CSIT 22 Electronic Commerce Technologies

1
CSIT 22Electronic Commerce Technologies

• Lecture 4 - Electronic Payment Systems
• (Adapted from E. Lawrence et al., Technology of
  Internet Business, John Wiley, 2002)

2
Learning Objectives

• Describing various types of electronic payment
  systems
• Explaining how EPSs operate in a B2B and B2C
  context
• Identifying the security needs of online
  electronic purchasing systems
• Defining EDI and demonstrating how invoicing and
  payments can be made

3
Learning Objectives

• Explaining advantages and disadvantages of EDI
  relative to other forms of electronic payment
  systems
• Describing and explaining the value of various
  forms of e-cash systems
• Evaluating the utility of stored value cards and
  smart cards as part of an electronic purchasing
  system

4
Comparison of the 4Cs Payment Methods
5
B2C Electronic Payment Systems

• Many ways to pay for goods electronically
• Credit cards
• E-cash
• E-cheques
• Stored value cards
• Magnetic strip card technology ensured
• Efficient
• Secure
• Fast methods of payments

6
Credit Cards on the Internet

• An instruction by a customer for funds to be
  transferred into a businesss account and charged
  against the customers account
• Credit card numbers can be sent over the Internet
  encrypted or unencrypted
• All Internet browsers provide some level of data
  security

7
Encryption

• 40-bit SSL is typical for most browsers
• 128-bit SSL is used by financial institutions and
  Internet-capable software suppliers
• 128-bit encryption is
• 309 485 009 821 345 068 724 781 056
• times stronger than 40-bit encryption

8
Encryption On Browsers

• Customers check if browser supports session
  encryption by
• small closed lock in Internet Explorer
• small unbroken key in the Netscape browser family
• Prodigy Internet and Mastercard developed for
  online and offline purchases

9
How Credit Cards Work on the Internet

• ANSI Standard X4.13-1983 system used by most US
  national credit card systems
• Credit card numbers mean
• The first digit signifies the system
• 3 travel/entertainment cards
• 4 Visa
• 5 Mastercard
• 6 Discovery Card

10
Credit Cards Numbers

• The structure of the card number varies according
  to the system
• American Express example
• Digits 3 and 4 are type and currency
• Digits 5-11 are the account number
• Digits 12-14 are the card number within the
  account,
• Digit 15 is the check digit

11
EFTPOS

• Electronic Funds Transfer at point of sale
  operates
• Either on the credit or the debit basis
• Popular with shoppers and virtual shoppers as
  well
• On credit cards, EFTPOS systems check
• Validity of the card status
• Credit the value of the exchange against the
  credit card account for future payment by the
  card holder

12
Electronic Cheques

• The user is issued
• a set of number combinations from the bank
• each number combination represent a cheque
• User uses each set of numbers only once
• With eCheck,
• payer writes the cheque on a computer
• signs it
• emails it over the Internet

13
eCheck

• The payee
• receives it
• verifies signatures
• endorses it
• writes a deposit slip
• signs it
• The endorsed cheque (e-Check) is then sent by
  email to the payees bank for deposit

14
eCheck at the Bank

• Bank personnel
• verify signatures
• credit the deposit
• clear the endorsed eCheck
• The cheque is sent on to the payers bank where
  signatures are once again verified
• The amount of the eCheck is debited from the
  payers account

15
E-Wallets

• An e-wallet stores the users information on
  billing, shipping
• E-wallet software will instantly fill out online
  order forms with a click of the mouse
• An e-wallet can also store the shipping addresses
  of friends and family

16
ECML

• ECML (Electronic Commerce Modelling Language)
• a universal format for online checkout form data
  fields
• provides a simple set of guidelines that enable
  digital wallets from multiple vendors to automate
  the exchange of information between consumers and
  merchants

17
Digital Cash

• Trialled since 1994 using the digital cash
  concept by the DigiCash Corporation based in the
  Netherlands
• eCash system uses electronic tokens to exchange
  goods and services online
• Banks are used to verify the value of the token

