companies to manage their money in
various foreign exchange accounts. Companies must work with financial institutions to boost their
ability to deal on a global basis. They need to assess their risk and exposure in global financial
markets and deal with global information as opposed to local market information.
Limitations of E-commerce
1. Security concerns: One of the biggest limitations of e-commerce is the risk of security breaches
and cyber-attacks. Customers are often hesitant to provide personal and financial information online,
and there have been many high-profile data breaches that have affected millions of customers. For
example, in 2017, credit reporting agency Equifax suffered a data breach that exposed the personal
information of 143 million people.
2. Infrastructure limitations: E-commerce relies heavily on technology infrastructure, including
reliable internet connectivity, servers, and payment processing systems. In some areas, these
infrastructure components may not be fully developed or reliable, which can limit the growth and
effectiveness of e-commerce. For example, in some rural areas, internet connectivity may be slow or
unreliable, making it difficult for customers to access online stores or make purchases.
3. Lack of personal interaction: E-commerce transactions are often impersonal, with no face-to-
face interaction between customers and salespeople. This can limit the ability of businesses to build
strong relationships with customers, provide personalized service, and understand their needs and
preferences. For example, a customer may prefer to try on clothes in a physical store, where they can
get personalized recommendations from a salesperson, rather than buying online.
4. Limited sensory experience: E-commerce transactions typically rely on visual and textual
information to convey product details and features, which can be limiting for some products. For
example, a customer may be hesitant to purchase a fragrance or a food item online, as they cannot
smell or taste the product before buying.
5. Delivery and logistics limitations: E-commerce relies heavily on efficient and reliable delivery
and logistics systems to get products to customers quickly and efficiently. However, there may be
logistical challenges, such as shipping delays, transportation disruptions, or customs issues, which can
limit the effectiveness of e-commerce. For example, a customer may be hesitant to order a product
from an overseas supplier, as it may take longer to arrive and be subject to customs fees and taxes.
OR
1. Security: One of the main limitations of E-Commerce is security. In most cases, people are hesitant
to provide their personal and financial details in spite of advanced data encryption security systems in
place. Moreover, there are some websites that do not have the capability and features installed to
authenticate transactions. As such, there are instances of fraudulent activities. The fear of providing
financial information like credit card details hinders the growth of E-Commerce.
2. Lack of Privacy: To some extent, the privacy of a customer is compromised in E-Commerce. You
need to provide your personal details, such as an address, telephone number, and so on to the seller.
There are still lots of sites that do not have the advanced technology to protect sensitive information.
Moreover, there are also sites that illegally collect consumer statistics without permission. This is one
reason why people get skeptical while using E-Commerce.
3. Tax Issue: In the case of different geographical locations, sales tax becomes an issue. Many a time
sellers have faced problems in the computation of sales tax. Moreover, physical stores have a risk of
losing business if online transactions are exempted from taxation.
4. Fear: In spite of the popularity, there still resides an element of doubt in the mind of people when it
comes to online shopping. This is because the customer cannot physically examine the product and is
not sure about the features and attributes. This is why a lot of people prefer shopping from physical
stores.
5. Product Suitability: As already mentioned, it is not possible for people to physically examine the
product in E-Commerce. In many cases, the original product may not match the picture or
specifications in the E-Commerce site. This absence of ‘touch and feel’ creates a discouraging effect.
6. Cultural Obstacles: As the process of E-Commerce encompasses customers across the globe, the
habits, traditions, and culture differ. There may also be linguistic problems and all these may lead to
issues between the seller and buyer.
7. High Labor Cost: In order to get the whole E-Commerce and delivery process right, a specialized
workforce is required. To get all these in the right shape, companies have to shed a good amount of
money and employ a talented pool of people.
8. Legal Issues: A lot of legal compliances and cyber laws need to be taken care of in an E-
Commerce business. These regulations may vary from country to country. All these reasons deter
businesses from going electronic.
9. Technical Limitations: E-Commerce requires advanced technology platforms for better
performance. Some limitations, such as lack of proper domain, network and software issues, and so on
can affect the seamless performance of an E-Commerce site.
10. Huge Technological Cost: Last but not the least; a lot of money needs to be invested to be built
up the technical infrastructure needed to run an E-Commerce business. Moreover, they need to be
upgraded based to keep abreast with the changing technology.
11. Delivery Guarantee: Many people fear that their product might not be shipped or the website
might be a fraud. Businesses need to work to build customer trust with reviews, testimonials, etc. to
add more value to their website.
In order to minimize these limitations, an E-Commerce business should have a proper business plan
and implement them with proper strategies.
Goal of E-Commerce
The primary goal of e-commerce is to facilitate the buying and selling of goods and services through
electronic means, such as the internet, mobile devices, and other digital channels. Here is an example
of how e-commerce can achieve this goal:
Example: Shopify's E-Commerce Platform
Shopify is an e-commerce platform that helps businesses of all sizes sell their products and services
online. The company's goal is to provide a comprehensive set of tools and services that enable
businesses to set up and manage their online stores quickly and easily.
Here are some ways in which Shopify achieves this goal:
 Easy to use: Shopify's platform is designed to be easy to use, even for businesses with no prior
e-commerce experience. The platform offers a range of pre-built templates and themes, as well
as drag-and-drop website builders, to help businesses create their online stores quickly and
easily.
 Flexible payment options: Shopify provides a range of payment options for businesses to
accept payments from customers, including credit cards, PayPal, and other digital payment
methods. The platform also offers tools for managing and tracking payments and processing
refunds.
 Marketing and analytics tools: Shopify provides a range of marketing and analytics tools to
help businesses promote their products and track sales performance. The platform includes
built-in SEO optimization tools, social media integrations, and email marketing features to help
businesses reach new customers and drive sales.
 Order fulfillment and shipping: Shopify offers tools for managing inventory levels,
processing orders, and shipping products to customers. The platform integrates with major
shipping carriers, such as UPS and FedEx, to provide businesses with discounted shipping rates
and real-time tracking information for their shipments.
By providing a comprehensive set of tools and services for businesses to sell their products and
services online, Shopify helps to achieve the goal of e-commerce: facilitating the buying and selling of
goods and services through electronic means.
Characteristic of E-Commerce
There are several characteristics of e-commerce that distinguish it from traditional commerce. Here
are some examples of the key characteristics of e-commerce:
 Global reach: E-commerce allows businesses to reach customers from all over the world,
breaking down geographic barriers. For example, Amazon, one of the world's largest e-
commerce companies, sells products to customers in over 200 countries.
 Convenience: E-commerce provides customers with the convenience of shopping from
anywhere and at any time, without having to visit a physical store. For example, online grocery
store Instacart allows customers to shop for groceries from their mobile devices and have them
delivered to their doorstep.
 Personalization: E-commerce allows businesses to personalize their offerings to individual
customers based on their shopping behavior and preferences. For example, online retailer ASOS
uses data analytics to recommend clothing items to customers based on their past purchases
and browsing history.
 Real-time transactions: E-commerce enables real-time transactions, allowing customers to
make purchases and receive products or services instantly. For example, online payment
platform PayPal allows customers to send and receive money instantly from their mobile
devices.
 Lower costs: E-commerce often has lower costs than traditional commerce, as there are fewer
overheads such as rent and salaries for staff. For example, online fashion retailer Fashion Nova
can offer lower prices on clothing than brick-and-mortar stores because it does not have the
same overhead costs.
 Data collection: E-commerce enables businesses to collect vast amounts of data on customer
behavior and preferences, allowing them to optimize their offerings and marketing strategies.
For example, online retailer Amazon collects data on customer browsing and purchasing
behavior to recommend products and optimize its product listings.
These characteristics of e-commerce provide significant benefits to both businesses and consumers,
making it an increasingly important part of the global economy.
CHAPTER 2 - INTERNETWORKING AND E-COMMERCE
Internetworking plays a vital role in e-commerce, as it allows businesses to connect with customers
and partners across different networks and devices. Here are some ways in which internetworking
enables e-commerce:
Internet connectivity: The internet is the backbone of e-commerce, enabling businesses to reach
customers and partners across the world. Internetworking technologies such as routers, switches, and
firewalls ensure reliable and secure internet connectivity for e-commerce transactions.
Mobile connectivity: Mobile devices are becoming increasingly important for e-commerce, with a
growing number of customers using smartphones and tablets to shop online. Internetworking
technologies such as mobile networks, Wi-Fi, and Bluetooth ensure seamless connectivity for mobile e-
commerce transactions.
Cloud computing: Cloud computing provides businesses with the ability to store and process large
amounts of data, enabling them to offer scalable and flexible e-commerce solutions. Internetworking
technologies such as virtual private networks (VPNs) and cloud storage services ensure secure and
reliable access to cloud-based e-commerce applications and data.
Social media integration: Social media has become an important channel for e-commerce, with
businesses using platforms such as Facebook, Instagram, and Twitter to reach customers and promote
their products. Internetworking technologies such as APIs (Application Programming Interfaces) and
web services enable businesses to integrate their e-commerce platforms with social media platforms,
allowing them to reach customers where they are most active.
Supply chain management: E-commerce requires seamless coordination and collaboration across
the supply chain, from manufacturers to suppliers to logistics providers. Internetworking technologies
such as EDI (Electronic Data Interchange) and RFID (Radio Frequency Identification) ensure real-time
and accurate communication and tracking of e-commerce transactions and shipments.
In summary, internetworking is critical for e-commerce, as it enables businesses to connect with
customers, partners, and systems across different networks and devices, ensuring seamless and
secure e-commerce transactions.
Overview of Internet Infrastructure:
Internet infrastructure is made up of hardware and software that transmits and receives information
from a variety of different systems and networks. There are many components involved in internet
infrastructure, including networks, servers, data centers, storage devices, and more. In some areas of
the globe, the hardware components of the internet infrastructure may be localized. However, the
network infrastructure crosses the entire globe. This means that the internet is accessible in any
location where local hardware is available to tap into it.

Data Center: Internet infrastructure is housed in a data center. A data center is a specialized building
that is used to store and run computer equipment and the connectivity devices used with computers in
order to provide access to the internet. A data center is a secure, carefully controlled environment. The
climate must be carefully controlled in order to protect the sensitive equipment.

The power supply is carefully controlled in order to prevent fires as well as power outages. A team of
operators is always on hand to run a data center. Within a data center, there is a network of storage
devices and processors. The purpose of the network is to transfer data between processors inside the
data center as well as transferring data to other data centers. The data must successfully reach the
end user.

Servers: Servers are another important component of internet infrastructure. A server looks like a PC,
but it is much more powerful; it has significantly more storage space and more processing capabilities
than a typical PC. A server’s capabilities are measured in terms of processing power as well as storage
space, or RAM. A server might consist of one computer or a whole group of computers that work
together.

Storage Device: Another component of internet infrastructure is a storage device. Data must be
stored somewhere in order to be accessed by the end user. The capacity of a storage device is
measured in gigabytes (GB) or terabytes (TB). Data can be stored locally – on a hard drive – or
remotely – on a cloud.

Software: The final component of internet infrastructure is software. The operating software is what
allows us to use the data that is stored. A server must have an operating system and a database in
order to function. Then, web applications can be added.
Internet: A network of networks

WWW-World Wide Web: All of these components work together to build the internet infrastructure.
With these tools, users all over the world can access the vast array of information that is available on
the internet.

IP Suit
The Internet Protocol Suite, also known as the TCP/IP (Transmission Control Protocol/Internet Protocol)
protocol suite, is a set of communication protocols that are used to connect devices to the Internet and
to transmit data across the network.
The TCP/IP protocol suite consists of four layers, each of which plays a specific role in data
transmission:
Application Layer: This layer provides services to applications that need to exchange data over the
network. Examples of protocols that operate at this layer include HTTP (Hypertext Transfer Protocol),
SMTP (Simple Mail Transfer Protocol), and FTP (File Transfer Protocol).
Transport Layer: This layer provides end-to-end communication services between applications on
different devices. The two main protocols that operate at this layer are TCP and UDP (User Datagram
Protocol). TCP provides reliable, ordered delivery of data, while UDP is faster but less reliable.
Internet Layer: This layer is responsible for transmitting data across networks. The Internet Protocol
(IP) is the primary protocol that operates at this layer.
Link Layer: This layer defines the physical and logical structure of the network, and includes protocols
for controlling access to the network and for transmitting data over the physical medium. Examples of
protocols that operate at this layer include Ethernet, Wi-Fi, and DSL.
Together, the TCP/IP protocol suite enables devices to communicate with each other and to transmit
data over the Internet. The suite is constantly evolving to meet the changing needs of the network and
the devices that use it.
Domain Name Service:
The domain name system (DNS) is the way that internet domain names are located and translated into
internet protocol (IP) addresses. The domain name system maps the name people use to locate a
website to the IP address that a computer uses to locate a website.
Following are the three categories of Name Servers that manages the entire Domain Name System:
● Root Server is the top level server which consists of the entire DNS tree. It does not contain the
information about domains but delegates the authority to the other server
● Primary Server stores a file about its zone. It has authority to create, maintain, and update the
zone file.
● Secondary Server transfers complete information about a zone from another server which may
be primary or secondary server. The secondary server does not have authority to create or update
a zone file.
DNS translates the domain name into IP address automatically. Following steps will take you through
the steps included in domain resolution process:
● When we type www.tutorialspoint.com into the browser, it asks the local DNS Server for its IP
address.
Here the local DNS is at ISP end.
● When the local DNS does not find the IP address of requested domain name, it forwards the
request to the root DNS server and again enquires about IP address of it.
● The root DNS server replies with delegation that I do not know the IP address of
www.tutorialspoint.com but know the IP address of DNS Server.
● The local DNS server then asks the com DNS Server the same question.
● The com DNS Server replies the same that it does not know the IP address of
www.tutorialspont.com but knows the address of tutorialspoint.com.
● Then the local DNS asks the tutorialspoint.com DNS server the same question.
● Then tutorialspoint.com DNS server replies with IP address of www.tutorialspoint.com.
● Now, the local DNS sends the IP address of www.tutorialspoint.com to the computer that sends the
request.

For example: when a customer wants to purchase a product on an e-commerce website, they can
simply type the domain name into their web browser, such as "www.amazon.com." The DNS resolver
then looks up the IP address associated with that domain name and returns it to the customer's
device. With the IP address, the customer's web browser can establish a connection to the e-
commerce website's server and complete the transaction. Without DNS, customers would need to
know the IP address of the e-commerce website's server in order to access it, which would make online
shopping much more difficult and time-consuming.
ISP and Connectivity Options:
Internet Service Providers (ISPs) and connectivity options are essential components of e-commerce.
They provide the necessary infrastructure and connectivity to enable buyers and sellers to transact
online. Here is a detailed explanation of how ISPs and connectivity options work in e-commerce, along
with some examples:
Internet Service Providers: ISPs provide the necessary infrastructure to connect buyers and sellers
to the Internet. There are various types of ISPs, including broadband providers, wireless carriers, and
satellite providers. These ISPs provide different types of connectivity options, including cable, DSL,
fiber, and wireless.
Example: A buyer in a rural area may have limited options for ISPs and may need to rely on satellite
Internet for connectivity. This type of connectivity may be slower and more expensive than other types
of connectivity but still enables the buyer to access e-commerce websites.
ISPs can broadly be classified into six categories as shown in the following diagram:
● Access Provider: They provide access to internet through telephone lines, cable Wi-Fi or fiber
optics.
● Mail Box Provider: Such providers offer mailbox hosting services.
● Hosting ISPs: Hosting ISPs offers e-mail, and other web hosting services such as virtual
machines, clouds etc.
● Virtual ISPs: Such ISPs offer internet access via other ISP services.
● Free ISPs: Free ISPs do not charge for internet services.
Connection Types:
There exist several ways to connect to the internet. Following are these connection types available:
 Dial-up Connection
 ISDN
 DSL
 Cable TV Internet connections
 Satellite Internet connections
 Wireless Internet Connections
Dial-up Connection:
Dial-up connection uses telephone line to connect PC to the internet. It requires a modem to setup
dial-up connection. This modem works as an interface between PC and the telephone line. There is also
a communication program that instructs the modem to make a call to specific number provided by an
ISP.
Dial-up connection uses either of the following protocols:
● Serial Line Internet Protocol (SLIP)
● Point to Point Protocol (PPP)
The following diagram shows the accessing internet using modem:

ISDN:
ISDN is acronym of Integrated Services Digital Network. It establishes the connection using the
phone lines which carry digital signals instead of analog signals.
There are two techniques to deliver ISDN services:
● Basic Rate Interface (BRI)
● Primary Rate Interface (PRI) Key points:
● The BRI ISDN consists of three distinct channels on a single ISDN line: t1o 64kbps B (Bearer)
channel and one 16kbps D (Delta or Data) channels.
● The PRI ISDN consists of 23 B channels and one D channels with both have operating capacity of
64kbps individually making a total transmission rate of 1.54Mbps.
The following diagram shows accessing internet using ISDN connection:

DSL:
DSL is acronym of Digital Subscriber Line. It is a form of broadband connection as it provides
connection over ordinary telephone lines.
Following are the several versions of DSL technique available today:
● Asymmetric DSL (ADSL)
● Symmetric DSL (SDSL)
● High bit-rate DSL (HDSL)
● Rate adaptive DSL (RDSL)
● Very high bit-rate DSL (VDSL)
● ISDN DSL (IDSL)
All of the above mentioned technologies differ in their upload and download speed, bit transfer
rate and level of service.
 The following diagram shows that how we can connect to internet using DSL technology:
Cable TV Internet Connection:
Cable TV Internet connection is provided through Cable TV lines. It uses coaxial cable which is capable
of transferring data at much higher speed than common telephone line.
Key Points:
● A cable modem is used to access this service, provided by the cable operator.
● The Cable modem comprises of two connections: one for internet service and other for Cable TV
signals.
● Since Cable TV internet connections share a set amount of bandwidth with a group of customers,
therefore, data transfer rate also depends on number of customers using the internet at the same
time.
The following diagram shows that how internet is accessed using Cable TV connection:

Satellite Internet Connection:

Satellite Internet connection offers high speed connection to the internet. There are two types of
satellite internet connection: one way connection or two way connection.
In one way connection, we can only download data but if we want to upload, we need a dialup access
through ISP over telephone line.
In two way connection, we can download and upload the data by the satellite. It does not require any
dialup connection.
The following diagram shows how internet is accessed using satellite internet connection:
Wireless Internet Connection:
Wireless Internet Connection makes use of radio frequency bands to connect to the internet and offers
a very high speed. The wireless internet connection can be obtained by either Wi-Fi or Bluetooth.
Key Points:
● Wi-Fi wireless technology is based on IEEE 802.11 standards which allow the electronic device to
connect to the internet.
● Bluetooth wireless technology makes use of short-wavelength radio waves and helps to create
personal area network (PAN).
In summary
Internet Service Providers (ISPs) provide internet access to individuals, businesses, and other
organizations. In e-commerce, ISPs play a crucial role in providing the necessary infrastructure and
connectivity for buyers and sellers to transact online. Here are some of the types of ISPs that are
commonly used in e-commerce, along with examples:
Broadband Providers: Broadband providers offer high-speed internet connectivity through various
technologies such as cable, DSL, and fiber. These providers offer faster and more reliable connectivity
options, making them ideal for e-commerce transactions.
Example: Comcast, AT&T, and Verizon are some of the most prominent broadband providers in the
United States, providing high-speed connectivity options for individuals and businesses.
Wireless Carriers: Wireless carriers provide mobile connectivity through cellular networks. This type
of connectivity is essential for buyers who need to access e-commerce websites on the go, using their
smartphones or tablets.
Example: AT&T, Verizon, and T-Mobile are some of the most prominent wireless carriers in the United
States, providing mobile connectivity options for individuals and businesses.
Satellite Providers: Satellite providers offer internet connectivity through satellite technology. This
type of connectivity is often used in areas where wired or wireless connectivity options are limited.
Example: HughesNet is a prominent satellite provider in the United States, offering internet
connectivity options to individuals and businesses in rural and remote areas.
Dial-Up Providers: Dial-up providers offer internet connectivity through telephone lines. This type of
connectivity is slow and less reliable compared to other options but may be the only option available in
some areas.
Example: NetZero and EarthLink are some of the prominent dial-up providers in the United States,
providing internet connectivity options to individuals in areas where other connectivity options are
limited.
Municipal Providers: Municipal providers offer internet connectivity services through local
government bodies. These providers are often created to offer low-cost and reliable connectivity
options to residents of a particular locality.
Example: EPB Fiber Optics is a municipal provider in Chattanooga, Tennessee, offering high-speed fiber
connectivity options to residents of the city.
In conclusion, ISPs are essential components of e-commerce, providing the necessary infrastructure
and connectivity for buyers and sellers to transact online. Buyers and sellers can choose from a range
of ISPs depending on their needs, location, and budget. By providing reliable and fast connectivity
options, ISPs enable e-commerce businesses to thrive and buyers to access the products and services
they need quickly and efficiently.
Firewall and Network Security:
 In computing, a firewall is software or firmware that enforces a set of rules about what data
packets will be allowed to enter or leave a network. Firewalls are incorporated into a wide
variety of networked devices to filter traffic and lower the risk that malicious packets travelling
over the public internet can impact the security of a private network. Firewalls may also be
purchased as stand-alone software applications.
 The term firewall is a metaphor that compares a type of physical barrier that's put in place to
limit the damage a fire can cause, with a virtual barrier that's put in place to limit damage from
an external or internal cyber-attack. When located at the perimeter of a network, firewalls
provide low-level network protection, as well as important logging and auditing functions.

Types of firewalls:
Packet Filtering Firewall: Packet filtering firewall is the most basic type of firewall that filters traffic
based on source and destination IP addresses, protocols, and ports. It checks each incoming or
outgoing packet and compares it with a set of predefined rules to determine whether to allow or block
it.

Stateful Firewall: Stateful firewall is an advanced type of firewall that inspects each packet's
contents and context to make more informed decisions about allowing or blocking traffic. It keeps
track of each connection's state and only allows packets that belong to an established connection,
making it more effective in preventing attacks.

Application Firewall: Application firewall is a type of firewall that inspects traffic at the application
layer and prevents attacks specific to web applications. It analyzes the contents of HTTP/HTTPS traffic
and can block malicious requests and payloads that attempt to exploit vulnerabilities.

Intrusion Detection/Prevention System (IDS/IPS): IDS/IPS is a network security measure that

monitors network traffic for suspicious behavior and potential threats. It can identify and alert
administrators to potential threats and can also take action to prevent attacks.

Virtual Private Network (VPN): VPN is a secure network connection that allows remote users to
access a private network over the internet. It provides encryption and authentication to protect data in
transit and prevent unauthorized access to sensitive information.

Types of Network Security:

Network security is any activity designed to protect the usability and integrity of your network and
data. It includes both hardware and software technologies. Effective network security manages access
to the network. It targets a variety of threats and stops them from entering or spreading on your
network. Network security consists of:
● Protection: You should configure your systems and networks as correctly as possible
● Detection: You must be able to identify when the configuration has changed or when some
network traffic indicates a problem
● Reaction: After identifying problems quickly, you must respond to them and return to a safe state
as rapidly as possible
Network security combines multiple layers of defenses at the edge and in the network. Each network
security layer implements policies and controls. Authorized users gain access to network resources,
but malicious actors is blocked from carrying out exploits and threats.
Types of Network Security:
● Encryption: Encryption is the process of converting plain text into a secret code to prevent
unauthorized access to data. In e-commerce, encryption is used to protect sensitive information
such as credit card details, passwords, and personal information.
Example: SSL/TLS encryption is commonly used in e-commerce to protect sensitive information
during transmission. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are
cryptographic protocols that establish secure communication between a client and a server.
● Access control: You should be able to block unauthorized users and devices from accessing your
network. Users that are permitted network access should only be able to work with the limited set
of resources for which they've been authorized.
● Anti-malware: Viruses, worms, and Trojans by definition attempt to spread across a network, and
can lurk dormant on infected machines for days or weeks. Your security effort should do its best to
prevent initial infection and also root out malware that does make its way onto your network.
● Application security: Insecure applications are often the vectors by which attackers get access
to your network. You need to employ hardware, software, and security processes to lock those
apps down.
● Behavioral analytics: You should know what normal network behavior looks like so that you can
spot anomalies or breaches as they happen.
● Data loss prevention: Human beings are inevitably the weakest security link. You need to
implement technologies and processes to ensure that staffers don't deliberately or inadvertently
send sensitive data outside the network.
● Email security: Phishing is one of the most common ways attackers gain access to a network.
Email security tools can block both incoming attacks and outbound messages with sensitive data.
● Firewalls: Perhaps the granddaddy of the network security world, they follow the rules you define
to permit or deny traffic at the border between your network and the internet, establishing a
barrier between your trusted zone and the Wild West outside. They don't preclude the need for a
defense-in-depth strategy, but they're still a must-have.
● Intrusion detection and prevention: These systems scan network traffic to identify and block
attacks, often by correlating network activity signatures with databases of known attack
techniques.
● Mobile device and wireless security: Wireless devices have all the potential security flaws of
any other networked gadget — but also can connect to just about any wireless network anywhere,
requiring extra scrutiny.
● Network segmentation: Software-defined segmentation puts network traffic into different
classifications and makes enforcing security policies easier.
● Security information and event management (SIEM): These products aim to automatically
pull together information from a variety of network tools to provide data you need to identify and
respond to threats.
● VPN: A tool (typically based on IPsec or SSL) that authenticates the communication between a
device and a secure network, creating a secure, encrypted "tunnel" across the open internet.
● Web security: You need to be able to control internal staff's web use in order to block web-based
threats from using browsers as a vector to infect your network.
What is computer crime?
 Computer crime, also known as cybercrime, refers to criminal activities that are carried out
using computers or computer networks. It involves the use of technology to commit illegal acts,
target computer systems, or exploit vulnerabilities for personal gain, financial benefit, or
malicious intent.
Examples of computer crimes
 Child pornography: Child pornography is an example of computer crimes, which is a form of
child sexual exploitation.
 Cracking: Another example of computer crime is cracking, in which the cracker decodes or
breaks the codes that are designed to protect data. A cracker is an individual who uses a script
or program to decipher codes or breakdown security systems for illegal activities. The program
or script, which is used to break the security, is known as crack.
 Copyright violation: If anyone steals another person's copyrighted data, it is also a type of
computer crime.
 Cyber terrorism: In this category, the attacks come, like blackmailing, hacking, threats
towards a person or business to gain unauthorized access to perform illegal activities.
 Cyberbully or Cyberstalking: Cyberstalking is a kind of attack in which anyone harasses or
stalks other persons online by posting inappropriate or unwanted things about them.
 Creating Malware: Malware is malicious software that is installed on your computer without
your consent as it uses deceptive and unethical tactics. It is designed to watch browsing habits,
delete software, or even open someone's computer to attack. For case, sometimes you
mistakenly run software on your computer when you are visiting a website and get an
unrequested download.
 Denial of Service attack: A DoS attack, which stands for denial of service attack, is a kind of
computer crime in which an attacker sends an abnormally high number of requests to the victim
that is led to the network slow down or fails. These requests cannot be served as normal
requests.
 Fraud: Fraud is the use of computers, internet services, or devices to manipulating data or
defraud people or organizations; for example, to participate in credit card fraud or to transfer
money to an account, changing banking records. Examples of illegal computer activities include:
social engineering, DDoS, viruses, and phishing attacks are used to gain unauthorized access to
another fund.
 Harvesting: A harvester is software, also known as a web harvester, that is designed to gather
account or account-related information of others, or it is also used to parse large amounts of
data. For instance, large numbers of web pages may be processed by a web harvester to take
out names, phone numbers, email addresses, account names from the website.
 Human trafficking: It is one of the serious crimes, which is an act of participating in buying or
selling other humans. Basically, it graves a violation of human rights. There are thousands of
men, women, and children who become a victim of traffickers. Approximately all countries in the
world become a victim of attackers.
 Identity theft: Identity theft is an act to be a person you are not that one. In this category,
attackers try to gain information illegally about someone else. Attackers or thieves can try to
information such as phone number, credit card numbers, full name, maiden name, social
security number, passwords, etc.
 Phishing or vishing: It is a term that is used to deceive individuals or groups to obtain secret
information about that person. For that, they create web pages designed to gather personal
information like a credit card, online bank, password, or other private information. They also do
so with the help of sending emails.
 Scam: A scam is a term that is used to trick people into believing something, which is not
actually true. For example, people start a fraud scheme or business through which they gain
money from an unsuspecting person. Online scams have increased because the world is more
connected to the network. And, it depends on you to keep careful yourself from these kinds of
online scams
 Software piracy: Generally, it describes illegally copying, distributing, or using software
without ownership or legal rights. Today, most of the software may have installed on one
computer to use as it is purchased as a single-user license. If you share that software with
anyone or copy it on multiple computer devices without purchasing multiple licenses, it is illegal
and comes under software piracy.
 Spamming: Spam is an e-mail distributed process that is used to promote a specific product or
a scam to obtain other people's money by sending unsolicited e-mail to thousands and
sometimes millions of people without their consent. It describes junk e-mail on the Internet that
is also known as UCE (unsolicited commercial e-mail), mass e-mail marketing, and bulk e-mail.
 Spoofing: Generally, the term spoof describes hacking or deception that means to deceive a
system by imitating another person, computer, hardware device. You do that bypassing security
measures. IP spoofing is one of the well-known spoofing's.
CHAPTER 3 - WEB TECHNOLOGIES
Website: A website is the medium through which viewers can access information or purchase
products over the Internet. Having a website enables a business to reach a wider market, or
prospective client base. In today’s world, a website is undeniably essential in order to succeed in most
industries. The competition and nature of the corporate world makes it crucial for any business to
enhance its presence on a global basis. In this regard, website design is one of the most important
things that you need to consider if you want to develop a website.
 Importance of Website Design

Website design is an essential element of creating a successful online presence for a business or
individual. Here are some reasons why website design is important:

1. First Impressions: A well-designed website can create a positive first impression and make
visitors more likely to engage with the content. It can also convey the professionalism and
credibility of the business or individual.
2. User Experience: The design of a website can greatly impact user experience, making it easier or
more difficult for visitors to find the information they need or navigate the site. A good design will
prioritize usability, making it simple and intuitive for visitors to interact with the site.
3. Branding: Website design is an opportunity to convey a business or individual's brand and values
through visual elements such as color schemes, typography, and graphics. A consistent and
cohesive design can help to reinforce the brand identity.
4. Search Engine Optimization: A well-designed website can also have an impact on search engine
optimization (SEO), which is the process of improving the visibility of a website in search engine
results pages. Search engines consider factors such as site structure, mobile responsiveness, and
load speed when ranking websites, so a well-designed site can help to improve SEO.
5. Competitive Advantage: In a crowded online marketplace, a well-designed website can give a
business or individual a competitive advantage. A visually appealing and user-friendly site can help
to stand out from the competition and attract more visitors.

Overall, website design is a crucial element in creating a successful online presence. A well-designed
site can help to create a positive first impression, improve user experience, reinforce branding,
improve SEO, and provide a competitive advantage.