18
Background Digital Cash

• CyberCash - secure means to conduct credit card
  transactions on the Internet
• Digital cashs issuers have
• Gone bankrupt
• Dropped the product
• Moved on into another business
• Digital cash
• Small string of encrypted digits or electronic
  tokens
• Substitute for money to purchase various goods
  and services

19
eCash Operations

• DigiCash offers eCash
• Consumers download and install electronic purse
  or wallet software
• Customers download electronic coins to a hard disk

20
Paying by eCash

• Initial purchase of coins charged against bank
  accounts or against a credit card
• To pay with eCash, the customer clicks the Pay
  with eCash button
• Customers purse software subtracts the payment
  amount from the individuals electronic purse and
  creates a payment that is sent to the bank,
  verified then deposited into the merchants
  account within seconds

21
Merchants eCash

• Merchants wishing to use eCash can choose
  between
• Installing and integrating the eCash software
• Hiring a third party to integrate it
• Buying a ready-to-use eCash enabled store from
  store builders such as Intershop

22
Payment Security Protocols

• Three major protocols developed for payment
  security
• STT- each user is authenticated by an electronic
  certificate or credential unique to them
• SEPP uses existing EFT infrastructure to operate
• SET uses the internets infrastructure

23
SET

• Advantages of SET
• Enables bankcard payment on the WWW
• Provides for special security needs
• Ensures privacy of financial data
• Features strong authentication policies for
  participants
• Offers special purpose certificates

24
Network Architecture of SET System
25
Advantages of SET

• Provides message integrity
• Offers non-repudiation for dispute resolution
• Hides bankcard number from most merchants
• Sustains existing relationships
• Provides interoperability
• Supports end-user choice of payment card
• Provides links to existing systems

26
SET SSL

• SET uptake slow
• See http//www.setco.org
• SSL the de facto standard
• See http//www.ssl.com

27
CommerceNet

• CommerceNet (http//www.commerce.net) deals with
  five initial areas in EPS
• Infrastructure EDI, robustness, network
  management and related infrastructure services
• Financial Service payments, RosettaNet, eCheck

28
CommerceNet Portfolios

• Trust and security public key infrastructure
  (PKI), security showcase and encryption
• Information access catalogues, directories,
  agencies and search interoperability
• Architecture and markets eCo framework,
  iMarkets, vertical markets)

29
Why Use Digital Cash?

• Digital cash products marketed for a variety of
  reasons
• Anonymous unlike credit cards
• Many people do not have access to credit cards
• Useful for auctions and C2C e-commerce
• Cheaper than Credit Cards for Merchants
• Sites selling small items need to accept
  micropayments

30
Other Digital Currency Products

• Some of the new digital cash techniques are
• Consumers store value in an online account and
  deduct from it the price of small purchases
• Qpass accumulates payments and deducts the final
  amount from a credit card
• Trivnet and Ipin use ISPs to track customers
  online spending and add it to their bill

31
Flooz, Beenz CyberGold

• Flooz use of gift certificates
• Beenz issued to consumers to visit web sites,
  fill in forms or go shopping online
• CyberGold allows consumers to convert
  cyberdollars into real money

32
PayPal eGold

• PayPal developed by Confinity
• to enable people to open an account at the web
  site and then email dollars to other people
• E-Gold allows
• clients to fund their accounts by purchasing gold
  or other metals and then transferring units of
  those metals (measured by weight) by entering a
  recipients account and a password
• Refer to
• www.paypal.com

33
Bartering Schemes

• Various online bartering schemes exist
• BarterTrust
• BigVine
• LassoBucks
• Oakington (British firm) developed software for
• automatic payment of taxes and
• time escrow so that a transaction does not
  clear until the goods arrive

34
Millicent

• Millicent - account based transaction protocol
  for low-value transactions
• Allows a vendor
• to verify a transaction without contacting a
  central authority and without expensive
  encryption
• to use brokers and scrip