Some other benefits of having a business website

● Cost Effective: A strategically developed website and online presence solution provides
tremendous benefits and costing outlines.
● Accessible around the clock: Website and social media accounts are accessible 24/7/365. Since
website is operational around the clock, from the convenience of the local coffee shop, their couch
or their bed, customers and clients can easily access your website and services.
● Convenient: What is more convenient: driving outside to look for different stores that are
available to shop in, or sitting in the comfort of your own home and shopping for the products
you’re looking for? Pretty obvious answer, unless you like aimlessly driving around. Smart
businesses realize this and thus have their own website housing their products and services so
that potential customers can browse online for the products they want to purchase.
● Credibility: By building a website you are giving your business the opportunity to tell consumers
why they should trust you and the testimonials and facts to back up those opportunities. When you
provide good service or product, positive word-of-mouth about your business is likely to spread.
Which in turn, delivers more repeat and new business? People tend to trust a business after they
have done business with it.
● Sales: By having an online presence you allow for the sale of your products or services around the
clock to whoever whenever with no or hardly any limitations; unless you run out of stock. Being
visible worldwide means you are very likely to gain more customers. The more customers and
visitors you have, the more sales you will generate.
● Marketing: Having a website and online presence strategy allows you to market your business
online. There are lots of marketing strategies you can use to advertise and market your business.
All online marketing strategies have been proven to be effective. Which ones you choose depends
on the type of business you are in.

Dynamic Web Pages

Web Page: Web page is a document available on World Wide Web. Web Pages are stored on web
server and can be viewed using a web browser. A web page can contain huge information including
text, graphics, audio, video and hyperlinks. These hyperlinks are the link to other web pages.

Collection of linked web pages on a web server is known as website. There is unique Uniform Resource
Locator (URL) is associated with each web page.

1. Static Web page - Static web pages are also known as flat or stationary web page. They are
loaded on the client’s browser as exactly they are stored on the web server. Such web pages contain
only static information. User can only read the information but can’t do any modification or interact
with the information.

Static web pages are created using only HTML. Static web pages are only used when the information is
no more required to be modified.

A static web page is a type of web page that displays the same content to all visitors and does not
change in response to user interactions. These pages are created using HTML and CSS and are usually
stored on a web server.

Here are some characteristics of a static web page:

 Fixed content: A static web page contains fixed content that does not change over time. This
means that all visitors see the same content, regardless of their location or actions.
 No server-side processing: Static web pages do not require server-side processing or dynamic
content generation. All content is pre-written and stored on the web server.
 Low complexity: Static web pages are relatively simple and require only basic HTML and CSS
knowledge. They do not require server-side scripting or database connectivity.

Example: A good example of a static web page is a brochure website that provides information about
a company, its products, or services. The page typically includes basic information, such as contact
details, about the company, and may include a few images or graphics.

Here are some characteristics of a static brochure website:

 Fixed content: The content of the website remains the same regardless of the user's location or
actions.
 Minimal interactivity: Brochure websites are designed to provide information to visitors, rather
than encouraging user interactions.
 Simple layout: The website has a simple layout with minimal graphics or animation.
 No server-side processing: Brochure websites are created using basic HTML and CSS, and do
not require server-side scripting or database connectivity.

Overall, static web pages are a useful and straightforward way to display fixed content and provide
information to visitors. They are easy to create and do not require advanced programming skills,
making them a popular choice for small businesses or individuals who want a simple online presence.
2. Dynamic Web page - Dynamic web page shows different information at different point of time. It
is possible to change a portion of a web page without loading the entire web page. It has been made
possible using Ajax technology.

Server-side dynamic web page - It is created by using server-side scripting. There are server-side
scripting parameters that determine how to assemble a new web page which also includes setting up
of more client-side processing.

Client-side dynamic web page - It is processed using client side scripting such as JavaScript. And
then passed in to Document Object Model (DOM).

Dynamic web pages are web pages that are created on the fly, in response to user interactions or data
from a database. They are different from static web pages, which are pre-designed and do not change
unless manually updated. Dynamic web pages are created using server-side scripting languages such
as PHP, ASP, and JSP, which allow for the generation of content based on user input or database
queries. Here's an example of a dynamic web page:

Consider a website that sells books online. When a user searches for a book on the website, the server-
side scripting language retrieves the relevant information from a database, generates the HTML, and
sends it to the user's browser. The generated HTML contains information such as the book title, author,
publisher, price, and availability. The user can then add the book to their cart or continue browsing.

The same website can also display recommendations based on the user's search history or purchase
history. The server-side scripting language can use algorithms to analyze the user's browsing and
purchasing behavior, and generate personalized recommendations based on that data.

Another example of a dynamic web page is a social media site. When a user logs into their account,
the server-side scripting language retrieves their profile information and generates the HTML for their
news feed. The news feed contains posts from the user's friends and pages they follow, as well as
advertisements that are relevant to the user's interests. As the user interacts with the site, such as
liking a post or commenting on a photo, the server-side scripting language updates the HTML in real-
time to reflect those actions.

In conclusion, dynamic web pages allow for the creation of personalized and interactive experiences
for users. They are generated on the fly, in response to user input or data from a database, and can be
used in a variety of applications such as e-commerce, social media, and online forums. Server-side
scripting languages such as PHP, ASP, and JSP are commonly used to create dynamic web pages.

Properties of good E-commerce Sites:

There are any numbers of factors that can influence the success of an e-commerce site, and
identifying areas of strength and weakness is not always so simple.

● Ease of Navigation: When attempting to sell products to visitors, the first requirement for selling
a product is that the shopper has to be able to find specifically what he or she is looking for.
 Effective navigation is important to any website, but it’s especially critical for e-commerce sites.
Lost visitors will result in lost sales, so every effort should be made to have a site with clear, logical
navigation.
● The Design Does Not Overpower the Products: The focus of an e-commerce site should be on
the products that are available for purchase. A design that is extravagant for no legitimate reason
will usually do more harm than good, as it will draw attention to the design of the site and away
from the products. There sites have chosen to keep the design simple so that the products don’t
have to compete for the attention of visitors.
● Easy Checkout: User experience on e-commerce sites is critical to success. If the checkout
process involves too many steps or is confusing, shoppers will wind up abandoning their cart with
items left un-purchased. Ideally, the checkout should involve a minimal amount of steps and
should be as easy as possible for shoppers.
● Branded: Many shoppers are influenced in their purchasing decisions by the brand, and so the
need to establish a strong brand is import for both online and offline selling. In the cases of stores
that sell online as well as in physical locations, the website is only a part of an overall branding
strategy. In these cases the website should work well with other branding efforts of the company
so that customers feel comfortable on the website.
● The Design Style Matches the Products: Like any other type of website, e-commerce sites can
have countless different design styles. However, when designing an e-commerce site it’s important
to consider the style of the products that will be available on the site. If the design style does not
match very well with the particular products that are for sale, there will be a disconnect that exists
and visitors may have a hard time relating to products and determining if it is right for them.
● Showcases the Most Popular Products: Many e-commerce sites make an effort to showcase
items that are likely to be of interest to visitors, obviously with the intention of helping visitors to
find something that they will buy. A number of sites are using a large area on the homepage that
they can use to promote current sales, new product lines, or whatever will generate interest. On
these sites, this area will often be updated frequently, or it may include some type of slideshow.
● Promotes Related Products: One of the keys to a successful e-commerce store is the promotion
of related products that the customer may also be interested in. Sometimes you will see related
products listed and shown on item detail pages, and other times you will see suggestions being
made after adding an item to your cart. Promoting the right products that buyers are likely to be
interested in is key regardless of the approach that is used.
● Effective, Accurate Product Photos: Selling online is different than selling in a physical store
because the buyer cannot touch the product or see it in person before making a buying decision
(unless they have seen it somewhere else). Providing quality photos that accurately portray the
product can help to overcome this challenge and can make the buying decision easier on visitors.
● Effective Site-Wide Search: Although navigation is critical for making it easy on visitors to find
what they want, there is still the need to allow them to search. Some visitors will still have trouble
finding a specific product even with good navigation, and with larger e-commerce sites it may
often be more feasible to simply do a search than to move through several layers of links. The type
of search and the amount of options that should be offered to narrow the search should be based
on the size of the site and the items that are available.

Common Protocols

Network Protocols are a set of established rules which control and govern the interchange of
information by following a secure, reliable, and easy method. These sets of rules are present for
various applications. Some well-known examples of protocols include wired networking (like Ethernet),
wireless networking (like WLANs), and Internet communication. The Internet protocol suite, which is
used for broadcasting and transmitting data over the Internet, comprises dozens of protocols.

HTTP (Hypertext Transfer Protocol)

HTTP is a protocol used for communication between web browsers and web servers. When you type a
URL into your browser, it sends an HTTP request to the web server, which then responds with an HTTP
response. HTTP is the foundation of data communication on the World Wide Web.

Example: Let's say you type "https://www.google.com" into your web browser. Your browser sends an
HTTP request to Google's web server, asking for the Google homepage. Google's web server responds
with an HTTP response that includes the HTML, CSS, and JavaScript code for the Google homepage.
Your browser then interprets this code and displays the Google homepage on your screen.

FTP (File Transfer Protocol)

FTP is a protocol used for transferring files between computers on a network. FTP is commonly used to
upload and download files from a web server, such as uploading new content to a website or
downloading software updates.

Example: Let's say you are a web developer and you need to upload a new webpage to your website.
You can use an FTP client, such as FileZilla, to connect to your web server using FTP. You then upload
the new webpage file from your computer to the web server. The FTP client sends the file to the web
server using the FTP protocol, which ensures that the file is transferred securely and reliably.

TELNET

TELNET is a protocol used for remote terminal connection to a server. TELNET allows a user to connect
to a remote computer and run commands as if they were sitting in front of that computer. TELNET is
commonly used by network administrators to manage remote servers.

Example: Let's say a network administrator wants to remotely manage a server located in another
country. They can use a TELNET client to connect to the server and run commands as if they were
sitting in front of the server. The TELNET client sends commands to the server using the TELNET
protocol, which allows the administrator to manage the server remotely.

TELNET (Telecommunication Network) is a network protocol used on the Internet or local area network
(LAN) connections.

The term telnet also refers to software which implements the client part of the protocol. TELNET clients
have been available on most UNIX systems for many years and are available for virtually all platforms.
Most network equipment and OS’s with a TCP/IP stack support some kind of TELNET service server for
their remote configuration (including ones based on Windows NT).

TELNET is a client-server protocol, based on a reliable connection-oriented transport. The protocol has
many extensions, some of which have been adopted as Internet standards.

Internet Protocol (IP)

IP is a protocol used for communication between computers on a network. IP provides a unique

address, known as an IP address, to each computer on the network, which allows them to
communicate with each other. IP is the foundation of the internet.

Example: Let's say you want to visit a website. Your web browser sends an HTTP request to the
website's web server, using the IP address of the server. The IP protocol ensures that the request is
sent to the correct server and that the response is sent back to your computer.

The Internet Protocol (IP) is a data-oriented protocol used for communicating data across a packet-
switched internetwork. IP is a network layer protocol in the Internet protocol suite and is encapsulated
in a data link layer protocol (e.g., Ethernet). As a lower layer protocol, IP provides the service of
communicable unique global addressing amongst computers.
IP can be used over a heterogeneous network (i.e., a network connecting two computers can be any
mix of Ethernet, ATM, FDDI, Wi-Fi, token ring, etc.) and it makes no difference to the upper layer
protocols. Each data link layer can (and does) have its own method of addressing (or possibly the
complete lack of it), with a corresponding need to resolve IP addresses to data link addresses. This
address resolution is handled by the Address Resolution Protocol (ARP).

User Datagram Protocol (UDP)

UDP is a protocol used for fast and efficient communication between computers on a network. UDP is a
connectionless protocol, which means that it does not establish a connection before sending data. UDP
is commonly used for real-time applications, such as video conferencing and online gaming.

Example: Let's say you are playing an online game. Your computer sends commands to the game
server using the UDP protocol, which allows for fast and efficient communication between your
computer and the server. The game server responds to your commands using UDP, allowing for real-
time gameplay.

User Datagram Protocol (UDP) is one of the core protocols of the Internet protocol suite. UDP does not
guarantee reliability for delivering the packets in orderly fashion.

Data grams may arrive out of order, appear duplicated, or go missing without notice. Avoiding the
overhead of checking whether every packet actually arrived makes UDP faster and more efficient, at
least for applications that do not need guaranteed delivery.

Transmission Control Protocol (TCP)

TCP is a protocol used for reliable communication between computers on a network. TCP establishes a
connection before sending data and ensures that all data is received correctly. TCP is commonly used
for applications that require reliable data transfer, such as email and file transfer.

Example: Let's say you are sending an email. Your email client uses the TCP protocol to establish a
connection with the email server and send the email. TCP ensures that all data is transmitted correctly
and that the email is delivered to the recipient's inbox.

TCP provides reliable, in-order delivery of a stream of bytes, making it suitable for applications like file
transfer and e-mail. The TCP protocol's software library use the IP protocol and provides a simpler
interface to applications by hiding most of the underlying packet structures, rearranging out-of-order
packets, minimizing network congestion, and re-transmitting discarded packets. Thus, TCP very
significantly simplifies the task of writing networked applications.

Dynamic Host Configuration Protocol (DHCP)

DHCP is a protocol used for automatic IP address assignment to computers on a network. DHCP allows
computers to connect to a network and automatically receive an IP address, which eliminates the need
for manual IP address configuration.

Example: Let's say you connect your laptop to a Wi-Fi network. The network uses DHCP to
automatically assign an IP address to your laptop, allowing you to connect to the internet without
having to manually configure your IP address.

Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked computers (clients) to
obtain IP addresses and other parameters such as the default gateway, subnet mask, and IP addresses
of DNS servers from a DHCP server.

The DHCP server ensures that all IP addresses are unique, e.g., no IP address is assigned to a second
client while the first client's assignment is valid (its lease has not expired). Thus, IP address pool
management is done by the server and not by a human network administrator.
 HTTP

o HTTP stands for HyperText Transfer Protocol.

o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text, hypertext, audio,
video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency that allows us to
use in a hypertext environment where there are rapid jumps from one document to another
document.
o HTTP is similar to the FTP as it also transfers the files from one host to another host. But, HTTP is
simpler than FTP as HTTP uses only one connection, i.e., no control connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The HTTP differs from
the SMTP in the way the messages are sent from the client to the server and from server to the
client. SMTP messages are stored and forwarded while HTTP messages are delivered immediately.

Features of HTTP:

o Connectionless protocol: HTTP is a connectionless protocol. HTTP client initiates a request and
waits for a response from the server. When the server receives the request, the server processes
the request and sends back the response to the HTTP client after which the client disconnects the
connection. The connection between client and server exist only during the current request and
response time only.
o Media independent: HTTP protocol is a media independent as data can be sent as long as both
the client and server know how to handle the data content. It is required for both the client and
server to specify the content type in MIME-type header.
o Stateless: HTTP is a stateless protocol as both the client and server know each other only during
the current request. Due to this nature of the protocol, both the client and server do not retain the
information between various requests of the web pages.

HTTP Transactions
The above figure shows the HTTP transaction between client and server. The client initiates a
transaction by sending a request message to the server. The server replies to the request message by
sending a response message.

Messages - HTTP messages are of two types: request and response. Both the message types follow
the same message format.

Request Message: The request message is sent by the client that consists of a request line, headers,
and sometimes a body.

Response Message: The response message is sent by the server to the client that consists of a
status line, headers, and sometimes a body.

FTP

Although transferring files from one system to another is very simple and straightforward, but
sometimes it can cause problems. For example, two systems may have different file conventions. Two
systems may have different ways to represent text and data. Two systems may have different
directory structures. FTP protocol overcomes these problems by establishing two connections between
hosts. One connection is used for data transfer, and another connection is used for the control
connection.
o FTP stands for File transfer protocol.
o FTP is a standard internet protocol provided by TCP/IP used for transmitting the files from one host
to another.
o It is mainly used for transferring the web page files from their creator to the computer that acts as
a server for other computers on the internet.
o It is also used for downloading the files to computer from other servers.

Objectives of FTP

o It provides the sharing of files.

o It is used to encourage the use of remote computers.
o It transfers the data more reliably and efficiently.

Mechanism of FTP

The above figure shows the basic model of the FTP. The FTP client has three components: the user
interface, control process, and data transfer process. The server has two components: the server
control process and the server data transfer process.

There are two types of connections in FTP:

o Control Connection: The control connection uses very simple rules for communication. Through
control connection, we can transfer a line of command or line of response at a time. The control
 connection is made between the control processes. The control connection remains connected
during the entire interactive FTP session.
o Data Connection: The Data Connection uses very complex rules as data types may vary. The
data connection is made between data transfer processes. The data connection opens when a
command comes for transferring the files and closes when the file is transferred.

FTP Clients

o FTP client is a program that implements a file transfer protocol which allows you to transfer files
between two hosts on the internet.
o It allows a user to connect to a remote host and upload or download the files.
o It has a set of commands that we can use to connect to a host, transfer the files between you and
your host and close the connection.
o The FTP program is also available as a built-in component in a Web browser. This GUI based FTP
client makes the file transfer very easy and also does not require to remember the FTP commands.

CHAPTER 4 - BUSINESS MODELS

 A business model is the way in which a company generates revenue and makes a profit from
company operations. Analysts use the metric gross profit as a way to compare the efficiency and
effectiveness of a firm's business model. Gross profit is calculated by subtracting the cost of goods
sold from revenues.
 A business model is the conceptual structure supporting the viability of a business, including its
purpose, its goals and its ongoing plans for achieving them. At its simplest, a business model is a
specification describing how an organization fulfills its purpose. All business processes and policies
are part of that model.

According to management expert Peter Drucker, a business model answers the following questions:
Who is your customer, what does the customer value and how do you deliver value at an appropriate
cost? A business model is similar to a business plan in its makeup and content. However, a business
plan specifies all the elements required to demonstrate the feasibility of a prospective business, while
a business model demonstrates the elements that make an existing business work successfully. A
business model defines how the enterprise delivers value to customers, gets them to pay for that
value, and converts those payments to profit.

In their simplest forms, business models can be broken into three parts:

● Everything it takes to make something: design, raw materials, manufacturing, labor, and so
on.
● Everything it takes to sell that thing: marketing, distribution, delivering a service, and
processing the sale.
● How and what the customer pays: pricing strategy, payment methods, payment timing, and so
on.

As you can see, a business model is simply an exploration of what costs and expenses you have and
how much you can charge for your product or service.

A successful business model just needs to collect more money from customers than it costs to make
the product. This is your profit—simple as that.

New business models can refine and improve any of these three components. Maybe you can lower
costs during design and manufacturing. Or, perhaps you can find more effective methods of marketing
and sales. Or, maybe you can figure out an innovative way for customers to pay.
Keep in mind, though, that you don’t have to come up with a new business model to have an effective
strategy. Instead, you could take an existing business model and offer it to different customers. For
example, restaurants mostly operate on a standard business model but focus their strategy by
targeting different kinds of customers.

Fundamentals of business models

Business models are frameworks that describe how a business creates, delivers, and captures value.
Fundamentally, a business model should answer the question of how a company can generate revenue
and achieve profitability. Here are some of the key fundamentals of business models:

Value proposition: A value proposition is a statement that describes the unique value that a product
or service offers to customers. A good business model should clearly articulate how the company's
product or service solves a customer problem or fulfills a customer need.

Target market: A business model should clearly define the target customer segment. This includes
understanding the customers' needs, preferences, and behaviors.

Revenue streams: A business model should identify the various ways that the company will generate
revenue, such as through sales of products, services, or subscriptions.

Cost structure: A business model should also identify the various costs associated with delivering the
product or service. This includes costs such as manufacturing, marketing, distribution, and customer
support.

Channels: A business model should describe the channels through which the company will reach and
interact with customers. This could include physical retail locations, online marketplaces, or social
media platforms.

Key partners and suppliers: A business model should also identify the key partners and suppliers
that the company will work with to deliver the product or service.

Key activities: A business model should describe the key activities that the company will undertake
to create, deliver, and capture value. This could include activities such as product development,
marketing, and customer support.

Competitive advantage: A business model should clearly articulate the company's competitive
advantage. This includes understanding the company's unique strengths, such as its brand,
technology, or operational efficiency.

Overall, a good business model should be clear, concise, and focused on delivering value to customers
while generating revenue and achieving profitability. By understanding the key fundamentals of
business models, companies can create frameworks that are tailored to their unique needs and can
help them achieve long-term success.

The different kinds of business models:

You don’t have to invent an entirely new business model to start a business. In fact, the vast majorities
of businesses uses existing business models and refine them to find a competitive edge. Here’s a list
of business models you can use to start your own business.

 Advertising: The advertising business model has been around a long time and has become
more sophisticated as the world has transitioned from print to online. The fundamentals of the
model revolve around creating content that people want to read or watch and then displaying
advertising to your readers or viewers. In an advertising business model, you have to satisfy two
customer groups: your readers or viewers, and your advertisers. Your readers may or may not
be paying you, but your advertisers certainly are. An advertising business model is sometimes
 combined with a crowdsourcing model where you get your content for free from users instead of
paying content creators to develop content. Examples: CBS, The New York Times, YouTube
 Affiliate: The affiliate business model is related to the advertising business model but has some
specific differences. Most frequently found online, the affiliate model uses links embedded in
content instead of visual advertisements that are easily identifiable. For example, if you run a
book review website, you could embed affiliate links to Amazon within your reviews that allow
people to buy the book you are reviewing. Amazon will pay you a small commission for
every sale that you refer to them. Examples: TheWireCutter.com, TopTenReviews.com
 Brokerage: Brokerage businesses connect buyers and sellers and help facilitate a transaction.
They charge a fee for each transaction to either the buyer or the seller and sometimes both.
One of the most common brokerage businesses is a real estate agency, but there are many
other types of brokerages such as freight brokers and brokers who help construction companies
find buyers for dirt that they excavate from new foundations. Examples: ReMax, RoadRunner
Transportation Systems
 Concierge/customization: Some businesses take existing products or services and add a
custom element to the transaction that makes every sale unique for the given customer. For
example, think of custom travel agents who book trips and experiences for wealthy clients. You
can also find customization happening at a larger scale with products like Nike’s custom
sneakers.
 Disintermediation: If you want to make and sell something in stores, you typically work
through a series of middlemen to get your product from the factory to the store shelf.
Disintermediation is when you sidestep everyone in the supply chain and sell directly to
consumers, allowing you to potentially lower costs to your customers and have a direct
relationship them as well. Examples: Casper, Dell
 Franchise: Franchising is common in the restaurant industry, but you’ll also find it in all sorts of
service industries from cleaning businesses to staffing agencies. In a franchise business model,
you are selling the recipe for starting and running a successful business to someone else. You’re
often also selling access to a national brand and support services that help the new franchise
owner get up and running. In effect, you’re selling access to a successful business model that
you’ve developed. Examples: Ace Hardware, McDonald’s, Allstate
 Leasing: Leasing might seem similar to fractionalization, but they are actually very different.
In fractionalization, you are selling perpetual access to part of something. Leasing, on the other
hand, is like renting. At the end of a lease agreement, a customer needs to return the product
that they were renting from you. Leasing is most commonly used for high-priced products where
customers may not be able to afford a full purchase but could instead afford to rent the product
for a while. Examples: Cars, Direct Capital
 Marketplace: Marketplaces allow sellers to list items for sale and provide customers with easy
tools for connecting to sellers. The marketplace business model can generate revenue from a
variety of sources including fees to the buyer or the seller for a successful transaction,
additional services for helping advertise seller’s products, and insurance so buyers have peace
of mind. The marketplace model has been used for both products and services. Examples:
eBay, Airbnb.
 Pay-as-you-go: Instead of pre-purchasing a certain amount of something, such as electricity or
cell phone minutes, customers get charged for actual usage at the end of a billing period. The
pay-as-you-go model is most common in home utilities, but it has been applied to things like
printer ink. Examples: Water companies, HP Instant Ink
 Reverse auction: A reverse auction business model turns auctions upside down and has
sellers present their lowest prices to buyers. Buyers then have the option to choose the lowest
price presented to them. You can see reverse auctions in action when contractors bid to do work
on a construction project. You also see reverse auctions anytime you shop for a mortgage or
other type of loan. Examples: Priceline.com, Lending Tree
 Subscription: Subscription business models are becoming more and more common. In this
business model, consumers get charged a subscription fee to get access to a service. While
magazine and newspaper subscriptions have been around for a long time, the model has now
spread to software and online services and is even showing up in service industries. Examples:
Netflix, Salesforce, Comcast
 Classification of business models

Business models can be classified into various categories based on their structure and revenue
generation strategy. Here are some common types of business models:

1. Product-based business models: These models focus on selling physical or digital products to
customers, such as electronics, clothing, or software.
2. Service-based business models: These models provide services to customers, such as
consulting, education, or maintenance services.
3. Subscription-based business models: These models charge customers a recurring fee for
access to a product or service, such as a streaming service, software platform, or online course.
4. Freemium-based business models: These models offer a basic version of a product or service
for free, but charge for additional features or functionality.
5. Marketplace-based business models: These models facilitate transactions between buyers and
sellers, such as an e-commerce platform, online auction site, or ride-sharing service.
6. Platform-based business models: These models provide a platform for users to interact with
each other or access content, such as social media platforms or app stores.
7. Advertising-based business models: These models generate revenue by selling advertising
space or promoting products to a targeted audience, such as online advertising or sponsorships.
8. Licensing-based business models: These models involve licensing a product or technology to
other businesses or individuals for a fee.
9. Franchise-based business models: These models involve selling the rights to use a business's
brand, products, and services in exchange for a fee and ongoing royalties.
10. Direct sales-based business models: These models involve selling products or services directly
to customers without the use of intermediaries, such as door-to-door sales or online sales.

These are just a few examples of the many types of business models that exist. The specific type of
business model chosen will depend on factors such as the company's products or services, target
market, competitive landscape, and revenue goals.

Fundamentals of brokerages, advertising, infomediary, merchant, manufacturer, affiliate,

community, subscription and utility models:

 Brokerage: Brokers are market-makers: they bring buyers and sellers together and facilitate
transactions.
 Advertising: The web advertising model is an extension of the traditional media broadcast
model. The broadcaster, in this case, a web site, provides content (usually, but not necessarily,
for free) and services (like email, IM, blogs) mixed with advertising messages in the form of
banner ads.
 Infomediary: Independently collected data about producers and their products are useful to
consumers when considering a purchase. Some firms function as infomediaries (information
intermediaries) assisting buyers and/or sellers understand a given market.
 Merchant: Wholesalers and retailers of goods and services. Sales may be made based on list
prices or through auction.
 Manufacturer (Direct): The manufacturer or “direct model”, it is predicated on the power of
the web to allow a manufacturer (i.e., a company that creates a product or service) to reach
buyers directly and thereby compress the distribution channel.
 Affiliate: In contrast to the generalized portal, which seeks to drive a high volume of traffic to
one site, the affiliate model, provides purchase opportunities wherever people may be surfing. It
does this by offering financial incentives (in the form of a percentage of revenue) to affiliated
partner sites.
 Community: The viability of the community model is based on user loyalty. Users have a high
investment in both time and emotion. Revenue can be based on the sale of ancillary products
and services or voluntary contributions; or revenue may be tied to contextual advertising and
subscriptions for premium services.
 Subscription: Users are charged a periodic – daily, monthly or annual – fee to subscribe to a
service.
 Utility: The utility or “on-demand” model is based on metering usage, or a “pay as you go”
approach.
Four Business Models
1. Business - to - Business
A website following the B2B business model sells its products to an intermediate buyer who then
sells the product to the final customer. As an example, a wholesaler places an order from a
company's website and after receiving the consignment, sells the end product to the final customer
who comes to buy the product at one of its retail outlets.

Business-to-business (B2B) refers to the commercial transactions and relationships that take place
between two or more businesses. In a B2B relationship, one business provides products or services to
another business, which in turn uses those products or services to create its own products or services
or to support its operations.

Examples of B2B transactions and relationships include:

 Supplier and manufacturer: A supplier provides raw materials, components, or other goods
to a manufacturer, which uses them to produce finished products. For example, a steel
manufacturer might buy raw iron ore from a mining company, or a coffee roaster might buy
green coffee beans from a coffee grower.
 Distributor and retailer: A distributor buys products from manufacturers or wholesalers and
sells them to retailers or other businesses. For example, a grocery distributor might buy
products from multiple food manufacturers and sell them to grocery stores.
 Service provider and client: A service provider offers a service to a client, who uses that
service to support its own business operations. For example, an IT consulting firm might provide
network infrastructure services to a law firm.
 Outsourcing: A business outsources a function or service to another business that specializes
in that area. For example, a manufacturer might outsource its accounting functions to an
accounting firm.
 Joint ventures and partnerships: Two or more businesses collaborate to develop a new
product, service, or business venture. For example, two tech companies might collaborate to
develop a new software product.
 B2B transactions tend to involve larger quantities and higher values than business-to-consumer
(B2C) transactions. They often require more complex contracts and negotiations, and may
involve longer-term relationships between the parties. In a B2B relationship, businesses may
also provide ongoing support and services to each other.
 Overall, B2B relationships are essential for many businesses to operate and grow. By providing
products and services to other businesses, companies can expand their customer base, increase
their revenue, and benefit from economies of scale.
2. Business - to - Consumer
 A website following the B2C business model sells its products directly to a customer. A customer
can view the products shown on the website. The customer can choose a product and order the
same. The website will then send a notification to the business organization via email and the
organization will dispatch the product/goods to the customer.

Business-to-consumer (B2C) is a type of business model in which a company sells products or services
directly to individual consumers. In other words, it involves the exchange of goods or services between
a company and its end-users or customers.

Here are some examples of B2C businesses:

 Amazon: Amazon is one of the largest B2C e-commerce platforms in the world. It offers a wide
range of products, including books, electronics, clothing, and home goods, among others.
Amazon's business model is based on providing a convenient and easy-to-use platform for
consumers to purchase products from a variety of different sellers.
 Apple: Apple is a technology company that offers a range of B2C products, including iPhones,
iPads, MacBooks, and other electronic devices. Apple's business model is based on creating
high-quality products with a focus on design and usability, as well as providing a seamless user
experience through its ecosystem of hardware, software, and services.
 Nike: Nike is a global sportswear and athletic footwear brand that sells its products directly to
consumers through its own retail stores and website. Nike's business model is based on creating
high-quality products and building a strong brand through marketing and sponsorships of
athletes and sports teams.
 Starbucks: Starbucks is a coffee company that operates thousands of cafes around the world,
selling coffee, tea, and other beverages and food items directly to consumers. Starbucks'
business model is based on creating a welcoming and comfortable environment for customers
 to enjoy their products and building a loyal customer base through personalized experiences
and loyalty programs.
 Uber: Uber is a ride-sharing service that connects passengers with drivers through a mobile
app. Uber's business model is based on providing a convenient and affordable transportation
option for consumers while creating income opportunities for drivers.
B2C businesses typically focus on creating a strong brand identity, building customer relationships
through personalized experiences and marketing, and providing a convenient and seamless user
experience. They also need to manage logistics and fulfillment processes to ensure timely delivery
of products and services.
3. Consumer - to - Consumer
A website following the C2C business model helps consumers to sell their assets like residential
property, cars, motorcycles, etc., or rent a room by publishing their information on the website.
Website may or may not charge the consumer for its services. Another consumer may opt to buy
the product of the first customer by viewing the post/advertisement on the website.

Consumer-to-consumer (C2C) is a type of e-commerce model that involves transactions between

consumers, usually facilitated by an online platform. In a C2C model, individuals can buy and sell
goods or services to other individuals without the involvement of a business or commercial entity.

The C2C model has become increasingly popular due to the rise of online marketplaces, auction sites,
and social media platforms. Here are some examples of C2C platforms:

 eBay: eBay is a well-known online auction site that allows individuals to buy and sell a wide
range of products. eBay's platform provides a way for individuals to reach a large audience of
potential buyers and sellers, while also providing tools to help manage transactions, such as
secure payments and shipping options.
 Craigslist: Craigslist is a classifieds website that allows individuals to buy and sell items in their
local area. Unlike eBay, Craigslist does not provide any transaction management tools or secure
payment options, and users are responsible for arranging the details of the transaction
themselves.
 Airbnb: Airbnb is a platform that allows individuals to rent out their homes or apartments to
travelers. Airbnb provides a way for homeowners to monetize their property while also providing
affordable accommodation options for travelers.
 Etsy: Etsy is a marketplace for handmade and vintage goods. The platform allows individual
artisans and crafters to sell their products to a wide audience, while also providing tools to
manage transactions and shipping.
 Poshmark: Poshmark is a mobile app that allows individuals to buy and sell secondhand
clothing and accessories. The platform provides a way for individuals to declutter their closets
while also providing a more sustainable and affordable option for shoppers.
In a C2C model, individuals can benefit from the flexibility and convenience of buying and selling
directly with other individuals. However, there are also risks involved, such as fraud, scams, and
issues with product quality or delivery. C2C platforms typically have policies and tools in place to
help mitigate these risks, but users should still take precautions when engaging in transactions with
strangers online.
4. Consumer - to - Business
In this model, a consumer approaches a website showing multiple business organizations for a
particular service. The consumer places an estimate of amount he/she wants to spend for a
particular service. For example, the comparison of interest rates of personal loan/car loan provided
by various banks via websites. A business organization who fulfills the consumer's requirement
within the specified budget, approaches the customer and provides its services.

Consumer-to-business (C2B) is a type of e-commerce model where individuals offer goods or services
to businesses in exchange for payment. In this model, the consumer acts as the supplier, and the
business acts as the buyer. This is a relatively new concept in the e-commerce world, but it has gained
popularity with the rise of the gig economy.

Here are some examples of consumer-to-business transactions:

 Freelance Services: Freelancers can offer their services to businesses through online
platforms such as Upwork, Freelancer, and Fiverr. Businesses can browse through the profiles of
freelancers and select the one that best meets their needs. Freelancers can offer a wide range
of services, including web design, writing, social media management, and graphic design.
 Crowdsourcing: Crowdsourcing is a process where businesses outsource tasks to a large group
of people. This can be anything from data entry to product design. Crowdsourcing platforms
such as Amazon Mechanical Turk and CrowdFlower allow businesses to post tasks and pay
individuals to complete them.
 User-generated content: User-generated content (UGC) is content created by users of a
product or service. Companies can use UGC to promote their brand and engage with their
customers. For example, clothing companies can ask customers to submit photos of themselves
wearing their products, and then feature those photos on their website or social media
channels.
 Online Reviews: Businesses can benefit from online reviews left by consumers on sites like
Yelp, Google, and Amazon. Positive reviews can increase a business's visibility and attract more
customers, while negative reviews can highlight areas for improvement.
Overall, the consumer-to-business model allows businesses to access a larger pool of resources and
talent than they would through traditional hiring methods. It also allows consumers to monetize
their skills and talents, providing an additional source of income.
5. Business - to - Government
B2G model is a variant of B2B model. Such websites are used by governments to trade and
exchange information with various business organizations. Such websites are accredited by the
government and provide a medium to businesses to submit application forms to the government.

Business-to-Government (B2G) refers to transactions between private sector businesses and

government agencies. These transactions can include the sale of goods and services, procurement of
government contracts, and payment of taxes and fees. B2G interactions are often regulated and can
involve complex procedures, requiring businesses to understand government procurement processes
and compliance requirements.

Examples of B2G transactions include:

 Government Contracts: Companies can bid on government contracts to provide goods and
services to government agencies. For example, a company might bid on a contract to provide
construction services for a new government building or supply IT services to a government
department.
 Taxes and Fees: Businesses are required to pay various taxes and fees to government
agencies. For example, companies may be required to pay sales tax, property tax, payroll tax,
or licensing fees.
 Regulatory Compliance: Businesses must comply with various regulations and standards set
by government agencies. For example, companies in the healthcare industry must comply with
regulations set by the Food and Drug Administration (FDA) and the Centers for Medicare and
Medicaid Services (CMS).
 Public-private Partnerships: Government agencies may partner with private sector
businesses to jointly fund and execute projects. For example, a city government might partner
with a private company to build a new public transportation system or to revitalize a blighted
neighborhood.
 Government Grants: Businesses can apply for government grants to fund research,
development, and other initiatives. For example, a company might apply for a grant from the
National Science Foundation to develop new technology or from the Small Business
Administration to fund a start-up venture.
In B2G transactions, businesses must navigate complex regulations and procedures to successfully
engage with government agencies. Building relationships with key stakeholders, understanding
procurement processes, and demonstrating a track record of successful delivery can help
businesses succeed in the B2G market.
6. Government - to - Business
Governments use B2G model websites to approach business organizations. Such websites support
auctions, tenders, and application submission functionalities.

Government-to-business (G2B) is a business model in which government entities provide products,

services, or information to businesses. This model enables businesses to interact with government
agencies and access resources that are essential for their operations. Here are some examples of G2B
initiatives:

 Business Registration: Governments provide businesses with online registration services to

streamline the process of starting a new business. For example, in India, businesses can register
 themselves on the Ministry of Corporate Affairs website and obtain a unique company
identification number (CIN).
 Licensing and Permitting: Governments issue licenses and permits to businesses to ensure
that they comply with regulations and standards. For example, in the United States, businesses
need to obtain licenses and permits from federal, state, and local agencies to operate legally.
These permits include business licenses, zoning permits, and health and safety permits.
 Procurement: Governments purchase goods and services from businesses through a bidding
process. This provides opportunities for businesses to win contracts and sell their products or
services to the government. For example, in the United States, the General Services
Administration (GSA) provides a platform for businesses to bid on government contracts.
 Export Assistance: Governments provide businesses with resources and assistance to expand
their operations overseas. For example, the United States Department of Commerce provides
the Export Assistance Center, which offers advice and support to businesses interested in
exporting their products or services.
 Research and Development: Governments invest in research and development initiatives
that can benefit businesses. For example, the Small Business Innovation Research (SBIR)
program in the United States provides funding to small businesses for research and
development projects that have the potential for commercialization.
 Financial Assistance: Governments provide financial assistance to businesses in the form of
loans, grants, and tax incentives. For example, in Canada, the Industrial Research Assistance
Program provides funding to small and medium-sized businesses for research and development
projects.
In summary, government-to-business initiatives aim to facilitate business operations by providing
resources, information, and services. These initiatives can benefit both the government and
businesses by promoting economic growth and creating new opportunities for businesses to thrive.
7. Government - to - Citizen
Governments use G2C model websites to approach citizen in general. Such websites support
auctions of vehicles, machinery, or any other material. Such website also provides services like
registration for birth, marriage or death certificates. The main objective of G2C websites is to reduce
the average time for fulfilling citizen’s requests for various government services.

Government-to-Citizen (G2C) refers to the interaction between government agencies and individual
citizens. The primary goal of G2C services is to improve the accessibility, efficiency, and quality of
government services to citizens. The G2C model has been implemented in various forms, including
online portals, mobile apps, and in-person services.

Here are some examples of G2C services:

 Tax Filing and Payment: Many governments offer online tax filing and payment services to
their citizens. This allows citizens to easily submit their tax returns and pay their taxes online,
without the need to visit a physical office.
 Social Welfare Programs: Governments offer various social welfare programs to citizens,
such as food subsidies, healthcare, and education. These programs can be accessed through
online portals or mobile apps, making it easier for citizens to apply for and receive benefits.
 Driver's License Renewal: Many governments offer online services for driver's license
renewal. This allows citizens to renew their licenses without the need to visit a physical office,
saving time and resources.
 Passport Application: Governments also offer online passport application services, allowing
citizens to apply for passports and track the status of their application. This makes the process
more convenient and efficient for citizens.
 Voter Registration: Governments also provide online voter registration services to citizens,
allowing them to register to vote and update their voter information online. This makes it easier
for citizens to participate in elections.
 Healthcare Services: Many governments offer online healthcare services, allowing citizens to
book appointments, access medical records, and communicate with healthcare providers. This
improves the accessibility and quality of healthcare services for citizens.
 Education Services: Governments also provide online education services, such as online
courses, certifications, and degree programs. This allows citizens to access education and
training programs from anywhere, at any time.
Overall, G2C services aim to improve the efficiency and quality of government services while
making them more accessible to citizens. By providing services through online portals and mobile
apps, citizens can easily access government services and interact with government agencies
without the need to visit a physical office, saving time and resources.

CHAPTER 5 - ELECTRONICS PAYMENT SYSTEM

When you purchase goods and services online, you pay for them using an electronic medium. This
mode of payment, without using cash or cheque, is called an e-commerce payment system and is also
known as online or electronic payment systems.

Types of E-commerce Payment System:

Credit Card: The most popular form of payment for e-commerce transactions is through credit cards.
It is simple to use; the customer has to just enter their credit card number and date of expiry in the
appropriate area on the seller’s web page. To improve the security system, increased security
measures, such as the use of a card verification number (CVN), have been introduced to on-line credit
card payments. The CVN system helps detect fraud by comparing the CVN number with the
cardholder's information.

Payment using credit card is one of most common mode of electronic payment. Credit card is small
plastic card with a unique number attached with an account. It has also a magnetic strip embedded in
it which is used to read credit card via card readers. When a customer purchases a product via credit
card, credit card issuer bank pays on behalf of the customer and customer has a certain time period
after which he/she can pay the credit card bill. It is usually credit card monthly payment cycle.
Following are the actors in the credit card system.

 The card holder − Customer

 The merchant − seller of product who can accept credit card payments.
 The card issuer bank − card holder's bank
 The acquirer bank − the merchant's bank
 The card brand − for example, visa or MasterCard.

Credit Card Payment Process

Step Description
Step Bank issues and activates a credit card to the customer on his/her request.
1
Step The customer presents the credit card information to the merchant site or to the merchant from
2 whom he/she wants to purchase a product/service.
Step Merchant validates the customer's identity by asking for approval from the card brand company.
3
Step Card brand company authenticates the credit card and pays the transaction by credit. Merchant
4 keeps the sales slip.
Step Merchant submits the sales slip to acquirer banks and gets the service charges paid to him/her.
 5
Step Acquirer bank requests the card brand company to clear the credit amount and gets the
6 payment.
Step Now the card brand company asks to clear the amount from the issuer bank and the amount
6 gets transferred to the card brand company.

Debit Card: Debit cards are the second largest e-commerce payment medium in India. Customers
who want to spend online within their financial limits prefer to pay with their Debit cards. With the
debit card, the customer can only pay for purchased goods with the money that is already there in
his/her bank account as opposed to the credit card where the amounts that the buyer spends are billed
to him/her and payments are made at the end of the billing period.

Smart Card: It is a plastic card embedded with a microprocessor that has the customer’s personal
information stored in it and can be loaded with funds to make online transactions and instant payment
of bills. The money that is loaded in the smart card reduces as per the usage by the customer and has
to be reloaded from his/her bank account.

Smart cards can only be accessed using a PIN that every customer is assigned with. Smart cards are
secure, as they store information in encrypted format and are less expensive/provides faster
processing. Mondex and Visa Cash cards are examples of smart cards.

E-Wallet: E-Wallet is a prepaid account that allows the customer to store multiple credit cards, debit
card and bank account numbers in a secure environment. This eliminates the need to key in account
information every time while making payments. Once the customer has registered and created E-
Wallet profile, he/she can make payments faster.

Net-banking: This is another popular way of making e-commerce payments. It is a simple way of
paying for online purchases directly from the customer’s bank. It uses a similar method to the debit
card of paying money that is already there in the customer’s bank. Net banking does not require the
user to have a card for payment purposes but the user needs to register with his/her bank for the net
banking facility. While completing the purchase the customer just needs to put in their net banking id
and pin.

Mobile Payment: One of the latest ways of making online payments is through mobile phones.
Instead of using a credit card or cash, all the customer has to do is send a payment request to his/her
service provider via text message; the customer’s mobile account or credit card is charged for the
purchase. To set up the mobile payment system, the customer just has to download a software from
his/her service provider’s website and then link the credit card or mobile billing information to the
software.

Amazon-Pay: Another convenient, secure and quick way to pay for online purchases is through
Amazon Pay. Use your information which is already stored in your Amazon account credentials to log in
and pay at leading merchant websites and apps. Your payment information is safely stored with
Amazon and accessible on thousands of websites and apps where you love to shop.

Properties of Paper Money:

Paper money is a medium of exchange for goods or services within an economy. It is printed on paper,
rather than in coin form. Paper notes are the most generally accepted forms of paper money. In most
cases, each country in the world has its own paper money, but in many cases several countries use the
same money (such as the Euro or the U.S. dollar). A country's government designs and manufactures
that country's paper money.

General Acceptability – The main quality of good money is its general acceptability. It should be
commonly acceptable for the sale and purchase of goods and services. Anything, which is acceptable
in a certain payment but not generally acceptable, cannot/be regard as good money. If people lose
confidence in money and refuse to accept it in payments, it will not work as money any further. It
practically happened in Kuwait during the gulf war, when people refused to accept Kuwaiti Dinars in
payments.

Stability of Value: - Good money is that whose value is fairly stable. Frequent changes in the value
of money will inject the element of instability in economy and people lose confidence in it. Moreover,
money is a standard for measuring the values of other goods and services. If its own value is not
stable, how can it measure the values of other goods properly?

Portability: Good money should have the quality of portability. It is possible only if it contains huge
value in small bulk. This quality of money makes best use of money possible. Paper money is
considered good money as it can be shifted easily from one place to another.

Divisibility: Another quality of good money is that it should be capable of making small purchases. It
is possible only if the money is divisible into small units. When money is divisible into small units, the
consumer will get maximum satisfaction with his limited income by equating the marginal utility of all
the purchased commodities. Paper money possesses this quality. A thousand rupee note can be
changed into the notes of small denominations. It enables a person to make small purchases.

Durability: Good money is that which is durable and long lasting. It should not deteriorate rapidly with
the passage of time. Gold and silver coins are more durable as compared to paper money. A paper can
last only for few months if it remains in circulation and a coin can work as a medium of exchange for
many years.

Storability: Money should be storable without any fall in value. The value of money should not
depreciate with the passage of time. This quality of money will encourage savings and investment.

Communicability: Communicability is an essential quality of good money. An ordinary person should

be able to judge the correctness of money. It is possible only if the various units of money are
identical. Paper notes and modern coins of different denominations are identical in size and color;
therefore they can be recognized very easily.

Security: Paper money is designed to be secure and difficult to counterfeit. This is achieved through a
variety of security features, such as watermarks, security threads, and holograms. For example, U.S.
currency has several security features that make it difficult to counterfeit, including a 3D security
ribbon and a color-shifting ink. These security features help to prevent fraud and ensure the integrity
of the currency.

In conclusion, paper money has several properties that make it a popular medium of exchange.

Electronics Cash and its use

Electronic cash, also known as digital cash, e-cash, or cybercash, refers to a digital currency that is
used for online transactions. It is a type of electronic payment system that allows individuals and
businesses to make payments without the need for physical cash or credit cards. Electronic cash is
becoming increasingly popular as more people move towards digital transactions, and it has several
advantages over traditional payment methods.

As more consumers and businesses migrate to online shopping and digital transactions that even
include multiple currencies, payment methods have had to evolve to facilitate these new preferences.
One of the financial solutions that have emerged is known as e-cash. In providing a simple definition of
e-cash, also known as electronic cash, it is a digital money product that provides a way to pay for
products and services without resorting to paper or coin currency.

E-cash is an evolutionary product that has its roots in other payment concepts. Others have noted that
checks were essentially the same idea because they have involved stating that an amount will be
taken from one account and then placed in another. During this process, no currency is actually
transferred. Instead, banks take care of changing the amounts in both accounts to reflect the
transaction. E-cash removes the bank from the payment equation but essentially does the exact same
thing as a check.

How eCash Works?

An e-cash user will download the electronic money from their bank account and store this on their hard
drive. When they are ready to use the electronic cash to pay an Internet merchant or shareware
provider, the same software is then used to take the amount from their e-cash “wallet” and add it to
the merchant’s “wallet.”

The e-cash goes through an e-cash bank so that the transaction can be verified. The merchant or
shareware provider can then choose to pay their expenses with this e-cash or upload it to a traditional
bank account for use later. Transactions do not incur a fee except for a small amount charged by the
e-cash company. This makes it ideal for smaller online transactions than any other payment method.

Advantages:

 Anonymity and non-traceability can be maintained with e-cash.

 User ids are kept highly confidential.
 There are hardly any issues regarding "double spending".
 Real-time checking of all transactions makes the possibility of multiple expenditures negligible.
 There is no requirement of additional secure hardware.
 The existing POS (point of sale) hardware can be updated and used.
Disadvantages:

 There are communication overheads; security and anonymity cost become a bottleneck of the
system. This can happen at times during real-time verifications.
 The bank has to maintain massive, detailed, and confidential databases.
 The bank needs to synchronize its server every time transaction is made. It would be insanely
impractical to maintain.
Electronic Checks:

 Electronic checks, also known as e-checks or electronic funds transfers (EFTs), are a form of online
payment that allows individuals and businesses to transfer funds from one bank account to
another.
 An electronic check is a digital version of a paper check that is processed through the Automated
Clearing House (ACH) network, a secure system that connects banks and financial institutions for
electronic fund transfers. To initiate an electronic check, the payer or the receiver of the funds
must provide their bank account information, including the account number and the routing
number.
 Electronic checks are processed in a similar way to paper checks, but the process is faster and
more secure. The payer authorizes the payment by signing an electronic check, either physically or
electronically, and then the payment is transmitted to the receiver's bank account through the
ACH network. The transaction typically takes 2-3 business days to complete.
 An electronic version or representation of a paper cheque. The account holder writes an e-check
using a computer or other type of electronic device and transmits the e-cheque to the payee
electronically. Like paper cheques, e-checks are signed by the payer and endorsed by the payee.
Rather than handwritten or machine-stamped signatures, however, e-checks are affixed with
digital signatures, using a combination of smart cards and digital certificates. The payee deposits
the e-check, receives credit, and the payee's bank clears the e-check to the paying bank. The
paying bank validates the e-check and then charges the cheque writer's account for the cheque.

4 main steps to processing an electronic check:

1. Request Authorization: The business needs to gain authorization from the customer to make
the transaction. This can be done via an online payment form, signed order form, or phone
conversation.
2. Payment Set Up: After authorization is complete, the business inputs the payment information
into the online payment processing software. If it is a recurring payment, this information also
includes the details of the recurring schedule.
3. Finalize and Submit: Once payment information is properly entered into the software, the
business clicks “Save” or “Submit” and starts the ACH transaction process.
4. Payment Confirmation and Funds Deposited: The payment is automatically withdrawn from
the customer’s bank account, the online software sends a payment receipt to the customer, and
the payment itself is deposited into the business’s bank account. Funds are typically deposited into
the merchant’s bank account three to five business days after the ACH transaction is initiated.

ACH stands for “Automated Clearing House. “This is the electronic network used by financial
institutions in the United States that provides the infrastructure used by payment processing
companies.

Advantages of Electronic Checks

 Convenience: Electronic checks allow users to initiate payments from anywhere, at any time, as
long as they have access to the internet.
 Security: Electronic checks are more secure than paper checks because they cannot be lost,
stolen, or altered. They are also processed through a secure network that encrypts the data and
prevents unauthorized access.
 Cost-effective: Electronic checks are cheaper than other payment methods, such as wire
transfers and credit card payments, because they do not involve physical transactions or
processing fees.
 Faster processing: Electronic checks are processed faster than paper checks, typically taking
only 2-3 business days to complete the transaction.
 Better record-keeping: Electronic checks provide a clear record of all transactions, which can be
easily accessed and tracked for accounting purposes.

Disadvantages of Electronic Checks

 Requires bank account information: To use electronic checks, both the payer and receiver
must provide their bank account information, which can be a security risk if the information falls
into the wrong hands.
 Risk of fraud: Electronic checks are susceptible to fraud, such as phishing scams and identity
theft, which can lead to unauthorized transactions and financial loss.
 Limited acceptance: Electronic checks are not accepted by all merchants and may not be
available in all countries or regions.
 Delayed processing: While electronic checks are faster than paper checks, they still take 2-3
business days to process, which may not be ideal for urgent or time-sensitive transactions.
 Limited payment amounts: Electronic checks may have limits on the amount of money that can
be transferred, which may not be suitable for large transactions.

Use of Electronic Checks in Different Industries

 B2B payments: Electronic checks are commonly used for business-to-business (B2B) payments,
such as paying suppliers and vendors, because they are cost-effective and provide a clear record
of transactions.
 Payroll processing: Many companies use electronic checks to process payroll payments for their
employees, as it is a fast and secure way to transfer funds.
 Insurance payments: Insurance companies often use electronic checks to process premium
payments from policyholders, as it is a convenient and secure payment method.
 Utility payments: Many utility companies, such as electricity and water providers, offer electronic
check payments as an alternative to paper checks, as it is a fast and cost-effective payment
method.
 Government payments: Electronic checks are also used by government agencies to process
payments, such as tax refunds and social security benefits, because they

Smart Card

 Smart card is credit/ debit card and other card products enhanced with microchip capable of
holding more information than the traditional magnetic strip. The chip on a smart card can be
either a microcontroller chip or an embedded memory chip.
 Smart cards are designed to be tamper-resistant and use encryption to provide protection for in-
memory information. Those cards with a microcontroller chip have the ability to
perform on-card processing functions and can add, delete and manipulate information in the
chip's memory. Various attacks are possible against smart card technology that can recover
information from the chip. Differential power analysis can deduce the on-chip private key used by
public key algorithms such as RSA while some implementations of symmetric ciphers can be
vulnerable to timing attacks or differential power analysis as well. Smart cards can also be
physically disassembled to gain access to the on-board microchip.

Smart cards are turning out to be a fundamental piece of the transformation of retailing into electronic
commerce. The impressive growth of the Internet is making electronic shopping at least a real
possibility, if not a habit, among computer users. However, the business model used in current
electronic commerce applications still cannot enjoy the full potential of the electronic medium.
Moreover, concerns about the reliability of an invisible counterpart and about the safety of the Internet
for credit card information increase the wariness and thereby limit the use of the electronic shopping
on the part of customers.

Technology behind Smart Cards

Smart cards are designed to securely store and process information. They contain a microprocessor
chip that can store data and run programs. The chip is embedded in the card and can communicate
with external systems using a variety of interfaces, including contact and contactless interfaces.

Contact smart cards require physical contact with a reader to transfer data. These cards have a metal
contact pad that is used to communicate with the reader. When the card is inserted into the reader,
the contact pad makes contact with the reader's electrical contacts, allowing data to be transferred
between the card and the reader.

Contactless smart cards, on the other hand, use radio frequency technology to transfer data. These
cards have an embedded antenna that communicates with the reader using radio waves. When the
card is brought into close proximity to the reader, the reader sends a signal to the card, which
responds with its data. Contactless smart cards are more convenient than contact smart cards since
they do not require physical contact with the reader.

Smart cards can also use a magnetic stripe to store data. These cards have a magnetic stripe on the
back, which can be read by swiping the card through a magnetic stripe reader. While magnetic stripe
cards are less secure than smart cards, they are still widely used for applications such as credit cards
and loyalty programs.

Classification Based on Capabilities:

Microprocessor-based Cards: These have greater memory storage as compared to cards without a
microprocessor. The security of data on microprocessor cards is greater than any other storage device,
because it has the microprocessor embedded in the plastic card along with the memory.
Microprocessor-based smart cards available today have an eight-bit processor, 512 bytes random
access memory (RAM), and 16 KB read-only memory. Some of them use cryptography to secure a
digital identity, and have a card operating system (COS) that manages the data on the card. The card
operating system makes it possible to make the smart cards multi-functional.

Memory-based Cards: These are used for applications in which the function of the card is fixed.
Memory-based cards need a card reader to manipulate the data on the card. They communicate to the
reader using some synchronous protocols. Memory-based smart cards have no processing power and
cannot manage the data stored in them. These cards are widely used as prepaid phone cards.

Classification Based on Mechanism:

Contact Cards: They are named so because they come in contact with the reader. These are usually
the size of a credit card. A metallic chip is embedded inside the plastic card with a microprocessor and
a memory or only with a memory. They are widely used in network security, access control, e-
commerce, electronic cash, and as health cards.

Contactless Cards: As the name suggests, the contactless cards do not directly come in contact with
the reader. These cards have an antenna built in the card, which is used to communicate to the
reader. The working of these cards is based on radio frequency identification technology. These cards
are used as parking cards, student identification, and electronics passports.

Combination Cards: These are a combination of contact and contactless smart cards. These cards
can be read and written with contact or without contact with the reader. The antenna of the card is
used or the contact pads are used to manipulate data. These are used as vending passes, meal
passes, access control, and network security.

Proximity Cards: Proximity cards are contactless cards and they have an antenna embedded in the
card. However, proximity cards are read-only cards and the information on these cards cannot be
manipulated. Such cards also use radio frequency identification (RFID) technology. The applications of
these cards include access control, identification, and security.

Hybrid Cards: These have more than two technologies embedded inside a single card. These cards
use any two of the above-mentioned types in a single chip. Some applications of smart card require
more than two technologies like the proximity card and the contact card integrated in a single chip.

Smart card technology of embedding different functions along with the basic ones is progressing
rapidly. There are many benefits that are making the use of smart cards very popular.

Advantages of smart card

Convenience: One of the most obvious benefits of smart cards is that it is always safer and more
convenient to carry a single card than bundles of dollar notes. With just one card in your wallet, you
can carry out all sorts of money transactions; make purchases, pay bills, etc. Using the card's number
or on swiping the card, money can be paid or transferred from one account to another very easily.

Security: An important benefit of smart cards is their inbuilt security. They offer protection of the
information stored on them. The smart card technology offers transaction security. Each card has a
unique serial number and is capable of performing encryption, thus ensuring secure transactions.
Modern-day smart cards have a chip operating system, which possesses error-checking capabilities
and user authentication facilities. As these cards support digital signatures, the validity of the
organization issuing the cards, as well as of the data stored on them can be checked.
Storage and Processing of Information: A significant advantage of smart cards is that they can
not only store data, but also process information. Through smart card readers, one can communicate
with other computing devices. Their unique serial numbers serve to uniquely identify the users.
Moreover, smart cards are electrically erasable because of which they can be modified. It is possible to
update the information stored on a card without having to issue a new one.

Portability: Probably, the most important benefit of smart cards is their portability. Owing to their
small size, they can be easily carried along. Their communication with the readers is wireless. Owing to
their portability and wireless capabilities, the smart card technology can be implemented in remote
areas where wired online communication is not possible. Due to the ease of use offered by smart
cards, the elderly and the disabled can access resources and services with greater ease.

Other Benefits:

 In case of financial transactions, smart cards can be used in place of money.

 Smart cards have a personal identification number and support biometrics
 Smart cards can be used in licenses and passports, thus giving these documents the
advantages of smart card technology.
 The cards can be used for club memberships, where they can store user information, the
duration of membership, validity of the card, etc.
 Due to their storage capacities, a lot of user information can be integrated onto one card which
can then serve multiple purposes.
Credit Card

Payment using credit card is one of most common mode of electronic payment. Credit card is small
plastic card with a unique number attached with an account. It has also a magnetic strip embedded in
it which is used to read credit card via card readers. When a customer purchases a product via credit
card, credit card issuer bank pays on behalf of the customer and customer has a certain time period
after which he/she can pay the credit card bill. It is usually credit card monthly payment cycle.
Following are the actors in the credit card system.

Credit card security is based on privacy of the actual credit card number. This means that whenever a
person other than the card owner reads the number, security is potentially compromised. Since this
happens most of the time when a transaction is made, security is low. However, a user with access to
just the number can only make certain types of transactions. Merchants will often accept credit card
numbers without extra verification for mail order, but then the delivery address will be recorded, so
the thief must make sure he can have the goods delivered to an anonymous address and collect them
without being detected.

How Credit Cards Work

When a consumer uses a credit card to make a purchase, the credit card company pays the merchant
for the transaction, and the consumer is then responsible for paying the credit card company back.
Credit cards typically have a credit limit, which is the maximum amount that a consumer can borrow at
any given time.

When a consumer receives a credit card, they are given a credit line, which is the maximum amount
that they can borrow. The credit card company will also assign the consumer an interest rate, which is
the cost of borrowing the money. If the consumer does not pay off the balance in full each month, they
will be charged interest on the remaining balance.

We can break credit card payment on on-line networks into three basic categories:

● Payments using plain credit card details: The easiest method of payment is the exchange of
unencrypted credit cards over a public network such as telephone lines or the Internet. The low
 level of security inherent in the design of the Internet makes this method problematic (any
snooper can read a credit card number, and programs can be created to scan the Internet traffic
for credit card numbers and send the numbers to its master). Authentication is also a significant
problem, and the vendor is usually responsible to ensure that the person using the credit card is its
owner. Without encryption there is no way to do this.
● Payments using encrypted credit card details: It would make sense to encrypt your credit
card details before sending them out, but even then there are certain factors to consider. One
would be the cost of a credit card transaction itself. Such cost would prohibit low-value payments
(micro payments) by adding costs to the transactions.
● Payments using third-party verification: One solution to security and verification problems is
the introduction of a third party: a company that collects and approves payments from one client
to another. After a certain period of time, one credit card transaction for the total accumulated
amount is completed.

Credit Card Features

 Credit Limit: This is the maximum amount that a consumer can borrow on their credit card.
 Interest Rate: This is the cost of borrowing the money, which is typically expressed as an annual
percentage rate (APR).
 Rewards: Many credit cards offer rewards programs, which allow consumers to earn points, miles,
or cash back for making purchases.
 Annual Fees: Some credit cards charge an annual fee, which is a fee that the consumer must pay
each year to use the card.
 Grace Period: This is the amount of time that the consumer has to pay off the balance without
incurring interest charges.
 Balance Transfer: Some credit cards allow consumers to transfer a balance from another credit
card to their new credit card. This can be useful for consolidating debt or getting a lower interest
rate.

Credit Cards Advantages:

● Convenience: Credit Cards are very convenient in the sense that you don’t need a wad of money
to purchase something .You don’t need to make sure that you have enough money, count it and
then buy it .You don’t need to have enough wealth to buy something .You just need to pull out
your card, swipe it and the thing is yours
● Allows Online Purchases and Sales: Credit Cards have become an essential part of our internet
economy and e-commerce as things can be bought online only through credit cards. It’s not
possible to pay by cash over the Internet so Credit Cards are essential if you buy things online.
● Gives Rewards/Cash Back in some Cases: Credit Cards give rewards for high usage such are
airline tickets and other goods. You generally get some points for each time you use a credit card.
These points are accumulated and in the end you can buy something with those points.
● Free Credit for a Limited Period: Credit Cards have a time period between billing and paying
your bill in which the credit card does not charge you an interest .This interest free period is a
benefit of the credit card as you save on the interest.
● Saves on Not Carrying a Ton of Cash: For big purchase which needs thousands of dollars,
carrying a large amount of cash is dangerous and difficult. For such purchases, Credit Cards are
very useful as for $1 or $100,000 you just need the same old credit card
● Allows a Large Purchase in case of Emergency: Credit Cards allow you to pay for an
emergency when you don’t have enough money. In case of a medical problem where you need to
pay something immediately, a credit card can be very useful.
● Foreign Currency Transactions Ease: Credit Cards can be used in foreign countries without
converting your money into foreign currency. Though this involves some cost, it is more
convenient
● Protection in case of Theft or Loss of Credit Cards: Credit Cards have 24/7 helplines where
you can report the loss or theft of your credit card. This allows the credit card to be blocked so that
someone else cannot use your credit card

Credit Cards Disadvantages:

● High Interest Rates: Credit Cards carry the highest interest rates of all the different types of
loans and mortgages. They also charge you a lot of fines for delaying payments on your credit
cards.
● Debt Traps: Credit Cards are dangerous for people who have less self-control or are shopping
freaks. It allows you to wrack up debt easily as you don’t need to apply for a loan. You can have
multiple credit cards and carry huge debt. You can be stuck in a debt trap if your monthly earnings
can’t cover the interest payments on your credit card debt. Many people get bankrupt and have
their life destroyed through credit cards
● Complex Fines and Fees: Credit Cards have complex fines and fees which makes it very difficult
for a normal person to understand. They have late payments and fines plus they also charge tax.
They can add a variety of fees such as fees for withdrawing cash with your credit card etc.
● Promotes Spending over Saving: Credit Cards make it easy to spend and harder to save. This
proves to be deleterious in the long run
● Credit Card Identity Theft: Credit Card Numbers can easily be stolen by identity theft
fraudsters. Billions of dollars are being lost every year through credit card number theft. It is much
easier to steal credit card information than cash. Online crime thrives on stealing your credit card
details.