35
Smart Cards(Stored Value Cards)

• A plastic card with a microchip that stores
  information usually about value
• Can store more information and perform more
  functions than the more common magnetic stripe
  cards
• Estimated more than 600 million in operation
  throughout the world

36
SVC Workings

• Stored value is transferred from a card to
  another organisations account
• Then adjusted through an electronic banking
  system

37
SVCs

• Used to store information about
• Peoples health
• Identity cards
• Security cards
• Electronic signatures for digital mobile phones

38
SVCs May Store

• University transcripts
• Personal records
• Medical information
• Hospital files
• Social security information
• Employment records

39
Limitations

• The limitations of SVCs relate to
• Privacy issues
• Legal issues
• Social issues
• Political issues

40
Types of SVCs

• Closed system SVCs include fixed-priced, pre-paid
  telephone cards or pre-paid transport tickets
• The owner of the card and the provider of the
  service are the same
• Open-system SVCs can be recharged in value
• Described as an electronic wallet
• Most commonly the owner of the card is not the
  service provider

41
Advantages and Risks of SVCs in Business

• Centre for Electronic Commerce at Monash
  University conclusions
• Smart cards will have a significant impact on the
  banking system and the way it operates
• Smart cards will affect the way money is exchanged

42
SVCs Advantages and Risks

• Continued
• Smart cards may erode the traditional role of
  banks in the payment systems used in society
• Smart cards have the potential to allow
  institutions other than banks to issue value and
  thus create money
• Smart cards are expensive to establish,
  profitability is lessened in the short term

43
SVCs Advantages and Risks

• Continued
• SVCs should improve the efficiency of
  electronically transferring funds for low value,
  high-volume transactions
• Should offer a great range in payment options and
  improve convenience
• Will increase costs to consumers by the need for
  suppliers to cover costs

44
SVCs Advantages and Risks

• Continued
• May not be affordable to all consumers, thus
  raising equity issues in society
• The existing protections for consumers when using
  current payment systems and cards do not always
  apply with SVCs

45
SVCs Advantages and Risks

• Continued
• Smart cards are more secure than cash, depending
  on the card design and the method of recording
  stored value
• The trials on SVCs currently in operation in
  Australia (Visa, Transcard, MasterCard, Quicklink
  and Mondex) are technically incompatible

46
B2B Electronic Payment Systems

• Electronic commerce was suggested in the 1960s by
  financial institution that began investigating
  ways to automate their back-end banking systems
• Starting with basic electronic processing of
  cheques, they then moved on to process credit
  card and wire-transfer transactions electronically

47
Electronic Data Interchange

• EDI is the automated exchange of structured
  business documents between an organisation and
  its customers, suppliers or other trading
  partners
• Traditional, non-internet EDI is actually a set
  of specifications for formatting documents
  designed specifically to automate business flow

48
Strengths of EDI

• The strength of EDI is its ability to enable
  organisations with different business and
  computer systems to link those systems
  cost-effectively
• EDI represents an effective technology for
  reducing the overheads associated with paper
  processing, product verification, handling and
  storage

49
EDI Characteristics

• EDI processes must have the following
  characteristics
• The exchange of information must be in a
  structured format so that the data are placed and
  found in predetermined places in the electronic
  message
• The format or structure of the information must
  be agreed upon by both the receiver and the
  sender
• The data must be machine readable

50
Traditional EDI

• Requires communication between two or more
  trading partners
• The network infrastructure must contain two major
  components
• A communication channel that delivers the EDI
  documents across the trading network
• Conformance to EDI standards

51
Communications Channels

• The communications channel of a trading network
  is dictated by the complexity of the trading
  network and the type of communication link

52
DIRECT LINK EDI

• ISDN leased lines and high-speed modem dial-up
  networks are used
• A business communicates with trading partners by
  dialling up the trading partners network and
  transmitting EDI documents as required