Online Credit Card Processing:

In its simplest form, online credit card processing is the method in which you accept customer
payments, via debit/credit cards (such as Visa, MasterCard, Discover and American Express), directly
through your online store. Just as you swipe your card when making a payment at your local gas
station, online shoppers must also “swipe” when purchasing through an ecommerce site. Of course,
the main difference is that there isn’t a physical terminal to facilitate the transaction, which is where
online processing comes into play.

In a larger sense, online credit card processing (often referred to as a having a merchant account) is
the process in which payment transactions take place over the internet. This chain of events requires a
payment gateway and payment processor to help move and share information across the web to
ensure that you, the business owner, quickly and correctly receive customer payments. While the
transaction itself takes only a few seconds, there’s a lot of behind-the-scenes work that comes into
play.

How Online Credit Card Processing Works:

 Customer submits payment information: The customer enters their credit card information on
the checkout page of an online store or website.
 Payment gateway: The payment information is sent to a payment gateway, which is a secure
service that processes the transaction. The payment gateway encrypts the credit card data and
sends it to the acquiring bank.
 Acquiring bank: The acquiring bank is the bank that processes the transaction on behalf of the
merchant. The acquiring bank verifies the credit card information and checks for available funds.
 Issuing bank: The issuing bank is the bank that issued the credit card to the customer. The
issuing bank approves or declines the transaction based on the available funds and fraud detection
measures.
 Authorization: Once the issuing bank approves the transaction, the acquiring bank sends an
authorization code to the payment gateway, which then sends the code back to the online store or
website.
 Settlement: At the end of the day, the acquiring bank settles the transaction by transferring the
funds from the customer's account to the merchant's account.

Benefits of Online Credit Card Processing: There are several benefits of using online credit card
processing for businesses and consumers:

 Convenience: Online credit card processing is convenient for customers because they can make
purchases from anywhere with an internet connection.
 Security: Online credit card processing is generally considered safe and secure because of the
encryption and fraud detection measures used by payment gateways and banks.
 Speed: Online credit card processing is fast because the transaction is completed in real-time, and
the funds are transferred quickly.
 International payments: Online credit card processing makes it easy for businesses to accept
payments from customers all over the world, which can increase sales and revenue.

Drawbacks of Online Credit Card Processing: Despite the many benefits, there are also some
drawbacks to using online credit card processing:

 Fees: Online credit card processing typically comes with fees, including transaction fees and
monthly fees, which can add up over time.
 Chargebacks: Chargebacks occur when a customer disputes a charge, which can result in lost
revenue and added costs for businesses.
 Security risks: Although online credit card processing is generally considered safe and secure,
there is always a risk of fraud and data breaches, which can be costly for businesses and
damaging to their reputation.

Popular Online Credit Card Processors: There are many online credit card processors available,
each with its own features and benefits. Here are some of the most popular online credit card
processors:

 PayPal: PayPal is a popular online payment processor that allows customers to pay with credit
cards, debit cards, and PayPal accounts. PayPal charges transaction fees and offers fraud
protection and dispute resolution services.
 Stripe: Stripe is a payment processing platform that allows businesses to accept payments online
and in-person. Stripe charges transaction fees and offers customizable checkout pages and fraud
prevention tools.
 Authorize.net: Authorize.net is a payment gateway that allows businesses to accept payments
online and in-person. Authorize.net charges transaction fees and offers fraud prevention tools and
recurring billing options.
 Square: Square is a payment processing platform that allows businesses to accept payments
online and in-person. Square charges transaction fees and offers customizable checkout pages and
fraud prevention tools.

Secure E-Payment Process Method:

1. Secure Electronic Transaction (SET):

Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on
the Internet. It was supported initially by Master card, Visa, Microsoft, Netscape, and others. With SET,
a user is given an electronic wallet (digital certificate) and a transaction is conducted and verified
using a combination of digital certificates and digital signatures among the purchaser, a merchant, and
the purchaser's bank in a way that ensures privacy and confidentiality. SET makes use of Netscape's
Secure Sockets Layer (SSL), Microsoft's Secure Transaction Technology (STT), and Terisa System's
Secure Hypertext Transfer Protocol (S-HTTP). SET uses some but not all aspects of a public key
infrastructure.

Here's how SET works:

Assume that a customer has a SET-enabled browser such as Netscape or Microsoft's Internet Explorer
and that the transaction provider (bank, store, etc.) has a SET-enabled server.
The customer opens a Master card or Visa bank account. Any issuer of a credit card is some kind of
bank.
The customer receives a digital certificate. This electronic file functions as a credit card for online
purchases or other transactions. It includes a public key with an expiration date. It has been through a
digital switch to the bank to ensure its validity.
Third-party merchants also receive certificates from the bank. These certificates include the
merchant's public key and the bank's public key.
The customer places an order over a Web page, by phone, or some other means.
The customer's browser receives and confirms from the merchant's certificate that the merchant is
valid.
The browser sends the order information. This message is encrypted with the merchant's public key,
the payment information, which is encrypted with the bank's public key (which can't be read by the
merchant), and information that ensures the payment can only be used with this particular order.
The merchant verifies the customer by checking the digital signature on the customer's certificate.
This may be done by referring the certificate to the bank or to a third-party verifier.

The merchant sends the order message along to the bank. This includes the bank's public key, the
customer's payment information (which the merchant can't decode), and the merchant's certificate.

The bank verifies the merchant and the message. The bank uses the digital signature on the certificate
with the message and verifies the payment part of the message.

The bank digitally signs and sends authorization to the merchant, who can then fill the order.

2. Secure Socket Layer:

Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between
network application clients and servers over an insecure network, such as the internet. Due to
numerous protocol and implementation flaws and vulnerabilities, SSL was deprecated for use on the
internet by the Internet Engineering Task Force (IETF) in 2015 and has been replaced by the Transport
Layer Security (TLS) protocol. While TLS and SSL are not interoperable, TLS is backwards-
compatible with SSL 3.0.

SSL uses a combination of public key and symmetric key encryption to secure a connection between
two machines, typically a web or mail server and a client system, communicating over the internet or
another TCP/IP network. SSL provides a mechanism for encrypting and authenticating data sent
between processes running on a client and server.

SSL runs above the transport layer and the network layer, which are responsible for the transport of
data between processes and the routing of network traffic over a network between client and server,
respectively, and below application layer protocols such as HTTP and the Simple Mail Transport
Protocol. The "sockets" part of the term refers to the sockets method of passing data between a client
and a server program in a network or between processes in the same computer.

Retailing in E-Commerce

Retailing is the sale of goods and services through the internet. Electronic retailing, or e-tailing, can
include business-to-business and business-to-consumer (B2C) sales of products and services, through
subscriptions to website.

E Commerce is growing day by day in both B-to-B and B-to-C context. Retailing industry including
Fashion Retail and Grocery retailing have caught on to the bandwagon and have begun to offer E
trading or Online Shopping. In the early 1990s we saw Companies setting up websites with very little
understanding of E Commerce and Consumer behaviour. E commerce as a model is totally different
from the traditional shopping in all respect. All Companies have fast realized the need to have E
commerce strategy separately but as a part of overall Retail Strategy.

Retail Strategy involves planning for the business growth keeping in view the current market trends,
opportunities as well as threats and building a strategic plan that helps the Company deal with all
these external factors and stay on course to reach its goals. Further the Retail business strategy is
concerned with identifying the markets to be in, building the product portfolio and band width coupled
with brand positioning and the various elements of brand visibility and in store promotions etc.
Business operations are more or less standard and proven models that are adapted as best practices.

Advantages of E-commerce Retailing:

 Increased Market Reach: With e-commerce, retailers can reach a global audience without the
need for a physical store presence. This means that retailers can expand their customer base and
increase sales without the need for expensive real estate and store personnel.
 Reduced Overhead Costs: E-commerce retailers have lower overhead costs compared to
traditional retailers since they don't need to pay rent, utilities, and other expenses associated with
operating a physical store. This means that e-commerce retailers can offer lower prices to their
customers, which can attract more customers and increase sales.
 Greater Convenience: E-commerce retailing offers greater convenience to customers since they
can shop from anywhere, at any time. Customers don't need to worry about store hours, parking,
or crowds, and can shop from the comfort of their own homes. This convenience can lead to
increased customer loyalty and repeat business.
 Improved Customer Insights: E-commerce retailers have access to vast amounts of customer
data that can help them understand customer preferences, behavior, and trends. This data can be
used to personalize the shopping experience, offer targeted promotions, and improve customer
retention.
 Reduced Marketing Costs: E-commerce retailers can reach customers through various digital
marketing channels, such as search engine marketing, social media, and email marketing. These
channels are typically less expensive than traditional marketing channels, such as TV and print
advertising.

Challenges of E-commerce Retailing:

 Security Concerns: E-commerce retailing involves the transmission of sensitive information, such
as credit card numbers and personal data, over the internet. Retailers need to ensure that their
websites are secure and that customer data is protected from theft or fraud.
 Competition: E-commerce retailing is highly competitive, with millions of websites vying for
customers' attention. Retailers need to differentiate themselves from their competitors by offering
unique products, services, or customer experiences.
 Logistics: E-commerce retailers need to ensure that products are delivered to customers in a
timely and cost-effective manner. This requires effective logistics management, including
inventory management, order processing, and shipping.
 Customer Service: E-commerce retailers need to provide excellent customer service to
differentiate themselves from their competitors and build customer loyalty. This includes providing
timely responses to customer inquiries and complaints and offering flexible return policies.

UNIT 6 - SECURITY AND ENCRYPTION

E-commerce security is protection the various e-commerce assets from unauthorized access, its use,
or modification. Security is very important in online shopping sites. Now days, a huge amount is being
purchased on the internet, because it‘s easier and more convenient. Almost anything can be bought
such as music, toys clothing, cars, and food. Even though some of these purchases are illegal we will
be focusing on all the item‘s you can buy legally on the internet.

Security and encryption are essential components of modern-day technology, particularly in the realm
of e-commerce, where sensitive data such as financial information and personal details are exchanged.
Encryption is the process of transforming data to a secret code so that only authorized parties can
read it. Security refers to measures taken to protect data from unauthorized access, theft, or damage.
In this article, we will delve into the details of security and encryption, including their importance in e-
commerce, encryption algorithms, and the types of security measures used in e-commerce.

PURPOSE OF SECURITY

 Data Confidentiality – is provided by encryption / decryption.

 Authentication and Identification – ensuring that someone is who he or she claims to be is
implemented with digital signatures.
 Access Control – governs what resources a user may access on the system. Uses valid IDs and
passwords.
 Data Integrity – ensures info has not been tampered with. Is implemented by message digest
or hashing.
 Non-repudiation – not to deny a sale or purchase. Implemented with digital signatures.
Importance of Security and Encryption in E-Commerce:

E-commerce has transformed the way business is conducted, enabling people to buy and sell goods
and services online. However, the transfer of sensitive information, such as credit card details and
personal information has created opportunities for fraudsters and hackers to exploit. Security and
encryption are critical components of e-commerce, as they help protect customers' information from
theft, fraud, and unauthorized access.

Encryption Algorithms: Encryption algorithms are mathematical formulas used to encrypt and
decrypt data. There are several types of encryption algorithms, including symmetric encryption,
asymmetric encryption, and hashing algorithms.

Symmetric Encryption: Symmetric encryption, also known as secret-key encryption, is a method of

encryption that uses the same key to encrypt and decrypt data. The key is a shared secret between
the sender and the receiver. When the sender encrypts the data, the same key is used to decrypt it.
Examples of symmetric encryption algorithms include Data Encryption Standard (DES), Advanced
Encryption Standard (AES), and Blowfish.

Asymmetric Encryption: Asymmetric encryption, also known as public-key encryption, is a method

of encryption that uses two different keys - a public key and a private key. The public key is available
to everyone, while the private key is kept secret by the owner. When a sender wants to send
encrypted data to a receiver, they encrypt the data using the receiver's public key. The receiver then
decrypts the data using their private key. Examples of asymmetric encryption algorithms include
Rivest-Shamir-Adleman (RSA), Digital Signature Algorithm (DSA), and Elliptic Curve Cryptography
(ECC).

Hashing Algorithms: Hashing algorithms are used to convert data of arbitrary length to a fixed
length. This process is irreversible, meaning that it is impossible to convert the fixed-length output
back to the original data. Hashing algorithms are commonly used to store passwords, as they provide
a secure way to store passwords without storing the actual password. Examples of hashing algorithms
include MD5, SHA-1, and SHA-256.

E-commerce Security Threats

E-commerce has become an integral part of the modern business world. As the world becomes more
digitized, e-commerce transactions have increased in volume, and so have the threats to the security
of these transactions. E-commerce security threats refer to the risks and vulnerabilities that e-
commerce businesses face that could result in the loss or theft of confidential data, intellectual
property, customer information, and financial assets. These threats could lead to significant financial
loss, damage to a company's reputation, and legal liabilities.

There are various types of e-commerce security threats, including:

Malware: Malware refers to malicious software, including viruses, worms, Trojans, and ransomware.
These programs can infect e-commerce websites, causing damage to systems, stealing sensitive data,
and compromising customer data.

Phishing: Phishing is a type of cyber-attack that involves the use of fake websites or emails that
mimic legitimate sites or businesses. The goal of these attacks is to trick users into providing sensitive
information, such as login credentials, credit card information, or personal details.
SQL injection: SQL injection is a type of attack that targets web applications. It involves injecting
malicious code into the SQL queries used by the web application, which can result in unauthorized
access to sensitive data.

Man-in-the-middle (MITM) attacks: MITM attacks occur when a third party intercepts
communications between two parties, allowing the attacker to eavesdrop on and potentially alter the
communication.

Denial-of-service (DoS) attacks: DoS attacks occur when an attacker floods a website or network
with traffic, overwhelming the system and causing it to crash or become unavailable.

To protect against these threats, e-commerce businesses need to implement comprehensive security
measures, including:

 Secure sockets layer (SSL) encryption: SSL encryption ensures that all communication
between the user's browser and the e-commerce website is encrypted and secure.
 Firewalls: Firewalls are software or hardware devices that monitor and block unauthorized access
to a company's network.
 Intrusion detection and prevention systems (IDPS): IDPS systems monitor network traffic for
signs of suspicious activity and can automatically block or quarantine potential threats.
 Two-factor authentication: Two-factor authentication adds an additional layer of security to
login credentials, requiring users to provide two forms of authentication, such as a password and a
unique code sent to their mobile device.
 Regular security audits and testing: Regular security audits and testing can help identify
vulnerabilities and ensure that security measures are up to date and effective.

Fundamentals of Symmetric and Public Key Cryptography

Cryptography - Cryptography is a method of using advanced mathematical principles in storing and

transmitting data in a particular form so that only those whom it is intended can read and process it.
Encryption is a key concept in cryptography – It is a process whereby a message is encoded in a
format that cannot be read or understood by an eavesdropper. The technique is old and was first used
by Caesar to encrypt his messages using Caesar cipher. A plain text from a user can be encrypted to a
ciphertext, then send through a communication channel and no eavesdropper can interfere with the
plain text. When it reaches the receiver end, the ciphertext is decrypted to the original plain text.

Cryptography Terms

 Encryption: It is the process of locking up information using cryptography. Information that has
been locked this way is encrypted.
 Decryption: The process of unlocking the encrypted information using cryptographic techniques.
 Key: A secret like a password used to encrypt and decrypt information. There are a few different
types of keys used in cryptography.
 Steganography: It is actually the science of hiding information from people who would snoop on
you. The difference between steganography and encryption is that the would-be snoopers may not
be able to tell there’s any hidden information in the first place.

What is Encryption?

Encryption is the procedure of encoding data in cryptography. This procedure turns plaintext, or the
original representation of the data, into cipher text or an alternate representation of the data. Only
authorized parties should be able to decrypt a cipher text back to plaintext and access the original
data. Encryption does not prevent interference in and of itself, but it does hinder a would-be
interceptor from understanding the information.
An encryption system generally employs a pseudo-random encryption key produced by an algorithm
for technical reasons. Although it is possible to decode a message without knowing the key, a well-
designed encryption system requires significant computational resources and skills are required. An
authorized recipient can easily decrypt the message with the key provided by the originator to
recipients but not to unauthorized users.

 Encrypted data typically appears as a long string of random letters and numbers.
 Once the information has been encrypted, the only way to decrypt it and make it readable again is
to use the correct encryption key. Encryption is necessary for the secure transmission and storage
of sensitive data.
 Stream ciphers encrypt data one bit or byte at a time, making them ideal for real-time
communications. Before encrypting data, block ciphers divide it into larger chunks, usually 64 bits.

What is Decryption?

Decryption is the procedure of restoring encrypted data to its original state. In most cases, it's the
reverse mechanism of the encryption process. Because decryption needs a secret key or password, it
decodes the encrypted information so that only an authorized user may decrypt the data.

As information flows across the Internet, it becomes vulnerable to unauthorized persons or groups
scrutinizing and accessing it. As a consequence, data is encrypted in order to prevent data theft and
loss. Email communications, text files, pictures, user data, and directories are just a few of the objects
that are commonly encrypted. The person in charge of decryption receives a popup or window asking
for a password to access the encrypted data.

What is Symmetric Encryption?

 This is the simplest kind of encryption that involves only one secret key to cipher and decipher
information. Symmetric encryption is an old and best-known technique. It uses a secret key that
can either be a number, a word or a string of random letters.
 It is a blended with the plain text of a message to change the content in a particular way. The
sender and the recipient should know the secret key that is used to encrypt and decrypt all the
messages. Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption. The
most widely used symmetric algorithm is AES-128, AES-192, and AES-256.
 The main disadvantage of the symmetric key encryption is that all parties involved have to
exchange the key used to encrypt the data before they can decrypt it.
 Symmetric encryption is a type of encryption where the same key is used for both encrypting and
decrypting data. In this approach, the sender and the receiver both use the same secret key to
encrypt and decrypt the message.
 The encryption process in symmetric encryption involves scrambling the plaintext message with a
secret key to produce the ciphertext. The decryption process involves using the same secret key to
unscramble the ciphertext back into the original plaintext.

Symmetric encryption algorithms use various techniques to generate keys, such as the Advanced
Encryption Standard (AES), Data Encryption Standard (DES), and the Rivest–Shamir–Adleman (RSA)
algorithm. The key size used in symmetric encryption plays an important role in determining the
strength of the encryption. Generally, the longer the key size, the more secure the encryption is.

One of the major advantages of symmetric encryption is its speed and efficiency in encrypting and
decrypting data. It is also widely used in various applications such as online banking, e-commerce, and
secure messaging systems.

However, symmetric encryption also has some drawbacks. One of the main challenges is securely
sharing the secret key between the sender and the receiver without a third party intercepting it. This is
known as the key distribution problem. Another disadvantage is that if the key is compromised, all the
encrypted messages using that key can be decrypted.

Overall, symmetric encryption is an important aspect of modern-day cryptography and is widely used
to secure various forms of electronic communication.

Why is Symmetric Key Cryptography Called Private Key Cryptography?

With the entire architecture of Symmetric Cryptography depending on the single key being used, you
can understand why it’s of paramount importance to keep the key secret on all occasions. If the sender
somehow transmits the secret key along with the ciphertext, anyone can intercept the package and
access the information. Consequently, this encryption category is termed private key cryptography,
since a big part of the data’s integrity is riding on the promise that the users can keep the keys secret.

Provided you manage to keep the keys secret, you still have to choose what kind of ciphers you want
to use to encrypt the information.

What is Asymmetric Encryption?

 Asymmetric encryption, also known as public-key cryptography, is a type of encryption where

two different but mathematically related keys are used for encrypting and decrypting data. In this
approach, one key is kept private and is known only to the owner, while the other key is shared
publicly.

Public Key Encryption: Asymmetric is a form of Cryptosystem in which encryption and decryption are
performed using different keys-Public key (known to everyone) and Private Key (Secret key). This is
known as Public Key Encryption.

 The public key is used to encrypt the message, while the private key is used to decrypt the
message. The recipient of the message uses their private key to decrypt the message, which was
encrypted using the sender's public key.
 Asymmetric encryption algorithms use various techniques to generate keys, such as the Rivest–
Shamir–Adleman (RSA) algorithm and the Elliptic Curve Cryptography (ECC) algorithm. The key
size used in asymmetric encryption also plays an important role in determining the strength of the
encryption.
 One of the main advantages of asymmetric encryption is that it solves the key distribution problem
of symmetric encryption. As only the public key is shared, the private key can be kept securely by
the owner. This makes it suitable for secure communication over insecure networks.
 Asymmetric encryption also allows for the creation of digital signatures, which can be used to
verify the authenticity of a message or document. This is achieved by the sender signing the
message with their private key, which can then be verified using their public key.

However, asymmetric encryption is slower and less efficient than symmetric encryption due to its
complex mathematical operations. It is also more computationally expensive and requires more
processing power.

Overall, asymmetric encryption is an important aspect of modern-day cryptography and is widely used
in various applications such as secure email communication, digital signatures, and secure online
transactions.

 Asymmetric encryption is also known as public key cryptography, which is a relatively new
method, compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a
plain text. Secret keys are exchanged over the Internet or a large network. It ensures that
malicious persons do not misuse the keys. It is important to note that anyone with a secret key can
decrypt the message and this is why asymmetric encryption uses two related keys to boosting
security. A public key is made freely available to anyone who might want to send you a message.
The second private key is kept a secret so that you can only know.
 A message that is encrypted using a public key can only be decrypted using a private key, while
also, a message encrypted using a private key can be decrypted using a public key. Security of the
public key is not required because it is publicly available and can be passed over the internet.
Asymmetric key has a far better power in ensuring the security of information transmitted during
communication.

Asymmetric encryption is mostly used in day-to-day communication channels, especially over the
Internet. Popular asymmetric key encryption algorithm includes EIGamal, RSA, DSA, Elliptic curve
techniques, PKCS.

Advantage of public key over private key cryptography

1. Key Distribution: Public key cryptography eliminates the need for secure key distribution
channels. In private key cryptography, both the sender and receiver must possess and exchange
the same private key in advance, which can be a logistical challenge. With public key
 cryptography, each user has a pair of keys: a public key and a private key. Users freely distribute
their public keys, while keeping their private keys secret. This enables secure communication
without the need for prior key exchange.
2. Confidentiality and Integrity: Public key cryptography provides confidentiality and integrity for
data transmission. The public key is used for encryption, and the private key is used for
decryption. This means that even if an attacker intercepts the encrypted data and has access to
the public key, they cannot decrypt it without the corresponding private key. Additionally, public
key cryptography can provide digital signatures, which ensure that the data has not been
tampered with during transmission.
3. Scalability: Public key cryptography is highly scalable compared to private key cryptography. In
private key cryptography, the number of keys required grows exponentially with the number of
users. Each pair of communicating users needs a unique private key for secure communication. In
contrast, public key cryptography allows an unlimited number of users to securely communicate
using their respective public and private key pairs. The overhead of managing and distributing
keys is significantly reduced.
4. Non-Repudiation: Public key cryptography enables non-repudiation, meaning that the sender of
a message cannot later deny sending it. Digital signatures, created using the sender's private key,
can verify the authenticity of the message and its origin. This is crucial for applications such as
digital contracts, financial transactions, and legal agreements.
5. Secure Key Storage: In private key cryptography, the security of the system relies on the secure
storage and management of the private key. If the private key is compromised, all encrypted
communication using that key becomes vulnerable. Public key cryptography mitigates this risk
because only the private key needs to be kept secret. The public key can be shared widely without
compromising the security of the system.

Digital Signature:

 A digital signature (not to be confused with a digital certificate) is a mathematical technique used
to validate the authenticity and integrity of a message, software or digital document. The digital
equivalent of a handwritten signature or stamped seal, but offering far more inherent security, a
digital signature is intended to solve the problem of tampering and impersonation in digital
communications. Digital signatures can provide the added assurances of evidence to origin,
identity and status of an electronic document, transaction or message, as well as acknowledging
informed consent by the signer.

In many countries, including the United States, digital signatures have the same legal significance as
the more traditional forms of signed documents. The United States Government Printing Office
publishes electronic versions of the budget, public and private laws, and congressional bills with digital
signatures.

Digital signatures use a combination of public-key cryptography and hashing to create a unique
signature that can be attached to an electronic document or message. The process typically involves
the following steps:

 The sender creates a message and uses a hashing algorithm to generate a fixed-length digital
fingerprint of the message.
 The sender then encrypts the digital fingerprint with their private key, creating a digital signature.
 The encrypted digital signature is attached to the original message and sent to the recipient.
 The recipient receives the message and extracts the digital signature.
 The recipient uses the sender's public key to decrypt the digital signature and obtain the original
digital fingerprint.
 The recipient generates a new digital fingerprint of the received message using the same hashing
algorithm as the sender.
 The recipient compares the two digital fingerprints to ensure that they match. If they match, the
recipient can be sure that the message has not been tampered with and that the sender is who
they claim to be.
Digital signatures are widely used in e-commerce, online banking, and other digital transactions where
security and authenticity are critical. They can be used to sign and encrypt emails, contracts, software
updates, and other electronic documents and messages.

For example, suppose a customer wants to purchase a product from an online store. The customer
completes the purchase process and receives a confirmation email from the store. The email contains
a digital signature that verifies the identity of the store, confirms that the email has not been altered in
transit, and ensures that the store cannot deny sending the email. The customer can be confident that
the email is authentic and that the purchase has been successfully completed.

Overall, digital signatures are an essential tool for ensuring the security and integrity of electronic
communications and transactions. They provide a powerful mechanism for verifying identity, ensuring
authenticity, and preventing fraud.

Most modern email programs support the use of digital signatures and digital certificates, making it
easy to sign any outgoing emails and validate digitally signed incoming messages. Digital signatures
are also used extensively to provide proof of authenticity, data integrity and non-repudiation of
communications and transactions conducted over the Internet.

Advantages:

● Digital being added to almost anything makes it a lot faster than the non-digital version of that
thing. Similarly a digital signature can be used to send documents a lot faster, almost
instantaneously, as the documents can now be sent via mail and do not need to be delivered in
person or via courier.
● Also an added advantage would be the decreased cost of sending the documents as the digital
signatures are comparatively a lot less expensive than any courier service charge for sending
documents.
● Not only this, a document sent via courier or in person could be tampered with on the way but
when sent using a digital signature it gets encrypted in such a way that any kind of tampering with
the document is not possible.
● Further, a document which is digitally signed can effortlessly tracked and located in few minutes.
● Nobody else can fake your digital signature or present an electronic file incorrectly claiming it was
signed by you.
● The documents containing digital signatures are in no way different form documents containing a
pen on paper signature as they would even stand in court when produced because a digital
signature cannot be copied and also contains a date and time stamp.

Digital certificate and Authority:

A digital certificate is an electronic "passport" that allows a person, computer or organization to

exchange information securely over the Internet using the public key infrastructure (PKI). A digital
certificate may also be referred to as a public key certificate.

Just like a passport, a digital certificate provides identifying information is forgery resistant and can be
verified because it was issued by an official, trusted agency. The certificate contains the name of the
certificate holder, a serial number, expiration dates, a copy of the certificate holder's public key (used
for encrypting messages and digital signatures) and the digital signature of the certificate-issuing
authority (CA) so that a recipient can verify that the certificate is real.

To provide evidence that a certificate is genuine and valid, it is digitally signed by a root certificate
belonging to a trusted certificate authority. Operating systems and browsers maintain lists of trusted
CA root certificates so they can easily verify certificates that the CAs have issued and signed. When
PKI is deployed internally, digital certificates can be self-signed.

The main purpose of a Digital Certificate (SSL/TLS Certificate) is to encrypt the communication
between the browser and server. If there is a breach or cyber-attack on the website, the Digital
Certificate encrypts the browser-server communication so the attackers cannot see the information
shared in-between and it remains private and secured.

How Digital Certificates and Authorities Work

Digital certificates and authorities use a combination of public key cryptography and digital signatures
to ensure the security and authenticity of online communications and transactions.

When an entity wants to obtain a digital certificate, it generates a public-private key pair. The public
key is then included in the certificate, along with other information such as the name of the entity and
the name of the issuing authority. The certificate is then signed by the issuing authority using its
private key.

When a user wants to verify the identity of an entity, it requests the entity's digital certificate. The
certificate is then sent to the user along with a digital signature that guarantees the integrity of the
information contained in the certificate. The user then verifies the digital signature using the public
key of the issuing authority. If the signature is valid, the user can be sure that the certificate is
authentic and that the identity of the entity has been verified by a trusted third party.

Types of Digital Certificates:

● Secure Socket Layer: Secure Socket Layer [SSL] server Certificates are installed on a server.
This can be a server that hosts a website like www.digi-sign.com, a mail server, a directory or LDAP
server, or any other type of server that needs to be authenticated, or that wants to send and
receive encrypted data. To automate the entire life cycle of your SSL environment, see the
Automated & Authenticated Certificate Delivery™ System.
● Code Signing Certificate: Code Signing Certificates are used to sign software or programmed
code that is downloaded over the Internet. It is the digital equivalent of the shrink-wrap or
hologram seal used in the real world to authenticate software and assure the user it is genuine and
actually comes from the software publisher that it claims.
● Client Certificate: Client Certificates or Digital IDs are used to identify one person to another, a
person to a device or gateway or one device to another device. Client Certificates are issued in
their thousands and millions each year and would be the principle reason for purchasing a CA.

Two people communicating by email will used a client certificate to authenticate or digitally sign their
respective communications. This Signature will assure each person that the email is genuine and
comes from the other person.

A person that is given access to a secure online service like a database, an extranet or intranet will be
authenticated to the gateway or entry point using a Client Certificate. This type of strong two factor
authentication replaces less secure usernames and passwords currently in use on many websites.

If two routers or a Virtual Private Network [VPN] connection needs to authenticate each other, a Client
Certificate can be used and exchanged to prove the connection is trusted. This type of client
authentication occurs deep within the application and is not usually visible to the end user. This type of
device-to-device authentication often uses a particular IPSec Client Certificate.

Certificate Authority (CA):

A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used
to cryptographically link an entity with a public key. Certificate authorities are a critical part of the
internet's public key infrastructure (PKI) because they issue the Secure Sockets Layer (SSL) certificates
that web browsers use to authenticate content sent from web servers.

All major web browsers use web servers' SSL certificates to maintain trust in content delivered online;
they all must trust the certificate authorities to issue certificates reliably. SSL certificates are used with
the Transport Layer Security (TLS) protocol to encrypt and authenticate data streams for the HTTPS
protocol and are sometimes referred to as SSL/TLS certificates or, simply, TLS certificates.

Digital certificates contain data about the entity that issued the certificate along with
cryptographic data that can be used to verify the identity of the entity linked to the digital certificate.
Typically, a digital certificate will contain information about the entity to which it has been issued,
including the entity's public key and expiration date for the certificate as well the entity's name,
contact information and other information linked to the certified entity.

Web servers transmit this information when a web browser initiates a secure connection over HTTPS;
the certificate is sent to the web browser, which authenticates the certificate against its own root
certificate store. The major browser companies -- Microsoft, Google, Apple and Mozilla -- each maintain
their own web browser root certificate stores, in which they post the root certificates of the certificate
authorities the publisher has decided their browser will trust. An entity or person who needs a digital
certificate can request one from a certificate authority; once the certificate authority verifies the
applicant's identity, it generates a digital certificate for the applicant and digitally signs that certificate
with the certificate authority's private key. The digital certificate can then be authenticated (for
example, by a web browser) using the certificate authority's public key.

The certificate authority's root certificate should never be used directly for signing digital certificates,
but rather is used to generate intermediate certificates as needed; different intermediate certificates
are generated for different purposes. For example, a CA provider may use an intermediate certificate
to sign all digital certificates generated for different levels of trust, or a separate intermediate
certificate to be used for all digital certificates generated for a particular customer organization.

Certificate authorities may accept requests from applicants directly, though they often delegate the
task of authenticating applicants to registration authorities (RAs). A registration authority is often used
for marketing and customer support: The RA collects and authenticates digital certificate requests, and
then submits those requests to the certificate authority, which then issues the certificate to be passed
through the RA to the applicant.

Uses of a certificate authority

The best-known use of certificate authorities is for issuing SSL certificates to entities that publish
content on the web. Certificate authorities issue three levels of SSL certificate, corresponding to
different levels of trust in those certificates. Certificates with higher levels of trust usually cost more
because they require more work on the part of the certificate authority.

The three different levels of trusted certificates include:

● Extended Validation (EV) - Certificates provide the highest level of assurance that the
certificate authority has validated the entity requesting the certificate. The Certification Authority
Browser Forum (CA/Browser Forum) spells out detailed requirements for the process that
certificate authorities must apply when verifying information provided by the applicant for an EV
certificate. For example, an individual requesting an EV certificate must be validated through face-
to-face interaction with the applicant as well as review of a personal statement, one primary form
of identification such as passport, driver's license or military ID, as well as two secondary forms of
identification.
● Organization Validated (OV) - Certificates provide the next highest level of assurance.
Certificate authorities generally perform some level of vetting of the applicants, which may include
telephone verification as well as use of external or third parties to confirm information submitted
by the applicant. OV certificates can be issued if the applicant can demonstrate that it holds
administrative control of the domain name for which the certificate is requested and that the
organization can be shown to exist as a legal entity.
● Domain Validated (DV) - Certificates require only that the applicant demonstrate ownership of
the domain for which the certificate is being requested. DV certificates can be acquired almost
instantly and at a low -- or no -- cost. For example, Let's Encrypt is a free service that can be used
to get SSL certificates at no cost.

In addition to SSL certificates linked to domain names and issued for authenticating and encrypting
data sent to and from websites, certificate authorities issue other types of digital certificate for
different purposes including:

● Code signing certificates are used by software publishers and developers to sign their software
distributions. End users can then use them to authenticate and validate software downloads from
the vendor or developer.
● Email certificates enable entities to sign, encrypt and authenticate email using the S/MIME (Secure
Multipurpose Internet Mail Extension) protocol for secure email attachments.
● Device certificates can be issued to internet of things devices to enable secure administration and
authentication of software or firmware updates.
● Object certificates can be used to sign and authenticate any type of software object.
● User or client certificates are used by individuals for various authentication purposes, and are
sometimes known as signature verification certificates.

How a certificate authority works?

While there is no technical obstacle preventing an individual or organization from creating their own
certificate authority, publicly trusted certificate authorities usually participate in the CA/Browser
Forum, sometimes called the CA/B Forum, which is the industry group governing how certificate
authorities work with web browsers. Most members of the group are either certificate authorities or
web browser vendors, but certificate consumer organizations also participate.The CA/Browser Forum
maintains guidelines for all aspects of the creation, distribution and use of digital certificates in the
web, including policies for certificate expiration and certificate revocation.

Certificate authority activities start with a root certificate, which is used as the ultimate basis for trust
in all certificates issued by the authority. The root certificate, along with the private key associated
with that certificate, is usually treated with the highest level of security and is usually stored offline in
a protected facility and may be stored on a device that is unpowered except when the certificate is
needed.

The certificate authority will use that root certificate to create intermediate certificates, which are the
certificates used to sign the digital certificates issued by the authority. This allows the public to trust
the issued certificates, while at the same time protecting the root in instances where an intermediate
certificate expires or is revoked.

Intermediate certificates may also be used for issuing digital certificates through registration
authorities, entities to which a certificate authority may delegate some or all of the requirements to
authenticate the organization and domain identity for an entity seeking a certificate. According to
CA/Browser Forum rules, the certificate authority must contractually require the registration authority
to comply and document their compliance with CA/Browser Forum rules. In addition, the certificate
authority is required to limit the registration authority to registering certificates within the domain
namespace assigned to the RA.

Failure to police its registration authorities was one of the behaviors cited against Symantec's
certificate authority operations, which ultimately led the company to divest responsibility for that
business to DigiCert in 2017.

Certificate authorities themselves are also subject to extensive rules requiring operational audits, and
infractions can bring down additional required audits and other consequences for any infractions or
activities which might undermine trust in their operations. Prior to Symantec's divestiture of its CA
operations, the CA/Browser Forum had called for a number of different consequences which Symantec
failed to complete satisfactorily.

CHAPTER 7 - MARKETING AND ADVERTISEMENT

 Marketing is the activity, set of institutions, and processes for creating,
communicating, delivering, and exchanging offerings that have value for customers,
clients, partners, and society at large. The heart of your business success lies in its
marketing.
 Most aspects of your business depend on successful marketing. The overall marketing umbrella
covers advertising, public relations, promotions and sales. Marketing is a process by which a
product or service is introduced and promoted to potential customers. Without marketing, your
business may offer the best products or services in your industry, but none of your potential
customers would know about it. Without marketing, sales may crash and companies may have to
close.

Advertising is a means of communication with the users of a product or service.

Advertisements are messages paid for by those who send them and are intended to inform or
influence people who receive them. Advertising is always present, though people may not be aware of
it. In today's world, advertising uses every possible media to get its message through. It does this via
television, print (newspapers, magazines, journals etc.), radio, press, internet, direct selling, hoardings,
mailers, contests, sponsorships, posters, clothes, events, colors, sounds, visuals and even people
(endorsements).

There are various strategies and techniques used in marketing and advertising in e-commerce. In this
article, we will explore some of the most effective and popular ones.

Search Engine Optimization (SEO): SEO is the process of optimizing a website to rank higher in
search engine results pages (SERPs). Higher rankings lead to increased visibility and traffic to a
website, which can result in more sales. SEO involves various techniques such as keyword research,
on-page optimization, link building, and content creation.

Pay-Per-Click Advertising (PPC): PPC advertising is a form of online advertising where businesses
pay for every click on their ad. It involves bidding on keywords related to their products or services and
creating ads that appear in search engine results or other websites. PPC ads can generate immediate
traffic and sales to a website.

Social Media Marketing: Social media marketing involves using social media platforms such as
Facebook, Twitter, and Instagram to promote a business's products or services.

Email Marketing: Email marketing is a form of direct marketing that involves sending promotional
messages to a targeted list of email subscribers. Email marketing can be used to promote sales, new
products or services, and other promotions. It is an effective way to stay in touch with customers and
build loyalty.

Content Marketing: Content marketing involves creating and sharing valuable content that is
designed to attract and retain customers. This can include blog posts, videos, infographics, and other
types of content that are relevant and useful to a target audience.

Influencer Marketing: Influencer marketing involves partnering with influential people in a particular
industry or niche to promote a business's products or services. Influencer marketing can be an
effective way to reach a highly engaged audience and generate sales.

Affiliate Marketing: Affiliate marketing involves partnering with other businesses or individuals to
promote a business's products or services. Affiliates are typically paid a commission for every sale they
generate. Affiliate marketing can be an effective way to reach a larger audience and generate sales.

How to be found and to find in the Internet?

Most search engine results pages (SERP's) offer several types of results or listings. We'll focus on the
three most prominent types of listings, referred to as ‘organic,’ ‘premium or paid,’ and ‘local.'

● Organic results are the unpaid listings of all the various websites out there, relevant to the word
or phrase that was searched. These are the most valuable, and most difficult to acquire listings. If
you want to appear here for highly searched terms, it takes time and resources.
● Premium results or Paid results are advertisements that are being presented based on the
searched for words and terms. Appearing in these results is easy, doing so profitably... less easy.
● Local results are listings for businesses and organizations based on a combination of search
terms and geography. This is a place where businesses can appear without the same expenditure
of time and money as normal ‘organic’ listings, and sometimes with even greater reward.

On-Page Tactics - Think of this as things to do on your own website:

● Make sure that your site is laid-out well, and doesn’t contain any of these cardinal sins of web
design.
● Use Keyword rich page titles and meta-titles, which are descriptive of your business. For example,
if your business is a tennis club that offers children’s programs and adult programs; use titles like
“Kids Tennis” rather than “Kids Program.” For adults “Tennis Lessons” as a page title instead of
just “Lessons.” You want to make sure that the search engine bots can easily identify what your
site is about.
● Use keyword rich meta-descriptions, and make sure the descriptions don’t waste valuable
characters repeating your company’s name.
● Write descriptions so that they will help your search engine conversion or “click-through rate.”
Meta-descriptions are what normally appear along with search results to describe your business.
Don’t just stuff keywords in there, that won’t get the job done.
● Complete your site meta-keyword tags too; no matter what anyone tells you about search engines
ignoring them (even Google themselves).
● Use short but search friendly urls that include essential keywords.
● Create a sitemap of your site, on your site, and submit it to the major search engines.
● Make sure there is “alt-text’ associated to your images, especially images that have important
words contained within them. The Search crawlers aren’t reading words that are inside of images
on your site.
● Install Google Analytics, and look at where your traffic comes from. Use this information to adjust
your future online marketing tactics.

Off-Page Tactics - Things to do BESIDES what you do on your own website:

Google says they ‘pay attention’ to their own properties, like Google+, YouTube, etc. and any
experienced SEO can attest to this, check out the Google Local Search results to the right, notice any
common theme? Google is probably the most important place for your business to rank well, and if you
rank well on Google, you will rank well on Bing, Yahoo and other search engines quickly. I’ve heard of
SEO’s that don’t believe in using any Google tools. Unless you are doing serious ‘Black-Hat SEO’ you
should be absolutely using Google’s tools.

● Claim your business listing with Google, and make sure you’ve filled out your “Google Places”
profile with all the applicable and relevant info. Include pictures, select all relevant
Places-“Categories” This is key to appearing in Google Local Results.
● Use social media, and have it point to helpful useful information on your website whenever
possible.
● Include a G+ profile and make updates there too, for the above reasons, even if you don’t see the
same engagement in G+ that you may get from Facebook, Twitter or LinkedIn.

How to find information in the internet?

Most information is found on the Internet by utilizing search engines. A search engine is a web service
that uses web robots to query millions of pages on the Internet and creates an index of those web
pages. Internet users can then use these services to find information on the Internet. When searching
for information on the Internet, keep the below things in mind.

● Surround searches in quotes: If you are searching for multiple common words, such as
computer and help, it is a good idea to place quotes around the full search to get better results.
For example, type "computer help" as your search criteria. This trick can also be used in parts of
your search query.
● Be aware of stop words: Many search engines will strip out common words they refer to as stop
words for each search that is performed. For example, instead of searching for why does my
computer not boot, the search engine would search for computer and boot. To help prevent these
stop words from being stripped out, surround the search with quotes.
● Familiarize yourself with Booleans: Many search engines allow Booleans, which can help filter
out bad results. Although common Booleans include "and", "or", and "not", most search engines
have replaced these keywords with symbols. For example, to find computer help without results
containing Linux, you would type computer help -linux. The "-linux" tells the search engine to
exclude any results containing the word Linux.
● Know what features are available: Many search engines allow for additional syntax to help
limit your search strings. For example, Google enables users to search for links to a particular page
by typing "link:" and other keywords at the beginning of the search query.
● Try alternative search engines: Finally, if you continue not to find what you are looking for, try
a different search engine. A listing of search engines can be found on our Internet search engine
page.

Internet Marketing
Internet marketing, also known as online marketing or digital marketing, refers to the promotion of
products, services, or brands using various online channels and strategies. It leverages the power of
the internet to reach and engage with a targeted audience, build brand awareness, drive website
traffic, generate leads, and ultimately convert those leads into customers.

Component of Internet Marketing:

● Website: The website is one of the most significant components of digital marketing as without it
nobody can conduct online business and will not have any online identity at all.
● Content: “Content is the King” and it is one of the key components of digital marketing. Popular
search engines also favor sites with quality content.
● Search Engine Optimization (SEO): Search engine optimization is concerned with enhancing
the website visibility in organic (non-paid) search engine results. It covers both the creative and
technical elements necessary to escalate rankings, drive traffic, and boost recognition in popular
search engines.
● Search Engine Marketing (SEM): Search engine marketing involves promoting and marketing a
business or brand using paid advertisements, which is displayed on search engine results pages
(or SERPs). One has to make payments to Google to display their ads in the search results.
● Email Marketing: A robust email marketing strategy adds value and strength to one’s digital
marketing campaign. Through the use of email facility, a wider spectrum of targeted masses can
be informed about the availability of your products/services.
● Social Media Marketing: Social media websites are accessed by millions globally and it creates
ample opportunities to drive sales, leads and produce dedicated brand advocates. All these plays
in favor of bringing noteworthy success to one’s business through social media digital marketing.

Seven stages of Internet Marketing:

 Setting Corporate and Business-Unit Strategy - Corporate strategy addresses the

interrelationship between the various business units in a firm, including decisions about which
units should be kept, sold, or augmented. Business-unit strategy focuses on how a particular unit
in the company attacks a market to gain competitive advantage.

● Framing the Market Opportunity - Stage two entails the analysis of market opportunities and
an initial first pass of the business concept—that is, collecting sufficient online and offline data to
establish the burden of proof of opportunity assessment.
● Formulating the Marketing Strategy - Internet marketing strategy is based upon corporate,
business-unit, and overall marketing strategies of the firm. The marketing strategy goals,
resources, and sequencing of actions must be tightly aligned with the business-unit strategy.
Finally, the overall marketing strategy comprises both offline and online marketing activities.
● Designing the Customer Experience - Firms must understand the type of customer experience
that needs to be delivered to meet the market opportunity. The experience should correlate with
the firm’s positioning and marketing strategy. Thus, the design of the customer experience
constitutes a bridge between the high-level marketing strategy (step three) and the marketing
program tactics (step five).
● Designing the Marketing Program - Stage five entails designing a particular combination of
marketing actions (termed levers) to move target customers from awareness to commitment. The
framework used to accomplish this task is the Marketspace Matrix. The Internet marketer has six
classes of levers (e.g., pricing, community) that can be used to create target customer awareness,
exploration, and commitment to the firm’s offering.
● Crafting the Customer Interface - The Internet has shifted the locus of the exchange from the
Marketplace (i.e., face-to-face interaction) to the Marketspace (i.e., screen-to-face interaction). The
key difference is that the nature of the exchange relationship is now mediated by a technology
interface. This interface can be a desktop PC, subnotebook, personal digital assistant, mobile
phone, wireless applications protocol (WAP) device, or other Internet-enabled appliance.
● Evaluating the Marketing Program - This last stage involves the evaluation of the overall
Internet marketing program. This includes a balanced focus on both customer and financial
metrics. It emphasizes customer actions as well as financial metrics used to track the success of
marketing programs.

Personalization:

On a Web site, personalization is the process of tailoring pages to individual users' characteristics or
preferences.

Commonly used to enhance customer service or e-commerce sales, personalization is sometimes

referred to as one-to-one marketing, because the enterprise's Web page is tailored to specifically
target each individual consumer. Personalization is a means of meeting the customer's needs more
effectively and efficiently, making interactions faster and easier and, consequently, increasing
customer satisfaction and the likelihood of repeat visits. There are a number of personalization
software products available, including those from Broadvision, ResponseLogic, and Autonomy.

Personalization in some ways harkens back to an earlier day, by making consumer relationships more
closely tailored to the individual. If you've ever bought a book from Amazon, for example, the next
time you visit they will - like a friendly and helpful sales clerk - greet you by name and tell you about
products in stock that they think you might like (such as more books by the same author, or books
purchased by other people who also bought the book that you purchased). Many portal sites, such as
Yahoo allow site visitors to customize the page with selected news categories, local weather reports,
and other features.

In addition to use of the cookie, the technologies behind personalization include:

● Collaborative filtering, in which a filter is applied to information from different sites to select
relevant data that may apply to the specific e-commerce experience of a customer or specific
group of customers
● User profiling, using data collected from a number of different sites, which can result in the
creation a personalized Web page before the user has been formally
● Data analysis tools used to predict likely future interactions.

Virtual Societies:

● A virtual community is a community of people sharing common interests, ideas, and feelings over
the Internet or other collaborative networks. Virtual communities as social aggregations that
emerge from the Internet when enough people carry on public discussions long enough and with
sufficient human feeling to form webs of personal relationships in cyberspace .
● Before the Web, virtual communities existed on bulletin board services (BBS ) and many still do.
Some virtual communities or facilitators of them use the metaphor of a coffee house or something
similar to help users visualize the community. In general, there are two kinds of communication
among virtual community members: message postings and real-time chat. Usenet
newsgroups are an example of the former. Many Web sites, such as Geocities, foster subject
information exchanges. For real-time chat, Internet Relay Chat (IRC ) is a system used by many
Web sites that foster virtual communities.

Localization

Localization is the process of adapting a product or content to a specific locale or market. Translation
is only one of several elements of the localization process. In addition to translation, the localization
process may also include:

● Adapting graphics to target markets

● Modifying content to suit the tastes and consumption habits of other markets
● Adapting design and layout to properly display translated text
● Converting to local requirements (such as currencies and units of measure)
● Using proper local formats for dates, addresses, and phone numbers
● Addressing local regulations and legal requirements

The aim of localization is to give a product the look and feel of having been created specifically for a
target market, no matter their language, culture, or location.

The Globalization and Localization Association (GALA) is comprised of members worldwide who
specialize in localization, translation, internationalization, and globalization. Every day they help
companies, non-profit organizations, and governments communicate effectively to global audiences.
They do this by making sure the content of their clients’ communications is culturally sensitive and
presented in languages that their audiences understand.

Banner Ads:

Banner ads are a form of online advertising where a rectangular or square graphic display is placed on
a website. The purpose of banner ads is to attract traffic to a website by linking the banner to the
advertiser's website. Banner ads are often displayed at the top, bottom or sides of a web page and can
include text, graphics or animations.

Banner ads can be static or dynamic, with the latter including animations, videos, and other
multimedia content. They can also be interactive, allowing users to click on the banner to access
additional information or special offers. Banner ads can be targeted to specific demographics,
geographic regions, or even specific websites.

One of the advantages of banner ads is their versatility. They can be used to promote a product,
service or brand, and can be customized to fit the needs of the advertiser. Banner ads can also be
used to drive traffic to a website or to build brand recognition.

However, banner ads are not without their limitations. Many people find them annoying or intrusive,
and they can be easily overlooked or ignored. Banner ads can also be expensive, especially if they are
targeted to a highly competitive market or a popular website.

Some examples of banner ads include:

 Display ads on social media platforms such as Facebook, Twitter, and Instagram.
 Ads placed on websites, such as news sites or e-commerce platforms.
 In-game ads in mobile or online games.
 Ads displayed in email newsletters or email marketing campaigns.
 Ads displayed in mobile apps.

HOW DO BANNER ADS WORK?

Banner ads are intended to generate traffic to a website by linking to it. Also, web banners can
function as regular, print advertisements: inform, notify about a new product, increase brand
awareness and so on. However, most banners are clickable and their main function is to get clicked on.

 Brand awareness: You can grow your brand awareness using banner ads so people can easily
recognize your product or service. Brands like IBM, Apple, Target or Nike use banner ads to grow
their business.

 Lead generator: It’s a great way to build your users base. If you are as SaaS (Software as Service)
you can use banner ads to get more users sign up and try your product/service.
 Retarget your audience: If somebody came on your website but didn’t sign up on your newsletter
or didn’t try out your product you can retarget them with banner ads.

Generally, banner ads are placed in high traffic websites that offer interesting or useful content. But,
besides traffic, there are other important aspects to be taken into consideration when choosing a
website to advertise on. This is why we always recommend you to advertise on the websites that are in
your industry’s niche. One of these aspects is the website’s target, which has to more or less match
with the banner’s intended audience.

WHY IS BANNER ADVERTISING EFFECTIVE?

One advantage of the online advertising over the traditional one is that its effectiveness can be easily
measured. Regarding banner ads, the main effectiveness indicator is the click-through rate. The click-
through rate (CTR) is calculated by dividing the number of users who clicked on the ad by the number
of times the ad was displayed (impressions). For instance, one might say that a certain ad has a click-
through rate of 3%. That means that out of 100 impressions delivered, the banner was clicked on three
times. Therefore, the higher the CTR is, the more effective the advertisement is. It’s that simple.

User Tracking and Log File Analyzing

A user visits your web page(s) for the first time. Depending on your site and the user’s preferences, a
JavaScript is generated and sent to the user’s browser to collect the data you need. A unique cookie is
generated for the user and stored on their computer. This is a standard procedure on the internet,
utilized by every site that needs to identify a user as a unique person, for example, Amazon.com or
Gmail. The Open tracker cookie is tracked over long periods of time, which means unique visitors to
your site can be identified when they return. When a visitor clicks on your site, Open tracker looks for a
cookie. If a cookie is found the user is identified as a ‘returning visitor’ and their clicks are recorded
along with any previous visits to show their lifetime click path through your website.

Log file analysis is an arduous process that frequently results in the discovery of critical technical SEO
problems that could be found no other way. Log files contain incredibly accurate data that allow a
brand to better understand how search engines are crawling their site and the kind of information they
are finding.

Log file data includes a record of the URL/resource that was requested, action taken, time and date, IP
of the machine it originated from, user agent/browser type, and other pieces of information.

Push and Pull Advertising

Push marketing

Push marketing is a promotional strategy where businesses attempt to take their products to the
customers. The term push stems from the idea that marketers are attempting to push their products at
consumers. Common sales tactics include trying to sell merchandise directly to customers via
company showrooms and negotiating with retailers to sell their products for them, or set up point-of-
sale displays. Often, these retailers will receive special sales incentives in exchange for this increased
visibility.

Example of Push Marketing - One common example of push marketing can be seen in department
stores that sell fragrance lines. The manufacturing brand of the fragrance will often offer sales
incentives to the department stores for pushing its products onto customers. This tactic can be
especially beneficial for new brands that aren't well-established or for new lines within a given brand
that need additional promotion. After all, for many consumers, being introduced to the fragrance at the
store is their first experience with the product, and they wouldn't know to ask for it if they didn't know
it existed.

Pull Marketing
Pull marketing, on the other hand, takes the opposite approach. The goal of pull marketing is to get
the customers to come to you, hence the term pull, where marketers are attempting to pull customers
in. Common sales tactics used for pull marketing include mass media promotions, word-of-mouth
referrals and advertised sales promotions. From a business perspective, pull marketing attempts to
create brand loyalty and keep customers coming back, whereas push marketing is more concerned
with short-term sales.

Example of Pull Marketing - You can often recognize pull marketing campaigns by the amount of
advertising that's being used. Pull marketing requires lots of advertising dollars to be spent on making
brand and products a household name. One example includes the marketing of children's toys. In the
first stage, the company advertises the product. Next, the children and parents see the advertisement
and want to purchase the toy. As demand increases, retailers begin scrambling trying to stock the
product in their stores. All the while, the company has successfully pulled customers to them.

Launching a new product

Launching a new product in the context of e-commerce can be a challenging task, as it requires a well-
planned and executed strategy to ensure maximum exposure and sales. Here are some key steps to
consider when launching a new product in e-commerce:

1. Conduct Market Research: Before launching a new product, it is important to conduct market
research to understand customer needs and preferences, as well as identify potential competitors. This
will help to ensure that the new product is relevant and appealing to the target audience, and that it
can compete effectively in the market.

2. Develop a Marketing Plan: A marketing plan should be developed to promote the new product
across various channels such as social media, email, search engine optimization (SEO), and paid
advertising. The plan should include a clear target audience, messaging, and a timeline for the launch.

3. Create High-Quality Content: High-quality content, such as product descriptions, images, and
videos, should be created to showcase the new product and its features. The content should be
engaging and informative, and highlight the unique value proposition of the product.

4. Optimize for Search Engines: The new product should be optimized for search engines, using
relevant keywords and meta descriptions. This will help to increase visibility and drive traffic to the
product page.

5. Leverage Social Media: Social media can be a powerful tool for promoting new products, as it
allows businesses to reach a wide audience quickly and cost-effectively. Social media platforms such
as Facebook, Instagram, Twitter, and LinkedIn can be used to create buzz, build anticipation, and
generate interest in the new product.

6. Offer Promotions and Discounts: Offering promotions and discounts can be an effective way to
incentivize customers to try the new product. This can include free samples, limited-time discounts, or
bundling the new product with existing products to create a special offer.

7. Engage with Customers: Engaging with customers through various channels such as social
media, email, and live chat can help to build relationships and generate positive word-of-mouth. This
can include responding to customer inquiries, addressing feedback and reviews, and providing helpful
information and advice.

CHAPTER 8 - OTHER ISSUES IN E-COMMERCE

Intellectual properties

Intellectual property refers to a company's or an individual's collection of intangible assets that are
legally protected against unauthorized use or use. An intangible asset is a non-physical asset
possessed by a company or individual. Intellectual property refers to the concept of protecting some
products of human knowledge in the same way as physical property, sometimes known as tangible
assets, is protected. Most industrialized economies have legal protections for both categories of
property.

In general, intellectual property refers to any creation of the human mind that is protected by the law
against unlawful use by others. Intellectual property ownership generates a limited monopoly in
protected property by definition.

The four traditional categories of intellectual property are patents, copyright, trademarks, and trade
secrets.

Types of Intellectual Property

Copyright: The legal rights that writers and artists enjoy over their literary and creative works are
referred to as copyright. Copyright protects books, music, art, sculpture, and films, as well as computer
programs, databases, advertisements, maps, and technical drawings.

Patents: A patent, which is an exclusive right granted to the creator, protects an innovation. A patent
grants the patent owner the authority to decide how – or whether – others can use his or her invention.
In exchange for making technical information about the invention publicly available in the published
patent document, the patent owner gives up this right.

Trademarks: A trademark is a recognized symbol, phrase, or emblem that symbolizes a product and
legally distinguishes it from others. A trademark is issued to a corporation exclusively; implying that
the firm owns the trademark and that no one else may use or reproduce it. A company's brand is
frequently coupled with a trademark.

Industrial Models: An industrial design is a product's decorative or aesthetic component. Three-

dimensional features, such as an article's shape or surface, or two-dimensional elements, such as
patterns, lines, or color, can be used to create a design.

Geographical indications: Geographical indications and appellations of origin are labels that are
applied to products that have a specific geographical origin and have characteristics, a reputation, or
characteristics that are mostly related to that area. The name of the item's origin is frequently
included in a geographical indication.

Trade Secrets: A trade secret is a technique or practice used by a corporation that is not widely
known and gives a financial benefit or advantage to the company or the holder of the trade secret.
Trade secrets, which are often the outcome of a firm's research and development, must be actively
protected by the company.

How to Protect Your Intellectual Property?

You can take the following actions to protect your Intellectual Property from being compromised:

 Keep a journal of your discoveries. Leaks are common in the Information Age. You won't
always be able to prevent them, but you can keep note of your breakthroughs and discoveries as
they happen. Your records can date your activities and verify your validity (and ownership rights)
over your intellectual property if another firm receives illegal information through a leak and seeks
to reuse or reproduce your concepts.
 Use Digital Rights Management (DRM) software. If you put your work online and make it
available to the public, some of those people may try to replicate it. Digital rights management
(DRM) is a sort of coding that protects your online assets by accomplishing one or more of the
following things −

o Sets a limit on how many times or how long someone may access your work.
o Limits the number of devices from which your work may be accessed.
o Users are unable to edit, save, or duplicate your work.
o Sharing, publishing, or taking a screenshot of your work is prohibited.
o Put a watermark on your work to show who owns it.

 Make strong non-disclosure agreements a priority.

o Any party participating in a non-disclosure agreement (NDA) is prohibited from releasing

information outlined by the terms of the agreement.
o Create a non-disclosure agreement (NDA) to bolster your defenses against IPR infractions such
as trade secret misappropriation, in which an employee shares critical IP-related information
with other parties.

 Establish Secure Access Credentials. Unless you're the only one who knows the secret,
guarding a secret necessitates aggressive activity. Courts will not be convinced that a trade secret
is essential enough to protect if it is not well protected. To prevent access to any important
information, especially those connected to intellectual property, use strong credentials.

o Creating separate teams so that file access isn't shared

o Employees should be educated on your company's security policies.
o Changing passwords on a regular basis

Leaks can still occur with any security technique. If your intellectual property has been harmed, you
should consult an intellectual property specialist to establish your IPR enforcement options.

Intellectual Property Rights (IPR): Intellectual property rights are the rights given to persons over
the creations of their minds. They usually give the creator an exclusive right over the use of his/her
creation for a certain period of time.

Intellectual Property Rights are important because they can:

● set your business apart from competitors

● be sold or licensed, providing an important revenue stream
● offer customers something new and different
● form an essential part of your marketing or branding
● be used as security for loans
 Internet Governance

Internet Governance can be defined as the evolving policies and mechanisms under which the Internet
community’s many stakeholders make decisions about the development and use of the Internet.

Internet governance covers a wide range of issues, from day-to-day technical and operational workings
of the Internet to public policy issues such as combating crime on the Internet. Internet governance
discussions occur in many forums. Technical and operational Internet governance discussions have
long been discussed in multi-stakeholder bodies developed for these purposes.

Many information policy experts emphasize that "internet governance" is not the product of an
institutional hierarchy, but rather, it emerges from the decentralized, bottom-up coordination of tens of
thousands of mostly private-sector entities across the globe. Often referred to as internet
"stakeholders," these include network and server operators, domain name registrars (e.g., GoDaddy)
and registries (e.g., Verisign), IP address and standards organizations, internet service providers (e.g.,
Verizon), and individual users. Civil society organizations and governments participate alongside these
stakeholders in contributing to the development of technical policies.

E-Commerce Laws: The Internet is a worldwide public access network of computers. It has no owner,
though of course each of the individual pieces of hardware on which it runs has an owner. It relies for
its operation on mutual comprehensibility between those various pieces of hardware. This is achieved
by voluntary adherence to a single protocol- to use a human metaphor, the various machines all speak
the same language. The use of the internet for buying and selling, which is simply known as e-
commerce is gaining its place in the commercial market. Many believe the Internet to be full of natural
anarchy, so that a system of law and regulation for the Internet seems contradictory.

However, cyberspace is, in fact, governed by a system of law and regulation called internet law. There
is no single exhaustive definition of the term internet law. One broadly accepted definition of Internet
law is a generic term that refers to all the legal and regulatory aspects of Internet and the World Wide
Web. Anything concerned with or related to or emanating from any legal aspects or issues concerning
any activity of people in cyberspace comes within the domain of internet law.

Internet Governing Organizations: Internet governance is the development and application of

shared principles, norms, rules, decision-making procedures, and programs that shape the evolution
and use of the Internet. This describes how the Internet was and is currently governed, some of the
controversies that occurred along the way, and the ongoing debates about how the Internet should or
should not be governed in the future.