53
DIRECT LINK EDI (continued)

• DIRECT LINK EDI
• Trading partners install and maintain their own
  direct link lines
• Issues with speed, protocols and reliability
  across the trading partner network make direct
  link EDI prohibitive to smaller businesses
• Suited primarily to large organisations
  transmitting large volumes of data regularly

54
PRIVATE NETWORKS

• Closed network available to a selected group of
  trading partners
• Hub company manages document handling overheads
  and protocol conversion facilities for spoke
  trading partners
• Spoke companies can dial up the private network
  using a standard modem and perform their EDI
  transfers for the cost of a telephone call

55
Value Added Networks

• A third party network or intermediary capable of
  providing reliable, secure transmission of
  documents between trading partners
• Provide many services including
• Transmission
• EDI support services
• Speed conversion
• Mailbox services
• Technical support, consulting, training

56
VANs

• VANs provide electronic mailboxes
• Support administrative facilities such as
  document auditing, message tracking, usage
  reporting and billing services
• Using EDI translation software, converts
  documents between the standards such as X12 and
  EDIFACT, between standard and proprietary formats
  to email, fax

57
VANs (continued)

• VANs function as intermediaries for large numbers
  of businesses acting as a focal point for
  multi-transactional, multi-nodal businesses
• Act as a router for data
• Consultancy point for new businesses

58
EDI Standards

• Linking a customer with a supplier in an EDI
  relationship involves a hierarchy of
  communication levels
• Each level has different accepted standards and
  protocols
• Most standards are derived from the International
  Consultative Committee for Telephony (Now ITU)

59
X.25 Protocol

• Standards usually involve the data being broken
  down into smaller packages for transmission
• The receiver reassembles these packages into a
  coherent message
• The X.25 protocol controls the EDI process at the
  communications level

60
X.400 X.500

• X.400 and X.500 protocols enable the message to
  be handled by the sending and receiving PCs, they
  are not concerned with content
• X.400 deals with how the data can be broken up
  and packaged
• X.500 deals with the addresses and directories
  used in the EDI process

61
EDI Specific Standards

• Specific standards for successful EDI processes
• TRADACOMS
• EDIFACT, the standard used in EDI.EDIFACT is the
  United Nations agreed standard for EDI
  transmission

62
Benefits of Traditional EDI

• Traditionally only large firms have employed EDI
  technology because it is an expensive,
  proprietary technology
• EDI can typically save 5 to 10 per cent of all
  procurement costs

63
EDI Benefits

• Advantages of traditional EDI also include
• The ability to maintain control over the movement
  of material
• A reduction in labour costs
• Reduction in routine tasks than can often cause
  errors
• Reduction in stock holding and accounts receivable

64
EDI Benefits (continued)

• An increase in cash flow due to the effective
  management of trade creditors
• An increase in customer service
• A move to one-time entry and elimination of
  superfluous administration

65
Shortcomings of Traditional EDI

• EDI is an expensive means of doing business
• Small and medium sized firms tend not to be EDI
  capable because of the inherent costs in
  proprietary software purchase, hardware
  installation and ongoing maintenance

66
Shortcomings (continued)

• Implementing translation software may range from
  5000 (for a PC based system) through to 250 000
  (for a mainframe application)
• In general, typical monthly fees are 50 and
  transaction fees of 50 to 70 cents apply

67
Web Server

• Provides authentication of suppliers through user
  ID
• Suppliers access their own mailbox and have read
  access to the incoming documents
• Web servers use SSL encryption for security

68
Adapter

• An adapter converts hub documents for the
  supplier from EDI into proprietary format

69
Open Buying on the Internet (OBI)

• The OBI roundtable is a standard for B2B Internet
  Commerce
• Version 1.0 of the standards document contains an
  architecture as well as technical specifications
  and guidelines

70
OBI

• Is a freely available standard that adheres to
  the following guiding principles
• Common business version
• Vendor neutrality
• Interoperability
• Value-added services
• Cost-effectiveness
• Robust infrastructure
• flexibility