Internet governance should not be confused with e-governance, which refers to governments' use of
technology to carry out their governing duties. Internet Governing Organizations:

 Internet Corporation for Assigned Names and Numbers (ICANN): ICANN is responsible for
the administration of the Domain Name System (DNS), which translates domain names into IP
addresses. It also manages the assignment of IP addresses and protocol parameters.
 World Wide Web Consortium (W3C): W3C is responsible for developing web standards to
ensure the interoperability of web technologies.
 Internet Engineering Task Force (IETF): IETF develops and promotes voluntary Internet
standards and protocols, including TCP/IP and HTTP.
 International Telecommunication Union (ITU): ITU is a specialized agency of the United
Nations responsible for the development and coordination of global telecommunications.

Cross Border Legal Issue: When your business becomes international, your approach to the legal
aspects of conducting business needs to take on an international component as well. Cross-border
transactions present a number of unique legal issues; and in order to protect your company (and avoid
jeopardizing the deal), you need to make sure you are aware of the various legal and practical
considerations involved.
 Jurisdictional issues: Jurisdictional issues arise when a business engages in e-commerce
transactions with consumers in multiple jurisdictions. In this context, businesses must comply with
the laws and regulations of each jurisdiction in which they operate.
 Data protection and privacy: Data protection and privacy laws regulate the collection, use, and
disclosure of personal information. Businesses that engage in e-commerce must comply with
applicable data protection and privacy laws, such as the EU General Data Protection Regulation
(GDPR) or the California Consumer Privacy Act (CCPA).
 Taxation: E-commerce businesses must comply with applicable tax laws, including sales tax,
value-added tax (VAT), and income tax. In this context, businesses must determine their tax
obligations in each jurisdiction in which they operate.
 Intellectual property: Intellectual property laws protect the rights of creators and owners of
original works, such as patents, trademarks, and copyrights. E-commerce businesses must ensure
that they do not infringe on the intellectual property rights of others, such as by using trademarks
or copyrighted material without permission.
 Consumer protection: Consumer protection laws regulate the relationship between businesses
and consumers, including e-commerce transactions. E-commerce businesses must comply with
applicable consumer protection laws, such as those related to advertising and marketing, product
safety, and consumer rights.

Typical cross-border issues:

● Regulatory compliance of the proposed transactions. These include antitrust and local
tender offer rules as well as other regulatory frameworks that may require licensing or
qualifications of various kinds.
● Regulatory compliance of the operation of the acquired business by the new buyer post
acquisition. This is particularly true in regulated industries and needs to be considered in the
acquirer’s jurisdiction as well as the jurisdiction of the target. These considerations could affect the
type of entity that will do the acquiring and the jurisdiction where it is incorporated. If public
companies are involved the relevant securities laws of the different entities involved may also be a
factor.
● Tax implications including the interaction of the tax regimes of relevant jurisdictions.
The analysis may result in adding entities in additional jurisdiction(s) because of its/their beneficial
tax treatment.
● Other transaction costs. In addition to taxes, there are other transaction costs that can be
minimized or eliminated by proper structuring of the transaction.
● Corporate approval required. For example, in certain jurisdictions a transaction may not
require shareholder approval if structured as an asset deal but would require such approval is
structured as a stock deal.
● Accounting rules: Accounting rules in different jurisdictions may treat a similar transaction in
different ways, causing the parties to design the structure that best fits their needs. Currently, in
the U.S. most companies use US GAAP, or US generally accepted accounting principles whereas
internationally more and more companies are using IFRS, or International Financial Reporting
Standards. While there is much talk about the possible convergence of these standards, at this
point they are different and can cause some real headaches to the financial people on transactions
and drive the structure to work around issues raised by the accounting treatment in one or more
jurisdictions.
● Reporting. Reporting obligations, particularly for public companies, can be different depending on
the structure of the transaction and can thus drive the structure depending on the parties’ desires
as to how much and when to disclose information.
● Issues related to the financing of the transaction. Certain types of financing or certain
lenders may be more or less comfortable with lending to different structures.
● Required consents. Structuring a transaction in certain ways may help minimize or eliminate the
need for third party approvals.
● Required consultation of the works councils. In some countries (for example, in Europe) labor
laws provide for mandatory information and consultation of the works councils of both the buyer
and the seller before closing of the deal. Failure to properly inform and consult may lead to a
suspension of the deal until completion of the consultation.

Example of Cross-Border Legal Issues in E-commerce: Amazon, the world's largest online
retailer, faced cross-border legal issues related to taxation in Europe. In 2014, the European
Commission launched an investigation into whether Amazon's tax arrangements with Luxembourg
amounted to illegal state aid. The Commission found that Luxembourg had granted Amazon a selective
tax advantage, resulting in the company paying less tax than other businesses. As a result, Amazon
was required to pay approximately €250 million in back taxes to Luxembourg. This case illustrates the
importance of complying with tax laws in each jurisdiction in which a business operates to avoid legal
issues and potential financial penalties.

Conclusion: In conclusion, e-commerce is a complex and rapidly evolving field that is subject to
various laws and regulations. Internet governing organizations play a crucial role in regulating and
managing the internet, including e-commerce activities. Additionally, cross-border legal issues related
to e-commerce transactions create challenges for businesses and governments to ensure compliance
with various laws and regulations. Therefore, it is crucial for e-commerce businesses to be aware of
and comply with applicable laws and regulations to avoid legal issues and potential financial penalties.

CHAPTER NINE - WEB APPLICATION

Web applications are computer programs that are accessed using a web browser or other web-enabled
device. They are typically hosted on a web server and accessed remotely by users over the internet.
Web applications have become increasingly popular in recent years due to their accessibility,
flexibility, and ability to deliver rich and dynamic user experiences.

There are many types of web applications, including:

 E-commerce applications: E-commerce applications enable businesses to sell products and

services online. They typically include features such as product catalogs, shopping carts, and
payment processing.
 Content management systems (CMS): CMS applications are used to create, manage, and
publish digital content, such as articles, blog posts, and multimedia.
 Social networking applications: Social networking applications enable users to connect with
others and share information and media. Popular examples include Facebook, Twitter, and
Instagram.
 Online collaboration tools: Online collaboration tools are used to facilitate collaboration
between individuals or groups in real-time, such as video conferencing, project management tools,
and online whiteboards.
 Customer relationship management (CRM) systems: CRM systems are used to manage
customer interactions and relationships, typically including features such as customer databases,
sales tracking, and customer service.

Web applications are typically built using a combination of client-side and server-side technologies.
The client-side is the portion of the application that runs in the user's web browser and typically
consists of HTML, CSS, and JavaScript. The server-side is the portion of the application that runs on the
web server and typically consists of a programming language such as PHP, Java, or Python, along with
a database to store and manage data.

The process of developing a web application typically involves several stages, including:

 Requirements gathering: This involves gathering and documenting the requirements of the
application, including features, functionality, and user experience.
 Design: This involves designing the architecture, user interface, and other aspects of the
application.
 Development: This involves coding the application using client-side and server-side technologies.
 Testing: This involves testing the application to ensure that it functions as intended and meets
the requirements.
 Deployment: This involves deploying the application to a web server and making it available to
users.

One of the key advantages of web applications is their ability to be easily updated and maintained.
Since they are hosted remotely on a web server, updates and bug fixes can be made quickly and easily
without requiring users to download and install new software.

However, web applications also face several challenges, including security risks such as cross-site
scripting (XSS) and SQL injection attacks, as well as performance issues such as slow loading times
and server downtime.

In conclusion, web applications have become a critical part of modern-day computing, enabling
businesses and individuals to connect, collaborate, and transact online. With their accessibility,
flexibility, and rich user experiences, web applications are sure to continue to play a key role in the
future of computing.

A web application can be developed for several uses, which can be used by anyone like it can be used
as an individual or as a whole organization for several reasons.

In general, a web application can contain online shops (or we can also say them e-commerce shops),
webmail's, calculators, social media platforms, etc. There is also some kind of web application that
usually requires a special kind of web browser to access them. We cannot access those kinds of web
applications by using regular web- browsers. However, most of the web applications available on the
internet can be accessed using a standard web browser.

If we talk about the web application in general, a web application usually uses a combination of the
server-side scripts such as PHP, ASP, for handling the information/ data storage and retrieval of the
data.

Some of them also use the client-side scripts such as JavaScript, HTML to represent the
data/information in front of the users, and some of the web applications are also using both server-side
and client-side at the same time.

It allows the users to communicate with the organization or companies by using the online form, online
forums, shopping carts, content management system, and much more.

Apart from that web applications also allow its users to create documents, share them, or share the
data/ information. By using the web application, users can collaborate on same projects by event when
they are not available on the same geographical location.

After knowing that what a web application is, there may be a question hitting in mind that how it will
work.

How does a web- application work?

In general, web-application does not require downloading them because, as we already discussed, the
web application is a computer program that usually resides on the remote server. Any user can access
it by using one of the standard web browsers such as Google Chrome, Safari, Microsoft Edge, etc., and
most of them are available free for everyone.
A web application are generally coded using the languages supported by almost every web-browsers
such as HTML, JavaScript because these are the languages that rely on the web browsers to render the
program executable.

Some of the web applications are entirely static due to which they not required any processing on the
server at all while, on the other hand, some web applications are dynamic and require server-side
processing.

To operate a web- application, we usually required a web server (or we can say some space on the
web-server for our programs/application's code) to manage the clients' upcoming requests and
required an application server.

The application server performs the task that requested by the clients, which also may need a
database to store the information sometimes. Application server technologies range from ASP.NET,
ASP, and ColdFusion to PHP and JSP.

A standard web application usually has short development cycles and can be easily developed with a
small team of developers. As we all know, most of the currently available web applications on the
internet are written using the programming languages such as the HTML (or HyperText Markup
Language), CSS( or Cascading Style Sheets), and Javascript that are used in creating front-end
interface (Client-side programming).

To create the web applications script, server-side programming is done by using programming
languages such as Java, Python, PHP, and Ruby, etc. Python and Java are the languages that are
usually used for server-side programming.

The Flow of the Web Application - Let's understand how the flow of the typical web application
looks like.
 In general, a user sends a request to the web-server using web browsers such as Google Chrome,
Microsoft Edge, Firefox, etc. over the internet.
 Then, the request is forwarded to the appropriate web application server by the web-server.
 Web application server performs the requested operations/ tasks like processing the database,
querying the databases; produces the result of the requested data.
 The obtained result is sent to the web-server by the web application server along with the
requested data/information or processed data.
 The web server responds to the user with the requested or processed data/information and
provides the result to the user's screen .

Benefits of a web application - Let see some of the significant benefits offered by a web
application:

 Any typical web application can run or accessible on any operating system such as the Windows,
Mac, Linux as long as the browser is compatible.
 A web application is usually not required to install in the hard drive of the computer system, thus it
eliminates all the issues related to the space limitation.
 All the users are able to access the same version of the web application, which eliminates all
compatibility issues.
 It also reduces software piracy in subscription-based web applications, for example, SAAS (or
Software as a service).
 They also reduce the expense for end-users, business owners because the maintenance needed by
the business is significantly less.
 Web applications are flexible. A user can work from any geographical location as long as he has a
working internet connection.
 It just takes a moment to create a new user by providing a username, password, and URL, and it's
all.
 After the availability of the cloud, storage space is now virtually unlimited as long as you can afford
it.
 A web application can be programmed to run on a wide variety of operating systems, unlike native
applications that can run on a particular platform.
 Any standard web application is developed with some basic programming languages like HTML,
CSS that are compatible and well known among the IT professionals.

Disadvantages of the Web Applications

As we all know, there are two sides of anything; if something has some advantages, it may also have
limitations/ disadvantages. Consider the following disadvantages of the web applications.

 Internet connection is necessary to access any web application, and without an internet
connection, anyone can't use any of the web applications. It is very typical to get an internet
connection in our modern cities, still rural area internet connectivity not so well.
 Several people in business believe that their data on the cloud environment is no that secure and
likes to stick with old methods; they even don't want to use new methods.
 As we all know that many users like to use different web browsers according to their needs and
choices. So while creating a web application, you must remember that your application must
support several web browsers, including new and old versions of browsers.
 Speed-related issues are also affecting the web application's performance because there are
several factors on which the performance of a web application depends, and these all factors affect
the performance of the web application in their own way.
 If a user's web application faces any kind of issues, or if he does not have a good quality corporate
website, his web application will not be going to run correctly, smoothly.
 A user must have to spend enough money to maintain the good condition of his web application,
provide an update whenever an issue occurs, and make an attractive user interface, which is not
so cheap at all.
 A web application must be programmed/ coded in such a way that it will be run regardless of the
device's operating system.
 A web application may face some issues while running on Windows, Android, or several other
operating systems if it is not responsive.

There are several advantages and disadvantages of web applications; it is impossible to discuss them
all at once. So in the above, we only discussed some critical and useful points that may help you
quickly understand the pros and cons of the web application.

Basic concept of web application development

Web development is the process of creating websites and web applications. The process includes
various stages, from the planning and design to the coding and testing. Here are the eight steps
involved in the web development process:

Planning and Research: The first step in the web development process is to plan and research. This
involves understanding the client's requirements, defining the project scope, and identifying the target
audience. This step also includes researching the competition, identifying potential challenges, and
determining the project timeline and budget.

Design: The second step is the design stage, which involves creating the visual appearance of the
website or application. This includes creating a wireframe, choosing the color scheme and typography,
and designing the layout of each page. The design should align with the client's branding and the
needs of the target audience.

Content Creation: The third step in the process is content creation. This involves creating the text,
images, and other media that will be used on the website or application. The content should be
engaging, informative, and relevant to the target audience.

Development: The fourth step in the process is development. This involves writing the code that will
bring the website or application to life. The development process can include programming languages
such as HTML, CSS, JavaScript, and PHP. The code should be clean, efficient, and easy to maintain.
Testing: The fifth step in the process is testing. This involves testing the website or application for
bugs, errors, and usability issues. Testing should be conducted on different devices, browsers, and
platforms to ensure compatibility and accessibility.

Deployment: The sixth step in the process is deployment. This involves launching the website or
application to the public. This includes uploading the code to a server, configuring the domain name
and hosting, and testing the site again before it goes live.

Maintenance: The seventh step in the process is maintenance. This involves ongoing updates and
maintenance of the website or application. This includes fixing any bugs or errors that arise, updating
content, and ensuring the site is secure and up to date.

Evaluation: The final step in the process is evaluation. This involves analyzing the website or
application's performance and gathering feedback from users. This helps to identify areas for
improvement and future enhancements.

In conclusion, the web development process involves various stages, from planning and research to
deployment and maintenance. Each step is crucial to creating a successful website or application that
meets the client's requirements and the needs of the target audience.

Website client and server side validation of control

Website client and server-side validation are essential techniques for ensuring the accuracy, security,
and reliability of web applications. Validation refers to the process of verifying the user's input
to ensure that it meets specific requirements and standards. The validation process is
necessary to prevent incorrect or malicious input from being entered into the system,
which could lead to errors, data loss, or security breaches.

There are two types of validation in web development: client-side and server-side validation. Client-
side validation is performed on the client-side of the web application, typically using JavaScript, while
server-side validation is performed on the server-side using a programming language such as PHP,
Java, or Python. Both types of validation have their benefits and drawbacks and are used to
complement each other.

Client-side validation is performed in the user's web browser before the form data is submitted to the
server. It is fast and provides an immediate response to the user. However, it is not secure, as
malicious users can easily bypass it by disabling JavaScript or intercepting the form data before it is
submitted. Client-side validation is suitable for simple data validation tasks, such as checking for
required fields, valid email addresses, or phone numbers.

Server-side validation is performed on the server-side of the web application, typically using a scripting
language such as PHP, Java, or Python. It is slower than client-side validation, as the data needs to be
sent to the server for validation. However, it is more secure, as the user cannot bypass it. Server-side
validation is suitable for complex data validation tasks, such as validating credit card numbers,
passwords, or user permissions.

The following are the steps involved in the client and server-side validation of controls in
web applications:

Define Validation Rules: The first step in validating web application controls is to define the
validation rules. These rules specify the format, length, and type of data that the control will accept.
The rules are typically defined using regular expressions or scripting languages such as JavaScript,
PHP, or Java.

Implement Client-side Validation: Once the validation rules are defined, the next step is to
implement client-side validation. This is done using JavaScript or a JavaScript library such as jQuery
or AngularJS. The client-side validation code is embedded in the web page, and it is executed in the
user's web browser when the form is submitted.

Test Client-side Validation: After implementing client-side validation, it is essential to test it

thoroughly to ensure that it works as expected. This involves testing the validation code for all possible
scenarios, such as submitting the form with valid and invalid data, entering incorrect data, or leaving
required fields blank.

Implement Server-side Validation: The next step is to implement server-side validation. This is
done using a programming language such as PHP, Java, or Python. The server-side validation code is
executed on the server when the form data is submitted.

Test Server-side Validation: After implementing server-side validation, it is essential to test it

thoroughly to ensure that it works as expected. This involves testing the validation code for all possible
scenarios, such as submitting the form with valid and invalid data, entering incorrect data, or leaving
required fields blank.

Combine Client and Server-side Validation: The next step is to combine the client-side and
server-side validation. This is done by validating the data on the client-side using JavaScript and then
validating it again on the server-side using a programming language such as PHP, Java, or Python. This
ensures that the data is validated both on the client-side and server-side, providing a more secure and
reliable validation process.

Test Combined Validation: After combining the client-side and server-side validation, it is essential
to test it thoroughly to ensure that it works as expected. This involves testing the validation code for
all possible scenarios, such as submitting

Using different web application controls

Web application controls are the building blocks of web applications, providing the necessary user
interface elements to create interactive and responsive applications. These controls can be divided
into different categories based on their purpose, such as input controls, selection controls, navigation
controls, and layout controls.

1. Input controls: Input controls are used to collect user input, such as text boxes, drop-down lists,
and checkboxes. These controls allow users to enter data into the application, which can then be
processed and stored. Common examples of input controls include:

 Text boxes: used for collecting text input from users

 Radio buttons: used for selecting one option from a list of options
 Checkboxes: used for selecting one or more options from a list of options
 Drop-down lists: used for selecting one option from a list of options that are displayed in a drop-
down menu
 Date pickers: used for selecting a date from a calendar

2. Selection controls: Selection controls are used to allow users to make choices within the
application, such as choosing a color or a font. These controls do not collect user input, but rather
allow the user to make selections that affect the appearance or behavior of the application. Common
examples of selection controls include:

 Color pickers: used for selecting a color from a palette

 Font pickers: used for selecting a font from a list of available fonts
 Slider controls: used for selecting a value within a range by dragging a slider handle
 Toggle switches: used for toggling an option on or off

3. Navigation controls: Navigation controls are used to allow users to move around within the
application, such as navigating to different pages or sections. These controls provide links or buttons
that allow users to access different parts of the application. Common examples of navigation controls
include:

 Menu bars: used for accessing different sections of the application

 Breadcrumbs: used for showing the user's location within the application
 Tabs: used for displaying different sections of the application in a tabbed interface
 Hyperlinks: used for linking to other pages or sections within the application

4. Layout controls: Layout controls are used to define the structure and layout of the application,
such as arranging content in columns or rows. These controls help to create a visually appealing and
organized interface that is easy to navigate. Common examples of layout controls include:

 Grid controls: used for arranging content in rows and columns

 Panels: used for grouping related content together
 Accordions: used for displaying content in collapsible sections
 Tables: used for displaying data in a tabular format

Client-side validation and server-side validation are two approaches to validating user input in web
applications. Client-side validation is performed using JavaScript or other client-side scripting
languages, and is executed on the user's browser before the form is submitted. Server-side validation
is performed on the server-side using server-side scripting languages such as PHP, Ruby on Rails, or
ASP.NET.

Client-side validation is generally faster and more responsive than server-side validation, as it does not
require a round-trip to the server. However, client-side validation can be bypassed by malicious users,
and should always be used in conjunction with server-side validation to ensure that all user input is
properly validated.

Server-side validation is more secure and reliable than client-side validation, as it is performed on the
server and cannot be bypassed by malicious users. However, server-side validation can be slower and
less responsive than client-side validation, as it requires a round-trip to the server.

In conclusion, web application controls are an essential part of web development, providing the
necessary user interface elements to create interactive and responsive applications. By using different
types of controls, developers can create a visually appealing and organized interface that is easy to
navigate. Additionally, client-side and

Database connectivity with different DBMS

Database connectivity refers to the ability of a web application to access and interact with a database
management system (DBMS). This is an essential aspect of web development since databases provide
a means for storing and managing data that is used by web applications.

There are several different types of DBMS that can be used for web development, including:

1. MySQL: This is an open-source relational database management system that is commonly used
for web applications. It is known for its ease of use, scalability, and compatibility with a wide range
of programming languages.
2. Microsoft SQL Server: This is a commercial DBMS developed by Microsoft that is commonly used
for web applications that run on Windows servers. It provides a wide range of features for data
storage, management, and analysis.
3. Oracle: This is a commercial DBMS that is widely used in enterprise-level web applications. It
provides a range of advanced features for data management and analysis, as well as support for a
wide range of programming languages and platforms.
4. PostgreSQL: This is an open-source object-relational DBMS that is commonly used for web
applications. It provides a wide range of features for data storage, management, and analysis, and
is known for its scalability and performance.

To connect a web application to a DBMS, several steps are typically involved:

 Install the appropriate drivers: Depending on the programming language and DBMS being used,
specific drivers may need to be installed to enable connectivity.
 Set up a connection string: This is a string of text that contains the necessary information for the
web application to connect to the database, such as the server name, username, and password.
 Establish a connection: The web application must establish a connection to the database by using
the connection string and appropriate code.
 Execute SQL queries: Once the connection is established, the web application can execute SQL
queries to interact with the database. This can include retrieving data, adding new data, updating
existing data, and deleting data.

Overall, database connectivity is a critical aspect of web development, as it enables web applications
to store, manage, and analyze data. By choosing the appropriate DBMS and following the necessary
steps to establish connectivity, web developers can ensure that their applications are robust and
efficient.

Building web application giving different features of e-commerce sites

Building a web application for an e-commerce site requires incorporating various features and
functionalities that can enhance the user experience and make online shopping convenient and
efficient. Some of the key features of e-commerce sites include:

User Authentication and Authorization: This feature allows users to create accounts and log in
securely to the website. User authentication and authorization ensure that only authorized users can
access certain parts of the website, such as the shopping cart or the order history.

Product Catalog: A product catalog is a crucial feature of any e-commerce site. It allows users to
browse and search for products based on various criteria such as category, price, and brand. The
product catalog should include high-quality images, product descriptions, and pricing information.

Shopping Cart: A shopping cart is a virtual basket where users can add products they wish to
purchase. The shopping cart should allow users to add and remove items easily, update quantities,
and view the total cost of the order.

Checkout Process: The checkout process should be simple, streamlined, and secure. It should allow
users to enter shipping and billing information, select a payment method, and review their order
before submitting it.

Payment Gateway Integration: Payment gateway integration is a crucial feature of any e-

commerce site. It allows users to pay for their purchases securely using various payment methods
such as credit/debit cards, PayPal, and net banking.

Order Management: Order management is a crucial feature for the website owner. It allows them to
manage orders, track shipments, and generate invoices.

Customer Support: Customer support is an essential feature of any e-commerce site. It should
include various channels for customer support, such as email, phone, and chat. It should also have an
FAQ section that answers common questions.
Analytics and Reporting: Analytics and reporting help website owners understand customer
behavior, identify areas for improvement, and make data-driven decisions. It should include features
such as traffic analytics, conversion rates, and customer demographics.

Social Media Integration: Social media integration can help increase brand visibility and drive traffic
to the e-commerce site. It should include features such as social media sharing buttons, social media
login, and social media marketing campaigns.

Mobile Optimization: Mobile optimization is essential in today's world, where most users access the
internet through their mobile devices. The website should be optimized for mobile devices, with a
responsive design and fast loading times.

Product Listings: This feature is a must-have for any e-commerce website. The website should allow
customers to browse products, view their images, prices, and other important details. For example,
Amazon.com provides a wide range of products with clear descriptions and images.

Product Search: A search bar on the website is an essential feature that allows customers to find
specific products easily. For example, Best Buy provides a search bar on their website where
customers can search for products by name, category, brand, or keyword.

Shopping Cart: A shopping cart allows customers to add products to a virtual cart before proceeding
to checkout. For example, Walmart's shopping cart allows customers to add products to their cart,
view the total cost, and proceed to checkout.

Checkout: This feature allows customers to pay for their products and provides options such as cash
on delivery, credit card, debit card, or online payments. For example, PayPal is a popular online
payment system used by many e-commerce websites.

Order Tracking: Customers should be able to track their orders and view their order history. For
example, FedEx provides a tracking system where customers can enter their order number and track
their package.

User Accounts: User accounts allow customers to save their personal information, view their order
history, and track their packages. For example, Nordstrom provides a user account system where
customers can save their information and view their order history.

Reviews and Ratings: Reviews and ratings allow customers to provide feedback on products and
services. For example, Yelp is a popular review website where customers can rate and review local
businesses.

Wishlists: This feature allows customers to save products for later purchase or as a reminder. For
example, Amazon provides a wishlist feature where customers can save products for future purchase.

Discounts and Coupons: This feature allows customers to receive discounts and coupons on their
purchases. For example, Groupon provides discounts and coupons for local businesses.

Recommended Products: Recommended products suggest products to customers based on their

browsing and purchase history. For example, Netflix suggests movies and TV shows based on a
customer's viewing history.

Product Comparison: This feature allows customers to compare products side by side. For example,
Home Depot provides a product comparison tool where customers can compare features and prices of
different products.

Live Chat: Live chat allows customers to interact with customer service representatives in real-time.
For example, Zappos provides a live chat feature where customers can ask questions and receive
assistance.
Social Media Integration: Social media integration allows customers to share products and services
with their friends and followers. For example, Pinterest allows users to save and share products they
like with their followers.

Language and Currency Options: E-commerce websites should provide language and currency
options for customers in different regions. For example, Booking.com provides language and currency
options for customers in different countries.

Mobile Responsiveness: E-commerce websites should be optimized for mobile devices to provide a
seamless shopping experience. For example, Amazon's mobile app is optimized for different mobile
devices and provides a user-friendly experience.

Product Filtering: This feature allows customers to filter products by different criteria such as price,
brand, or category. For example, eBay provides a product filtering system where customers can filter
products based on their preferences.

Personalization: Personalization allows customers to receive personalized recommendations and

offers based on their browsing and purchase history. For example, Amazon provides personalized
recommendations based on a customer's purchase history.

Loyalty Programs: Loyalty programs provide rewards and incentives for frequent customers. For
example, Starbucks provides a loyalty program where customers can earn rewards and discounts on
their purchases.

In conclusion, building a web application for an e-commerce site requires incorporating various
features that can enhance the user experience, streamline the checkout process, and ensure secure
payment transactions. It should also include features that help website owners manage orders, track
shipments, and generate invoices. By incorporating these features, e-commerce sites can provide an
enjoyable and convenient shopping experience to their customers while also increasing sales and
revenue.

Miscellaneous Questions

S. Intranet Extranet
N.
1. Intranet is a tool for sharing information Whereas Extranet is a tool for sharing information
throughout the organization. between the internal members and external
members.
2. Intranet is owned by a single While Extranet is owned by either a single or a many
organization. organization.
3. In intranet, security is implemented Whereas in this, security is implemented through a
through a firewall. firewall in order to separate the extranet and the
internet.
4. Intranet is managed by an organization. Whereas Extranet is managed by many
organizations.
5. Intranet has a limited number of Whereas in the extranet, connected devices are
connected devices. comparable with the intranet.
6. Intranet is a private network type for an While it is also a private network in which public
organization. network is used in order to share the information to
the suppliers and customers.
7. Intranet is used in order to get While It is used to check status, access data, send
employee information, telephone mail, place order etc.
directory etc.
8. Intranet is the limited and compromised While Extranet is the limited and compromised
version of Extranet. version of Internet.
9. A particular organization is the While it is regulated by multiple organizations.
regulating authority for intranet.
10. It is accessible to only the members of It is accessible to members of organization as well as
 organization. external members with logins.
11. Its restricted area is up to an Its restricted area is up to an organization and some
organization. of its stakeholders.
12. It is derived from Internet. It is derived from Intranet.
13. Example: WIPRO using internal network Example: DELL and Intel using network for business
for its business operations. related operations.
EDI (Electronic Data Interchange)

Electronic Data Interchange (EDI) is a computer-to-computer exchange of business

documents in a standard electronic format between two or more trading partners. It enables
companies to exchange information electronically in a structured format, eliminating the need for
manual data entry and reducing the cost and time associated with paper-based transactions.

EDI was first introduced in the 1960s as a way for companies to exchange business documents
electronically. Over time, the standardization of EDI formats and protocols has enabled businesses to
integrate their internal systems with those of their trading partners, improving efficiency and reducing
errors.

EDI transactions can include purchase orders, invoices, shipping notices, and other business
documents. The EDI standard defines the format and content of these documents, ensuring that they
are easily interpreted by both the sender and the receiver.

EDI has become an important part of many businesses, particularly those in the supply chain and
logistics industries. It allows for faster and more accurate processing of transactions, leading to
improved customer satisfaction and increased profits.

Imagine writing a letter to your friend while communicating every time, Cannot imagine right? Since
today humans live in an era where they can very easily communicate through the internet. Now,
imagine the same case with businesses, where communication and exchange of very important
documents are constantly required, doing this the old way, it will take forever for the messages to
reach the other party, but also the documents will pile up as there is a lot of information that is needed
to be stored and kept. It is a tedious and cumbersome process indeed; this is where EDI plays its role.

Electronic Data Exchange is the direct exchange of data and important business documents through
the Internet and in a very professional manner. Two different companies sitting at the extreme corners
of the world can very easily interchange information or documents (like sales orders, shipping notices,
invoices, etc.) with the help of EDI.

EDI Documents: The most common documents exchanged via EDI are:

 Invoices
 Purchase Orders
 Financial Information letters
 Transaction Bills
 Shipping requests and notifications
 Acknowledgment and feedback
 Transcripts
 Claims
 Business Correspondence letters

EDI Users:

 Central and state government agencies

 Industry
 Banking
 Retailing
 Manufacturing
 Insurance
 Healthcare
 Automotive
 Electronics
 Grocery
 Transportation

How EDI works? The data or the information that one company sends the other first gets prepared to
be sent, then the information/document is translated into EDI format. The document is then connected
and transmitted to the other business, the connection is direct and point to point.

Uses of EDI: EDI is widely used in various industries for exchanging business documents
electronically. Some of the common uses of EDI are:

 Order Processing: EDI allows companies to exchange purchase orders and sales orders
electronically, eliminating the need for manual data entry and reducing errors.
 Invoicing: EDI can be used to exchange invoices electronically, reducing the time and cost
associated with paper-based invoicing.
 Shipping and Receiving: EDI can be used to exchange shipping notices and receiving
documents, enabling companies to track the movement of goods in real-time.
 Inventory Management: EDI can be used to exchange inventory information, enabling
companies to manage their inventory levels more effectively.
 Supply Chain Management: EDI is used extensively in the supply chain management process,
enabling companies to exchange information with their suppliers, distributors, and customers.
 Healthcare: EDI is used in the healthcare industry to exchange patient data, claims, and other
healthcare-related information between healthcare providers, insurance companies, and
government agencies.
 Financial Transactions: EDI can be used to exchange financial transactions such as payment
advice and remittance advice, reducing the time and cost associated with manual payment
processing.