71
OBI Architecture

• OBI architecture can be viewed as the interaction
  of four entities
• Purchasing officer
• Buying organisation
• Selling organisation
• Payment authority

72
OBI Standard

• The OBI standard provides
• buying and selling organisations with a
  standards-based solution that achieves
  interoperability through a flexible, technology
  product-neutral architecture
• For Internet business requisitions that combine
  web technologies with legacy or back-end systems
  such as EDI

73
OBI B2B

• Open standards for trading and open financial
  exchanges like the BIPS Project 10, developed by
  the FSTC, will enable better B2B e-commerce
• FSTC sponsors project-oriented, collaborative
  research and development on interbank technical
  projects affecting the whole financial services
  industry

74
Internet EDI Components

• Back-end database system
• an application system with a database for
  information storage
• Generally has own proprietary format (SAP or
  Siebel)
• A translator is required to take proprietary
  format back and forth from EDI format
• XML solutions have developed an application
  called XEDI to help automate the process of
  converting between EDI and XML

75
Internet EDI XML

• Back-end database system
• XEDI can tag additional XML data along with the
  document that enables full recovery of the
  original EDI document on the other end
• XML solutions is also working with the XML/EDI
  groups standardisation effort to create industry
  standards for these translations

76
Translator

• Translator
• Converts proprietary format to EDI standard
  format
• New Era of Networks Inc. (NEON) recently released
  its PaperFree EDI adapter
• This adapter provides connections between XML
  dialects such as Biztalk and RosettaNet and
  widely used formats such as X12 and EDIFACT

77
Mail Repository

• Mail Repository
• A database is utilised for the mailbox system, a
  web server to list and serve documents and
  applets
• The hub maintains mailboxes for each spoke
• Provides email, audit and control, tracking,
  querying and reporting
• Unread EDI documents can be monitored and
  suppliers contacted

78
EDI versus Internet

• EDI has been standardised through ANSI and
  EDIFACT
• High operational costs, extensive customisation
  requirements and the need for VANS have hindered
  widespread adoption
• Internets low cost transport mechanism and
  standardised protocols offer organisations low
  cost B2B e-commerce at low cost

79
Internet EDI

• Offers organisations
• basic transactional capability,
• online catalogues,
• pricing information,
• scheduling and delivery information and
• new ways of auctioning procurement such as online
  auctions

80
Internet EDI Advantages

• Allows buyers and sellers to transact on a global
  scale
• Offers a simple platform-independent vehicle for
  information exchange through
• The TCP/IP protocol
• Open Buying on the Internet

81
Internet EDI OBI

• The OBI stand focuses on the Internet transaction
  and the components of which this is comprised
• EDI
• Digital certification
• Supporting back-end systems
• BIPS project will enable better B2B
• e-commerce

82
Internet EDI BIPs

• BIPS is a project to develop an open
  specification for bank customers to securely
  negotiate payment instructions to bank systems
  over the Internet
• This project is supported by Citibank, and is
  closely linked with existing EFTPOS payment
  systems like SWIFT which is used across Australia

83
Summary

• Electronic Payment Systems are becoming
  increasingly important to B2B and B2C commerce
• Internet has enabled consumers access to many
  products and services that can be ordered
  electronically
• Electronic catalogues are being developed

84
Summary

• EPSs using smart cards, online EFTPOS-type
  systems and digital-money systems enable
  businesses and consumers to pay electronically
• New forms of purchasing has reduced the
  importance of cash or money as the only form of
  transaction

85
Summary

• EDI transactions enable more efficient allocation
  of resources for production and servicing, and
  permit better planning and inventory control in
  businesses
• Financial uses of EDI through VANs enable more
  efficient transactions and monitoring of
  manufacturiing or service provision

86
Summary

• Electronic purchasing is cost-effective and
  time-effective
• There are security demands that have to be
  recognised by both businesses and consumers