Advantages of EDI: There are several advantages to Electronic Data Interchange:

 The paper usage reduced: The expense of storing, printing, recycling, reduces up to the
maximum amount due to the EDI.
 Improved quality of Data: The data entry errors are reduced due to EDI.
 Speed Increases: The best advantage is the increase in the speed of the data interchange. With
everything going online, the speed of the information transfer increases exponentially.
 Security: By following the Protocols and the standard rules, the security of all the important
documents is always secure and safe.
 Information accuracy: Since the information exchanged is based on standards agreed by the
sender and receiver both, the correct information is always transferred regardless of where they
belong to.
 Less Cost: With very less errors, fast response time, everything becoming automated, and no use
of paper, the cost automatically reduces.

Secure transaction

Secure transactions refer to the process of conducting financial transactions, such as online purchases
or banking transactions, in a safe and protected manner. The goal is to ensure the confidentiality,
integrity, and authenticity of the transaction data, protecting it from unauthorized access, tampering,
or fraud. Here are some key elements and practices for secure transactions:

1. Encryption: Encryption is the process of encoding sensitive information to prevent unauthorized

access. Secure transactions often involve encrypting data during transmission and storage, using
protocols like SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Encryption ensures
that the data exchanged between the user's device and the server is protected and cannot be
intercepted or deciphered by unauthorized parties.
2. Secure Sockets Layer (SSL) Certificates: SSL certificates are digital certificates that
authenticate the identity of a website or online service and establish an encrypted connection
between the user's browser and the server. They provide assurance to users that their
communication with the website is secure and that their data is protected.
3. Two-Factor Authentication (2FA): Two-factor authentication adds an extra layer of security by
requiring users to provide two different types of credentials to verify their identity. This typically
involves combining something the user knows (such as a password) with something they possess
(such as a unique code generated by a mobile app or received via SMS).
4. Payment Card Industry Data Security Standard (PCI DSS): PCI DSS is a set of security
standards developed by major credit card companies to ensure the secure handling of cardholder
data. Compliance with PCI DSS is required for businesses that handle credit card transactions and
involves implementing various security measures to protect cardholder data.
5. Tokenization: Tokenization is the process of replacing sensitive data, such as credit card
numbers, with unique identification symbols called tokens. These tokens are used for transaction
processing, reducing the risk associated with storing and transmitting sensitive data.
6. Fraud Detection and Prevention: Implementing fraud detection and prevention mechanisms is
crucial for secure transactions. This can include real-time monitoring, anomaly detection, machine
learning algorithms, and transaction verification techniques to identify and prevent fraudulent
activities.
7. Secure Payment Gateways: Secure payment gateways act as intermediaries between the
customer, the merchant, and the financial institution. They ensure that sensitive payment data is
 transmitted securely, and they often employ various security measures, such as encryption and
fraud detection, to protect transactions.
8. User Education and Awareness: Educating users about secure transaction practices is vital.
This includes encouraging them to use strong, unique passwords, avoid suspicious links or
websites, and verify the security of a website before entering sensitive information.

It is essential for businesses and users to prioritize security measures and stay updated with the latest
security technologies and practices to protect sensitive information and ensure secure transactions.

What is client server architecture? Discuss with illustration.

Client-server architecture is a computing model in which tasks and responsibilities are divided between
clients and servers. The clients are the devices or applications that request services, while the servers
are the systems or processes that provide those services.

The Client-server model is a distributed application structure that partitions task or workload between
the providers of a resource or service, called servers, and service requesters called clients. In the
client-server architecture, when the client computer sends a request for data to the server through the
internet, the server accepts the requested process and deliver the data packets requested back to the
client. Clients do not share any of their resources. Examples of Client-Server Model are Email, World
Wide Web, etc.

How the Client-Server Model works?

 Client: When we talk the word Client, it means to talk of a

person or an organization using a particular service. Similarly in
the digital world a Client is a computer (Host) i.e. capable of
receiving information or using a particular service from the
service providers (Servers).
 Servers: Similarly, when we talk the word Servers, It means a
person or medium that serves something. Similarly in this
digital world a Server is a remote computer which provides
information (data) or access to particular services.

So, it’s basically the Client requesting something and the Server serving it as long as it’s present in
the database.

Let's consider a practical example to understand client-server architecture:

Illustration: Online Shopping Website

1. Client-Side Components:
 Web Browser: The client in this scenario is the user's web browser, such as Google Chrome or
Mozilla Firefox. The web browser acts as the interface between the user and the server. It sends
requests to the server and displays the server's responses.
 User Interface: The client-side also includes the user interface elements of the website, such as
buttons, forms, and menus, which enable users to interact with the website and request specific
actions.
2. Server-Side Components:
 Web Server: The server in this example is the web server, which is responsible for handling client
requests and delivering web pages or resources in response. It processes requests received from
the clients, retrieves data from databases or other sources, and generates dynamic web pages.
 Application Server: In some cases, an application server may be present between the web server
and the databases. The application server handles application logic, business rules, and other
server-side processing required to fulfill the client's requests.
 Database Server: The database server stores and manages the website's data. It holds information
such as product details, user profiles, and order history. The web server or application server
interacts with the database server to retrieve or update data as required by the client's requests.
3. Communication Flow:
 Client Request: The user interacts with the website's user interface through their web browser. For
example, they may click on a product to view its details or add it to their shopping cart. The web
browser sends a request for the corresponding action to the web server.
 Server Processing: The web server receives the client's request and forwards it to the appropriate
components for processing. If necessary, the application server performs any required business
logic or data manipulation. For example, it may retrieve the product information from the database
or update the user's shopping cart.
 Server Response: Once the request has been processed, the server generates a response. This
response typically includes the requested information or confirmation of the requested action. It
may be in the form of HTML pages, JSON data, or other formats suitable for the client to interpret.
 Client Display: The web browser receives the server's response and renders it for the user to view.
It may display the product details, update the shopping cart display, or show a confirmation
message.

In this client-server architecture, the client (web browser) initiates requests and handles the user
interface, while the server (web server, application server, and database server) processes the
requests, retrieves data, and generates the appropriate responses. The communication between the
client and server occurs over a network, typically the internet.

Difference between file server and web server

A file server and web server are two types of servers that are used to store and manage data. A file
server is a computer that stores files and makes them available to other computers on a network. A
web server is a computer that stores webpages and makes them available to users on the internet.
Both types of servers are essential for businesses and organizations to store and manage data.

What is a File Server? A file server is a computer that stores files and makes them available to other
computers on a network. It is used to store and manage data, such as documents, images, audio, and
video. It can also be used to store applications and software. A file server is essential for businesses
and organizations to store and manage data. It is also used to share files between multiple users. A file
server can be used to store and manage data on a local area network (LAN) or a wide area network
(WAN).

What is a Web Server? A web server is a computer that stores webpages and makes them available
to users on the internet. It is used to store and manage webpages, such as HTML, CSS, and JavaScript.
It can also be used to store applications and software. A web server is essential for businesses and
organizations to store and manage data. It is also used to share webpages between multiple users. A
web server can be used to store and manage data on a local area network (LAN) or a wide area
network (WAN).

What are the Differences between a File Server and a Web Server?

The main difference between a file server and a web server is the type of data they store and manage.
A file server is used to store and manage files, such as documents, images, audio, and video. A web
server is used to store and manage webpages, such as HTML, CSS, and JavaScript. Additionally, a file
server is used to share files between multiple users, while a web server is used to share webpages
between multiple users.
 IP-based virtual hosting

IP-based virtual hosting is a method of hosting multiple websites on a single physical server, where
each website is assigned a unique IP address. In this approach, each website has its own dedicated IP
address, allowing it to be uniquely identified on the internet.

Here's how IP-based virtual hosting works:

1. Physical Server: A physical server with a single IP address hosts multiple websites. This server
can be a dedicated server or a shared server, depending on the hosting environment.
2. IP Address Assignment: Each website hosted on the server is assigned its own unique IP
address. These IP addresses can be obtained from the hosting provider or allocated by the network
administrator.
3. DNS Configuration: The Domain Name System (DNS) is configured to associate each website's
domain name with its respective IP address. When a user enters a domain name in their web
browser, the DNS system resolves the domain name to the corresponding IP address.
4. Web Server Configuration: The web server software (e.g., Apache, Nginx) running on the
physical server is configured to handle incoming requests for different IP addresses. Each IP
address is associated with a specific website's configuration.
5. Website Isolation: Each website's files and content are stored in separate directories on the
server, ensuring that they are isolated from one another. This prevents conflicts or unauthorized
access between websites.
6. Request Routing: When a user sends a request to access a specific website, the request is
received by the server with the corresponding IP address. The web server uses the IP address to
identify the correct website's configuration and serves the requested content for that website.

Benefits of IP-based virtual hosting:

1. Direct IP access: Each website has its own dedicated IP address, allowing direct access to the
website without the need for additional configuration or port numbers.
2. SSL/TLS Support: With IP-based virtual hosting, each website can have its own SSL/TLS
certificate installed, enabling secure HTTPS connections for individual websites.
3. Separation and Isolation: Websites hosted on the same server are isolated from one another,
ensuring that issues with one website do not impact the others.

Limitations of IP-based virtual hosting:

1. Limited IP addresses: The availability of IPv4 addresses is limited, and acquiring multiple IP
addresses for each website may not be feasible in some cases. However, with the adoption of IPv6,
which provides a significantly larger address space, this limitation is mitigated.
2. Cost: Depending on the hosting provider, acquiring multiple IP addresses may incur additional
costs.

It's worth noting that an alternative to IP-based virtual hosting is name-based virtual hosting, where
multiple websites are hosted on the same IP address but distinguished by their domain names. In this
case, the web server relies on the "Host" header sent by the client to determine which website's
content to serve. Name-based virtual hosting is more commonly used due to the limited availability of
IPv4 addresses.

What is RAID (Redundant Arrays of Independent Disks)?

RAID or redundant array of independent disks is a data storage virtualization technology that combines
multiple physical disk drive components into one or more logical units for data redundancy,
performance improvement, or both.

It is a way of storing the same data in different places on multiple hard disks or solid-state drives to
protect data in the case of a drive failure. A RAID system consists of two or more drives working in
parallel. These can be hard discs, but there is a trend to use SSD technology (Solid State Drives).

RAID combines several independent and relatively small disks into single storage of a large size. The
disks included in the array are called array members. The disks can combine into the array in
different ways, which are known as RAID levels. Each of RAID levels has its own characteristics of:

o Fault-tolerance is the ability to survive one or several disk failures.

o Performance shows the change in the read and writes speed of the entire array compared to a
single disk.
o The array's capacity is determined by the amount of user data written to the array. The array
capacity depends on the RAID level and does not always match the sum of the RAID member disks'
sizes. To calculate the particular RAID type's capacity and a set of member disks, you can use a
free online RAID calculator.

RAID systems can use with several interfaces, including SATA, SCSI, IDE, or FC (fiber channel.) Some
systems use SATA disks internally but that have a FireWire or SCSI interface for the host system.

Sometimes disks in a storage system are defined as JBOD, which stands for Just a Bunch of Disks. This
means that those disks do not use a specific RAID level and acts as stand-alone disks. This is often
done for drives that contain swap files or spooling data.

How RAID Works

RAID works by placing data on multiple disks and allowing input/output operations to overlap in a
balanced way, improving performance. Because various disks increase the mean time between failures
(MTBF), storing data redundantly also increases fault tolerance.

RAID arrays appear to the operating system as a single logical drive. RAID employs the techniques of
disk mirroring or disk striping.

o Disk Mirroring will copy identical data onto more than one drive.
o Disk Striping partitions help spread data over multiple disk drives. Each drive's storage space is
divided into units ranging from 512 bytes up to several megabytes. The stripes of all the disks are
interleaved and addressed in order.
o Disk mirroring and disk striping can also be combined in a RAID array.

In a single-user system where significant records are stored, the stripes are typically set up to be small
(512 bytes) so that a single record spans all the disks and can be accessed quickly by reading all the
disks at the same time.

In a multi-user system, better performance requires a stripe wide enough

to hold the typical or maximum size record, allowing overlapped disk I/O
across drives.
Levels of RAID

Many different ways of distributing data have been standardized into

various RAID levels. Each RAID level is offering a trade-off of data
protection, system performance, and storage space. The number of levels has been broken into three
categories, standard, nested, and non-standard RAID levels.

Standards RAID Levels

Below are the following most popular and standard RAID levels.

1. RAID 0 (striped disks) - RAID 0 is taking any number of disks and merging them into one large
volume. It will increase speeds as you're reading and writing from multiple disks at a time. But all data
on all disks is lost if any one disk fails. An individual file can then use the speed and capacity of all the
drives of the array. The downside to RAID 0, though, is that it is NOT redundant. The loss of any
individual disk will cause complete data loss. This RAID type is very much less reliable than having a
single disk.

There is rarely a situation where you should use RAID 0 in a server environment. You can use it for
cache or other purposes where speed is essential, and reliability or data loss does not matter at all.

2. RAID 1 (mirrored disks) - It duplicates data across two disks in the array, providing full
redundancy. Both disks are store exactly the same data, at the same time, and at all times. Data is not
lost as long as one disk survives. The total capacity of the array equals
the capacity of the smallest disk in the array. At any given instant, the
contents of both disks in the array are identical.

RAID 1 is capable of a much more complicated configuration. The point of

RAID 1 is primarily for redundancy. If you completely lose a drive, you can
still stay up and running off the other drive.

If either drive fails, you can then replace the broken drive with little to no
downtime. RAID 1 also gives you the additional benefit of increased read performance, as data can
read off any of the drives in the array. The downsides are that you will have slightly higher write
latency. Since the data needs to be written to both drives in the array, you'll only have a single drive's
available capacity while needing two drives.

3. RAID 5(striped disks with single parity) - RAID 5 requires the use of at least
three drives. It combines these disks to protect data against loss of any one disk;
the array's storage capacity is reduced by one disk. It strips data across multiple
drives to increase performance. But, it also adds the aspect of redundancy by
distributing parity information across the disks.

What is disaster recovery? Discuss the various types of Backup.

Disaster recovery refers to the process and strategies put in place to recover and
restore critical systems, data, and infrastructure in the event of a natural or human-made disaster,
system failure, or any other disruptive event that could cause significant downtime or data loss. The
goal of disaster recovery is to minimize the impact of a disaster and restore normal operations as
quickly and efficiently as possible.

Types of Backups in Disaster Recovery:

1. Full Back up:

 Description: A full backup involves creating a complete copy of all data and files in a system or
infrastructure. It captures the entire system at a specific point in time.
 Advantages: Full backups provide a comprehensive and complete snapshot of data and allow for a
straightforward restoration process. They are suitable for critical systems or data that require a
quick recovery time objective (RTO).
 Disadvantages: Full backups can be time-consuming and resource-intensive, as they involve
backing up all data, regardless of whether it has changed since the previous backup. They may
also require significant storage space.
2. Incremental Backup:
 Description: Incremental backups only capture and store changes or additions made since the last
backup, whether it was a full or incremental backup. It saves storage space by only backing up
modified or new data.
 Advantages: Incremental backups are faster and require less storage space compared to full
backups since they only back up changed data. Restoration involves applying the most recent full
backup and then applying subsequent incremental backups.
 Disadvantages: Incremental backups require access to previous backups to restore data properly.
If any incremental backup in the chain is missing or corrupted, the restoration process may be
incomplete or impossible.
3. Differential Backup:
 Description: Differential backups capture and store changes made since the last full backup. Unlike
incremental backups, which only capture changes since the last backup (whether full or
incremental), differential backups capture changes since the last full backup.
 Advantages: Differential backups are faster than full backups and require less storage space.
During restoration, only the last full backup and the most recent differential backup are needed,
simplifying the process compared to incremental backups.
 Disadvantages: Differential backups require more storage space than incremental backups since
they store all changes since the last full backup. With each subsequent differential backup, the size
of the backup file increases.
4. Snapshot Backup:
 Description: Snapshot backups capture the state of a system or data at a specific point in time.
They use a copy-on-write technique to create a point-in-time image of the system, allowing for
quick restoration to that specific state if needed.
 Advantages: Snapshot backups are fast and efficient, as they only capture changes made after the
snapshot is created. They allow for quick and frequent backups without disrupting ongoing
operations.
 Disadvantages: Snapshot backups may require additional storage resources, as they store the
differences or changes between the original state and the snapshot. They may also have
limitations on retention periods due to the storage requirements.

DOS and DDOS attack

A DoS attack is a denial of service attack where a computer is used to flood a server with TCP
and UDP packets.

During this type of attack, the service is put out of action as the packets sent over the network
to overload the server’s capabilities and make the server unavailable to other devices and
users throughout the network. DoS attacks are used to shut down individual machines and networks so
that they can’t be used by other users.

There are a number of different ways that DoS attacks can be used. These include the following:

 Buffer overflow attacks – This type of attack is the most common DOS attack experienced.
Under this attack, the attacker overloads a network address with traffic so that it is put out of use.
 Ping of Death or ICMP flood – An ICMP flood attack is used to take unconfigured or
misconfigured network devices and uses them to send spoof packets to ping every computer
within the target network. This is also known as a ping of death (POD) attack.
 SYN flood – SYN flood attacks send requests to connect to a server but don’t complete the
handshake. The end result is that the network becomes inundated with connection requests that
prevent anyone from connecting to the network.
 Teardrop Attack – During a teardrop DoS attack, an attacker sends IP data packet fragments to a
network. The network then attempts to recompile these fragments into their original packets. The
process of compiling these fragments exhausts the system and it ends up crashing. It crashes
because the fields are designed to confuse the system so that it cannot put them back together.

The ease with which DoS attacks can be coordinated has meant that they have become one of the
most pervasive cyber security threats that modern organizations have to face. DoS attacks are
simple but effective and can bring about devastating damage to the companies or individuals they are
aimed at. With one attack, an organization can be put out of action for days or even weeks.

The time an organization spends offline adds up. Being unable to access the network costs
organizations thousands every year. Data may not be lost but the disruption to service and downtime
can be massive. Preventing DoS attacks is one of the basic requirements of staying protected in the
modern age.

What is a DDoS Attack?

A DDoS attack is one of the most common types of DoS attack in use today. During a DDoS
attack, multiple systems target a single system with malicious traffic. By using multiple
locations to attack the system the attacker can put the system offline more easily.

The reason for this is that there is a larger number of machines at the attackers’ disposal and it
becomes difficult for the victim to pinpoint the origin of the attack.

In addition, using a DDoS attack makes it more complicated for the victim to recover. Nine times
out of ten the systems used to execute DDoS attacks have been compromised so that the attacker can
launch attacks remotely through the use of slave computers. These slave computers are referred to as
zombies or bots.

These bots form a network of connected devices called a botnet that is managed by the attacker
through a command and control server. The command and control server allows the attacker or
botmaster to coordinate attacks. Botnets can be made up of anywhere between a handful of bots to
hundreds of different bots.

Broad Types of DoS and DDoS Attacks

There are a number of broad categories that DoS attacks fall into for taking networks offline. These
come in the form of:

 Volumetric Attacks – Volumetric attacks are classified as any form of attack where a target
network’s bandwidth resources are deliberately consumed by an attacker. Once network
bandwidth has been consumed it is unavailable to legitimate devices and users within the network.
Volumetric attacks occur when the attacker floods network devices with ICMP echo requests until
there is no more bandwidth available.
 Fragmentation Attacks – Fragmentation attacks are any kind of attack that forces a network to
reassemble manipulated network packets. During a fragmentation attack the attacker sends
manipulated packets to a network so that once the network tries to reassemble them, they can’t
be reassembled. This is because the packets have more packet header information than is
permitted. The end result is packet headers which are too large to reassemble in bulk.
 TCP-State Exhaustion Attacks – In a TCP-State Exhaustion attack the attacker targets a web
server or firewall in an attempt to limit the number of connections that they can make. The idea
behind this style of attack is to push the device to the limit of the number of concurrent
connections.
 Application Layer Attacks – Application layer or Layer 7 attacks are attacks that target
applications or servers in an attempt to use up resources by creating as many processes and
transactions possible. Application layer attacks are particularly difficult to detect and address
because they don’t need many machines to launch an attack.

DoS vs. DDoS: What’s the Difference?

The key difference between DoS and DDoS attacks is that the latter uses multiple internet
connections to put the victim’s computer network offline whereas the former uses a single
connection. DDoS attacks are more difficult to detect because they are launched from multiple
locations so that the victim can’t tell the origin of the attack. Another key difference is the volume of
attack leveraged, as DDoS attacks allow the attacker to send massive volumes of traffic to the target
network.

It is important to note that DDoS attacks are executed differently to DoS attacks as well. DDoS
attacks are executed through the use of botnets or networks of devices under the control of an
attacker. In contrast, DoS attacks are generally launched through the use of a script or a DoS
tool like Low Orbit Ion Cannon.

What is virtualization? Discuss about its types.

Virtualization is a technology that enables the creation of virtual versions of physical

resources, such as servers, storage devices, operating systems, or networks. It allows for the
consolidation of multiple virtual resources onto a single physical server, maximizing resource
utilization, and enhancing flexibility and scalability. Virtualization provides an abstraction layer that
separates the physical infrastructure from the software running on it, enabling more efficient resource
management and improved agility. Here are some common types of virtualization:

1. Server Virtualization:
 Description: Server virtualization involves creating multiple virtual servers on a single physical
server, allowing for the consolidation of multiple workloads or operating systems. Each virtual
server operates independently and can run different applications or services.
 Benefits: Server virtualization enables better utilization of hardware resources, reduces hardware
costs, and simplifies server management and provisioning. It provides flexibility, scalability, and
the ability to migrate virtual servers between physical hosts.
2. Storage Virtualization:
 Description: Storage virtualization abstracts physical storage resources, such as disks, arrays, or
tapes, and presents them as logical units that can be managed centrally. It allows for the pooling
of storage resources, simplifying management, and enabling efficient allocation of storage
capacity to different applications or servers.
 Benefits: Storage virtualization improves storage utilization, simplifies management tasks such as
provisioning and data migration, and enhances data availability and resilience through features
like replication and snapshots.
3. Network Virtualization:
 Description: Network virtualization enables the creation of virtual networks that operate
independently of the underlying physical network infrastructure. It abstracts network resources,
such as switches, routers, and firewalls, and allows for the creation of virtual networks with their
own addressing, security policies, and traffic management.
 Benefits: Network virtualization enhances flexibility and agility in network provisioning, reduces
infrastructure costs, and enables better network isolation and security. It simplifies network
management and facilitates the deployment of complex network topologies and services.
4. Desktop Virtualization:
 Description: Desktop virtualization involves creating virtual desktop environments that can be
accessed remotely by end-users. It separates the desktop operating system, applications, and data
from the physical device, allowing users to access their desktop from different devices or locations.
 Benefits: Desktop virtualization provides centralized management, improved security, and easier
software deployment and updates. It enables flexible access to desktops from various devices,
enhances data protection, and simplifies desktop provisioning and recovery.
5. Application Virtualization:
 Description: Application virtualization decouples applications from the underlying operating system
and encapsulates them in a virtual environment. It allows applications to run in isolation, without
conflicts with other applications or the underlying system, simplifying deployment, updating, and
management.
 Benefits: Application virtualization enables efficient software delivery, simplifies application
compatibility across different operating systems, and enhances security by isolating applications
from the underlying system. It facilitates faster application provisioning and reduces compatibility
issues.

These are just a few examples of virtualization types, and there are other forms such as memory
virtualization, GPU virtualization, and more. Each type of virtualization provides its own benefits and
plays a crucial role in optimizing resource utilization, enhancing flexibility, and simplifying
management in various IT environments.

What is the difference between a push and pull marketing strategy?

The difference between push and pull marketing strategies lies in how products or services are
promoted and how customers are influenced to make a purchase decision. Let's explore each strategy:

1. Push Marketing: Push marketing is a proactive approach where businesses push their products
or services to customers. It involves promoting and "pushing" the offerings onto the target
audience. The focus is on generating immediate sales and creating demand through various
promotional activities.

Characteristics:

 Emphasis on personal selling, advertising, and promotional campaigns to push products or services
to customers.
 Messages are often persuasive and aim to create a sense of urgency or desire for the product.
 Distribution channels are controlled, and products are pushed through the channel to retailers or
consumers.
 Limited customer involvement in the decision-making process.

Examples:
 Sales representatives pitching products directly to potential customers.
 Trade shows and exhibitions where businesses showcase their offerings to attract buyers.
 Pushing advertisements through traditional media channels like TV, radio, or print media.
2. Pull Marketing: Pull marketing is a more passive approach that focuses on creating demand and
attracting customers to the products or services. It involves building brand awareness, reputation,
and customer loyalty, ultimately pulling customers towards the offerings.

Characteristics:
 Creation of brand visibility, reputation, and awareness to generate customer interest and demand.
 Strategies involve providing valuable content, building relationships, and engaging with customers
to attract them organically.
 Customers actively seek out the product or service based on their own research,
recommendations, or brand loyalty.
 Distribution channels are customer-driven, with products or services available in various outlets or
online platforms.
Examples:

 Content marketing efforts such as blogs, articles, videos, or social media content to attract and
engage target customers.
 Search engine optimization (SEO) and search engine marketing (SEM) to ensure visibility and
attract customers actively searching for relevant products or services.
 Word-of-mouth marketing and customer referrals where satisfied customers recommend products
to others.

Key Differences:

1. Approach: Push marketing uses a proactive, promotional approach to push products or services
to customers, while pull marketing focuses on attracting customers organically through brand
awareness and reputation.
2. Communication Style: Push marketing often involves persuasive messages and one-way
communication, while pull marketing emphasizes two-way communication, engagement, and
relationship-building.
3. Customer Involvement: Push marketing has limited customer involvement in the decision-
making process, whereas pulls marketing relies on customers actively seeking out and choosing
products or services based on their own research or interest.
4. Distribution Channels: Push marketing often involves controlled distribution channels, with
products being pushed through the channel to retailers or consumers. In pull marketing,
distribution channels are customer-driven, with products or services available in various outlets or
online platforms.
5. Timeframe: Push marketing aims for immediate sales and short-term results, while pull marketing
focuses on long-term brand building, loyalty, and customer retention.

Both push and pull marketing strategies have their advantages and are often used in combination to
achieve marketing objectives. The choice of strategy depends on factors such as the nature of the
product or service, target audience, industry, and marketing goals.

Explain the link between e-marketing and e-business and why they may be considered
separately?

E-marketing and e-business are closely related concepts that are often used interchangeably, but they
have distinct meanings and can be considered separately.

1. E-marketing:
 E-marketing, also known as electronic marketing or online marketing, refers to the use of digital
channels and technologies to promote products, services, or brands to target customers. It
encompasses all marketing activities conducted online, including advertising, email marketing,
search engine optimization (SEO), social media marketing, content marketing, and more.
 E-marketing focuses specifically on the promotion and communication aspects of business
activities in the online realm. It leverages digital channels and tools to reach and engage with
customers, drive website traffic, generate leads, and ultimately convert them into customers.
2. E-business:
 E-business, short for electronic business, is a broader concept that encompasses the entire range
of business activities conducted electronically. It refers to the use of digital technologies to
manage and operate various aspects of a business, including purchasing, selling, customer
relationship management (CRM), supply chain management, inventory management, and more.
 E-business encompasses not only marketing activities but also other core business functions, such
as online transactions, customer support, order processing, and fulfillment. It involves the
integration of technology into all aspects of business operations to improve efficiency, streamline
processes, and enhance customer experiences.

Link between E-marketing and E-business:

 E-marketing is a subset of e-business, as it focuses specifically on the marketing activities

conducted online as part of a broader e-business strategy.
 E-marketing supports and complements the overall e-business objectives by leveraging digital
marketing channels to attract and engage customers, drive sales, and build brand awareness.
 E-marketing plays a crucial role in the success of e-business by reaching and connecting with
target audiences, promoting products or services effectively, and driving traffic and conversions to
the online platforms or channels used in e-business.

Reasons for considering them separately: While e-marketing and e-business are closely related and
often intertwined, there are reasons why they may be considered separately:

1. Focus: E-marketing specifically focuses on marketing activities, while e-business encompasses a

broader scope, including marketing, sales, operations, and other business functions. Separating
them allows for a more targeted analysis and understanding of marketing strategies and tactics in
the digital realm.
2. Expertise: E-marketing often requires specialized skills and knowledge in digital marketing
techniques, tools, and platforms. Considering it separately allows organizations to allocate specific
resources and expertise to effectively execute online marketing campaigns.
3. Strategic Planning: Separating e-marketing from e-business allows for distinct strategic planning
and resource allocation. It enables organizations to develop comprehensive marketing strategies
that align with the broader business objectives and effectively integrate them into the overall e-
business strategy.
4. Scalability and Flexibility: By considering them separately, organizations can adapt and scale
their e-marketing efforts to suit evolving market trends, consumer behaviors, and technological
advancements. This flexibility allows for agile marketing strategies that can be adjusted without
major disruptions to other e-business operations.

While e-marketing and e-business are interconnected and mutually support each other, understanding
their individual significance and nuances helps organizations develop effective strategies, allocate
resources appropriately, and drive success in the digital landscape.

Once a company has acquired customer, the key to maximizing revenue is keeping them.
Explain how e-commerce is helpful in customer retention?

1. Personalization and Customization:

 E-commerce platforms enable businesses to collect and analyze customer data, such as purchase
history, preferences, and browsing behavior. This information can be utilized to personalize the
customer experience.
 Personalized product recommendations, tailored offers, and targeted email campaigns can be
implemented based on individual customer preferences, increasing customer satisfaction and
engagement.
2. Loyalty Programs and Rewards:
 E-commerce allows businesses to implement loyalty programs and rewards systems easily.
Customers can accumulate points, receive exclusive discounts, or enjoy special perks based on
their purchase history and engagement with the brand.
 Loyalty programs encourage repeat purchases, foster a sense of exclusivity, and incentivize
customers to continue buying from the company.
3. Easy and Convenient Shopping Experience:
 E-commerce platforms provide customers with convenience and flexibility. They can shop anytime,
anywhere, without the constraints of physical store hours or location.
 Features like saved customer profiles, personalized product recommendations, and quick checkout
processes streamline the shopping experience, reducing friction and enhancing customer
satisfaction.
4. Communication and Engagement:
 E-commerce platforms enable direct and ongoing communication with customers through various
channels, including email marketing, social media, chatbots, and personalized notifications.
 Regular communication keeps customers informed about new products, promotions, and updates,
nurturing the relationship and maintaining top-of-mind awareness.
5. Post-Purchase Support and Service:
 E-commerce platforms allow for efficient post-purchase support, including order tracking, returns,
exchanges, and customer service. Quick and hassle-free resolution of issues enhances customer
satisfaction and loyalty.
 Providing exceptional customer service through multiple channels, such as live chat, email, or
phone support, helps build trust and loyalty among customers.
6. User-generated Reviews and Social Proof:
 E-commerce platforms facilitate customer reviews and ratings, allowing shoppers to share their
experiences and opinions about products or services.
 Positive reviews and social proof contribute to building trust, credibility, and confidence among
potential customers, increasing the likelihood of repeat purchases.
7. Data Analytics and Insights:
 E-commerce platforms offer robust analytics capabilities, enabling businesses to gain insights into
customer behavior, preferences, and trends.
 By analyzing customer data, businesses can identify opportunities for upselling, cross-selling, and
personalized marketing initiatives, leading to increased customer retention and revenue.

What are some of the unique features of e-commerce technology?

E-commerce technology offers a range of unique features and capabilities that distinguish it from
traditional brick-and-mortar retail. Here are some of the notable features of e-commerce technology:

1. Online Presence: E-commerce technology enables businesses to establish a digital storefront,

creating an online presence accessible to customers worldwide. This allows businesses to reach a
broader audience and operate beyond physical limitations.
2. Global Reach: E-commerce technology breaks down geographical barriers, allowing businesses to
sell products or services to customers anywhere in the world. It opens up opportunities for
international expansion and facilitates cross-border transactions.
3. 24/7 Availability: E-commerce platforms enable businesses to operate round the clock, providing
customers with the convenience of shopping at any time that suits them. This flexibility ensures
businesses can capture sales opportunities at all hours, even when physical stores are closed.
4. Scalability and Flexibility: E-commerce technology provides scalability, allowing businesses to
easily expand their product offerings, handle increased traffic, and accommodate growing
customer demands. It offers flexibility in managing inventory, pricing, and promotions.
5. Secure Online Transactions: E-commerce technology includes robust security measures to
protect sensitive customer information and ensure secure online transactions. Encryption, secure
payment gateways, and compliance with industry standards help build trust and confidence in the
online shopping experience.
6. Personalization and Customer Segmentation: E-commerce platforms enable businesses to
gather customer data and leverage it to personalize the shopping experience. Through techniques
such as product recommendations, targeted offers, and personalized marketing campaigns,
businesses can cater to individual customer preferences and increase customer satisfaction.
7. Mobile Commerce: E-commerce technology supports mobile commerce (m-commerce), allowing
customers to shop using their smartphones and tablets. Mobile-responsive websites, dedicated
mobile apps, and mobile payment options enhance convenience and accessibility for mobile users.
8. Analytics and Insights: E-commerce technology provides powerful analytics tools to track and
analyze customer behavior, purchase patterns, and website performance. Businesses can gain
valuable insights to optimize marketing strategies, improve conversion rates, and make data-
driven decisions.
9. Integration with Other Systems: E-commerce platforms can integrate with various systems
and applications, such as customer relationship management (CRM), inventory management, order
fulfillment, and payment gateways. This integration streamlines operations, enhances efficiency,
and improves the overall customer experience.
10. Customer Support and Engagement: E-commerce technology facilitates various customer
support channels, including live chat, chatbots, email, and social media. These channels enable
businesses to engage with customers, provide assistance, and resolve queries promptly.
11. Social Commerce: E-commerce technology integrates social media platforms, allowing
businesses to leverage social networks for product discovery, social sharing, and customer
engagement. Social commerce features enable customers to make purchases directly within social
media platforms.

These unique features of e-commerce technology contribute to its growing popularity and
effectiveness in the digital marketplace. They empower businesses to create compelling online
experiences, expand their reach, drive sales, and build lasting relationships with customers.

Web application control

Web application control refers to the implementation of measures and mechanisms to manage and
regulate the behavior, security, and access of web applications. It involves implementing various
controls to ensure the proper functioning, security, and compliance of web applications. Here are some
key aspects of web application control:

1. Access Control:
 Authentication: Implementing user authentication mechanisms to verify the identity of users
accessing the web application.
 Authorization: Assigning appropriate permissions and access rights to different users or user
groups, ensuring that they can only access authorized resources and perform allowed actions.
 Role-Based Access Control (RBAC): Defining roles and associating specific privileges with those
roles to simplify access management.
2. Input Validation and Sanitization:
 Implementing input validation mechanisms to ensure that user-supplied data is checked for
validity, preventing potential security vulnerabilities such as SQL injection, cross-site scripting
(XSS), and other injection attacks.
 Applying data sanitization techniques to remove or neutralize potentially malicious or unintended
content from user input before processing or storing it.
3. Secure Communications:
 Implementing secure communication protocols, such as HTTPS (HTTP over SSL/TLS), to ensure that
data transmitted between the web application and users is encrypted and protected against
eavesdropping and tampering.
4. Error Handling and Logging:
 Implementing proper error handling mechanisms to provide meaningful error messages to users
while avoiding the disclosure of sensitive information.
 Enabling comprehensive logging of application activities and security-related events for
monitoring, troubleshooting, and auditing purposes.
5. Session Management:
 Implementing secure session management techniques, including session timeouts, secure session
token generation, and protection against session hijacking or fixation attacks.
6. Secure Configuration:
 Applying secure configuration practices for web servers, application frameworks, and underlying
software components, ensuring that default or insecure settings are appropriately modified to
enhance security.
7. Security Testing and Vulnerability Assessment:
 Conducting regular security testing, including vulnerability scanning, penetration testing, and code
reviews, to identify and address potential security weaknesses in the web application.
8. Compliance and Regulatory Considerations:
 Implementing controls to ensure compliance with applicable regulations and standards, such as
data protection regulations (e.g., GDPR), industry-specific requirements (e.g., PCI DSS for payment
processing), and privacy guidelines.
9. Regular Updates and Patch Management:
 Keeping the web application and its underlying software components up to date with the latest
security patches and updates to address known vulnerabilities.
10. Secure Deployment and Hosting:

 Ensuring that the web application is deployed and hosted in a secure environment, following best
practices for server hardening, network security, and secure deployment configurations.

How does digital certificate differ from digital signature?

Digital Certificate and Digital Signature are both cryptographic mechanisms used in the field of
information security, but they serve different purposes. Here's how they differ:

Digital Certificate: A digital certificate, also known as a public key certificate, is a digital document
that verifies the authenticity and identity of an entity, such as a person, organization, or website. It is
issued by a trusted third-party organization called a Certificate Authority (CA). The main purpose of a
digital certificate is to establish trust and enable secure communication in a public key infrastructure
(PKI) environment.

Key characteristics of a digital certificate include:

1. Identification: A digital certificate contains information about the entity's identity, such as its
name, email address, or website domain.
2. Public Key: The digital certificate includes the entity's public key, which is used for encryption,
decryption, or verification purposes.
3. Certificate Authority Signature: The digital certificate is digitally signed by the Certificate
Authority to verify its authenticity and integrity.
4. Validity Period: A digital certificate has a specific validity period during which it is considered
valid. After expiration, it needs to be renewed.

Digital Signature: A digital signature is a cryptographic mechanism used to ensure the integrity,
authenticity, and non-repudiation of digital documents or messages. It is generated using the private
key of the signer and can be verified using the corresponding public key. The purpose of a digital
signature is to provide assurance that the document or message has not been tampered with and that
it originated from the claimed sender.

Key characteristics of a digital signature include:

1. Integrity: A digital signature ensures that the contents of the digitally signed document or
message have not been altered since the signature was applied.
2. Authentication: The digital signature verifies the identity of the signer by associating the
signature with their unique private key.
3. Non-Repudiation: A digital signature provides evidence that the signer cannot deny their
involvement in signing the document or message.
4. Time Stamp: Digital signatures can be accompanied by a timestamp to provide further evidence
of the signing time.

In summary, a digital certificate is used to establish trust in the identity of an entity, while a digital
signature is used to verify the integrity and authenticity of digital documents or messages. A digital
certificate contains the public key of an entity, while a digital signature is generated using the private
key of the signer. Both mechanisms play vital roles in ensuring secure communication and verifying
the integrity of digital information.

Virtual society
Virtual society refers to a community or social environment that exists primarily online or in virtual
spaces. It is a concept that has emerged with the advancement of technology and the widespread use
of the internet. Virtual societies are characterized by their digital nature, where individuals interact,
collaborate, and form relationships in a virtual or simulated environment.

Key aspects of virtual societies include:

1. Online Communities: Virtual societies are formed through online communities, where individuals
with shared interests, hobbies, or goals come together to interact, share information, and engage
in activities. These communities can be based on platforms such as social media, forums, online
gaming, or virtual worlds.
2. Social Interactions: Virtual societies facilitate social interactions through various means,
including chat platforms, messaging systems, video conferencing, and virtual avatars. People can
communicate, form friendships, and engage in group activities, discussions, or collaborations,
regardless of geographical distances.
3. Identity and Representation: In virtual societies, individuals often create digital identities or
avatars that represent themselves within the virtual environment. These identities can be
customized and personalized, allowing individuals to express themselves and interact with others
in different ways.
4. Shared Spaces and Environments: Virtual societies often provide shared spaces or
environments where individuals can gather, participate in events, explore virtual worlds, or engage
in collaborative activities. These spaces can be created and controlled by the community members
themselves or provided by specific platforms.
5. Social Norms and Rules: Virtual societies develop their own social norms, rules, and etiquette
that govern interactions and behaviors within the community. These norms may differ from those
observed in the physical world and can be influenced by the specific context or purpose of the
virtual society.
6. Collaboration and Co-Creation: Virtual societies foster collaboration and co-creation among
members. They provide platforms for individuals to work together, share ideas, create content, and
participate in joint projects or initiatives.
7. Digital Economies: Some virtual societies have their own digital economies where virtual goods,
services, or currencies are exchanged. These economies can have real-world implications, with
individuals engaging in trade, entrepreneurship, or economic activities within the virtual
environment.
8. Challenges and Opportunities: Virtual societies face challenges related to privacy, security,
online harassment, and the management of virtual communities. However, they also offer
opportunities for social connection, knowledge sharing, learning, creativity, and the exploration of
new forms of social interaction.

Virtual societies have become an integral part of contemporary society, providing platforms for
individuals to connect, collaborate, and engage in social interactions beyond physical limitations. They
enable the formation of communities based on shared interests, values, or goals and offer unique
opportunities for socialization, learning, and self-expression in the digital realm.

Here are some types of virtual societies:

1. Social Networking Sites: Social networking sites like Facebook, Twitter, Instagram, and LinkedIn
allow individuals to create profiles, connect with friends or colleagues, share updates, and engage
in conversations. These platforms often have features such as groups, pages, and messaging
systems to facilitate community interaction.
2. Online Forums: Online forums are platforms where users can post and discuss topics of interest.
They are organized into categories or sub-forums, and users can participate in discussions by
creating threads, responding to posts, and exchanging information or opinions. Examples include
Reddit, Quora, and Stack Exchange.
3. Online Gaming Communities: Online gaming communities bring together gamers who interact
and collaborate within virtual gaming environments. Players can communicate through in-game
chat, join guilds or clans, participate in multiplayer competitions, and form friendships or alliances.
Examples include World of Warcraft, Fortnite, and League of Legends.
4. Virtual Worlds: Virtual worlds are immersive digital environments where users can create
avatars and interact with others in a virtual space. These environments often offer various
activities, such as exploration, socializing, building, and participating in virtual economies. Second
Life and IMVU are examples of virtual world platforms.
5. Professional and Interest-Based Communities: Virtual societies also exist around specific
professions, hobbies, or interests. These communities provide platforms for individuals to connect
with like-minded individuals, share knowledge, and collaborate. Examples include GitHub for
software developers, Behance for designers, and online communities for specific hobbies like
photography or cooking.
6. Online Support Groups: Online support groups provide a space for individuals facing similar
challenges or health conditions to connect and offer support to one another. These communities
allow members to share experiences, ask questions, and provide emotional support in a virtual
setting. Examples include support groups for mental health, chronic illnesses, or specific life
circumstances.
7. Educational and Learning Communities: Online educational communities bring together
learners and instructors to facilitate knowledge sharing and skill development. These communities
often include online courses, discussion forums, and resources for learners to engage with one
another and enhance their learning experience. Platforms like Coursera, Udemy, and Khan
Academy foster such virtual societies.
 What are malicious codes? Explain their types.

Malicious codes, also known as malware, refer to software or code designed to cause harm to a
computer system, network, or user. These codes are created with the intent to gain unauthorized
access, disrupt operations, steal information, or cause other malicious activities. There are various
types of malicious codes, some of which are:

1. Viruses: Viruses are programs that replicate and attach themselves to other legitimate files or
programs. They spread by infecting files and can cause damage by corrupting data, modifying or
deleting files, or disrupting system functionality.
2. Worms: Worms are standalone programs that self-replicate and spread across networks without
needing a host file. They exploit vulnerabilities in operating systems or applications to propagate,
often causing network congestion and system slowdowns.
3. Trojans: Trojans, named after the Greek mythological story of the Trojan Horse, are programs that
disguise themselves as legitimate software. They trick users into installing them, and once
activated, they perform malicious activities such as data theft, remote control of the system, or
enabling unauthorized access.
4. Ransomware: Ransomware is a type of malware that encrypts the victim's files or locks the
system, making them inaccessible. The attacker then demands a ransom in exchange for restoring
access to the files or system. Ransomware often spreads through email attachments, malicious
downloads, or exploiting vulnerabilities.
5. Spyware: Spyware is designed to secretly monitor and gather information about a user's activities
without their consent. It can track keystrokes, capture screenshots, record browsing habits, and
steal sensitive information such as passwords or credit card details. The collected data is usually
sent to remote servers for malicious purposes.
6. Adware: Adware, short for advertising-supported software, is a type of malware that displays
unwanted advertisements to users. It often comes bundled with legitimate software and generates
revenue for the attacker through ad clicks or impressions. Adware can degrade system
performance and compromise user privacy.
7. Botnets: Botnets are networks of compromised computers, also known as "zombies" or "bots,"
controlled by a central command-and-control server. These infected computers can be used for
various malicious activities, such as launching distributed denial-of-service (DDoS) attacks, sending
spam emails, or distributing malware.
8. Rootkits: Rootkits are malicious tools or programs designed to gain unauthorized administrative
access to a system and maintain persistent control. They hide their presence by modifying system
files or intercepting system functions, making them difficult to detect or remove.
9. Keyloggers: Keyloggers record a user's keystrokes, capturing sensitive information such as
usernames, passwords, or credit card details. They can be either software-based or hardware-
based and are often used for identity theft or unauthorized access.
10. Logic Bombs: Logic bombs are code snippets or programs that execute malicious actions when
specific conditions are met. They are typically hidden within legitimate software and trigger
actions such as data deletion or system disruption at a pre-defined time or event.

It is essential to have robust security measures, such as antivirus software, regular updates, and user
awareness, to protect against these types of malicious codes.

Explain brokerage and affiliate business model in brief.

Here's a brief explanation of the brokerage and affiliate business models:

1. Brokerage Business Model: The brokerage business model involves acting as an intermediary
between buyers and sellers, facilitating transactions and earning a commission or fee for each
successful transaction. Brokers connect buyers and sellers in various industries, such as real
estate, finance, insurance, and e-commerce.
The key features of the brokerage business model include:

 Market facilitation: Brokers provide a platform or marketplace where buyers and sellers can
come together to conduct transactions.
 Matching buyers and sellers: Brokers help buyers find suitable sellers and vice versa, ensuring
a smooth transaction process.
 Transaction facilitation: Brokers assist in negotiating terms, ensuring legal compliance, and
handling documentation and paperwork.
 Commission or fee-based revenue: Brokers earn their revenue by charging a percentage or
fixed fee for each transaction completed through their platform or service.
 Trusted intermediary: Brokers often play a crucial role in building trust between parties,
verifying information, and providing transparency in transactions.

Examples of brokerage business models include real estate agencies, stockbrokers, insurance brokers,
travel agencies, and online marketplaces like eBay and Airbnb.

2. Affiliate Business Model: The affiliate business model involves promoting and selling products
or services on behalf of another company or merchant. Affiliates earn a commission for each sale,
lead, or action generated through their marketing efforts. This model is commonly used in e-
commerce and digital marketing.

Key aspects of the affiliate business model are:

 Partnership with merchants: Affiliates form partnerships or join affiliate programs offered by
merchants or companies that have products or services to sell.
 Promotional activities: Affiliates promote the merchant's products or services through various
channels such as websites, blogs, social media, email marketing, or paid advertising.
 Unique tracking links or codes: Affiliates use unique tracking links or codes provided by the
merchant to track the referrals or sales generated through their marketing efforts.
 Commission-based revenue: Affiliates earn a commission or percentage of the sale value when
a customer makes a purchase or performs a specific action through their affiliate link.
 Performance-driven: The success of affiliate marketing depends on the affiliate's ability to drive
traffic, conversions, and sales for the merchant.

Examples of the affiliate business model include Amazon Associates, where affiliates earn a
commission for referring customers to Amazon, or affiliate marketing programs offered by various
companies in industries such as fashion, beauty, technology, and online courses.

Both brokerage and affiliate business models involve acting as intermediaries and earning revenue
through successful transactions. However, while brokers facilitate transactions directly between buyers
and sellers, affiliates focus on promoting and selling products or services on behalf of merchants.

What is dynamic pricing? What are the different categories of dynamic pricing based on
buyers and sellers?

Dynamic pricing is a pricing strategy where the price of a product or service is adjusted in real-time
based on various factors such as demand, supply, market conditions, customer behavior, or competitor
pricing. It allows businesses to optimize their pricing dynamically to maximize revenue and
profitability.

Based on the buyers and sellers involved, dynamic pricing can be categorized into the following types:
1. Customer-Based Dynamic Pricing: This category focuses on adjusting prices based on
individual customer characteristics or behavior. It aims to tailor pricing to match the willingness to
pay of different customers. Examples include:
 Personalized Pricing: Offering different prices to different customers based on factors like past
purchase history, browsing behavior, demographics, or loyalty status.
 Segmented Pricing: Dividing customers into groups or segments based on specific criteria and
setting different prices for each segment. Common segmentation factors include geographic
location, age, income, or purchasing power.
2. Time-Based Dynamic Pricing: Time-based dynamic pricing involves adjusting prices based on
the time or season. This approach takes into account factors such as peak hours, seasonal demand
fluctuations, or changing market conditions. Examples include:
 Surge Pricing: Increasing prices during high-demand periods or specific events. This is commonly
observed in industries like ride-sharing services, hotel bookings, or concert tickets.
 Off-Peak Pricing: Offering discounted prices during low-demand periods to incentivize customers
and fill capacity. This is often seen in travel bookings, hotel reservations, or utility services.
3. Competitive-Based Dynamic Pricing: This category focuses on adjusting prices based on
competitor prices and market conditions. It involves monitoring competitors' pricing strategies and
making real-time pricing adjustments to gain a competitive advantage. Examples include:
 Price-Matching: Setting prices equal to or slightly lower than competitors' prices to attract
customers and remain competitive.
 Dynamic Repricing: Using automated algorithms and data analysis to adjust prices in response to
competitor price changes, inventory levels, or market dynamics. This approach is commonly used
in e-commerce and online marketplaces.
4. Supply-Based Dynamic Pricing: Supply-based dynamic pricing involves adjusting prices based
on the availability or scarcity of products or resources. The goal is to optimize pricing based on
supply and demand dynamics. Examples include:
 Demand-Supply Balancing: Increasing prices when demand exceeds supply to manage scarcity
and prevent stockouts. This is often observed in industries like airlines, hotels, or limited edition
products.
 Clearance Pricing: Offering discounts on products or services to clear excess inventory and avoid
losses. Retailers frequently employ this strategy to sell outdated or seasonal items.

Define electronic fraud detection system.

An electronic fraud detection system is a technology-based solution designed to identify and prevent
fraudulent activities within electronic transactions or digital environments. It uses various techniques,
algorithms, and data analysis to detect patterns, anomalies, or suspicious behavior that may indicate
fraudulent activity. The primary goal of an electronic fraud detection system is to protect individuals,
businesses, and organizations from financial losses, data breaches, and reputational damage caused
by fraudulent activities.

Key features and components of an electronic fraud detection system may include:

1. Data Collection: The system collects and aggregates relevant data from various sources,
including transaction logs, user profiles, historical data, and external databases.
2. Rules and Patterns: It utilizes predefined rules and patterns to identify known fraud patterns and
suspicious behaviors. These rules are often based on historical fraud cases, industry best practices,
or regulatory requirements.
3. Machine Learning and AI: Advanced electronic fraud detection systems employ machine
learning and artificial intelligence algorithms to analyze large volumes of data, identify hidden
patterns, and adapt to evolving fraud techniques. They can learn from new data and improve their
accuracy over time.
4. Real-Time Monitoring: The system monitors transactions, activities, and user behavior in real-
time to quickly identify and respond to potential fraud attempts. It can automatically flag or block
suspicious transactions for further investigation.
5. Anomaly Detection: The system employs anomaly detection techniques to identify unusual or
abnormal activities that deviate from normal patterns. This includes identifying unexpected
transaction amounts, atypical user behaviors, or unusual IP addresses.
6. Data Analytics and Risk Scoring: The system applies data analytics to assess the risk
associated with each transaction or user. It assigns risk scores or ranks transactions based on the
likelihood of fraud, enabling prioritization of investigation and mitigation efforts.
7. Integration with Fraud Databases: The system integrates with fraud databases or shared
networks where fraudulent activities are reported and shared among organizations. This allows for
real-time collaboration and information sharing to combat fraud effectively.
8. Reporting and Alerts: The system generates reports, alerts, and notifications to inform relevant
stakeholders about identified fraudulent activities or suspicious patterns. This enables timely
intervention, investigation, and prevention of further losses.

Electronic fraud detection systems are used across various industries, including banking and finance,
e-commerce, insurance, healthcare, and government agencies. They work in conjunction with other
security measures, such as authentication mechanisms, encryption, and access controls, to create a
comprehensive defense against electronic fraud.

History of ecommerce in Nepal

The history of e-commerce in Nepal is relatively short compared to more developed markets. The
growth of e-commerce in the country can be divided into several phases:

1. Emergence and Early Adoption (Late 1990s - Early 2000s): The concept of e-commerce
started gaining attention in Nepal in the late 1990s. During this period, a few businesses began
exploring online sales and set up basic e-commerce websites. However, the adoption and growth
were limited due to factors such as low internet penetration, lack of awareness, and trust in online
transactions.
2. Expansion of Internet Connectivity (Mid-2000s): In the mid-2000s, Nepal witnessed
significant progress in internet connectivity. Internet service providers improved the quality and
coverage of internet services, making it more accessible to a larger population. This expansion of
internet connectivity laid the foundation for the growth of e-commerce.
3. Pioneering E-commerce Platforms (Late 2000s - Early 2010s): During this period, a few
pioneering e-commerce platforms and websites started to emerge in Nepal. These platforms aimed
to provide a marketplace for businesses to sell their products and services online. Examples
include Muncha.com and Thamel.com, which focused on selling products ranging from gifts to
electronics.
4. Rise of Online Marketplaces (2010s): The 2010s marked a significant turning point for e-
commerce in Nepal with the emergence of online marketplaces. Platforms such as Daraz,
Sastodeal, Kaymu (now merged with Daraz), and Hamrobazar gained popularity and became key
players in the e-commerce landscape. These marketplaces provided a wide range of products
across various categories, offering convenience and choice to consumers.
5. Government Support and Initiatives: Recognizing the potential of e-commerce, the Nepalese
government has taken steps to support its growth. The government has introduced policies and
initiatives to improve internet infrastructure, digital payment systems, and regulations related to
online transactions and consumer protection. These efforts have created a more favorable
environment for e-commerce development.
6. Mobile Commerce (M-commerce) and Payment Solutions: The increasing adoption of
smartphones and mobile internet access has played a crucial role in the growth of e-commerce in
Nepal. Mobile commerce (m-commerce) has become popular, allowing consumers to make
purchases and payments through mobile apps. Mobile payment solutions such as eSewa, Khalti,
 and IME Pay have gained popularity, providing convenient and secure payment options for online
transactions.
7. Challenges and Future Prospects: E-commerce in Nepal still faces challenges such as limited
internet access in rural areas, inadequate online payment options, and consumer trust issues.
However, with increasing internet penetration, rising digital literacy, and government support, the
future prospects for e-commerce in Nepal are promising. Continued efforts to address challenges
and build a robust e-commerce ecosystem are crucial for sustained growth.

Overall, while the history of e-commerce in Nepal is relatively short, it has shown steady progress and
has the potential to transform the retail landscape, providing businesses with new opportunities and
consumers with increased convenience and access to a wider range of products and services.

Authentication & Authorization

What Is Authentication? Authentication is the act of validating that users are whom they claim to
be. This is the first step in any security process.
Complete an authentication process with:
 Passwords. Usernames and passwords are the most common authentication factors. If a user
enters the correct data, the system assumes the identity is valid and grants access.
 One-time pins. Grant access for only one session or transaction.
 Authentication apps. Generate security codes via an outside party that grants access.
 Biometrics. A user presents a fingerprint or eye scan to gain access to the system.

In some instances, systems require the successful verification of more than one factor before granting
access. This multi-factor authentication (MFA) requirement is often deployed to increase security
beyond what passwords alone can provide.

What Is Authorization?

Authorization in system security is the process of giving the user permission to access a specific
resource or function. This term is often used interchangeably with access control or client privilege.

Giving someone permission to download a particular file on a server or providing individual users with
administrative access to an application are good examples of authorization.

In secure environments, authorization must always follow authentication. Users should first prove that
their identities are genuine before an organization’s administrators grant them access to the
requested resources.

Authentication vs. Authorization

Despite the similar-sounding terms, authentication and authorization are separate steps in the login
process. Understanding the difference between the two is key to successfully implementing an IAM
solution.

Let's use an analogy to outline the differences.

Consider a person walking up to a locked door to provide care to a pet while the family is away on
vacation. That person needs:

 Authentication, in the form of a key. The lock on the door only grants access to someone with
the correct key in much the same way that a system only grants access to users who have the
correct credentials.
 Authorization, in the form of permissions. Once inside, the person has the authorization to
access the kitchen and open the cupboard that holds the pet food. The person may not have
permission to go into the bedroom for a quick nap.

Authentication and authorization work together in this example. A pet sitter has the right to enter the
house (authentication), and once there, they have access to certain areas (authorization).

Authentication Authorization
What does it do? Verifies credentials Grants or denies permissions
How does it work? Through passwords, biometrics, one-time Through settings maintained by
pins, or apps security teams
Is it visible to the Yes No
user?
It is changeable by Partially No
the user?
How does data Through ID tokens Through access tokens
move?
How ecommerce framework works?
An e-commerce framework is a software architecture or structure that provides a foundation for
building and operating an e-commerce website or application. It defines the structure, components,
and functionality required to support online transactions, product catalog management, customer
interactions, and other essential aspects of an e-commerce system. Here is a general overview of how
an e-commerce framework works:

1. Front-End Presentation Layer: The framework includes a front-end layer responsible for the
user interface and presentation of the e-commerce website or application. This layer typically
consists of web pages, templates, and CSS styles that define the visual design and layout. It
handles user interactions, displays product information, and facilitates the shopping experience.
2. Product Catalog Management: The framework provides mechanisms for managing the product
catalog, including product information, categories, pricing, and inventory. It allows administrators
to add, edit, and organize product details, images, and attributes. This information is stored in a
database or content management system (CMS) and is used to dynamically generate product
listings and pages.
3. Shopping Cart and Checkout Process: The framework includes features for managing the
shopping cart and the checkout process. It allows users to add products to their cart, view the
contents, and proceed to checkout. The framework handles calculations such as subtotal, taxes,
shipping charges, and discounts. It also integrates with payment gateways to securely process
payment transactions.
4. User Account Management: The framework provides functionality for user account
management. It enables users to register, create accounts, and manage their personal
information, addresses, and payment methods. Registered users can view order history, track
shipments, and manage their preferences. The framework may also include features for guest
checkout for users who prefer not to create an account.
5. Order Management and Fulfillment: The framework includes modules for managing orders,
order processing, and fulfillment. It allows administrators to view and process incoming orders,
update order status, generate invoices and packing slips, and communicate with customers
regarding order updates and delivery information. Integration with shipping carriers or fulfillment
services may also be included.
6. Payment Gateway Integration: The framework integrates with payment gateways to facilitate
secure and seamless payment transactions. It handles the communication between the e-
commerce system and the payment gateway, allowing customers to choose their preferred
payment method, such as credit card, debit card, or digital wallets. The framework typically
includes encryption and security measures to protect sensitive customer payment information.
7. Reporting and Analytics: The framework may provide reporting and analytics features to track
and analyze various aspects of the e-commerce business. It generates reports on sales
performance, customer behavior, popular products, and other key metrics. These insights help
businesses make data-driven decisions and optimize their e-commerce operations.
8. Integration with Third-Party Services: E-commerce frameworks often support integration with
various third-party services and APIs. This may include integration with shipping carriers for real-
time shipping rates, inventory management systems for accurate stock levels, marketing platforms
for email campaigns and promotions, and social media platforms for sharing and advertising
products.

Overall, an e-commerce framework acts as a foundation for building and operating an online store or
application. It provides a structured approach to handle essential e-commerce functionalities, ensuring
a smooth and seamless shopping experience for customers while enabling businesses to manage their
products, orders, and customer interactions efficiently.

PEM & PGP

Privacy Enhanced Mail (PEM) and its Working

Privacy Enhanced Mail (PEM) is an email security standard to provide secures electronic mail
communication over the internet. Security of email messages has become extremely important
nowadays. In order to deal with the security issues of emails the internet architecture board has
adopted it. The PEM mainly provides the following services:

1. Confidentiality – Confidentiality refers to the act of preventing unauthorized access to the

information hence protecting it. The confidentiality is obtained in PEM by encrypting the messages
by using various standard algorithms such as Data Encryption Standard (DES). DES in cipher block
chaining mode is being currently used by PEM.
2. Integrity – - Data integrity refers to the consistency of data throughout its life cycle. This is
obtained by using a unique concept called as message digest where message digest is a hash
function which converts the message into an image called digest on taking the message as input.
PEM uses RSA encryption, MD2 and MD5 hash functions to generate the digests. An octet value is
generated from the hash functions which is then encrypted which is then run against the message
digest by the receiver assured of the integrity of the message that is transmitted.

Working of PEM: The PEM works basically in 4 main steps.

1. Canonical Conversion – This step involves the conversion of the message into a standard format
that is independent of the computer architecture and the operating system of the sender and the
receiver. If the sender and receiver has different computer architecture or operating system. It
may lead to generation of different message digest due to difference in their interpretation
because of syntactical difference from one operating system to another.
2. Digital Signature – In this step, the digital signature is generated by encrypting the message
digest of an email message with the sender’s private key.
3. Encryption - The encrypted message is generated by encrypting the original message and digital
signature together along with the symmetric key as shown in the figure below. This step is very
crucial in order to obtain the confidentiality.
4. Base-64 Encoding – This is the last step where the binary output is transformed into character
output. The binary output which is 24 bits is divided into 4 equal sets and mapped with the 8 bit
character output generating a decimal code. Now PEM uses a separate map table and each
number from the code generated is mapped with its corresponding value from the mapping table
and binary equivalent corresponding to the 8 bit ASCII of the character is written.

PGP

 PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.
 PGP was designed to provide all four aspects of security, i.e., privacy, integrity, authentication, and
non-repudiation in the sending of email.
 PGP uses a digital signature (a combination of hashing and public key encryption) to provide
integrity, authentication, and non-repudiation. PGP uses a combination of secret key encryption
and public key encryption to provide privacy. Therefore, we can say that the digital signature uses
one hash function, one secret key, and two private-public key pairs.
 PGP is an open source and freely available software package for email security.
 PGP provides authentication through the use of Digital Signature.
 It provides confidentiality through the use of symmetric block encryption.
 It provides compression by using the ZIP algorithm, and EMAIL compatibility using the radix-64
encoding scheme.

Following are the steps taken by PGP to create secure e-mail at the sender site:

 The e-mail message is hashed by using a hashing function to create a digest.

 The digest is then encrypted to form a signed digest by using the sender's private key, and then
signed digest is added to the original email message.
 The original message and signed digest are encrypted by using a one-time secret key created by
the sender.
 The secret key is encrypted by using a receiver's public key.
 Both the encrypted secret key and the encrypted combination of message and digest are sent
together.

PGP at the Sender site (A)

Following are the steps taken to show how PGP uses hashing and a combination of three keys to
generate the original message:

 The receiver receives the combination of encrypted secret key and message digest is received.
 The encrypted secret key is decrypted by using the receiver's private key to get the one-time
secret key.
 The secret key is then used to decrypt the combination of message and digest.
 The digest is decrypted by using the sender's public key, and the original message is hashed by
using a hash function to create a digest.
 Both the digests are compared if both of them are equal means that all the aspects of security are
preserved.